Merge tag 'pull-hex-20221003' of https://github.com/quic/qemu into staging
Make store handling faster and more robust
Bug fix in gen_tcg_funcs.py
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEENjXHiM5iuR/UxZq0ewJE+xLeRCIFAmM7JS4ACgkQewJE+xLe
# RCJXxQf9ESfI6LVoB1VBsMs69WOHqhy1HUEVzM4Ku+CgDCNaFRRz7xFoy/sv4FOX
# D7h5aYVuCLrX/KfttV6V+1GXX/XIyjMN81uZZ8/eiCvjt7D/9fkrUxp9E1Gh6KlV
# Dci21OYjh4aStd4tXin0vPHN5wG+IuuYuSzj0Xvu8SzRjFYKsFkjfxPrVsm1zWvN
# G1FfiUJ6AveRf9SJVuMTmLHY7jo9hg0/tpm7YpnxlIgzDVZbZDa1yDwaLEg/m6AT
# GFHli/nOEsL1c6mbYmvVnGoSupjEj0+MfNIeOUrn8D5Gd66OgvU+FVVFBJQ4ZKi6
# ZuckxBjBE3d5XKyxCVryRA3at+WLYA==
# =ron6
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 03 Oct 2022 14:08:46 EDT
# gpg: using RSA key 3635C788CE62B91FD4C59AB47B0244FB12DE4422
# gpg: Good signature from "Taylor Simpson (Rock on) <tsimpson@quicinc.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3635 C788 CE62 B91F D4C5 9AB4 7B02 44FB 12DE 4422
* tag 'pull-hex-20221003' of https://github.com/quic/qemu:
Hexagon (gen_tcg_funcs.py): avoid duplicated tcg code on A_CVI_NEW
Hexagon (target/hexagon) move store size tracking to translation
Hexagon (target/hexagon) Change decision to set pkt_has_store_s[01]
Hexagon (target/hexagon) add instruction attributes from archlib
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
diff --git a/.gitignore b/.gitignore
index 9726a77..8aab671 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
/GNUmakefile
/build/
+/.cache/
*.pyc
.sdk
.stgit-*
diff --git a/accel/stubs/tcg-stub.c b/accel/stubs/tcg-stub.c
index 6ce8a34..c1b0576 100644
--- a/accel/stubs/tcg-stub.c
+++ b/accel/stubs/tcg-stub.c
@@ -21,6 +21,10 @@
{
}
+void tcg_flush_jmp_cache(CPUState *cpu)
+{
+}
+
int probe_access_flags(CPUArchState *env, target_ulong addr,
MMUAccessType access_type, int mmu_idx,
bool nonfault, void **phost, uintptr_t retaddr)
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 5f43b97..f9e5cc9 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -42,6 +42,7 @@
#include "sysemu/replay.h"
#include "sysemu/tcg.h"
#include "exec/helper-proto.h"
+#include "tb-jmp-cache.h"
#include "tb-hash.h"
#include "tb-context.h"
#include "internal.h"
@@ -174,7 +175,7 @@
target_ulong pc;
target_ulong cs_base;
CPUArchState *env;
- tb_page_addr_t phys_page1;
+ tb_page_addr_t page_addr0;
uint32_t flags;
uint32_t cflags;
uint32_t trace_vcpu_dstate;
@@ -185,8 +186,8 @@
const TranslationBlock *tb = p;
const struct tb_desc *desc = d;
- if (tb->pc == desc->pc &&
- tb->page_addr[0] == desc->phys_page1 &&
+ if ((TARGET_TB_PCREL || tb_pc(tb) == desc->pc) &&
+ tb->page_addr[0] == desc->page_addr0 &&
tb->cs_base == desc->cs_base &&
tb->flags == desc->flags &&
tb->trace_vcpu_dstate == desc->trace_vcpu_dstate &&
@@ -195,8 +196,8 @@
if (tb->page_addr[1] == -1) {
return true;
} else {
- tb_page_addr_t phys_page2;
- target_ulong virt_page2;
+ tb_page_addr_t phys_page1;
+ target_ulong virt_page1;
/*
* We know that the first page matched, and an otherwise valid TB
@@ -207,9 +208,9 @@
* is different for the new TB. Therefore any exception raised
* here by the faulting lookup is not premature.
*/
- virt_page2 = TARGET_PAGE_ALIGN(desc->pc);
- phys_page2 = get_page_addr_code(desc->env, virt_page2);
- if (tb->page_addr[1] == phys_page2) {
+ virt_page1 = TARGET_PAGE_ALIGN(desc->pc);
+ phys_page1 = get_page_addr_code(desc->env, virt_page1);
+ if (tb->page_addr[1] == phys_page1) {
return true;
}
}
@@ -235,8 +236,9 @@
if (phys_pc == -1) {
return NULL;
}
- desc.phys_page1 = phys_pc & TARGET_PAGE_MASK;
- h = tb_hash_func(phys_pc, pc, flags, cflags, *cpu->trace_dstate);
+ desc.page_addr0 = phys_pc;
+ h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : pc),
+ flags, cflags, *cpu->trace_dstate);
return qht_lookup_custom(&tb_ctx.htable, &desc, h, tb_lookup_cmp);
}
@@ -246,16 +248,18 @@
uint32_t flags, uint32_t cflags)
{
TranslationBlock *tb;
+ CPUJumpCache *jc;
uint32_t hash;
/* we should never be trying to look up an INVALID tb */
tcg_debug_assert(!(cflags & CF_INVALID));
hash = tb_jmp_cache_hash_func(pc);
- tb = qatomic_rcu_read(&cpu->tb_jmp_cache[hash]);
+ jc = cpu->tb_jmp_cache;
+ tb = tb_jmp_cache_get_tb(jc, hash);
if (likely(tb &&
- tb->pc == pc &&
+ tb_jmp_cache_get_pc(jc, hash, tb) == pc &&
tb->cs_base == cs_base &&
tb->flags == flags &&
tb->trace_vcpu_dstate == *cpu->trace_dstate &&
@@ -266,16 +270,14 @@
if (tb == NULL) {
return NULL;
}
- qatomic_set(&cpu->tb_jmp_cache[hash], tb);
+ tb_jmp_cache_set(jc, hash, tb, pc);
return tb;
}
-static inline void log_cpu_exec(target_ulong pc, CPUState *cpu,
- const TranslationBlock *tb)
+static void log_cpu_exec(target_ulong pc, CPUState *cpu,
+ const TranslationBlock *tb)
{
- if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_CPU | CPU_LOG_EXEC))
- && qemu_log_in_addr_range(pc)) {
-
+ if (qemu_log_in_addr_range(pc)) {
qemu_log_mask(CPU_LOG_EXEC,
"Trace %d: %p [" TARGET_FMT_lx
"/" TARGET_FMT_lx "/%08x/%08x] %s\n",
@@ -399,7 +401,9 @@
return tcg_code_gen_epilogue;
}
- log_cpu_exec(pc, cpu, tb);
+ if (qemu_loglevel_mask(CPU_LOG_TB_CPU | CPU_LOG_EXEC)) {
+ log_cpu_exec(pc, cpu, tb);
+ }
return tb->tc.ptr;
}
@@ -422,7 +426,9 @@
TranslationBlock *last_tb;
const void *tb_ptr = itb->tc.ptr;
- log_cpu_exec(itb->pc, cpu, itb);
+ if (qemu_loglevel_mask(CPU_LOG_TB_CPU | CPU_LOG_EXEC)) {
+ log_cpu_exec(log_pc(cpu, itb), cpu, itb);
+ }
qemu_thread_jit_execute();
ret = tcg_qemu_tb_exec(env, tb_ptr);
@@ -446,16 +452,21 @@
* of the start of the TB.
*/
CPUClass *cc = CPU_GET_CLASS(cpu);
- qemu_log_mask_and_addr(CPU_LOG_EXEC, last_tb->pc,
- "Stopped execution of TB chain before %p ["
- TARGET_FMT_lx "] %s\n",
- last_tb->tc.ptr, last_tb->pc,
- lookup_symbol(last_tb->pc));
+
if (cc->tcg_ops->synchronize_from_tb) {
cc->tcg_ops->synchronize_from_tb(cpu, last_tb);
} else {
+ assert(!TARGET_TB_PCREL);
assert(cc->set_pc);
- cc->set_pc(cpu, last_tb->pc);
+ cc->set_pc(cpu, tb_pc(last_tb));
+ }
+ if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
+ target_ulong pc = log_pc(cpu, last_tb);
+ if (qemu_log_in_addr_range(pc)) {
+ qemu_log("Stopped execution of TB chain before %p ["
+ TARGET_FMT_lx "] %s\n",
+ last_tb->tc.ptr, pc, lookup_symbol(pc));
+ }
}
}
@@ -597,11 +608,8 @@
qemu_spin_unlock(&tb_next->jmp_lock);
- qemu_log_mask_and_addr(CPU_LOG_EXEC, tb->pc,
- "Linking TBs %p [" TARGET_FMT_lx
- "] index %d -> %p [" TARGET_FMT_lx "]\n",
- tb->tc.ptr, tb->pc, n,
- tb_next->tc.ptr, tb_next->pc);
+ qemu_log_mask(CPU_LOG_EXEC, "Linking TBs %p index %d -> %p\n",
+ tb->tc.ptr, n, tb_next->tc.ptr);
return;
out_unlock_next:
@@ -847,11 +855,12 @@
}
static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb,
+ target_ulong pc,
TranslationBlock **last_tb, int *tb_exit)
{
int32_t insns_left;
- trace_exec_tb(tb, tb->pc);
+ trace_exec_tb(tb, pc);
tb = cpu_tb_exec(cpu, tb, tb_exit);
if (*tb_exit != TB_EXIT_REQUESTED) {
*last_tb = tb;
@@ -987,6 +996,8 @@
tb = tb_lookup(cpu, pc, cs_base, flags, cflags);
if (tb == NULL) {
+ uint32_t h;
+
mmap_lock();
tb = tb_gen_code(cpu, pc, cs_base, flags, cflags);
mmap_unlock();
@@ -994,7 +1005,8 @@
* We add the TB in the virtual pc hash table
* for the fast lookup
*/
- qatomic_set(&cpu->tb_jmp_cache[tb_jmp_cache_hash_func(pc)], tb);
+ h = tb_jmp_cache_hash_func(pc);
+ tb_jmp_cache_set(cpu->tb_jmp_cache, h, tb, pc);
}
#ifndef CONFIG_USER_ONLY
@@ -1013,7 +1025,7 @@
tb_add_jump(last_tb, tb_exit, tb);
}
- cpu_loop_exec_tb(cpu, tb, &last_tb, &tb_exit);
+ cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit);
/* Try to align the host and virtual clocks
if the guest is in advance */
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 8fad2d9..6f1c006 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -100,21 +100,14 @@
static void tb_jmp_cache_clear_page(CPUState *cpu, target_ulong page_addr)
{
- unsigned int i, i0 = tb_jmp_cache_hash_page(page_addr);
+ int i, i0 = tb_jmp_cache_hash_page(page_addr);
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
for (i = 0; i < TB_JMP_PAGE_SIZE; i++) {
- qatomic_set(&cpu->tb_jmp_cache[i0 + i], NULL);
+ qatomic_set(&jc->array[i0 + i].tb, NULL);
}
}
-static void tb_flush_jmp_cache(CPUState *cpu, target_ulong addr)
-{
- /* Discard jump cache entries for any tb which might potentially
- overlap the flushed page. */
- tb_jmp_cache_clear_page(cpu, addr - TARGET_PAGE_SIZE);
- tb_jmp_cache_clear_page(cpu, addr);
-}
-
/**
* tlb_mmu_resize_locked() - perform TLB resize bookkeeping; resize if necessary
* @desc: The CPUTLBDesc portion of the TLB
@@ -200,13 +193,13 @@
}
g_free(fast->table);
- g_free(desc->iotlb);
+ g_free(desc->fulltlb);
tlb_window_reset(desc, now, 0);
/* desc->n_used_entries is cleared by the caller */
fast->mask = (new_size - 1) << CPU_TLB_ENTRY_BITS;
fast->table = g_try_new(CPUTLBEntry, new_size);
- desc->iotlb = g_try_new(CPUIOTLBEntry, new_size);
+ desc->fulltlb = g_try_new(CPUTLBEntryFull, new_size);
/*
* If the allocations fail, try smaller sizes. We just freed some
@@ -215,7 +208,7 @@
* allocations to fail though, so we progressively reduce the allocation
* size, aborting if we cannot even allocate the smallest TLB we support.
*/
- while (fast->table == NULL || desc->iotlb == NULL) {
+ while (fast->table == NULL || desc->fulltlb == NULL) {
if (new_size == (1 << CPU_TLB_DYN_MIN_BITS)) {
error_report("%s: %s", __func__, strerror(errno));
abort();
@@ -224,9 +217,9 @@
fast->mask = (new_size - 1) << CPU_TLB_ENTRY_BITS;
g_free(fast->table);
- g_free(desc->iotlb);
+ g_free(desc->fulltlb);
fast->table = g_try_new(CPUTLBEntry, new_size);
- desc->iotlb = g_try_new(CPUIOTLBEntry, new_size);
+ desc->fulltlb = g_try_new(CPUTLBEntryFull, new_size);
}
}
@@ -258,7 +251,7 @@
desc->n_used_entries = 0;
fast->mask = (n_entries - 1) << CPU_TLB_ENTRY_BITS;
fast->table = g_new(CPUTLBEntry, n_entries);
- desc->iotlb = g_new(CPUIOTLBEntry, n_entries);
+ desc->fulltlb = g_new(CPUTLBEntryFull, n_entries);
tlb_mmu_flush_locked(desc, fast);
}
@@ -299,7 +292,7 @@
CPUTLBDescFast *fast = &env_tlb(env)->f[i];
g_free(fast->table);
- g_free(desc->iotlb);
+ g_free(desc->fulltlb);
}
}
@@ -364,7 +357,7 @@
qemu_spin_unlock(&env_tlb(env)->c.lock);
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
if (to_clean == ALL_MMUIDX_BITS) {
qatomic_set(&env_tlb(env)->c.full_flush_count,
@@ -541,7 +534,12 @@
}
qemu_spin_unlock(&env_tlb(env)->c.lock);
- tb_flush_jmp_cache(cpu, addr);
+ /*
+ * Discard jump cache entries for any tb which might potentially
+ * overlap the flushed page, which includes the previous.
+ */
+ tb_jmp_cache_clear_page(cpu, addr - TARGET_PAGE_SIZE);
+ tb_jmp_cache_clear_page(cpu, addr);
}
/**
@@ -788,12 +786,18 @@
* longer to clear each entry individually than it will to clear it all.
*/
if (d.len >= (TARGET_PAGE_SIZE * TB_JMP_CACHE_SIZE)) {
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
return;
}
- for (target_ulong i = 0; i < d.len; i += TARGET_PAGE_SIZE) {
- tb_flush_jmp_cache(cpu, d.addr + i);
+ /*
+ * Discard jump cache entries for any tb which might potentially
+ * overlap the flushed pages, which includes the previous.
+ */
+ d.addr -= TARGET_PAGE_SIZE;
+ for (target_ulong i = 0, n = d.len / TARGET_PAGE_SIZE + 1; i < n; i++) {
+ tb_jmp_cache_clear_page(cpu, d.addr);
+ d.addr += TARGET_PAGE_SIZE;
}
}
@@ -951,7 +955,8 @@
can be detected */
void tlb_protect_code(ram_addr_t ram_addr)
{
- cpu_physical_memory_test_and_clear_dirty(ram_addr, TARGET_PAGE_SIZE,
+ cpu_physical_memory_test_and_clear_dirty(ram_addr & TARGET_PAGE_MASK,
+ TARGET_PAGE_SIZE,
DIRTY_MEMORY_CODE);
}
@@ -1095,16 +1100,16 @@
env_tlb(env)->d[mmu_idx].large_page_mask = lp_mask;
}
-/* Add a new TLB entry. At most one entry for a given virtual address
+/*
+ * Add a new TLB entry. At most one entry for a given virtual address
* is permitted. Only a single TARGET_PAGE_SIZE region is mapped, the
* supplied size is only used by tlb_flush_page.
*
* Called from TCG-generated code, which is under an RCU read-side
* critical section.
*/
-void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
- hwaddr paddr, MemTxAttrs attrs, int prot,
- int mmu_idx, target_ulong size)
+void tlb_set_page_full(CPUState *cpu, int mmu_idx,
+ target_ulong vaddr, CPUTLBEntryFull *full)
{
CPUArchState *env = cpu->env_ptr;
CPUTLB *tlb = env_tlb(env);
@@ -1117,35 +1122,36 @@
CPUTLBEntry *te, tn;
hwaddr iotlb, xlat, sz, paddr_page;
target_ulong vaddr_page;
- int asidx = cpu_asidx_from_attrs(cpu, attrs);
- int wp_flags;
+ int asidx, wp_flags, prot;
bool is_ram, is_romd;
assert_cpu_is_self(cpu);
- if (size <= TARGET_PAGE_SIZE) {
+ if (full->lg_page_size <= TARGET_PAGE_BITS) {
sz = TARGET_PAGE_SIZE;
} else {
- tlb_add_large_page(env, mmu_idx, vaddr, size);
- sz = size;
+ sz = (hwaddr)1 << full->lg_page_size;
+ tlb_add_large_page(env, mmu_idx, vaddr, sz);
}
vaddr_page = vaddr & TARGET_PAGE_MASK;
- paddr_page = paddr & TARGET_PAGE_MASK;
+ paddr_page = full->phys_addr & TARGET_PAGE_MASK;
+ prot = full->prot;
+ asidx = cpu_asidx_from_attrs(cpu, full->attrs);
section = address_space_translate_for_iotlb(cpu, asidx, paddr_page,
- &xlat, &sz, attrs, &prot);
+ &xlat, &sz, full->attrs, &prot);
assert(sz >= TARGET_PAGE_SIZE);
tlb_debug("vaddr=" TARGET_FMT_lx " paddr=0x" TARGET_FMT_plx
" prot=%x idx=%d\n",
- vaddr, paddr, prot, mmu_idx);
+ vaddr, full->phys_addr, prot, mmu_idx);
address = vaddr_page;
- if (size < TARGET_PAGE_SIZE) {
+ if (full->lg_page_size < TARGET_PAGE_BITS) {
/* Repeat the MMU check and TLB fill on every access. */
address |= TLB_INVALID_MASK;
}
- if (attrs.byte_swap) {
+ if (full->attrs.byte_swap) {
address |= TLB_BSWAP;
}
@@ -1219,7 +1225,7 @@
/* Evict the old entry into the victim tlb. */
copy_tlb_helper_locked(tv, te);
- desc->viotlb[vidx] = desc->iotlb[index];
+ desc->vfulltlb[vidx] = desc->fulltlb[index];
tlb_n_used_entries_dec(env, mmu_idx);
}
@@ -1236,8 +1242,10 @@
* subtract here is that of the page base, and not the same as the
* vaddr we add back in io_readx()/io_writex()/get_page_addr_code().
*/
- desc->iotlb[index].addr = iotlb - vaddr_page;
- desc->iotlb[index].attrs = attrs;
+ desc->fulltlb[index] = *full;
+ desc->fulltlb[index].xlat_section = iotlb - vaddr_page;
+ desc->fulltlb[index].phys_addr = paddr_page;
+ desc->fulltlb[index].prot = prot;
/* Now calculate the new entry */
tn.addend = addend - vaddr_page;
@@ -1272,9 +1280,21 @@
qemu_spin_unlock(&tlb->c.lock);
}
-/* Add a new TLB entry, but without specifying the memory
- * transaction attributes to be used.
- */
+void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
+ hwaddr paddr, MemTxAttrs attrs, int prot,
+ int mmu_idx, target_ulong size)
+{
+ CPUTLBEntryFull full = {
+ .phys_addr = paddr,
+ .attrs = attrs,
+ .prot = prot,
+ .lg_page_size = ctz64(size)
+ };
+
+ assert(is_power_of_2(size));
+ tlb_set_page_full(cpu, mmu_idx, vaddr, &full);
+}
+
void tlb_set_page(CPUState *cpu, target_ulong vaddr,
hwaddr paddr, int prot,
int mmu_idx, target_ulong size)
@@ -1291,15 +1311,14 @@
static void tlb_fill(CPUState *cpu, target_ulong addr, int size,
MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
- CPUClass *cc = CPU_GET_CLASS(cpu);
bool ok;
/*
* This is not a probe, so only valid return is success; failure
* should result in exception + longjmp to the cpu loop.
*/
- ok = cc->tcg_ops->tlb_fill(cpu, addr, size,
- access_type, mmu_idx, false, retaddr);
+ ok = cpu->cc->tcg_ops->tlb_fill(cpu, addr, size,
+ access_type, mmu_idx, false, retaddr);
assert(ok);
}
@@ -1307,9 +1326,8 @@
MMUAccessType access_type,
int mmu_idx, uintptr_t retaddr)
{
- CPUClass *cc = CPU_GET_CLASS(cpu);
-
- cc->tcg_ops->do_unaligned_access(cpu, addr, access_type, mmu_idx, retaddr);
+ cpu->cc->tcg_ops->do_unaligned_access(cpu, addr, access_type,
+ mmu_idx, retaddr);
}
static inline void cpu_transaction_failed(CPUState *cpu, hwaddr physaddr,
@@ -1329,7 +1347,7 @@
}
}
-static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
+static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
int mmu_idx, target_ulong addr, uintptr_t retaddr,
MMUAccessType access_type, MemOp op)
{
@@ -1341,9 +1359,9 @@
bool locked = false;
MemTxResult r;
- section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
+ section = iotlb_to_section(cpu, full->xlat_section, full->attrs);
mr = section->mr;
- mr_offset = (iotlbentry->addr & TARGET_PAGE_MASK) + addr;
+ mr_offset = (full->xlat_section & TARGET_PAGE_MASK) + addr;
cpu->mem_io_pc = retaddr;
if (!cpu->can_do_io) {
cpu_io_recompile(cpu, retaddr);
@@ -1353,14 +1371,14 @@
qemu_mutex_lock_iothread();
locked = true;
}
- r = memory_region_dispatch_read(mr, mr_offset, &val, op, iotlbentry->attrs);
+ r = memory_region_dispatch_read(mr, mr_offset, &val, op, full->attrs);
if (r != MEMTX_OK) {
hwaddr physaddr = mr_offset +
section->offset_within_address_space -
section->offset_within_region;
cpu_transaction_failed(cpu, physaddr, addr, memop_size(op), access_type,
- mmu_idx, iotlbentry->attrs, r, retaddr);
+ mmu_idx, full->attrs, r, retaddr);
}
if (locked) {
qemu_mutex_unlock_iothread();
@@ -1370,22 +1388,21 @@
}
/*
- * Save a potentially trashed IOTLB entry for later lookup by plugin.
- * This is read by tlb_plugin_lookup if the iotlb entry doesn't match
+ * Save a potentially trashed CPUTLBEntryFull for later lookup by plugin.
+ * This is read by tlb_plugin_lookup if the fulltlb entry doesn't match
* because of the side effect of io_writex changing memory layout.
*/
-static void save_iotlb_data(CPUState *cs, hwaddr addr,
- MemoryRegionSection *section, hwaddr mr_offset)
+static void save_iotlb_data(CPUState *cs, MemoryRegionSection *section,
+ hwaddr mr_offset)
{
#ifdef CONFIG_PLUGIN
SavedIOTLB *saved = &cs->saved_iotlb;
- saved->addr = addr;
saved->section = section;
saved->mr_offset = mr_offset;
#endif
}
-static void io_writex(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
+static void io_writex(CPUArchState *env, CPUTLBEntryFull *full,
int mmu_idx, uint64_t val, target_ulong addr,
uintptr_t retaddr, MemOp op)
{
@@ -1396,9 +1413,9 @@
bool locked = false;
MemTxResult r;
- section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
+ section = iotlb_to_section(cpu, full->xlat_section, full->attrs);
mr = section->mr;
- mr_offset = (iotlbentry->addr & TARGET_PAGE_MASK) + addr;
+ mr_offset = (full->xlat_section & TARGET_PAGE_MASK) + addr;
if (!cpu->can_do_io) {
cpu_io_recompile(cpu, retaddr);
}
@@ -1408,20 +1425,20 @@
* The memory_region_dispatch may trigger a flush/resize
* so for plugins we save the iotlb_data just in case.
*/
- save_iotlb_data(cpu, iotlbentry->addr, section, mr_offset);
+ save_iotlb_data(cpu, section, mr_offset);
if (!qemu_mutex_iothread_locked()) {
qemu_mutex_lock_iothread();
locked = true;
}
- r = memory_region_dispatch_write(mr, mr_offset, val, op, iotlbentry->attrs);
+ r = memory_region_dispatch_write(mr, mr_offset, val, op, full->attrs);
if (r != MEMTX_OK) {
hwaddr physaddr = mr_offset +
section->offset_within_address_space -
section->offset_within_region;
cpu_transaction_failed(cpu, physaddr, addr, memop_size(op),
- MMU_DATA_STORE, mmu_idx, iotlbentry->attrs, r,
+ MMU_DATA_STORE, mmu_idx, full->attrs, r,
retaddr);
}
if (locked) {
@@ -1468,9 +1485,10 @@
copy_tlb_helper_locked(vtlb, &tmptlb);
qemu_spin_unlock(&env_tlb(env)->c.lock);
- CPUIOTLBEntry tmpio, *io = &env_tlb(env)->d[mmu_idx].iotlb[index];
- CPUIOTLBEntry *vio = &env_tlb(env)->d[mmu_idx].viotlb[vidx];
- tmpio = *io; *io = *vio; *vio = tmpio;
+ CPUTLBEntryFull *f1 = &env_tlb(env)->d[mmu_idx].fulltlb[index];
+ CPUTLBEntryFull *f2 = &env_tlb(env)->d[mmu_idx].vfulltlb[vidx];
+ CPUTLBEntryFull tmpf;
+ tmpf = *f1; *f1 = *f2; *f2 = tmpf;
return true;
}
}
@@ -1483,9 +1501,9 @@
(ADDR) & TARGET_PAGE_MASK)
static void notdirty_write(CPUState *cpu, vaddr mem_vaddr, unsigned size,
- CPUIOTLBEntry *iotlbentry, uintptr_t retaddr)
+ CPUTLBEntryFull *full, uintptr_t retaddr)
{
- ram_addr_t ram_addr = mem_vaddr + iotlbentry->addr;
+ ram_addr_t ram_addr = mem_vaddr + full->xlat_section;
trace_memory_notdirty_write_access(mem_vaddr, ram_addr, size);
@@ -1512,7 +1530,8 @@
static int probe_access_internal(CPUArchState *env, target_ulong addr,
int fault_size, MMUAccessType access_type,
int mmu_idx, bool nonfault,
- void **phost, uintptr_t retaddr)
+ void **phost, CPUTLBEntryFull **pfull,
+ uintptr_t retaddr)
{
uintptr_t index = tlb_index(env, mmu_idx, addr);
CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
@@ -1535,25 +1554,36 @@
}
tlb_addr = tlb_read_ofs(entry, elt_ofs);
+ flags = TLB_FLAGS_MASK;
page_addr = addr & TARGET_PAGE_MASK;
if (!tlb_hit_page(tlb_addr, page_addr)) {
if (!victim_tlb_hit(env, mmu_idx, index, elt_ofs, page_addr)) {
CPUState *cs = env_cpu(env);
- CPUClass *cc = CPU_GET_CLASS(cs);
- if (!cc->tcg_ops->tlb_fill(cs, addr, fault_size, access_type,
- mmu_idx, nonfault, retaddr)) {
+ if (!cs->cc->tcg_ops->tlb_fill(cs, addr, fault_size, access_type,
+ mmu_idx, nonfault, retaddr)) {
/* Non-faulting page table read failed. */
*phost = NULL;
+ *pfull = NULL;
return TLB_INVALID_MASK;
}
/* TLB resize via tlb_fill may have moved the entry. */
+ index = tlb_index(env, mmu_idx, addr);
entry = tlb_entry(env, mmu_idx, addr);
+
+ /*
+ * With PAGE_WRITE_INV, we set TLB_INVALID_MASK immediately,
+ * to force the next access through tlb_fill. We've just
+ * called tlb_fill, so we know that this entry *is* valid.
+ */
+ flags &= ~TLB_INVALID_MASK;
}
tlb_addr = tlb_read_ofs(entry, elt_ofs);
}
- flags = tlb_addr & TLB_FLAGS_MASK;
+ flags &= tlb_addr;
+
+ *pfull = &env_tlb(env)->d[mmu_idx].fulltlb[index];
/* Fold all "mmio-like" bits into TLB_MMIO. This is not RAM. */
if (unlikely(flags & ~(TLB_WATCHPOINT | TLB_NOTDIRTY))) {
@@ -1566,37 +1596,44 @@
return flags;
}
-int probe_access_flags(CPUArchState *env, target_ulong addr,
- MMUAccessType access_type, int mmu_idx,
- bool nonfault, void **phost, uintptr_t retaddr)
+int probe_access_full(CPUArchState *env, target_ulong addr,
+ MMUAccessType access_type, int mmu_idx,
+ bool nonfault, void **phost, CPUTLBEntryFull **pfull,
+ uintptr_t retaddr)
{
- int flags;
-
- flags = probe_access_internal(env, addr, 0, access_type, mmu_idx,
- nonfault, phost, retaddr);
+ int flags = probe_access_internal(env, addr, 0, access_type, mmu_idx,
+ nonfault, phost, pfull, retaddr);
/* Handle clean RAM pages. */
if (unlikely(flags & TLB_NOTDIRTY)) {
- uintptr_t index = tlb_index(env, mmu_idx, addr);
- CPUIOTLBEntry *iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
-
- notdirty_write(env_cpu(env), addr, 1, iotlbentry, retaddr);
+ notdirty_write(env_cpu(env), addr, 1, *pfull, retaddr);
flags &= ~TLB_NOTDIRTY;
}
return flags;
}
+int probe_access_flags(CPUArchState *env, target_ulong addr,
+ MMUAccessType access_type, int mmu_idx,
+ bool nonfault, void **phost, uintptr_t retaddr)
+{
+ CPUTLBEntryFull *full;
+
+ return probe_access_full(env, addr, access_type, mmu_idx,
+ nonfault, phost, &full, retaddr);
+}
+
void *probe_access(CPUArchState *env, target_ulong addr, int size,
MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
+ CPUTLBEntryFull *full;
void *host;
int flags;
g_assert(-(addr | TARGET_PAGE_MASK) >= size);
flags = probe_access_internal(env, addr, size, access_type, mmu_idx,
- false, &host, retaddr);
+ false, &host, &full, retaddr);
/* Per the interface, size == 0 merely faults the access. */
if (size == 0) {
@@ -1604,20 +1641,17 @@
}
if (unlikely(flags & (TLB_NOTDIRTY | TLB_WATCHPOINT))) {
- uintptr_t index = tlb_index(env, mmu_idx, addr);
- CPUIOTLBEntry *iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
-
/* Handle watchpoints. */
if (flags & TLB_WATCHPOINT) {
int wp_access = (access_type == MMU_DATA_STORE
? BP_MEM_WRITE : BP_MEM_READ);
cpu_check_watchpoint(env_cpu(env), addr, size,
- iotlbentry->attrs, wp_access, retaddr);
+ full->attrs, wp_access, retaddr);
}
/* Handle clean RAM pages. */
if (flags & TLB_NOTDIRTY) {
- notdirty_write(env_cpu(env), addr, 1, iotlbentry, retaddr);
+ notdirty_write(env_cpu(env), addr, 1, full, retaddr);
}
}
@@ -1627,11 +1661,12 @@
void *tlb_vaddr_to_host(CPUArchState *env, abi_ptr addr,
MMUAccessType access_type, int mmu_idx)
{
+ CPUTLBEntryFull *full;
void *host;
int flags;
flags = probe_access_internal(env, addr, 0, access_type,
- mmu_idx, true, &host, 0);
+ mmu_idx, true, &host, &full, 0);
/* No combination of flags are expected by the caller. */
return flags ? NULL : host;
@@ -1650,10 +1685,11 @@
tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
void **hostp)
{
+ CPUTLBEntryFull *full;
void *p;
(void)probe_access_internal(env, addr, 1, MMU_INST_FETCH,
- cpu_mmu_index(env, true), false, &p, 0);
+ cpu_mmu_index(env, true), false, &p, &full, 0);
if (p == NULL) {
return -1;
}
@@ -1674,7 +1710,7 @@
* should have just filled the TLB. The one corner case is io_writex
* which can cause TLB flushes and potential resizing of the TLBs
* losing the information we need. In those cases we need to recover
- * data from a copy of the iotlbentry. As long as this always occurs
+ * data from a copy of the CPUTLBEntryFull. As long as this always occurs
* from the same thread (which a mem callback will be) this is safe.
*/
@@ -1689,11 +1725,12 @@
if (likely(tlb_hit(tlb_addr, addr))) {
/* We must have an iotlb entry for MMIO */
if (tlb_addr & TLB_MMIO) {
- CPUIOTLBEntry *iotlbentry;
- iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ CPUTLBEntryFull *full;
+ full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
data->is_io = true;
- data->v.io.section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
- data->v.io.offset = (iotlbentry->addr & TARGET_PAGE_MASK) + addr;
+ data->v.io.section =
+ iotlb_to_section(cpu, full->xlat_section, full->attrs);
+ data->v.io.offset = (full->xlat_section & TARGET_PAGE_MASK) + addr;
} else {
data->is_io = false;
data->v.ram.hostaddr = (void *)((uintptr_t)addr + tlbe->addend);
@@ -1801,7 +1838,7 @@
if (unlikely(tlb_addr & TLB_NOTDIRTY)) {
notdirty_write(env_cpu(env), addr, size,
- &env_tlb(env)->d[mmu_idx].iotlb[index], retaddr);
+ &env_tlb(env)->d[mmu_idx].fulltlb[index], retaddr);
}
return hostaddr;
@@ -1909,7 +1946,7 @@
/* Handle anything that isn't just a straight memory access. */
if (unlikely(tlb_addr & ~TARGET_PAGE_MASK)) {
- CPUIOTLBEntry *iotlbentry;
+ CPUTLBEntryFull *full;
bool need_swap;
/* For anything that is unaligned, recurse through full_load. */
@@ -1917,20 +1954,20 @@
goto do_unaligned_access;
}
- iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
/* Handle watchpoints. */
if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
/* On watchpoint hit, this will longjmp out. */
cpu_check_watchpoint(env_cpu(env), addr, size,
- iotlbentry->attrs, BP_MEM_READ, retaddr);
+ full->attrs, BP_MEM_READ, retaddr);
}
need_swap = size > 1 && (tlb_addr & TLB_BSWAP);
/* Handle I/O access. */
if (likely(tlb_addr & TLB_MMIO)) {
- return io_readx(env, iotlbentry, mmu_idx, addr, retaddr,
+ return io_readx(env, full, mmu_idx, addr, retaddr,
access_type, op ^ (need_swap * MO_BSWAP));
}
@@ -2245,12 +2282,12 @@
*/
if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
cpu_check_watchpoint(env_cpu(env), addr, size - size2,
- env_tlb(env)->d[mmu_idx].iotlb[index].attrs,
+ env_tlb(env)->d[mmu_idx].fulltlb[index].attrs,
BP_MEM_WRITE, retaddr);
}
if (unlikely(tlb_addr2 & TLB_WATCHPOINT)) {
cpu_check_watchpoint(env_cpu(env), page2, size2,
- env_tlb(env)->d[mmu_idx].iotlb[index2].attrs,
+ env_tlb(env)->d[mmu_idx].fulltlb[index2].attrs,
BP_MEM_WRITE, retaddr);
}
@@ -2314,7 +2351,7 @@
/* Handle anything that isn't just a straight memory access. */
if (unlikely(tlb_addr & ~TARGET_PAGE_MASK)) {
- CPUIOTLBEntry *iotlbentry;
+ CPUTLBEntryFull *full;
bool need_swap;
/* For anything that is unaligned, recurse through byte stores. */
@@ -2322,20 +2359,20 @@
goto do_unaligned_access;
}
- iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
/* Handle watchpoints. */
if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
/* On watchpoint hit, this will longjmp out. */
cpu_check_watchpoint(env_cpu(env), addr, size,
- iotlbentry->attrs, BP_MEM_WRITE, retaddr);
+ full->attrs, BP_MEM_WRITE, retaddr);
}
need_swap = size > 1 && (tlb_addr & TLB_BSWAP);
/* Handle I/O access. */
if (tlb_addr & TLB_MMIO) {
- io_writex(env, iotlbentry, mmu_idx, val, addr, retaddr,
+ io_writex(env, full, mmu_idx, val, addr, retaddr,
op ^ (need_swap * MO_BSWAP));
return;
}
@@ -2347,7 +2384,7 @@
/* Handle clean RAM pages. */
if (tlb_addr & TLB_NOTDIRTY) {
- notdirty_write(env_cpu(env), addr, size, iotlbentry, retaddr);
+ notdirty_write(env_cpu(env), addr, size, full, retaddr);
}
haddr = (void *)((uintptr_t)addr + entry->addend);
diff --git a/accel/tcg/internal.h b/accel/tcg/internal.h
index 3092bfa..dc800fd 100644
--- a/accel/tcg/internal.h
+++ b/accel/tcg/internal.h
@@ -18,4 +18,14 @@
void page_init(void);
void tb_htable_init(void);
+/* Return the current PC from CPU, which may be cached in TB. */
+static inline target_ulong log_pc(CPUState *cpu, const TranslationBlock *tb)
+{
+#if TARGET_TB_PCREL
+ return cpu->cc->get_pc(cpu);
+#else
+ return tb_pc(tb);
+#endif
+}
+
#endif /* ACCEL_TCG_INTERNAL_H */
diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
index 3d0b101..80dff68 100644
--- a/accel/tcg/plugin-gen.c
+++ b/accel/tcg/plugin-gen.c
@@ -852,7 +852,8 @@
pr_ops();
}
-bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool mem_only)
+bool plugin_gen_tb_start(CPUState *cpu, const DisasContextBase *db,
+ bool mem_only)
{
bool ret = false;
@@ -870,9 +871,9 @@
ret = true;
- ptb->vaddr = tb->pc;
+ ptb->vaddr = db->pc_first;
ptb->vaddr2 = -1;
- get_page_addr_code_hostp(cpu->env_ptr, tb->pc, &ptb->haddr1);
+ ptb->haddr1 = db->host_addr[0];
ptb->haddr2 = NULL;
ptb->mem_only = mem_only;
@@ -898,16 +899,15 @@
* Note that we skip this when haddr1 == NULL, e.g. when we're
* fetching instructions from a region not backed by RAM.
*/
- if (likely(ptb->haddr1 != NULL && ptb->vaddr2 == -1) &&
- unlikely((db->pc_next & TARGET_PAGE_MASK) !=
- (db->pc_first & TARGET_PAGE_MASK))) {
- get_page_addr_code_hostp(cpu->env_ptr, db->pc_next,
- &ptb->haddr2);
- ptb->vaddr2 = db->pc_next;
- }
- if (likely(ptb->vaddr2 == -1)) {
+ if (ptb->haddr1 == NULL) {
+ pinsn->haddr = NULL;
+ } else if (is_same_page(db, db->pc_next)) {
pinsn->haddr = ptb->haddr1 + pinsn->vaddr - ptb->vaddr;
} else {
+ if (ptb->vaddr2 == -1) {
+ ptb->vaddr2 = TARGET_PAGE_ALIGN(db->pc_first);
+ get_page_addr_code_hostp(cpu->env_ptr, ptb->vaddr2, &ptb->haddr2);
+ }
pinsn->haddr = ptb->haddr2 + pinsn->vaddr - ptb->vaddr2;
}
}
diff --git a/accel/tcg/tb-hash.h b/accel/tcg/tb-hash.h
index 0a273d9..83dc610 100644
--- a/accel/tcg/tb-hash.h
+++ b/accel/tcg/tb-hash.h
@@ -23,6 +23,7 @@
#include "exec/cpu-defs.h"
#include "exec/exec-all.h"
#include "qemu/xxhash.h"
+#include "tb-jmp-cache.h"
#ifdef CONFIG_SOFTMMU
diff --git a/accel/tcg/tb-jmp-cache.h b/accel/tcg/tb-jmp-cache.h
new file mode 100644
index 0000000..ff5ffc8
--- /dev/null
+++ b/accel/tcg/tb-jmp-cache.h
@@ -0,0 +1,65 @@
+/*
+ * The per-CPU TranslationBlock jump cache.
+ *
+ * Copyright (c) 2003 Fabrice Bellard
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef ACCEL_TCG_TB_JMP_CACHE_H
+#define ACCEL_TCG_TB_JMP_CACHE_H
+
+#define TB_JMP_CACHE_BITS 12
+#define TB_JMP_CACHE_SIZE (1 << TB_JMP_CACHE_BITS)
+
+/*
+ * Accessed in parallel; all accesses to 'tb' must be atomic.
+ * For TARGET_TB_PCREL, accesses to 'pc' must be protected by
+ * a load_acquire/store_release to 'tb'.
+ */
+struct CPUJumpCache {
+ struct {
+ TranslationBlock *tb;
+#if TARGET_TB_PCREL
+ target_ulong pc;
+#endif
+ } array[TB_JMP_CACHE_SIZE];
+};
+
+static inline TranslationBlock *
+tb_jmp_cache_get_tb(CPUJumpCache *jc, uint32_t hash)
+{
+#if TARGET_TB_PCREL
+ /* Use acquire to ensure current load of pc from jc. */
+ return qatomic_load_acquire(&jc->array[hash].tb);
+#else
+ /* Use rcu_read to ensure current load of pc from *tb. */
+ return qatomic_rcu_read(&jc->array[hash].tb);
+#endif
+}
+
+static inline target_ulong
+tb_jmp_cache_get_pc(CPUJumpCache *jc, uint32_t hash, TranslationBlock *tb)
+{
+#if TARGET_TB_PCREL
+ return jc->array[hash].pc;
+#else
+ return tb_pc(tb);
+#endif
+}
+
+static inline void
+tb_jmp_cache_set(CPUJumpCache *jc, uint32_t hash,
+ TranslationBlock *tb, target_ulong pc)
+{
+#if TARGET_TB_PCREL
+ jc->array[hash].pc = pc;
+ /* Use store_release on tb to ensure pc is written first. */
+ qatomic_store_release(&jc->array[hash].tb, tb);
+#else
+ /* Use the pc value already stored in tb->pc. */
+ qatomic_set(&jc->array[hash].tb, tb);
+#endif
+}
+
+#endif /* ACCEL_TCG_TB_JMP_CACHE_H */
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index d71d04d..4ed75a1 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -58,6 +58,7 @@
#include "sysemu/tcg.h"
#include "qapi/error.h"
#include "hw/core/tcg-cpu-ops.h"
+#include "tb-jmp-cache.h"
#include "tb-hash.h"
#include "tb-context.h"
#include "internal.h"
@@ -102,21 +103,14 @@
#define assert_memory_lock() tcg_debug_assert(have_mmap_lock())
#endif
-#define SMC_BITMAP_USE_THRESHOLD 10
-
typedef struct PageDesc {
/* list of TBs intersecting this ram page */
uintptr_t first_tb;
-#ifdef CONFIG_SOFTMMU
- /* in order to optimize self modifying code, we count the number
- of lookups we do to a given page to use a bitmap */
- unsigned long *code_bitmap;
- unsigned int code_write_count;
-#else
+#ifdef CONFIG_USER_ONLY
unsigned long flags;
void *target_data;
#endif
-#ifndef CONFIG_USER_ONLY
+#ifdef CONFIG_SOFTMMU
QemuSpin lock;
#endif
} PageDesc;
@@ -305,7 +299,7 @@
for (j = 0; j < TARGET_INSN_START_WORDS; ++j) {
if (i == 0) {
- prev = (j == 0 ? tb->pc : 0);
+ prev = (!TARGET_TB_PCREL && j == 0 ? tb_pc(tb) : 0);
} else {
prev = tcg_ctx->gen_insn_data[i - 1][j];
}
@@ -333,7 +327,7 @@
static int cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
uintptr_t searched_pc, bool reset_icount)
{
- target_ulong data[TARGET_INSN_START_WORDS] = { tb->pc };
+ target_ulong data[TARGET_INSN_START_WORDS];
uintptr_t host_pc = (uintptr_t)tb->tc.ptr;
CPUArchState *env = cpu->env_ptr;
const uint8_t *p = tb->tc.ptr + tb->tc.size;
@@ -349,6 +343,11 @@
return -1;
}
+ memset(data, 0, sizeof(data));
+ if (!TARGET_TB_PCREL) {
+ data[0] = tb_pc(tb);
+ }
+
/* Reconstruct the stored insn data while looking for the point at
which the end of the insn exceeds the searched_pc. */
for (i = 0; i < num_insns; ++i) {
@@ -472,7 +471,7 @@
#endif
}
-static PageDesc *page_find_alloc(tb_page_addr_t index, int alloc)
+static PageDesc *page_find_alloc(tb_page_addr_t index, bool alloc)
{
PageDesc *pd;
void **lp;
@@ -540,11 +539,11 @@
static inline PageDesc *page_find(tb_page_addr_t index)
{
- return page_find_alloc(index, 0);
+ return page_find_alloc(index, false);
}
static void page_lock_pair(PageDesc **ret_p1, tb_page_addr_t phys1,
- PageDesc **ret_p2, tb_page_addr_t phys2, int alloc);
+ PageDesc **ret_p2, tb_page_addr_t phys2, bool alloc);
/* In user-mode page locks aren't used; mmap_lock is enough */
#ifdef CONFIG_USER_ONLY
@@ -658,7 +657,7 @@
/* lock the page(s) of a TB in the correct acquisition order */
static inline void page_lock_tb(const TranslationBlock *tb)
{
- page_lock_pair(NULL, tb->page_addr[0], NULL, tb->page_addr[1], 0);
+ page_lock_pair(NULL, tb->page_addr[0], NULL, tb->page_addr[1], false);
}
static inline void page_unlock_tb(const TranslationBlock *tb)
@@ -847,7 +846,7 @@
#endif /* !CONFIG_USER_ONLY */
static void page_lock_pair(PageDesc **ret_p1, tb_page_addr_t phys1,
- PageDesc **ret_p2, tb_page_addr_t phys2, int alloc)
+ PageDesc **ret_p2, tb_page_addr_t phys2, bool alloc)
{
PageDesc *p1, *p2;
tb_page_addr_t page1;
@@ -891,13 +890,13 @@
const TranslationBlock *a = ap;
const TranslationBlock *b = bp;
- return a->pc == b->pc &&
- a->cs_base == b->cs_base &&
- a->flags == b->flags &&
- (tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
- a->trace_vcpu_dstate == b->trace_vcpu_dstate &&
- a->page_addr[0] == b->page_addr[0] &&
- a->page_addr[1] == b->page_addr[1];
+ return ((TARGET_TB_PCREL || tb_pc(a) == tb_pc(b)) &&
+ a->cs_base == b->cs_base &&
+ a->flags == b->flags &&
+ (tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
+ a->trace_vcpu_dstate == b->trace_vcpu_dstate &&
+ a->page_addr[0] == b->page_addr[0] &&
+ a->page_addr[1] == b->page_addr[1]);
}
void tb_htable_init(void)
@@ -907,17 +906,6 @@
qht_init(&tb_ctx.htable, tb_cmp, CODE_GEN_HTABLE_SIZE, mode);
}
-/* call with @p->lock held */
-static inline void invalidate_page_bitmap(PageDesc *p)
-{
- assert_page_locked(p);
-#ifdef CONFIG_SOFTMMU
- g_free(p->code_bitmap);
- p->code_bitmap = NULL;
- p->code_write_count = 0;
-#endif
-}
-
/* Set to NULL all the 'first_tb' fields in all PageDescs. */
static void page_flush_tb_1(int level, void **lp)
{
@@ -932,7 +920,6 @@
for (i = 0; i < V_L2_SIZE; ++i) {
page_lock(&pd[i]);
pd[i].first_tb = (uintptr_t)NULL;
- invalidate_page_bitmap(pd + i);
page_unlock(&pd[i]);
}
} else {
@@ -986,7 +973,7 @@
}
CPU_FOREACH(cpu) {
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
}
qht_reset_size(&tb_ctx.htable, CODE_GEN_HTABLE_SIZE);
@@ -1031,9 +1018,10 @@
TranslationBlock *tb = p;
target_ulong addr = *(target_ulong *)userp;
- if (!(addr + TARGET_PAGE_SIZE <= tb->pc || addr >= tb->pc + tb->size)) {
+ if (!(addr + TARGET_PAGE_SIZE <= tb_pc(tb) ||
+ addr >= tb_pc(tb) + tb->size)) {
printf("ERROR invalidate: address=" TARGET_FMT_lx
- " PC=%08lx size=%04x\n", addr, (long)tb->pc, tb->size);
+ " PC=%08lx size=%04x\n", addr, (long)tb_pc(tb), tb->size);
}
}
@@ -1052,11 +1040,11 @@
TranslationBlock *tb = p;
int flags1, flags2;
- flags1 = page_get_flags(tb->pc);
- flags2 = page_get_flags(tb->pc + tb->size - 1);
+ flags1 = page_get_flags(tb_pc(tb));
+ flags2 = page_get_flags(tb_pc(tb) + tb->size - 1);
if ((flags1 & PAGE_WRITE) || (flags2 & PAGE_WRITE)) {
printf("ERROR page flags: PC=%08lx size=%04x f1=%x f2=%x\n",
- (long)tb->pc, tb->size, flags1, flags2);
+ (long)tb_pc(tb), tb->size, flags1, flags2);
}
}
@@ -1165,6 +1153,28 @@
qemu_spin_unlock(&dest->jmp_lock);
}
+static void tb_jmp_cache_inval_tb(TranslationBlock *tb)
+{
+ CPUState *cpu;
+
+ if (TARGET_TB_PCREL) {
+ /* A TB may be at any virtual address */
+ CPU_FOREACH(cpu) {
+ tcg_flush_jmp_cache(cpu);
+ }
+ } else {
+ uint32_t h = tb_jmp_cache_hash_func(tb_pc(tb));
+
+ CPU_FOREACH(cpu) {
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
+
+ if (qatomic_read(&jc->array[h].tb) == tb) {
+ qatomic_set(&jc->array[h].tb, NULL);
+ }
+ }
+ }
+}
+
/*
* In user-mode, call with mmap_lock held.
* In !user-mode, if @rm_from_page_list is set, call with the TB's pages'
@@ -1172,7 +1182,6 @@
*/
static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
{
- CPUState *cpu;
PageDesc *p;
uint32_t h;
tb_page_addr_t phys_pc;
@@ -1186,9 +1195,9 @@
qemu_spin_unlock(&tb->jmp_lock);
/* remove the TB from the hash list */
- phys_pc = tb->page_addr[0] + (tb->pc & ~TARGET_PAGE_MASK);
- h = tb_hash_func(phys_pc, tb->pc, tb->flags, orig_cflags,
- tb->trace_vcpu_dstate);
+ phys_pc = tb->page_addr[0];
+ h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : tb_pc(tb)),
+ tb->flags, orig_cflags, tb->trace_vcpu_dstate);
if (!qht_remove(&tb_ctx.htable, tb, h)) {
return;
}
@@ -1197,21 +1206,14 @@
if (rm_from_page_list) {
p = page_find(tb->page_addr[0] >> TARGET_PAGE_BITS);
tb_page_remove(p, tb);
- invalidate_page_bitmap(p);
if (tb->page_addr[1] != -1) {
p = page_find(tb->page_addr[1] >> TARGET_PAGE_BITS);
tb_page_remove(p, tb);
- invalidate_page_bitmap(p);
}
}
/* remove the TB from the hash list */
- h = tb_jmp_cache_hash_func(tb->pc);
- CPU_FOREACH(cpu) {
- if (qatomic_read(&cpu->tb_jmp_cache[h]) == tb) {
- qatomic_set(&cpu->tb_jmp_cache[h], NULL);
- }
- }
+ tb_jmp_cache_inval_tb(tb);
/* suppress this TB from the two jump lists */
tb_remove_from_jmp_list(tb, 0);
@@ -1246,35 +1248,6 @@
}
}
-#ifdef CONFIG_SOFTMMU
-/* call with @p->lock held */
-static void build_page_bitmap(PageDesc *p)
-{
- int n, tb_start, tb_end;
- TranslationBlock *tb;
-
- assert_page_locked(p);
- p->code_bitmap = bitmap_new(TARGET_PAGE_SIZE);
-
- PAGE_FOR_EACH_TB(p, tb, n) {
- /* NOTE: this is subtle as a TB may span two physical pages */
- if (n == 0) {
- /* NOTE: tb_end may be after the end of the page, but
- it is not a problem */
- tb_start = tb->pc & ~TARGET_PAGE_MASK;
- tb_end = tb_start + tb->size;
- if (tb_end > TARGET_PAGE_SIZE) {
- tb_end = TARGET_PAGE_SIZE;
- }
- } else {
- tb_start = 0;
- tb_end = ((tb->pc + tb->size) & ~TARGET_PAGE_MASK);
- }
- bitmap_set(p->code_bitmap, tb_start, tb_end - tb_start);
- }
-}
-#endif
-
/* add the tb in the target page and protect it if necessary
*
* Called with mmap_lock held for user-mode emulation.
@@ -1295,7 +1268,6 @@
page_already_protected = p->first_tb != (uintptr_t)NULL;
#endif
p->first_tb = (uintptr_t)tb | n;
- invalidate_page_bitmap(p);
#if defined(CONFIG_USER_ONLY)
/* translator_loop() must have made all TB pages non-writable */
@@ -1341,8 +1313,8 @@
* Note that inserting into the hash table first isn't an option, since
* we can only insert TBs that are fully initialized.
*/
- page_lock_pair(&p, phys_pc, &p2, phys_page2, 1);
- tb_page_add(p, tb, 0, phys_pc & TARGET_PAGE_MASK);
+ page_lock_pair(&p, phys_pc, &p2, phys_page2, true);
+ tb_page_add(p, tb, 0, phys_pc);
if (p2) {
tb_page_add(p2, tb, 1, phys_page2);
} else {
@@ -1350,17 +1322,15 @@
}
/* add in the hash table */
- h = tb_hash_func(phys_pc, tb->pc, tb->flags, tb->cflags,
- tb->trace_vcpu_dstate);
+ h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : tb_pc(tb)),
+ tb->flags, tb->cflags, tb->trace_vcpu_dstate);
qht_insert(&tb_ctx.htable, tb, h, &existing_tb);
/* remove TB from the page(s) if we couldn't insert it */
if (unlikely(existing_tb)) {
tb_page_remove(p, tb);
- invalidate_page_bitmap(p);
if (p2) {
tb_page_remove(p2, tb);
- invalidate_page_bitmap(p2);
}
tb = existing_tb;
}
@@ -1423,7 +1393,9 @@
gen_code_buf = tcg_ctx->code_gen_ptr;
tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf);
+#if !TARGET_TB_PCREL
tb->pc = pc;
+#endif
tb->cs_base = cs_base;
tb->flags = flags;
tb->cflags = cflags;
@@ -1452,7 +1424,7 @@
tcg_ctx->cpu = NULL;
max_insns = tb->icount;
- trace_translate_block(tb, tb->pc, tb->tc.ptr);
+ trace_translate_block(tb, pc, tb->tc.ptr);
/* generate machine code */
tb->jmp_reset_offset[0] = TB_JMP_RESET_OFFSET_INVALID;
@@ -1473,7 +1445,7 @@
ti = profile_getclock();
#endif
- gen_code_size = tcg_gen_code(tcg_ctx, tb);
+ gen_code_size = tcg_gen_code(tcg_ctx, tb, pc);
if (unlikely(gen_code_size < 0)) {
error_return:
switch (gen_code_size) {
@@ -1529,7 +1501,7 @@
#ifdef DEBUG_DISAS
if (qemu_loglevel_mask(CPU_LOG_TB_OUT_ASM) &&
- qemu_log_in_addr_range(tb->pc)) {
+ qemu_log_in_addr_range(pc)) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
int code_size, data_size;
@@ -1697,11 +1669,12 @@
if (n == 0) {
/* NOTE: tb_end may be after the end of the page, but
it is not a problem */
- tb_start = tb->page_addr[0] + (tb->pc & ~TARGET_PAGE_MASK);
+ tb_start = tb->page_addr[0];
tb_end = tb_start + tb->size;
} else {
tb_start = tb->page_addr[1];
- tb_end = tb_start + ((tb->pc + tb->size) & ~TARGET_PAGE_MASK);
+ tb_end = tb_start + ((tb->page_addr[0] + tb->size)
+ & ~TARGET_PAGE_MASK);
}
if (!(tb_end <= start || tb_start >= end)) {
#ifdef TARGET_HAS_PRECISE_SMC
@@ -1731,7 +1704,6 @@
#if !defined(CONFIG_USER_ONLY)
/* if no code remaining, no need to continue to use slow writes */
if (!p->first_tb) {
- invalidate_page_bitmap(p);
tlb_unprotect_code(start);
}
#endif
@@ -1827,24 +1799,8 @@
}
assert_page_locked(p);
- if (!p->code_bitmap &&
- ++p->code_write_count >= SMC_BITMAP_USE_THRESHOLD) {
- build_page_bitmap(p);
- }
- if (p->code_bitmap) {
- unsigned int nr;
- unsigned long b;
-
- nr = start & ~TARGET_PAGE_MASK;
- b = p->code_bitmap[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG - 1));
- if (b & ((1 << len) - 1)) {
- goto do_invalidate;
- }
- } else {
- do_invalidate:
- tb_invalidate_phys_page_range__locked(pages, p, start, start + len,
- retaddr);
- }
+ tb_invalidate_phys_page_range__locked(pages, p, start, start + len,
+ retaddr);
}
#else
/* Called with mmap_lock held. If pc is not 0 then it indicates the
@@ -1985,9 +1941,13 @@
*/
cpu->cflags_next_tb = curr_cflags(cpu) | CF_MEMI_ONLY | CF_LAST_IO | n;
- qemu_log_mask_and_addr(CPU_LOG_EXEC, tb->pc,
- "cpu_io_recompile: rewound execution of TB to "
- TARGET_FMT_lx "\n", tb->pc);
+ if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
+ target_ulong pc = log_pc(cpu, tb);
+ if (qemu_log_in_addr_range(pc)) {
+ qemu_log("cpu_io_recompile: rewound execution of TB to "
+ TARGET_FMT_lx "\n", pc);
+ }
+ }
cpu_loop_exit_noexc(cpu);
}
@@ -2289,7 +2249,7 @@
for (addr = start, len = end - start;
len != 0;
len -= TARGET_PAGE_SIZE, addr += TARGET_PAGE_SIZE) {
- PageDesc *p = page_find_alloc(addr >> TARGET_PAGE_BITS, 1);
+ PageDesc *p = page_find_alloc(addr >> TARGET_PAGE_BITS, true);
/* If the write protection bit is set, then we invalidate
the code inside. */
@@ -2512,6 +2472,26 @@
}
#endif /* CONFIG_USER_ONLY */
+/*
+ * Called by generic code at e.g. cpu reset after cpu creation,
+ * therefore we must be prepared to allocate the jump cache.
+ */
+void tcg_flush_jmp_cache(CPUState *cpu)
+{
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
+
+ if (likely(jc)) {
+ for (int i = 0; i < TB_JMP_CACHE_SIZE; i++) {
+ qatomic_set(&jc->array[i].tb, NULL);
+ }
+ } else {
+ /* This should happen once during realize, and thus never race. */
+ jc = g_new0(CPUJumpCache, 1);
+ jc = qatomic_xchg(&cpu->tb_jmp_cache, jc);
+ assert(jc == NULL);
+ }
+}
+
/* This is a wrapper for common code that can not use CONFIG_SOFTMMU */
void tcg_flush_softmmu_tlb(CPUState *cs)
{
diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
index ca8a5f2..8e78fd7 100644
--- a/accel/tcg/translator.c
+++ b/accel/tcg/translator.c
@@ -75,7 +75,7 @@
ops->tb_start(db, cpu);
tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */
- plugin_enabled = plugin_gen_tb_start(cpu, tb, cflags & CF_MEMI_ONLY);
+ plugin_enabled = plugin_gen_tb_start(cpu, db, cflags & CF_MEMI_ONLY);
while (true) {
db->num_insns++;
diff --git a/block/accounting.c b/block/accounting.c
index 2030851..2829745 100644
--- a/block/accounting.c
+++ b/block/accounting.c
@@ -38,13 +38,31 @@
if (qtest_enabled()) {
clock_type = QEMU_CLOCK_VIRTUAL;
}
+ stats->account_invalid = true;
+ stats->account_failed = true;
}
-void block_acct_setup(BlockAcctStats *stats, bool account_invalid,
- bool account_failed)
+static bool bool_from_onoffauto(OnOffAuto val, bool def)
{
- stats->account_invalid = account_invalid;
- stats->account_failed = account_failed;
+ switch (val) {
+ case ON_OFF_AUTO_AUTO:
+ return def;
+ case ON_OFF_AUTO_ON:
+ return true;
+ case ON_OFF_AUTO_OFF:
+ return false;
+ default:
+ abort();
+ }
+}
+
+void block_acct_setup(BlockAcctStats *stats, enum OnOffAuto account_invalid,
+ enum OnOffAuto account_failed)
+{
+ stats->account_invalid = bool_from_onoffauto(account_invalid,
+ stats->account_invalid);
+ stats->account_failed = bool_from_onoffauto(account_failed,
+ stats->account_failed);
}
void block_acct_cleanup(BlockAcctStats *stats)
diff --git a/block/file-posix.c b/block/file-posix.c
index 48cd096..66fdb07 100644
--- a/block/file-posix.c
+++ b/block/file-posix.c
@@ -1295,7 +1295,7 @@
}
#endif
- if (bs->sg || S_ISBLK(st.st_mode)) {
+ if (bdrv_is_sg(bs) || S_ISBLK(st.st_mode)) {
int ret = hdev_get_max_hw_transfer(s->fd, &st);
if (ret > 0 && ret <= BDRV_REQUEST_MAX_BYTES) {
@@ -2061,6 +2061,28 @@
return thread_pool_submit_co(pool, func, arg);
}
+/*
+ * Check if all memory in this vector is sector aligned.
+ */
+static bool bdrv_qiov_is_aligned(BlockDriverState *bs, QEMUIOVector *qiov)
+{
+ int i;
+ size_t alignment = bdrv_min_mem_align(bs);
+ size_t len = bs->bl.request_alignment;
+ IO_CODE();
+
+ for (i = 0; i < qiov->niov; i++) {
+ if ((uintptr_t) qiov->iov[i].iov_base % alignment) {
+ return false;
+ }
+ if (qiov->iov[i].iov_len % len) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
static int coroutine_fn raw_co_prw(BlockDriverState *bs, uint64_t offset,
uint64_t bytes, QEMUIOVector *qiov, int type)
{
diff --git a/block/gluster.c b/block/gluster.c
index b60213a..bb1144c 100644
--- a/block/gluster.c
+++ b/block/gluster.c
@@ -1555,7 +1555,6 @@
.format_name = "gluster",
.protocol_name = "gluster",
.instance_size = sizeof(BDRVGlusterState),
- .bdrv_needs_filename = false,
.bdrv_file_open = qemu_gluster_open,
.bdrv_reopen_prepare = qemu_gluster_reopen_prepare,
.bdrv_reopen_commit = qemu_gluster_reopen_commit,
@@ -1585,7 +1584,6 @@
.format_name = "gluster",
.protocol_name = "gluster+tcp",
.instance_size = sizeof(BDRVGlusterState),
- .bdrv_needs_filename = false,
.bdrv_file_open = qemu_gluster_open,
.bdrv_reopen_prepare = qemu_gluster_reopen_prepare,
.bdrv_reopen_commit = qemu_gluster_reopen_commit,
@@ -1615,7 +1613,6 @@
.format_name = "gluster",
.protocol_name = "gluster+unix",
.instance_size = sizeof(BDRVGlusterState),
- .bdrv_needs_filename = true,
.bdrv_file_open = qemu_gluster_open,
.bdrv_reopen_prepare = qemu_gluster_reopen_prepare,
.bdrv_reopen_commit = qemu_gluster_reopen_commit,
@@ -1651,7 +1648,6 @@
.format_name = "gluster",
.protocol_name = "gluster+rdma",
.instance_size = sizeof(BDRVGlusterState),
- .bdrv_needs_filename = true,
.bdrv_file_open = qemu_gluster_open,
.bdrv_reopen_prepare = qemu_gluster_reopen_prepare,
.bdrv_reopen_commit = qemu_gluster_reopen_commit,
diff --git a/block/io.c b/block/io.c
index 0a8cbef..c3200bc 100644
--- a/block/io.c
+++ b/block/io.c
@@ -828,20 +828,16 @@
}
/* Called with self->bs->reqs_lock held */
-static bool coroutine_fn
+static void coroutine_fn
bdrv_wait_serialising_requests_locked(BdrvTrackedRequest *self)
{
BdrvTrackedRequest *req;
- bool waited = false;
while ((req = bdrv_find_conflicting_request(self))) {
self->waiting_for = req;
qemu_co_queue_wait(&req->wait_queue, &self->bs->reqs_lock);
self->waiting_for = NULL;
- waited = true;
}
-
- return waited;
}
/* Called with req->bs->reqs_lock held */
@@ -934,36 +930,31 @@
bdrv_wakeup(bs);
}
-static bool coroutine_fn bdrv_wait_serialising_requests(BdrvTrackedRequest *self)
+static void coroutine_fn
+bdrv_wait_serialising_requests(BdrvTrackedRequest *self)
{
BlockDriverState *bs = self->bs;
- bool waited = false;
if (!qatomic_read(&bs->serialising_in_flight)) {
- return false;
+ return;
}
qemu_co_mutex_lock(&bs->reqs_lock);
- waited = bdrv_wait_serialising_requests_locked(self);
+ bdrv_wait_serialising_requests_locked(self);
qemu_co_mutex_unlock(&bs->reqs_lock);
-
- return waited;
}
-bool coroutine_fn bdrv_make_request_serialising(BdrvTrackedRequest *req,
+void coroutine_fn bdrv_make_request_serialising(BdrvTrackedRequest *req,
uint64_t align)
{
- bool waited;
IO_CODE();
qemu_co_mutex_lock(&req->bs->reqs_lock);
tracked_request_set_serialising(req, align);
- waited = bdrv_wait_serialising_requests_locked(req);
+ bdrv_wait_serialising_requests_locked(req);
qemu_co_mutex_unlock(&req->bs->reqs_lock);
-
- return waited;
}
int bdrv_check_qiov_request(int64_t offset, int64_t bytes,
@@ -3236,27 +3227,6 @@
return mem;
}
-/*
- * Check if all memory in this vector is sector aligned.
- */
-bool bdrv_qiov_is_aligned(BlockDriverState *bs, QEMUIOVector *qiov)
-{
- int i;
- size_t alignment = bdrv_min_mem_align(bs);
- IO_CODE();
-
- for (i = 0; i < qiov->niov; i++) {
- if ((uintptr_t) qiov->iov[i].iov_base % alignment) {
- return false;
- }
- if (qiov->iov[i].iov_len % alignment) {
- return false;
- }
- }
-
- return true;
-}
-
void bdrv_io_plug(BlockDriverState *bs)
{
BdrvChild *child;
diff --git a/block/iscsi.c b/block/iscsi.c
index d707d0b..612de12 100644
--- a/block/iscsi.c
+++ b/block/iscsi.c
@@ -2065,7 +2065,7 @@
uint64_t max_xfer_len = iscsilun->use_16_for_rw ? 0xffffffff : 0xffff;
unsigned int block_size = MAX(BDRV_SECTOR_SIZE, iscsilun->block_size);
- assert(iscsilun->block_size >= BDRV_SECTOR_SIZE || bs->sg);
+ assert(iscsilun->block_size >= BDRV_SECTOR_SIZE || bdrv_is_sg(bs));
bs->bl.request_alignment = block_size;
diff --git a/block/qcow2-bitmap.c b/block/qcow2-bitmap.c
index ff33098..7197754 100644
--- a/block/qcow2-bitmap.c
+++ b/block/qcow2-bitmap.c
@@ -1208,7 +1208,7 @@
}
}
- g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, false);
+ g_slist_foreach(ro_dirty_bitmaps, set_readonly_helper, (gpointer)false);
ret = 0;
out:
diff --git a/block/qcow2.c b/block/qcow2.c
index c6c6692..6c8c8b2 100644
--- a/block/qcow2.c
+++ b/block/qcow2.c
@@ -275,6 +275,7 @@
if (ret < 0) {
error_setg_errno(errp, -ret, "ERROR: ext_feature_table: "
"Could not read table");
+ g_free(feature_table);
return ret;
}
@@ -1696,16 +1697,27 @@
ret = -EINVAL;
goto fail;
}
+
+ s->image_backing_file = g_malloc(len + 1);
ret = bdrv_pread(bs->file, header.backing_file_offset, len,
- bs->auto_backing_file, 0);
+ s->image_backing_file, 0);
if (ret < 0) {
error_setg_errno(errp, -ret, "Could not read backing file name");
goto fail;
}
- bs->auto_backing_file[len] = '\0';
- pstrcpy(bs->backing_file, sizeof(bs->backing_file),
- bs->auto_backing_file);
- s->image_backing_file = g_strdup(bs->auto_backing_file);
+ s->image_backing_file[len] = '\0';
+
+ /*
+ * Update only when something has changed. This function is called by
+ * qcow2_co_invalidate_cache(), and we do not want to reset
+ * auto_backing_file unless necessary.
+ */
+ if (!g_str_equal(s->image_backing_file, bs->backing_file)) {
+ pstrcpy(bs->backing_file, sizeof(bs->backing_file),
+ s->image_backing_file);
+ pstrcpy(bs->auto_backing_file, sizeof(bs->auto_backing_file),
+ s->image_backing_file);
+ }
}
/*
diff --git a/block/qed.c b/block/qed.c
index 40943e6..324ca0e 100644
--- a/block/qed.c
+++ b/block/qed.c
@@ -445,6 +445,8 @@
}
if ((s->header.features & QED_F_BACKING_FILE)) {
+ g_autofree char *backing_file_str = NULL;
+
if ((uint64_t)s->header.backing_filename_offset +
s->header.backing_filename_size >
s->header.cluster_size * s->header.header_size) {
@@ -452,16 +454,21 @@
return -EINVAL;
}
+ backing_file_str = g_malloc(sizeof(bs->backing_file));
ret = qed_read_string(bs->file, s->header.backing_filename_offset,
s->header.backing_filename_size,
- bs->auto_backing_file,
- sizeof(bs->auto_backing_file));
+ backing_file_str, sizeof(bs->backing_file));
if (ret < 0) {
error_setg(errp, "Failed to read backing filename");
return ret;
}
- pstrcpy(bs->backing_file, sizeof(bs->backing_file),
- bs->auto_backing_file);
+
+ if (!g_str_equal(backing_file_str, bs->backing_file)) {
+ pstrcpy(bs->backing_file, sizeof(bs->backing_file),
+ backing_file_str);
+ pstrcpy(bs->auto_backing_file, sizeof(bs->auto_backing_file),
+ backing_file_str);
+ }
if (s->header.features & QED_F_BACKING_FORMAT_NO_PROBE) {
pstrcpy(bs->backing_format, sizeof(bs->backing_format), "raw");
diff --git a/block/raw-format.c b/block/raw-format.c
index 69fd650..c7278e3 100644
--- a/block/raw-format.c
+++ b/block/raw-format.c
@@ -463,7 +463,7 @@
return -EINVAL;
}
- bs->sg = bs->file->bs->sg;
+ bs->sg = bdrv_is_sg(bs->file->bs);
bs->supported_write_flags = BDRV_REQ_WRITE_UNCHANGED |
(BDRV_REQ_FUA & bs->file->bs->supported_write_flags);
bs->supported_zero_flags = BDRV_REQ_WRITE_UNCHANGED |
@@ -489,7 +489,7 @@
return ret;
}
- if (bs->sg && (s->offset || s->has_size)) {
+ if (bdrv_is_sg(bs) && (s->offset || s->has_size)) {
error_setg(errp, "Cannot use offset/size with SCSI generic devices");
return -EINVAL;
}
diff --git a/blockdev.c b/blockdev.c
index 9230888..392d947 100644
--- a/blockdev.c
+++ b/blockdev.c
@@ -455,6 +455,17 @@
}
}
+static OnOffAuto account_get_opt(QemuOpts *opts, const char *name)
+{
+ if (!qemu_opt_find(opts, name)) {
+ return ON_OFF_AUTO_AUTO;
+ }
+ if (qemu_opt_get_bool(opts, name, true)) {
+ return ON_OFF_AUTO_ON;
+ }
+ return ON_OFF_AUTO_OFF;
+}
+
/* Takes the ownership of bs_opts */
static BlockBackend *blockdev_init(const char *file, QDict *bs_opts,
Error **errp)
@@ -462,7 +473,7 @@
const char *buf;
int bdrv_flags = 0;
int on_read_error, on_write_error;
- bool account_invalid, account_failed;
+ OnOffAuto account_invalid, account_failed;
bool writethrough, read_only;
BlockBackend *blk;
BlockDriverState *bs;
@@ -496,8 +507,8 @@
/* extract parameters */
snapshot = qemu_opt_get_bool(opts, "snapshot", 0);
- account_invalid = qemu_opt_get_bool(opts, "stats-account-invalid", true);
- account_failed = qemu_opt_get_bool(opts, "stats-account-failed", true);
+ account_invalid = account_get_opt(opts, "stats-account-invalid");
+ account_failed = account_get_opt(opts, "stats-account-failed");
writethrough = !qemu_opt_get_bool(opts, BDRV_OPT_CACHE_WB, true);
diff --git a/chardev/char.c b/chardev/char.c
index 0169d8d..b005df3 100644
--- a/chardev/char.c
+++ b/chardev/char.c
@@ -193,7 +193,7 @@
return be->chr_can_read(be->opaque);
}
-void qemu_chr_be_write_impl(Chardev *s, uint8_t *buf, int len)
+void qemu_chr_be_write_impl(Chardev *s, const uint8_t *buf, int len)
{
CharBackend *be = s->be;
@@ -202,7 +202,7 @@
}
}
-void qemu_chr_be_write(Chardev *s, uint8_t *buf, int len)
+void qemu_chr_be_write(Chardev *s, const uint8_t *buf, int len)
{
if (qemu_chr_replay(s)) {
if (replay_mode == REPLAY_MODE_PLAY) {
diff --git a/chardev/msmouse.c b/chardev/msmouse.c
index eb9231d..ab8fe98 100644
--- a/chardev/msmouse.c
+++ b/chardev/msmouse.c
@@ -24,23 +24,45 @@
#include "qemu/osdep.h"
#include "qemu/module.h"
+#include "qemu/fifo8.h"
#include "chardev/char.h"
+#include "chardev/char-serial.h"
#include "ui/console.h"
#include "ui/input.h"
#include "qom/object.h"
-#define MSMOUSE_LO6(n) ((n) & 0x3f)
-#define MSMOUSE_HI2(n) (((n) & 0xc0) >> 6)
+#define MSMOUSE_LO6(n) ((n) & 0x3f)
+#define MSMOUSE_HI2(n) (((n) & 0xc0) >> 6)
+#define MSMOUSE_PWR(cm) (cm & (CHR_TIOCM_RTS | CHR_TIOCM_DTR))
+
+/* Serial PnP for 6 bit devices/mice sends all ASCII chars - 0x20 */
+#define M(c) (c - 0x20)
+/* Serial fifo size. */
+#define MSMOUSE_BUF_SZ 64
+
+/* Mouse ID: Send "M3" cause we behave like a 3 button logitech mouse. */
+const uint8_t mouse_id[] = {'M', '3'};
+/*
+ * PnP start "(", PnP version (1.0), vendor ID, product ID, '\\',
+ * serial ID (omitted), '\\', MS class name, '\\', driver ID (omitted), '\\',
+ * product description, checksum, ")"
+ * Missing parts are inserted later.
+ */
+const uint8_t pnp_data[] = {M('('), 1, '$', M('Q'), M('M'), M('U'),
+ M('0'), M('0'), M('0'), M('1'),
+ M('\\'), M('\\'),
+ M('M'), M('O'), M('U'), M('S'), M('E'),
+ M('\\'), M('\\')};
struct MouseChardev {
Chardev parent;
QemuInputHandlerState *hs;
+ int tiocm;
int axis[INPUT_AXIS__MAX];
bool btns[INPUT_BUTTON__MAX];
bool btnc[INPUT_BUTTON__MAX];
- uint8_t outbuf[32];
- int outlen;
+ Fifo8 outbuf;
};
typedef struct MouseChardev MouseChardev;
@@ -51,20 +73,18 @@
static void msmouse_chr_accept_input(Chardev *chr)
{
MouseChardev *mouse = MOUSE_CHARDEV(chr);
- int len;
+ uint32_t len, avail;
len = qemu_chr_be_can_write(chr);
- if (len > mouse->outlen) {
- len = mouse->outlen;
- }
- if (!len) {
- return;
- }
+ avail = fifo8_num_used(&mouse->outbuf);
+ while (len > 0 && avail > 0) {
+ const uint8_t *buf;
+ uint32_t size;
- qemu_chr_be_write(chr, mouse->outbuf, len);
- mouse->outlen -= len;
- if (mouse->outlen) {
- memmove(mouse->outbuf, mouse->outbuf + len, mouse->outlen);
+ buf = fifo8_pop_buf(&mouse->outbuf, MIN(len, avail), &size);
+ qemu_chr_be_write(chr, buf, size);
+ len = qemu_chr_be_can_write(chr);
+ avail -= size;
}
}
@@ -91,12 +111,11 @@
mouse->btnc[INPUT_BUTTON_MIDDLE]) {
bytes[3] |= (mouse->btns[INPUT_BUTTON_MIDDLE] ? 0x20 : 0x00);
mouse->btnc[INPUT_BUTTON_MIDDLE] = false;
- count = 4;
+ count++;
}
- if (mouse->outlen <= sizeof(mouse->outbuf) - count) {
- memcpy(mouse->outbuf + mouse->outlen, bytes, count);
- mouse->outlen += count;
+ if (fifo8_num_free(&mouse->outbuf) >= count) {
+ fifo8_push_all(&mouse->outbuf, bytes, count);
} else {
/* queue full -> drop event */
}
@@ -109,6 +128,11 @@
InputMoveEvent *move;
InputBtnEvent *btn;
+ /* Ignore events if serial mouse powered down. */
+ if (!MSMOUSE_PWR(mouse->tiocm)) {
+ return;
+ }
+
switch (evt->type) {
case INPUT_EVENT_KIND_REL:
move = evt->u.rel.data;
@@ -132,6 +156,11 @@
MouseChardev *mouse = MOUSE_CHARDEV(dev);
Chardev *chr = CHARDEV(dev);
+ /* Ignore events if serial mouse powered down. */
+ if (!MSMOUSE_PWR(mouse->tiocm)) {
+ return;
+ }
+
msmouse_queue_event(mouse);
msmouse_chr_accept_input(chr);
}
@@ -142,13 +171,6 @@
return len;
}
-static void char_msmouse_finalize(Object *obj)
-{
- MouseChardev *mouse = MOUSE_CHARDEV(obj);
-
- qemu_input_handler_unregister(mouse->hs);
-}
-
static QemuInputHandler msmouse_handler = {
.name = "QEMU Microsoft Mouse",
.mask = INPUT_EVENT_MASK_BTN | INPUT_EVENT_MASK_REL,
@@ -156,6 +178,81 @@
.sync = msmouse_input_sync,
};
+static int msmouse_ioctl(Chardev *chr, int cmd, void *arg)
+{
+ MouseChardev *mouse = MOUSE_CHARDEV(chr);
+ int c, i, j;
+ uint8_t bytes[MSMOUSE_BUF_SZ / 2];
+ int *targ = (int *)arg;
+ const uint8_t hexchr[16] = {M('0'), M('1'), M('2'), M('3'), M('4'), M('5'),
+ M('6'), M('7'), M('8'), M('9'), M('A'), M('B'),
+ M('C'), M('D'), M('E'), M('F')};
+
+ switch (cmd) {
+ case CHR_IOCTL_SERIAL_SET_TIOCM:
+ c = mouse->tiocm;
+ mouse->tiocm = *(int *)arg;
+ if (MSMOUSE_PWR(mouse->tiocm)) {
+ if (!MSMOUSE_PWR(c)) {
+ /*
+ * Power on after reset: Send ID and PnP data
+ * No need to check fifo space as it is empty at this point.
+ */
+ fifo8_push_all(&mouse->outbuf, mouse_id, sizeof(mouse_id));
+ /* Add PnP data: */
+ fifo8_push_all(&mouse->outbuf, pnp_data, sizeof(pnp_data));
+ /*
+ * Add device description from qemu handler name.
+ * Make sure this all fits into the queue beforehand!
+ */
+ c = M(')');
+ for (i = 0; msmouse_handler.name[i]; i++) {
+ bytes[i] = M(msmouse_handler.name[i]);
+ c += bytes[i];
+ }
+ /* Calc more of checksum */
+ for (j = 0; j < sizeof(pnp_data); j++) {
+ c += pnp_data[j];
+ }
+ c &= 0xff;
+ bytes[i++] = hexchr[c >> 4];
+ bytes[i++] = hexchr[c & 0x0f];
+ bytes[i++] = M(')');
+ fifo8_push_all(&mouse->outbuf, bytes, i);
+ /* Start sending data to serial. */
+ msmouse_chr_accept_input(chr);
+ }
+ break;
+ }
+ /*
+ * Reset mouse buffers on power down.
+ * Mouse won't send anything without power.
+ */
+ fifo8_reset(&mouse->outbuf);
+ memset(mouse->axis, 0, sizeof(mouse->axis));
+ memset(mouse->btns, false, sizeof(mouse->btns));
+ memset(mouse->btnc, false, sizeof(mouse->btns));
+ break;
+ case CHR_IOCTL_SERIAL_GET_TIOCM:
+ /* Remember line control status. */
+ *targ = mouse->tiocm;
+ break;
+ default:
+ return -ENOTSUP;
+ }
+ return 0;
+}
+
+static void char_msmouse_finalize(Object *obj)
+{
+ MouseChardev *mouse = MOUSE_CHARDEV(obj);
+
+ if (mouse->hs) {
+ qemu_input_handler_unregister(mouse->hs);
+ }
+ fifo8_destroy(&mouse->outbuf);
+}
+
static void msmouse_chr_open(Chardev *chr,
ChardevBackend *backend,
bool *be_opened,
@@ -166,6 +263,8 @@
*be_opened = false;
mouse->hs = qemu_input_handler_register((DeviceState *)mouse,
&msmouse_handler);
+ mouse->tiocm = 0;
+ fifo8_create(&mouse->outbuf, MSMOUSE_BUF_SZ);
}
static void char_msmouse_class_init(ObjectClass *oc, void *data)
@@ -175,6 +274,7 @@
cc->open = msmouse_chr_open;
cc->chr_write = msmouse_chr_write;
cc->chr_accept_input = msmouse_chr_accept_input;
+ cc->chr_ioctl = msmouse_ioctl;
}
static const TypeInfo char_msmouse_type_info = {
diff --git a/chardev/wctablet.c b/chardev/wctablet.c
index e8b292c..43bdf6b 100644
--- a/chardev/wctablet.c
+++ b/chardev/wctablet.c
@@ -319,7 +319,9 @@
{
TabletChardev *tablet = WCTABLET_CHARDEV(obj);
- qemu_input_handler_unregister(tablet->hs);
+ if (tablet->hs) {
+ qemu_input_handler_unregister(tablet->hs);
+ }
}
static void wctablet_chr_open(Chardev *chr,
diff --git a/configure b/configure
index dc53e4d..78e7982 100755
--- a/configure
+++ b/configure
@@ -75,7 +75,6 @@
TMPB="qemu-conf"
TMPC="${TMPDIR1}/${TMPB}.c"
TMPO="${TMPDIR1}/${TMPB}.o"
-TMPCXX="${TMPDIR1}/${TMPB}.cxx"
TMPM="${TMPDIR1}/${TMPB}.m"
TMPE="${TMPDIR1}/${TMPB}.exe"
@@ -158,10 +157,6 @@
do_compiler_werror "$cc" $CPU_CFLAGS "$@"
}
-do_cxx() {
- do_compiler_werror "$cxx" $CPU_CFLAGS "$@"
-}
-
do_objc() {
do_compiler_werror "$objcc" $CPU_CFLAGS "$@"
}
@@ -171,24 +166,6 @@
eval $1=\${$1:+\"\$$1 \"}\$2
}
-update_cxxflags() {
- # Set QEMU_CXXFLAGS from QEMU_CFLAGS by filtering out those
- # options which some versions of GCC's C++ compiler complain about
- # because they only make sense for C programs.
- QEMU_CXXFLAGS="-D__STDC_LIMIT_MACROS -D__STDC_CONSTANT_MACROS -D__STDC_FORMAT_MACROS"
- CONFIGURE_CXXFLAGS=$(echo "$CONFIGURE_CFLAGS" | sed s/-std=gnu11/-std=gnu++11/)
- for arg in $QEMU_CFLAGS; do
- case $arg in
- -Wstrict-prototypes|-Wmissing-prototypes|-Wnested-externs|\
- -Wold-style-declaration|-Wold-style-definition|-Wredundant-decls)
- ;;
- *)
- QEMU_CXXFLAGS=${QEMU_CXXFLAGS:+$QEMU_CXXFLAGS }$arg
- ;;
- esac
- done
-}
-
compile_object() {
local_cflags="$1"
do_cc $CFLAGS $EXTRA_CFLAGS $CONFIGURE_CFLAGS $QEMU_CFLAGS $local_cflags -c -o $TMPO $TMPC
@@ -1101,7 +1078,7 @@
python="$python -B"
if test -z "$meson"; then
- if test "$explicit_python" = no && has meson && version_ge "$(meson --version)" 0.59.3; then
+ if test "$explicit_python" = no && has meson && version_ge "$(meson --version)" 0.61.5; then
meson=meson
elif test "$git_submodules_action" != 'ignore' ; then
meson=git
@@ -1353,12 +1330,10 @@
if test "$static" = "yes"; then
if test "$pie" != "no" && compile_prog "-Werror -fPIE -DPIE" "-static-pie"; then
CONFIGURE_CFLAGS="-fPIE -DPIE $CONFIGURE_CFLAGS"
- QEMU_LDFLAGS="-static-pie $QEMU_LDFLAGS"
pie="yes"
elif test "$pie" = "yes"; then
error_exit "-static-pie not available due to missing toolchain support"
else
- QEMU_LDFLAGS="-static $QEMU_LDFLAGS"
pie="no"
fi
elif test "$pie" = "no"; then
@@ -1380,12 +1355,6 @@
pie="no"
fi
-# Detect support for PT_GNU_RELRO + DT_BIND_NOW.
-# The combination is known as "full relro", because .got.plt is read-only too.
-if compile_prog "" "-Wl,-z,relro -Wl,-z,now" ; then
- QEMU_LDFLAGS="-Wl,-z,relro -Wl,-z,now $QEMU_LDFLAGS"
-fi
-
##########################################
# __sync_fetch_and_and requires at least -march=i486. Many toolchains
# use i686 as default anyway, but for those that don't, an explicit
@@ -2243,14 +2212,6 @@
fi
##########################################
-
-# Exclude --warn-common with TSan to suppress warnings from the TSan libraries.
-if test "$solaris" = "no" && test "$tsan" = "no"; then
- if $ld --version 2>/dev/null | grep "GNU ld" >/dev/null 2>/dev/null ; then
- QEMU_LDFLAGS="-Wl,--warn-common $QEMU_LDFLAGS"
- fi
-fi
-
# Guest agent Windows MSI package
if test "$QEMU_GA_MANUFACTURER" = ""; then
@@ -2298,23 +2259,11 @@
if test -n "$target_cc" &&
test "$targetos" != "darwin" && test "$targetos" != "sunos" && \
test "$targetos" != "haiku" && test "$softmmu" = yes ; then
- # Different host OS linkers have different ideas about the name of the ELF
- # emulation. Linux and OpenBSD/amd64 use 'elf_i386'; FreeBSD uses the _fbsd
- # variant; OpenBSD/i386 uses the _obsd variant; and Windows uses i386pe.
- for emu in elf_i386 elf_i386_fbsd elf_i386_obsd i386pe; do
- if "$target_ld" -verbose 2>&1 | grep -q "^[[:space:]]*${emu}[[:space:]]*$"; then
- ld_i386_emulation="$emu"
- break
- fi
- done
- if test -n "$ld_i386_emulation"; then
- roms="pc-bios/optionrom"
- config_mak=pc-bios/optionrom/config.mak
- echo "# Automatically generated by configure - do not modify" > $config_mak
- echo "TOPSRC_DIR=$source_path" >> $config_mak
- echo "LD_I386_EMULATION=$ld_i386_emulation" >> $config_mak
- write_target_makefile >> $config_mak
- fi
+ roms="pc-bios/optionrom"
+ config_mak=pc-bios/optionrom/config.mak
+ echo "# Automatically generated by configure - do not modify" > $config_mak
+ echo "TOPSRC_DIR=$source_path" >> $config_mak
+ write_target_makefile >> $config_mak
fi
probe_target_compiler ppc-softmmu
@@ -2352,38 +2301,6 @@
#######################################
# generate config-host.mak
-# Check that the C++ compiler exists and works with the C compiler.
-# All the QEMU_CXXFLAGS are based on QEMU_CFLAGS. Keep this at the end to don't miss any other that could be added.
-if has $cxx; then
- cat > $TMPC <<EOF
-int c_function(void);
-int main(void) { return c_function(); }
-EOF
-
- compile_object
-
- cat > $TMPCXX <<EOF
-extern "C" {
- int c_function(void);
-}
-int c_function(void) { return 42; }
-EOF
-
- update_cxxflags
-
- if do_cxx $CXXFLAGS $EXTRA_CXXFLAGS $CONFIGURE_CXXFLAGS $QEMU_CXXFLAGS -o $TMPE $TMPCXX $TMPO $QEMU_LDFLAGS; then
- # C++ compiler $cxx works ok with C compiler $cc
- :
- else
- echo "C++ compiler $cxx does not work with C compiler $cc"
- echo "Disabling C++ specific optional code"
- cxx=
- fi
-else
- echo "No C++ compiler available; disabling C++ specific optional code"
- cxx=
-fi
-
if ! (GIT="$git" "$source_path/scripts/git-submodule.sh" "$git_submodules_action" "$git_submodules"); then
exit 1
fi
@@ -2464,7 +2381,6 @@
echo "NINJA=$ninja" >> $config_host_mak
echo "CC=$cc" >> $config_host_mak
echo "QEMU_CFLAGS=$QEMU_CFLAGS" >> $config_host_mak
-echo "QEMU_CXXFLAGS=$QEMU_CXXFLAGS" >> $config_host_mak
echo "QEMU_OBJCFLAGS=$QEMU_OBJCFLAGS" >> $config_host_mak
echo "GLIB_CFLAGS=$glib_cflags" >> $config_host_mak
echo "GLIB_LIBS=$glib_libs" >> $config_host_mak
@@ -2655,7 +2571,6 @@
echo "${a}-softmmu = '$c'" >> $cross
done
- test -z "$cxx" && echo "link_language = 'c'" >> $cross
echo "[built-in options]" >> $cross
echo "c_args = [$(meson_quote $CFLAGS $EXTRA_CFLAGS)]" >> $cross
echo "cpp_args = [$(meson_quote $CXXFLAGS $EXTRA_CXXFLAGS)]" >> $cross
diff --git a/cpu.c b/cpu.c
index 584ac78..14365e3 100644
--- a/cpu.c
+++ b/cpu.c
@@ -131,9 +131,8 @@
void cpu_exec_realizefn(CPUState *cpu, Error **errp)
{
-#ifndef CONFIG_USER_ONLY
- CPUClass *cc = CPU_GET_CLASS(cpu);
-#endif
+ /* cache the cpu class for the hotpath */
+ cpu->cc = CPU_GET_CLASS(cpu);
cpu_list_add(cpu);
if (!accel_cpu_realizefn(cpu, errp)) {
@@ -151,8 +150,8 @@
if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
vmstate_register(NULL, cpu->cpu_index, &vmstate_cpu_common, cpu);
}
- if (cc->sysemu_ops->legacy_vmsd != NULL) {
- vmstate_register(NULL, cpu->cpu_index, cc->sysemu_ops->legacy_vmsd, cpu);
+ if (cpu->cc->sysemu_ops->legacy_vmsd != NULL) {
+ vmstate_register(NULL, cpu->cpu_index, cpu->cc->sysemu_ops->legacy_vmsd, cpu);
}
#endif /* CONFIG_USER_ONLY */
}
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index a72fedb..93affe3 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -81,11 +81,6 @@
option which lets the password be securely provided on the command
line using a ``secret`` object instance.
-``-watchdog`` (since 6.2)
-'''''''''''''''''''''''''
-
-Use ``-device`` instead.
-
``-smp`` ("parameter=0" SMP configurations) (since 6.2)
'''''''''''''''''''''''''''''''''''''''''''''''''''''''
diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.rst
index a4aa3dc..63df984 100644
--- a/docs/about/removed-features.rst
+++ b/docs/about/removed-features.rst
@@ -403,6 +403,11 @@
The exception is ``pcspk`` which can be activated using ``-machine
pcspk-audiodev=<name>``.
+``-watchdog`` (since 7.2)
+'''''''''''''''''''''''''
+
+Use ``-device`` instead.
+
QEMU Machine Protocol (QMP) commands
------------------------------------
diff --git a/docs/specs/tpm.rst b/docs/specs/tpm.rst
index 3be1903..535912a 100644
--- a/docs/specs/tpm.rst
+++ b/docs/specs/tpm.rst
@@ -250,24 +250,25 @@
The following commands should result in similar output inside the VM
with a Linux kernel that either has the TPM TIS driver built-in or
-available as a module:
+available as a module (assuming a TPM 2 is passed through):
.. code-block:: console
# dmesg | grep -i tpm
- [ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1)
-
- # dmesg | grep TCPA
- [ 0.000000] ACPI: TCPA 0x0000000003FFD191C 000032 (v02 BOCHS \
- BXPCTCPA 0000001 BXPC 00000001)
+ [ 0.012560] ACPI: TPM2 0x000000000BFFD1900 00004C (v04 BOCHS \
+ BXPC 0000001 BXPC 00000001)
# ls -l /dev/tpm*
- crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0
+ crw-rw----. 1 tss root 10, 224 Sep 6 12:36 /dev/tpm0
+ crw-rw----. 1 tss rss 253, 65536 Sep 6 12:36 /dev/tpmrm0
- # find /sys/devices/ | grep pcrs$ | xargs cat
- PCR-00: 35 4E 3B CE 23 9F 38 59 ...
+ Starting with Linux 5.12 there are PCR entries for TPM 2 in sysfs:
+ # find /sys/devices/ -type f | grep pcr-sha
...
- PCR-23: 00 00 00 00 00 00 00 00 ...
+ /sys/devices/LNXSYSTEM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/pcr-sha256/1
+ ...
+ /sys/devices/LNXSYSTEM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/pcr-sha256/9
+ ...
The QEMU TPM emulator device
----------------------------
@@ -304,6 +305,7 @@
mkdir /tmp/mytpm1
swtpm socket --tpmstate dir=/tmp/mytpm1 \
--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
+ --tpm2 \
--log level=20
Command line to start QEMU with the TPM emulator device communicating
@@ -365,19 +367,20 @@
.. code-block:: console
# dmesg | grep -i tpm
- [ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1)
-
- # dmesg | grep TCPA
- [ 0.000000] ACPI: TCPA 0x0000000003FFD191C 000032 (v02 BOCHS \
- BXPCTCPA 0000001 BXPC 00000001)
+ [ 0.012560] ACPI: TPM2 0x000000000BFFD1900 00004C (v04 BOCHS \
+ BXPC 0000001 BXPC 00000001)
# ls -l /dev/tpm*
- crw-------. 1 root root 10, 224 Jul 11 10:11 /dev/tpm0
+ crw-rw----. 1 tss root 10, 224 Sep 6 12:36 /dev/tpm0
+ crw-rw----. 1 tss rss 253, 65536 Sep 6 12:36 /dev/tpmrm0
- # find /sys/devices/ | grep pcrs$ | xargs cat
- PCR-00: 35 4E 3B CE 23 9F 38 59 ...
+ Starting with Linux 5.12 there are PCR entries for TPM 2 in sysfs:
+ # find /sys/devices/ -type f | grep pcr-sha
...
- PCR-23: 00 00 00 00 00 00 00 00 ...
+ /sys/devices/LNXSYSTEM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/pcr-sha256/1
+ ...
+ /sys/devices/LNXSYSTEM:00/LNXSYBUS:00/MSFT0101:00/tpm/tpm0/pcr-sha256/9
+ ...
Migration with the TPM emulator
===============================
@@ -398,7 +401,8 @@
mkdir /tmp/mytpm1
swtpm socket --tpmstate dir=/tmp/mytpm1 \
--ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock \
- --log level=20 --tpm2
+ --tpm2 \
+ --log level=20
In a 2nd terminal start the VM:
diff --git a/docs/tools/qemu-img.rst b/docs/tools/qemu-img.rst
index 85a6e05..15aeddc 100644
--- a/docs/tools/qemu-img.rst
+++ b/docs/tools/qemu-img.rst
@@ -57,7 +57,7 @@
*OUTPUT_FMT* is the destination format.
*OPTIONS* is a comma separated list of format specific options in a
-name=value format. Use ``-o ?`` for an overview of the options supported
+name=value format. Use ``-o help`` for an overview of the options supported
by the used format or see the format descriptions below for details.
*SNAPSHOT_PARAM* is param used for internal snapshot, format is
diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 0961e05..cda9def 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -253,6 +253,7 @@
qemu_fdt_setprop_string(fdt, "/", "compatible", "linux,dummy-virt");
qemu_fdt_setprop_cell(fdt, "/", "#address-cells", 0x2);
qemu_fdt_setprop_cell(fdt, "/", "#size-cells", 0x2);
+ qemu_fdt_setprop_string(fdt, "/", "model", "linux,dummy-virt");
/* /chosen must exist for load_dtb to fill in necessary properties later */
qemu_fdt_add_subnode(fdt, "/chosen");
@@ -487,6 +488,7 @@
qemu_fdt_setprop_string(ms->fdt, nodename, "compatible",
"arm,gic-v3-its");
qemu_fdt_setprop(ms->fdt, nodename, "msi-controller", NULL, 0);
+ qemu_fdt_setprop_cell(ms->fdt, nodename, "#msi-cells", 1);
qemu_fdt_setprop_sized_cells(ms->fdt, nodename, "reg",
2, vms->memmap[VIRT_GIC_ITS].base,
2, vms->memmap[VIRT_GIC_ITS].size);
@@ -1359,8 +1361,6 @@
qemu_fdt_setprop(ms->fdt, node, "interrupt-names", irq_names,
sizeof(irq_names));
- qemu_fdt_setprop_cell(ms->fdt, node, "clocks", vms->clock_phandle);
- qemu_fdt_setprop_string(ms->fdt, node, "clock-names", "apb_pclk");
qemu_fdt_setprop(ms->fdt, node, "dma-coherent", NULL, 0);
qemu_fdt_setprop_cell(ms->fdt, node, "#iommu-cells", 1);
@@ -1488,8 +1488,8 @@
qemu_fdt_setprop(ms->fdt, nodename, "dma-coherent", NULL, 0);
if (vms->msi_phandle) {
- qemu_fdt_setprop_cells(ms->fdt, nodename, "msi-parent",
- vms->msi_phandle);
+ qemu_fdt_setprop_cells(ms->fdt, nodename, "msi-map",
+ 0, vms->msi_phandle, 0, 0x10000);
}
qemu_fdt_setprop_sized_cells(ms->fdt, nodename, "reg",
diff --git a/hw/arm/xlnx-zynqmp.c b/hw/arm/xlnx-zynqmp.c
index 383e177..335cfc4 100644
--- a/hw/arm/xlnx-zynqmp.c
+++ b/hw/arm/xlnx-zynqmp.c
@@ -143,6 +143,14 @@
77, 78, 79, 80, 81, 82, 83, 84
};
+static const uint64_t usb_addr[XLNX_ZYNQMP_NUM_USB] = {
+ 0xFE200000, 0xFE300000
+};
+
+static const int usb_intr[XLNX_ZYNQMP_NUM_USB] = {
+ 65, 70
+};
+
typedef struct XlnxZynqMPGICRegion {
int region_index;
uint32_t address;
@@ -428,6 +436,10 @@
object_initialize_child(obj, "qspi-dma", &s->qspi_dma, TYPE_XLNX_CSU_DMA);
object_initialize_child(obj, "qspi-irq-orgate",
&s->qspi_irq_orgate, TYPE_OR_IRQ);
+
+ for (i = 0; i < XLNX_ZYNQMP_NUM_USB; i++) {
+ object_initialize_child(obj, "usb[*]", &s->usb[i], TYPE_USB_DWC3);
+ }
}
static void xlnx_zynqmp_realize(DeviceState *dev, Error **errp)
@@ -814,6 +826,30 @@
object_property_add_alias(OBJECT(s), bus_name,
OBJECT(&s->qspi), target_bus);
}
+
+ for (i = 0; i < XLNX_ZYNQMP_NUM_USB; i++) {
+ if (!object_property_set_link(OBJECT(&s->usb[i].sysbus_xhci), "dma",
+ OBJECT(system_memory), errp)) {
+ return;
+ }
+
+ qdev_prop_set_uint32(DEVICE(&s->usb[i].sysbus_xhci), "intrs", 4);
+ qdev_prop_set_uint32(DEVICE(&s->usb[i].sysbus_xhci), "slots", 2);
+
+ if (!sysbus_realize(SYS_BUS_DEVICE(&s->usb[i]), errp)) {
+ return;
+ }
+
+ sysbus_mmio_map(SYS_BUS_DEVICE(&s->usb[i]), 0, usb_addr[i]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->usb[i].sysbus_xhci), 0,
+ gic_spi[usb_intr[i]]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->usb[i].sysbus_xhci), 1,
+ gic_spi[usb_intr[i] + 1]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->usb[i].sysbus_xhci), 2,
+ gic_spi[usb_intr[i] + 2]);
+ sysbus_connect_irq(SYS_BUS_DEVICE(&s->usb[i].sysbus_xhci), 3,
+ gic_spi[usb_intr[i] + 3]);
+ }
}
static Property xlnx_zynqmp_props[] = {
diff --git a/hw/block/block.c b/hw/block/block.c
index 0427916..f9c4fe6 100644
--- a/hw/block/block.c
+++ b/hw/block/block.c
@@ -205,6 +205,8 @@
blk_set_enable_write_cache(blk, wce);
blk_set_on_error(blk, rerror, werror);
+ block_acct_setup(blk_get_stats(blk), conf->account_invalid,
+ conf->account_failed);
return true;
}
diff --git a/hw/char/serial.c b/hw/char/serial.c
index 7061aac..41b5e61 100644
--- a/hw/char/serial.c
+++ b/hw/char/serial.c
@@ -961,6 +961,9 @@
const MemoryRegionOps serial_io_ops = {
.read = serial_ioport_read,
.write = serial_ioport_write,
+ .valid = {
+ .unaligned = 1,
+ },
.impl = {
.min_access_size = 1,
.max_access_size = 1,
diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
index 9e3241b..f9fdd46 100644
--- a/hw/core/cpu-common.c
+++ b/hw/core/cpu-common.c
@@ -137,8 +137,7 @@
cpu->cflags_next_tb = -1;
if (tcg_enabled()) {
- cpu_tb_jmp_cache_clear(cpu);
-
+ tcg_flush_jmp_cache(cpu);
tcg_flush_softmmu_tlb(cpu);
}
}
diff --git a/hw/core/cpu-sysemu.c b/hw/core/cpu-sysemu.c
index 00253f8..5eaf2e7 100644
--- a/hw/core/cpu-sysemu.c
+++ b/hw/core/cpu-sysemu.c
@@ -69,11 +69,10 @@
int cpu_asidx_from_attrs(CPUState *cpu, MemTxAttrs attrs)
{
- CPUClass *cc = CPU_GET_CLASS(cpu);
int ret = 0;
- if (cc->sysemu_ops->asidx_from_attrs) {
- ret = cc->sysemu_ops->asidx_from_attrs(cpu, attrs);
+ if (cpu->cc->sysemu_ops->asidx_from_attrs) {
+ ret = cpu->cc->sysemu_ops->asidx_from_attrs(cpu, attrs);
assert(ret < cpu->num_ases && ret >= 0);
}
return ret;
diff --git a/hw/display/vhost-user-gpu.c b/hw/display/vhost-user-gpu.c
index 3340ef9..19c0e20 100644
--- a/hw/display/vhost-user-gpu.c
+++ b/hw/display/vhost-user-gpu.c
@@ -11,6 +11,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/sockets.h"
#include "hw/qdev-properties.h"
#include "hw/virtio/virtio-gpu.h"
#include "chardev/char-fe.h"
@@ -375,7 +376,7 @@
Chardev *chr;
int sv[2];
- if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
+ if (qemu_socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
error_setg_errno(errp, errno, "socketpair() failed");
return false;
}
diff --git a/hw/i386/microvm.c b/hw/i386/microvm.c
index 52cafa0..7fe8cce 100644
--- a/hw/i386/microvm.c
+++ b/hw/i386/microvm.c
@@ -332,7 +332,7 @@
rom_set_fw(fw_cfg);
if (machine->kernel_filename != NULL) {
- x86_load_linux(x86ms, fw_cfg, 0, true, true);
+ x86_load_linux(x86ms, fw_cfg, 0, true, false);
}
if (mms->option_roms) {
diff --git a/hw/i386/pc_piix.c b/hw/i386/pc_piix.c
index 8043a25..0b1a79c 100644
--- a/hw/i386/pc_piix.c
+++ b/hw/i386/pc_piix.c
@@ -439,7 +439,6 @@
m->alias = "pc";
m->is_default = true;
pcmc->default_cpu_version = 1;
- pcmc->legacy_no_rng_seed = true;
}
DEFINE_I440FX_MACHINE(v7_2, "pc-i440fx-7.2", NULL,
@@ -447,9 +446,11 @@
static void pc_i440fx_7_1_machine_options(MachineClass *m)
{
+ PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
pc_i440fx_7_2_machine_options(m);
m->alias = NULL;
m->is_default = false;
+ pcmc->legacy_no_rng_seed = true;
compat_props_add(m->compat_props, hw_compat_7_1, hw_compat_7_1_len);
compat_props_add(m->compat_props, pc_compat_7_1, pc_compat_7_1_len);
}
diff --git a/hw/i386/pc_q35.c b/hw/i386/pc_q35.c
index 53eda50..a496bd6 100644
--- a/hw/i386/pc_q35.c
+++ b/hw/i386/pc_q35.c
@@ -376,7 +376,6 @@
pc_q35_machine_options(m);
m->alias = "q35";
pcmc->default_cpu_version = 1;
- pcmc->legacy_no_rng_seed = true;
}
DEFINE_Q35_MACHINE(v7_2, "pc-q35-7.2", NULL,
@@ -384,8 +383,10 @@
static void pc_q35_7_1_machine_options(MachineClass *m)
{
+ PCMachineClass *pcmc = PC_MACHINE_CLASS(m);
pc_q35_7_2_machine_options(m);
m->alias = NULL;
+ pcmc->legacy_no_rng_seed = true;
compat_props_add(m->compat_props, hw_compat_7_1, hw_compat_7_1_len);
compat_props_add(m->compat_props, pc_compat_7_1, pc_compat_7_1_len);
}
diff --git a/hw/i386/x86.c b/hw/i386/x86.c
index 050eedc..1148f70 100644
--- a/hw/i386/x86.c
+++ b/hw/i386/x86.c
@@ -37,6 +37,7 @@
#include "sysemu/whpx.h"
#include "sysemu/numa.h"
#include "sysemu/replay.h"
+#include "sysemu/reset.h"
#include "sysemu/sysemu.h"
#include "sysemu/cpu-timers.h"
#include "sysemu/xen.h"
@@ -652,12 +653,12 @@
return dev;
}
-struct setup_data {
+typedef struct SetupData {
uint64_t next;
uint32_t type;
uint32_t len;
uint8_t data[];
-} __attribute__((packed));
+} __attribute__((packed)) SetupData;
/*
@@ -764,6 +765,30 @@
return true;
}
+typedef struct SetupDataFixup {
+ void *pos;
+ hwaddr orig_val, new_val;
+ uint32_t addr;
+} SetupDataFixup;
+
+static void fixup_setup_data(void *opaque)
+{
+ SetupDataFixup *fixup = opaque;
+ stq_p(fixup->pos, fixup->new_val);
+}
+
+static void reset_setup_data(void *opaque)
+{
+ SetupDataFixup *fixup = opaque;
+ stq_p(fixup->pos, fixup->orig_val);
+}
+
+static void reset_rng_seed(void *opaque)
+{
+ SetupData *setup_data = opaque;
+ qemu_guest_getrandom_nofail(setup_data->data, le32_to_cpu(setup_data->len));
+}
+
void x86_load_linux(X86MachineState *x86ms,
FWCfgState *fw_cfg,
int acpi_data_size,
@@ -780,7 +805,7 @@
FILE *f;
char *vmode;
MachineState *machine = MACHINE(x86ms);
- struct setup_data *setup_data;
+ SetupData *setup_data;
const char *kernel_filename = machine->kernel_filename;
const char *initrd_filename = machine->initrd_filename;
const char *dtb_filename = machine->dtb;
@@ -1063,11 +1088,11 @@
}
setup_data_offset = QEMU_ALIGN_UP(kernel_size, 16);
- kernel_size = setup_data_offset + sizeof(struct setup_data) + dtb_size;
+ kernel_size = setup_data_offset + sizeof(SetupData) + dtb_size;
kernel = g_realloc(kernel, kernel_size);
- setup_data = (struct setup_data *)(kernel + setup_data_offset);
+ setup_data = (SetupData *)(kernel + setup_data_offset);
setup_data->next = cpu_to_le64(first_setup_data);
first_setup_data = prot_addr + setup_data_offset;
setup_data->type = cpu_to_le32(SETUP_DTB);
@@ -1078,18 +1103,25 @@
if (!legacy_no_rng_seed) {
setup_data_offset = QEMU_ALIGN_UP(kernel_size, 16);
- kernel_size = setup_data_offset + sizeof(struct setup_data) + RNG_SEED_LENGTH;
+ kernel_size = setup_data_offset + sizeof(SetupData) + RNG_SEED_LENGTH;
kernel = g_realloc(kernel, kernel_size);
- setup_data = (struct setup_data *)(kernel + setup_data_offset);
+ setup_data = (SetupData *)(kernel + setup_data_offset);
setup_data->next = cpu_to_le64(first_setup_data);
first_setup_data = prot_addr + setup_data_offset;
setup_data->type = cpu_to_le32(SETUP_RNG_SEED);
setup_data->len = cpu_to_le32(RNG_SEED_LENGTH);
qemu_guest_getrandom_nofail(setup_data->data, RNG_SEED_LENGTH);
+ qemu_register_reset(reset_rng_seed, setup_data);
+ fw_cfg_add_bytes_callback(fw_cfg, FW_CFG_KERNEL_DATA, reset_rng_seed, NULL,
+ setup_data, kernel, kernel_size, true);
+ } else {
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_KERNEL_DATA, kernel, kernel_size);
}
- /* Offset 0x250 is a pointer to the first setup_data link. */
- stq_p(header + 0x250, first_setup_data);
+ fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, prot_addr);
+ fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_SIZE, kernel_size);
+ sev_load_ctx.kernel_data = (char *)kernel;
+ sev_load_ctx.kernel_size = kernel_size;
/*
* If we're starting an encrypted VM, it will be OVMF based, which uses the
@@ -1099,16 +1131,20 @@
* file the user passed in.
*/
if (!sev_enabled()) {
+ SetupDataFixup *fixup = g_malloc(sizeof(*fixup));
+
memcpy(setup, header, MIN(sizeof(header), setup_size));
+ /* Offset 0x250 is a pointer to the first setup_data link. */
+ fixup->pos = setup + 0x250;
+ fixup->orig_val = ldq_p(fixup->pos);
+ fixup->new_val = first_setup_data;
+ fixup->addr = cpu_to_le32(real_addr);
+ fw_cfg_add_bytes_callback(fw_cfg, FW_CFG_SETUP_ADDR, fixup_setup_data, NULL,
+ fixup, &fixup->addr, sizeof(fixup->addr), true);
+ qemu_register_reset(reset_setup_data, fixup);
+ } else {
+ fw_cfg_add_i32(fw_cfg, FW_CFG_SETUP_ADDR, real_addr);
}
-
- fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_ADDR, prot_addr);
- fw_cfg_add_i32(fw_cfg, FW_CFG_KERNEL_SIZE, kernel_size);
- fw_cfg_add_bytes(fw_cfg, FW_CFG_KERNEL_DATA, kernel, kernel_size);
- sev_load_ctx.kernel_data = (char *)kernel;
- sev_load_ctx.kernel_size = kernel_size;
-
- fw_cfg_add_i32(fw_cfg, FW_CFG_SETUP_ADDR, real_addr);
fw_cfg_add_i32(fw_cfg, FW_CFG_SETUP_SIZE, setup_size);
fw_cfg_add_bytes(fw_cfg, FW_CFG_SETUP_DATA, setup, setup_size);
sev_load_ctx.setup_data = (char *)setup;
diff --git a/hw/ide/core.c b/hw/ide/core.c
index 7cbc0a5..39afdc0 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1340,6 +1340,11 @@
s->pio_aiocb = NULL;
}
+ if (s->reset_reverts) {
+ s->reset_reverts = false;
+ s->heads = s->drive_heads;
+ s->sectors = s->drive_sectors;
+ }
if (s->drive_kind == IDE_CFATA)
s->mult_sectors = 0;
else
@@ -1618,6 +1623,20 @@
return true;
}
+/* INITIALIZE DEVICE PARAMETERS */
+static bool cmd_specify(IDEState *s, uint8_t cmd)
+{
+ if (s->blk && s->drive_kind != IDE_CD) {
+ s->heads = (s->select & (ATA_DEV_HS)) + 1;
+ s->sectors = s->nsector;
+ ide_set_irq(s->bus);
+ } else {
+ ide_abort_command(s);
+ }
+
+ return true;
+}
+
static bool cmd_set_features(IDEState *s, uint8_t cmd)
{
uint16_t *identify_data;
@@ -1641,7 +1660,11 @@
ide_flush_cache(s);
return false;
case 0xcc: /* reverting to power-on defaults enable */
+ s->reset_reverts = true;
+ return true;
case 0x66: /* reverting to power-on defaults disable */
+ s->reset_reverts = false;
+ return true;
case 0xaa: /* read look-ahead enable */
case 0x55: /* read look-ahead disable */
case 0x05: /* set advanced power management mode */
@@ -1704,8 +1727,14 @@
return false;
}
+/* EXECUTE DEVICE DIAGNOSTIC */
static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd)
{
+ /*
+ * Clear the device register per the ATA (v6) specification,
+ * because ide_set_signature does not clear LBA or drive bits.
+ */
+ s->select = (ATA_DEV_ALWAYS_ON);
ide_set_signature(s);
if (s->drive_kind == IDE_CD) {
@@ -2045,7 +2074,7 @@
[WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC },
[CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK },
[WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK },
- [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC },
+ [WIN_SPECIFY] = { cmd_specify, HD_CFA_OK | SET_DSC },
[WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK },
[WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK },
[WIN_STANDBY2] = { cmd_nop, HD_CFA_OK },
@@ -2535,8 +2564,8 @@
blk_get_geometry(blk, &nb_sectors);
s->cylinders = cylinders;
- s->heads = heads;
- s->sectors = secs;
+ s->heads = s->drive_heads = heads;
+ s->sectors = s->drive_sectors = secs;
s->chs_trans = chs_trans;
s->nb_sectors = nb_sectors;
s->wwn = wwn;
diff --git a/hw/ide/piix.c b/hw/ide/piix.c
index 9a9b280..de1f4f0 100644
--- a/hw/ide/piix.c
+++ b/hw/ide/piix.c
@@ -21,6 +21,10 @@
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
+ *
+ * References:
+ * [1] 82371FB (PIIX) AND 82371SB (PIIX3) PCI ISA IDE XCELERATOR,
+ * 290550-002, Intel Corporation, April 1997.
*/
#include "qemu/osdep.h"
@@ -114,14 +118,11 @@
ide_bus_reset(&d->bus[i]);
}
- /* TODO: this is the default. do not override. */
- pci_conf[PCI_COMMAND] = 0x00;
- /* TODO: this is the default. do not override. */
- pci_conf[PCI_COMMAND + 1] = 0x00;
- /* TODO: use pci_set_word */
- pci_conf[PCI_STATUS] = PCI_STATUS_FAST_BACK;
- pci_conf[PCI_STATUS + 1] = PCI_STATUS_DEVSEL_MEDIUM >> 8;
- pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
+ /* PCI command register default value (0000h) per [1, p.48]. */
+ pci_set_word(pci_conf + PCI_COMMAND, 0x0000);
+ pci_set_word(pci_conf + PCI_STATUS,
+ PCI_STATUS_DEVSEL_MEDIUM | PCI_STATUS_FAST_BACK);
+ pci_set_byte(pci_conf + 0x20, 0x01); /* BMIBA: 20-23h */
}
static int pci_piix_init_ports(PCIIDEState *d)
diff --git a/hw/mem/cxl_type3.c b/hw/mem/cxl_type3.c
index 3bf2869..ada2108 100644
--- a/hw/mem/cxl_type3.c
+++ b/hw/mem/cxl_type3.c
@@ -49,7 +49,7 @@
.phase2_power = 0x33, /* 0x33 miliwatts */
};
cxl_component_create_dvsec(cxl_cstate, CXL2_TYPE3_DEVICE,
- GPF_DEVICE_DVSEC_LENGTH, GPF_PORT_DVSEC,
+ GPF_DEVICE_DVSEC_LENGTH, GPF_DEVICE_DVSEC,
GPF_DEVICE_DVSEC_REVID, dvsec);
}
diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c
index d605f3f..564bda3 100644
--- a/hw/nvram/fw_cfg.c
+++ b/hw/nvram/fw_cfg.c
@@ -692,12 +692,12 @@
}
};
-static void fw_cfg_add_bytes_callback(FWCfgState *s, uint16_t key,
- FWCfgCallback select_cb,
- FWCfgWriteCallback write_cb,
- void *callback_opaque,
- void *data, size_t len,
- bool read_only)
+void fw_cfg_add_bytes_callback(FWCfgState *s, uint16_t key,
+ FWCfgCallback select_cb,
+ FWCfgWriteCallback write_cb,
+ void *callback_opaque,
+ void *data, size_t len,
+ bool read_only)
{
int arch = !!(key & FW_CFG_ARCH_LOCAL);
diff --git a/hw/remote/iommu.c b/hw/remote/iommu.c
index fd723d9..1391dd7 100644
--- a/hw/remote/iommu.c
+++ b/hw/remote/iommu.c
@@ -47,7 +47,7 @@
elem = g_hash_table_lookup(iommu->elem_by_devfn, INT2VOIDP(devfn));
if (!elem) {
- elem = g_malloc0(sizeof(RemoteIommuElem));
+ elem = g_new0(RemoteIommuElem, 1);
g_hash_table_insert(iommu->elem_by_devfn, INT2VOIDP(devfn), elem);
}
diff --git a/hw/virtio/vhost-shadow-virtqueue.c b/hw/virtio/vhost-shadow-virtqueue.c
index e8e5bbc..596d443 100644
--- a/hw/virtio/vhost-shadow-virtqueue.c
+++ b/hw/virtio/vhost-shadow-virtqueue.c
@@ -289,7 +289,7 @@
virtio_queue_set_notification(svq->vq, false);
while (true) {
- g_autofree VirtQueueElement *elem;
+ g_autofree VirtQueueElement *elem = NULL;
int r;
if (svq->next_guest_avail_elem) {
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index bd24741..70748e6 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -1726,7 +1726,7 @@
return 0;
}
- if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
+ if (qemu_socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) {
int saved_errno = errno;
error_report("socketpair() failed");
return -saved_errno;
diff --git a/hw/virtio/virtio-crypto.c b/hw/virtio/virtio-crypto.c
index c1243c3..df4bde2 100644
--- a/hw/virtio/virtio-crypto.c
+++ b/hw/virtio/virtio-crypto.c
@@ -710,7 +710,7 @@
uint8_t *src = NULL;
uint8_t *dst = NULL;
- asym_op_info = g_malloc0(sizeof(CryptoDevBackendAsymOpInfo));
+ asym_op_info = g_new0(CryptoDevBackendAsymOpInfo, 1);
src_len = ldl_le_p(&req->para.src_data_len);
dst_len = ldl_le_p(&req->para.dst_data_len);
diff --git a/hw/watchdog/sbsa_gwdt.c b/hw/watchdog/sbsa_gwdt.c
index e49cacd..7aa57a8 100644
--- a/hw/watchdog/sbsa_gwdt.c
+++ b/hw/watchdog/sbsa_gwdt.c
@@ -24,11 +24,6 @@
#include "qemu/log.h"
#include "qemu/module.h"
-static WatchdogTimerModel model = {
- .wdt_name = TYPE_WDT_SBSA,
- .wdt_description = "SBSA-compliant generic watchdog device",
-};
-
static const VMStateDescription vmstate_sbsa_gwdt = {
.name = "sbsa-gwdt",
.version_id = 1,
@@ -287,7 +282,6 @@
static void wdt_sbsa_gwdt_register_types(void)
{
- watchdog_add_model(&model);
type_register_static(&wdt_sbsa_gwdt_info);
}
diff --git a/hw/watchdog/watchdog.c b/hw/watchdog/watchdog.c
index 1437e6c..6c082a3 100644
--- a/hw/watchdog/watchdog.c
+++ b/hw/watchdog/watchdog.c
@@ -32,49 +32,6 @@
#include "qemu/help_option.h"
static WatchdogAction watchdog_action = WATCHDOG_ACTION_RESET;
-static QLIST_HEAD(, WatchdogTimerModel) watchdog_list;
-
-void watchdog_add_model(WatchdogTimerModel *model)
-{
- QLIST_INSERT_HEAD(&watchdog_list, model, entry);
-}
-
-/* Returns:
- * 0 = continue
- * 1 = exit program with error
- * 2 = exit program without error
- */
-int select_watchdog(const char *p)
-{
- WatchdogTimerModel *model;
- QemuOpts *opts;
-
- /* -watchdog ? lists available devices and exits cleanly. */
- if (is_help_option(p)) {
- QLIST_FOREACH(model, &watchdog_list, entry) {
- fprintf(stderr, "\t%s\t%s\n",
- model->wdt_name, model->wdt_description);
- }
- return 2;
- }
-
- QLIST_FOREACH(model, &watchdog_list, entry) {
- if (strcasecmp(model->wdt_name, p) == 0) {
- /* add the device */
- opts = qemu_opts_create(qemu_find_opts("device"), NULL, 0,
- &error_abort);
- qemu_opt_set(opts, "driver", p, &error_abort);
- return 0;
- }
- }
-
- fprintf(stderr, "Unknown -watchdog device. Supported devices are:\n");
- QLIST_FOREACH(model, &watchdog_list, entry) {
- fprintf(stderr, "\t%s\t%s\n",
- model->wdt_name, model->wdt_description);
- }
- return 1;
-}
WatchdogAction get_watchdog_action(void)
{
diff --git a/hw/watchdog/wdt_aspeed.c b/hw/watchdog/wdt_aspeed.c
index 31855af..d753693 100644
--- a/hw/watchdog/wdt_aspeed.c
+++ b/hw/watchdog/wdt_aspeed.c
@@ -202,11 +202,6 @@
return;
}
-static WatchdogTimerModel model = {
- .wdt_name = TYPE_ASPEED_WDT,
- .wdt_description = "Aspeed watchdog device",
-};
-
static const VMStateDescription vmstate_aspeed_wdt = {
.name = "vmstate_aspeed_wdt",
.version_id = 0,
@@ -416,7 +411,6 @@
static void wdt_aspeed_register_types(void)
{
- watchdog_add_model(&model);
type_register_static(&aspeed_wdt_info);
type_register_static(&aspeed_2400_wdt_info);
type_register_static(&aspeed_2500_wdt_info);
diff --git a/hw/watchdog/wdt_diag288.c b/hw/watchdog/wdt_diag288.c
index 9e8882a..76d89fb 100644
--- a/hw/watchdog/wdt_diag288.c
+++ b/hw/watchdog/wdt_diag288.c
@@ -19,11 +19,6 @@
#include "migration/vmstate.h"
#include "qemu/log.h"
-static WatchdogTimerModel model = {
- .wdt_name = TYPE_WDT_DIAG288,
- .wdt_description = "diag288 device for s390x platform",
-};
-
static const VMStateDescription vmstate_diag288 = {
.name = "vmstate_diag288",
.version_id = 0,
@@ -138,7 +133,6 @@
static void wdt_diag288_register_types(void)
{
- watchdog_add_model(&model);
type_register_static(&wdt_diag288_info);
}
diff --git a/hw/watchdog/wdt_i6300esb.c b/hw/watchdog/wdt_i6300esb.c
index f99a1c9..5693ec6 100644
--- a/hw/watchdog/wdt_i6300esb.c
+++ b/hw/watchdog/wdt_i6300esb.c
@@ -457,11 +457,6 @@
timer_free(d->timer);
}
-static WatchdogTimerModel model = {
- .wdt_name = "i6300esb",
- .wdt_description = "Intel 6300ESB",
-};
-
static void i6300esb_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
@@ -493,7 +488,6 @@
static void i6300esb_register_types(void)
{
- watchdog_add_model(&model);
type_register_static(&i6300esb_info);
}
diff --git a/hw/watchdog/wdt_ib700.c b/hw/watchdog/wdt_ib700.c
index 91d1bdc..b116c3a 100644
--- a/hw/watchdog/wdt_ib700.c
+++ b/hw/watchdog/wdt_ib700.c
@@ -128,11 +128,6 @@
timer_del(s->timer);
}
-static WatchdogTimerModel model = {
- .wdt_name = "ib700",
- .wdt_description = "iBASE 700",
-};
-
static void wdt_ib700_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
@@ -153,7 +148,6 @@
static void wdt_ib700_register_types(void)
{
- watchdog_add_model(&model);
type_register_static(&wdt_ib700_info);
}
diff --git a/hw/watchdog/wdt_imx2.c b/hw/watchdog/wdt_imx2.c
index c312837..e776a2f 100644
--- a/hw/watchdog/wdt_imx2.c
+++ b/hw/watchdog/wdt_imx2.c
@@ -291,14 +291,8 @@
.class_init = imx2_wdt_class_init,
};
-static WatchdogTimerModel model = {
- .wdt_name = "imx2-watchdog",
- .wdt_description = "i.MX2 Watchdog",
-};
-
static void imx2_wdt_register_type(void)
{
- watchdog_add_model(&model);
type_register_static(&imx2_wdt_info);
}
type_init(imx2_wdt_register_type)
diff --git a/include/block/accounting.h b/include/block/accounting.h
index 878b4c3..b9caad6 100644
--- a/include/block/accounting.h
+++ b/include/block/accounting.h
@@ -27,7 +27,7 @@
#include "qemu/timed-average.h"
#include "qemu/thread.h"
-#include "qapi/qapi-builtin-types.h"
+#include "qapi/qapi-types-common.h"
typedef struct BlockAcctTimedStats BlockAcctTimedStats;
typedef struct BlockAcctStats BlockAcctStats;
@@ -100,8 +100,8 @@
} BlockAcctCookie;
void block_acct_init(BlockAcctStats *stats);
-void block_acct_setup(BlockAcctStats *stats, bool account_invalid,
- bool account_failed);
+void block_acct_setup(BlockAcctStats *stats, enum OnOffAuto account_invalid,
+ enum OnOffAuto account_failed);
void block_acct_cleanup(BlockAcctStats *stats);
void block_acct_add_interval(BlockAcctStats *stats, unsigned interval_length);
BlockAcctTimedStats *block_acct_interval_next(BlockAcctStats *stats,
diff --git a/include/block/block-io.h b/include/block/block-io.h
index fd25ffa..492f95f 100644
--- a/include/block/block-io.h
+++ b/include/block/block-io.h
@@ -150,7 +150,6 @@
void *qemu_blockalign0(BlockDriverState *bs, size_t size);
void *qemu_try_blockalign(BlockDriverState *bs, size_t size);
void *qemu_try_blockalign0(BlockDriverState *bs, size_t size);
-bool bdrv_qiov_is_aligned(BlockDriverState *bs, QEMUIOVector *qiov);
void bdrv_enable_copy_on_read(BlockDriverState *bs);
void bdrv_disable_copy_on_read(BlockDriverState *bs);
diff --git a/include/block/block_int-io.h b/include/block/block_int-io.h
index 91cdd61..4b0b3e1 100644
--- a/include/block/block_int-io.h
+++ b/include/block/block_int-io.h
@@ -73,7 +73,7 @@
return bdrv_co_pwritev(child, offset, bytes, &qiov, flags);
}
-bool coroutine_fn bdrv_make_request_serialising(BdrvTrackedRequest *req,
+void coroutine_fn bdrv_make_request_serialising(BdrvTrackedRequest *req,
uint64_t align);
BdrvTrackedRequest *coroutine_fn bdrv_co_get_self_request(BlockDriverState *bs);
diff --git a/include/chardev/char.h b/include/chardev/char.h
index a319b5f..44cd82e 100644
--- a/include/chardev/char.h
+++ b/include/chardev/char.h
@@ -186,7 +186,7 @@
* the caller should call @qemu_chr_be_can_write to determine how much data
* the front end can currently accept.
*/
-void qemu_chr_be_write(Chardev *s, uint8_t *buf, int len);
+void qemu_chr_be_write(Chardev *s, const uint8_t *buf, int len);
/**
* qemu_chr_be_write_impl:
@@ -195,7 +195,7 @@
*
* Implementation of back end writing. Used by replay module.
*/
-void qemu_chr_be_write_impl(Chardev *s, uint8_t *buf, int len);
+void qemu_chr_be_write_impl(Chardev *s, const uint8_t *buf, int len);
/**
* qemu_chr_be_update_read_handlers:
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index d909429..c493510 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -38,6 +38,7 @@
unsigned int cpu_list_generation_id_get(void);
void tcg_flush_softmmu_tlb(CPUState *cs);
+void tcg_flush_jmp_cache(CPUState *cs);
void tcg_iommu_init_notifier_list(CPUState *cpu);
void tcg_iommu_free_notifier_list(CPUState *cpu);
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index ba3cd32..21309cf 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -54,6 +54,9 @@
# error TARGET_PAGE_BITS must be defined in cpu-param.h
# endif
#endif
+#ifndef TARGET_TB_PCREL
+# define TARGET_TB_PCREL 0
+#endif
#define TARGET_LONG_SIZE (TARGET_LONG_BITS / 8)
@@ -108,6 +111,7 @@
# endif
# endif
+/* Minimalized TLB entry for use by TCG fast path. */
typedef struct CPUTLBEntry {
/* bit TARGET_LONG_BITS to TARGET_PAGE_BITS : virtual address
bit TARGET_PAGE_BITS-1..4 : Nonzero for accesses that should not
@@ -131,14 +135,14 @@
QEMU_BUILD_BUG_ON(sizeof(CPUTLBEntry) != (1 << CPU_TLB_ENTRY_BITS));
-/* The IOTLB is not accessed directly inline by generated TCG code,
- * so the CPUIOTLBEntry layout is not as critical as that of the
- * CPUTLBEntry. (This is also why we don't want to combine the two
- * structs into one.)
+/*
+ * The full TLB entry, which is not accessed by generated TCG code,
+ * so the layout is not as critical as that of CPUTLBEntry. This is
+ * also why we don't want to combine the two structs.
*/
-typedef struct CPUIOTLBEntry {
+typedef struct CPUTLBEntryFull {
/*
- * @addr contains:
+ * @xlat_section contains:
* - in the lower TARGET_PAGE_BITS, a physical section number
* - with the lower TARGET_PAGE_BITS masked off, an offset which
* must be added to the virtual address to obtain:
@@ -146,9 +150,32 @@
* number is PHYS_SECTION_NOTDIRTY or PHYS_SECTION_ROM)
* + the offset within the target MemoryRegion (otherwise)
*/
- hwaddr addr;
+ hwaddr xlat_section;
+
+ /*
+ * @phys_addr contains the physical address in the address space
+ * given by cpu_asidx_from_attrs(cpu, @attrs).
+ */
+ hwaddr phys_addr;
+
+ /* @attrs contains the memory transaction attributes for the page. */
MemTxAttrs attrs;
-} CPUIOTLBEntry;
+
+ /* @prot contains the complete protections for the page. */
+ uint8_t prot;
+
+ /* @lg_page_size contains the log2 of the page size. */
+ uint8_t lg_page_size;
+
+ /*
+ * Allow target-specific additions to this structure.
+ * This may be used to cache items from the guest cpu
+ * page tables for later use by the implementation.
+ */
+#ifdef TARGET_PAGE_ENTRY_EXTRA
+ TARGET_PAGE_ENTRY_EXTRA
+#endif
+} CPUTLBEntryFull;
/*
* Data elements that are per MMU mode, minus the bits accessed by
@@ -172,9 +199,8 @@
size_t vindex;
/* The tlb victim table, in two parts. */
CPUTLBEntry vtable[CPU_VTLB_SIZE];
- CPUIOTLBEntry viotlb[CPU_VTLB_SIZE];
- /* The iotlb. */
- CPUIOTLBEntry *iotlb;
+ CPUTLBEntryFull vfulltlb[CPU_VTLB_SIZE];
+ CPUTLBEntryFull *fulltlb;
} CPUTLBDesc;
/*
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index bcad607..e5f8b22 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -258,6 +258,28 @@
unsigned bits);
/**
+ * tlb_set_page_full:
+ * @cpu: CPU context
+ * @mmu_idx: mmu index of the tlb to modify
+ * @vaddr: virtual address of the entry to add
+ * @full: the details of the tlb entry
+ *
+ * Add an entry to @cpu tlb index @mmu_idx. All of the fields of
+ * @full must be filled, except for xlat_section, and constitute
+ * the complete description of the translated page.
+ *
+ * This is generally called by the target tlb_fill function after
+ * having performed a successful page table walk to find the physical
+ * address and attributes for the translation.
+ *
+ * At most one entry for a given virtual address is permitted. Only a
+ * single TARGET_PAGE_SIZE region is mapped; @full->lg_page_size is only
+ * used by tlb_flush_page.
+ */
+void tlb_set_page_full(CPUState *cpu, int mmu_idx, target_ulong vaddr,
+ CPUTLBEntryFull *full);
+
+/**
* tlb_set_page_with_attrs:
* @cpu: CPU to add this TLB entry for
* @vaddr: virtual address of page to add entry for
@@ -434,6 +456,21 @@
MMUAccessType access_type, int mmu_idx,
bool nonfault, void **phost, uintptr_t retaddr);
+#ifndef CONFIG_USER_ONLY
+/**
+ * probe_access_full:
+ * Like probe_access_flags, except also return into @pfull.
+ *
+ * The CPUTLBEntryFull structure returned via @pfull is transient
+ * and must be consumed or copied immediately, before any further
+ * access or changes to TLB @mmu_idx.
+ */
+int probe_access_full(CPUArchState *env, target_ulong addr,
+ MMUAccessType access_type, int mmu_idx,
+ bool nonfault, void **phost,
+ CPUTLBEntryFull **pfull, uintptr_t retaddr);
+#endif
+
#define CODE_GEN_ALIGN 16 /* must be >= of the size of a icache line */
/* Estimated block size for TB allocation. */
@@ -459,8 +496,32 @@
};
struct TranslationBlock {
- target_ulong pc; /* simulated PC corresponding to this block (EIP + CS base) */
- target_ulong cs_base; /* CS base for this block */
+#if !TARGET_TB_PCREL
+ /*
+ * Guest PC corresponding to this block. This must be the true
+ * virtual address. Therefore e.g. x86 stores EIP + CS_BASE, and
+ * targets like Arm, MIPS, HP-PA, which reuse low bits for ISA or
+ * privilege, must store those bits elsewhere.
+ *
+ * If TARGET_TB_PCREL, the opcodes for the TranslationBlock are
+ * written such that the TB is associated only with the physical
+ * page and may be run in any virtual address context. In this case,
+ * PC must always be taken from ENV in a target-specific manner.
+ * Unwind information is taken as offsets from the page, to be
+ * deposited into the "current" PC.
+ */
+ target_ulong pc;
+#endif
+
+ /*
+ * Target-specific data associated with the TranslationBlock, e.g.:
+ * x86: the original user, the Code Segment virtual base,
+ * arm: an extension of tb->flags,
+ * s390x: instruction data for EXECUTE,
+ * sparc: the next pc of the instruction queue (for delay slots).
+ */
+ target_ulong cs_base;
+
uint32_t flags; /* flags defining in which context the code was generated */
uint32_t cflags; /* compile flags */
@@ -533,6 +594,16 @@
uintptr_t jmp_dest[2];
};
+/* Hide the read to avoid ifdefs for TARGET_TB_PCREL. */
+static inline target_ulong tb_pc(const TranslationBlock *tb)
+{
+#if TARGET_TB_PCREL
+ qemu_build_not_reached();
+#else
+ return tb->pc;
+#endif
+}
+
/* Hide the qatomic_read to make code a little easier on the eyes */
static inline uint32_t tb_cflags(const TranslationBlock *tb)
{
diff --git a/include/exec/plugin-gen.h b/include/exec/plugin-gen.h
index f92f169..5004728 100644
--- a/include/exec/plugin-gen.h
+++ b/include/exec/plugin-gen.h
@@ -19,7 +19,8 @@
#ifdef CONFIG_PLUGIN
-bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool supress);
+bool plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db,
+ bool supress);
void plugin_gen_tb_end(CPUState *cpu);
void plugin_gen_insn_start(CPUState *cpu, const struct DisasContextBase *db);
void plugin_gen_insn_end(void);
@@ -48,8 +49,8 @@
#else /* !CONFIG_PLUGIN */
-static inline
-bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool supress)
+static inline bool
+plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db, bool sup)
{
return false;
}
diff --git a/include/hw/arm/xlnx-zynqmp.h b/include/hw/arm/xlnx-zynqmp.h
index 85fd9f5..20bdf89 100644
--- a/include/hw/arm/xlnx-zynqmp.h
+++ b/include/hw/arm/xlnx-zynqmp.h
@@ -42,6 +42,7 @@
#include "hw/misc/xlnx-zynqmp-apu-ctrl.h"
#include "hw/misc/xlnx-zynqmp-crf.h"
#include "hw/timer/cadence_ttc.h"
+#include "hw/usb/hcd-dwc3.h"
#define TYPE_XLNX_ZYNQMP "xlnx-zynqmp"
OBJECT_DECLARE_SIMPLE_TYPE(XlnxZynqMPState, XLNX_ZYNQMP)
@@ -56,6 +57,7 @@
#define XLNX_ZYNQMP_NUM_SPIS 2
#define XLNX_ZYNQMP_NUM_GDMA_CH 8
#define XLNX_ZYNQMP_NUM_ADMA_CH 8
+#define XLNX_ZYNQMP_NUM_USB 2
#define XLNX_ZYNQMP_NUM_QSPI_BUS 2
#define XLNX_ZYNQMP_NUM_QSPI_BUS_CS 2
@@ -132,6 +134,7 @@
XlnxZynqMPAPUCtrl apu_ctrl;
XlnxZynqMPCRF crf;
CadenceTTCState ttc[XLNX_ZYNQMP_NUM_TTC];
+ USBDWC3 usb[XLNX_ZYNQMP_NUM_USB];
char *boot_cpu;
ARMCPU *boot_cpu_ptr;
diff --git a/include/hw/block/block.h b/include/hw/block/block.h
index 5902c04..15fff664 100644
--- a/include/hw/block/block.h
+++ b/include/hw/block/block.h
@@ -31,6 +31,7 @@
uint32_t lcyls, lheads, lsecs;
OnOffAuto wce;
bool share_rw;
+ OnOffAuto account_invalid, account_failed;
BlockdevOnError rerror;
BlockdevOnError werror;
} BlockConf;
@@ -61,7 +62,11 @@
_conf.discard_granularity, -1), \
DEFINE_PROP_ON_OFF_AUTO("write-cache", _state, _conf.wce, \
ON_OFF_AUTO_AUTO), \
- DEFINE_PROP_BOOL("share-rw", _state, _conf.share_rw, false)
+ DEFINE_PROP_BOOL("share-rw", _state, _conf.share_rw, false), \
+ DEFINE_PROP_ON_OFF_AUTO("account-invalid", _state, \
+ _conf.account_invalid, ON_OFF_AUTO_AUTO), \
+ DEFINE_PROP_ON_OFF_AUTO("account-failed", _state, \
+ _conf.account_failed, ON_OFF_AUTO_AUTO)
#define DEFINE_BLOCK_PROPERTIES(_state, _conf) \
DEFINE_PROP_DRIVE("drive", _state, _conf.blk), \
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 500503d..f9b5877 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -51,6 +51,13 @@
*/
#define CPU(obj) ((CPUState *)(obj))
+/*
+ * The class checkers bring in CPU_GET_CLASS() which is potentially
+ * expensive given the eventual call to
+ * object_class_dynamic_cast_assert(). Because of this the CPUState
+ * has a cached value for the class in cs->cc which is set up in
+ * cpu_exec_realizefn() for use in hot code paths.
+ */
typedef struct CPUClass CPUClass;
DECLARE_CLASS_CHECKERS(CPUClass, CPU,
TYPE_CPU)
@@ -108,6 +115,8 @@
* If the target behaviour here is anything other than "set
* the PC register to the value passed in" then the target must
* also implement the synchronize_from_tb hook.
+ * @get_pc: Callback for getting the Program Counter register.
+ * As above, with the semantics of the target architecture.
* @gdb_read_register: Callback for letting GDB read a register.
* @gdb_write_register: Callback for letting GDB write a register.
* @gdb_adjust_breakpoint: Callback for adjusting the address of a
@@ -144,6 +153,7 @@
void (*dump_state)(CPUState *cpu, FILE *, int flags);
int64_t (*get_arch_id)(CPUState *cpu);
void (*set_pc)(CPUState *cpu, vaddr value);
+ vaddr (*get_pc)(CPUState *cpu);
int (*gdb_read_register)(CPUState *cpu, GByteArray *buf, int reg);
int (*gdb_write_register)(CPUState *cpu, uint8_t *buf, int reg);
vaddr (*gdb_adjust_breakpoint)(CPUState *cpu, vaddr addr);
@@ -218,7 +228,6 @@
* the memory regions get moved around by io_writex.
*/
typedef struct SavedIOTLB {
- hwaddr addr;
MemoryRegionSection *section;
hwaddr mr_offset;
} SavedIOTLB;
@@ -230,9 +239,6 @@
struct hax_vcpu_state;
struct hvf_vcpu_state;
-#define TB_JMP_CACHE_BITS 12
-#define TB_JMP_CACHE_SIZE (1 << TB_JMP_CACHE_BITS)
-
/* work queue */
/* The union type allows passing of 64 bit target pointers on 32 bit
@@ -317,6 +323,8 @@
struct CPUState {
/*< private >*/
DeviceState parent_obj;
+ /* cache to avoid expensive CPU_GET_CLASS */
+ CPUClass *cc;
/*< public >*/
int nr_cores;
@@ -361,8 +369,7 @@
CPUArchState *env_ptr;
IcountDecr *icount_decr_ptr;
- /* Accessed in parallel; all accesses must be atomic */
- TranslationBlock *tb_jmp_cache[TB_JMP_CACHE_SIZE];
+ CPUJumpCache *tb_jmp_cache;
struct GDBRegisterState *gdb_regs;
int gdb_num_regs;
@@ -448,15 +455,6 @@
extern __thread CPUState *current_cpu;
-static inline void cpu_tb_jmp_cache_clear(CPUState *cpu)
-{
- unsigned int i;
-
- for (i = 0; i < TB_JMP_CACHE_SIZE; i++) {
- qatomic_set(&cpu->tb_jmp_cache[i], NULL);
- }
-}
-
/**
* qemu_tcg_mttcg_enabled:
* Check whether we are running MultiThread TCG or not.
diff --git a/include/hw/ide/internal.h b/include/hw/ide/internal.h
index 97e7e59..b17f36d 100644
--- a/include/hw/ide/internal.h
+++ b/include/hw/ide/internal.h
@@ -375,6 +375,7 @@
uint8_t unit;
/* ide config */
IDEDriveKind drive_kind;
+ int drive_heads, drive_sectors;
int cylinders, heads, sectors, chs_trans;
int64_t nb_sectors;
int mult_sectors;
@@ -401,6 +402,8 @@
uint8_t select;
uint8_t status;
+ bool reset_reverts;
+
/* set for lba48 access */
uint8_t lba48;
BlockBackend *blk;
diff --git a/include/hw/nvram/fw_cfg.h b/include/hw/nvram/fw_cfg.h
index 0e7a8bc..e4fef39 100644
--- a/include/hw/nvram/fw_cfg.h
+++ b/include/hw/nvram/fw_cfg.h
@@ -118,6 +118,28 @@
void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len);
/**
+ * fw_cfg_add_bytes_callback:
+ * @s: fw_cfg device being modified
+ * @key: selector key value for new fw_cfg item
+ * @select_cb: callback function when selecting
+ * @write_cb: callback function after a write
+ * @callback_opaque: argument to be passed into callback function
+ * @data: pointer to start of item data
+ * @len: size of item data
+ * @read_only: is file read only
+ *
+ * Add a new fw_cfg item, available by selecting the given key, as a raw
+ * "blob" of the given size. The data referenced by the starting pointer
+ * is only linked, NOT copied, into the data structure of the fw_cfg device.
+ */
+void fw_cfg_add_bytes_callback(FWCfgState *s, uint16_t key,
+ FWCfgCallback select_cb,
+ FWCfgWriteCallback write_cb,
+ void *callback_opaque,
+ void *data, size_t len,
+ bool read_only);
+
+/**
* fw_cfg_add_string:
* @s: fw_cfg device being modified
* @key: selector key value for new fw_cfg item
diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
index 038faa1..036745e 100644
--- a/include/qemu/sockets.h
+++ b/include/qemu/sockets.h
@@ -14,6 +14,24 @@
/* misc helpers */
bool fd_is_socket(int fd);
int qemu_socket(int domain, int type, int protocol);
+
+#ifndef WIN32
+/**
+ * qemu_socketpair:
+ * @domain: specifies a communication domain, such as PF_UNIX
+ * @type: specifies the socket type.
+ * @protocol: specifies a particular protocol to be used with the socket
+ * @sv: an array to store the pair of socket created
+ *
+ * Creates an unnamed pair of connected sockets in the specified domain,
+ * of the specified type, and using the optionally specified protocol.
+ * And automatically set the close-on-exec flags on the returned sockets
+ *
+ * Return 0 on success.
+ */
+int qemu_socketpair(int domain, int type, int protocol, int sv[2]);
+#endif
+
int qemu_accept(int s, struct sockaddr *addr, socklen_t *addrlen);
int socket_set_cork(int fd, int v);
int socket_set_nodelay(int fd);
diff --git a/include/qemu/typedefs.h b/include/qemu/typedefs.h
index 42f4ceb..5f95169 100644
--- a/include/qemu/typedefs.h
+++ b/include/qemu/typedefs.h
@@ -41,7 +41,9 @@
typedef struct ConfidentialGuestSupport ConfidentialGuestSupport;
typedef struct CPUAddressSpace CPUAddressSpace;
typedef struct CPUArchState CPUArchState;
+typedef struct CPUJumpCache CPUJumpCache;
typedef struct CPUState CPUState;
+typedef struct CPUTLBEntryFull CPUTLBEntryFull;
typedef struct DeviceListener DeviceListener;
typedef struct DeviceState DeviceState;
typedef struct DirtyBitmapSnapshot DirtyBitmapSnapshot;
diff --git a/include/sysemu/replay.h b/include/sysemu/replay.h
index 73dee9c..7ec0882 100644
--- a/include/sysemu/replay.h
+++ b/include/sysemu/replay.h
@@ -198,7 +198,7 @@
/*! Registers char driver to save it's events */
void replay_register_char_driver(struct Chardev *chr);
/*! Saves write to char device event to the log */
-void replay_chr_be_write(struct Chardev *s, uint8_t *buf, int len);
+void replay_chr_be_write(struct Chardev *s, const uint8_t *buf, int len);
/*! Writes char write return value to the replay log. */
void replay_char_write_event_save(int res, int offset);
/*! Reads char write return value from the replay log. */
diff --git a/include/sysemu/watchdog.h b/include/sysemu/watchdog.h
index d2d4901..745c89b 100644
--- a/include/sysemu/watchdog.h
+++ b/include/sysemu/watchdog.h
@@ -25,20 +25,8 @@
#include "qemu/queue.h"
#include "qapi/qapi-types-run-state.h"
-struct WatchdogTimerModel {
- QLIST_ENTRY(WatchdogTimerModel) entry;
-
- /* Short name of the device - used to select it on the command line. */
- const char *wdt_name;
- /* Longer description (eg. manufacturer and full model number). */
- const char *wdt_description;
-};
-typedef struct WatchdogTimerModel WatchdogTimerModel;
-
/* in hw/watchdog.c */
-int select_watchdog(const char *p);
WatchdogAction get_watchdog_action(void);
-void watchdog_add_model(WatchdogTimerModel *model);
void watchdog_perform_action(void);
#endif /* QEMU_WATCHDOG_H */
diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index 26a7052..d84bae6 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -840,7 +840,7 @@
void tcg_prologue_init(TCGContext *s);
void tcg_func_start(TCGContext *s);
-int tcg_gen_code(TCGContext *s, TranslationBlock *tb);
+int tcg_gen_code(TCGContext *s, TranslationBlock *tb, target_ulong pc_start);
void tcg_set_frame(TCGContext *s, TCGReg reg, intptr_t start, intptr_t size);
diff --git a/linux-user/sh4/signal.c b/linux-user/sh4/signal.c
index f6a18bc..c4ba962 100644
--- a/linux-user/sh4/signal.c
+++ b/linux-user/sh4/signal.c
@@ -161,7 +161,7 @@
__get_user(regs->fpul, &sc->sc_fpul);
regs->tra = -1; /* disable syscall checks */
- regs->flags &= ~(DELAY_SLOT_MASK | GUSA_MASK);
+ regs->flags = 0;
}
void setup_frame(int sig, struct target_sigaction *ka,
@@ -199,7 +199,7 @@
regs->gregs[5] = 0;
regs->gregs[6] = frame_addr += offsetof(typeof(*frame), sc);
regs->pc = (unsigned long) ka->_sa_handler;
- regs->flags &= ~(DELAY_SLOT_MASK | GUSA_MASK);
+ regs->flags &= ~(TB_FLAG_DELAY_SLOT_MASK | TB_FLAG_GUSA_MASK);
unlock_user_struct(frame, frame_addr, 1);
return;
@@ -251,7 +251,7 @@
regs->gregs[5] = frame_addr + offsetof(typeof(*frame), info);
regs->gregs[6] = frame_addr + offsetof(typeof(*frame), uc);
regs->pc = (unsigned long) ka->_sa_handler;
- regs->flags &= ~(DELAY_SLOT_MASK | GUSA_MASK);
+ regs->flags &= ~(TB_FLAG_DELAY_SLOT_MASK | TB_FLAG_GUSA_MASK);
unlock_user_struct(frame, frame_addr, 1);
return;
diff --git a/meson b/meson
index 12f9f04..3a9b285 160000
--- a/meson
+++ b/meson
@@ -1 +1 @@
-Subproject commit 12f9f04ba0decfda425dbbf9a501084c153a2d18
+Subproject commit 3a9b285a55b91b53b2acda987192274352ecb5be
diff --git a/meson.build b/meson.build
index 8dc6613..4321b8f 100644
--- a/meson.build
+++ b/meson.build
@@ -1,4 +1,4 @@
-project('qemu', ['c'], meson_version: '>=0.59.3',
+project('qemu', ['c'], meson_version: '>=0.61.3',
default_options: ['warning_level=1', 'c_std=gnu11', 'cpp_std=gnu++11', 'b_colorout=auto',
'b_staticpic=false', 'stdsplit=false', 'optimization=2', 'b_pie=true'],
version: files('VERSION'))
@@ -180,10 +180,17 @@
##################
qemu_cflags = config_host['QEMU_CFLAGS'].split()
-qemu_cxxflags = config_host['QEMU_CXXFLAGS'].split()
qemu_objcflags = config_host['QEMU_OBJCFLAGS'].split()
qemu_ldflags = config_host['QEMU_LDFLAGS'].split()
+if enable_static
+ qemu_ldflags += get_option('b_pie') ? '-static-pie' : '-static'
+endif
+
+# Detect support for PT_GNU_RELRO + DT_BIND_NOW.
+# The combination is known as "full relro", because .got.plt is read-only too.
+qemu_ldflags += cc.get_supported_link_arguments('-Wl,-z,relro', '-Wl,-z,now')
+
if targetos == 'windows'
qemu_ldflags += cc.get_supported_link_arguments('-Wl,--no-seh', '-Wl,--nxcompat')
# Disable ASLR for debug builds to allow debugging with gdb
@@ -194,7 +201,6 @@
if get_option('gprof')
qemu_cflags += ['-p']
- qemu_cxxflags += ['-p']
qemu_objcflags += ['-p']
qemu_ldflags += ['-p']
endif
@@ -240,8 +246,38 @@
endif
add_global_arguments(qemu_cflags, native: false, language: ['c'])
-add_global_arguments(qemu_cxxflags, native: false, language: ['cpp'])
add_global_arguments(qemu_objcflags, native: false, language: ['objc'])
+
+# Check that the C++ compiler exists and works with the C compiler.
+link_language = 'c'
+linker = cc
+qemu_cxxflags = []
+if add_languages('cpp', required: false, native: false)
+ cxx = meson.get_compiler('cpp')
+ add_global_arguments(['-D__STDC_LIMIT_MACROS', '-D__STDC_CONSTANT_MACROS', '-D__STDC_FORMAT_MACROS'],
+ native: false, language: 'cpp')
+ foreach k: qemu_cflags
+ if k not in ['-Wstrict-prototypes', '-Wmissing-prototypes', '-Wnested-externs',
+ '-Wold-style-declaration', '-Wold-style-definition', '-Wredundant-decls']
+ qemu_cxxflags += [k]
+ endif
+ endforeach
+ add_global_arguments(qemu_cxxflags, native: false, language: 'cpp')
+
+ if cxx.links(files('scripts/main.c'), args: qemu_cflags)
+ link_language = 'cpp'
+ linker = cxx
+ else
+ message('C++ compiler does not work with C compiler')
+ message('Disabling C++-specific optional code')
+ endif
+endif
+
+# Exclude --warn-common with TSan to suppress warnings from the TSan libraries.
+if targetos != 'sunos' and not config_host.has_key('CONFIG_TSAN')
+ qemu_ldflags += linker.get_supported_link_arguments('-Wl,--warn-common')
+endif
+
add_global_link_arguments(qemu_ldflags, native: false, language: ['c', 'cpp', 'objc'])
if targetos == 'linux'
@@ -255,14 +291,6 @@
'-iquote', meson.current_source_dir() / 'include',
language: ['c', 'cpp', 'objc'])
-link_language = meson.get_external_property('link_language', 'cpp')
-if link_language == 'cpp'
- add_languages('cpp', required: true, native: false)
- cxx = meson.get_compiler('cpp')
- linker = cxx
-else
- linker = cc
-endif
if host_machine.system() == 'darwin'
add_languages('objc', required: false, native: false)
endif
@@ -487,6 +515,7 @@
gio = not_found
gdbus_codegen = not_found
+gdbus_codegen_error = '@0@ requires gdbus-codegen, please install libgio'
if not get_option('gio').auto() or have_system
gio = dependency('gio-2.0', required: get_option('gio'),
method: 'pkg-config', kwargs: static_kwargs)
@@ -511,6 +540,10 @@
version: gio.version())
endif
endif
+if gdbus_codegen.found() and get_option('cfi')
+ gdbus_codegen = not_found
+ gdbus_codegen_error = '@0@ uses gdbus-codegen, which does not support control flow integrity'
+endif
lttng = not_found
if 'ust' in get_option('trace_backends')
@@ -844,14 +877,10 @@
}'''
curses_dep_list = targetos == 'windows' ? ['ncurses', 'ncursesw'] : ['ncursesw']
- foreach curses_dep : curses_dep_list
- if not curses.found()
- curses = dependency(curses_dep,
- required: false,
- method: 'pkg-config',
- kwargs: static_kwargs)
- endif
- endforeach
+ curses = dependency(curses_dep_list,
+ required: false,
+ method: 'pkg-config',
+ kwargs: static_kwargs)
msg = get_option('curses').enabled() ? 'curses library not found' : ''
curses_compile_args = ['-DNCURSES_WIDECHAR=1']
if curses.found()
@@ -1689,14 +1718,11 @@
have_host_block_device = (targetos != 'darwin' or
cc.has_header('IOKit/storage/IOMedia.h'))
-# FIXME enable_modules shouldn't be necessary, but: https://github.com/mesonbuild/meson/issues/8333
dbus_display = get_option('dbus_display') \
.require(gio.version().version_compare('>=2.64'),
error_message: '-display dbus requires glib>=2.64') \
- .require(enable_modules,
- error_message: '-display dbus requires --enable-modules') \
.require(gdbus_codegen.found(),
- error_message: '-display dbus requires gdbus-codegen') \
+ error_message: gdbus_codegen_error.format('-display dbus')) \
.require(opengl.found() and gbm.found(),
error_message: '-display dbus requires epoxy/egl and gbm') \
.allowed()
diff --git a/migration/dirtyrate.c b/migration/dirtyrate.c
index 795fab5..d6f1e01 100644
--- a/migration/dirtyrate.c
+++ b/migration/dirtyrate.c
@@ -119,9 +119,9 @@
}
stat->nvcpu = nvcpu;
- stat->rates = g_malloc0(sizeof(DirtyRateVcpu) * nvcpu);
+ stat->rates = g_new0(DirtyRateVcpu, nvcpu);
- records = g_malloc0(sizeof(DirtyPageRecord) * nvcpu);
+ records = g_new0(DirtyPageRecord, nvcpu);
return records;
}
diff --git a/pc-bios/optionrom/Makefile b/pc-bios/optionrom/Makefile
index e90ca2e..3e06c11 100644
--- a/pc-bios/optionrom/Makefile
+++ b/pc-bios/optionrom/Makefile
@@ -20,28 +20,24 @@
# Flags for dependency generation
override CPPFLAGS += -MMD -MP -MT $@ -MF $(@D)/$(*F).d
-override CFLAGS += $(filter -W%, $(QEMU_CFLAGS))
override CFLAGS += $(call cc-option, -fno-pie)
+override CFLAGS += $(call cc-option, -no-pie)
override CFLAGS += -ffreestanding -I$(TOPSRC_DIR)/include
override CFLAGS += $(call cc-option, -fno-stack-protector)
override CFLAGS += $(call cc-option, -Wno-array-bounds)
-Wa = -Wa,
-override ASFLAGS += -32
-override CFLAGS += $(call cc-option, $(Wa)-32)
-
-override LDFLAGS = -m $(LD_I386_EMULATION) -T $(SRC_DIR)/flat.lds
+override LDFLAGS = -nostdlib -Wl,-T,$(SRC_DIR)/flat.lds
pvh.img: pvh.o pvh_main.o
%.o: %.S
- $(call quiet-command,$(CC) $(CPPFLAGS) -E -o - $< | $(AS) $(ASFLAGS) -o $@,"AS","$@")
+ $(call quiet-command,$(CC) $(CPPFLAGS) $(CFLAGS) -c -o $@ $<,"AS","$@")
%.o: %.c
$(call quiet-command,$(CC) $(CPPFLAGS) $(CFLAGS) -c $< -o $@,"CC","$@")
%.img: %.o
- $(call quiet-command,$(LD) $(LDFLAGS) -s -o $@ $^,"BUILD","$@")
+ $(call quiet-command,$(CC) $(CFLAGS) $(LDFLAGS) -s -o $@ $^,"BUILD","$@")
%.raw: %.img
$(call quiet-command,$(OBJCOPY) -O binary -j .text $< $@,"BUILD","$@")
diff --git a/pc-bios/qboot.rom b/pc-bios/qboot.rom
old mode 100644
new mode 100755
index 7634106..684000f
--- a/pc-bios/qboot.rom
+++ b/pc-bios/qboot.rom
Binary files differ
diff --git a/plugins/core.c b/plugins/core.c
index 792262d..c3ae284 100644
--- a/plugins/core.c
+++ b/plugins/core.c
@@ -56,7 +56,7 @@
static void plugin_cpu_update__async(CPUState *cpu, run_on_cpu_data data)
{
bitmap_copy(cpu->plugin_mask, &data.host_ulong, QEMU_PLUGIN_EV_MAX);
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
}
static void plugin_cpu_update__locked(gpointer k, gpointer v, gpointer udata)
diff --git a/qemu-img.c b/qemu-img.c
index 7d4b33b..cab9776 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -164,8 +164,8 @@
" 'output_filename' is the destination disk image filename\n"
" 'output_fmt' is the destination format\n"
" 'options' is a comma separated list of format specific options in a\n"
- " name=value format. Use -o ? for an overview of the options supported by the\n"
- " used format\n"
+ " name=value format. Use -o help for an overview of the options supported by\n"
+ " the used format\n"
" 'snapshot_param' is param used for internal snapshot, format\n"
" is 'snapshot.id=[ID],snapshot.name=[NAME]', or\n"
" '[ID_OR_NAME]'\n"
diff --git a/qemu-options.hx b/qemu-options.hx
index 913c71e..95b998a 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4352,7 +4352,7 @@
``-action panic=none``
``-action reboot=shutdown,shutdown=pause``
- ``-watchdog i6300esb -action watchdog=pause``
+ ``-device i6300esb -action watchdog=pause``
ERST
@@ -4470,35 +4470,6 @@
specifies the snapshot name used to load the initial VM state.
ERST
-DEF("watchdog", HAS_ARG, QEMU_OPTION_watchdog, \
- "-watchdog model\n" \
- " enable virtual hardware watchdog [default=none]\n",
- QEMU_ARCH_ALL)
-SRST
-``-watchdog model``
- Create a virtual hardware watchdog device. Once enabled (by a guest
- action), the watchdog must be periodically polled by an agent inside
- the guest or else the guest will be restarted. Choose a model for
- which your guest has drivers.
-
- The model is the model of hardware watchdog to emulate. Use
- ``-watchdog help`` to list available hardware models. Only one
- watchdog can be enabled for a guest.
-
- The following models may be available:
-
- ``ib700``
- iBASE 700 is a very simple ISA watchdog with a single timer.
-
- ``i6300esb``
- Intel 6300ESB I/O controller hub is a much more featureful
- PCI-based dual-timer watchdog.
-
- ``diag288``
- A virtual watchdog for s390x backed by the diagnose 288
- hypercall (currently KVM only).
-ERST
-
DEF("watchdog-action", HAS_ARG, QEMU_OPTION_watchdog_action, \
"-watchdog-action reset|shutdown|poweroff|inject-nmi|pause|debug|none\n" \
" action when watchdog fires [default=reset]\n",
@@ -4520,7 +4491,7 @@
Examples:
- ``-watchdog i6300esb -watchdog-action pause``; \ ``-watchdog ib700``
+ ``-device i6300esb -watchdog-action pause``
ERST
diff --git a/qga/meson.build b/qga/meson.build
index 65c1e93..a0ffd6d 100644
--- a/qga/meson.build
+++ b/qga/meson.build
@@ -138,7 +138,7 @@
if get_option('guest_agent_msi').enabled()
error('MSI guest agent package is available only for MinGW Windows cross-compilation')
endif
- install_subdir('run', install_dir: get_option('localstatedir'))
+ install_emptydir(get_option('localstatedir') / 'run')
endif
alias_target('qemu-ga', all_qga)
diff --git a/replay/replay-char.c b/replay/replay-char.c
index d202594..a31aded 100644
--- a/replay/replay-char.c
+++ b/replay/replay-char.c
@@ -48,7 +48,7 @@
char_drivers[drivers_count++] = chr;
}
-void replay_chr_be_write(Chardev *s, uint8_t *buf, int len)
+void replay_chr_be_write(Chardev *s, const uint8_t *buf, int len)
{
CharEvent *event = g_new0(CharEvent, 1);
diff --git a/replay/replay.c b/replay/replay.c
index 4c396bb..9a0dc1c 100644
--- a/replay/replay.c
+++ b/replay/replay.c
@@ -366,10 +366,8 @@
fclose(replay_file);
replay_file = NULL;
}
- if (replay_filename) {
- g_free(replay_filename);
- replay_filename = NULL;
- }
+ g_free(replay_filename);
+ replay_filename = NULL;
g_free(replay_snapshot);
replay_snapshot = NULL;
diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index d900d18..e3e3b43 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -1667,6 +1667,7 @@
# some scripts we imported from other projects.
next if ($realfile =~ /\.(s|S)$/);
next if ($realfile =~ /(checkpatch|get_maintainer)\.pl$/);
+ next if ($realfile =~ /^target\/hexagon\/imported\/*/);
if ($rawline =~ /^\+.*\t/) {
my $herevet = "$here\n" . cat_vet($rawline) . "\n";
diff --git a/scripts/main.c b/scripts/main.c
new file mode 100644
index 0000000..b552c8e
--- /dev/null
+++ b/scripts/main.c
@@ -0,0 +1 @@
+int main(void) {}
diff --git a/softmmu/dirtylimit.c b/softmmu/dirtylimit.c
index 8d98cb7..1266855 100644
--- a/softmmu/dirtylimit.c
+++ b/softmmu/dirtylimit.c
@@ -154,7 +154,7 @@
vcpu_dirty_rate_stat->stat.nvcpu = max_cpus;
vcpu_dirty_rate_stat->stat.rates =
- g_malloc0(sizeof(DirtyRateVcpu) * max_cpus);
+ g_new0(DirtyRateVcpu, max_cpus);
vcpu_dirty_rate_stat->running = false;
}
@@ -198,7 +198,7 @@
dirtylimit_state = g_malloc0(sizeof(*dirtylimit_state));
dirtylimit_state->states =
- g_malloc0(sizeof(VcpuDirtyLimitState) * max_cpus);
+ g_new0(VcpuDirtyLimitState, max_cpus);
for (i = 0; i < max_cpus; i++) {
dirtylimit_state->states[i].cpu_index = i;
diff --git a/softmmu/vl.c b/softmmu/vl.c
index 9abadcc..b464da2 100644
--- a/softmmu/vl.c
+++ b/softmmu/vl.c
@@ -53,7 +53,6 @@
#include "hw/isa/isa.h"
#include "hw/scsi/scsi.h"
#include "hw/display/vga.h"
-#include "sysemu/watchdog.h"
#include "hw/firmware/smbios.h"
#include "hw/acpi/acpi.h"
#include "hw/xen/xen.h"
@@ -181,7 +180,6 @@
static const char *log_mask;
static const char *log_file;
static bool list_data_dirs;
-static const char *watchdog;
static const char *qtest_chrdev;
static const char *qtest_log;
@@ -2329,12 +2327,6 @@
}
object_register_sugar_prop("memory-backend", "prealloc", "on", false);
}
-
- if (watchdog) {
- int i = select_watchdog(watchdog);
- if (i > 0)
- exit (i == 1 ? 1 : 0);
- }
}
/* -action processing */
@@ -3107,14 +3099,6 @@
default_monitor = 0;
}
break;
- case QEMU_OPTION_watchdog:
- if (watchdog) {
- error_report("only one watchdog option may be given");
- exit(1);
- }
- warn_report("-watchdog is deprecated; use -device instead.");
- watchdog = optarg;
- break;
case QEMU_OPTION_action:
olist = qemu_find_opts("action");
if (!qemu_opts_parse_noisily(olist, optarg, false)) {
diff --git a/stubs/replay-tools.c b/stubs/replay-tools.c
index f2e72bb..3e8ca32 100644
--- a/stubs/replay-tools.c
+++ b/stubs/replay-tools.c
@@ -53,7 +53,7 @@
{
}
-void replay_chr_be_write(struct Chardev *s, uint8_t *buf, int len)
+void replay_chr_be_write(struct Chardev *s, const uint8_t *buf, int len)
{
abort();
}
diff --git a/target/alpha/cpu.c b/target/alpha/cpu.c
index a8990d4..979a629 100644
--- a/target/alpha/cpu.c
+++ b/target/alpha/cpu.c
@@ -33,6 +33,14 @@
cpu->env.pc = value;
}
+static vaddr alpha_cpu_get_pc(CPUState *cs)
+{
+ AlphaCPU *cpu = ALPHA_CPU(cs);
+
+ return cpu->env.pc;
+}
+
+
static bool alpha_cpu_has_work(CPUState *cs)
{
/* Here we are checking to see if the CPU should wake up from HALT.
@@ -244,6 +252,7 @@
cc->has_work = alpha_cpu_has_work;
cc->dump_state = alpha_cpu_dump_state;
cc->set_pc = alpha_cpu_set_pc;
+ cc->get_pc = alpha_cpu_get_pc;
cc->gdb_read_register = alpha_cpu_gdb_read_register;
cc->gdb_write_register = alpha_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 7ec3281..94ca6f1 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -60,6 +60,18 @@
}
}
+static vaddr arm_cpu_get_pc(CPUState *cs)
+{
+ ARMCPU *cpu = ARM_CPU(cs);
+ CPUARMState *env = &cpu->env;
+
+ if (is_a64(env)) {
+ return env->pc;
+ } else {
+ return env->regs[15];
+ }
+}
+
#ifdef CONFIG_TCG
void arm_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
@@ -72,9 +84,9 @@
* never possible for an AArch64 TB to chain to an AArch32 TB.
*/
if (is_a64(env)) {
- env->pc = tb->pc;
+ env->pc = tb_pc(tb);
} else {
- env->regs[15] = tb->pc;
+ env->regs[15] = tb_pc(tb);
}
}
#endif /* CONFIG_TCG */
@@ -2172,6 +2184,7 @@
cc->has_work = arm_cpu_has_work;
cc->dump_state = arm_cpu_dump_state;
cc->set_pc = arm_cpu_set_pc;
+ cc->get_pc = arm_cpu_get_pc;
cc->gdb_read_register = arm_cpu_gdb_read_register;
cc->gdb_write_register = arm_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/arm/cpu.h b/target/arm/cpu.h
index 33cdbc0..429ed42 100644
--- a/target/arm/cpu.h
+++ b/target/arm/cpu.h
@@ -1334,11 +1334,15 @@
FIELD(CPTR_EL3, TAM, 30, 1)
FIELD(CPTR_EL3, TCPAC, 31, 1)
+#define MDCR_MTPME (1U << 28)
+#define MDCR_TDCC (1U << 27)
#define MDCR_HLP (1U << 26) /* MDCR_EL2 */
#define MDCR_SCCD (1U << 23) /* MDCR_EL3 */
#define MDCR_HCCD (1U << 23) /* MDCR_EL2 */
#define MDCR_EPMAD (1U << 21)
#define MDCR_EDAD (1U << 20)
+#define MDCR_TTRF (1U << 19)
+#define MDCR_STE (1U << 18) /* MDCR_EL3 */
#define MDCR_SPME (1U << 17) /* MDCR_EL3 */
#define MDCR_HPMD (1U << 17) /* MDCR_EL2 */
#define MDCR_SDD (1U << 16)
@@ -1353,7 +1357,9 @@
#define MDCR_HPMN (0x1fU)
/* Not all of the MDCR_EL3 bits are present in the 32-bit SDCR */
-#define SDCR_VALID_MASK (MDCR_EPMAD | MDCR_EDAD | MDCR_SPME | MDCR_SPD)
+#define SDCR_VALID_MASK (MDCR_MTPME | MDCR_TDCC | MDCR_SCCD | \
+ MDCR_EPMAD | MDCR_EDAD | MDCR_TTRF | \
+ MDCR_STE | MDCR_SPME | MDCR_SPD)
#define CPSR_M (0x1fU)
#define CPSR_T (1U << 5)
diff --git a/target/arm/cpu64.c b/target/arm/cpu64.c
index e6314e8..85e0d1d 100644
--- a/target/arm/cpu64.c
+++ b/target/arm/cpu64.c
@@ -116,313 +116,6 @@
define_cortex_a72_a57_a53_cp_reginfo(cpu);
}
-static void aarch64_a57_initfn(Object *obj)
-{
- ARMCPU *cpu = ARM_CPU(obj);
-
- cpu->dtb_compatible = "arm,cortex-a57";
- set_feature(&cpu->env, ARM_FEATURE_V8);
- set_feature(&cpu->env, ARM_FEATURE_NEON);
- set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
- set_feature(&cpu->env, ARM_FEATURE_AARCH64);
- set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
- set_feature(&cpu->env, ARM_FEATURE_EL2);
- set_feature(&cpu->env, ARM_FEATURE_EL3);
- set_feature(&cpu->env, ARM_FEATURE_PMU);
- cpu->kvm_target = QEMU_KVM_ARM_TARGET_CORTEX_A57;
- cpu->midr = 0x411fd070;
- cpu->revidr = 0x00000000;
- cpu->reset_fpsid = 0x41034070;
- cpu->isar.mvfr0 = 0x10110222;
- cpu->isar.mvfr1 = 0x12111111;
- cpu->isar.mvfr2 = 0x00000043;
- cpu->ctr = 0x8444c004;
- cpu->reset_sctlr = 0x00c50838;
- cpu->isar.id_pfr0 = 0x00000131;
- cpu->isar.id_pfr1 = 0x00011011;
- cpu->isar.id_dfr0 = 0x03010066;
- cpu->id_afr0 = 0x00000000;
- cpu->isar.id_mmfr0 = 0x10101105;
- cpu->isar.id_mmfr1 = 0x40000000;
- cpu->isar.id_mmfr2 = 0x01260000;
- cpu->isar.id_mmfr3 = 0x02102211;
- cpu->isar.id_isar0 = 0x02101110;
- cpu->isar.id_isar1 = 0x13112111;
- cpu->isar.id_isar2 = 0x21232042;
- cpu->isar.id_isar3 = 0x01112131;
- cpu->isar.id_isar4 = 0x00011142;
- cpu->isar.id_isar5 = 0x00011121;
- cpu->isar.id_isar6 = 0;
- cpu->isar.id_aa64pfr0 = 0x00002222;
- cpu->isar.id_aa64dfr0 = 0x10305106;
- cpu->isar.id_aa64isar0 = 0x00011120;
- cpu->isar.id_aa64mmfr0 = 0x00001124;
- cpu->isar.dbgdidr = 0x3516d000;
- cpu->isar.dbgdevid = 0x01110f13;
- cpu->isar.dbgdevid1 = 0x2;
- cpu->isar.reset_pmcr_el0 = 0x41013000;
- cpu->clidr = 0x0a200023;
- cpu->ccsidr[0] = 0x701fe00a; /* 32KB L1 dcache */
- cpu->ccsidr[1] = 0x201fe012; /* 48KB L1 icache */
- cpu->ccsidr[2] = 0x70ffe07a; /* 2048KB L2 cache */
- cpu->dcz_blocksize = 4; /* 64 bytes */
- cpu->gic_num_lrs = 4;
- cpu->gic_vpribits = 5;
- cpu->gic_vprebits = 5;
- cpu->gic_pribits = 5;
- define_cortex_a72_a57_a53_cp_reginfo(cpu);
-}
-
-static void aarch64_a53_initfn(Object *obj)
-{
- ARMCPU *cpu = ARM_CPU(obj);
-
- cpu->dtb_compatible = "arm,cortex-a53";
- set_feature(&cpu->env, ARM_FEATURE_V8);
- set_feature(&cpu->env, ARM_FEATURE_NEON);
- set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
- set_feature(&cpu->env, ARM_FEATURE_AARCH64);
- set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
- set_feature(&cpu->env, ARM_FEATURE_EL2);
- set_feature(&cpu->env, ARM_FEATURE_EL3);
- set_feature(&cpu->env, ARM_FEATURE_PMU);
- cpu->kvm_target = QEMU_KVM_ARM_TARGET_CORTEX_A53;
- cpu->midr = 0x410fd034;
- cpu->revidr = 0x00000000;
- cpu->reset_fpsid = 0x41034070;
- cpu->isar.mvfr0 = 0x10110222;
- cpu->isar.mvfr1 = 0x12111111;
- cpu->isar.mvfr2 = 0x00000043;
- cpu->ctr = 0x84448004; /* L1Ip = VIPT */
- cpu->reset_sctlr = 0x00c50838;
- cpu->isar.id_pfr0 = 0x00000131;
- cpu->isar.id_pfr1 = 0x00011011;
- cpu->isar.id_dfr0 = 0x03010066;
- cpu->id_afr0 = 0x00000000;
- cpu->isar.id_mmfr0 = 0x10101105;
- cpu->isar.id_mmfr1 = 0x40000000;
- cpu->isar.id_mmfr2 = 0x01260000;
- cpu->isar.id_mmfr3 = 0x02102211;
- cpu->isar.id_isar0 = 0x02101110;
- cpu->isar.id_isar1 = 0x13112111;
- cpu->isar.id_isar2 = 0x21232042;
- cpu->isar.id_isar3 = 0x01112131;
- cpu->isar.id_isar4 = 0x00011142;
- cpu->isar.id_isar5 = 0x00011121;
- cpu->isar.id_isar6 = 0;
- cpu->isar.id_aa64pfr0 = 0x00002222;
- cpu->isar.id_aa64dfr0 = 0x10305106;
- cpu->isar.id_aa64isar0 = 0x00011120;
- cpu->isar.id_aa64mmfr0 = 0x00001122; /* 40 bit physical addr */
- cpu->isar.dbgdidr = 0x3516d000;
- cpu->isar.dbgdevid = 0x00110f13;
- cpu->isar.dbgdevid1 = 0x1;
- cpu->isar.reset_pmcr_el0 = 0x41033000;
- cpu->clidr = 0x0a200023;
- cpu->ccsidr[0] = 0x700fe01a; /* 32KB L1 dcache */
- cpu->ccsidr[1] = 0x201fe00a; /* 32KB L1 icache */
- cpu->ccsidr[2] = 0x707fe07a; /* 1024KB L2 cache */
- cpu->dcz_blocksize = 4; /* 64 bytes */
- cpu->gic_num_lrs = 4;
- cpu->gic_vpribits = 5;
- cpu->gic_vprebits = 5;
- cpu->gic_pribits = 5;
- define_cortex_a72_a57_a53_cp_reginfo(cpu);
-}
-
-static void aarch64_a72_initfn(Object *obj)
-{
- ARMCPU *cpu = ARM_CPU(obj);
-
- cpu->dtb_compatible = "arm,cortex-a72";
- set_feature(&cpu->env, ARM_FEATURE_V8);
- set_feature(&cpu->env, ARM_FEATURE_NEON);
- set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
- set_feature(&cpu->env, ARM_FEATURE_AARCH64);
- set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
- set_feature(&cpu->env, ARM_FEATURE_EL2);
- set_feature(&cpu->env, ARM_FEATURE_EL3);
- set_feature(&cpu->env, ARM_FEATURE_PMU);
- cpu->midr = 0x410fd083;
- cpu->revidr = 0x00000000;
- cpu->reset_fpsid = 0x41034080;
- cpu->isar.mvfr0 = 0x10110222;
- cpu->isar.mvfr1 = 0x12111111;
- cpu->isar.mvfr2 = 0x00000043;
- cpu->ctr = 0x8444c004;
- cpu->reset_sctlr = 0x00c50838;
- cpu->isar.id_pfr0 = 0x00000131;
- cpu->isar.id_pfr1 = 0x00011011;
- cpu->isar.id_dfr0 = 0x03010066;
- cpu->id_afr0 = 0x00000000;
- cpu->isar.id_mmfr0 = 0x10201105;
- cpu->isar.id_mmfr1 = 0x40000000;
- cpu->isar.id_mmfr2 = 0x01260000;
- cpu->isar.id_mmfr3 = 0x02102211;
- cpu->isar.id_isar0 = 0x02101110;
- cpu->isar.id_isar1 = 0x13112111;
- cpu->isar.id_isar2 = 0x21232042;
- cpu->isar.id_isar3 = 0x01112131;
- cpu->isar.id_isar4 = 0x00011142;
- cpu->isar.id_isar5 = 0x00011121;
- cpu->isar.id_aa64pfr0 = 0x00002222;
- cpu->isar.id_aa64dfr0 = 0x10305106;
- cpu->isar.id_aa64isar0 = 0x00011120;
- cpu->isar.id_aa64mmfr0 = 0x00001124;
- cpu->isar.dbgdidr = 0x3516d000;
- cpu->isar.dbgdevid = 0x01110f13;
- cpu->isar.dbgdevid1 = 0x2;
- cpu->isar.reset_pmcr_el0 = 0x41023000;
- cpu->clidr = 0x0a200023;
- cpu->ccsidr[0] = 0x701fe00a; /* 32KB L1 dcache */
- cpu->ccsidr[1] = 0x201fe012; /* 48KB L1 icache */
- cpu->ccsidr[2] = 0x707fe07a; /* 1MB L2 cache */
- cpu->dcz_blocksize = 4; /* 64 bytes */
- cpu->gic_num_lrs = 4;
- cpu->gic_vpribits = 5;
- cpu->gic_vprebits = 5;
- cpu->gic_pribits = 5;
- define_cortex_a72_a57_a53_cp_reginfo(cpu);
-}
-
-static void aarch64_a76_initfn(Object *obj)
-{
- ARMCPU *cpu = ARM_CPU(obj);
-
- cpu->dtb_compatible = "arm,cortex-a76";
- set_feature(&cpu->env, ARM_FEATURE_V8);
- set_feature(&cpu->env, ARM_FEATURE_NEON);
- set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
- set_feature(&cpu->env, ARM_FEATURE_AARCH64);
- set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
- set_feature(&cpu->env, ARM_FEATURE_EL2);
- set_feature(&cpu->env, ARM_FEATURE_EL3);
- set_feature(&cpu->env, ARM_FEATURE_PMU);
-
- /* Ordered by B2.4 AArch64 registers by functional group */
- cpu->clidr = 0x82000023;
- cpu->ctr = 0x8444C004;
- cpu->dcz_blocksize = 4;
- cpu->isar.id_aa64dfr0 = 0x0000000010305408ull;
- cpu->isar.id_aa64isar0 = 0x0000100010211120ull;
- cpu->isar.id_aa64isar1 = 0x0000000000100001ull;
- cpu->isar.id_aa64mmfr0 = 0x0000000000101122ull;
- cpu->isar.id_aa64mmfr1 = 0x0000000010212122ull;
- cpu->isar.id_aa64mmfr2 = 0x0000000000001011ull;
- cpu->isar.id_aa64pfr0 = 0x1100000010111112ull; /* GIC filled in later */
- cpu->isar.id_aa64pfr1 = 0x0000000000000010ull;
- cpu->id_afr0 = 0x00000000;
- cpu->isar.id_dfr0 = 0x04010088;
- cpu->isar.id_isar0 = 0x02101110;
- cpu->isar.id_isar1 = 0x13112111;
- cpu->isar.id_isar2 = 0x21232042;
- cpu->isar.id_isar3 = 0x01112131;
- cpu->isar.id_isar4 = 0x00010142;
- cpu->isar.id_isar5 = 0x01011121;
- cpu->isar.id_isar6 = 0x00000010;
- cpu->isar.id_mmfr0 = 0x10201105;
- cpu->isar.id_mmfr1 = 0x40000000;
- cpu->isar.id_mmfr2 = 0x01260000;
- cpu->isar.id_mmfr3 = 0x02122211;
- cpu->isar.id_mmfr4 = 0x00021110;
- cpu->isar.id_pfr0 = 0x10010131;
- cpu->isar.id_pfr1 = 0x00010000; /* GIC filled in later */
- cpu->isar.id_pfr2 = 0x00000011;
- cpu->midr = 0x414fd0b1; /* r4p1 */
- cpu->revidr = 0;
-
- /* From B2.18 CCSIDR_EL1 */
- cpu->ccsidr[0] = 0x701fe01a; /* 64KB L1 dcache */
- cpu->ccsidr[1] = 0x201fe01a; /* 64KB L1 icache */
- cpu->ccsidr[2] = 0x707fe03a; /* 512KB L2 cache */
-
- /* From B2.93 SCTLR_EL3 */
- cpu->reset_sctlr = 0x30c50838;
-
- /* From B4.23 ICH_VTR_EL2 */
- cpu->gic_num_lrs = 4;
- cpu->gic_vpribits = 5;
- cpu->gic_vprebits = 5;
- cpu->gic_pribits = 5;
-
- /* From B5.1 AdvSIMD AArch64 register summary */
- cpu->isar.mvfr0 = 0x10110222;
- cpu->isar.mvfr1 = 0x13211111;
- cpu->isar.mvfr2 = 0x00000043;
-
- /* From D5.1 AArch64 PMU register summary */
- cpu->isar.reset_pmcr_el0 = 0x410b3000;
-}
-
-static void aarch64_neoverse_n1_initfn(Object *obj)
-{
- ARMCPU *cpu = ARM_CPU(obj);
-
- cpu->dtb_compatible = "arm,neoverse-n1";
- set_feature(&cpu->env, ARM_FEATURE_V8);
- set_feature(&cpu->env, ARM_FEATURE_NEON);
- set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
- set_feature(&cpu->env, ARM_FEATURE_AARCH64);
- set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
- set_feature(&cpu->env, ARM_FEATURE_EL2);
- set_feature(&cpu->env, ARM_FEATURE_EL3);
- set_feature(&cpu->env, ARM_FEATURE_PMU);
-
- /* Ordered by B2.4 AArch64 registers by functional group */
- cpu->clidr = 0x82000023;
- cpu->ctr = 0x8444c004;
- cpu->dcz_blocksize = 4;
- cpu->isar.id_aa64dfr0 = 0x0000000110305408ull;
- cpu->isar.id_aa64isar0 = 0x0000100010211120ull;
- cpu->isar.id_aa64isar1 = 0x0000000000100001ull;
- cpu->isar.id_aa64mmfr0 = 0x0000000000101125ull;
- cpu->isar.id_aa64mmfr1 = 0x0000000010212122ull;
- cpu->isar.id_aa64mmfr2 = 0x0000000000001011ull;
- cpu->isar.id_aa64pfr0 = 0x1100000010111112ull; /* GIC filled in later */
- cpu->isar.id_aa64pfr1 = 0x0000000000000020ull;
- cpu->id_afr0 = 0x00000000;
- cpu->isar.id_dfr0 = 0x04010088;
- cpu->isar.id_isar0 = 0x02101110;
- cpu->isar.id_isar1 = 0x13112111;
- cpu->isar.id_isar2 = 0x21232042;
- cpu->isar.id_isar3 = 0x01112131;
- cpu->isar.id_isar4 = 0x00010142;
- cpu->isar.id_isar5 = 0x01011121;
- cpu->isar.id_isar6 = 0x00000010;
- cpu->isar.id_mmfr0 = 0x10201105;
- cpu->isar.id_mmfr1 = 0x40000000;
- cpu->isar.id_mmfr2 = 0x01260000;
- cpu->isar.id_mmfr3 = 0x02122211;
- cpu->isar.id_mmfr4 = 0x00021110;
- cpu->isar.id_pfr0 = 0x10010131;
- cpu->isar.id_pfr1 = 0x00010000; /* GIC filled in later */
- cpu->isar.id_pfr2 = 0x00000011;
- cpu->midr = 0x414fd0c1; /* r4p1 */
- cpu->revidr = 0;
-
- /* From B2.23 CCSIDR_EL1 */
- cpu->ccsidr[0] = 0x701fe01a; /* 64KB L1 dcache */
- cpu->ccsidr[1] = 0x201fe01a; /* 64KB L1 icache */
- cpu->ccsidr[2] = 0x70ffe03a; /* 1MB L2 cache */
-
- /* From B2.98 SCTLR_EL3 */
- cpu->reset_sctlr = 0x30c50838;
-
- /* From B4.23 ICH_VTR_EL2 */
- cpu->gic_num_lrs = 4;
- cpu->gic_vpribits = 5;
- cpu->gic_vprebits = 5;
- cpu->gic_pribits = 5;
-
- /* From B5.1 AdvSIMD AArch64 register summary */
- cpu->isar.mvfr0 = 0x10110222;
- cpu->isar.mvfr1 = 0x13211111;
- cpu->isar.mvfr2 = 0x00000043;
-
- /* From D5.1 AArch64 PMU register summary */
- cpu->isar.reset_pmcr_el0 = 0x410c3000;
-}
-
void arm_cpu_sve_finalize(ARMCPU *cpu, Error **errp)
{
/*
@@ -985,6 +678,362 @@
cpu->isar.id_aa64mmfr0 = t;
}
+static void aarch64_a57_initfn(Object *obj)
+{
+ ARMCPU *cpu = ARM_CPU(obj);
+
+ cpu->dtb_compatible = "arm,cortex-a57";
+ set_feature(&cpu->env, ARM_FEATURE_V8);
+ set_feature(&cpu->env, ARM_FEATURE_NEON);
+ set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
+ set_feature(&cpu->env, ARM_FEATURE_AARCH64);
+ set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
+ set_feature(&cpu->env, ARM_FEATURE_EL2);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
+ cpu->kvm_target = QEMU_KVM_ARM_TARGET_CORTEX_A57;
+ cpu->midr = 0x411fd070;
+ cpu->revidr = 0x00000000;
+ cpu->reset_fpsid = 0x41034070;
+ cpu->isar.mvfr0 = 0x10110222;
+ cpu->isar.mvfr1 = 0x12111111;
+ cpu->isar.mvfr2 = 0x00000043;
+ cpu->ctr = 0x8444c004;
+ cpu->reset_sctlr = 0x00c50838;
+ cpu->isar.id_pfr0 = 0x00000131;
+ cpu->isar.id_pfr1 = 0x00011011;
+ cpu->isar.id_dfr0 = 0x03010066;
+ cpu->id_afr0 = 0x00000000;
+ cpu->isar.id_mmfr0 = 0x10101105;
+ cpu->isar.id_mmfr1 = 0x40000000;
+ cpu->isar.id_mmfr2 = 0x01260000;
+ cpu->isar.id_mmfr3 = 0x02102211;
+ cpu->isar.id_isar0 = 0x02101110;
+ cpu->isar.id_isar1 = 0x13112111;
+ cpu->isar.id_isar2 = 0x21232042;
+ cpu->isar.id_isar3 = 0x01112131;
+ cpu->isar.id_isar4 = 0x00011142;
+ cpu->isar.id_isar5 = 0x00011121;
+ cpu->isar.id_isar6 = 0;
+ cpu->isar.id_aa64pfr0 = 0x00002222;
+ cpu->isar.id_aa64dfr0 = 0x10305106;
+ cpu->isar.id_aa64isar0 = 0x00011120;
+ cpu->isar.id_aa64mmfr0 = 0x00001124;
+ cpu->isar.dbgdidr = 0x3516d000;
+ cpu->isar.dbgdevid = 0x01110f13;
+ cpu->isar.dbgdevid1 = 0x2;
+ cpu->isar.reset_pmcr_el0 = 0x41013000;
+ cpu->clidr = 0x0a200023;
+ cpu->ccsidr[0] = 0x701fe00a; /* 32KB L1 dcache */
+ cpu->ccsidr[1] = 0x201fe012; /* 48KB L1 icache */
+ cpu->ccsidr[2] = 0x70ffe07a; /* 2048KB L2 cache */
+ cpu->dcz_blocksize = 4; /* 64 bytes */
+ cpu->gic_num_lrs = 4;
+ cpu->gic_vpribits = 5;
+ cpu->gic_vprebits = 5;
+ cpu->gic_pribits = 5;
+ define_cortex_a72_a57_a53_cp_reginfo(cpu);
+}
+
+static void aarch64_a53_initfn(Object *obj)
+{
+ ARMCPU *cpu = ARM_CPU(obj);
+
+ cpu->dtb_compatible = "arm,cortex-a53";
+ set_feature(&cpu->env, ARM_FEATURE_V8);
+ set_feature(&cpu->env, ARM_FEATURE_NEON);
+ set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
+ set_feature(&cpu->env, ARM_FEATURE_AARCH64);
+ set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
+ set_feature(&cpu->env, ARM_FEATURE_EL2);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
+ cpu->kvm_target = QEMU_KVM_ARM_TARGET_CORTEX_A53;
+ cpu->midr = 0x410fd034;
+ cpu->revidr = 0x00000000;
+ cpu->reset_fpsid = 0x41034070;
+ cpu->isar.mvfr0 = 0x10110222;
+ cpu->isar.mvfr1 = 0x12111111;
+ cpu->isar.mvfr2 = 0x00000043;
+ cpu->ctr = 0x84448004; /* L1Ip = VIPT */
+ cpu->reset_sctlr = 0x00c50838;
+ cpu->isar.id_pfr0 = 0x00000131;
+ cpu->isar.id_pfr1 = 0x00011011;
+ cpu->isar.id_dfr0 = 0x03010066;
+ cpu->id_afr0 = 0x00000000;
+ cpu->isar.id_mmfr0 = 0x10101105;
+ cpu->isar.id_mmfr1 = 0x40000000;
+ cpu->isar.id_mmfr2 = 0x01260000;
+ cpu->isar.id_mmfr3 = 0x02102211;
+ cpu->isar.id_isar0 = 0x02101110;
+ cpu->isar.id_isar1 = 0x13112111;
+ cpu->isar.id_isar2 = 0x21232042;
+ cpu->isar.id_isar3 = 0x01112131;
+ cpu->isar.id_isar4 = 0x00011142;
+ cpu->isar.id_isar5 = 0x00011121;
+ cpu->isar.id_isar6 = 0;
+ cpu->isar.id_aa64pfr0 = 0x00002222;
+ cpu->isar.id_aa64dfr0 = 0x10305106;
+ cpu->isar.id_aa64isar0 = 0x00011120;
+ cpu->isar.id_aa64mmfr0 = 0x00001122; /* 40 bit physical addr */
+ cpu->isar.dbgdidr = 0x3516d000;
+ cpu->isar.dbgdevid = 0x00110f13;
+ cpu->isar.dbgdevid1 = 0x1;
+ cpu->isar.reset_pmcr_el0 = 0x41033000;
+ cpu->clidr = 0x0a200023;
+ cpu->ccsidr[0] = 0x700fe01a; /* 32KB L1 dcache */
+ cpu->ccsidr[1] = 0x201fe00a; /* 32KB L1 icache */
+ cpu->ccsidr[2] = 0x707fe07a; /* 1024KB L2 cache */
+ cpu->dcz_blocksize = 4; /* 64 bytes */
+ cpu->gic_num_lrs = 4;
+ cpu->gic_vpribits = 5;
+ cpu->gic_vprebits = 5;
+ cpu->gic_pribits = 5;
+ define_cortex_a72_a57_a53_cp_reginfo(cpu);
+}
+
+static void aarch64_a72_initfn(Object *obj)
+{
+ ARMCPU *cpu = ARM_CPU(obj);
+
+ cpu->dtb_compatible = "arm,cortex-a72";
+ set_feature(&cpu->env, ARM_FEATURE_V8);
+ set_feature(&cpu->env, ARM_FEATURE_NEON);
+ set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
+ set_feature(&cpu->env, ARM_FEATURE_AARCH64);
+ set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
+ set_feature(&cpu->env, ARM_FEATURE_EL2);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
+ cpu->midr = 0x410fd083;
+ cpu->revidr = 0x00000000;
+ cpu->reset_fpsid = 0x41034080;
+ cpu->isar.mvfr0 = 0x10110222;
+ cpu->isar.mvfr1 = 0x12111111;
+ cpu->isar.mvfr2 = 0x00000043;
+ cpu->ctr = 0x8444c004;
+ cpu->reset_sctlr = 0x00c50838;
+ cpu->isar.id_pfr0 = 0x00000131;
+ cpu->isar.id_pfr1 = 0x00011011;
+ cpu->isar.id_dfr0 = 0x03010066;
+ cpu->id_afr0 = 0x00000000;
+ cpu->isar.id_mmfr0 = 0x10201105;
+ cpu->isar.id_mmfr1 = 0x40000000;
+ cpu->isar.id_mmfr2 = 0x01260000;
+ cpu->isar.id_mmfr3 = 0x02102211;
+ cpu->isar.id_isar0 = 0x02101110;
+ cpu->isar.id_isar1 = 0x13112111;
+ cpu->isar.id_isar2 = 0x21232042;
+ cpu->isar.id_isar3 = 0x01112131;
+ cpu->isar.id_isar4 = 0x00011142;
+ cpu->isar.id_isar5 = 0x00011121;
+ cpu->isar.id_aa64pfr0 = 0x00002222;
+ cpu->isar.id_aa64dfr0 = 0x10305106;
+ cpu->isar.id_aa64isar0 = 0x00011120;
+ cpu->isar.id_aa64mmfr0 = 0x00001124;
+ cpu->isar.dbgdidr = 0x3516d000;
+ cpu->isar.dbgdevid = 0x01110f13;
+ cpu->isar.dbgdevid1 = 0x2;
+ cpu->isar.reset_pmcr_el0 = 0x41023000;
+ cpu->clidr = 0x0a200023;
+ cpu->ccsidr[0] = 0x701fe00a; /* 32KB L1 dcache */
+ cpu->ccsidr[1] = 0x201fe012; /* 48KB L1 icache */
+ cpu->ccsidr[2] = 0x707fe07a; /* 1MB L2 cache */
+ cpu->dcz_blocksize = 4; /* 64 bytes */
+ cpu->gic_num_lrs = 4;
+ cpu->gic_vpribits = 5;
+ cpu->gic_vprebits = 5;
+ cpu->gic_pribits = 5;
+ define_cortex_a72_a57_a53_cp_reginfo(cpu);
+}
+
+static void aarch64_a76_initfn(Object *obj)
+{
+ ARMCPU *cpu = ARM_CPU(obj);
+
+ cpu->dtb_compatible = "arm,cortex-a76";
+ set_feature(&cpu->env, ARM_FEATURE_V8);
+ set_feature(&cpu->env, ARM_FEATURE_NEON);
+ set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
+ set_feature(&cpu->env, ARM_FEATURE_AARCH64);
+ set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
+ set_feature(&cpu->env, ARM_FEATURE_EL2);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
+
+ /* Ordered by B2.4 AArch64 registers by functional group */
+ cpu->clidr = 0x82000023;
+ cpu->ctr = 0x8444C004;
+ cpu->dcz_blocksize = 4;
+ cpu->isar.id_aa64dfr0 = 0x0000000010305408ull;
+ cpu->isar.id_aa64isar0 = 0x0000100010211120ull;
+ cpu->isar.id_aa64isar1 = 0x0000000000100001ull;
+ cpu->isar.id_aa64mmfr0 = 0x0000000000101122ull;
+ cpu->isar.id_aa64mmfr1 = 0x0000000010212122ull;
+ cpu->isar.id_aa64mmfr2 = 0x0000000000001011ull;
+ cpu->isar.id_aa64pfr0 = 0x1100000010111112ull; /* GIC filled in later */
+ cpu->isar.id_aa64pfr1 = 0x0000000000000010ull;
+ cpu->id_afr0 = 0x00000000;
+ cpu->isar.id_dfr0 = 0x04010088;
+ cpu->isar.id_isar0 = 0x02101110;
+ cpu->isar.id_isar1 = 0x13112111;
+ cpu->isar.id_isar2 = 0x21232042;
+ cpu->isar.id_isar3 = 0x01112131;
+ cpu->isar.id_isar4 = 0x00010142;
+ cpu->isar.id_isar5 = 0x01011121;
+ cpu->isar.id_isar6 = 0x00000010;
+ cpu->isar.id_mmfr0 = 0x10201105;
+ cpu->isar.id_mmfr1 = 0x40000000;
+ cpu->isar.id_mmfr2 = 0x01260000;
+ cpu->isar.id_mmfr3 = 0x02122211;
+ cpu->isar.id_mmfr4 = 0x00021110;
+ cpu->isar.id_pfr0 = 0x10010131;
+ cpu->isar.id_pfr1 = 0x00010000; /* GIC filled in later */
+ cpu->isar.id_pfr2 = 0x00000011;
+ cpu->midr = 0x414fd0b1; /* r4p1 */
+ cpu->revidr = 0;
+
+ /* From B2.18 CCSIDR_EL1 */
+ cpu->ccsidr[0] = 0x701fe01a; /* 64KB L1 dcache */
+ cpu->ccsidr[1] = 0x201fe01a; /* 64KB L1 icache */
+ cpu->ccsidr[2] = 0x707fe03a; /* 512KB L2 cache */
+
+ /* From B2.93 SCTLR_EL3 */
+ cpu->reset_sctlr = 0x30c50838;
+
+ /* From B4.23 ICH_VTR_EL2 */
+ cpu->gic_num_lrs = 4;
+ cpu->gic_vpribits = 5;
+ cpu->gic_vprebits = 5;
+ cpu->gic_pribits = 5;
+
+ /* From B5.1 AdvSIMD AArch64 register summary */
+ cpu->isar.mvfr0 = 0x10110222;
+ cpu->isar.mvfr1 = 0x13211111;
+ cpu->isar.mvfr2 = 0x00000043;
+
+ /* From D5.1 AArch64 PMU register summary */
+ cpu->isar.reset_pmcr_el0 = 0x410b3000;
+}
+
+static void aarch64_a64fx_initfn(Object *obj)
+{
+ ARMCPU *cpu = ARM_CPU(obj);
+
+ cpu->dtb_compatible = "arm,a64fx";
+ set_feature(&cpu->env, ARM_FEATURE_V8);
+ set_feature(&cpu->env, ARM_FEATURE_NEON);
+ set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
+ set_feature(&cpu->env, ARM_FEATURE_AARCH64);
+ set_feature(&cpu->env, ARM_FEATURE_EL2);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
+ cpu->midr = 0x461f0010;
+ cpu->revidr = 0x00000000;
+ cpu->ctr = 0x86668006;
+ cpu->reset_sctlr = 0x30000180;
+ cpu->isar.id_aa64pfr0 = 0x0000000101111111; /* No RAS Extensions */
+ cpu->isar.id_aa64pfr1 = 0x0000000000000000;
+ cpu->isar.id_aa64dfr0 = 0x0000000010305408;
+ cpu->isar.id_aa64dfr1 = 0x0000000000000000;
+ cpu->id_aa64afr0 = 0x0000000000000000;
+ cpu->id_aa64afr1 = 0x0000000000000000;
+ cpu->isar.id_aa64mmfr0 = 0x0000000000001122;
+ cpu->isar.id_aa64mmfr1 = 0x0000000011212100;
+ cpu->isar.id_aa64mmfr2 = 0x0000000000001011;
+ cpu->isar.id_aa64isar0 = 0x0000000010211120;
+ cpu->isar.id_aa64isar1 = 0x0000000000010001;
+ cpu->isar.id_aa64zfr0 = 0x0000000000000000;
+ cpu->clidr = 0x0000000080000023;
+ cpu->ccsidr[0] = 0x7007e01c; /* 64KB L1 dcache */
+ cpu->ccsidr[1] = 0x2007e01c; /* 64KB L1 icache */
+ cpu->ccsidr[2] = 0x70ffe07c; /* 8MB L2 cache */
+ cpu->dcz_blocksize = 6; /* 256 bytes */
+ cpu->gic_num_lrs = 4;
+ cpu->gic_vpribits = 5;
+ cpu->gic_vprebits = 5;
+ cpu->gic_pribits = 5;
+
+ /* The A64FX supports only 128, 256 and 512 bit vector lengths */
+ aarch64_add_sve_properties(obj);
+ cpu->sve_vq.supported = (1 << 0) /* 128bit */
+ | (1 << 1) /* 256bit */
+ | (1 << 3); /* 512bit */
+
+ cpu->isar.reset_pmcr_el0 = 0x46014040;
+
+ /* TODO: Add A64FX specific HPC extension registers */
+}
+
+static void aarch64_neoverse_n1_initfn(Object *obj)
+{
+ ARMCPU *cpu = ARM_CPU(obj);
+
+ cpu->dtb_compatible = "arm,neoverse-n1";
+ set_feature(&cpu->env, ARM_FEATURE_V8);
+ set_feature(&cpu->env, ARM_FEATURE_NEON);
+ set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
+ set_feature(&cpu->env, ARM_FEATURE_AARCH64);
+ set_feature(&cpu->env, ARM_FEATURE_CBAR_RO);
+ set_feature(&cpu->env, ARM_FEATURE_EL2);
+ set_feature(&cpu->env, ARM_FEATURE_EL3);
+ set_feature(&cpu->env, ARM_FEATURE_PMU);
+
+ /* Ordered by B2.4 AArch64 registers by functional group */
+ cpu->clidr = 0x82000023;
+ cpu->ctr = 0x8444c004;
+ cpu->dcz_blocksize = 4;
+ cpu->isar.id_aa64dfr0 = 0x0000000110305408ull;
+ cpu->isar.id_aa64isar0 = 0x0000100010211120ull;
+ cpu->isar.id_aa64isar1 = 0x0000000000100001ull;
+ cpu->isar.id_aa64mmfr0 = 0x0000000000101125ull;
+ cpu->isar.id_aa64mmfr1 = 0x0000000010212122ull;
+ cpu->isar.id_aa64mmfr2 = 0x0000000000001011ull;
+ cpu->isar.id_aa64pfr0 = 0x1100000010111112ull; /* GIC filled in later */
+ cpu->isar.id_aa64pfr1 = 0x0000000000000020ull;
+ cpu->id_afr0 = 0x00000000;
+ cpu->isar.id_dfr0 = 0x04010088;
+ cpu->isar.id_isar0 = 0x02101110;
+ cpu->isar.id_isar1 = 0x13112111;
+ cpu->isar.id_isar2 = 0x21232042;
+ cpu->isar.id_isar3 = 0x01112131;
+ cpu->isar.id_isar4 = 0x00010142;
+ cpu->isar.id_isar5 = 0x01011121;
+ cpu->isar.id_isar6 = 0x00000010;
+ cpu->isar.id_mmfr0 = 0x10201105;
+ cpu->isar.id_mmfr1 = 0x40000000;
+ cpu->isar.id_mmfr2 = 0x01260000;
+ cpu->isar.id_mmfr3 = 0x02122211;
+ cpu->isar.id_mmfr4 = 0x00021110;
+ cpu->isar.id_pfr0 = 0x10010131;
+ cpu->isar.id_pfr1 = 0x00010000; /* GIC filled in later */
+ cpu->isar.id_pfr2 = 0x00000011;
+ cpu->midr = 0x414fd0c1; /* r4p1 */
+ cpu->revidr = 0;
+
+ /* From B2.23 CCSIDR_EL1 */
+ cpu->ccsidr[0] = 0x701fe01a; /* 64KB L1 dcache */
+ cpu->ccsidr[1] = 0x201fe01a; /* 64KB L1 icache */
+ cpu->ccsidr[2] = 0x70ffe03a; /* 1MB L2 cache */
+
+ /* From B2.98 SCTLR_EL3 */
+ cpu->reset_sctlr = 0x30c50838;
+
+ /* From B4.23 ICH_VTR_EL2 */
+ cpu->gic_num_lrs = 4;
+ cpu->gic_vpribits = 5;
+ cpu->gic_vprebits = 5;
+ cpu->gic_pribits = 5;
+
+ /* From B5.1 AdvSIMD AArch64 register summary */
+ cpu->isar.mvfr0 = 0x10110222;
+ cpu->isar.mvfr1 = 0x13211111;
+ cpu->isar.mvfr2 = 0x00000043;
+
+ /* From D5.1 AArch64 PMU register summary */
+ cpu->isar.reset_pmcr_el0 = 0x410c3000;
+}
+
static void aarch64_host_initfn(Object *obj)
{
#if defined(CONFIG_KVM)
@@ -1188,55 +1237,6 @@
qdev_property_add_static(DEVICE(obj), &arm_cpu_lpa2_property);
}
-static void aarch64_a64fx_initfn(Object *obj)
-{
- ARMCPU *cpu = ARM_CPU(obj);
-
- cpu->dtb_compatible = "arm,a64fx";
- set_feature(&cpu->env, ARM_FEATURE_V8);
- set_feature(&cpu->env, ARM_FEATURE_NEON);
- set_feature(&cpu->env, ARM_FEATURE_GENERIC_TIMER);
- set_feature(&cpu->env, ARM_FEATURE_AARCH64);
- set_feature(&cpu->env, ARM_FEATURE_EL2);
- set_feature(&cpu->env, ARM_FEATURE_EL3);
- set_feature(&cpu->env, ARM_FEATURE_PMU);
- cpu->midr = 0x461f0010;
- cpu->revidr = 0x00000000;
- cpu->ctr = 0x86668006;
- cpu->reset_sctlr = 0x30000180;
- cpu->isar.id_aa64pfr0 = 0x0000000101111111; /* No RAS Extensions */
- cpu->isar.id_aa64pfr1 = 0x0000000000000000;
- cpu->isar.id_aa64dfr0 = 0x0000000010305408;
- cpu->isar.id_aa64dfr1 = 0x0000000000000000;
- cpu->id_aa64afr0 = 0x0000000000000000;
- cpu->id_aa64afr1 = 0x0000000000000000;
- cpu->isar.id_aa64mmfr0 = 0x0000000000001122;
- cpu->isar.id_aa64mmfr1 = 0x0000000011212100;
- cpu->isar.id_aa64mmfr2 = 0x0000000000001011;
- cpu->isar.id_aa64isar0 = 0x0000000010211120;
- cpu->isar.id_aa64isar1 = 0x0000000000010001;
- cpu->isar.id_aa64zfr0 = 0x0000000000000000;
- cpu->clidr = 0x0000000080000023;
- cpu->ccsidr[0] = 0x7007e01c; /* 64KB L1 dcache */
- cpu->ccsidr[1] = 0x2007e01c; /* 64KB L1 icache */
- cpu->ccsidr[2] = 0x70ffe07c; /* 8MB L2 cache */
- cpu->dcz_blocksize = 6; /* 256 bytes */
- cpu->gic_num_lrs = 4;
- cpu->gic_vpribits = 5;
- cpu->gic_vprebits = 5;
- cpu->gic_pribits = 5;
-
- /* The A64FX supports only 128, 256 and 512 bit vector lengths */
- aarch64_add_sve_properties(obj);
- cpu->sve_vq.supported = (1 << 0) /* 128bit */
- | (1 << 1) /* 256bit */
- | (1 << 3); /* 512bit */
-
- cpu->isar.reset_pmcr_el0 = 0x46014040;
-
- /* TODO: Add A64FX specific HPC extension registers */
-}
-
static const ARMCPUInfo aarch64_cpus[] = {
{ .name = "cortex-a35", .initfn = aarch64_a35_initfn },
{ .name = "cortex-a57", .initfn = aarch64_a57_initfn },
diff --git a/target/arm/helper.c b/target/arm/helper.c
index b5dac65..db3b1ea 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1927,12 +1927,12 @@
* or PL0_RO as appropriate and then check PMUSERENR in the helper fn.
*/
{ .name = "PMCNTENSET", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 1,
- .access = PL0_RW, .type = ARM_CP_ALIAS,
+ .access = PL0_RW, .type = ARM_CP_ALIAS | ARM_CP_IO,
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
.writefn = pmcntenset_write,
.accessfn = pmreg_access,
.raw_writefn = raw_write },
- { .name = "PMCNTENSET_EL0", .state = ARM_CP_STATE_AA64,
+ { .name = "PMCNTENSET_EL0", .state = ARM_CP_STATE_AA64, .type = ARM_CP_IO,
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 1,
.access = PL0_RW, .accessfn = pmreg_access,
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten), .resetvalue = 0,
@@ -1942,11 +1942,11 @@
.fieldoffset = offsetoflow32(CPUARMState, cp15.c9_pmcnten),
.accessfn = pmreg_access,
.writefn = pmcntenclr_write,
- .type = ARM_CP_ALIAS },
+ .type = ARM_CP_ALIAS | ARM_CP_IO },
{ .name = "PMCNTENCLR_EL0", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 3, .crn = 9, .crm = 12, .opc2 = 2,
.access = PL0_RW, .accessfn = pmreg_access,
- .type = ARM_CP_ALIAS,
+ .type = ARM_CP_ALIAS | ARM_CP_IO,
.fieldoffset = offsetof(CPUARMState, cp15.c9_pmcnten),
.writefn = pmcntenclr_write },
{ .name = "PMOVSR", .cp = 15, .crn = 9, .crm = 12, .opc1 = 0, .opc2 = 3,
@@ -4756,8 +4756,8 @@
}
}
-static void sdcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
- uint64_t value)
+static void mdcr_el3_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
{
/*
* Some MDCR_EL3 bits affect whether PMU counters are running:
@@ -4769,12 +4769,19 @@
if (pmu_op) {
pmu_op_start(env);
}
- env->cp15.mdcr_el3 = value & SDCR_VALID_MASK;
+ env->cp15.mdcr_el3 = value;
if (pmu_op) {
pmu_op_finish(env);
}
}
+static void sdcr_write(CPUARMState *env, const ARMCPRegInfo *ri,
+ uint64_t value)
+{
+ /* Not all bits defined for MDCR_EL3 exist in the AArch32 SDCR */
+ mdcr_el3_write(env, ri, value & SDCR_VALID_MASK);
+}
+
static void mdcr_el2_write(CPUARMState *env, const ARMCPRegInfo *ri,
uint64_t value)
{
@@ -5081,7 +5088,7 @@
.fieldoffset = offsetof(CPUARMState, sp_el[0]) },
{ .name = "SP_EL1", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 4, .crn = 4, .crm = 1, .opc2 = 0,
- .access = PL2_RW, .type = ARM_CP_ALIAS,
+ .access = PL2_RW, .type = ARM_CP_ALIAS | ARM_CP_EL3_NO_EL2_KEEP,
.fieldoffset = offsetof(CPUARMState, sp_el[1]) },
{ .name = "SPSel", .state = ARM_CP_STATE_AA64,
.opc0 = 3, .opc1 = 0, .crn = 4, .crm = 2, .opc2 = 0,
@@ -5122,10 +5129,13 @@
.access = PL2_RW,
.fieldoffset = offsetof(CPUARMState, banked_spsr[BANK_FIQ]) },
{ .name = "MDCR_EL3", .state = ARM_CP_STATE_AA64,
+ .type = ARM_CP_IO,
.opc0 = 3, .opc1 = 6, .crn = 1, .crm = 3, .opc2 = 1,
.resetvalue = 0,
- .access = PL3_RW, .fieldoffset = offsetof(CPUARMState, cp15.mdcr_el3) },
- { .name = "SDCR", .type = ARM_CP_ALIAS,
+ .access = PL3_RW,
+ .writefn = mdcr_el3_write,
+ .fieldoffset = offsetof(CPUARMState, cp15.mdcr_el3) },
+ { .name = "SDCR", .type = ARM_CP_ALIAS | ARM_CP_IO,
.cp = 15, .opc1 = 0, .crn = 1, .crm = 3, .opc2 = 1,
.access = PL1_RW, .accessfn = access_trap_aa32s_el1,
.writefn = sdcr_write,
@@ -7832,7 +7842,7 @@
* value is MDCR_EL2.HPMN which should reset to the value of PMCR_EL0.N.
*/
ARMCPRegInfo mdcr_el2 = {
- .name = "MDCR_EL2", .state = ARM_CP_STATE_BOTH,
+ .name = "MDCR_EL2", .state = ARM_CP_STATE_BOTH, .type = ARM_CP_IO,
.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 1,
.writefn = mdcr_el2_write,
.access = PL2_RW, .resetvalue = pmu_num_counters(env),
diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
index d11a8c7..fdd23ab 100644
--- a/target/arm/mte_helper.c
+++ b/target/arm/mte_helper.c
@@ -106,7 +106,7 @@
return tags + index;
#else
uintptr_t index;
- CPUIOTLBEntry *iotlbentry;
+ CPUTLBEntryFull *full;
int in_page, flags;
ram_addr_t ptr_ra;
hwaddr ptr_paddr, tag_paddr, xlat;
@@ -129,7 +129,7 @@
assert(!(flags & TLB_INVALID_MASK));
/*
- * Find the iotlbentry for ptr. This *must* be present in the TLB
+ * Find the CPUTLBEntryFull for ptr. This *must* be present in the TLB
* because we just found the mapping.
* TODO: Perhaps there should be a cputlb helper that returns a
* matching tlb entry + iotlb entry.
@@ -144,10 +144,10 @@
g_assert(tlb_hit(comparator, ptr));
}
# endif
- iotlbentry = &env_tlb(env)->d[ptr_mmu_idx].iotlb[index];
+ full = &env_tlb(env)->d[ptr_mmu_idx].fulltlb[index];
/* If the virtual page MemAttr != Tagged, access unchecked. */
- if (!arm_tlb_mte_tagged(&iotlbentry->attrs)) {
+ if (!arm_tlb_mte_tagged(&full->attrs)) {
return NULL;
}
@@ -181,7 +181,7 @@
int wp = ptr_access == MMU_DATA_LOAD ? BP_MEM_READ : BP_MEM_WRITE;
assert(ra != 0);
cpu_check_watchpoint(env_cpu(env), ptr, ptr_size,
- iotlbentry->attrs, wp, ra);
+ full->attrs, wp, ra);
}
/*
@@ -202,11 +202,11 @@
tag_paddr = ptr_paddr >> (LOG2_TAG_GRANULE + 1);
/* Look up the address in tag space. */
- tag_asi = iotlbentry->attrs.secure ? ARMASIdx_TagS : ARMASIdx_TagNS;
+ tag_asi = full->attrs.secure ? ARMASIdx_TagS : ARMASIdx_TagNS;
tag_as = cpu_get_address_space(env_cpu(env), tag_asi);
mr = address_space_translate(tag_as, tag_paddr, &xlat, NULL,
tag_access == MMU_DATA_STORE,
- iotlbentry->attrs);
+ full->attrs);
/*
* Note that @mr will never be NULL. If there is nothing in the address
diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c
index d6f7ef9..9cae8fd 100644
--- a/target/arm/sve_helper.c
+++ b/target/arm/sve_helper.c
@@ -5384,8 +5384,8 @@
g_assert(tlb_hit(comparator, addr));
# endif
- CPUIOTLBEntry *iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
- info->attrs = iotlbentry->attrs;
+ CPUTLBEntryFull *full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
+ info->attrs = full->attrs;
}
#endif
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index 9bed336..78b2d91 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -14624,7 +14624,7 @@
* table entry even for that case.
*/
return (tlb_hit(entry->addr_code, addr) &&
- arm_tlb_bti_gp(&env_tlb(env)->d[mmu_idx].iotlb[index].attrs));
+ arm_tlb_bti_gp(&env_tlb(env)->d[mmu_idx].fulltlb[index].attrs));
#endif
}
diff --git a/target/avr/cpu.c b/target/avr/cpu.c
index 05b992f..0d28611 100644
--- a/target/avr/cpu.c
+++ b/target/avr/cpu.c
@@ -32,6 +32,13 @@
cpu->env.pc_w = value / 2; /* internally PC points to words */
}
+static vaddr avr_cpu_get_pc(CPUState *cs)
+{
+ AVRCPU *cpu = AVR_CPU(cs);
+
+ return cpu->env.pc_w * 2;
+}
+
static bool avr_cpu_has_work(CPUState *cs)
{
AVRCPU *cpu = AVR_CPU(cs);
@@ -47,7 +54,7 @@
AVRCPU *cpu = AVR_CPU(cs);
CPUAVRState *env = &cpu->env;
- env->pc_w = tb->pc / 2; /* internally PC points to words */
+ env->pc_w = tb_pc(tb) / 2; /* internally PC points to words */
}
static void avr_cpu_reset(DeviceState *ds)
@@ -214,6 +221,7 @@
cc->has_work = avr_cpu_has_work;
cc->dump_state = avr_cpu_dump_state;
cc->set_pc = avr_cpu_set_pc;
+ cc->get_pc = avr_cpu_get_pc;
dc->vmsd = &vms_avr_cpu;
cc->sysemu_ops = &avr_sysemu_ops;
cc->disas_set_info = avr_cpu_disas_set_info;
diff --git a/target/cris/cpu.c b/target/cris/cpu.c
index ed6c781..22f5c70 100644
--- a/target/cris/cpu.c
+++ b/target/cris/cpu.c
@@ -35,6 +35,13 @@
cpu->env.pc = value;
}
+static vaddr cris_cpu_get_pc(CPUState *cs)
+{
+ CRISCPU *cpu = CRIS_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static bool cris_cpu_has_work(CPUState *cs)
{
return cs->interrupt_request & (CPU_INTERRUPT_HARD | CPU_INTERRUPT_NMI);
@@ -297,6 +304,7 @@
cc->has_work = cris_cpu_has_work;
cc->dump_state = cris_cpu_dump_state;
cc->set_pc = cris_cpu_set_pc;
+ cc->get_pc = cris_cpu_get_pc;
cc->gdb_read_register = cris_cpu_gdb_read_register;
cc->gdb_write_register = cris_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c
index fa9bd70..fa6d722 100644
--- a/target/hexagon/cpu.c
+++ b/target/hexagon/cpu.c
@@ -251,12 +251,19 @@
env->gpr[HEX_REG_PC] = value;
}
+static vaddr hexagon_cpu_get_pc(CPUState *cs)
+{
+ HexagonCPU *cpu = HEXAGON_CPU(cs);
+ CPUHexagonState *env = &cpu->env;
+ return env->gpr[HEX_REG_PC];
+}
+
static void hexagon_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
HexagonCPU *cpu = HEXAGON_CPU(cs);
CPUHexagonState *env = &cpu->env;
- env->gpr[HEX_REG_PC] = tb->pc;
+ env->gpr[HEX_REG_PC] = tb_pc(tb);
}
static bool hexagon_cpu_has_work(CPUState *cs)
@@ -337,6 +344,7 @@
cc->has_work = hexagon_cpu_has_work;
cc->dump_state = hexagon_dump_state;
cc->set_pc = hexagon_cpu_set_pc;
+ cc->get_pc = hexagon_cpu_get_pc;
cc->gdb_read_register = hexagon_gdb_read_register;
cc->gdb_write_register = hexagon_gdb_write_register;
cc->gdb_num_core_regs = TOTAL_PER_THREAD_REGS + NUM_VREGS + NUM_QREGS;
diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
index a6f52ca..e677ca0 100644
--- a/target/hppa/cpu.c
+++ b/target/hppa/cpu.c
@@ -36,13 +36,20 @@
cpu->env.iaoq_b = value + 4;
}
+static vaddr hppa_cpu_get_pc(CPUState *cs)
+{
+ HPPACPU *cpu = HPPA_CPU(cs);
+
+ return cpu->env.iaoq_f;
+}
+
static void hppa_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
HPPACPU *cpu = HPPA_CPU(cs);
#ifdef CONFIG_USER_ONLY
- cpu->env.iaoq_f = tb->pc;
+ cpu->env.iaoq_f = tb_pc(tb);
cpu->env.iaoq_b = tb->cs_base;
#else
/* Recover the IAOQ values from the GVA + PRIV. */
@@ -52,7 +59,7 @@
int32_t diff = cs_base;
cpu->env.iasq_f = iasq_f;
- cpu->env.iaoq_f = (tb->pc & ~iasq_f) + priv;
+ cpu->env.iaoq_f = (tb_pc(tb) & ~iasq_f) + priv;
if (diff) {
cpu->env.iaoq_b = cpu->env.iaoq_f + diff;
}
@@ -168,6 +175,7 @@
cc->has_work = hppa_cpu_has_work;
cc->dump_state = hppa_cpu_dump_state;
cc->set_pc = hppa_cpu_set_pc;
+ cc->get_pc = hppa_cpu_get_pc;
cc->gdb_read_register = hppa_cpu_gdb_read_register;
cc->gdb_write_register = hppa_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 1db1278..ad623d9 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -6824,6 +6824,14 @@
cpu->env.eip = value;
}
+static vaddr x86_cpu_get_pc(CPUState *cs)
+{
+ X86CPU *cpu = X86_CPU(cs);
+
+ /* Match cpu_get_tb_cpu_state. */
+ return cpu->env.eip + cpu->env.segs[R_CS].base;
+}
+
int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
{
X86CPU *cpu = X86_CPU(cs);
@@ -7106,6 +7114,7 @@
cc->has_work = x86_cpu_has_work;
cc->dump_state = x86_cpu_dump_state;
cc->set_pc = x86_cpu_set_pc;
+ cc->get_pc = x86_cpu_get_pc;
cc->gdb_read_register = x86_cpu_gdb_read_register;
cc->gdb_write_register = x86_cpu_gdb_write_register;
cc->get_arch_id = x86_cpu_get_arch_id;
diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c
index a1fd1f5..f2a9649 100644
--- a/target/i386/kvm/kvm.c
+++ b/target/i386/kvm/kvm.c
@@ -157,7 +157,7 @@
{
int ret = kvm_check_extension(kvm_state, KVM_CAP_ADJUST_CLOCK);
- return (ret == KVM_CLOCK_TSC_STABLE);
+ return (ret & KVM_CLOCK_TSC_STABLE);
}
bool kvm_has_adjust_clock(void)
@@ -2176,15 +2176,11 @@
g_free(env->xsave_buf);
- if (cpu->kvm_msr_buf) {
- g_free(cpu->kvm_msr_buf);
- cpu->kvm_msr_buf = NULL;
- }
+ g_free(cpu->kvm_msr_buf);
+ cpu->kvm_msr_buf = NULL;
- if (env->nested_state) {
- g_free(env->nested_state);
- env->nested_state = NULL;
- }
+ g_free(env->nested_state);
+ env->nested_state = NULL;
qemu_del_vm_change_state_handler(cpu->vmsentry);
diff --git a/target/i386/tcg/tcg-cpu.c b/target/i386/tcg/tcg-cpu.c
index d3c2b8f..6cf14c8 100644
--- a/target/i386/tcg/tcg-cpu.c
+++ b/target/i386/tcg/tcg-cpu.c
@@ -51,7 +51,7 @@
{
X86CPU *cpu = X86_CPU(cs);
- cpu->env.eip = tb->pc - tb->cs_base;
+ cpu->env.eip = tb_pc(tb) - tb->cs_base;
}
#ifndef CONFIG_USER_ONLY
diff --git a/target/i386/whpx/whpx-all.c b/target/i386/whpx/whpx-all.c
index b22a331..8e4969e 100644
--- a/target/i386/whpx/whpx-all.c
+++ b/target/i386/whpx/whpx-all.c
@@ -1225,14 +1225,12 @@
}
}
- if (breakpoints->breakpoints) {
- /*
- * Free the previous breakpoint list. This can be optimized by keeping
- * it as shadow buffer for the next computation instead of freeing
- * it immediately.
- */
- g_free(breakpoints->breakpoints);
- }
+ /*
+ * Free the previous breakpoint list. This can be optimized by keeping
+ * it as shadow buffer for the next computation instead of freeing
+ * it immediately.
+ */
+ g_free(breakpoints->breakpoints);
breakpoints->breakpoints = new_breakpoints;
}
diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
index 941e277..1722ed2 100644
--- a/target/loongarch/cpu.c
+++ b/target/loongarch/cpu.c
@@ -82,6 +82,14 @@
env->pc = value;
}
+static vaddr loongarch_cpu_get_pc(CPUState *cs)
+{
+ LoongArchCPU *cpu = LOONGARCH_CPU(cs);
+ CPULoongArchState *env = &cpu->env;
+
+ return env->pc;
+}
+
#ifndef CONFIG_USER_ONLY
#include "hw/loongarch/virt.h"
@@ -309,7 +317,7 @@
LoongArchCPU *cpu = LOONGARCH_CPU(cs);
CPULoongArchState *env = &cpu->env;
- env->pc = tb->pc;
+ env->pc = tb_pc(tb);
}
#endif /* CONFIG_TCG */
@@ -680,6 +688,7 @@
cc->has_work = loongarch_cpu_has_work;
cc->dump_state = loongarch_cpu_dump_state;
cc->set_pc = loongarch_cpu_set_pc;
+ cc->get_pc = loongarch_cpu_get_pc;
#ifndef CONFIG_USER_ONLY
dc->vmsd = &vmstate_loongarch_cpu;
cc->sysemu_ops = &loongarch_sysemu_ops;
diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
index 25d610d..1e902e1 100644
--- a/target/m68k/cpu.c
+++ b/target/m68k/cpu.c
@@ -31,6 +31,13 @@
cpu->env.pc = value;
}
+static vaddr m68k_cpu_get_pc(CPUState *cs)
+{
+ M68kCPU *cpu = M68K_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static bool m68k_cpu_has_work(CPUState *cs)
{
return cs->interrupt_request & CPU_INTERRUPT_HARD;
@@ -540,6 +547,7 @@
cc->has_work = m68k_cpu_has_work;
cc->dump_state = m68k_cpu_dump_state;
cc->set_pc = m68k_cpu_set_pc;
+ cc->get_pc = m68k_cpu_get_pc;
cc->gdb_read_register = m68k_cpu_gdb_read_register;
cc->gdb_write_register = m68k_cpu_gdb_write_register;
#if defined(CONFIG_SOFTMMU)
diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
index aed200d..c10b8ac 100644
--- a/target/microblaze/cpu.c
+++ b/target/microblaze/cpu.c
@@ -84,12 +84,19 @@
cpu->env.iflags = 0;
}
+static vaddr mb_cpu_get_pc(CPUState *cs)
+{
+ MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void mb_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
cpu->env.iflags = tb->flags & IFLAGS_TB_MASK;
}
@@ -391,6 +398,7 @@
cc->dump_state = mb_cpu_dump_state;
cc->set_pc = mb_cpu_set_pc;
+ cc->get_pc = mb_cpu_get_pc;
cc->gdb_read_register = mb_cpu_gdb_read_register;
cc->gdb_write_register = mb_cpu_gdb_write_register;
diff --git a/target/mips/cpu.c b/target/mips/cpu.c
index c15c955..da58eb8 100644
--- a/target/mips/cpu.c
+++ b/target/mips/cpu.c
@@ -128,6 +128,13 @@
mips_env_set_pc(&cpu->env, value);
}
+static vaddr mips_cpu_get_pc(CPUState *cs)
+{
+ MIPSCPU *cpu = MIPS_CPU(cs);
+
+ return cpu->env.active_tc.PC;
+}
+
static bool mips_cpu_has_work(CPUState *cs)
{
MIPSCPU *cpu = MIPS_CPU(cs);
@@ -557,6 +564,7 @@
cc->has_work = mips_cpu_has_work;
cc->dump_state = mips_cpu_dump_state;
cc->set_pc = mips_cpu_set_pc;
+ cc->get_pc = mips_cpu_get_pc;
cc->gdb_read_register = mips_cpu_gdb_read_register;
cc->gdb_write_register = mips_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/mips/tcg/exception.c b/target/mips/tcg/exception.c
index 2bd77a6..96e6117 100644
--- a/target/mips/tcg/exception.c
+++ b/target/mips/tcg/exception.c
@@ -82,7 +82,7 @@
MIPSCPU *cpu = MIPS_CPU(cs);
CPUMIPSState *env = &cpu->env;
- env->active_tc.PC = tb->pc;
+ env->active_tc.PC = tb_pc(tb);
env->hflags &= ~MIPS_HFLAG_BMASK;
env->hflags |= tb->flags & MIPS_HFLAG_BMASK;
}
diff --git a/target/mips/tcg/sysemu/special_helper.c b/target/mips/tcg/sysemu/special_helper.c
index f4f8fe8..3c5f35c 100644
--- a/target/mips/tcg/sysemu/special_helper.c
+++ b/target/mips/tcg/sysemu/special_helper.c
@@ -94,7 +94,7 @@
CPUMIPSState *env = &cpu->env;
if ((env->hflags & MIPS_HFLAG_BMASK) != 0
- && env->active_tc.PC != tb->pc) {
+ && env->active_tc.PC != tb_pc(tb)) {
env->active_tc.PC -= (env->hflags & MIPS_HFLAG_B16 ? 2 : 4);
env->hflags &= ~MIPS_HFLAG_BMASK;
return true;
diff --git a/target/nios2/cpu.c b/target/nios2/cpu.c
index 19b2409..2b28429 100644
--- a/target/nios2/cpu.c
+++ b/target/nios2/cpu.c
@@ -34,6 +34,14 @@
env->pc = value;
}
+static vaddr nios2_cpu_get_pc(CPUState *cs)
+{
+ Nios2CPU *cpu = NIOS2_CPU(cs);
+ CPUNios2State *env = &cpu->env;
+
+ return env->pc;
+}
+
static bool nios2_cpu_has_work(CPUState *cs)
{
return cs->interrupt_request & CPU_INTERRUPT_HARD;
@@ -362,6 +370,7 @@
cc->has_work = nios2_cpu_has_work;
cc->dump_state = nios2_cpu_dump_state;
cc->set_pc = nios2_cpu_set_pc;
+ cc->get_pc = nios2_cpu_get_pc;
cc->disas_set_info = nios2_cpu_disas_set_info;
#ifndef CONFIG_USER_ONLY
cc->sysemu_ops = &nios2_sysemu_ops;
diff --git a/target/openrisc/cpu.c b/target/openrisc/cpu.c
index cb9f35f..f6fd437 100644
--- a/target/openrisc/cpu.c
+++ b/target/openrisc/cpu.c
@@ -31,12 +31,19 @@
cpu->env.dflag = 0;
}
+static vaddr openrisc_cpu_get_pc(CPUState *cs)
+{
+ OpenRISCCPU *cpu = OPENRISC_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void openrisc_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
OpenRISCCPU *cpu = OPENRISC_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
}
@@ -218,6 +225,7 @@
cc->has_work = openrisc_cpu_has_work;
cc->dump_state = openrisc_cpu_dump_state;
cc->set_pc = openrisc_cpu_set_pc;
+ cc->get_pc = openrisc_cpu_get_pc;
cc->gdb_read_register = openrisc_cpu_gdb_read_register;
cc->gdb_write_register = openrisc_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
index 6e080eb..763a843 100644
--- a/target/ppc/cpu_init.c
+++ b/target/ppc/cpu_init.c
@@ -7214,6 +7214,13 @@
cpu->env.nip = value;
}
+static vaddr ppc_cpu_get_pc(CPUState *cs)
+{
+ PowerPCCPU *cpu = POWERPC_CPU(cs);
+
+ return cpu->env.nip;
+}
+
static bool ppc_cpu_has_work(CPUState *cs)
{
PowerPCCPU *cpu = POWERPC_CPU(cs);
@@ -7472,6 +7479,7 @@
cc->has_work = ppc_cpu_has_work;
cc->dump_state = ppc_cpu_dump_state;
cc->set_pc = ppc_cpu_set_pc;
+ cc->get_pc = ppc_cpu_get_pc;
cc->gdb_read_register = ppc_cpu_gdb_read_register;
cc->gdb_write_register = ppc_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index b29c88b..e6d9c70 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -462,6 +462,18 @@
}
}
+static vaddr riscv_cpu_get_pc(CPUState *cs)
+{
+ RISCVCPU *cpu = RISCV_CPU(cs);
+ CPURISCVState *env = &cpu->env;
+
+ /* Match cpu_get_tb_cpu_state. */
+ if (env->xl == MXL_RV32) {
+ return env->pc & UINT32_MAX;
+ }
+ return env->pc;
+}
+
static void riscv_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -470,9 +482,9 @@
RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL);
if (xl == MXL_RV32) {
- env->pc = (int32_t)tb->pc;
+ env->pc = (int32_t)tb_pc(tb);
} else {
- env->pc = tb->pc;
+ env->pc = tb_pc(tb);
}
}
@@ -1154,6 +1166,7 @@
cc->has_work = riscv_cpu_has_work;
cc->dump_state = riscv_cpu_dump_state;
cc->set_pc = riscv_cpu_set_pc;
+ cc->get_pc = riscv_cpu_get_pc;
cc->gdb_read_register = riscv_cpu_gdb_read_register;
cc->gdb_write_register = riscv_cpu_gdb_write_register;
cc->gdb_num_core_regs = 33;
diff --git a/target/rx/cpu.c b/target/rx/cpu.c
index fb30080..2f28099 100644
--- a/target/rx/cpu.c
+++ b/target/rx/cpu.c
@@ -32,12 +32,19 @@
cpu->env.pc = value;
}
+static vaddr rx_cpu_get_pc(CPUState *cs)
+{
+ RXCPU *cpu = RX_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void rx_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
RXCPU *cpu = RX_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
}
static bool rx_cpu_has_work(CPUState *cs)
@@ -208,6 +215,7 @@
cc->has_work = rx_cpu_has_work;
cc->dump_state = rx_cpu_dump_state;
cc->set_pc = rx_cpu_set_pc;
+ cc->get_pc = rx_cpu_get_pc;
#ifndef CONFIG_USER_ONLY
cc->sysemu_ops = &rx_sysemu_ops;
diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c
index c31bb23..df00040 100644
--- a/target/s390x/cpu.c
+++ b/target/s390x/cpu.c
@@ -88,6 +88,13 @@
cpu->env.psw.addr = value;
}
+static vaddr s390_cpu_get_pc(CPUState *cs)
+{
+ S390CPU *cpu = S390_CPU(cs);
+
+ return cpu->env.psw.addr;
+}
+
static bool s390_cpu_has_work(CPUState *cs)
{
S390CPU *cpu = S390_CPU(cs);
@@ -297,6 +304,7 @@
cc->has_work = s390_cpu_has_work;
cc->dump_state = s390_cpu_dump_state;
cc->set_pc = s390_cpu_set_pc;
+ cc->get_pc = s390_cpu_get_pc;
cc->gdb_read_register = s390_cpu_gdb_read_register;
cc->gdb_write_register = s390_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/s390x/tcg/mem_helper.c b/target/s390x/tcg/mem_helper.c
index fc52aa1..3758b9e 100644
--- a/target/s390x/tcg/mem_helper.c
+++ b/target/s390x/tcg/mem_helper.c
@@ -148,10 +148,6 @@
#else
int flags;
- /*
- * For !CONFIG_USER_ONLY, we cannot rely on TLB_INVALID_MASK or haddr==NULL
- * to detect if there was an exception during tlb_fill().
- */
env->tlb_fill_exc = 0;
flags = probe_access_flags(env, addr, access_type, mmu_idx, nonfault, phost,
ra);
diff --git a/target/sh4/cpu.c b/target/sh4/cpu.c
index 06b2691..56c5053 100644
--- a/target/sh4/cpu.c
+++ b/target/sh4/cpu.c
@@ -34,13 +34,20 @@
cpu->env.pc = value;
}
+static vaddr superh_cpu_get_pc(CPUState *cs)
+{
+ SuperHCPU *cpu = SUPERH_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void superh_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
SuperHCPU *cpu = SUPERH_CPU(cs);
- cpu->env.pc = tb->pc;
- cpu->env.flags = tb->flags & TB_FLAG_ENVFLAGS_MASK;
+ cpu->env.pc = tb_pc(tb);
+ cpu->env.flags = tb->flags;
}
#ifndef CONFIG_USER_ONLY
@@ -50,10 +57,10 @@
SuperHCPU *cpu = SUPERH_CPU(cs);
CPUSH4State *env = &cpu->env;
- if ((env->flags & ((DELAY_SLOT | DELAY_SLOT_CONDITIONAL))) != 0
- && env->pc != tb->pc) {
+ if ((env->flags & (TB_FLAG_DELAY_SLOT | TB_FLAG_DELAY_SLOT_COND))
+ && env->pc != tb_pc(tb)) {
env->pc -= 2;
- env->flags &= ~(DELAY_SLOT | DELAY_SLOT_CONDITIONAL);
+ env->flags &= ~(TB_FLAG_DELAY_SLOT | TB_FLAG_DELAY_SLOT_COND);
return true;
}
return false;
@@ -261,6 +268,7 @@
cc->has_work = superh_cpu_has_work;
cc->dump_state = superh_cpu_dump_state;
cc->set_pc = superh_cpu_set_pc;
+ cc->get_pc = superh_cpu_get_pc;
cc->gdb_read_register = superh_cpu_gdb_read_register;
cc->gdb_write_register = superh_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h
index 9f15ef9..727b829 100644
--- a/target/sh4/cpu.h
+++ b/target/sh4/cpu.h
@@ -78,26 +78,33 @@
#define FPSCR_RM_NEAREST (0 << 0)
#define FPSCR_RM_ZERO (1 << 0)
-#define DELAY_SLOT_MASK 0x7
-#define DELAY_SLOT (1 << 0)
-#define DELAY_SLOT_CONDITIONAL (1 << 1)
-#define DELAY_SLOT_RTE (1 << 2)
+#define TB_FLAG_DELAY_SLOT (1 << 0)
+#define TB_FLAG_DELAY_SLOT_COND (1 << 1)
+#define TB_FLAG_DELAY_SLOT_RTE (1 << 2)
+#define TB_FLAG_PENDING_MOVCA (1 << 3)
+#define TB_FLAG_GUSA_SHIFT 4 /* [11:4] */
+#define TB_FLAG_GUSA_EXCLUSIVE (1 << 12)
+#define TB_FLAG_UNALIGN (1 << 13)
+#define TB_FLAG_SR_FD (1 << SR_FD) /* 15 */
+#define TB_FLAG_FPSCR_PR FPSCR_PR /* 19 */
+#define TB_FLAG_FPSCR_SZ FPSCR_SZ /* 20 */
+#define TB_FLAG_FPSCR_FR FPSCR_FR /* 21 */
+#define TB_FLAG_SR_RB (1 << SR_RB) /* 29 */
+#define TB_FLAG_SR_MD (1 << SR_MD) /* 30 */
-#define TB_FLAG_PENDING_MOVCA (1 << 3)
-#define TB_FLAG_UNALIGN (1 << 4)
-
-#define GUSA_SHIFT 4
-#ifdef CONFIG_USER_ONLY
-#define GUSA_EXCLUSIVE (1 << 12)
-#define GUSA_MASK ((0xff << GUSA_SHIFT) | GUSA_EXCLUSIVE)
-#else
-/* Provide dummy versions of the above to allow tests against tbflags
- to be elided while avoiding ifdefs. */
-#define GUSA_EXCLUSIVE 0
-#define GUSA_MASK 0
-#endif
-
-#define TB_FLAG_ENVFLAGS_MASK (DELAY_SLOT_MASK | GUSA_MASK)
+#define TB_FLAG_DELAY_SLOT_MASK (TB_FLAG_DELAY_SLOT | \
+ TB_FLAG_DELAY_SLOT_COND | \
+ TB_FLAG_DELAY_SLOT_RTE)
+#define TB_FLAG_GUSA_MASK ((0xff << TB_FLAG_GUSA_SHIFT) | \
+ TB_FLAG_GUSA_EXCLUSIVE)
+#define TB_FLAG_FPSCR_MASK (TB_FLAG_FPSCR_PR | \
+ TB_FLAG_FPSCR_SZ | \
+ TB_FLAG_FPSCR_FR)
+#define TB_FLAG_SR_MASK (TB_FLAG_SR_FD | \
+ TB_FLAG_SR_RB | \
+ TB_FLAG_SR_MD)
+#define TB_FLAG_ENVFLAGS_MASK (TB_FLAG_DELAY_SLOT_MASK | \
+ TB_FLAG_GUSA_MASK)
typedef struct tlb_t {
uint32_t vpn; /* virtual page number */
@@ -258,7 +265,7 @@
{
/* The instruction in a RTE delay slot is fetched in privileged
mode, but executed in user mode. */
- if (ifetch && (env->flags & DELAY_SLOT_RTE)) {
+ if (ifetch && (env->flags & TB_FLAG_DELAY_SLOT_RTE)) {
return 0;
} else {
return (env->sr & (1u << SR_MD)) == 0 ? 1 : 0;
@@ -366,11 +373,10 @@
{
*pc = env->pc;
/* For a gUSA region, notice the end of the region. */
- *cs_base = env->flags & GUSA_MASK ? env->gregs[0] : 0;
- *flags = env->flags /* TB_FLAG_ENVFLAGS_MASK: bits 0-2, 4-12 */
- | (env->fpscr & (FPSCR_FR | FPSCR_SZ | FPSCR_PR)) /* Bits 19-21 */
- | (env->sr & ((1u << SR_MD) | (1u << SR_RB))) /* Bits 29-30 */
- | (env->sr & (1u << SR_FD)) /* Bit 15 */
+ *cs_base = env->flags & TB_FLAG_GUSA_MASK ? env->gregs[0] : 0;
+ *flags = env->flags
+ | (env->fpscr & TB_FLAG_FPSCR_MASK)
+ | (env->sr & TB_FLAG_SR_MASK)
| (env->movcal_backup ? TB_FLAG_PENDING_MOVCA : 0); /* Bit 3 */
#ifdef CONFIG_USER_ONLY
*flags |= TB_FLAG_UNALIGN * !env_cpu(env)->prctl_unalign_sigbus;
diff --git a/target/sh4/helper.c b/target/sh4/helper.c
index 6a620e3..e02e7af 100644
--- a/target/sh4/helper.c
+++ b/target/sh4/helper.c
@@ -147,11 +147,11 @@
env->sr |= (1u << SR_BL) | (1u << SR_MD) | (1u << SR_RB);
env->lock_addr = -1;
- if (env->flags & DELAY_SLOT_MASK) {
+ if (env->flags & TB_FLAG_DELAY_SLOT_MASK) {
/* Branch instruction should be executed again before delay slot. */
env->spc -= 2;
/* Clear flags for exception/interrupt routine. */
- env->flags &= ~DELAY_SLOT_MASK;
+ env->flags &= ~TB_FLAG_DELAY_SLOT_MASK;
}
if (do_exp) {
@@ -786,7 +786,7 @@
CPUSH4State *env = &cpu->env;
/* Delay slots are indivisible, ignore interrupts */
- if (env->flags & DELAY_SLOT_MASK) {
+ if (env->flags & TB_FLAG_DELAY_SLOT_MASK) {
return false;
} else {
superh_cpu_do_interrupt(cs);
diff --git a/target/sh4/translate.c b/target/sh4/translate.c
index 0105657..26231b2 100644
--- a/target/sh4/translate.c
+++ b/target/sh4/translate.c
@@ -175,13 +175,13 @@
i, env->gregs[i], i + 1, env->gregs[i + 1],
i + 2, env->gregs[i + 2], i + 3, env->gregs[i + 3]);
}
- if (env->flags & DELAY_SLOT) {
+ if (env->flags & TB_FLAG_DELAY_SLOT) {
qemu_printf("in delay slot (delayed_pc=0x%08x)\n",
env->delayed_pc);
- } else if (env->flags & DELAY_SLOT_CONDITIONAL) {
+ } else if (env->flags & TB_FLAG_DELAY_SLOT_COND) {
qemu_printf("in conditional delay slot (delayed_pc=0x%08x)\n",
env->delayed_pc);
- } else if (env->flags & DELAY_SLOT_RTE) {
+ } else if (env->flags & TB_FLAG_DELAY_SLOT_RTE) {
qemu_fprintf(f, "in rte delay slot (delayed_pc=0x%08x)\n",
env->delayed_pc);
}
@@ -223,7 +223,7 @@
static inline bool use_exit_tb(DisasContext *ctx)
{
- return (ctx->tbflags & GUSA_EXCLUSIVE) != 0;
+ return (ctx->tbflags & TB_FLAG_GUSA_EXCLUSIVE) != 0;
}
static bool use_goto_tb(DisasContext *ctx, target_ulong dest)
@@ -276,12 +276,12 @@
TCGLabel *l1 = gen_new_label();
TCGCond cond_not_taken = jump_if_true ? TCG_COND_EQ : TCG_COND_NE;
- if (ctx->tbflags & GUSA_EXCLUSIVE) {
+ if (ctx->tbflags & TB_FLAG_GUSA_EXCLUSIVE) {
/* When in an exclusive region, we must continue to the end.
Therefore, exit the region on a taken branch, but otherwise
fall through to the next instruction. */
tcg_gen_brcondi_i32(cond_not_taken, cpu_sr_t, 0, l1);
- tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~GUSA_MASK);
+ tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~TB_FLAG_GUSA_MASK);
/* Note that this won't actually use a goto_tb opcode because we
disallow it in use_goto_tb, but it handles exit + singlestep. */
gen_goto_tb(ctx, 0, dest);
@@ -307,14 +307,14 @@
tcg_gen_mov_i32(ds, cpu_delayed_cond);
tcg_gen_discard_i32(cpu_delayed_cond);
- if (ctx->tbflags & GUSA_EXCLUSIVE) {
+ if (ctx->tbflags & TB_FLAG_GUSA_EXCLUSIVE) {
/* When in an exclusive region, we must continue to the end.
Therefore, exit the region on a taken branch, but otherwise
fall through to the next instruction. */
tcg_gen_brcondi_i32(TCG_COND_EQ, ds, 0, l1);
/* Leave the gUSA region. */
- tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~GUSA_MASK);
+ tcg_gen_movi_i32(cpu_flags, ctx->envflags & ~TB_FLAG_GUSA_MASK);
gen_jump(ctx);
gen_set_label(l1);
@@ -361,8 +361,8 @@
#define XHACK(x) ((((x) & 1 ) << 4) | ((x) & 0xe))
#define CHECK_NOT_DELAY_SLOT \
- if (ctx->envflags & DELAY_SLOT_MASK) { \
- goto do_illegal_slot; \
+ if (ctx->envflags & TB_FLAG_DELAY_SLOT_MASK) { \
+ goto do_illegal_slot; \
}
#define CHECK_PRIVILEGED \
@@ -436,7 +436,7 @@
case 0x000b: /* rts */
CHECK_NOT_DELAY_SLOT
tcg_gen_mov_i32(cpu_delayed_pc, cpu_pr);
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
ctx->delayed_pc = (uint32_t) - 1;
return;
case 0x0028: /* clrmac */
@@ -458,7 +458,7 @@
CHECK_NOT_DELAY_SLOT
gen_write_sr(cpu_ssr);
tcg_gen_mov_i32(cpu_delayed_pc, cpu_spc);
- ctx->envflags |= DELAY_SLOT_RTE;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT_RTE;
ctx->delayed_pc = (uint32_t) - 1;
ctx->base.is_jmp = DISAS_STOP;
return;
@@ -513,12 +513,15 @@
return;
case 0xe000: /* mov #imm,Rn */
#ifdef CONFIG_USER_ONLY
- /* Detect the start of a gUSA region. If so, update envflags
- and end the TB. This will allow us to see the end of the
- region (stored in R0) in the next TB. */
+ /*
+ * Detect the start of a gUSA region (mov #-n, r15).
+ * If so, update envflags and end the TB. This will allow us
+ * to see the end of the region (stored in R0) in the next TB.
+ */
if (B11_8 == 15 && B7_0s < 0 &&
(tb_cflags(ctx->base.tb) & CF_PARALLEL)) {
- ctx->envflags = deposit32(ctx->envflags, GUSA_SHIFT, 8, B7_0s);
+ ctx->envflags =
+ deposit32(ctx->envflags, TB_FLAG_GUSA_SHIFT, 8, B7_0s);
ctx->base.is_jmp = DISAS_STOP;
}
#endif
@@ -544,13 +547,13 @@
case 0xa000: /* bra disp */
CHECK_NOT_DELAY_SLOT
ctx->delayed_pc = ctx->base.pc_next + 4 + B11_0s * 2;
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
return;
case 0xb000: /* bsr disp */
CHECK_NOT_DELAY_SLOT
tcg_gen_movi_i32(cpu_pr, ctx->base.pc_next + 4);
ctx->delayed_pc = ctx->base.pc_next + 4 + B11_0s * 2;
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
return;
}
@@ -1194,7 +1197,7 @@
CHECK_NOT_DELAY_SLOT
tcg_gen_xori_i32(cpu_delayed_cond, cpu_sr_t, 1);
ctx->delayed_pc = ctx->base.pc_next + 4 + B7_0s * 2;
- ctx->envflags |= DELAY_SLOT_CONDITIONAL;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT_COND;
return;
case 0x8900: /* bt label */
CHECK_NOT_DELAY_SLOT
@@ -1204,7 +1207,7 @@
CHECK_NOT_DELAY_SLOT
tcg_gen_mov_i32(cpu_delayed_cond, cpu_sr_t);
ctx->delayed_pc = ctx->base.pc_next + 4 + B7_0s * 2;
- ctx->envflags |= DELAY_SLOT_CONDITIONAL;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT_COND;
return;
case 0x8800: /* cmp/eq #imm,R0 */
tcg_gen_setcondi_i32(TCG_COND_EQ, cpu_sr_t, REG(0), B7_0s);
@@ -1388,14 +1391,14 @@
case 0x0023: /* braf Rn */
CHECK_NOT_DELAY_SLOT
tcg_gen_addi_i32(cpu_delayed_pc, REG(B11_8), ctx->base.pc_next + 4);
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
ctx->delayed_pc = (uint32_t) - 1;
return;
case 0x0003: /* bsrf Rn */
CHECK_NOT_DELAY_SLOT
tcg_gen_movi_i32(cpu_pr, ctx->base.pc_next + 4);
tcg_gen_add_i32(cpu_delayed_pc, REG(B11_8), cpu_pr);
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
ctx->delayed_pc = (uint32_t) - 1;
return;
case 0x4015: /* cmp/pl Rn */
@@ -1411,14 +1414,14 @@
case 0x402b: /* jmp @Rn */
CHECK_NOT_DELAY_SLOT
tcg_gen_mov_i32(cpu_delayed_pc, REG(B11_8));
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
ctx->delayed_pc = (uint32_t) - 1;
return;
case 0x400b: /* jsr @Rn */
CHECK_NOT_DELAY_SLOT
tcg_gen_movi_i32(cpu_pr, ctx->base.pc_next + 4);
tcg_gen_mov_i32(cpu_delayed_pc, REG(B11_8));
- ctx->envflags |= DELAY_SLOT;
+ ctx->envflags |= TB_FLAG_DELAY_SLOT;
ctx->delayed_pc = (uint32_t) - 1;
return;
case 0x400e: /* ldc Rm,SR */
@@ -1839,7 +1842,7 @@
fflush(stderr);
#endif
do_illegal:
- if (ctx->envflags & DELAY_SLOT_MASK) {
+ if (ctx->envflags & TB_FLAG_DELAY_SLOT_MASK) {
do_illegal_slot:
gen_save_cpu_state(ctx, true);
gen_helper_raise_slot_illegal_instruction(cpu_env);
@@ -1852,7 +1855,7 @@
do_fpu_disabled:
gen_save_cpu_state(ctx, true);
- if (ctx->envflags & DELAY_SLOT_MASK) {
+ if (ctx->envflags & TB_FLAG_DELAY_SLOT_MASK) {
gen_helper_raise_slot_fpu_disable(cpu_env);
} else {
gen_helper_raise_fpu_disable(cpu_env);
@@ -1867,23 +1870,23 @@
_decode_opc(ctx);
- if (old_flags & DELAY_SLOT_MASK) {
+ if (old_flags & TB_FLAG_DELAY_SLOT_MASK) {
/* go out of the delay slot */
- ctx->envflags &= ~DELAY_SLOT_MASK;
+ ctx->envflags &= ~TB_FLAG_DELAY_SLOT_MASK;
/* When in an exclusive region, we must continue to the end
for conditional branches. */
- if (ctx->tbflags & GUSA_EXCLUSIVE
- && old_flags & DELAY_SLOT_CONDITIONAL) {
+ if (ctx->tbflags & TB_FLAG_GUSA_EXCLUSIVE
+ && old_flags & TB_FLAG_DELAY_SLOT_COND) {
gen_delayed_conditional_jump(ctx);
return;
}
/* Otherwise this is probably an invalid gUSA region.
Drop the GUSA bits so the next TB doesn't see them. */
- ctx->envflags &= ~GUSA_MASK;
+ ctx->envflags &= ~TB_FLAG_GUSA_MASK;
tcg_gen_movi_i32(cpu_flags, ctx->envflags);
- if (old_flags & DELAY_SLOT_CONDITIONAL) {
+ if (old_flags & TB_FLAG_DELAY_SLOT_COND) {
gen_delayed_conditional_jump(ctx);
} else {
gen_jump(ctx);
@@ -2223,7 +2226,7 @@
}
/* The entire region has been translated. */
- ctx->envflags &= ~GUSA_MASK;
+ ctx->envflags &= ~TB_FLAG_GUSA_MASK;
ctx->base.pc_next = pc_end;
ctx->base.num_insns += max_insns - 1;
return;
@@ -2234,7 +2237,7 @@
/* Restart with the EXCLUSIVE bit set, within a TB run via
cpu_exec_step_atomic holding the exclusive lock. */
- ctx->envflags |= GUSA_EXCLUSIVE;
+ ctx->envflags |= TB_FLAG_GUSA_EXCLUSIVE;
gen_save_cpu_state(ctx, false);
gen_helper_exclusive(cpu_env);
ctx->base.is_jmp = DISAS_NORETURN;
@@ -2267,17 +2270,19 @@
(tbflags & (1 << SR_RB))) * 0x10;
ctx->fbank = tbflags & FPSCR_FR ? 0x10 : 0;
- if (tbflags & GUSA_MASK) {
+#ifdef CONFIG_USER_ONLY
+ if (tbflags & TB_FLAG_GUSA_MASK) {
+ /* In gUSA exclusive region. */
uint32_t pc = ctx->base.pc_next;
uint32_t pc_end = ctx->base.tb->cs_base;
- int backup = sextract32(ctx->tbflags, GUSA_SHIFT, 8);
+ int backup = sextract32(ctx->tbflags, TB_FLAG_GUSA_SHIFT, 8);
int max_insns = (pc_end - pc) / 2;
if (pc != pc_end + backup || max_insns < 2) {
/* This is a malformed gUSA region. Don't do anything special,
since the interpreter is likely to get confused. */
- ctx->envflags &= ~GUSA_MASK;
- } else if (tbflags & GUSA_EXCLUSIVE) {
+ ctx->envflags &= ~TB_FLAG_GUSA_MASK;
+ } else if (tbflags & TB_FLAG_GUSA_EXCLUSIVE) {
/* Regardless of single-stepping or the end of the page,
we must complete execution of the gUSA region while
holding the exclusive lock. */
@@ -2285,6 +2290,7 @@
return;
}
}
+#endif
/* Since the ISA is fixed-width, we can bound by the number
of instructions remaining on the page. */
@@ -2309,8 +2315,8 @@
DisasContext *ctx = container_of(dcbase, DisasContext, base);
#ifdef CONFIG_USER_ONLY
- if (unlikely(ctx->envflags & GUSA_MASK)
- && !(ctx->envflags & GUSA_EXCLUSIVE)) {
+ if (unlikely(ctx->envflags & TB_FLAG_GUSA_MASK)
+ && !(ctx->envflags & TB_FLAG_GUSA_EXCLUSIVE)) {
/* We're in an gUSA region, and we have not already fallen
back on using an exclusive region. Attempt to parse the
region into a single supported atomic operation. Failure
@@ -2330,9 +2336,9 @@
{
DisasContext *ctx = container_of(dcbase, DisasContext, base);
- if (ctx->tbflags & GUSA_EXCLUSIVE) {
+ if (ctx->tbflags & TB_FLAG_GUSA_EXCLUSIVE) {
/* Ending the region of exclusivity. Clear the bits. */
- ctx->envflags &= ~GUSA_MASK;
+ ctx->envflags &= ~TB_FLAG_GUSA_MASK;
}
switch (ctx->base.is_jmp) {
diff --git a/target/sparc/cpu.c b/target/sparc/cpu.c
index 55268ed..1f9ef7a 100644
--- a/target/sparc/cpu.c
+++ b/target/sparc/cpu.c
@@ -693,12 +693,19 @@
cpu->env.npc = value + 4;
}
+static vaddr sparc_cpu_get_pc(CPUState *cs)
+{
+ SPARCCPU *cpu = SPARC_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void sparc_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
SPARCCPU *cpu = SPARC_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
cpu->env.npc = tb->cs_base;
}
@@ -896,6 +903,7 @@
cc->memory_rw_debug = sparc_cpu_memory_rw_debug;
#endif
cc->set_pc = sparc_cpu_set_pc;
+ cc->get_pc = sparc_cpu_get_pc;
cc->gdb_read_register = sparc_cpu_gdb_read_register;
cc->gdb_write_register = sparc_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/tricore/cpu.c b/target/tricore/cpu.c
index b95682b..ab7a1e3 100644
--- a/target/tricore/cpu.c
+++ b/target/tricore/cpu.c
@@ -41,13 +41,21 @@
env->PC = value & ~(target_ulong)1;
}
+static vaddr tricore_cpu_get_pc(CPUState *cs)
+{
+ TriCoreCPU *cpu = TRICORE_CPU(cs);
+ CPUTriCoreState *env = &cpu->env;
+
+ return env->PC;
+}
+
static void tricore_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
TriCoreCPU *cpu = TRICORE_CPU(cs);
CPUTriCoreState *env = &cpu->env;
- env->PC = tb->pc;
+ env->PC = tb_pc(tb);
}
static void tricore_cpu_reset(DeviceState *dev)
@@ -176,6 +184,7 @@
cc->dump_state = tricore_cpu_dump_state;
cc->set_pc = tricore_cpu_set_pc;
+ cc->get_pc = tricore_cpu_get_pc;
cc->sysemu_ops = &tricore_sysemu_ops;
cc->tcg_ops = &tricore_tcg_ops;
}
diff --git a/target/xtensa/cpu.c b/target/xtensa/cpu.c
index fd553fd..cbbe0e8 100644
--- a/target/xtensa/cpu.c
+++ b/target/xtensa/cpu.c
@@ -44,6 +44,13 @@
cpu->env.pc = value;
}
+static vaddr xtensa_cpu_get_pc(CPUState *cs)
+{
+ XtensaCPU *cpu = XTENSA_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static bool xtensa_cpu_has_work(CPUState *cs)
{
#ifndef CONFIG_USER_ONLY
@@ -233,6 +240,7 @@
cc->has_work = xtensa_cpu_has_work;
cc->dump_state = xtensa_cpu_dump_state;
cc->set_pc = xtensa_cpu_set_pc;
+ cc->get_pc = xtensa_cpu_get_pc;
cc->gdb_read_register = xtensa_cpu_gdb_read_register;
cc->gdb_write_register = xtensa_cpu_gdb_write_register;
cc->gdb_stop_before_watchpoint = true;
diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc
index 1cbd047..e3dba47 100644
--- a/tcg/ppc/tcg-target.c.inc
+++ b/tcg/ppc/tcg-target.c.inc
@@ -1847,44 +1847,101 @@
tcg_out32(s, insn);
}
+static inline uint64_t make_pair(tcg_insn_unit i1, tcg_insn_unit i2)
+{
+ if (HOST_BIG_ENDIAN) {
+ return (uint64_t)i1 << 32 | i2;
+ }
+ return (uint64_t)i2 << 32 | i1;
+}
+
+static inline void ppc64_replace2(uintptr_t rx, uintptr_t rw,
+ tcg_insn_unit i0, tcg_insn_unit i1)
+{
+#if TCG_TARGET_REG_BITS == 64
+ qatomic_set((uint64_t *)rw, make_pair(i0, i1));
+ flush_idcache_range(rx, rw, 8);
+#else
+ qemu_build_not_reached();
+#endif
+}
+
+static inline void ppc64_replace4(uintptr_t rx, uintptr_t rw,
+ tcg_insn_unit i0, tcg_insn_unit i1,
+ tcg_insn_unit i2, tcg_insn_unit i3)
+{
+ uint64_t p[2];
+
+ p[!HOST_BIG_ENDIAN] = make_pair(i0, i1);
+ p[HOST_BIG_ENDIAN] = make_pair(i2, i3);
+
+ /*
+ * There's no convenient way to get the compiler to allocate a pair
+ * of registers at an even index, so copy into r6/r7 and clobber.
+ */
+ asm("mr %%r6, %1\n\t"
+ "mr %%r7, %2\n\t"
+ "stq %%r6, %0"
+ : "=Q"(*(__int128 *)rw) : "r"(p[0]), "r"(p[1]) : "r6", "r7");
+ flush_idcache_range(rx, rw, 16);
+}
+
void tb_target_set_jmp_target(uintptr_t tc_ptr, uintptr_t jmp_rx,
uintptr_t jmp_rw, uintptr_t addr)
{
- if (TCG_TARGET_REG_BITS == 64) {
- tcg_insn_unit i1, i2;
- intptr_t tb_diff = addr - tc_ptr;
- intptr_t br_diff = addr - (jmp_rx + 4);
- uint64_t pair;
+ tcg_insn_unit i0, i1, i2, i3;
+ intptr_t tb_diff = addr - tc_ptr;
+ intptr_t br_diff = addr - (jmp_rx + 4);
+ intptr_t lo, hi;
- /* This does not exercise the range of the branch, but we do
- still need to be able to load the new value of TCG_REG_TB.
- But this does still happen quite often. */
- if (tb_diff == (int16_t)tb_diff) {
- i1 = ADDI | TAI(TCG_REG_TB, TCG_REG_TB, tb_diff);
- i2 = B | (br_diff & 0x3fffffc);
- } else {
- intptr_t lo = (int16_t)tb_diff;
- intptr_t hi = (int32_t)(tb_diff - lo);
- assert(tb_diff == hi + lo);
- i1 = ADDIS | TAI(TCG_REG_TB, TCG_REG_TB, hi >> 16);
- i2 = ADDI | TAI(TCG_REG_TB, TCG_REG_TB, lo);
- }
-#if HOST_BIG_ENDIAN
- pair = (uint64_t)i1 << 32 | i2;
-#else
- pair = (uint64_t)i2 << 32 | i1;
-#endif
-
- /* As per the enclosing if, this is ppc64. Avoid the _Static_assert
- within qatomic_set that would fail to build a ppc32 host. */
- qatomic_set__nocheck((uint64_t *)jmp_rw, pair);
- flush_idcache_range(jmp_rx, jmp_rw, 8);
- } else {
+ if (TCG_TARGET_REG_BITS == 32) {
intptr_t diff = addr - jmp_rx;
tcg_debug_assert(in_range_b(diff));
qatomic_set((uint32_t *)jmp_rw, B | (diff & 0x3fffffc));
flush_idcache_range(jmp_rx, jmp_rw, 4);
+ return;
}
+
+ /*
+ * For 16-bit displacements, we can use a single add + branch.
+ * This happens quite often.
+ */
+ if (tb_diff == (int16_t)tb_diff) {
+ i0 = ADDI | TAI(TCG_REG_TB, TCG_REG_TB, tb_diff);
+ i1 = B | (br_diff & 0x3fffffc);
+ ppc64_replace2(jmp_rx, jmp_rw, i0, i1);
+ return;
+ }
+
+ lo = (int16_t)tb_diff;
+ hi = (int32_t)(tb_diff - lo);
+ assert(tb_diff == hi + lo);
+ i0 = ADDIS | TAI(TCG_REG_TB, TCG_REG_TB, hi >> 16);
+ i1 = ADDI | TAI(TCG_REG_TB, TCG_REG_TB, lo);
+
+ /*
+ * Without stq from 2.07, we can only update two insns,
+ * and those must be the ones that load the target address.
+ */
+ if (!have_isa_2_07) {
+ ppc64_replace2(jmp_rx, jmp_rw, i0, i1);
+ return;
+ }
+
+ /*
+ * For 26-bit displacements, we can use a direct branch.
+ * Otherwise we still need the indirect branch, which we
+ * must restore after a potential direct branch write.
+ */
+ br_diff -= 4;
+ if (in_range_b(br_diff)) {
+ i2 = B | (br_diff & 0x3fffffc);
+ i3 = NOP;
+ } else {
+ i2 = MTSPR | RS(TCG_REG_TB) | CTR;
+ i3 = BCCTR | BO_ALWAYS;
+ }
+ ppc64_replace4(jmp_rx, jmp_rw, i0, i1, i2, i3);
}
static void tcg_out_call_int(TCGContext *s, int lk,
@@ -2574,8 +2631,8 @@
if (s->tb_jmp_insn_offset) {
/* Direct jump. */
if (TCG_TARGET_REG_BITS == 64) {
- /* Ensure the next insns are 8-byte aligned. */
- if ((uintptr_t)s->code_ptr & 7) {
+ /* Ensure the next insns are 8 or 16-byte aligned. */
+ while ((uintptr_t)s->code_ptr & (have_isa_2_07 ? 15 : 7)) {
tcg_out32(s, NOP);
}
s->tb_jmp_insn_offset[args[0]] = tcg_current_code_size(s);
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 0f9cfe9..612a12f 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -4188,7 +4188,7 @@
#endif
-int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
+int tcg_gen_code(TCGContext *s, TranslationBlock *tb, target_ulong pc_start)
{
#ifdef CONFIG_PROFILER
TCGProfile *prof = &s->prof;
@@ -4218,7 +4218,7 @@
#ifdef DEBUG_DISAS
if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP)
- && qemu_log_in_addr_range(tb->pc))) {
+ && qemu_log_in_addr_range(pc_start))) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
fprintf(logfile, "OP:\n");
@@ -4265,7 +4265,7 @@
if (s->nb_indirects > 0) {
#ifdef DEBUG_DISAS
if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP_IND)
- && qemu_log_in_addr_range(tb->pc))) {
+ && qemu_log_in_addr_range(pc_start))) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
fprintf(logfile, "OP before indirect lowering:\n");
@@ -4288,7 +4288,7 @@
#ifdef DEBUG_DISAS
if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP_OPT)
- && qemu_log_in_addr_range(tb->pc))) {
+ && qemu_log_in_addr_range(pc_start))) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
fprintf(logfile, "OP after optimization and liveness analysis:\n");
diff --git a/tests/qemu-iotests/172.out b/tests/qemu-iotests/172.out
index 9479b92..07eebf3 100644
--- a/tests/qemu-iotests/172.out
+++ b/tests/qemu-iotests/172.out
@@ -28,6 +28,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
@@ -55,6 +57,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -92,6 +96,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -104,6 +110,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
floppy1 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -145,6 +153,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -157,6 +167,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -199,6 +211,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
dev: floppy, id ""
unit = 0 (0x0)
@@ -211,6 +225,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
@@ -238,6 +254,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -275,6 +293,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -287,6 +307,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
floppy1 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -328,6 +350,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -340,6 +364,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -385,6 +411,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -422,6 +450,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -459,6 +489,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -471,6 +503,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -522,6 +556,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -534,6 +570,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -576,6 +614,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -588,6 +628,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -630,6 +672,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 1 (0x1)
@@ -642,6 +686,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy1 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -684,6 +730,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 1 (0x1)
@@ -696,6 +744,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy1 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -747,6 +797,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -759,6 +811,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -801,6 +855,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
dev: floppy, id ""
unit = 0 (0x0)
@@ -813,6 +869,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
floppy0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/unattached/device[N]
@@ -861,6 +919,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -928,6 +988,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
Testing: -device floppy,drive-type=120
@@ -952,6 +1014,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "120"
Testing: -device floppy,drive-type=144
@@ -976,6 +1040,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
Testing: -device floppy,drive-type=288
@@ -1000,6 +1066,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
@@ -1027,6 +1095,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "120"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -1064,6 +1134,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "288"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -1104,6 +1176,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
@@ -1141,6 +1215,8 @@
discard_granularity = 4294967295 (4 GiB)
write-cache = "auto"
share-rw = false
+ account-invalid = "auto"
+ account-failed = "auto"
drive-type = "144"
none0 (NODE_NAME): TEST_DIR/t.qcow2 (qcow2)
Attached to: /machine/peripheral-anon/device[N]
diff --git a/tests/qemu-iotests/227.out b/tests/qemu-iotests/227.out
index 9c09ee3..378c1b8 100644
--- a/tests/qemu-iotests/227.out
+++ b/tests/qemu-iotests/227.out
@@ -188,7 +188,7 @@
],
"failed_unmap_operations": 0,
"failed_flush_operations": 0,
- "account_invalid": false,
+ "account_invalid": true,
"rd_total_time_ns": 0,
"invalid_unmap_operations": 0,
"flush_operations": 0,
@@ -198,7 +198,7 @@
"rd_bytes": 0,
"unmap_total_time_ns": 0,
"invalid_flush_operations": 0,
- "account_failed": false,
+ "account_failed": true,
"rd_operations": 0,
"invalid_wr_operations": 0,
"invalid_rd_operations": 0
diff --git a/tests/qemu-iotests/tests/backing-file-invalidation b/tests/qemu-iotests/tests/backing-file-invalidation
new file mode 100755
index 0000000..4eccc80
--- /dev/null
+++ b/tests/qemu-iotests/tests/backing-file-invalidation
@@ -0,0 +1,152 @@
+#!/usr/bin/env python3
+# group: rw migration
+#
+# Migrate a VM with a BDS with backing nodes, which runs
+# bdrv_invalidate_cache(), which for qcow2 and qed triggers reading the
+# backing file string from the image header. Check whether this
+# interferes with bdrv_backing_overridden().
+#
+# Copyright (C) 2022 Red Hat, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+import json
+import os
+from typing import Optional
+
+import iotests
+from iotests import qemu_img_create, qemu_img_info
+
+
+image_size = 1 * 1024 * 1024
+imgs = [os.path.join(iotests.test_dir, f'{i}.img') for i in range(0, 4)]
+
+mig_sock = os.path.join(iotests.sock_dir, 'mig.sock')
+
+
+class TestPostMigrateFilename(iotests.QMPTestCase):
+ vm_s: Optional[iotests.VM] = None
+ vm_d: Optional[iotests.VM] = None
+
+ def setUp(self) -> None:
+ # Create backing chain of three images, where the backing file strings
+ # are json:{} filenames
+ qemu_img_create('-f', iotests.imgfmt, imgs[0], str(image_size))
+ for i in range(1, 3):
+ backing = {
+ 'driver': iotests.imgfmt,
+ 'file': {
+ 'driver': 'file',
+ 'filename': imgs[i - 1]
+ }
+ }
+ qemu_img_create('-f', iotests.imgfmt, '-F', iotests.imgfmt,
+ '-b', 'json:' + json.dumps(backing),
+ imgs[i], str(image_size))
+
+ def tearDown(self) -> None:
+ if self.vm_s is not None:
+ self.vm_s.shutdown()
+ if self.vm_d is not None:
+ self.vm_d.shutdown()
+
+ for img in imgs:
+ try:
+ os.remove(img)
+ except OSError:
+ pass
+ try:
+ os.remove(mig_sock)
+ except OSError:
+ pass
+
+ def test_migration(self) -> None:
+ """
+ Migrate a VM with the backing chain created in setUp() attached. At
+ the end of the migration process, the destination will run
+ bdrv_invalidate_cache(), which for some image formats (qcow2 and qed)
+ means the backing file string is re-read from the image header. If
+ this overwrites bs->auto_backing_file, doing so may cause
+ bdrv_backing_overridden() to become true: The image header reports a
+ json:{} filename, but when opening it, bdrv_refresh_filename() will
+ simplify it to a plain simple filename; and when bs->auto_backing_file
+ and bs->backing->bs->filename differ, bdrv_backing_overridden() becomes
+ true.
+ If bdrv_backing_overridden() is true, the BDS will be forced to get a
+ json:{} filename, which in general is not the end of the world, but not
+ great. Check whether that happens, i.e. whether migration changes the
+ node's filename.
+ """
+
+ blockdev = {
+ 'node-name': 'node0',
+ 'driver': iotests.imgfmt,
+ 'file': {
+ 'driver': 'file',
+ 'filename': imgs[2]
+ }
+ }
+
+ self.vm_s = iotests.VM(path_suffix='a') \
+ .add_blockdev(json.dumps(blockdev))
+ self.vm_d = iotests.VM(path_suffix='b') \
+ .add_blockdev(json.dumps(blockdev)) \
+ .add_incoming(f'unix:{mig_sock}')
+
+ assert self.vm_s is not None
+ assert self.vm_d is not None
+
+ self.vm_s.launch()
+ self.vm_d.launch()
+
+ pre_mig_filename = self.vm_s.node_info('node0')['file']
+
+ self.vm_s.qmp('migrate', uri=f'unix:{mig_sock}')
+
+ # Wait for migration to be done
+ self.vm_s.event_wait('STOP')
+ self.vm_d.event_wait('RESUME')
+
+ post_mig_filename = self.vm_d.node_info('node0')['file']
+
+ # Verify that the filename hasn't changed from before the migration
+ self.assertEqual(pre_mig_filename, post_mig_filename)
+
+ self.vm_s.shutdown()
+ self.vm_s = None
+
+ # For good measure, try creating an overlay and check its backing
+ # chain below. This is how the issue was originally found.
+ result = self.vm_d.qmp('blockdev-snapshot-sync',
+ format=iotests.imgfmt,
+ snapshot_file=imgs[3],
+ node_name='node0',
+ snapshot_node_name='node0-overlay')
+ self.assert_qmp(result, 'return', {})
+
+ self.vm_d.shutdown()
+ self.vm_d = None
+
+ # Check the newly created overlay's backing chain
+ chain = qemu_img_info('--backing-chain', imgs[3])
+ for index, image in enumerate(chain):
+ self.assertEqual(image['filename'], imgs[3 - index])
+
+
+if __name__ == '__main__':
+ # These are the image formats that run their open() function from their
+ # .bdrv_co_invaliate_cache() implementations, so test them
+ iotests.main(supported_fmts=['qcow2', 'qed'],
+ supported_protocols=['file'])
diff --git a/tests/qemu-iotests/tests/backing-file-invalidation.out b/tests/qemu-iotests/tests/backing-file-invalidation.out
new file mode 100644
index 0000000..ae1213e
--- /dev/null
+++ b/tests/qemu-iotests/tests/backing-file-invalidation.out
@@ -0,0 +1,5 @@
+.
+----------------------------------------------------------------------
+Ran 1 tests
+
+OK
diff --git a/tests/qtest/dbus-display-test.c b/tests/qtest/dbus-display-test.c
index 8be5974..cb1b62d 100644
--- a/tests/qtest/dbus-display-test.c
+++ b/tests/qtest/dbus-display-test.c
@@ -3,7 +3,7 @@
#include <gio/gio.h>
#include <gio/gunixfdlist.h>
#include "libqtest.h"
-#include "dbus-display1.h"
+#include "ui/dbus-display1.h"
static GDBusConnection*
test_dbus_p2p_from_fd(int fd)
diff --git a/tests/qtest/ide-test.c b/tests/qtest/ide-test.c
index 4ea89c2..dbe1563 100644
--- a/tests/qtest/ide-test.c
+++ b/tests/qtest/ide-test.c
@@ -90,6 +90,7 @@
enum {
CMD_DSM = 0x06,
+ CMD_DIAGNOSE = 0x90,
CMD_READ_DMA = 0xc8,
CMD_WRITE_DMA = 0xca,
CMD_FLUSH_CACHE = 0xe7,
@@ -121,7 +122,7 @@
static QPCIBus *pcibus = NULL;
static QGuestAllocator guest_malloc;
-static char *tmp_path;
+static char *tmp_path[2];
static char *debug_path;
static QTestState *ide_test_start(const char *cmdline_fmt, ...)
@@ -310,7 +311,7 @@
qts = ide_test_start(
"-drive file=%s,if=ide,cache=writeback,format=raw "
"-global ide-hd.serial=%s -global ide-hd.ver=%s",
- tmp_path, "testdisk", "version");
+ tmp_path[0], "testdisk", "version");
qtest_irq_intercept_in(qts, "ioapic");
return qts;
@@ -574,7 +575,7 @@
qts = ide_test_start(
"-drive file=%s,if=ide,cache=writeback,format=raw "
"-global ide-hd.serial=%s -global ide-hd.ver=%s",
- tmp_path, "testdisk", "version");
+ tmp_path[0], "testdisk", "version");
dev = get_pci_device(qts, &bmdma_bar, &ide_bar);
@@ -614,6 +615,36 @@
free_pci_device(dev);
}
+static void test_diagnostic(void)
+{
+ QTestState *qts;
+ QPCIDevice *dev;
+ QPCIBar bmdma_bar, ide_bar;
+ uint8_t data;
+
+ qts = ide_test_start(
+ "-blockdev driver=file,node-name=hda,filename=%s "
+ "-blockdev driver=file,node-name=hdb,filename=%s "
+ "-device ide-hd,drive=hda,bus=ide.0,unit=0 "
+ "-device ide-hd,drive=hdb,bus=ide.0,unit=1 ",
+ tmp_path[0], tmp_path[1]);
+
+ dev = get_pci_device(qts, &bmdma_bar, &ide_bar);
+
+ /* DIAGNOSE command on device 1 */
+ qpci_io_writeb(dev, ide_bar, reg_device, DEV);
+ data = qpci_io_readb(dev, ide_bar, reg_device);
+ g_assert_cmphex(data & DEV, ==, DEV);
+ qpci_io_writeb(dev, ide_bar, reg_command, CMD_DIAGNOSE);
+
+ /* Verify that DEVICE is now 0 */
+ data = qpci_io_readb(dev, ide_bar, reg_device);
+ g_assert_cmphex(data & DEV, ==, 0);
+
+ ide_test_quit(qts);
+ free_pci_device(dev);
+}
+
/*
* Write sector 1 with random data to make IDE storage dirty
* Needed for flush tests so that flushes actually go though the block layer
@@ -662,7 +693,7 @@
qts = ide_test_start(
"-drive file=blkdebug::%s,if=ide,cache=writeback,format=raw",
- tmp_path);
+ tmp_path[0]);
dev = get_pci_device(qts, &bmdma_bar, &ide_bar);
@@ -713,7 +744,7 @@
qts = ide_test_start(
"-drive file=blkdebug:%s:%s,if=ide,cache=writeback,format=raw,"
"rerror=stop,werror=stop",
- debug_path, tmp_path);
+ debug_path, tmp_path[0]);
dev = get_pci_device(qts, &bmdma_bar, &ide_bar);
@@ -892,14 +923,14 @@
/* Prepopulate the CDROM with an interesting pattern */
generate_pattern(pattern, patt_len, ATAPI_BLOCK_SIZE);
- fh = fopen(tmp_path, "wb+");
+ fh = fopen(tmp_path[0], "wb+");
ret = fwrite(pattern, ATAPI_BLOCK_SIZE, patt_blocks, fh);
g_assert_cmpint(ret, ==, patt_blocks);
fclose(fh);
qts = ide_test_start(
"-drive if=none,file=%s,media=cdrom,format=raw,id=sr0,index=0 "
- "-device ide-cd,drive=sr0,bus=ide.0", tmp_path);
+ "-device ide-cd,drive=sr0,bus=ide.0", tmp_path[0]);
dev = get_pci_device(qts, &bmdma_bar, &ide_bar);
qtest_irq_intercept_in(qts, "ioapic");
@@ -985,7 +1016,7 @@
qts = ide_test_start(
"-drive if=none,file=%s,media=cdrom,format=raw,id=sr0,index=0 "
- "-device ide-cd,drive=sr0,bus=ide.0", tmp_path);
+ "-device ide-cd,drive=sr0,bus=ide.0", tmp_path[0]);
qtest_irq_intercept_in(qts, "ioapic");
guest_buf = guest_alloc(&guest_malloc, len);
@@ -993,7 +1024,7 @@
prdt[0].size = cpu_to_le32(len | PRDT_EOT);
generate_pattern(pattern, ATAPI_BLOCK_SIZE * 16, ATAPI_BLOCK_SIZE);
- fh = fopen(tmp_path, "wb+");
+ fh = fopen(tmp_path[0], "wb+");
ret = fwrite(pattern, ATAPI_BLOCK_SIZE, 16, fh);
g_assert_cmpint(ret, ==, 16);
fclose(fh);
@@ -1012,6 +1043,7 @@
int main(int argc, char **argv)
{
const char *base;
+ int i;
int fd;
int ret;
@@ -1035,18 +1067,22 @@
close(fd);
/* Create a temporary raw image */
- tmp_path = g_strdup_printf("%s/qtest.XXXXXX", base);
- fd = g_mkstemp(tmp_path);
- g_assert(fd >= 0);
- ret = ftruncate(fd, TEST_IMAGE_SIZE);
- g_assert(ret == 0);
- close(fd);
+ for (i = 0; i < 2; ++i) {
+ tmp_path[i] = g_strdup_printf("%s/qtest.XXXXXX", base);
+ fd = g_mkstemp(tmp_path[i]);
+ g_assert(fd >= 0);
+ ret = ftruncate(fd, TEST_IMAGE_SIZE);
+ g_assert(ret == 0);
+ close(fd);
+ }
/* Run the tests */
g_test_init(&argc, &argv, NULL);
qtest_add_func("/ide/identify", test_identify);
+ qtest_add_func("/ide/diagnostic", test_diagnostic);
+
qtest_add_func("/ide/bmdma/simple_rw", test_bmdma_simple_rw);
qtest_add_func("/ide/bmdma/trim", test_bmdma_trim);
qtest_add_func("/ide/bmdma/various_prdts", test_bmdma_various_prdts);
@@ -1064,8 +1100,10 @@
ret = g_test_run();
/* Cleanup */
- unlink(tmp_path);
- g_free(tmp_path);
+ for (i = 0; i < 2; ++i) {
+ unlink(tmp_path[i]);
+ g_free(tmp_path[i]);
+ }
unlink(debug_path);
g_free(debug_path);
diff --git a/trace/control-target.c b/trace/control-target.c
index 8418673..232c97a 100644
--- a/trace/control-target.c
+++ b/trace/control-target.c
@@ -65,7 +65,7 @@
{
bitmap_copy(vcpu->trace_dstate, vcpu->trace_dstate_delayed,
CPU_TRACE_DSTATE_MAX_EVENTS);
- cpu_tb_jmp_cache_clear(vcpu);
+ tcg_flush_jmp_cache(vcpu);
}
void trace_event_set_vcpu_state_dynamic(CPUState *vcpu,
diff --git a/ui/dbus.h b/ui/dbus.h
index c001c11..9c149e7 100644
--- a/ui/dbus.h
+++ b/ui/dbus.h
@@ -31,7 +31,7 @@
#include "ui/console.h"
#include "ui/clipboard.h"
-#include "dbus-display1.h"
+#include "ui/dbus-display1.h"
typedef struct DBusClipboardRequest {
GDBusMethodInvocation *invocation;
diff --git a/util/oslib-posix.c b/util/oslib-posix.c
index d55af69..827a7aa 100644
--- a/util/oslib-posix.c
+++ b/util/oslib-posix.c
@@ -253,6 +253,25 @@
assert(f != -1);
}
+int qemu_socketpair(int domain, int type, int protocol, int sv[2])
+{
+ int ret;
+
+#ifdef SOCK_CLOEXEC
+ ret = socketpair(domain, type | SOCK_CLOEXEC, protocol, sv);
+ if (ret != -1 || errno != EINVAL) {
+ return ret;
+ }
+#endif
+ ret = socketpair(domain, type, protocol, sv);;
+ if (ret == 0) {
+ qemu_set_cloexec(sv[0]);
+ qemu_set_cloexec(sv[1]);
+ }
+
+ return ret;
+}
+
char *
qemu_get_local_state_dir(void)
{
