]> git.ipfire.org Git - thirdparty/qemu.git/log
thirdparty/qemu.git
15 months agoxen: mapcache: Fix unmapping of first entries in buckets
Edgar E. Iglesias [Mon, 1 Jul 2024 22:44:21 +0000 (00:44 +0200)] 
xen: mapcache: Fix unmapping of first entries in buckets

This fixes the clobbering of the entry->next pointer when
unmapping the first entry in a bucket of a mapcache.

Fixes: 123acd816d ("xen: mapcache: Unmap first entries in buckets")
Reported-by: Anthony PERARD <anthony.perard@vates.tech>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Anthony PERARD <anthony.perard@vates.tech>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
15 months agophysmem: Bail out qemu_ram_block_from_host() for invalid ram addrs
Edgar E. Iglesias [Mon, 1 Jul 2024 22:44:20 +0000 (00:44 +0200)] 
physmem: Bail out qemu_ram_block_from_host() for invalid ram addrs

Bail out in qemu_ram_block_from_host() when
xen_ram_addr_from_mapcache() does not find an existing
mapping.

Signed-off-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
15 months agoMAINTAINERS: add Edgar as Xen maintainer
Stefano Stabellini [Wed, 10 Jul 2024 20:28:52 +0000 (13:28 -0700)] 
MAINTAINERS: add Edgar as Xen maintainer

Add Edgar as Xen subsystem maintainer in QEMU. Edgar has been a QEMU
maintainer for years, and has already made key changes to one of the
most difficult areas of the Xen subsystem (the mapcache).

Edgar volunteered helping us maintain the Xen subsystem in QEMU and we
are very happy to welcome him to the team. His knowledge and expertise
with QEMU internals will be of great help.

Signed-off-by: Stefano Stabellini <stefano.stabellini@amd.com>
Reviewed-by: Paul Durrant <paul@xen.org>
Acked-by: Anthony PERARD <anthony@xenproject.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
15 months agoMerge tag 'pull-target-arm-20240711' of https://git.linaro.org/people/pmaydell/qemu...
Richard Henderson [Thu, 11 Jul 2024 19:00:00 +0000 (12:00 -0700)] 
Merge tag 'pull-target-arm-20240711' of https://git.linaro.org/people/pmaydell/qemu-arm into staging

target-arm queue:
 * Refactor FPCR/FPSR handling in preparation for FEAT_AFP
 * More decodetree conversions
 * target/arm: Use cpu_env in cpu_untagged_addr
 * target/arm: Set arm_v7m_tcg_ops cpu_exec_halt to arm_cpu_exec_halt()
 * hw/char/pl011: Avoid division-by-zero in pl011_get_baudrate()
 * hw/misc/bcm2835_thermal: Fix access size handling in bcm2835_thermal_ops
 * accel/tcg: Make TCGCPUOps::cpu_exec_halt mandatory
 * STM32L4x5: Handle USART interrupts correctly

# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmaP24MZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3luAEACF4Uhrcrh7E7RwoDEeQAMQ
# IG3+LwUbhnBXIUl7DL0qQTjnmwbbTQH2Ukoq3biqAdSs22JwrT6O6MDQ7fA3X8DI
# 3Ew+72BzAAtQHVHJaFRw2f9UVQop8Poa9I7Di6frH4Gxk5AKQY/IwjrD6jYPqhM7
# 9KCksksO3w9DRmpFZ1y5I/dGumTe12btEwdazWxrsyZIBNDoUJSU8xpcMk+9oErF
# 23hcsSaXOGDeWwPuEk1q2mMYnRQQtMhVndxV50sF98MfJ3nnMKEttuFuW0znXMCr
# Xat8Y4QbigXGmuJNgjXccIzN1Hje+h5zzfUIfVNWBYNzqULvvi/vjwNfJaUiIjm5
# DxeOGUu8iZYQbgvJXvn9NwWbptxvhyWsCLpB46icElcN0jr1MU12wk2IH0CZa7KU
# h4kbu0p17dph5Lantd888b1Vu3pOFr4UiRC3qJB9ddBVLyGl/3Km1wb99x038mPo
# Mt8Y7Vjnr5OWd+mTNzXFRnYFYIRKu1lI85VuTjd5Uua0lDtFDo/sVnVF9uas84OC
# /PrQYGso0UE320li+jYHzE18rKPEi2u/3xTgHWAgh3ra7McWVjWDr2yIsAisKKNH
# 2F72gyZNy2n7FJhTYPQAJnozi68maP5f9tHHHXQdfsCE4+2h0fr/wljCeq1+5waq
# 4edm31uEbArfW/jLgPHHAA==
# =Xkmk
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 11 Jul 2024 06:17:55 AM PDT
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
# gpg:                 aka "Peter Maydell <peter@archaic.org.uk>" [unknown]

* tag 'pull-target-arm-20240711' of https://git.linaro.org/people/pmaydell/qemu-arm: (24 commits)
  target/arm: Convert PMULL to decodetree
  target/arm: Convert ADDHN, SUBHN, RADDHN, RSUBHN to decodetree
  target/arm: Convert SADDW, SSUBW, UADDW, USUBW to decodetree
  target/arm: Convert SQDMULL, SQDMLAL, SQDMLSL to decodetree
  target/arm: Convert SADDL, SSUBL, SABDL, SABAL, and unsigned to decodetree
  target/arm: Convert SMULL, UMULL, SMLAL, UMLAL, SMLSL, UMLSL to decodetree
  hw/arm: In STM32L4x5 SOC, connect USART devices to EXTI
  hw/misc: In STM32L4x5 EXTI, handle direct interrupts
  hw/misc: In STM32L4x5 EXTI, consolidate 2 constants
  accel/tcg: Make TCGCPUOps::cpu_exec_halt mandatory
  target: Set TCGCPUOps::cpu_exec_halt to target's has_work implementation
  target/arm: Set arm_v7m_tcg_ops cpu_exec_halt to arm_cpu_exec_halt()
  target/arm: Use cpu_env in cpu_untagged_addr
  hw/misc/bcm2835_thermal: Fix access size handling in bcm2835_thermal_ops
  hw/char/pl011: Avoid division-by-zero in pl011_get_baudrate()
  target/arm: Allow FPCR bits that aren't in FPSCR
  target/arm: Rename FPSR_MASK and FPCR_MASK and define them symbolically
  target/arm: Rename FPCR_ QC, NZCV macros to FPSR_
  target/arm: Store FPSR and FPCR in separate CPU state fields
  target/arm: Implement store_cpu_field_low32() macro
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'block-pull-request' of https://gitlab.com/stefanha/qemu into staging
Richard Henderson [Thu, 11 Jul 2024 14:35:12 +0000 (07:35 -0700)] 
Merge tag 'block-pull-request' of https://gitlab.com/stefanha/qemu into staging

Pull request

A discard fix from Nir Soffer.

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEEhpWov9P5fNqsNXdanKSrs4Grc8gFAmaPoiAACgkQnKSrs4Gr
# c8hjGAf+JxwJOBibYVdyPRhnrYWu3b/G3rAfwSnYvgJrCPDztmLTB50lCDCnZ2Jr
# T/GN8/BYbuR7O2VkEEMXutrYkLWAUQNGz28wd6GgaeYL/rx7yEg5htmP2nWSySP3
# rS3ri3i30QUHI/zSOH5a5eRVQBDZECyyd7jAADqhYt6Vfh9O3ApUy8SPxS6sT7WF
# i5a8ffqDVtiFaE2nvBs8KncdRZcBkiNyWt122cvbYCLepy2G3/WD3gv/AP126xGO
# bGzBQUODCqcgbIjUH5d5qOLhB4eppqxsclHMwIZeo5QV/De5BVjg2I6LxOutdbv3
# 1MAAHFsbjLRBnKVWafgz2vCi/gi1gA==
# =hjGY
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 11 Jul 2024 02:13:04 AM PDT
# gpg:                using RSA key 8695A8BFD3F97CDAAC35775A9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <stefanha@redhat.com>" [full]
# gpg:                 aka "Stefan Hajnoczi <stefanha@gmail.com>" [full]

* tag 'block-pull-request' of https://gitlab.com/stefanha/qemu:
  Consider discard option when writing zeros
  qemu-iotest/245: Add missing discard=unmap

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'mem-2024-07-10' of https://github.com/davidhildenbrand/qemu into staging
Richard Henderson [Thu, 11 Jul 2024 14:34:52 +0000 (07:34 -0700)] 
Merge tag 'mem-2024-07-10' of https://github.com/davidhildenbrand/qemu into staging

Hi,

"Host Memory Backends" and "Memory devices" queue ("mem"):
- Only one error message improvement that causes less confusion when
  triggered from libvirt

# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEG9nKrXNcTDpGDfzKTd4Q9wD/g1oFAmaOxu8RHGRhdmlkQHJl
# ZGhhdC5jb20ACgkQTd4Q9wD/g1pZiw//eDZBykgFbP164XEr8VfCt97gPHAUtwWQ
# fCi/MggOx3BE3V2TKCOSKSggTXrlpif3O+LziIMds9u7s5Gf7MdblMFmjvPglwXM
# pPZkJ6egNVnVJ5kTP+MHUbLyjbXayHaPIOlNupUXpn38lKd0Vn4/0jJ3XHkTUYvx
# xNP6GEomwvps5KiPtpHo+QApFluEy+ZYxexMdDPaa5wjgVECm+7s3Y9K+6EZnA3j
# 4wJCHgM91QDJ/+yu5vjNwn2rEqSf8fPjara1uVJxKYpNnYfv/7oEkuzXPL9HUING
# ARKH0rq4Yhv+2cvb5hyuQK7/XoMJ8KaKnnynqCWH8A/8/jfAQzlktT07lp5vYzHW
# 7/YivQUjZYxUBobvZLK2xNm96jDjvtRxsQqFmUi7fkLyN0qZWZC4xGQSCGbXTv/8
# t0BpyUfI6lJO2gZQFjWUc3uz3wJkucZRxC2qaNXfUf0Om99TPboafi37XM0Pgagh
# T2GiZK1x4fSGedT79+wmHyLt+RZqABouAWMqTtdppQJtMt/ZnqXcW0Z4bRQo4FX6
# ULW/ZvRmT0yguI9su0hwcLeZ8+6eTHzoCFi3yZVcWGv+Zdpnmk53G8cIkQXO3CQO
# VEw/5VfQCbdoqEu1WdM1Dil5mCf7ZOukbjWZNb4D3Sb7q001t5IZKmgkU3Iyv0oC
# V1xDpsnaevM=
# =/wCe
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 10 Jul 2024 10:37:51 AM PDT
# gpg:                using RSA key 1BD9CAAD735C4C3A460DFCCA4DDE10F700FF835A
# gpg:                issuer "david@redhat.com"
# gpg: Good signature from "David Hildenbrand <david@redhat.com>" [undefined]
# gpg:                 aka "David Hildenbrand <davidhildenbrand@gmail.com>" [full]
# gpg:                 aka "David Hildenbrand <hildenbr@in.tum.de>" [unknown]
# gpg: WARNING: The key's User ID is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 1BD9 CAAD 735C 4C3A 460D  FCCA 4DDE 10F7 00FF 835A

* tag 'mem-2024-07-10' of https://github.com/davidhildenbrand/qemu:
  virtio-mem: improve error message when unplug of device fails due to plugged memory

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotarget/arm: Convert PMULL to decodetree
Richard Henderson [Tue, 9 Jul 2024 00:06:10 +0000 (17:06 -0700)] 
target/arm: Convert PMULL to decodetree

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240709000610.382391-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Convert ADDHN, SUBHN, RADDHN, RSUBHN to decodetree
Richard Henderson [Tue, 9 Jul 2024 00:06:09 +0000 (17:06 -0700)] 
target/arm: Convert ADDHN, SUBHN, RADDHN, RSUBHN to decodetree

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240709000610.382391-6-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Convert SADDW, SSUBW, UADDW, USUBW to decodetree
Richard Henderson [Tue, 9 Jul 2024 00:06:08 +0000 (17:06 -0700)] 
target/arm: Convert SADDW, SSUBW, UADDW, USUBW to decodetree

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240709000610.382391-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Convert SQDMULL, SQDMLAL, SQDMLSL to decodetree
Richard Henderson [Tue, 9 Jul 2024 00:06:07 +0000 (17:06 -0700)] 
target/arm: Convert SQDMULL, SQDMLAL, SQDMLSL to decodetree

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240709000610.382391-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Convert SADDL, SSUBL, SABDL, SABAL, and unsigned to decodetree
Richard Henderson [Tue, 9 Jul 2024 00:06:06 +0000 (17:06 -0700)] 
target/arm: Convert SADDL, SSUBL, SABDL, SABAL, and unsigned to decodetree

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240709000610.382391-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Convert SMULL, UMULL, SMLAL, UMLAL, SMLSL, UMLSL to decodetree
Richard Henderson [Tue, 9 Jul 2024 00:06:05 +0000 (17:06 -0700)] 
target/arm: Convert SMULL, UMULL, SMLAL, UMLAL, SMLSL, UMLSL to decodetree

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240709000610.382391-2-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/arm: In STM32L4x5 SOC, connect USART devices to EXTI
Inès Varhol [Sun, 7 Jul 2024 08:58:55 +0000 (10:58 +0200)] 
hw/arm: In STM32L4x5 SOC, connect USART devices to EXTI

The USART devices were previously connecting their outbound IRQs
directly to the CPU because the EXTI wasn't handling direct lines
interrupts.
Now the USART connects to the EXTI inbound GPIOs, and the EXTI connects
its IRQs to the CPU.
The existing QTest for the USART (tests/qtest/stm32l4x5_usart-test.c)
checks that USART1_IRQ in the CPU is pending when expected so it
confirms that the connection through the EXTI still works.

Signed-off-by: Inès Varhol <ines.varhol@telecom-paris.fr>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240707085927.122867-4-ines.varhol@telecom-paris.fr
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/misc: In STM32L4x5 EXTI, handle direct interrupts
Inès Varhol [Sun, 7 Jul 2024 08:58:54 +0000 (10:58 +0200)] 
hw/misc: In STM32L4x5 EXTI, handle direct interrupts

The previous implementation for EXTI interrupts only handled
"configurable" interrupts, like those originating from STM32L4x5 SYSCFG
(the only device currently connected to the EXTI up until now).

In order to connect STM32L4x5 USART to the EXTI, this commit adds
handling for direct interrupts (interrupts without configurable edge).

Signed-off-by: Inès Varhol <ines.varhol@telecom-paris.fr>
Message-id: 20240707085927.122867-3-ines.varhol@telecom-paris.fr
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/misc: In STM32L4x5 EXTI, consolidate 2 constants
Inès Varhol [Sun, 7 Jul 2024 08:58:53 +0000 (10:58 +0200)] 
hw/misc: In STM32L4x5 EXTI, consolidate 2 constants

Up until now, the EXTI implementation had 16 inbound GPIOs connected to
the 16 outbound GPIOs of STM32L4x5 SYSCFG.
The EXTI actually handles 40 lines (namely 5 from STM32L4x5 USART
devices which are already implemented in QEMU).
In order to connect USART devices to EXTI, this commit consolidates
constants `EXTI_NUM_INTERRUPT_OUT_LINES` (40) and
`EXTI_NUM_GPIO_EVENT_IN_LINES` (16) into `EXTI_NUM_LINES` (40).

Signed-off-by: Inès Varhol <ines.varhol@telecom-paris.fr>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240707085927.122867-2-ines.varhol@telecom-paris.fr
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agoaccel/tcg: Make TCGCPUOps::cpu_exec_halt mandatory
Peter Maydell [Thu, 4 Jul 2024 15:57:10 +0000 (16:57 +0100)] 
accel/tcg: Make TCGCPUOps::cpu_exec_halt mandatory

Now that all targets set TCGCPUOps::cpu_exec_halt, we can make it
mandatory and remove the fallback handling that calls cpu_has_work.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agotarget: Set TCGCPUOps::cpu_exec_halt to target's has_work implementation
Peter Maydell [Thu, 4 Jul 2024 15:57:10 +0000 (16:57 +0100)] 
target: Set TCGCPUOps::cpu_exec_halt to target's has_work implementation

Currently the TCGCPUOps::cpu_exec_halt method is optional, and if it
is not set then the default is to call the CPUClass::has_work
method (which has an identical function signature).

We would like to make the cpu_exec_halt method mandatory so we can
remove the runtime check and fallback handling.  In preparation for
that, make all the targets which don't need special handling in their
cpu_exec_halt set it to their cpu_has_work implementation instead of
leaving it unset.  (This is every target except for arm and i386.)

In the riscv case this requires us to make the function not
be local to the source file it's defined in.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agotarget/arm: Set arm_v7m_tcg_ops cpu_exec_halt to arm_cpu_exec_halt()
Peter Maydell [Thu, 4 Jul 2024 15:57:09 +0000 (16:57 +0100)] 
target/arm: Set arm_v7m_tcg_ops cpu_exec_halt to arm_cpu_exec_halt()

In commit a96edb687e76 we set the cpu_exec_halt field of the
TCGCPUOps arm_tcg_ops to arm_cpu_exec_halt(), but we left the
arm_v7m_tcg_ops struct unchanged.  That isn't wrong, because for
M-profile FEAT_WFxT doesn't exist and the default handling for "no
cpu_exec_halt method" is correct, but it's perhaps a little
confusing.  We would also like to make setting the cpu_exec_halt
method mandatory.

Initialize arm_v7m_tcg_ops cpu_exec_halt to the same function we use
for A-profile.  (On M-profile we never set up the wfxt timer so there
is no change in behaviour here.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
15 months agotarget/arm: Use cpu_env in cpu_untagged_addr
Richard Henderson [Tue, 2 Jul 2024 15:49:11 +0000 (08:49 -0700)] 
target/arm: Use cpu_env in cpu_untagged_addr

In a completely artifical memset benchmark object_dynamic_cast_assert
dominates the profile, even above guest address resolution and
the underlying host memset.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240702154911.1667418-1-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/misc/bcm2835_thermal: Fix access size handling in bcm2835_thermal_ops
Zheyu Ma [Tue, 2 Jul 2024 15:40:41 +0000 (17:40 +0200)] 
hw/misc/bcm2835_thermal: Fix access size handling in bcm2835_thermal_ops

The current implementation of bcm2835_thermal_ops sets
impl.max_access_size and valid.min_access_size to 4, but leaves
impl.min_access_size and valid.max_access_size unset, defaulting to 1.
This causes issues when the memory system is presented with an access
of size 2 at an offset of 3, leading to an attempt to synthesize it as
a pair of byte accesses at offsets 3 and 4, which trips an assert.

Additionally, the lack of valid.max_access_size setting causes another
issue: the memory system tries to synthesize a read using a 4-byte
access at offset 3 even though the device doesn't allow unaligned
accesses.

This patch addresses these issues by explicitly setting both
impl.min_access_size and valid.max_access_size to 4, ensuring proper
handling of access sizes.

Error log:
ERROR:hw/misc/bcm2835_thermal.c:55:bcm2835_thermal_read: code should not be reached
Bail out! ERROR:hw/misc/bcm2835_thermal.c:55:bcm2835_thermal_read: code should not be reached
Aborted

Reproducer:
cat << EOF | qemu-system-aarch64 -display \
none -machine accel=qtest, -m 512M -machine raspi3b -m 1G -qtest stdio
readw 0x3f212003
EOF

Signed-off-by: Zheyu Ma <zheyuma97@gmail.com>
Message-id: 20240702154042.3018932-1-zheyuma97@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agohw/char/pl011: Avoid division-by-zero in pl011_get_baudrate()
Zheyu Ma [Tue, 2 Jul 2024 15:57:52 +0000 (17:57 +0200)] 
hw/char/pl011: Avoid division-by-zero in pl011_get_baudrate()

In pl011_get_baudrate(), when we calculate the baudrate we can
accidentally divide by zero. This happens because although (as the
specification requires) we treat UARTIBRD = 0 as invalid, we aren't
correctly limiting UARTIBRD and UARTFBRD values to the 16-bit and 6-bit
ranges the hardware allows, and so some non-zero values of UARTIBRD can
result in a zero divisor.

Enforce the correct register field widths on guest writes and on inbound
migration to avoid the division by zero.

ASAN log:
==2973125==ERROR: AddressSanitizer: FPE on unknown address 0x55f72629b348
(pc 0x55f72629b348 bp 0x7fffa24d0e00 sp 0x7fffa24d0d60 T0)
     #0 0x55f72629b348 in pl011_get_baudrate hw/char/pl011.c:255:17
     #1 0x55f726298d94 in pl011_trace_baudrate_change hw/char/pl011.c:260:33
     #2 0x55f726296fc8 in pl011_write hw/char/pl011.c:378:9

Reproducer:
cat << EOF | qemu-system-aarch64 -display \
none -machine accel=qtest, -m 512M -machine realview-pb-a8 -qtest stdio
writeq 0x1000b024 0xf8000000
EOF

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Zheyu Ma <zheyuma97@gmail.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240702155752.3022007-1-zheyuma97@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
15 months agotarget/arm: Allow FPCR bits that aren't in FPSCR
Peter Maydell [Fri, 28 Jun 2024 14:23:47 +0000 (15:23 +0100)] 
target/arm: Allow FPCR bits that aren't in FPSCR

In order to allow FPCR bits that aren't in the FPSCR (like the new
bits that are defined for FEAT_AFP), we need to make sure that writes
to the FPSCR only write to the bits of FPCR that are architecturally
mapped, and not the others.

Implement this with a new function vfp_set_fpcr_masked() which
takes a mask of which bits to update.

(We could do the same for FPSR, but we leave that until we actually
are likely to need it.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-10-peter.maydell@linaro.org

15 months agotarget/arm: Rename FPSR_MASK and FPCR_MASK and define them symbolically
Peter Maydell [Fri, 28 Jun 2024 14:23:46 +0000 (15:23 +0100)] 
target/arm: Rename FPSR_MASK and FPCR_MASK and define them symbolically

Now that we store FPSR and FPCR separately, the FPSR_MASK and
FPCR_MASK macros are slightly confusingly named and the comment
describing them is out of date.  Rename them to FPSCR_FPSR_MASK and
FPSCR_FPCR_MASK, document that they are the mask of which FPSCR bits
are architecturally mapped to which AArch64 register, and define them
symbolically rather than as hex values.  (This latter requires
defining some extra macros for bits which we haven't previously
defined.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-9-peter.maydell@linaro.org

15 months agotarget/arm: Rename FPCR_ QC, NZCV macros to FPSR_
Peter Maydell [Fri, 28 Jun 2024 14:23:45 +0000 (15:23 +0100)] 
target/arm: Rename FPCR_ QC, NZCV macros to FPSR_

The QC, N, Z, C, V bits live in the FPSR, not the FPCR. Rename the
macros that define these bits accordingly.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-8-peter.maydell@linaro.org

15 months agotarget/arm: Store FPSR and FPCR in separate CPU state fields
Peter Maydell [Fri, 28 Jun 2024 14:23:44 +0000 (15:23 +0100)] 
target/arm: Store FPSR and FPCR in separate CPU state fields

Now that we have refactored the set/get functions so that the FPSCR
format is no longer the authoritative one, we can keep FPSR and FPCR
in separate CPU state fields.

As well as the get and set functions, we also have a scattering of
places in the code which directly access vfp.xregs[ARM_VFP_FPSCR] to
extract single fields which are stored there.  These all change to
directly access either vfp.fpsr or vfp.fpcr, depending on the
location of the field.  (Most commonly, this is the NZCV flags.)

We make the field in the CPU state struct 64 bits, because
architecturally FPSR and FPCR are 64 bits.  However we leave the
types of the arguments and return values of the get/set functions as
32 bits, since we don't need to make that change with the current
architecture and various callsites would be unable to handle
set bits in the high half (for instance the gdbstub protocol
assumes they're only 32 bit registers).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-7-peter.maydell@linaro.org

15 months agotarget/arm: Implement store_cpu_field_low32() macro
Peter Maydell [Fri, 28 Jun 2024 14:23:43 +0000 (15:23 +0100)] 
target/arm: Implement store_cpu_field_low32() macro

We already have a load_cpu_field_low32() to load the low half of a
64-bit CPU struct field to a TCGv_i32; however we haven't yet needed
the store equivalent.  We'll want that in the next patch, so
implement it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-6-peter.maydell@linaro.org

15 months agotarget/arm: Support migration when FPSR/FPCR won't fit in the FPSCR
Peter Maydell [Fri, 28 Jun 2024 14:23:42 +0000 (15:23 +0100)] 
target/arm: Support migration when FPSR/FPCR won't fit in the FPSCR

To support FPSR and FPCR bits that don't exist in the AArch32 FPSCR
view of floating point control and status (such as the FEAT_AFP ones),
we need to make sure those bits can be migrated. This commit allows
that, whilst maintaining backwards and forwards migration compatibility
for CPUs where there are no such bits:

On sending:
 * If either the FPCR or the FPSR include set bits that are not
   visible in the AArch32 FPSCR view of floating point control/status
   then we send the FPCR and FPSR as two separate fields in a new
   cpu/vfp/fpcr_fpsr subsection, and we send a 0 for the old
   FPSCR field in cpu/vfp
 * Otherwise, we don't send the fpcr_fpsr subsection, and we send
   an FPSCR-format value in cpu/vfp as we did previously

On receiving:
 * if we see a non-zero FPSCR field, that is the right information
 * if we see a fpcr_fpsr subsection then that has the information
 * if we see neither, then FPSCR/FPCR/FPSR are all zero on the source;
   cpu_pre_load() ensures the CPU state defaults to that
 * if we see both, then the migration source is buggy or malicious;
   either the fpcr_fpsr or the FPSCR will "win" depending which
   is first in the migration stream; we don't care which that is

We make the new FPCR and FPSR on-the-wire data be 64 bits, because
architecturally these registers are that wide, and this avoids the
need to engage in further migration-compatibility contortions in
future if some new architecture revision defines bits in the high
half of either register.

(We won't ever send the new migration subsection until we add support
for a CPU feature which enables setting overlapping FPCR bits, like
FEAT_AFP.)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-5-peter.maydell@linaro.org

15 months agotarget/arm: Make vfp_set_fpscr() call vfp_set_{fpcr, fpsr}
Peter Maydell [Fri, 28 Jun 2024 14:23:41 +0000 (15:23 +0100)] 
target/arm: Make vfp_set_fpscr() call vfp_set_{fpcr, fpsr}

Make vfp_set_fpscr() call vfp_set_fpsr() and vfp_set_fpcr()
instead of the other way around.

The masking we do when getting and setting vfp.xregs[ARM_VFP_FPSCR]
is a little awkward, but we are going to change where we store the
underlying FPSR and FPCR information in a later commit, so it will
go away then.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-4-peter.maydell@linaro.org

15 months agotarget/arm: Make vfp_get_fpscr() call vfp_get_{fpcr, fpsr}
Peter Maydell [Fri, 28 Jun 2024 14:23:40 +0000 (15:23 +0100)] 
target/arm: Make vfp_get_fpscr() call vfp_get_{fpcr, fpsr}

In AArch32, the floating point control and status bits are all in a
single register, FPSCR.  In AArch64, these were split into separate
FPCR and FPSR registers, but the bit layouts remained the same, with
no overlaps, so that you could construct an FPSCR value by ORing FPCR
and FPSR, or equivalently could produce FPSR and FPCR by masking an
FPSCR value.  For QEMU's implementation, we opted to use masking to
produce FPSR and FPCR, because we started with an AArch32
implementation of FPSCR.

The addition of the (AArch64-only) FEAT_AFP adds new bits to the FPCR
which overlap with some bits in the FPSR.  This means we'll no longer
be able to consider the FPSCR-encoded value as the primary one, but
instead need to treat FPSR/FPCR as the primary encoding and construct
the FPSCR from those.  (This remains possible because the FEAT_AFP
bits in FPCR don't appear in the FPSCR.)

As the first step in this refactoring, make vfp_get_fpscr() call
vfp_get_fpcr() and vfp_get_fpsr(), instead of the other way around.

Note that vfp_get_fpcsr_from_host() returns only bits in the FPSR
(for the cumulative fp exception bits), so we can simply rename
it without needing to add a new function for getting FPCR bits.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-3-peter.maydell@linaro.org

15 months agotarget/arm: Correct comments about M-profile FPSCR
Peter Maydell [Fri, 28 Jun 2024 14:23:39 +0000 (15:23 +0100)] 
target/arm: Correct comments about M-profile FPSCR

The M-profile FPSCR LTPSIZE is bits [18:16]; this is the same
field as A-profile FPSCR Len, not Stride. Correct the comment
in vfp_get_fpscr().

We also implemented M-profile FPSCR.QC, but forgot to delete
a TODO comment from vfp_set_fpscr(); remove it now.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240628142347.1283015-2-peter.maydell@linaro.org

15 months agoConsider discard option when writing zeros
Nir Soffer [Fri, 28 Jun 2024 20:20:58 +0000 (23:20 +0300)] 
Consider discard option when writing zeros

When opening an image with discard=off, we punch hole in the image when
writing zeroes, making the image sparse. This breaks users that want to
ensure that writes cannot fail with ENOSPACE by using fully allocated
images[1].

bdrv_co_pwrite_zeroes() correctly disables BDRV_REQ_MAY_UNMAP if we
opened the child without discard=unmap or discard=on. But we don't go
through this function when accessing the top node. Move the check down
to bdrv_co_do_pwrite_zeroes() which seems to be used in all code paths.

This change implements the documented behavior, punching holes only when
opening the image with discard=on or discard=unmap. This may not be the
best default but can improve it later.

The test depends on a file system supporting discard, deallocating the
entire file when punching hole with the length of the entire file.
Tested with xfs, ext4, and tmpfs.

[1] https://lists.nongnu.org/archive/html/qemu-discuss/2024-06/msg00003.html

Signed-off-by: Nir Soffer <nsoffer@redhat.com>
Message-id: 20240628202058.1964986-3-nsoffer@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
15 months agoqemu-iotest/245: Add missing discard=unmap
Nir Soffer [Fri, 28 Jun 2024 20:20:57 +0000 (23:20 +0300)] 
qemu-iotest/245: Add missing discard=unmap

The test works since we punch holes by default even when opening the
image without discard=on or discard=unmap. Fix the test to enable
discard.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
15 months agovirtio-mem: improve error message when unplug of device fails due to plugged memory
David Hildenbrand [Tue, 16 Apr 2024 14:14:26 +0000 (16:14 +0200)] 
virtio-mem: improve error message when unplug of device fails due to plugged memory

The error message is actually expressive, considering QEMU only. But
when called from Libvirt, talking about "size" can be confusing, because
in Libvirt "size" translates to the memory backend size in QEMU (maximum
size) and "current" translates to the QEMU "size" property.

Let's simply avoid talking about the "size" property and spell out that
some device memory is still plugged.

Message-ID: <20240416141426.588544-1-david@redhat.com>
Tested-by: Mario Casquero <mcasquer@redhat.com>
Cc: Liang Cong <lcong@redhat.com>
Cc: Mario Casquero <mcasquer@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
15 months agoMerge tag 'pull-aspeed-20240709' of https://github.com/legoater/qemu into staging
Richard Henderson [Tue, 9 Jul 2024 14:13:55 +0000 (07:13 -0700)] 
Merge tag 'pull-aspeed-20240709' of https://github.com/legoater/qemu into staging

aspeed queue:

* support AST2700 network

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmaNJCcACgkQUaNDx8/7
# 7KF7pw//So48XdPJhdQukO/PDLGSYL8rRjDfZbQFLLw10MozcZZ/Nz/BCzrNxJRg
# rHP/shyO3XL1YZ6U1LNXk6E845giVriSpRRjGX9CuK4fypM9xom6qAIOtOLeH7hG
# iTMW++IxN/JgVmVOKYn3C+2+odiq6NzZxFrblVtGPUDtNkkC9BaYGHnccMsl5zQh
# LOSPJxqLiiuDjZPqdwa4fMbtEeNTU3A0WLlWxX7yPfJt2T20a4wE6bdWVGcI6fiV
# QbCmLLrMXhuZFx+uT4B2hbHi+hGS5H+F3QBOefum6z+i9NEbfAZSyusd8/qTEify
# fSBqxL4LD6K4WKL1Hg9959cBcm5zWgPXk7znus4E/TZuUTdSHaPC7clESIcYqWPS
# veEAppmHneO4cdmK1m+Gv4gpWD/adS4ZfV7O+C3z149ms0gL4JrK6QndPdE5QuIW
# u47PhIT3oIM0WznnMusoCndFxs6Gl/GBkzdxW0gdoJKBRfymbsroWeZamAWTznbV
# mL8Td8bEP/NcV40cm1PtpZyl7j0MzxcKDUHKv9ioQTXLUpkl5LSsIGmd1m78WRlE
# J6bUJ3jqQT6/s5i3TVqTGe7xuqMkg+9Er8rn5nAWgSronsf4nprAfOU8Lj+b06BM
# YRroGgU2lAQrv17liQExrG3Tj1SH+oEp1q0qEq7qo824HlGjBkI=
# =UygB
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 09 Jul 2024 04:51:03 AM PDT
# gpg:                using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B  0B60 51A3 43C7 CFFB ECA1

* tag 'pull-aspeed-20240709' of https://github.com/legoater/qemu:
  machine_aspeed.py: update to test network for AST2700
  machine_aspeed.py: update to test ASPEED OpenBMC SDK v09.02 for AST2700
  hw/block: m25p80: support quad mode for w25q01jvq
  aspeed/soc: set dma64 property for AST2700 ftgmac100
  hw/net:ftgmac100: update TX and RX packet buffers address to 64 bits
  hw/net:ftgmac100: introduce TX and RX ring base address high registers to support 64 bits
  hw/net:ftgmac100: update ring base address to 64 bits
  hw/net:ftgmac100: update memory region size to 64KB

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'pull-vfio-20240709' of https://github.com/legoater/qemu into staging
Richard Henderson [Tue, 9 Jul 2024 14:13:14 +0000 (07:13 -0700)] 
Merge tag 'pull-vfio-20240709' of https://github.com/legoater/qemu into staging

vfio queue:

* Fixes on VFIO display
* VIRTIO-IOMMU/HostIOMMUDevice: Fixes and page size mask rework

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEEoPZlSPBIlev+awtgUaNDx8/77KEFAmaNI6MACgkQUaNDx8/7
# 7KHMCQ//VrdayFV9psHCCkrku3MQL6VWsiTOf6bgOFz4zp716HQrnZlI6A7L1qFz
# p2OH6bQu9IDa8T65TVyQ/u6LL3VkZGAcji++YQQHYD1uNZryURq7IosxmoLnb5L/
# FcBp22rmYx7/0nBF8VW6SttVXAlVAmxe1dwEdmQNL+YJDmhayS7lTiUgx3mWjgUZ
# 0lSvz5w+LWZIuHKLK/o0Fo8Lr4y63nCUxPukl46mjntciEd16zpaCv4ySCf/y83q
# MtRiBhD1+zuV9Kzla1CpwwRKPGccimksXGpmdAVGTUmzfK/ElA8sMB5KDFVDEhdD
# 6iqWcdP7MdZIsCC9qXaOqLPyeqSYZ58LgqUOt4tTW9eiGf6eORqHNRqtStR98pDl
# W+SfCj6AY8wRktKSldb+BKE+XJ/7AD24Lxz2iD6RI7hWwWnalu9z6XpZD1QMqUvw
# h+XjIycp1bNgm7i5indA2B1zotT9ebI8AEEAUMbQOMrtMWqZzGORfI8rhS1s4A+B
# Kh37ll6jAVtYgaifercDQa/PFYyp4dIFZDbWt4WiFYxX51YkpnI3GJKDmIT2or7u
# X2o43rk9sp4xHlsge4pT7epoDzgmuv6fIygfxSPKOp9znrWlAVMX7DniN92SnRke
# xyvCxE2Jps9p0Y7cfaM4VZsWIgHk+IB3hr4wrlRwRKa3sPH4fwU=
# =glZK
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 09 Jul 2024 04:48:51 AM PDT
# gpg:                using RSA key A0F66548F04895EBFE6B0B6051A343C7CFFBECA1
# gpg: Good signature from "Cédric Le Goater <clg@kaod.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: A0F6 6548 F048 95EB FE6B  0B60 51A3 43C7 CFFB ECA1

* tag 'pull-vfio-20240709' of https://github.com/legoater/qemu:
  vfio/display: Fix vfio_display_edid_init() error path
  vfio/display: Fix potential memleak of edid info
  virtio-iommu: Revert transient enablement of IOMMU MR in bypass mode
  memory: remove IOMMU MR iommu_set_page_size_mask() callback
  virtio-iommu : Retrieve page size mask on virtio_iommu_set_iommu_device()
  HostIOMMUDevice: Introduce get_page_size_mask() callback
  HostIOMMUDevice : remove Error handle from get_iova_ranges callback
  vfio-container-base: Introduce vfio_container_get_iova_ranges() helper
  virtio-iommu: Fix error handling in virtio_iommu_set_host_iova_ranges()

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agovfio/display: Fix vfio_display_edid_init() error path
Zhenzhong Duan [Mon, 1 Jul 2024 01:48:09 +0000 (09:48 +0800)] 
vfio/display: Fix vfio_display_edid_init() error path

vfio_display_edid_init() can fail for many reasons and return silently.
It would be good to report the error.

Old mdev driver may not support vfio edid region and we allow to go
through in this case.

vfio_display_edid_update() isn't changed because it can be called at
runtime when UI changes (i.e. window resize).

Fixes: 08479114b0de ("vfio/display: add edid support.")
Suggested-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
15 months agovfio/display: Fix potential memleak of edid info
Zhenzhong Duan [Mon, 1 Jul 2024 01:48:08 +0000 (09:48 +0800)] 
vfio/display: Fix potential memleak of edid info

EDID related device region info is leaked in vfio_display_edid_init()
error path and VFIODisplay destroying path.

Fixes: 08479114b0de ("vfio/display: add edid support.")
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
15 months agovirtio-iommu: Revert transient enablement of IOMMU MR in bypass mode
Eric Auger [Mon, 1 Jul 2024 08:48:59 +0000 (10:48 +0200)] 
virtio-iommu: Revert transient enablement of IOMMU MR in bypass mode

In 94df5b2180d6 ("virtio-iommu: Fix 64kB host page size VFIO device
assignment"), in case of bypass mode, we transiently enabled the
IOMMU MR to allow the set_page_size_mask() to be called and pass
information about the page size mask constraint of cold plugged
VFIO devices. Now we do not use the IOMMU MR callback anymore, we
can just get rid of this hack.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agomemory: remove IOMMU MR iommu_set_page_size_mask() callback
Eric Auger [Mon, 1 Jul 2024 08:48:58 +0000 (10:48 +0200)] 
memory: remove IOMMU MR iommu_set_page_size_mask() callback

Everything is now in place to use the Host IOMMU Device callbacks
to retrieve the page size mask usable with a given assigned device.
This new method brings the advantage to pass the info much earlier
to the virtual IOMMU and before the IOMMU MR gets enabled. So let's
remove the call to memory_region_iommu_set_page_size_mask in
vfio common.c and remove the single implementation of the IOMMU MR
callback in the virtio-iommu.c

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agovirtio-iommu : Retrieve page size mask on virtio_iommu_set_iommu_device()
Eric Auger [Mon, 1 Jul 2024 08:48:57 +0000 (10:48 +0200)] 
virtio-iommu : Retrieve page size mask on virtio_iommu_set_iommu_device()

Retrieve the Host IOMMU Device page size mask when this latter is set.
This allows to get the information much sooner than when relying on
IOMMU MR set_page_size_mask() call, whcih happens when the IOMMU MR
gets enabled. We introduce check_page_size_mask() helper whose code
is inherited from current virtio_iommu_set_page_size_mask()
implementation. This callback will be removed in a subsequent patch.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agoHostIOMMUDevice: Introduce get_page_size_mask() callback
Eric Auger [Mon, 1 Jul 2024 08:48:56 +0000 (10:48 +0200)] 
HostIOMMUDevice: Introduce get_page_size_mask() callback

This callback will be used to retrieve the page size mask supported
along a given Host IOMMU device.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agoHostIOMMUDevice : remove Error handle from get_iova_ranges callback
Eric Auger [Mon, 1 Jul 2024 08:48:55 +0000 (10:48 +0200)] 
HostIOMMUDevice : remove Error handle from get_iova_ranges callback

The error handle argument is not used anywhere. let's remove it.

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agovfio-container-base: Introduce vfio_container_get_iova_ranges() helper
Eric Auger [Mon, 1 Jul 2024 08:48:54 +0000 (10:48 +0200)] 
vfio-container-base: Introduce vfio_container_get_iova_ranges() helper

Introduce vfio_container_get_iova_ranges() to retrieve the usable
IOVA regions of the base container and use it in the Host IOMMU
device implementations of get_iova_ranges() callback.

We also fix a UAF bug as the list was shallow copied while
g_list_free_full() was used both on the single call site, in
virtio_iommu_set_iommu_device() but also in
vfio_container_instance_finalize(). Instead use g_list_copy_deep.

Fixes: cf2647a76e ("virtio-iommu: Compute host reserved regions")
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Suggested-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agovirtio-iommu: Fix error handling in virtio_iommu_set_host_iova_ranges()
Eric Auger [Mon, 1 Jul 2024 08:48:53 +0000 (10:48 +0200)] 
virtio-iommu: Fix error handling in virtio_iommu_set_host_iova_ranges()

In case no IOMMUPciBus/IOMMUDevice are found we need to properly
set the error handle and return.

Fixes : Coverity CID 1549006

Signed-off-by: Eric Auger <eric.auger@redhat.com>
Fixes: cf2647a76e ("virtio-iommu: Compute host reserved regions")
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
15 months agomachine_aspeed.py: update to test network for AST2700
Jamin Lin [Thu, 4 Jul 2024 08:29:22 +0000 (16:29 +0800)] 
machine_aspeed.py: update to test network for AST2700

Update test case to test network connection via SSH.

Test command:
```
cd build
pyvenv/bin/avocado run ../qemu/tests/avocado/machine_aspeed.py:AST2x00MachineSDK.test_aarch64_ast2700_evb_sdk_v09_02
```

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agomachine_aspeed.py: update to test ASPEED OpenBMC SDK v09.02 for AST2700
Jamin Lin [Thu, 4 Jul 2024 08:29:21 +0000 (16:29 +0800)] 
machine_aspeed.py: update to test ASPEED OpenBMC SDK v09.02 for AST2700

Update test case to test ASPEED OpenBMC SDK v09.02 for AST2700.

ASPEED fixed TX mask issue from linux/drivers/ftgmac100.c.
It is required to use ASPEED OpenBMC SDK since v09.02
for AST2700 QEMU network testing.

A test image is downloaded from the ASPEED Forked OpenBMC GitHub
release repository :
https://github.com/AspeedTech-BMC/openbmc/releases/

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/block: m25p80: support quad mode for w25q01jvq
Jamin Lin [Thu, 4 Jul 2024 08:29:20 +0000 (16:29 +0800)] 
hw/block: m25p80: support quad mode for w25q01jvq

According to the w25q01jv datasheet at page 16,
it is required to set QE bit in "Status Register 2".
Besides, users are able to utilize "Write Status Register 1(0x01)"
command to set QE bit in "Status Register 2" and
utilize "Read Status Register 2(0x35)" command to get the QE bit status.

To support quad mode for w25q01jvq, update collecting data needed
2 bytes for WRSR command in decode_new_cmd function and
verify QE bit at the second byte of collecting data bit 2
in complete_collecting_data.

Update RDCR_EQIO command to set bit 2 of return data
if quad mode enable in decode_new_cmd.

Signed-off-by: Troy Lee <troy_lee@aspeedtech.com>
Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agoaspeed/soc: set dma64 property for AST2700 ftgmac100
Jamin Lin [Thu, 4 Jul 2024 08:29:19 +0000 (16:29 +0800)] 
aspeed/soc: set dma64 property for AST2700 ftgmac100

ASPEED AST2700 SOC is a 64 bits quad core CPUs (Cortex-a35)
And the base address of dram is "0x4 00000000" which
is 64bits address.

Set dma64 property for ftgmac100 model to support
64bits dram address DMA.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/net:ftgmac100: update TX and RX packet buffers address to 64 bits
Jamin Lin [Thu, 4 Jul 2024 08:29:18 +0000 (16:29 +0800)] 
hw/net:ftgmac100: update TX and RX packet buffers address to 64 bits

ASPEED AST2700 SOC is a 64 bits quad core CPUs (Cortex-a35)
And the base address of dram is "0x4 00000000" which
is 64bits address.

It have "TXDES 2" and "RXDES 2" to save the high part
physical address of packet buffer.
Ex: TX packet buffer address [34:0]
The "TXDES 2" bits [18:16] which corresponds the bits [34:32]
of the 64 bits address of the TX packet buffer address
and "TXDES 3" bits [31:0] which corresponds the bits [31:0]
of the 64 bits address of the TX packet buffer address.

Update TX and RX packet buffers address type to
64 bits for dram 64 bits address DMA support.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/net:ftgmac100: introduce TX and RX ring base address high registers to support...
Jamin Lin [Thu, 4 Jul 2024 08:29:17 +0000 (16:29 +0800)] 
hw/net:ftgmac100: introduce TX and RX ring base address high registers to support 64 bits

ASPEED AST2700 SOC is a 64 bits quad core CPUs (Cortex-a35)
And the base address of dram is "0x4 00000000" which
is 64bits address.

It have "Normal Priority Transmit Ring Base Address Register High(0x17C)",
"High Priority Transmit Ring Base Address Register High(0x184)" and
"Receive Ring Base Address Register High(0x18C)" to save the high part physical
address of descriptor manager.
Ex: TX descriptor manager address [34:0]
The "Normal Priority Transmit Ring Base Address Register High(0x17C)"
bits [2:0] which corresponds the bits [34:32] of the 64 bits address of
the TX ring buffer address.
The "Normal Priority Transmit Ring Base Address Register(0x20)" bits [31:0]
which corresponds the bits [31:0] of the 64 bits address
of the TX ring buffer address.

Introduce a new sub region which size is 0x100 for the set of new registers
and map it at 0x100 in the container region.
This sub region range is from 0x100 to 0x1ff.

Introduce a new property and object attribute to activate the region for new registers.
Introduce a new memop handlers for the new register read and write.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/net:ftgmac100: update ring base address to 64 bits
Jamin Lin [Thu, 4 Jul 2024 08:29:16 +0000 (16:29 +0800)] 
hw/net:ftgmac100: update ring base address to 64 bits

Update TX and RX ring base address data type to uint64_t for
64 bits dram address DMA support.

Both "Normal Priority Transmit Ring Base Address Register(0x20)" and
"Receive Ring Base Address Register (0x24)" are used for saving the
low part physical address of descriptor manager.

Therefore, changes to set TX and RX descriptor manager address bits [31:0]
in ftgmac100_read and ftgmac100_write functions.

Incrementing the version of vmstate to 2.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agohw/net:ftgmac100: update memory region size to 64KB
Jamin Lin [Thu, 4 Jul 2024 08:29:15 +0000 (16:29 +0800)] 
hw/net:ftgmac100: update memory region size to 64KB

According to the datasheet of ASPEED SOCs,
one MAC controller owns 128KB of register space for AST2500.
However, one MAC controller only owns 64KB of register space for AST2600
and AST2700. It set the memory region size 128KB and it occupied another
controllers Address Spaces.

Update one MAC controller memory region size to 0x1000
because AST2500 did not use register spaces over than 64KB.

Introduce a new container region size to 0x1000 and its range
is from 0 to 0xfff. This container is mapped a sub region
for the current set of register.
This sub region range is from 0 to 0xff.

Signed-off-by: Jamin Lin <jamin_lin@aspeedtech.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
15 months agoMerge tag 'pull-qapi-2024-07-06' of https://repo.or.cz/qemu/armbru into staging
Richard Henderson [Sun, 7 Jul 2024 20:23:28 +0000 (13:23 -0700)] 
Merge tag 'pull-qapi-2024-07-06' of https://repo.or.cz/qemu/armbru into staging

QAPI patches patches for 2024-07-06

# -----BEGIN PGP SIGNATURE-----
#
# iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAmaI6xcSHGFybWJydUBy
# ZWRoYXQuY29tAAoJEDhwtADrkYZTTbQP/AonsqGYQyOPCWae9dfDt+Wy+k2gthoB
# dn/3SRjYnA23avEv2/AGAPxgp5MHkpdhh8eqNjWq9QgqgEUh/m0nJztS/MiLMHsR
# /PENPy4V2QFf7s5XtIutLiKXgGbzwtHxrbwnCNyQZW6dAK67VBTq5hPQSxFwBVga
# FDVm+DS2JehJ7IPMVmPT5gjI2cyDYNc/rxbvcbcb5SqirfJdPFk9nMJUrQ0Qubfs
# c9D6l8Cwzbm4JfSeRThs8v9CsDZ1+OIXnpDgGAP9hr7+yYFsovLSHfiLGFxnFXiN
# gSKLBNRIzXnC9cFsKY4jXuqFoSFblRccqCtPSYb7sAp3OVwKq3kA/XNuPIAPii8S
# cm+bhVJ3lyXUW5/6qruS5tOEkpsTnXC45Uw9nvZDEVXANMn3viZ1qInxKak8Nr+p
# k0bOHGE4NzRKkAvGDaTooUOlhG4iy9M+Q4dTcwKIoXTs1Euo8uOjAL+jGwT2pan5
# fb/P1cIqMgMpwSQjwIs7LoYMk20FF44CPtuwA+m85iLbTiiuUfQ4bTnVNMOQMibq
# 3QWIrEDfxwrvwMPsv/u/hcc5d2Tb+5QP9CeVmT9woSXJqU2g4yvKKP9JBf7jUFMC
# fTpNRcHOWsIoz+AgOrUeYe67fLpqUWQii08JhPg5f4ybbEzkzZub0zOKNFLYumG0
# VT3BQlO+8LdW
# =RwDq
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 05 Jul 2024 11:58:31 PM PDT
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]

* tag 'pull-qapi-2024-07-06' of https://repo.or.cz/qemu/armbru:
  sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
  qapi/parser: don't parse rST markup as section headers
  qapi: add markup to note blocks
  qapi: update prose in note blocks
  qapi: convert "Note" sections to plain rST
  qapi: nail down convention that Errors sections are lists
  qapi: fix non-compliant JSON examples
  docs/qapidoc: fix nested parsing under untagged sections
  qapi/parser: fix comment parsing immediately following a doc block
  qapi/parser: preserve indentation in QAPIDoc sections
  docs/qapidoc: delint a tiny portion of the module
  docs/qapidoc: remove unused intersperse function
  qapi: linter fixups

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agoMerge tag 'sdmmc-20240706' of https://github.com/philmd/qemu into staging
Richard Henderson [Sun, 7 Jul 2024 17:34:52 +0000 (10:34 -0700)] 
Merge tag 'sdmmc-20240706' of https://github.com/philmd/qemu into staging

SD/MMC patches queue

- Use published card address (RCA) in qtest/npcm7xx_sdhci
- Have cards use random RCA
- Use SD spec v3.01 by default
- Convert GEN_CMD to sd_generic_read/write_byte style
- Extract SDMMC_COMMON abstract QDev parent from SD_CARD
- Few housekeeping

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmaIbbcACgkQ4+MsLN6t
# wN6A2RAAvTqk05r+R8ayyGLtxi6RBLb36WfIZy1iaiS3S5i93KrIwqM3LPqWMRRf
# 1h2dmflec3q3ebY/iHl6bdasdUlqfZDaw8BKBPETbDt9xCVmEC9/n7Vi7EMPmzP6
# A2ci7ZCDup4gLwp8AuB9OcMJnlVLGCQjW5yOTjN0V1MaG15iv6N7d6Th/aLEPEUr
# Ji/kk8adRGJhGRHcbkL7BGK+TxyAOUjjyt0k5e5hSS1W0T4dLgIljxq/L0wOxlZe
# Ot11GO/0EykkMIm7uASYXQws8wJFMgfhTYn77ibbzVFCBtSKvsq6ziuX3WopPoGK
# 0IfMkiK1vRpKey54Yn3+28ZY0v86c3NXybNlLbdrkvcZJgMrFTb4bpWyhQyx4Xbu
# uHfFxfu+rZC8/jfVqHd/RFw5sUliokc9a+KbaG9Yzx5MzXufOnu3iVOpx1vA6ZXX
# lX87qA1tZ78kTn/CtAAPx3CBWE9ojgH7wz/ABBTifUkIfDz5kFYT3g+kfygQQ+xh
# +bvdfQWeJ51Z3tPrUWm5fSGyB//XmgCfww7CZ1d63QaebAwml0YYvR3kivgnZ9A1
# abLr+uN7o4q3bqaY2FUvtglBPttA58wt7n02utWef8ZHl72hCsbvPtfwp2idUMY7
# ZRqdnHOB+opDbH9Xy9tj3Cqq1UPiEv3U3qXhZtd1Us7LSHXC/bk=
# =iKnd
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 05 Jul 2024 03:03:35 PM PDT
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]

* tag 'sdmmc-20240706' of https://github.com/philmd/qemu:
  hw/sd/sdcard: Extract TYPE_SDMMC_COMMON from TYPE_SD_CARD
  hw/sd/sdcard: Introduce set_csd/set_cid handlers
  hw/sd/sdcard: Cover more SDCardStates
  hw/sd/sdcard: Trace length of data read on DAT lines
  hw/sd/sdcard: Remove default case in read/write on DAT lines
  hw/sd/sdcard: Remove noise from sd_cmd_name()
  hw/sd/sdcard: Remove noise from sd_acmd_name()
  hw/sd/sdcard: Remove sd_none enum from sd_cmd_type_t
  hw/sd/sdcard: Add sd_cmd_GEN_CMD handler (CMD56)
  hw/sd/sdcard: Rename sd_cmd_SEND_OP_COND handler
  hw/sd/sdcard: Use spec v3.01 by default
  hw/sd/sdcard: Remove leftover comment about removed 'spi' Property
  hw/sd/sdcard: Generate random RCA value
  tests/qtest/npcm7xx_sdhci: Access the card using its published address
  hw/sd/npcm7xx_sdhci: Use TYPE_SYSBUS_SDHCI definition
  hw/sd/sdhci: Log non-sequencial access as GUEST_ERROR

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agosphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments
Markus Armbruster [Fri, 28 Jun 2024 11:27:56 +0000 (13:27 +0200)] 
sphinx/qapidoc: Fix to generate doc for explicit, unboxed arguments

When a command's arguments are specified as an explicit type T,
generated documentation points to the members of T.

Example:

    ##
    # @announce-self:
    #
    # Trigger generation of broadcast RARP frames to update network
    [...]
    ##
    { 'command': 'announce-self', 'boxed': true,
      'data' : 'AnnounceParameters'}

generates

    "announce-self" (Command)
    -------------------------

    Trigger generation of broadcast RARP frames to update network
    [...]

    Arguments
    ~~~~~~~~~

    The members of "AnnounceParameters"

Except when the command takes its arguments unboxed , i.e. it doesn't
have 'boxed': true, we generate *nothing*.  A few commands have a
reference in their doc comment to compensate, but most don't.

Example:

    ##
    # @blockdev-snapshot-sync:
    #
    # Takes a synchronous snapshot of a block device.
    #
    # For the arguments, see the documentation of BlockdevSnapshotSync.
    [...]
    ##
    { 'command': 'blockdev-snapshot-sync',
      'data': 'BlockdevSnapshotSync',
      'allow-preconfig': true }

generates

    "blockdev-snapshot-sync" (Command)
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Takes a synchronous snapshot of a block device.

    For the arguments, see the documentation of BlockdevSnapshotSync.
    [...]

Same for event data.

Fix qapidoc.py to generate the reference regardless of boxing.  Delete
now redundant references in the doc comments.

Fixes: 4078ee5469e5 (docs/sphinx: Add new qapi-doc Sphinx extension)
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240628112756.794237-1-armbru@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
15 months agoqapi/parser: don't parse rST markup as section headers
John Snow [Wed, 26 Jun 2024 22:21:19 +0000 (18:21 -0400)] 
qapi/parser: don't parse rST markup as section headers

The double-colon synax is rST formatting that precedes a literal code
block. We do not want to capture these as QAPI-specific sections.

Coerce blocks that start with e.g. "Example::" to be parsed as untagged
paragraphs instead of special tagged sections.

Signed-off-by: John Snow <jsnow@redhat.com>
Message-ID: <20240626222128.406106-14-jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Indentation tweaked for consistency]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi: add markup to note blocks
John Snow [Wed, 26 Jun 2024 22:21:18 +0000 (18:21 -0400)] 
qapi: add markup to note blocks

Generally, surround command-line options with ``literal`` markup to help
it stand out from prose in rendered HTML, and add cross-references to
replace "see also" messages.

References to types, values, and other QAPI definitions are not yet
adjusted here; they will be converted en masse in a subsequent patch
after the new QAPI doc generator is merged.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-13-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi: update prose in note blocks
John Snow [Wed, 26 Jun 2024 22:21:17 +0000 (18:21 -0400)] 
qapi: update prose in note blocks

Where I've noticed, rephrase the note to read more fluently.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-12-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi: convert "Note" sections to plain rST
John Snow [Wed, 26 Jun 2024 22:21:16 +0000 (18:21 -0400)] 
qapi: convert "Note" sections to plain rST

We do not need a dedicated section for notes. By eliminating a specially
parsed section, these notes can be treated as normal rST paragraphs in
the new QMP reference manual, and can be placed and styled much more
flexibly.

Convert all existing "Note" and "Notes" sections to pure rST. As part of
the conversion, capitalize the first letter of each sentence and add
trailing punctuation where appropriate to ensure notes look sensible and
consistent in rendered HTML documentation. Markup is also re-aligned to
the de-facto standard of 3 spaces for directives.

Update docs/devel/qapi-code-gen.rst to reflect the new paradigm, and
update the QAPI parser to prohibit "Note" sections while suggesting a
new syntax. The exact formatting to use is a matter of taste, but a good
candidate is simply:

.. note:: lorem ipsum ...
   ... dolor sit amet ...
   ... consectetur adipiscing elit ...

... but there are other choices, too. The Sphinx readthedocs theme
offers theming for the following forms (capitalization unimportant); all
are adorned with a (!) symbol () in the title bar for rendered HTML
docs.

See
https://sphinx-rtd-theme.readthedocs.io/en/stable/demo/demo.html#admonitions
for examples of each directive/admonition in use.

These are rendered in orange:

.. Attention:: ...
.. Caution:: ...
.. WARNING:: ...

These are rendered in red:

.. DANGER:: ...
.. Error:: ...

These are rendered in green:

.. Hint:: ...
.. Important:: ...
.. Tip:: ...

These are rendered in blue:

.. Note:: ...
.. admonition:: custom title

   admonition body text

This patch uses ".. note::" almost everywhere, with just two "caution"
directives. Several instances of "Notes:" have been converted to
merely ".. note::", or multiple ".. note::" where appropriate.
".. admonition:: notes" is used in a few places where we had an
ordered list of multiple notes that would not make sense as
standalone/separate admonitions.  Two "Note:" following "Example:"
have been turned into ordinary paragraphs within the example.

NOTE: Because qapidoc.py does not attempt to preserve source ordering of
sections, the conversion of Notes from a "tagged section" to an
"untagged section" means that rendering order for some notes *may
change* as a result of this patch. The forthcoming qapidoc.py rewrite
strictly preserves source ordering in the rendered documentation, so
this issue will be rectified in the new generator.

Signed-off-by: John Snow <jsnow@redhat.com>
Acked-by: Stefan Hajnoczi <stefanha@redhat.com> [for block*.json]
Message-ID: <20240626222128.406106-11-jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message clarified slightly, period added to one more note]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi: nail down convention that Errors sections are lists
John Snow [Wed, 26 Jun 2024 22:21:15 +0000 (18:21 -0400)] 
qapi: nail down convention that Errors sections are lists

By unstated convention, Errors sections are rST lists.  Document the
convention, and make the one exception conform.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-10-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi: fix non-compliant JSON examples
John Snow [Wed, 26 Jun 2024 22:21:14 +0000 (18:21 -0400)] 
qapi: fix non-compliant JSON examples

The new QMP documentation generator wants to parse all examples as
"QMP". We have an existing QMP lexer in docs/sphinx/qmp_lexer.py (Seen
in-use here: https://qemu-project.gitlab.io/qemu/interop/bitmaps.html)
that allows the use of "->", "<-" and "..." tokens to denote QMP
protocol flow with elisions, but otherwise defers to the JSON lexer.

To utilize this lexer for the existing QAPI documentation, we need them
to conform to a standard so that they lex and render correctly. Once the
QMP lexer is active for examples, errant QMP/JSON will produce warning
messages and fail the build.

Fix any invalid JSON found in QAPI documentation (identified by
attempting to lex all examples as QMP; see subsequent
commits). Additionally, elisions must be standardized for the QMP lexer;
they must be represented as the value "...", so three examples have been
adjusted to support that format here.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-9-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agodocs/qapidoc: fix nested parsing under untagged sections
John Snow [Wed, 26 Jun 2024 22:21:13 +0000 (18:21 -0400)] 
docs/qapidoc: fix nested parsing under untagged sections

Sphinx does not like sections without titles, because it wants to
convert every section into a reference. When there is no title, it
struggles to do this and transforms the tree inproperly.

Depending on the rST used, this may result in an assertion error deep in
the docutils HTMLWriter.

(Observed when using ".. admonition:: Notes" under such a section - When
this is transformed with its own <title> element, Sphinx is fooled into
believing this title belongs to the section and incorrect mutates the
docutils tree, leading to errors during rendering time.)

When parsing an untagged section (free paragraphs), skip making a hollow
section and instead append the parse results to the prior section.

Many Bothans died to bring us this information.

The resulting output changes are basically invisible.

Signed-off-by: John Snow <jsnow@redhat.com>
Acked-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-8-jsnow@redhat.com>
[Mention output changes in commit message]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi/parser: fix comment parsing immediately following a doc block
John Snow [Wed, 26 Jun 2024 22:21:12 +0000 (18:21 -0400)] 
qapi/parser: fix comment parsing immediately following a doc block

If a comment immediately follows a doc block, the parser doesn't ignore
that token appropriately. Fix that.

e.g.

> ##
> # = Hello World!
> ##
>
> # I'm a comment!

will break the parser, because it does not properly ignore the comment
token if it immediately follows a doc block.

Fixes: 3d035cd2cca6 (qapi: Rewrite doc comment parser)
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-7-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi/parser: preserve indentation in QAPIDoc sections
John Snow [Wed, 26 Jun 2024 22:21:11 +0000 (18:21 -0400)] 
qapi/parser: preserve indentation in QAPIDoc sections

Change get_doc_indented() to preserve indentation on all subsequent text
lines, and create a compatibility dedent() function for qapidoc.py that
removes indentation the same way get_doc_indented() did.

This is being done for the benefit of a new qapidoc generator which
requires that indentation in argument and features sections are
preserved.

Prior to this patch, a section like this:

```
@name: lorem ipsum
   dolor sit amet
     consectetur adipiscing elit
```

would have its body text be parsed into:

```
lorem ipsum
dolor sit amet
  consectetur adipiscing elit
```

We want to preserve the indentation for even the first body line so that
the entire block can be parsed directly as rST. This patch would now
parse that segment into:

```
lorem ipsum
   dolor sit amet
     consectetur adipiscing elit
```

This is helpful for formatting arguments and features as field lists in
rST, where the new generator will format this information as:

```
:arg type name: lorem ipsum
   dolor sit amet
     consectetur apidiscing elit
```

...and can be formed by the simple concatenation of the field list
construct and the body text. The indents help preserve the continuation
of a block-level element, and further allow the use of additional rST
block-level constructs such as code blocks, lists, and other such
markup.

This understandably breaks the existing qapidoc.py; so a new function is
added there to dedent the text for compatibility. Once the new generator
is merged, this function will not be needed any longer and can be
dropped.

I verified this patch changes absolutely nothing by comparing the
md5sums of the QMP ref html pages both before and after the change, so
it's certified inert. QAPI test output has been updated to reflect the
new strategy of preserving indents for rST.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-6-jsnow@redhat.com>
[Lost commit message paragraph restored]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agodocs/qapidoc: delint a tiny portion of the module
John Snow [Wed, 26 Jun 2024 22:21:10 +0000 (18:21 -0400)] 
docs/qapidoc: delint a tiny portion of the module

In a forthcoming series that adds a new QMP documentation generator, it
will be helpful to have a linting baseline. However, there's no need to
shuffle around the deck chairs too much, because most of this code will
be removed once that new qapidoc generator (the "transmogrifier") is in
place.

To ease my pain: just turn off the black auto-formatter for most, but
not all, of qapidoc.py. This will help ensure that *new* code follows a
coding standard without bothering too much with cleaning up the existing
code.

Code that I intend to keep is still subject to the delinting beam.

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-5-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agodocs/qapidoc: remove unused intersperse function
John Snow [Wed, 26 Jun 2024 22:21:09 +0000 (18:21 -0400)] 
docs/qapidoc: remove unused intersperse function

This function has been unused since since commit
fd62bff901b (sphinx/qapidoc: Drop code to generate doc for simple
union tag).

Signed-off-by: John Snow <jsnow@redhat.com>
Message-ID: <20240626222128.406106-4-jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
[Commit message tweaked]
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agoqapi: linter fixups
John Snow [Wed, 26 Jun 2024 22:21:08 +0000 (18:21 -0400)] 
qapi: linter fixups

Fix minor irritants to pylint/flake8 et al.

(Yes, these need to be guarded by the Python tests. That's a work in
progress, a series that's quite likely to follow once I finish this
Sphinx project. Please pardon the temporary irritation.)

Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-ID: <20240626222128.406106-3-jsnow@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
15 months agohw/sd/sdcard: Extract TYPE_SDMMC_COMMON from TYPE_SD_CARD
Philippe Mathieu-Daudé [Wed, 3 Jul 2024 09:12:00 +0000 (11:12 +0200)] 
hw/sd/sdcard: Extract TYPE_SDMMC_COMMON from TYPE_SD_CARD

In order to keep eMMC model simpler to maintain,
extract common properties and the common code from
class_init to the (internal) TYPE_SDMMC_COMMON.

Update the corresponding QOM cast macros.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240703134356.85972-6-philmd@linaro.org>

15 months agohw/sd/sdcard: Introduce set_csd/set_cid handlers
Philippe Mathieu-Daudé [Fri, 14 Jun 2024 13:49:10 +0000 (15:49 +0200)] 
hw/sd/sdcard: Introduce set_csd/set_cid handlers

In preparation of introducing eMMC support which have
different CSD/CID structures, introduce a pair of handlers
in SDCardClass.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-82-philmd@linaro.org>

15 months agohw/sd/sdcard: Cover more SDCardStates
Philippe Mathieu-Daudé [Mon, 17 Jun 2024 10:05:21 +0000 (12:05 +0200)] 
hw/sd/sdcard: Cover more SDCardStates

So far eMMC will only use sd_sleep_state, but
all all states specified for completeness.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-81-philmd@linaro.org>

15 months agohw/sd/sdcard: Trace length of data read on DAT lines
Philippe Mathieu-Daudé [Thu, 20 Jun 2024 07:28:52 +0000 (09:28 +0200)] 
hw/sd/sdcard: Trace length of data read on DAT lines

Some commands expect less than BLOCK_LENGTH.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-80-philmd@linaro.org>

15 months agohw/sd/sdcard: Remove default case in read/write on DAT lines
Philippe Mathieu-Daudé [Sun, 16 Jun 2024 10:39:18 +0000 (12:39 +0200)] 
hw/sd/sdcard: Remove default case in read/write on DAT lines

All read/write on DAT lines are explicitly handled.
Reaching this point would be a programming error:
replace by an assertion.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-79-philmd@linaro.org>

15 months agohw/sd/sdcard: Remove noise from sd_cmd_name()
Philippe Mathieu-Daudé [Wed, 26 Jun 2024 21:52:36 +0000 (23:52 +0200)] 
hw/sd/sdcard: Remove noise from sd_cmd_name()

These CMD names weren't really useful, "UNKNOWN_CMD" is simpler.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-78-philmd@linaro.org>

15 months agohw/sd/sdcard: Remove noise from sd_acmd_name()
Philippe Mathieu-Daudé [Wed, 26 Jun 2024 21:51:55 +0000 (23:51 +0200)] 
hw/sd/sdcard: Remove noise from sd_acmd_name()

These ACMD names weren't really useful, "UNKNOWN_ACMD" is simpler.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-77-philmd@linaro.org>

15 months agohw/sd/sdcard: Remove sd_none enum from sd_cmd_type_t
Philippe Mathieu-Daudé [Mon, 24 Jun 2024 19:58:12 +0000 (21:58 +0200)] 
hw/sd/sdcard: Remove sd_none enum from sd_cmd_type_t

All handlers using the 'sd_none' enum got converted,
remove it.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-76-philmd@linaro.org>

15 months agohw/sd/sdcard: Add sd_cmd_GEN_CMD handler (CMD56)
Philippe Mathieu-Daudé [Thu, 20 Jun 2024 09:57:54 +0000 (11:57 +0200)] 
hw/sd/sdcard: Add sd_cmd_GEN_CMD handler (CMD56)

"General command" (GEN_CMD, CMD56) is described as:

  GEN_CMD is the same as the single block read or write
  commands (CMD24 or CMD17). The difference is that [...]
  the data block is not a memory payload data but has a
  vendor specific format and meaning.

Thus this block must not be stored overwriting data block
on underlying storage drive. Handle as RAZ/WI.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240703134356.85972-3-philmd@linaro.org>

15 months agohw/sd/sdcard: Rename sd_cmd_SEND_OP_COND handler
Philippe Mathieu-Daudé [Wed, 3 Jul 2024 12:56:25 +0000 (14:56 +0200)] 
hw/sd/sdcard: Rename sd_cmd_SEND_OP_COND handler

The correct command name is 'SD SEND_OP_COND',
rename accordingly.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240703134356.85972-4-philmd@linaro.org>

15 months agohw/sd/sdcard: Use spec v3.01 by default
Philippe Mathieu-Daudé [Thu, 27 Jun 2024 07:03:33 +0000 (09:03 +0200)] 
hw/sd/sdcard: Use spec v3.01 by default

Recent SDHCI expect cards to support the v3.01 spec
to negociate lower I/O voltage. Select it by default.

Versioned machine types with a version of 9.0 or
earlier retain the old default (spec v2.00).

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Tested-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240703134356.85972-2-philmd@linaro.org>

15 months agohw/sd/sdcard: Remove leftover comment about removed 'spi' Property
Philippe Mathieu-Daudé [Wed, 3 Jul 2024 07:59:49 +0000 (09:59 +0200)] 
hw/sd/sdcard: Remove leftover comment about removed 'spi' Property

Commit c3287c0f70 ("hw/sd: Introduce a "sd-card" SPI variant
model") removed the 'spi' property. Remove the comment left
over.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Message-Id: <20240703085907.66775-2-philmd@linaro.org>

15 months agohw/sd/sdcard: Generate random RCA value
Philippe Mathieu-Daudé [Mon, 17 Jun 2024 15:57:54 +0000 (17:57 +0200)] 
hw/sd/sdcard: Generate random RCA value

Rather than using the obscure 0x4567 magic value,
use a real random one.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Message-Id: <20240702140842.54242-5-philmd@linaro.org>

15 months agotests/qtest/npcm7xx_sdhci: Access the card using its published address
Philippe Mathieu-Daudé [Tue, 2 Jul 2024 13:06:04 +0000 (15:06 +0200)] 
tests/qtest/npcm7xx_sdhci: Access the card using its published address

Currently setup_sd_card() asks the card its address,
but discard the response and use hardcoded 0x4567.

Set the SDHC_CMD_RESPONSE bit to have the controller
record the bus response, and read the response from
the RSPREG0 register. Then we can select the card with
its real address.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240702140842.54242-4-philmd@linaro.org>

15 months agohw/sd/npcm7xx_sdhci: Use TYPE_SYSBUS_SDHCI definition
Philippe Mathieu-Daudé [Tue, 2 Jul 2024 12:28:14 +0000 (14:28 +0200)] 
hw/sd/npcm7xx_sdhci: Use TYPE_SYSBUS_SDHCI definition

Use the macro instead of two explicit string literals.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240702140842.54242-2-philmd@linaro.org>

15 months agohw/sd/sdhci: Log non-sequencial access as GUEST_ERROR
Philippe Mathieu-Daudé [Tue, 2 Jul 2024 12:28:30 +0000 (14:28 +0200)] 
hw/sd/sdhci: Log non-sequencial access as GUEST_ERROR

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Tested-by: Andrew Jeffery <andrew@codeconstruct.com.au>
Message-Id: <20240702140842.54242-3-philmd@linaro.org>

15 months agoMerge tag 'pull-maintainer-july24-050724-1' of https://gitlab.com/stsquad/qemu into...
Richard Henderson [Fri, 5 Jul 2024 16:15:48 +0000 (09:15 -0700)] 
Merge tag 'pull-maintainer-july24-050724-1' of https://gitlab.com/stsquad/qemu into staging

Updates for testing, plugins, gdbstub

  - restore some 32 bit host builds and testing
  - move some physmem tracepoint definitions
  - use --userns keep-id for podman builds
  - cleanup check-tcg compiler flag checking for Arm
  - fix some casting in fcvt test
  - tweak check-tcg inline asm for clang
  - suppress some invalid clang warnings
  - disable KVM for the TCI builds
  - improve the insn tracking plugin
  - cleanups to the lockstep plugin
  - free plugin data on cpu finalise
  - assert cpu->index assigned
  - move qemu_plugin_vcpu_init__async into plugin code
  - add support for dynamic gdb command tables
  - allow targets to extend gdb capabilities
  - enable user-mode MTE support

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmaH3bEACgkQ+9DbCVqe
# KkTnvwf9HS68sTICEJqBfY663hjcfdFGsSV/h3q7SN3fhKm/3JHGNK+kumgqdnaC
# ykd7tx0AtBGgKm83B7G6MPywsVMIosMeV3mFeJTVHhKsFwGNjSiGkr3j4R2qxjFt
# nYQ977FqBKyhvhSplR2wwhwi+JpuGWFGlnQTvdF2Z7ni4YCDFcbl4eiMyGwsjbWm
# 0VBP+wCSSMIIbS9Qb7DrhZlfu0+wKZK/q0FLzVVofcLSXGou+Mse/qhtG+yAU/FI
# qqqV+7J4PU9E4BqFaklxyRtBrpXNDgpo77pu6ZR7oDXD7HNMuIAuEIlkxMJjarNM
# xN64WOOzw15R2RMVyXdYx6ccxWft2Q==
# =9Gmk
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 05 Jul 2024 04:49:05 AM PDT
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]

* tag 'pull-maintainer-july24-050724-1' of https://gitlab.com/stsquad/qemu: (40 commits)
  tests/tcg/aarch64: Add MTE gdbstub tests
  gdbstub: Add support for MTE in user mode
  gdbstub: Use true to set cmd_startswith
  gdbstub: Pass CPU context to command handler
  gdbstub: Make hex conversion function non-internal
  target/arm: Factor out code for setting MTE TCF0 field
  target/arm: Make some MTE helpers widely available
  target/arm: Fix exception case in allocation_tag_mem_probe
  gdbstub: Add support for target-specific stubs
  gdbstub: Move GdbCmdParseEntry into a new header file
  gdbstub: Clean up process_string_cmd
  accel/tcg: Move qemu_plugin_vcpu_init__async() to plugins/
  plugins: Free CPUPluginState before destroying vCPU state
  plugins: Ensure vCPU index is assigned in init/exit hooks
  plugins/lockstep: clean-up output
  plugins/lockstep: mention the one-insn-per-tb option
  plugins/lockstep: make mixed-mode safe
  plugins/lockstep: preserve sock_path
  test/plugins: preserve the instruction record over translations
  test/plugin: make insn plugin less noisy by default
  ...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
15 months agotests/tcg/aarch64: Add MTE gdbstub tests
Gustavo Romero [Fri, 5 Jul 2024 08:40:47 +0000 (09:40 +0100)] 
tests/tcg/aarch64: Add MTE gdbstub tests

Add tests to exercise the MTE stubs. The tests will only run if a
version of GDB that supports MTE is available in the test environment.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
[AJB: re-base and checkpatch fixes]
Message-Id: <20240628050850.536447-12-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-41-alex.bennee@linaro.org>

15 months agogdbstub: Add support for MTE in user mode
Gustavo Romero [Fri, 5 Jul 2024 08:40:46 +0000 (09:40 +0100)] 
gdbstub: Add support for MTE in user mode

This commit implements the stubs to handle the qIsAddressTagged,
qMemTag, and QMemTag GDB packets, allowing all GDB 'memory-tag'
subcommands to work with QEMU gdbstub on aarch64 user mode. It also
implements the get/set functions for the special GDB MTE register
'tag_ctl', used to control the MTE fault type at runtime.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Message-Id: <20240628050850.536447-11-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-40-alex.bennee@linaro.org>

15 months agogdbstub: Use true to set cmd_startswith
Gustavo Romero [Fri, 5 Jul 2024 08:40:45 +0000 (09:40 +0100)] 
gdbstub: Use true to set cmd_startswith

cmd_startswith is a boolean so use 'true' to set it instead of 1.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Message-Id: <20240628050850.536447-10-gustavo.romero@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-39-alex.bennee@linaro.org>

15 months agogdbstub: Pass CPU context to command handler
Gustavo Romero [Fri, 5 Jul 2024 08:40:44 +0000 (09:40 +0100)] 
gdbstub: Pass CPU context to command handler

Allow passing the current CPU context to command handlers via user_ctx
when the handler requires it.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Message-Id: <20240628050850.536447-9-gustavo.romero@linaro.org>
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-38-alex.bennee@linaro.org>

15 months agogdbstub: Make hex conversion function non-internal
Gustavo Romero [Fri, 5 Jul 2024 08:40:43 +0000 (09:40 +0100)] 
gdbstub: Make hex conversion function non-internal

Make gdb_hextomem non-internal so it's not confined to use only in
gdbstub.c.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240628050850.536447-8-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-37-alex.bennee@linaro.org>

15 months agotarget/arm: Factor out code for setting MTE TCF0 field
Gustavo Romero [Fri, 5 Jul 2024 08:40:42 +0000 (09:40 +0100)] 
target/arm: Factor out code for setting MTE TCF0 field

Factor out the code used for setting the MTE TCF0 field from the prctl
code into a convenient function. Other subsystems, like gdbstub, need to
set this field as well, so keep it as a separate function to avoid
duplication and ensure consistency in how this field is set across the
board.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Message-Id: <20240628050850.536447-7-gustavo.romero@linaro.org>
[AJB: clean-up includes, move MTE defines]
Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-36-alex.bennee@linaro.org>

15 months agotarget/arm: Make some MTE helpers widely available
Gustavo Romero [Fri, 5 Jul 2024 08:40:41 +0000 (09:40 +0100)] 
target/arm: Make some MTE helpers widely available

Make the MTE helpers allocation_tag_mem_probe, load_tag1, and store_tag1
available to other subsystems.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240628050850.536447-6-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-35-alex.bennee@linaro.org>

15 months agotarget/arm: Fix exception case in allocation_tag_mem_probe
Gustavo Romero [Fri, 5 Jul 2024 08:40:40 +0000 (09:40 +0100)] 
target/arm: Fix exception case in allocation_tag_mem_probe

If page in 'ptr_access' is inaccessible and probe is 'true'
allocation_tag_mem_probe should not throw an exception, but currently it
does, so fix it.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240628050850.536447-5-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-34-alex.bennee@linaro.org>

15 months agogdbstub: Add support for target-specific stubs
Gustavo Romero [Fri, 5 Jul 2024 08:40:39 +0000 (09:40 +0100)] 
gdbstub: Add support for target-specific stubs

Currently, it's not possible to have stubs specific to a given target,
even though there are GDB features which are target-specific, like, for
instance, memory tagging.

This commit introduces gdb_extend_qsupported_features,
gdb_extend_query_table, and gdb_extend_set_table functions as interfaces
to extend the qSupported string, the query handler table, and the set
handler table, allowing target-specific stub implementations.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240628050850.536447-4-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-33-alex.bennee@linaro.org>

15 months agogdbstub: Move GdbCmdParseEntry into a new header file
Gustavo Romero [Fri, 5 Jul 2024 08:40:38 +0000 (09:40 +0100)] 
gdbstub: Move GdbCmdParseEntry into a new header file

Move GdbCmdParseEntry and its associated types into a separate header
file to allow the use of GdbCmdParseEntry and other gdbstub command
functions outside of gdbstub.c.

Since GdbCmdParseEntry and get_param are now public, kdoc
GdbCmdParseEntry and rename get_param to gdb_get_cmd_param.

This commit also makes gdb_put_packet public since is used in gdbstub
command handling.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240628050850.536447-3-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-32-alex.bennee@linaro.org>

15 months agogdbstub: Clean up process_string_cmd
Gustavo Romero [Fri, 5 Jul 2024 08:40:37 +0000 (09:40 +0100)] 
gdbstub: Clean up process_string_cmd

Change 'process_string_cmd' to return true on success and false on
failure, instead of 0 and -1.

Signed-off-by: Gustavo Romero <gustavo.romero@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20240628050850.536447-2-gustavo.romero@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-31-alex.bennee@linaro.org>

15 months agoaccel/tcg: Move qemu_plugin_vcpu_init__async() to plugins/
Philippe Mathieu-Daudé [Fri, 5 Jul 2024 08:40:36 +0000 (09:40 +0100)] 
accel/tcg: Move qemu_plugin_vcpu_init__async() to plugins/

Calling qemu_plugin_vcpu_init__async() on the vCPU thread
is a detail of plugins, not relevant to TCG vCPU management.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240606124010.2460-4-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-30-alex.bennee@linaro.org>

15 months agoplugins: Free CPUPluginState before destroying vCPU state
Philippe Mathieu-Daudé [Fri, 5 Jul 2024 08:40:35 +0000 (09:40 +0100)] 
plugins: Free CPUPluginState before destroying vCPU state

cpu::plugin_state is allocated in cpu_common_initfn() when
the vCPU state is created. Release it in cpu_common_finalize()
when we are done.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240606124010.2460-3-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-29-alex.bennee@linaro.org>

15 months agoplugins: Ensure vCPU index is assigned in init/exit hooks
Philippe Mathieu-Daudé [Fri, 5 Jul 2024 08:40:34 +0000 (09:40 +0100)] 
plugins: Ensure vCPU index is assigned in init/exit hooks

Since vCPUs are hashed by their index, this index can't
be uninitialized (UNASSIGNED_CPU_INDEX).

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240606124010.2460-2-philmd@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-28-alex.bennee@linaro.org>

15 months agoplugins/lockstep: clean-up output
Alex Bennée [Fri, 5 Jul 2024 08:40:33 +0000 (09:40 +0100)] 
plugins/lockstep: clean-up output

We were repeating information which wasn't super clear. As we already
will have dumped the last failing PC just note the divergence and dump
the previous instruction log.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-27-alex.bennee@linaro.org>

15 months agoplugins/lockstep: mention the one-insn-per-tb option
Alex Bennée [Fri, 5 Jul 2024 08:40:32 +0000 (09:40 +0100)] 
plugins/lockstep: mention the one-insn-per-tb option

This really helps with lockstep although its super slow on big jobs.

Reviewed-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240705084047.857176-26-alex.bennee@linaro.org>