When translating "imask" instruction of Tricore architecture, QEMU did not
check whether the register index was out of bounds, resulting in a
global-buffer-overflow.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1698
Reported-by: Siqi Chen
Signed-off-by: Siqi Chen
---
target/tricor
Hi Daniel,
I think this checking can be removed too. Would you send a patch to
fix it? Or I can remove it in this patch.
Regards,
Yong-Xuan
On Tue, Jun 6, 2023 at 2:45 AM Daniel Henrique Barboza
wrote:
>
>
>
> On 5/26/23 03:25, Yong-Xuan Wang wrote:
> > Remove M mode AIA devices when using KVM
On 2023/5/30 21:18, Christoph Muellner wrote:
From: Christoph Müllner
The enum value 'rv_op_illegal' does not represent an
instruction, but is a catch-all value in case we have
no match in the decoder. Let's make the value a shared
one, so that other compile units can reuse it.
Signed-off-by
On 2023/5/30 21:18, Christoph Muellner wrote:
From: Christoph Müllner
The file target/riscv/cpu.h cannot be included by files outside
of target/riscv/. To share data with other parts of QEMU (e.g.
the disassembler) we need to factor out the relevant code.
Therefore, this patch moves the defin
On 2023/5/30 21:18, Christoph Muellner wrote:
From: Christoph Müllner
The disassembler needs the available extensions in order
to properly decode instructions in case of overlapping
encodings (e.g. for vendor extensions).
Let's use the field 'disassemble_info::private_data' to store
our RISC
On 2023/5/29 20:17, Weiwei Li wrote:
SXL is initialized as env->misa_mxl which is also the mxl value.
So we can just remain it unchanged to keep it read-only.
Signed-off-by: Weiwei Li
Signed-off-by: Junqiang Wang
---
target/riscv/csr.c | 4
1 file changed, 4 deletions(-)
diff --git
On 2023/6/12 12:35, Weiwei Li wrote:
On 2023/6/12 11:18, LIU Zhiwei wrote:
On 2023/6/12 11:16, Weiwei Li wrote:
On 2023/6/12 11:08, LIU Zhiwei wrote:
On 2023/5/29 20:17, Weiwei Li wrote:
MPV and GVA bits are added by hypervisor extension to mstatus
and mstatush (if MXLEN=32).
Have you
On Thu, Jun 8, 2023 at 5:25 PM Tommy Wu wrote:
>
> Signed-off-by: Frank Chang
> Signed-off-by: Tommy Wu
> ---
> hw/riscv/riscv_hart.c | 21 +
> include/hw/riscv/riscv_hart.h | 4
> target/riscv/cpu.c| 13 +
> target/riscv/cpu.h
On 26/05/23 5:20 pm, Tejus GK wrote:
> Hi everyone,
>
> This patchset aims to cover code paths in the source code where a
> migration is marked as failed via MIGRATION_STATUS_FAILED, however the
> failure exists outside of migration.c, and without a call for
> migrate_set_error at this place
On Thu, Jun 8, 2023 at 5:25 PM Tommy Wu wrote:
>
> Signed-off-by: Frank Chang
> Signed-off-by: Tommy Wu
Reviewed-by: Alistair Francis
Alistair
> ---
> target/riscv/cpu.c | 5 +++
> target/riscv/cpu.h | 4 ++
> target/riscv/cpu_bits.h | 11 ++
> target/riscv/csr.c | 82 +
On 23/05/23 6:16 pm, Tejus GK wrote:
> Hi everyone,
>
> Thank you for the reviews, this is the v4 patchset based on the reviews
> received on the previous ones.
>
> Links to the previous patchsets:
> v1: https://lists.gnu.org/archive/html/qemu-devel/2023-05/msg00868.html
> v2: https://lists.gnu.
On 2023/6/12 11:18, LIU Zhiwei wrote:
On 2023/6/12 11:16, Weiwei Li wrote:
On 2023/6/12 11:08, LIU Zhiwei wrote:
On 2023/5/29 20:17, Weiwei Li wrote:
MPV and GVA bits are added by hypervisor extension to mstatus
and mstatush (if MXLEN=32).
Have you found the CSR field specifications for
On Fri, Jun 9, 2023 at 4:01 PM Tommy Wu wrote:
>
> According to the `The RISC-V Advanced Interrupt Architecture`
> document, if register `mmsiaddrcfgh` of the domain has bit L set
> to one, then `smsiaddrcfg` and `smsiaddrcfgh` are locked as
> read-only alongside `mmsiaddrcfg` and `mmsiaddrcfgh`.
On Wed, May 31, 2023 at 5:48 AM Daniel Henrique Barboza
wrote:
>
> Allow 'marchid' and 'mimpid' to also be initialized in
> kvm_riscv_init_machine_ids().
>
> After this change, the handling of mvendorid/marchid/mimpid for the
> 'host' CPU type will be equal to what we already have for TCG named
>
On Wed, May 31, 2023 at 5:50 AM Daniel Henrique Barboza
wrote:
>
> Certain validations, such as the validations done for the machine IDs
> (mvendorid/marchid/mimpid), are done before starting the CPU.
> Non-dynamic (named) CPUs tries to match user input with a preset
> default. As it is today we c
On Wed, May 31, 2023 at 5:49 AM Daniel Henrique Barboza
wrote:
>
> We're going to change the handling of mvendorid/marchid/mimpid by the
> KVM driver. Since these are always present in all CPUs let's put the
> same validation for everyone.
>
> It doesn't make sense to allow 'mvendorid' to be diffe
On Wed, May 31, 2023 at 5:48 AM Daniel Henrique Barboza
wrote:
>
> The absence of a satp mode in riscv_host_cpu_init() is causing the
> following error:
>
> $ sudo ./qemu/build/qemu-system-riscv64 -machine virt,accel=kvm \
> -m 2G -smp 1 -nographic -snapshot \
> -kernel ./guest_imgs/Imag
On Tue, Jun 6, 2023 at 2:47 AM Himanshu Chauhan
wrote:
>
> On an address match, skip checking for default permissions and return error
> based on access defined in PMP configuration.
>
> v3 Changes:
> o Removed explicit return of boolean value from comparision
> of priv/allowed_priv
>
> v2 Chang
On Wed, Jun 7, 2023 at 7:13 PM Xiao Wang wrote:
>
> Commit 752614cab8e6 ("target/riscv: rvv: Add tail agnostic for vector
> load / store instructions") added an extra check for LMUL fragmentation,
> intended for setting the "rest tail elements" in the last register for a
> segment load insn.
>
> A
On Wed, Jun 7, 2023 at 6:56 AM Daniel Henrique Barboza
wrote:
>
>
>
> On 6/6/23 16:46, Loïc Lefort wrote:
> > On Tue, Jun 6, 2023 at 1:39 PM Himanshu Chauhan
> > wrote:
> >>
> >> Smepmp is a ratified extension which qemu refers to as epmp.
> >> Rename epmp to smepmp and add it to extension list s
On Tue, May 30, 2023 at 11:21 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> Support for emulating XThead* instruction has been added recently.
> This patch adds support for these instructions to the RISC-V disassembler.
>
> Co-developed-by: LIU Zhiwei
> Signed-off-by: Christoph Mü
On Tue, May 30, 2023 at 11:23 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> This patch adds XVentanaCondOps support to the RISC-V disassembler.
>
> Co-developed-by: LIU Zhiwei
> Signed-off-by: Christoph Müllner
Acked-by: Alistair Francis
Alistair
> ---
> disas/meson.build
On 6/11/23 11:52, Bastian Koppelmann wrote:
this is based on code by volumit (https://github.com/volumit/qemu/)
Signed-off-by: Bastian Koppelmann
---
v1 -> v2:
- Shuffle now uses shifts, instead of a buffer
- Shuffle now does rev8 for all bytes in parallel
target/tricore/helper.h
On Tue, May 30, 2023 at 11:21 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> A previous patch provides a pointer to the RISCVCPUConfig data.
> Let's use this to add the necessary code for vendor extensions.
> This patch does not change the current behaviour, but clearly
> defines ho
On Tue, May 30, 2023 at 11:20 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> The disassembler needs the available extensions in order
> to properly decode instructions in case of overlapping
> encodings (e.g. for vendor extensions).
>
> Let's use the field 'disassemble_info::private
On 2023/6/12 11:10, Weiwei Li wrote:
On 2023/6/12 10:45, LIU Zhiwei wrote:
On 2023/5/29 20:17, Weiwei Li wrote:
Upon MRET or explicit memory access with MPRV=1, MPV should be ignored
when MPP=PRV_M.
Does MPP==PRV_M always indicate the MPV==0?
No, I think . The spec doesn't restrict this.
On Tue, May 30, 2023 at 11:23 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> This patch adds a reference to a struct rv_opcode_data object
> into struct rv_decode. This further allows to remove all references
> to the global variable opcode_data (which is renamed to rvi_opcode_data)
On Tue, May 30, 2023 at 11:22 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> The enum value 'rv_op_illegal' does not represent an
> instruction, but is a catch-all value in case we have
> no match in the decoder. Let's make the value a shared
> one, so that other compile units can r
On Tue, May 30, 2023 at 11:23 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> In order to enable vendor disassembler support, we need to
> move types and constants into a header file so that other
> compilation units can use them as well.
>
> This patch does not introduce any functio
On Tue, May 30, 2023 at 11:21 PM Christoph Muellner
wrote:
>
> From: Christoph Müllner
>
> The file target/riscv/cpu.h cannot be included by files outside
> of target/riscv/. To share data with other parts of QEMU (e.g.
> the disassembler) we need to factor out the relevant code.
> Therefore, thi
On 2023/6/12 11:16, Weiwei Li wrote:
On 2023/6/12 11:08, LIU Zhiwei wrote:
On 2023/5/29 20:17, Weiwei Li wrote:
MPV and GVA bits are added by hypervisor extension to mstatus
and mstatush (if MXLEN=32).
Have you found the CSR field specifications for them, especially for
GVA.
Yeah. in
On 2023/6/12 11:08, LIU Zhiwei wrote:
On 2023/5/29 20:17, Weiwei Li wrote:
MPV and GVA bits are added by hypervisor extension to mstatus
and mstatush (if MXLEN=32).
Have you found the CSR field specifications for them, especially for GVA.
Yeah. in the section 9.4.1 of the privilege spec:
On Fri, Jun 9, 2023 at 11:29 AM Tommy Wu wrote:
>
> According to the `The RISC-V Advanced Interrupt Architecture`
> document, if register `mmsiaddrcfgh` of the domain has bit L set
> to one, then `smsiaddrcfg` and `smsiaddrcfgh` are locked as
> read-only alongside `mmsiaddrcfg` and `mmsiaddrcfgh`.
On 2023/6/12 10:45, LIU Zhiwei wrote:
On 2023/5/29 20:17, Weiwei Li wrote:
Upon MRET or explicit memory access with MPRV=1, MPV should be ignored
when MPP=PRV_M.
Does MPP==PRV_M always indicate the MPV==0?
No, I think . The spec doesn't restrict this. When MPP=PRV_M, MPV wll be
0 in norma
On 2023/5/29 20:17, Weiwei Li wrote:
MPV and GVA bits are added by hypervisor extension to mstatus
and mstatush (if MXLEN=32).
Have you found the CSR field specifications for them, especially for GVA.
Zhiwei
Signed-off-by: Weiwei Li
Signed-off-by: Junqiang Wang
---
target/riscv/csr.c
On Fri, Jun 9, 2023 at 4:01 PM Tommy Wu wrote:
>
> According to the `The RISC-V Advanced Interrupt Architecture`
> document, if register `mmsiaddrcfgh` of the domain has bit L set
> to one, then `smsiaddrcfg` and `smsiaddrcfgh` are locked as
> read-only alongside `mmsiaddrcfg` and `mmsiaddrcfgh`.
On Fri, Jun 9, 2023 at 6:37 PM Tommy Wu wrote:
>
> Hi Alistair,
> Thanks for the suggestion! Do you mean
> ```
> ...
> g_free(cpu->dyn_csr_xml);
> riscv_gen_dynamic_csr_xml(cs, cpu-> gdb_num_regs - CSR_TABLE_SIZE);
> ...
> ``` ?
Yeah, pretty much. We already have cpu-> gdb_num_r
On 6/11/23 02:14, Alex Bennée wrote:
Richard Henderson writes:
This is a perfectly natural occurrence for x86 "rep movb",
where the "rep" prefix forms a counted loop of the one insn.
During the tests/tcg/multiarch/memory test, this logging is
triggered over 35 times. Within the context
On 2023/5/29 20:17, Weiwei Li wrote:
Upon MRET or explicit memory access with MPRV=1, MPV should be ignored
when MPP=PRV_M.
Does MPP==PRV_M always indicate the MPV==0?
Zhiwei
Signed-off-by: Weiwei Li
Signed-off-by: Junqiang Wang
---
target/riscv/cpu_helper.c | 3 ++-
target/riscv/op_h
On 2023/6/8 13:35, Xiao Wang wrote:
There's no code using MTYPE,
Yes, it means memory access type.
which was a concept used in older vector
implementation.
Signed-off-by: Xiao Wang
---
target/riscv/vector_helper.c | 6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/t
On Thu, Jun 8, 2023 at 3:32 PM Xiao Wang wrote:
>
> There's no code using MTYPE, which was a concept used in older vector
> implementation.
>
> Signed-off-by: Xiao Wang
Thanks!
Applied to riscv-to-apply.next
Alistair
> ---
> target/riscv/vector_helper.c | 6 +-
> 1 file changed, 1 insert
On Sat, Jun 10, 2023 at 7:48 PM Weiwei Li wrote:
>
> We initialize cur_pmmask as -1(UINT32_MAX/UINT64_MAX) and regard it
> as if pointer mask is disabled in current implementation. However,
> the addresses for vector load/store will be adjusted to zero in this
> case and -1(UINT32_MAX/UINT64_MAX)
On 2023/6/10 17:46, Weiwei Li wrote:
We initialize cur_pmmask as -1(UINT32_MAX/UINT64_MAX) and regard it
as if pointer mask is disabled in current implementation. However,
the addresses for vector load/store will be adjusted to zero in this
case and -1(UINT32_MAX/UINT64_MAX) is valid value for
The following points sometimes can reduce much data
to copy:
1. When width matches, we can transfer data with one
call of iov_to_buf().
2. Only the required height need to transfer, not
whole image.
Signed-off-by: Keqian Zhu
---
hw/display/virtio-gpu.c | 22 +++---
1 file changed
On 6/7/2023 8:24 PM, Fei Wu wrote:
> +void hmp_info_tb(Monitor *mon, const QDict *qdict)
> +{
> +const int id = qdict_get_int(qdict, "id");
> +g_autoptr(GString) buf = g_string_new("");
> +
> +if (!tcg_enabled()) {
> +monitor_printf(mon, "Only available with accel=tcg\n");
> +
On 6/9/2023 11:51 PM, Peter Maydell wrote:
> On Fri, 9 Jun 2023 at 15:32, Wu, Fei wrote:
>>
>> On 6/8/2023 5:23 PM, Peter Maydell wrote:
>>> On Thu, 8 Jun 2023 at 08:44, Wu, Fei wrote:
Is there any existing function to convert ram_addr_t to guest pa?
>>>
>>> Such a function would not be well
Hi Richard,
On 6/9/23 3:59 PM, Richard Henderson wrote:
On 6/9/23 10:07, Stefano Stabellini wrote:
From: Vikram Garhwal
Add a new machine xenpvh which creates a IOREQ server to
register/connect with
Xen Hypervisor.
Optional: When CONFIG_TPM is enabled, it also creates a
tpm-tis-device, add
We can get CPUState from env with env_cpu without going through
PowerPCCPU and casting that.
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 15 +++
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index 08
Most exceptions are raised with nip pointing to the faulting
instruction but the sc instruction generating a syscall exception
leaves nip pointing to next instruction. Fix gen_sc to not use
gen_exception_err() which sets nip back but correctly set nip to
pc_next so we don't have to patch this in th
Improve readability by shortening some long comments, removing
comments that state the obvious and dropping some empty lines so they
don't distract when reading the code.
Signed-off-by: BALATON Zoltan
---
target/ppc/cpu.h | 1 +
target/ppc/excp_helper.c | 180 +++---
Commit 7a3fe174b12d removed usage of POWERPC_SYSCALL_VECTORED, drop
the unused define as well.
Signed-off-by: BALATON Zoltan
---
target/ppc/translate.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index b591f2e496..a32a9b8a5f 100644
--- a/tar
Use the env_cpu function to get the CPUState for cpu_abort. These are
only needed in case of fatal errors so this allows to avoid casting
and storing CPUState in a local variable wnen not needed.
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 118 +--
CPUState is rarely needed by this function (only for logging a fatal
error) and it's easy to get from the env parameter so passing it
separately is not necessary.
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git
After previous changes the hypercall handling in 7xx and 74xx
exception handlers can be folded into one if statement to simpilfy
this code.
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 26 ++
1 file changed, 10 insertions(+), 16 deletions(-)
diff --git a/
Changing the parameter of cpu_interrupt_exittb() from CPUState to env
allows removing some more local CPUState variables in callers.
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 9 +++--
target/ppc/helper_regs.c | 15 ++-
target/ppc/helper_regs.h | 2 +-
3 files
All powerpc exception handlers share some code when handling machine
check exceptions. Move this to a common function.
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 112 ---
1 file changed, 23 insertions(+), 89 deletions(-)
diff --git a/target/
These are some small clean ups for target/ppc/excp_helper.c trying to
make this code a bit simpler. No functional change is intended.
Regards,
BALATON Zoltan
BALATON Zoltan (10):
target/ppc: Remove some superfluous parentheses
target/ppc: Remove unneeded parameter from powerpc_reset_wakeup()
Signed-off-by: BALATON Zoltan
---
target/ppc/excp_helper.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index 12d8a7257b..8298217e78 100644
--- a/target/ppc/excp_helper.c
+++ b/target/ppc/excp_helper.c
@@ -1009,7 +
Buglink: https://gitlab.com/qemu-project/qemu/-/issues/1680
On Sun, Jun 11, 2023, 15:39 Stefan Hajnoczi wrote:
> virtio_scsi_dataplane_stop() calls blk_drain_all(), which invokes
> ->drained_begin()/->drained_end() after we've already detached the host
> notifier. virtio_scsi_drained_end() curre
virtio_scsi_dataplane_stop() calls blk_drain_all(), which invokes
->drained_begin()/->drained_end() after we've already detached the host
notifier. virtio_scsi_drained_end() currently attaches the host notifier
again and leaves it dangling after dataplane has stopped.
This results in the following
Reviewed-by: Richard Henderson
Signed-off-by: Bastian Koppelmann
---
target/tricore/translate.c | 14 --
target/tricore/tricore-opcodes.h | 9 -
2 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
inde
Reviewed-by: Richard Henderson
Signed-off-by: Bastian Koppelmann
---
target/tricore/translate.c | 7 +++
target/tricore/tricore-opcodes.h | 1 +
2 files changed, 8 insertions(+)
diff --git a/target/tricore/translate.c b/target/tricore/translate.c
index cd33a1dcdd..26b284bcec 100644
--
we also introduce the tc37x CPU that implements that ISA version.
Acked-by: Richard Henderson
Signed-off-by: Bastian Koppelmann
---
target/tricore/cpu.c | 13 +
target/tricore/cpu.h | 1 +
2 files changed, 14 insertions(+)
diff --git a/target/tricore/cpu.c b/target/tricore/cpu.c
i
Reviewed-by: Richard Henderson
Signed-off-by: Bastian Koppelmann
---
target/tricore/helper.h | 3 ++-
target/tricore/op_helper.c | 10 +-
target/tricore/translate.c | 12 ++--
target/tricore/tricore-opcodes.h | 3 ++-
4 files changed, 23 insertions(+), 5 de
Reviewed-by: Richard Henderson
Signed-off-by: Bastian Koppelmann
---
target/tricore/helper.h | 1 +
target/tricore/op_helper.c | 8
target/tricore/translate.c | 7 +++
target/tricore/tricore-opcodes.h | 1 +
4 files changed, 17 insertions(+)
diff --git a/target
this is based on code by volumit (https://github.com/volumit/qemu/)
Signed-off-by: Bastian Koppelmann
---
v1 -> v2:
- Shuffle now uses shifts, instead of a buffer
- Shuffle now does rev8 for all bytes in parallel
target/tricore/helper.h | 1 +
target/tricore/op_helper.c
Hi,
this patch series is in response to the tickets [1] [2], which point out missing
instructions from ISA v1.6.2. This is the first series that implements the low
hanging fruits.
Cheers,
Bastian
v1 -> v2:
- Shuffle now uses shifts, instead of a buffer
- Shuffle now does rev8 for all byt
Sorry, something went sideways on my end. I'll try re-sending the
patchset tomorrow through the web-based interface mentioned in the
documentation, hopefully that will be foolproof. :)
Regards,
John Högberg
-Original Message-
From: Michael Tokarev
To: John Högberg , qemu-devel@nongnu.org
11.06.2023 14:53, John Högberg wrote:
...
+#ifdef CONFIG_USER_ONLY
+/*
+ * `IC IVAU` is handled to improve compatibility with JITs that dual-
map their
+ * code to get around W^X restrictions, where one region is writable
and the
+ * other is executable.
The patches seems to be line-wrap-dam
Convert the exception generation instructions SVC, HVC, SMC, BRK and
HLT to decodetree.
The old decoder decoded the halting-debug insnns DCPS1, DCPS2 and
DCPS3 just in order to then make them UNDEF; as with DRPS, we don't
bother to decode them, but document the patterns in a64.decode.
Signed-off-
The atomic memory operations are supposed to return the old memory
data value in the destination register. This value is not
sign-extended, even if the operation is the signed minimum or
maximum. (In the pseudocode for the instructions the returned data
value is passed to ZeroExtend() to create t
Convert the instructions in the LDAPR/STLR (unscaled immediate)
group to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-18-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 10 +++
target/arm/tcg/translate-a64.c | 132
Convert the load/store exclusive pair (LDXP, STXP, LDAXP, STLXP),
compare-and-swap pair (CASP, CASPA, CASPAL, CASPL), and compare-and
swap (CAS, CASA, CASAL, CASL) instructions to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-10-peter.
Convert the "Load register (literal)" instruction class to
decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-11-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 13 ++
target/arm/tcg/translate-a64.c | 76 ++---
Convert the instructions in the load/store register (pointer
authentication) group ot decodetree: LDRAA, LDRAB.
Signed-off-by: Peter Maydell
Reviewed-by: Philippe Mathieu-Daudé
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-17-peter.mayd...@linaro.org
---
target/arm/tcg/a64.
Convert the LDR and STR instructions which use a 12-bit immediate
offset to decodetree. We can reuse the existing LDR and STR
trans functions for these.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-14-peter.mayd...@linaro.org
---
target/arm/tcg/
Convert the CFINV, XAFLAG and AXFLAG insns to decodetree.
The old decoder handles these in handle_msr_i(), but
the architecture defines them as separate instructions
from MSR (immediate).
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-5-peter.mayd.
The LDG instruction loads the tag from a memory address (identified
by [Xn + offset]), and then merges that tag into the destination
register Xt. We implemented this correctly for the case when
allocation tags are enabled, but didn't get it right when ATA=0:
instead of merging the tag bits into Xt,
Convert the LDR and STR instructions which take a register
plus register offset to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-15-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 22 +
target/arm/tcg/translate-a64.
Convert the instructions in the ASIMD load/store multiple structures
instruction classes to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-19-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 20 +++
target/arm/tcg/transla
Convert MSR (reg), MRS, SYS, SYSL to decodetree. For QEMU these are
all essentially the same instruction (system register access).
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-7-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 8 +
In disas_ldst_reg_imm9() we missed one place where a call to
a gen_mte_check* function should now be passed the memop we
have created rather than just being passed the size. Fix this.
Signed-off-by: Peter Maydell
---
target/arm/tcg/translate-a64.c | 2 +-
1 file changed, 1 insertion(+), 1 deleti
Convert the insns in the atomic memory operations group to
decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-16-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 15
target/arm/tcg/translate-a64.c | 153 -
Convert the ASIMD load/store single structure insns to decodetree.
Signed-off-by: Peter Maydell
Message-id: 20230602155223.2040685-20-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 34 +
target/arm/tcg/translate-a64.c | 219 +++--
2 files changed,
Convert the load/store register pair insns (LDP, STP,
LDNP, STNP, LDPSW, STGP) to decodetree.
Signed-off-by: Peter Maydell
Message-id: 20230602155223.2040685-12-peter.mayd...@linaro.org
---
This was reviewed in v1, but the underlying code
changed enough in the atomic-ops work that I've dropped
th
Convert the various instructions in the hint instruction space
to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-3-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 31
target/arm/tcg/translate-a64.c | 277 +++
Convert the instructions in the load/store memory tags instruction
group to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-21-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 25 +++
target/arm/tcg/translate-a64.c | 360 +
This patchseries does more of the conversion of the A64 decoder to
decodetree. It covers the exception-generation, system, load and
store instructions.
The rebasing of this on top of the atomics work turned out
hairy enough that I thought it was better to send this out
as a v2. There ae also a co
Convert the instructions in the load/store exclusive (STXR,
STLXR, LDXR, LDAXR) and load/store ordered (STLR, STLLR,
LDAR, LDLAR) to decodetree.
Note that for STLR, STLLR, LDAR, LDLAR this fixes an under-decoding
in the legacy decoder where we were not checking that the RES1 bits
in the Rs and Rt2
Convert the insns in the "Barriers" instruction class to
decodetree: CLREX, DSB, DMB, ISB and SB.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-4-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 7 +++
target/arm/tcg/translate-a64.c
In the recent refactoring we missed a few places which should be
calling finalize_memop_asimd() for ASIMD loads and stores but
instead are just calling finalize_memop(); fix these.
For the disas_ldst_single_struct() and disas_ldst_multiple_struct()
cases, this is not a behaviour change because the
Convert the MSR (immediate) insn to decodetree. Our implementation
has basically no commonality between the different destinations,
so we decode the destination register in a64.decode.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-6-peter.mayd...@
Convert the load and store instructions which use a 9-bit
immediate offset to decodetree.
Signed-off-by: Peter Maydell
Reviewed-by: Richard Henderson
Message-id: 20230602155223.2040685-13-peter.mayd...@linaro.org
---
target/arm/tcg/a64.decode | 69 +++
target/arm/tcg/translate-a64
On 6/9/23 15:41, Hanna Czenczek wrote:
On 09.06.23 15:21, Alexander Ivanov wrote:
On 6/2/23 16:59, Hanna Czenczek wrote:
On 29.05.23 17:15, Alexander Ivanov wrote:
Repair an image at opening if the image is unclean or out-of-image
corruption was detected.
Signed-off-by: Alexander Ivanov
On Sun, 11 Jun 2023, Bernhard Beschow wrote:
Allows the struct to be embedded directly into device models without additional
allocation.
Suggested-by: Mark Cave-Ayland
Patches missing SoB, checkpatch should have cought this.
I don't see any of the machines or device models actually embedding
On 6/8/23 19:08, Stefan Hajnoczi wrote:
On Thu, Jun 08, 2023 at 10:40:57AM +0300, Sagi Grimberg wrote:
Hey Stefan, Paolo,
I just had a report from a user experiencing lower virtio-blk
performance than he expected. This user is running virtio-blk on top of
nvme-tcp device. The guest is runnin
https://gitlab.com/qemu-project/qemu/-/issues/1034
Signed-off-by: John Högberg
---
tests/tcg/aarch64/Makefile.target | 3 +-
tests/tcg/aarch64/icivau.c| 204 ++
2 files changed, 206 insertions(+), 1 deletion(-)
create mode 100644 tests/tcg/aarch64/icivau.c
Unlike architectures with precise self-modifying code semantics
(e.g. x86) ARM processors do not maintain coherency for instruction
execution and memory, and require the explicit use of cache
management instructions as well as an instruction barrier to make
code updates visible (the latter on every
When running in user-mode QEMU currently fails to emulate JITs that
use dual-mapped code to get around W^X restrictions, where one mapping
is writable and one is executable. As it has no way of knowing that a
write to the writable region is reflected in the executable one, it
fails to invalidate pr
Allows the struct to be embedded directly into device models without additional
allocation.
Suggested-by: Mark Cave-Ayland
---
include/hw/char/parallel-isa.h | 46 ++
include/hw/char/parallel.h | 2 --
hw/char/parallel-isa.c | 1 +
hw/char/parallel.c
1 - 100 of 149 matches
Mail list logo
