[Qemu-devel] [PULL 0/8] target-arm queue

[Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

target-arm pullreq for softfreeze: bugfixes and cleanups and
the first traces of ARMv8 support in the shape of LDA/STL 
instructions. (There will be more of that in QEMU 1.7, I'm sure.)
Please pull.
 
thanks
-- PMM

The following changes since commit c3cb8e77804313e1be99b5f28a34a346736707a5:

  ioport: remove LITTLE_ENDIAN mark for portio (2013-07-12 14:37:47 -0500)

are available in the git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20130715-1

for you to fetch changes up to 82a3a11897308b606120f7235001e87809708f85:

  target-arm: Avoid g_hash_table_get_keys() (2013-07-15 17:13:51 +0100)

----------------------------------------------------------------
target-arm queue

----------------------------------------------------------------
Mans Rullgard (3):
      target-arm: add feature flag for ARMv8
      target-arm: implement LDA/STL instructions
      target-arm: explicitly decode SEVL instruction

Peter Crosthwaite (3):
      target-arm/helper.c: OMAP/StrongARM cp15 crn=0 cleanup
      target-arm/helper.c: Implement MIDR aliases
      target-arm/helper.c: Allow const opaques in arm CP

Peter Maydell (2):
      target-arm: avoid undefined behaviour when writing TTBCR
      target-arm: Avoid g_hash_table_get_keys()

 target-arm/cpu.c       |    7 ++-
 target-arm/cpu.h       |    1 +
 target-arm/helper.c    |   51 ++++++++++++-------
 target-arm/translate.c |  133 ++++++++++++++++++++++++++++++++++++++++++++----
 4 files changed, 161 insertions(+), 31 deletions(-)

[Qemu-devel] [PULL 1/8] target-arm: add feature flag for ARMv8

[Peter Maydell]

From: Mans Rullgard <mans@mansr.com>

Signed-off-by: Mans Rullgard <mans@mansr.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/cpu.c       |    7 ++++++-
 target-arm/cpu.h       |    1 +
 target-arm/translate.c |    1 +
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/target-arm/cpu.c b/target-arm/cpu.c
index be26acc..9f1696f 100644
--- a/target-arm/cpu.c
+++ b/target-arm/cpu.c
@@ -157,6 +157,11 @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)
     CPUARMState *env = &cpu->env;
 
     /* Some features automatically imply others: */
+    if (arm_feature(env, ARM_FEATURE_V8)) {
+        set_feature(env, ARM_FEATURE_V7);
+        set_feature(env, ARM_FEATURE_ARM_DIV);
+        set_feature(env, ARM_FEATURE_LPAE);
+    }
     if (arm_feature(env, ARM_FEATURE_V7)) {
         set_feature(env, ARM_FEATURE_VAPA);
         set_feature(env, ARM_FEATURE_THUMB2);
@@ -744,7 +749,7 @@ static void pxa270c5_initfn(Object *obj)
 static void arm_any_initfn(Object *obj)
 {
     ARMCPU *cpu = ARM_CPU(obj);
-    set_feature(&cpu->env, ARM_FEATURE_V7);
+    set_feature(&cpu->env, ARM_FEATURE_V8);
     set_feature(&cpu->env, ARM_FEATURE_VFP4);
     set_feature(&cpu->env, ARM_FEATURE_VFP_FP16);
     set_feature(&cpu->env, ARM_FEATURE_NEON);
diff --git a/target-arm/cpu.h b/target-arm/cpu.h
index 1369604..c798b27 100644
--- a/target-arm/cpu.h
+++ b/target-arm/cpu.h
@@ -387,6 +387,7 @@ enum arm_features {
     ARM_FEATURE_MPIDR, /* has cp15 MPIDR */
     ARM_FEATURE_PXN, /* has Privileged Execute Never bit */
     ARM_FEATURE_LPAE, /* has Large Physical Address Extension */
+    ARM_FEATURE_V8,
 };
 
 static inline int arm_feature(CPUARMState *env, int feature)
diff --git a/target-arm/translate.c b/target-arm/translate.c
index 9310c58..0db1132 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -42,6 +42,7 @@
 #define ENABLE_ARCH_6K   arm_feature(env, ARM_FEATURE_V6K)
 #define ENABLE_ARCH_6T2   arm_feature(env, ARM_FEATURE_THUMB2)
 #define ENABLE_ARCH_7     arm_feature(env, ARM_FEATURE_V7)
+#define ENABLE_ARCH_8     arm_feature(env, ARM_FEATURE_V8)
 
 #define ARCH(x) do { if (!ENABLE_ARCH_##x) goto illegal_op; } while(0)
 
-- 
1.7.9.5

[Qemu-devel] [PULL 2/8] target-arm: implement LDA/STL instructions

[Peter Maydell]

From: Mans Rullgard <mans@mansr.com>

This adds support for the ARMv8 load acquire/store release instructions.
Since qemu does nothing special for memory barriers, these can be
emulated like their non-acquire/release counterparts.

Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/translate.c |  129 ++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 119 insertions(+), 10 deletions(-)

diff --git a/target-arm/translate.c b/target-arm/translate.c
index 0db1132..b7663dd 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -7274,14 +7274,72 @@ static void disas_arm_insn(CPUARMState * env, DisasContext *s)
                     rd = (insn >> 12) & 0xf;
                     if (insn & (1 << 23)) {
                         /* load/store exclusive */
+                        int op2 = (insn >> 8) & 3;
                         op1 = (insn >> 21) & 0x3;
-                        if (op1)
-                            ARCH(6K);
-                        else
-                            ARCH(6);
+
+                        switch (op2) {
+                        case 0: /* lda/stl */
+                            if (op1 == 1) {
+                                goto illegal_op;
+                            }
+                            ARCH(8);
+                            break;
+                        case 1: /* reserved */
+                            goto illegal_op;
+                        case 2: /* ldaex/stlex */
+                            ARCH(8);
+                            break;
+                        case 3: /* ldrex/strex */
+                            if (op1) {
+                                ARCH(6K);
+                            } else {
+                                ARCH(6);
+                            }
+                            break;
+                        }
+
                         addr = tcg_temp_local_new_i32();
                         load_reg_var(s, addr, rn);
-                        if (insn & (1 << 20)) {
+
+                        /* Since the emulation does not have barriers,
+                           the acquire/release semantics need no special
+                           handling */
+                        if (op2 == 0) {
+                            if (insn & (1 << 20)) {
+                                tmp = tcg_temp_new_i32();
+                                switch (op1) {
+                                case 0: /* lda */
+                                    tcg_gen_qemu_ld32u(tmp, addr, IS_USER(s));
+                                    break;
+                                case 2: /* ldab */
+                                    tcg_gen_qemu_ld8u(tmp, addr, IS_USER(s));
+                                    break;
+                                case 3: /* ldah */
+                                    tcg_gen_qemu_ld16u(tmp, addr, IS_USER(s));
+                                    break;
+                                default:
+                                    abort();
+                                }
+                                store_reg(s, rd, tmp);
+                            } else {
+                                rm = insn & 0xf;
+                                tmp = load_reg(s, rm);
+                                switch (op1) {
+                                case 0: /* stl */
+                                    tcg_gen_qemu_st32(tmp, addr, IS_USER(s));
+                                    break;
+                                case 2: /* stlb */
+                                    tcg_gen_qemu_st8(tmp, addr, IS_USER(s));
+                                    break;
+                                case 3: /* stlh */
+                                    tcg_gen_qemu_st16(tmp, addr, IS_USER(s));
+                                    break;
+                                default:
+                                    abort();
+                                }
+                                tcg_temp_free_i32(tmp);
+                            }
+                        } else if (insn & (1 << 20)) {
                             switch (op1) {
                             case 0: /* ldrex */
                                 gen_load_exclusive(s, rd, 15, addr, 2);
@@ -8126,7 +8184,7 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw
                     gen_store_exclusive(s, rd, rs, 15, addr, 2);
                 }
                 tcg_temp_free_i32(addr);
-            } else if ((insn & (1 << 6)) == 0) {
+            } else if ((insn & (7 << 5)) == 0) {
                 /* Table Branch.  */
                 if (rn == 15) {
                     addr = tcg_temp_new_i32();
@@ -8152,15 +8210,66 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw
                 tcg_gen_addi_i32(tmp, tmp, s->pc);
                 store_reg(s, 15, tmp);
             } else {
-                /* Load/store exclusive byte/halfword/doubleword.  */
-                ARCH(7);
+                int op2 = (insn >> 6) & 0x3;
                 op = (insn >> 4) & 0x3;
-                if (op == 2) {
+                switch (op2) {
+                case 0:
                     goto illegal_op;
+                case 1:
+                    /* Load/store exclusive byte/halfword/doubleword */
+                    if (op == 2) {
+                        goto illegal_op;
+                    }
+                    ARCH(7);
+                    break;
+                case 2:
+                    /* Load-acquire/store-release */
+                    if (op == 3) {
+                        goto illegal_op;
+                    }
+                    /* Fall through */
+                case 3:
+                    /* Load-acquire/store-release exclusive */
+                    ARCH(8);
+                    break;
                 }
                 addr = tcg_temp_local_new_i32();
                 load_reg_var(s, addr, rn);
-                if (insn & (1 << 20)) {
+                if (!(op2 & 1)) {
+                    if (insn & (1 << 20)) {
+                        tmp = tcg_temp_new_i32();
+                        switch (op) {
+                        case 0: /* ldab */
+                            tcg_gen_qemu_ld8u(tmp, addr, IS_USER(s));
+                            break;
+                        case 1: /* ldah */
+                            tcg_gen_qemu_ld16u(tmp, addr, IS_USER(s));
+                            break;
+                        case 2: /* lda */
+                            tcg_gen_qemu_ld32u(tmp, addr, IS_USER(s));
+                            break;
+                        default:
+                            abort();
+                        }
+                        store_reg(s, rs, tmp);
+                    } else {
+                        tmp = load_reg(s, rs);
+                        switch (op) {
+                        case 0: /* stlb */
+                            tcg_gen_qemu_st8(tmp, addr, IS_USER(s));
+                            break;
+                        case 1: /* stlh */
+                            tcg_gen_qemu_st16(tmp, addr, IS_USER(s));
+                            break;
+                        case 2: /* stl */
+                            tcg_gen_qemu_st32(tmp, addr, IS_USER(s));
+                            break;
+                        default:
+                            abort();
+                        }
+                        tcg_temp_free_i32(tmp);
+                    }
+                } else if (insn & (1 << 20)) {
                     gen_load_exclusive(s, rs, rd, addr, op);
                 } else {
                     gen_store_exclusive(s, rm, rs, rd, addr, op);
-- 
1.7.9.5

[Qemu-devel] [PULL 3/8] target-arm: explicitly decode SEVL instruction

[Peter Maydell]

From: Mans Rullgard <mans@mansr.com>

The ARMv8 SEVL instruction is in the architectural hint space already
emulated as nop.  This makes the decoding of SEVL explicit for clarity.

Signed-off-by: Mans Rullgard <mans@mansr.com>
Message-id: 1370606786-5650-3-git-send-email-mans@mansr.com
[PMM: added 'SEVL' to the TODO comment]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/translate.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/target-arm/translate.c b/target-arm/translate.c
index b7663dd..7b50c8c 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -3501,7 +3501,8 @@ static void gen_nop_hint(DisasContext *s, int val)
         break;
     case 2: /* wfe */
     case 4: /* sev */
-        /* TODO: Implement SEV and WFE.  May help SMP performance.  */
+    case 5: /* sevl */
+        /* TODO: Implement SEV, SEVL and WFE.  May help SMP performance.  */
     default: /* nop */
         break;
     }
-- 
1.7.9.5

[Qemu-devel] [PULL 4/8] target-arm/helper.c: OMAP/StrongARM cp15 crn=0 cleanup

[Peter Maydell]

From: Peter Crosthwaite <peter.crosthwaite@xilinx.com>

The if block detecting OMAP/StrongARM modifies the id_cp_reginfo
.access fields in place. So there is no need to replicate the call
to define_arm_cp_reg(). Dropped, and let the OMAP case fall through
to the normal behaviour after the in-place modification.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 72aae9b8ebbc9a76d2b06faf8666ef8a4b34b92a.1373429432.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/helper.c |   13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 5f639fd..47e6c09 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1435,21 +1435,16 @@ void register_cp_regs_for_features(ARMCPU *cpu)
             arm_feature(env, ARM_FEATURE_STRONGARM)) {
             ARMCPRegInfo *r;
             /* Register the blanket "writes ignored" value first to cover the
-             * whole space. Then define the specific ID registers, but update
-             * their access field to allow write access, so that they ignore
-             * writes rather than causing them to UNDEF.
+             * whole space. Then update the specific ID registers to allow write
+             * access, so that they ignore writes rather than causing them to
+             * UNDEF.
              */
             define_one_arm_cp_reg(cpu, &crn0_wi_reginfo);
             for (r = id_cp_reginfo; r->type != ARM_CP_SENTINEL; r++) {
                 r->access = PL1_RW;
-                define_one_arm_cp_reg(cpu, r);
             }
-        } else {
-            /* Just register the standard ID registers (read-only, meaning
-             * that writes will UNDEF).
-             */
-            define_arm_cp_regs(cpu, id_cp_reginfo);
         }
+        define_arm_cp_regs(cpu, id_cp_reginfo);
     }
 
     if (arm_feature(env, ARM_FEATURE_AUXCR)) {
-- 
1.7.9.5

[Qemu-devel] [PULL 5/8] target-arm/helper.c: Implement MIDR aliases

[Peter Maydell]

From: Peter Crosthwaite <peter.crosthwaite@xilinx.com>

Unimplemented registers in the cp15, CRn=0, opc1=0, CRm=0 space default
to aliasing the MIDR register. Set all registers in the space to access
MIDR by default.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 6127846712b7ad2727354a4f5e1d809451f1e859.1373429432.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/helper.c |   16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 47e6c09..8d8a8de 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1378,9 +1378,6 @@ void register_cp_regs_for_features(ARMCPU *cpu)
     if (arm_feature(env, ARM_FEATURE_DUMMY_C15_REGS)) {
         define_arm_cp_regs(cpu, dummy_c15_cp_reginfo);
     }
-    if (arm_feature(env, ARM_FEATURE_MPIDR)) {
-        define_arm_cp_regs(cpu, mpidr_cp_reginfo);
-    }
     if (arm_feature(env, ARM_FEATURE_LPAE)) {
         define_arm_cp_regs(cpu, lpae_cp_reginfo);
     }
@@ -1393,12 +1390,17 @@ void register_cp_regs_for_features(ARMCPU *cpu)
             /* Note that the MIDR isn't a simple constant register because
              * of the TI925 behaviour where writes to another register can
              * cause the MIDR value to change.
+             *
+             * Unimplemented registers in the c15 0 0 0 space default to
+             * MIDR. Define MIDR first as this entire space, then CTR, TCMTR
+             * and friends override accordingly.
              */
             { .name = "MIDR",
-              .cp = 15, .crn = 0, .crm = 0, .opc1 = 0, .opc2 = 0,
+              .cp = 15, .crn = 0, .crm = 0, .opc1 = 0, .opc2 = CP_ANY,
               .access = PL1_R, .resetvalue = cpu->midr,
               .writefn = arm_cp_write_ignore, .raw_writefn = raw_write,
-              .fieldoffset = offsetof(CPUARMState, cp15.c0_cpuid) },
+              .fieldoffset = offsetof(CPUARMState, cp15.c0_cpuid),
+              .type = ARM_CP_OVERRIDE },
             { .name = "CTR",
               .cp = 15, .crn = 0, .crm = 0, .opc1 = 0, .opc2 = 1,
               .access = PL1_R, .type = ARM_CP_CONST, .resetvalue = cpu->ctr },
@@ -1447,6 +1449,10 @@ void register_cp_regs_for_features(ARMCPU *cpu)
         define_arm_cp_regs(cpu, id_cp_reginfo);
     }
 
+    if (arm_feature(env, ARM_FEATURE_MPIDR)) {
+        define_arm_cp_regs(cpu, mpidr_cp_reginfo);
+    }
+
     if (arm_feature(env, ARM_FEATURE_AUXCR)) {
         ARMCPRegInfo auxcr = {
             .name = "AUXCR", .cp = 15, .crn = 1, .crm = 0, .opc1 = 0, .opc2 = 1,
-- 
1.7.9.5

[Qemu-devel] [PULL 6/8] target-arm/helper.c: Allow const opaques in arm CP

[Peter Maydell]

From: Peter Crosthwaite <peter.crosthwaite@xilinx.com>

Allow for defining const opaque data in ARM CP register definitions by
setting .opaque = foo. If non null opaque is passed into
define_one_arm_cp_reg_with_opaque then that opaque will take
precedence, otherwise if null opaque is passed, the original opaque
data will be used.

Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: cf0a3ac3438d97464240db9f5f4ef1585cbc1d77.1373429432.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/helper.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 8d8a8de..b7c926d 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -1608,7 +1608,9 @@ void define_one_arm_cp_reg_with_opaque(ARMCPU *cpu,
                 ARMCPRegInfo *r2 = g_memdup(r, sizeof(ARMCPRegInfo));
                 int is64 = (r->type & ARM_CP_64BIT) ? 1 : 0;
                 *key = ENCODE_CP_REG(r->cp, is64, r->crn, crm, opc1, opc2);
-                r2->opaque = opaque;
+                if (opaque) {
+                    r2->opaque = opaque;
+                }
                 /* Make sure reginfo passed to helpers for wildcarded regs
                  * has the correct crm/opc1/opc2 for this reg, not CP_ANY:
                  */
-- 
1.7.9.5

[Qemu-devel] [PULL 7/8] target-arm: avoid undefined behaviour when writing TTBCR

[Peter Maydell]

LPAE CPUs have more potentially valid bits in the TTBCR, and so the
simple masking out of invalid bits is no longer sufficient to obtain
the base address width field of the register, which is what we use to
precalculate c2_mask and c2_base_mask.  Explicitly extract the
relevant register field rather than simply shifting by the register
value.

This bug would have had no ill effects in practice, since if the
EAE bit (TTBCR bit 31) is set then we don't use the precalculated
masks, and if EAE is zero then bits 30..3 are all UNK/SBZP, so
well-behaved guests won't set them. However the shift is undefined
behaviour, so we should avoid it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1372347527-4428-1-git-send-email-peter.maydell@linaro.org
---
 target-arm/helper.c |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index b7c926d..57fa8c8 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -891,6 +891,8 @@ static const ARMCPRegInfo pmsav5_cp_reginfo[] = {
 static int vmsa_ttbcr_raw_write(CPUARMState *env, const ARMCPRegInfo *ri,
                                 uint64_t value)
 {
+    int maskshift = extract32(value, 0, 3);
+
     if (arm_feature(env, ARM_FEATURE_LPAE)) {
         value &= ~((7 << 19) | (3 << 14) | (0xf << 3));
     } else {
@@ -902,8 +904,8 @@ static int vmsa_ttbcr_raw_write(CPUARMState *env, const ARMCPRegInfo *ri,
      * and the c2_mask and c2_base_mask values are meaningless.
      */
     env->cp15.c2_control = value;
-    env->cp15.c2_mask = ~(((uint32_t)0xffffffffu) >> value);
-    env->cp15.c2_base_mask = ~((uint32_t)0x3fffu >> value);
+    env->cp15.c2_mask = ~(((uint32_t)0xffffffffu) >> maskshift);
+    env->cp15.c2_base_mask = ~((uint32_t)0x3fffu >> maskshift);
     return 0;
 }
 
-- 
1.7.9.5

[Qemu-devel] [PULL 8/8] target-arm: Avoid g_hash_table_get_keys()

[Peter Maydell]

g_hash_table_get_keys() was only introduced in glib 2.14, and we're
still targeting a minimum version of 2.12.  Rewrite the offending
code (introduced in commit 721fae1) to use g_hash_table_foreach()
to build the list of keys.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1372678819-8633-1-git-send-email-peter.maydell@linaro.org
---
 target-arm/helper.c |   12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/target-arm/helper.c b/target-arm/helper.c
index 57fa8c8..aeae024 100644
--- a/target-arm/helper.c
+++ b/target-arm/helper.c
@@ -222,15 +222,23 @@ static gint cpreg_key_compare(gconstpointer a, gconstpointer b)
     return aidx - bidx;
 }
 
+static void cpreg_make_keylist(gpointer key, gpointer value, gpointer udata)
+{
+    GList **plist = udata;
+
+    *plist = g_list_prepend(*plist, key);
+}
+
 void init_cpreg_list(ARMCPU *cpu)
 {
     /* Initialise the cpreg_tuples[] array based on the cp_regs hash.
      * Note that we require cpreg_tuples[] to be sorted by key ID.
      */
-    GList *keys;
+    GList *keys = NULL;
     int arraylen;
 
-    keys = g_hash_table_get_keys(cpu->cp_regs);
+    g_hash_table_foreach(cpu->cp_regs, cpreg_make_keylist, &keys);
+
     keys = g_list_sort(keys, cpreg_key_compare);
 
     cpu->cpreg_array_len = 0;
-- 
1.7.9.5

[Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

target-arm queue: a smallish set of patches for rc1 tomorrow.
I've included the tcg patches because RTH has no others that
would merit a pullreq.

I haven't included Thomas Huth's 17-patch set to deal with
the introspection crashes, to give that a little more time
on-list for review.

thanks
-- PMM

The following changes since commit 102ad0a80f5110483efd06877c29c4236be267f9:

  Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2018-07-16' into staging (2018-07-16 15:34:38 +0100)

are available in the Git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180716

for you to fetch changes up to 3474c98a2a2afcefa7c665f02ad2bed2a43ab0f7:

  accel/tcg: Assert that tlb fill gave us a valid TLB entry (2018-07-16 17:26:01 +0100)

----------------------------------------------------------------
target-arm queue:
 * accel/tcg: Use correct test when looking in victim TLB for code
 * bcm2835_aux: Swap RX and TX interrupt assignments
 * hw/arm/bcm2836: Mark the bcm2836 / bcm2837 devices with user_creatable = false
 * hw/intc/arm_gic: Fix handling of GICD_ITARGETSR
 * hw/intc/arm_gic: Check interrupt number in gic_deactivate_irq()
 * aspeed: Implement write-1-{set, clear} for AST2500 strapping
 * target/arm: Fix LD1W and LDFF1W (scalar plus vector)

----------------------------------------------------------------
Andrew Jeffery (1):
      aspeed: Implement write-1-{set, clear} for AST2500 strapping

Guenter Roeck (1):
      bcm2835_aux: Swap RX and TX interrupt assignments

Peter Maydell (4):
      hw/intc/arm_gic: Check interrupt number in gic_deactivate_irq()
      hw/intc/arm_gic: Fix handling of GICD_ITARGETSR
      accel/tcg: Use correct test when looking in victim TLB for code
      accel/tcg: Assert that tlb fill gave us a valid TLB entry

Richard Henderson (1):
      target/arm: Fix LD1W and LDFF1W (scalar plus vector)

Thomas Huth (1):
      hw/arm/bcm2836: Mark the bcm2836 / bcm2837 devices with user_creatable = false

 include/hw/misc/aspeed_scu.h |  2 ++
 accel/tcg/cputlb.c           |  6 +++---
 hw/arm/bcm2836.c             |  2 ++
 hw/char/bcm2835_aux.c        |  4 ++--
 hw/intc/arm_gic.c            | 22 +++++++++++++++++++---
 hw/misc/aspeed_scu.c         | 19 +++++++++++++++++--
 target/arm/sve_helper.c      |  4 ++--
 7 files changed, 47 insertions(+), 12 deletions(-)

Re: [Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

On 16 July 2018 at 17:42, Peter Maydell <peter.maydell@linaro.org> wrote:
> target-arm queue: a smallish set of patches for rc1 tomorrow.
> I've included the tcg patches because RTH has no others that
> would merit a pullreq.
>
> I haven't included Thomas Huth's 17-patch set to deal with
> the introspection crashes, to give that a little more time
> on-list for review.
>
> thanks
> -- PMM
>
> The following changes since commit 102ad0a80f5110483efd06877c29c4236be267f9:
>
>   Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2018-07-16' into staging (2018-07-16 15:34:38 +0100)
>
> are available in the Git repository at:
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20180716
>
> for you to fetch changes up to 3474c98a2a2afcefa7c665f02ad2bed2a43ab0f7:
>
>   accel/tcg: Assert that tlb fill gave us a valid TLB entry (2018-07-16 17:26:01 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * accel/tcg: Use correct test when looking in victim TLB for code
>  * bcm2835_aux: Swap RX and TX interrupt assignments
>  * hw/arm/bcm2836: Mark the bcm2836 / bcm2837 devices with user_creatable = false
>  * hw/intc/arm_gic: Fix handling of GICD_ITARGETSR
>  * hw/intc/arm_gic: Check interrupt number in gic_deactivate_irq()
>  * aspeed: Implement write-1-{set, clear} for AST2500 strapping
>  * target/arm: Fix LD1W and LDFF1W (scalar plus vector)
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

Pull request with what I hope are the last ARM fixes for 2.3...


The following changes since commit b8a86c4ac4d04c106ba38fbd707041cba334a155:

  Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging (2015-04-01 11:31:31 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150401

for you to fetch changes up to 25b9fb107bc1f6735fdb3fce537792f5db95f78d:

  target-arm: kvm64 fix save/restore of SPSR regs (2015-04-01 17:57:30 +0100)

----------------------------------------------------------------
target-arm:
 * Fix broken migration on AArch64 KVM
 * Fix minor memory leaks in virt, vexpress, highbank
 * Honour requested filename when loading highbank rom image

----------------------------------------------------------------
Alex Bennée (4):
      target-arm: kvm: save/restore mp state
      hw/intc: arm_gic_kvm.c restore config first
      target-arm: kvm64 sync FP register state
      target-arm: kvm64 fix save/restore of SPSR regs

Peter Maydell (1):
      target-arm: Store SPSR_EL1 state in banked_spsr[1] (SPSR_svc)

Stefan Weil (3):
      hw/arm/highbank: Fix resource leak and wrong image loading
      hw/arm/vexpress: Fix memory leak reported by Coverity
      hw/arm/virt: Fix memory leak reported by Coverity

 hw/arm/highbank.c       |   3 +-
 hw/arm/vexpress.c       |  11 ++++-
 hw/arm/virt.c           |   9 +++-
 hw/intc/arm_gic_kvm.c   |   7 ++-
 target-arm/helper-a64.c |   2 +-
 target-arm/helper.c     |   2 +-
 target-arm/internals.h  |   5 +-
 target-arm/kvm.c        |  44 ++++++++++++++++++
 target-arm/kvm32.c      |   4 ++
 target-arm/kvm64.c      | 118 ++++++++++++++++++++++++++++++++++++++++++++++--
 target-arm/kvm_arm.h    |  17 +++++++
 11 files changed, 207 insertions(+), 15 deletions(-)

Re: [Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

On 1 April 2015 at 18:08, Peter Maydell <peter.maydell@linaro.org> wrote:
> Pull request with what I hope are the last ARM fixes for 2.3...
>
>
> The following changes since commit b8a86c4ac4d04c106ba38fbd707041cba334a155:
>
>   Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging (2015-04-01 11:31:31 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150401
>
> for you to fetch changes up to 25b9fb107bc1f6735fdb3fce537792f5db95f78d:
>
>   target-arm: kvm64 fix save/restore of SPSR regs (2015-04-01 17:57:30 +0100)
>
> ----------------------------------------------------------------
> target-arm:
>  * Fix broken migration on AArch64 KVM
>  * Fix minor memory leaks in virt, vexpress, highbank
>  * Honour requested filename when loading highbank rom image
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

Last target-arm pull before hardfreeze; nothing much
exciting here.

thanks
-- PMM


The following changes since commit 9328cfd2fe4a7ff86a41b2c26ea33974241d7d4e:

  Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2014-06-29 18:09:51 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20140630

for you to fetch changes up to ffebe8997523fd922da58a8e19ddffee6b035429:

  disas/libvixl: Fix wrong format strings (2014-06-29 22:04:28 +0100)

----------------------------------------------------------------
target-arm:
 * provide PL031 RTC in virt board
 * fix missing pxa2xx and strongarm vmstate
 * convert cadence_ttc to instance_init
 * fix libvixl format strings and README

----------------------------------------------------------------
Alistair Francis (1):
      timer: cadence_ttc: Convert to instance_init

Peter Maydell (5):
      hw/arm/virt: Provide PL031 RTC
      hw/arm/strongarm: Fix handling of GPSR/GPCR reads
      hw/arm/strongarm: Wire up missing GPIO and PPC vmstate
      hw/arm/pxa2xx_gpio: Fix handling of GPSR/GPCR reads
      hw/arm/pxa2xx_gpio: Correct and register vmstate

Richard Henderson (1):
      disas/libvixl: Update README for version base

Stefan Weil (1):
      disas/libvixl: Fix wrong format strings

 disas/libvixl/README            |  2 +-
 disas/libvixl/a64/disasm-a64.cc | 20 ++++++++++----------
 hw/arm/pxa2xx_gpio.c            | 17 ++++++++---------
 hw/arm/strongarm.c              | 18 ++++++++++--------
 hw/arm/virt.c                   | 30 ++++++++++++++++++++++++++++++
 hw/timer/cadence_ttc.c          | 15 ++++++---------
 6 files changed, 65 insertions(+), 37 deletions(-)

Re: [Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

On 30 June 2014 13:47, Peter Maydell <peter.maydell@linaro.org> wrote:
> Last target-arm pull before hardfreeze; nothing much
> exciting here.
>
> thanks
> -- PMM
>
>
> The following changes since commit 9328cfd2fe4a7ff86a41b2c26ea33974241d7d4e:
>
>   Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2014-06-29 18:09:51 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20140630
>
> for you to fetch changes up to ffebe8997523fd922da58a8e19ddffee6b035429:
>
>   disas/libvixl: Fix wrong format strings (2014-06-29 22:04:28 +0100)

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

Hi; this is the usual target-arm pullreq, mostly just the cpregs
migration patchset that I posted a while back.

NB: I've updated my make-pullreq script to create a GPG-signed
pull request, but I'm not sure if I got it right -- feedback
welcome :-)

In particular, target-arm.for-upstream is still a branch name
as usual; the signed tag is "pull-target-arm-20130625"; I'm
not sure whether the tag should be the thing named in the
'available at' line below rather than the branch.


The following changes since commit baf8673ca802cb3ea2cdbe94813441d23bde223b:

  Merge remote-tracking branch 'stefanha/block' into staging (2013-06-24 14:33:17 -0500)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream

for you to fetch changes up to bdcc150dc44ea96152f05f9e68970b63508d5ae7:

  target-arm: Make LPAE feature imply V7MP (2013-06-25 18:16:10 +0100)

----------------------------------------------------------------
target-arm queue

----------------------------------------------------------------
Peter Maydell (8):
      target-arm: Allow special cpregs to have flags set
      target-arm: Add raw_readfn and raw_writefn to ARMCPRegInfo
      target-arm: mark up cpregs for no-migrate or raw access
      target-arm: Convert TCG to using (index,value) list for cp migration
      target-arm: Initialize cpreg list from KVM when using KVM
      target-arm: Reinitialize all KVM VCPU registers on reset
      target-arm: Use tuple list to sync cp regs with KVM
      target-arm: Make LPAE feature imply V7MP

 target-arm/Makefile.objs |    1 +
 target-arm/cpu-qom.h     |   24 ++++
 target-arm/cpu.c         |    4 +-
 target-arm/cpu.h         |   89 ++++++++++++-
 target-arm/helper.c      |  327 +++++++++++++++++++++++++++++++++++++++-------
 target-arm/kvm-stub.c    |   23 ++++
 target-arm/kvm.c         |  292 +++++++++++++++++++++++++++++++----------
 target-arm/kvm_arm.h     |   33 +++++
 target-arm/machine.c     |  134 ++++++++++++-------
 9 files changed, 760 insertions(+), 167 deletions(-)
 create mode 100644 target-arm/kvm-stub.c

[Qemu-devel] [PULL 0/8] target-arm queue

[Peter Maydell]

Usual target-arm pullreq; mostly Aurelien's performance
improvement patches. The 'drop macro' patch has only been on
the list a few days but it's completely trivial so I threw it
in too. Please pull.

thanks
-- PMM

The following changes since commit a14c74928ba1fdaada515717f4d3c3fa3275d6f7:

  Merge remote-tracking branch 'sstabellini/xen-2012-10-03' into staging (2012-10-04 19:56:26 -0500)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream

for you to fetch changes up to 1273d9ca09e91bb290d10f704055f6abec363dd6:

  target-arm: Drop unused DECODE_CPREG_CRN macro (2012-10-05 15:04:45 +0100)

----------------------------------------------------------------
Aurelien Jarno (5):
      target-arm: use globals for CC flags
      target-arm: convert add_cc and sub_cc helpers to TCG
      target-arm: convert sar, shl and shr helpers to TCG
      target-arm: mark a few integer helpers const and pure
      target-arm: use deposit instead of hardcoded version

Peter Maydell (3):
      cpu_dump_state: move DUMP_FPU and DUMP_CCOP flags from x86-only to generic
      target-arm: Reinstate display of VFP registers in cpu_dump_state
      target-arm: Drop unused DECODE_CPREG_CRN macro

 cpu-all.h                |    3 +
 cpu-exec.c               |    2 +-
 cpus.c                   |    6 +-
 exec.c                   |   12 +-
 monitor.c                |    8 +-
 target-arm/cpu.h         |    2 -
 target-arm/helper.h      |   24 ++--
 target-arm/op_helper.c   |   44 -------
 target-arm/translate.c   |  302 ++++++++++++++++++++++++----------------------
 target-i386/cpu.c        |    2 +-
 target-i386/cpu.h        |    4 -
 target-i386/helper.c     |    4 +-
 target-i386/seg_helper.c |    4 +-
 target-i386/smm_helper.c |    4 +-
 14 files changed, 183 insertions(+), 238 deletions(-)

Re: [Qemu-devel] [PULL 0/8] target-arm queue

[Aurelien Jarno]

On Fri, Oct 05, 2012 at 03:35:18PM +0100, Peter Maydell wrote:
> Usual target-arm pullreq; mostly Aurelien's performance
> improvement patches. The 'drop macro' patch has only been on
> the list a few days but it's completely trivial so I threw it
> in too. Please pull.
> 
> thanks
> -- PMM
> 
> The following changes since commit a14c74928ba1fdaada515717f4d3c3fa3275d6f7:
> 
>   Merge remote-tracking branch 'sstabellini/xen-2012-10-03' into staging (2012-10-04 19:56:26 -0500)
> 
> are available in the git repository at:
> 
> 
>   git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream
> 
> for you to fetch changes up to 1273d9ca09e91bb290d10f704055f6abec363dd6:
> 
>   target-arm: Drop unused DECODE_CPREG_CRN macro (2012-10-05 15:04:45 +0100)
> 
> ----------------------------------------------------------------
> Aurelien Jarno (5):
>       target-arm: use globals for CC flags
>       target-arm: convert add_cc and sub_cc helpers to TCG
>       target-arm: convert sar, shl and shr helpers to TCG
>       target-arm: mark a few integer helpers const and pure
>       target-arm: use deposit instead of hardcoded version
> 
> Peter Maydell (3):
>       cpu_dump_state: move DUMP_FPU and DUMP_CCOP flags from x86-only to generic
>       target-arm: Reinstate display of VFP registers in cpu_dump_state
>       target-arm: Drop unused DECODE_CPREG_CRN macro
> 
>  cpu-all.h                |    3 +
>  cpu-exec.c               |    2 +-
>  cpus.c                   |    6 +-
>  exec.c                   |   12 +-
>  monitor.c                |    8 +-
>  target-arm/cpu.h         |    2 -
>  target-arm/helper.h      |   24 ++--
>  target-arm/op_helper.c   |   44 -------
>  target-arm/translate.c   |  302 ++++++++++++++++++++++++----------------------
>  target-i386/cpu.c        |    2 +-
>  target-i386/cpu.h        |    4 -
>  target-i386/helper.c     |    4 +-
>  target-i386/seg_helper.c |    4 +-
>  target-i386/smm_helper.c |    4 +-
>  14 files changed, 183 insertions(+), 238 deletions(-)
> 

Thanks, pulled.

-- 
Aurelien Jarno                          GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net