[Qemu-devel] [PULL 0/7] target-arm queue

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

A small set of ARM patches, notably fixing bugs in breakpoint
and singlestep code, and repairing the long-broken highbank model.

The only other ARM thing I have on my radar for 2.5 is the Zynq
ADC controller, which I'll send separately if it makes it before
the freeze deadline.

thanks
-- PMM

The following changes since commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a:

  Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging (2015-11-10 09:39:24 +0000)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20151110

for you to fetch changes up to 577bf808958d06497928c639efaa473bf8c5e099:

  target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code (2015-11-10 13:37:33 +0000)

----------------------------------------------------------------
target-arm queue:
 * fix bugs in gdb singlestep handling and breakpoints
 * minor code cleanup in arm_gic
 * clean up error messages in hw/arm/virt
 * fix highbank kernel booting by adding a board-setup blob

----------------------------------------------------------------
Andrew Jones (1):
      hw/arm/virt: error_report cleanups

Peter Crosthwaite (3):
      arm: boot: Add secure_board_setup flag
      arm: highbank: Defeature CPU override
      arm: highbank: Implement PSCI and dummy monitor

Sergey Fedorov (2):
      target-arm: Fix gdb singlestep handling in arm_debug_excp_handler()
      target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code

Wei Huang (1):
      hw/intc/arm_gic: Remove the definition of NUM_CPU

 hw/arm/boot.c          | 10 +++++-
 hw/arm/highbank.c      | 91 +++++++++++++++++++++++++++++++++++++-------------
 hw/arm/virt.c          | 10 +++---
 hw/intc/arm_gic.c      |  8 ++---
 include/hw/arm/arm.h   |  6 ++++
 target-arm/op_helper.c |  8 ++++-
 target-arm/translate.c | 25 ++++++++------
 7 files changed, 111 insertions(+), 47 deletions(-)

[Qemu-devel] [PULL 1/7] target-arm: Fix gdb singlestep handling in arm_debug_excp_handler()

[Peter Maydell]

From: Sergey Fedorov <serge.fdrv@gmail.com>

Do not raise a CPU exception if no CPU breakpoint has fired, since
singlestep is also done by generating a debug internal exception. This
fixes a bug with singlestepping in gdbstub.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1446726361-18328-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/op_helper.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/target-arm/op_helper.c b/target-arm/op_helper.c
index b5db345..6cd54c8 100644
--- a/target-arm/op_helper.c
+++ b/target-arm/op_helper.c
@@ -917,7 +917,13 @@ void arm_debug_excp_handler(CPUState *cs)
         uint64_t pc = is_a64(env) ? env->pc : env->regs[15];
         bool same_el = (arm_debug_target_el(env) == arm_current_el(env));
 
-        if (cpu_breakpoint_test(cs, pc, BP_GDB)) {
+        /* (1) GDB breakpoints should be handled first.
+         * (2) Do not raise a CPU exception if no CPU breakpoint has fired,
+         * since singlestep is also done by generating a debug internal
+         * exception.
+         */
+        if (cpu_breakpoint_test(cs, pc, BP_GDB)
+            || !cpu_breakpoint_test(cs, pc, BP_CPU)) {
             return;
         }
 
-- 
1.9.1

[Qemu-devel] [PULL 2/7] hw/intc/arm_gic: Remove the definition of NUM_CPU

[Peter Maydell]

From: Wei Huang <wei@redhat.com>

arm_gic.c retrieves CPU number using either NUM_CPU(s) or s->num_cpu.
Such mixed-uses make source code inconsistent. This patch removes
NUM_CPU(s), which was defined for MPCore tweak long ago, and instead
favors s->num_cpu. The source is more consistent after this small tweak.

Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Wei Huang <wei@redhat.com>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Message-id: 1446744293-32365-1-git-send-email-wei@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/intc/arm_gic.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/hw/intc/arm_gic.c b/hw/intc/arm_gic.c
index 8bad132..d71aeb8 100644
--- a/hw/intc/arm_gic.c
+++ b/hw/intc/arm_gic.c
@@ -35,8 +35,6 @@ static const uint8_t gic_id[] = {
     0x90, 0x13, 0x04, 0x00, 0x0d, 0xf0, 0x05, 0xb1
 };
 
-#define NUM_CPU(s) ((s)->num_cpu)
-
 static inline int gic_get_current_cpu(GICState *s)
 {
     if (s->num_cpu > 1) {
@@ -64,7 +62,7 @@ void gic_update(GICState *s)
     int cpu;
     int cm;
 
-    for (cpu = 0; cpu < NUM_CPU(s); cpu++) {
+    for (cpu = 0; cpu < s->num_cpu; cpu++) {
         cm = 1 << cpu;
         s->current_pending[cpu] = 1023;
         if (!(s->ctlr & (GICD_CTLR_EN_GRP0 | GICD_CTLR_EN_GRP1))
@@ -567,7 +565,7 @@ static uint32_t gic_dist_readb(void *opaque, hwaddr offset, MemTxAttrs attrs)
         if (offset == 4)
             /* Interrupt Controller Type Register */
             return ((s->num_irq / 32) - 1)
-                    | ((NUM_CPU(s) - 1) << 5)
+                    | ((s->num_cpu - 1) << 5)
                     | (s->security_extn << 10);
         if (offset < 0x08)
             return 0;
@@ -1284,7 +1282,7 @@ static void arm_gic_realize(DeviceState *dev, Error **errp)
      * GIC v2 defines a larger memory region (0x1000) so this will need
      * to be extended when we implement A15.
      */
-    for (i = 0; i < NUM_CPU(s); i++) {
+    for (i = 0; i < s->num_cpu; i++) {
         s->backref[i] = s;
         memory_region_init_io(&s->cpuiomem[i+1], OBJECT(s), &gic_cpu_ops,
                               &s->backref[i], "gic_cpu", 0x100);
-- 
1.9.1

[Qemu-devel] [PULL 3/7] arm: boot: Add secure_board_setup flag

[Peter Maydell]

From: Peter Crosthwaite <crosthwaitepeter@gmail.com>

Add a flag that when set, will cause the primary CPU to start in secure
mode, even if the overall boot is non-secure. This is useful for when
there is a board-setup blob that needs to run from secure mode, but
device and secondary CPU init should still be done as-normal for a non-
secure boot.

Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: d1170774d5446d715fced7739edfc61a5be931f9.1447007690.git.crosthwaite.peter@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/arm/boot.c        | 10 +++++++++-
 include/hw/arm/arm.h |  6 ++++++
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/hw/arm/boot.c b/hw/arm/boot.c
index b0879a5..75f69bf 100644
--- a/hw/arm/boot.c
+++ b/hw/arm/boot.c
@@ -11,6 +11,7 @@
 #include "hw/hw.h"
 #include "hw/arm/arm.h"
 #include "hw/arm/linux-boot-if.h"
+#include "sysemu/kvm.h"
 #include "sysemu/sysemu.h"
 #include "hw/boards.h"
 #include "hw/loader.h"
@@ -495,7 +496,8 @@ static void do_cpu_reset(void *opaque)
                 }
 
                 /* Set to non-secure if not a secure boot */
-                if (!info->secure_boot) {
+                if (!info->secure_boot &&
+                    (cs != first_cpu || !info->secure_board_setup)) {
                     /* Linux expects non-secure state */
                     env->cp15.scr_el3 |= SCR_NS;
                 }
@@ -598,6 +600,12 @@ static void arm_load_kernel_notify(Notifier *notifier, void *data)
     struct arm_boot_info *info =
         container_of(n, struct arm_boot_info, load_kernel_notifier);
 
+    /* The board code is not supposed to set secure_board_setup unless
+     * running its code in secure mode is actually possible, and KVM
+     * doesn't support secure.
+     */
+    assert(!(info->secure_board_setup && kvm_enabled()));
+
     /* Load the kernel.  */
     if (!info->kernel_filename || info->firmware_loaded) {
 
diff --git a/include/hw/arm/arm.h b/include/hw/arm/arm.h
index 67ba7db..c26b0e3 100644
--- a/include/hw/arm/arm.h
+++ b/include/hw/arm/arm.h
@@ -97,6 +97,12 @@ struct arm_boot_info {
     hwaddr board_setup_addr;
     void (*write_board_setup)(ARMCPU *cpu,
                               const struct arm_boot_info *info);
+
+    /* If set, the board specific loader/setup blob will be run from secure
+     * mode, regardless of secure_boot. The blob becomes responsible for
+     * changing to non-secure state if implementing a non-secure boot
+     */
+    bool secure_board_setup;
 };
 
 /**
-- 
1.9.1

[Qemu-devel] [PULL 4/7] arm: highbank: Defeature CPU override

[Peter Maydell]

From: Peter Crosthwaite <crosthwaitepeter@gmail.com>

This board should not support CPU model override. This allows for
easier patching of the board with being able to rely on the CPU
type being correct.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 471a61e049c7ca6e82f5ef6668889a1d518c7e00.1447007690.git.crosthwaite.peter@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/arm/highbank.c | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
index be04b27..f2e248b 100644
--- a/hw/arm/highbank.c
+++ b/hw/arm/highbank.c
@@ -223,15 +223,13 @@ static void calxeda_init(MachineState *machine, enum cxmachines machine_id)
     MemoryRegion *sysmem;
     char *sysboot_filename;
 
-    if (!cpu_model) {
-        switch (machine_id) {
-        case CALXEDA_HIGHBANK:
-            cpu_model = "cortex-a9";
-            break;
-        case CALXEDA_MIDWAY:
-            cpu_model = "cortex-a15";
-            break;
-        }
+    switch (machine_id) {
+    case CALXEDA_HIGHBANK:
+        cpu_model = "cortex-a9";
+        break;
+    case CALXEDA_MIDWAY:
+        cpu_model = "cortex-a15";
+        break;
     }
 
     for (n = 0; n < smp_cpus; n++) {
@@ -240,11 +238,6 @@ static void calxeda_init(MachineState *machine, enum cxmachines machine_id)
         ARMCPU *cpu;
         Error *err = NULL;
 
-        if (!oc) {
-            error_report("Unable to find CPU definition");
-            exit(1);
-        }
-
         cpuobj = object_new(object_class_get_name(oc));
         cpu = ARM_CPU(cpuobj);
 
-- 
1.9.1

[Qemu-devel] [PULL 5/7] arm: highbank: Implement PSCI and dummy monitor

[Peter Maydell]

From: Peter Crosthwaite <crosthwaitepeter@gmail.com>

Firstly, enable monitor mode and PSCI, both of which are features of
this board.

In addition to PSCI, this board also uses SMC for cache maintenance
ops. This means we need a secure monitor to catch these and nop them.
Use the ARM boot board-setup feature to implement this. The SMC trap
implements the needed nop while all other traps will pen the CPU.

As a KVM CPU cannot run in secure mode, do not do the board-setup if
not running TCG. Report a warning explaining the limitation in this
case.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: 0fd0d12f0fa666c86616c89447861a70dbe27312.1447007690.git.crosthwaite.peter@gmail.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/arm/highbank.c | 70 +++++++++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 60 insertions(+), 10 deletions(-)

diff --git a/hw/arm/highbank.c b/hw/arm/highbank.c
index f2e248b..85ae69e 100644
--- a/hw/arm/highbank.c
+++ b/hw/arm/highbank.c
@@ -22,6 +22,7 @@
 #include "hw/devices.h"
 #include "hw/loader.h"
 #include "net/net.h"
+#include "sysemu/kvm.h"
 #include "sysemu/sysemu.h"
 #include "hw/boards.h"
 #include "sysemu/block-backend.h"
@@ -32,10 +33,52 @@
 #define SMP_BOOT_REG            0x40
 #define MPCORE_PERIPHBASE       0xfff10000
 
+#define MVBAR_ADDR              0x200
+
 #define NIRQ_GIC                160
 
 /* Board init.  */
 
+/* MVBAR_ADDR is limited by precision of movw */
+
+QEMU_BUILD_BUG_ON(MVBAR_ADDR >= (1 << 16));
+
+#define ARMV7_IMM16(x) (extract32((x),  0, 12) | \
+                        extract32((x), 12,  4) << 16)
+
+static void hb_write_board_setup(ARMCPU *cpu,
+                                 const struct arm_boot_info *info)
+{
+    int n;
+    uint32_t board_setup_blob[] = {
+        /* MVBAR_ADDR */
+        /* Default unimplemented and unused vectors to spin. Makes it
+         * easier to debug (as opposed to the CPU running away).
+         */
+        0xeafffffe, /* notused1: b notused */
+        0xeafffffe, /* notused2: b notused */
+        0xe1b0f00e, /* smc: movs pc, lr - exception return */
+        0xeafffffe, /* prefetch_abort: b prefetch_abort */
+        0xeafffffe, /* data_abort: b data_abort */
+        0xeafffffe, /* notused3: b notused3 */
+        0xeafffffe, /* irq: b irq */
+        0xeafffffe, /* fiq: b fiq */
+#define BOARD_SETUP_ADDR (MVBAR_ADDR + 8 * sizeof(uint32_t))
+        0xe3000000 + ARMV7_IMM16(MVBAR_ADDR), /* movw r0, MVBAR_ADDR */
+        0xee0c0f30, /* mcr p15, 0, r0, c12, c0, 1 - set MVBAR */
+        0xee110f11, /* mrc p15, 0, r0, c1 , c1, 0 - get SCR */
+        0xe3810001, /* orr r0, #1 - set NS */
+        0xee010f11, /* mcr p15, 0, r0, c1 , c1, 0 - set SCR */
+        0xe1600070, /* smc - go to monitor mode to flush NS change */
+        0xe12fff1e, /* bx lr - return to caller */
+    };
+    for (n = 0; n < ARRAY_SIZE(board_setup_blob); n++) {
+        board_setup_blob[n] = tswap32(board_setup_blob[n]);
+    }
+    rom_add_blob_fixed("board-setup", board_setup_blob,
+                       sizeof(board_setup_blob), MVBAR_ADDR);
+}
+
 static void hb_write_secondary(ARMCPU *cpu, const struct arm_boot_info *info)
 {
     int n;
@@ -241,16 +284,13 @@ static void calxeda_init(MachineState *machine, enum cxmachines machine_id)
         cpuobj = object_new(object_class_get_name(oc));
         cpu = ARM_CPU(cpuobj);
 
-        /* By default A9 and A15 CPUs have EL3 enabled.  This board does not
-         * currently support EL3 so the CPU EL3 property is disabled before
-         * realization.
-         */
-        if (object_property_find(cpuobj, "has_el3", NULL)) {
-            object_property_set_bool(cpuobj, false, "has_el3", &err);
-            if (err) {
-                error_report_err(err);
-                exit(1);
-            }
+        object_property_set_int(cpuobj, QEMU_PSCI_CONDUIT_SMC,
+                                "psci-conduit", &error_abort);
+
+        if (n) {
+            /* Secondary CPUs start in PSCI powered-down state */
+            object_property_set_bool(cpuobj, true,
+                                     "start-powered-off", &error_abort);
         }
 
         if (object_property_find(cpuobj, "reset-cbar", NULL)) {
@@ -371,6 +411,16 @@ static void calxeda_init(MachineState *machine, enum cxmachines machine_id)
     highbank_binfo.loader_start = 0;
     highbank_binfo.write_secondary_boot = hb_write_secondary;
     highbank_binfo.secondary_cpu_reset_hook = hb_reset_secondary;
+    if (!kvm_enabled()) {
+        highbank_binfo.board_setup_addr = BOARD_SETUP_ADDR;
+        highbank_binfo.write_board_setup = hb_write_board_setup;
+        highbank_binfo.secure_board_setup = true;
+    } else {
+        error_report("WARNING: cannot load built-in Monitor support "
+                     "if KVM is enabled. Some guests (such as Linux) "
+                     "may not boot.");
+    }
+
     arm_load_kernel(ARM_CPU(first_cpu), &highbank_binfo);
 }
 
-- 
1.9.1

[Qemu-devel] [PULL 6/7] hw/arm/virt: error_report cleanups

[Peter Maydell]

From: Andrew Jones <drjones@redhat.com>

Signed-off-by: Andrew Jones <drjones@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1446909925-12201-1-git-send-email-drjones@redhat.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/arm/virt.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hw/arm/virt.c b/hw/arm/virt.c
index 77d9267..9c6792c 100644
--- a/hw/arm/virt.c
+++ b/hw/arm/virt.c
@@ -941,8 +941,8 @@ static void machvirt_init(MachineState *machine)
     if (!gic_version) {
         gic_version = kvm_arm_vgic_probe();
         if (!gic_version) {
-            error_report("Unable to determine GIC version supported by host\n"
-                         "Probably KVM acceleration is not supported\n");
+            error_report("Unable to determine GIC version supported by host");
+            error_printf("KVM acceleration is probably not supported\n");
             exit(1);
         }
     }
@@ -990,7 +990,7 @@ static void machvirt_init(MachineState *machine)
         char *cpuopts = g_strdup(cpustr[1]);
 
         if (!oc) {
-            fprintf(stderr, "Unable to find CPU definition\n");
+            error_report("Unable to find CPU definition");
             exit(1);
         }
         cpuobj = object_new(object_class_get_name(oc));
@@ -1126,8 +1126,8 @@ static void virt_set_gic_version(Object *obj, const char *value, Error **errp)
     } else if (!strcmp(value, "host")) {
         vms->gic_version = 0; /* Will probe later */
     } else {
-        error_report("Invalid gic-version option value\n"
-                     "Allowed values are: 3, 2, host\n");
+        error_report("Invalid gic-version option value");
+        error_printf("Allowed gic-version values are: 3, 2, host\n");
         exit(1);
     }
 }
-- 
1.9.1

[Qemu-devel] [PULL 7/7] target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code

[Peter Maydell]

From: Sergey Fedorov <serge.fdrv@gmail.com>

AArch32 translation code does not distinguish between DISAS_UPDATE and
DISAS_JUMP. Thus, we cannot use any of them without first updating PC in
CPU state. Furthermore, it is too complicated to update PC in CPU state
before PC gets updated in disas context. So it is hardly possible to
correctly end TB early if is is not likely to be executed before calling
disas_*_insn(), e.g. just after calling breakpoint check helper.

Modify DISAS_UPDATE and DISAS_JUMP usage in AArch32 translation and
apply to them the same semantic as AArch64 translation does:
 - DISAS_UPDATE: update PC in CPU state when finishing translation
 - DISAS_JUMP:   preserve current PC value in CPU state when finishing
                 translation

This patch fixes a bug in AArch32 breakpoint handling: when
check_breakpoints helper does not generate an exception, ending the TB
early with DISAS_UPDATE couldn't update PC in CPU state and execution
hangs.

Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com>
Message-id: 1447097859-586-1-git-send-email-serge.fdrv@gmail.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target-arm/translate.c | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

diff --git a/target-arm/translate.c b/target-arm/translate.c
index ff262a2..a56f7fe 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -870,7 +870,7 @@ static inline void gen_bx_im(DisasContext *s, uint32_t addr)
 {
     TCGv_i32 tmp;
 
-    s->is_jmp = DISAS_UPDATE;
+    s->is_jmp = DISAS_JUMP;
     if (s->thumb != (addr & 1)) {
         tmp = tcg_temp_new_i32();
         tcg_gen_movi_i32(tmp, addr & 1);
@@ -883,7 +883,7 @@ static inline void gen_bx_im(DisasContext *s, uint32_t addr)
 /* Set PC and Thumb state from var.  var is marked as dead.  */
 static inline void gen_bx(DisasContext *s, TCGv_i32 var)
 {
-    s->is_jmp = DISAS_UPDATE;
+    s->is_jmp = DISAS_JUMP;
     tcg_gen_andi_i32(cpu_R[15], var, ~1);
     tcg_gen_andi_i32(var, var, 1);
     store_cpu_field(var, thumb);
@@ -1062,7 +1062,7 @@ static void gen_exception_insn(DisasContext *s, int offset, int excp,
 static inline void gen_lookup_tb(DisasContext *s)
 {
     tcg_gen_movi_i32(cpu_R[15], s->pc & ~1);
-    s->is_jmp = DISAS_UPDATE;
+    s->is_jmp = DISAS_JUMP;
 }
 
 static inline void gen_add_data_offset(DisasContext *s, unsigned int insn,
@@ -4096,7 +4096,7 @@ static void gen_exception_return(DisasContext *s, TCGv_i32 pc)
     tmp = load_cpu_field(spsr);
     gen_set_cpsr(tmp, CPSR_ERET_MASK);
     tcg_temp_free_i32(tmp);
-    s->is_jmp = DISAS_UPDATE;
+    s->is_jmp = DISAS_JUMP;
 }
 
 /* Generate a v6 exception return.  Marks both values as dead.  */
@@ -4105,7 +4105,7 @@ static void gen_rfe(DisasContext *s, TCGv_i32 pc, TCGv_i32 cpsr)
     gen_set_cpsr(cpsr, CPSR_ERET_MASK);
     tcg_temp_free_i32(cpsr);
     store_reg(s, 15, pc);
-    s->is_jmp = DISAS_UPDATE;
+    s->is_jmp = DISAS_JUMP;
 }
 
 static void gen_nop_hint(DisasContext *s, int val)
@@ -9035,7 +9035,7 @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
                     tmp = load_cpu_field(spsr);
                     gen_set_cpsr(tmp, CPSR_ERET_MASK);
                     tcg_temp_free_i32(tmp);
-                    s->is_jmp = DISAS_UPDATE;
+                    s->is_jmp = DISAS_JUMP;
                 }
             }
             break;
@@ -11355,7 +11355,7 @@ void gen_intermediate_code(CPUARMState *env, TranslationBlock *tb)
             /* We always get here via a jump, so know we are not in a
                conditional execution block.  */
             gen_exception_internal(EXCP_KERNEL_TRAP);
-            dc->is_jmp = DISAS_UPDATE;
+            dc->is_jmp = DISAS_EXC;
             break;
         }
 #else
@@ -11363,7 +11363,7 @@ void gen_intermediate_code(CPUARMState *env, TranslationBlock *tb)
             /* We always get here via a jump, so know we are not in a
                conditional execution block.  */
             gen_exception_internal(EXCP_EXCEPTION_EXIT);
-            dc->is_jmp = DISAS_UPDATE;
+            dc->is_jmp = DISAS_EXC;
             break;
         }
 #endif
@@ -11497,7 +11497,8 @@ void gen_intermediate_code(CPUARMState *env, TranslationBlock *tb)
             }
             gen_set_label(dc->condlabel);
         }
-        if (dc->condjmp || !dc->is_jmp) {
+        if (dc->condjmp || dc->is_jmp == DISAS_NEXT ||
+            dc->is_jmp == DISAS_UPDATE) {
             gen_set_pc_im(dc, dc->pc);
             dc->condjmp = 0;
         }
@@ -11533,9 +11534,11 @@ void gen_intermediate_code(CPUARMState *env, TranslationBlock *tb)
         case DISAS_NEXT:
             gen_goto_tb(dc, 1, dc->pc);
             break;
-        default:
-        case DISAS_JUMP:
         case DISAS_UPDATE:
+            gen_set_pc_im(dc, dc->pc);
+            /* fall through */
+        case DISAS_JUMP:
+        default:
             /* indicate that the hash table must be used to find the next TB */
             tcg_gen_exit_tb(0);
             break;
-- 
1.9.1

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 10 November 2015 at 13:51, Peter Maydell <peter.maydell@linaro.org> wrote:
> A small set of ARM patches, notably fixing bugs in breakpoint
> and singlestep code, and repairing the long-broken highbank model.
>
> The only other ARM thing I have on my radar for 2.5 is the Zynq
> ADC controller, which I'll send separately if it makes it before
> the freeze deadline.
>
> thanks
> -- PMM
>
> The following changes since commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a:
>
>   Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging (2015-11-10 09:39:24 +0000)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20151110
>
> for you to fetch changes up to 577bf808958d06497928c639efaa473bf8c5e099:
>
>   target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code (2015-11-10 13:37:33 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * fix bugs in gdb singlestep handling and breakpoints
>  * minor code cleanup in arm_gic
>  * clean up error messages in hw/arm/virt
>  * fix highbank kernel booting by adding a board-setup blob
>

Applied, thanks.

-- PMM

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Crosthwaite]

On Tue, Nov 10, 2015 at 8:38 AM, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 10 November 2015 at 13:51, Peter Maydell <peter.maydell@linaro.org> wrote:
>> A small set of ARM patches, notably fixing bugs in breakpoint
>> and singlestep code, and repairing the long-broken highbank model.
>>
>> The only other ARM thing I have on my radar for 2.5 is the Zynq
>> ADC controller, which I'll send separately if it makes it before
>> the freeze deadline.
>>

It is on list I think. I don't see further review:

[PATCH for-2.5 v4 1/1] hw/misc: Add support for ADC controller in
Xilinx Zynq 7000

Regards,
Peter

>> thanks
>> -- PMM
>>
>> The following changes since commit a8b4f9585a0bf5186fca793ce2c5d754cd8ec49a:
>>
>>   Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2015-11-10' into staging (2015-11-10 09:39:24 +0000)
>>
>> are available in the git repository at:
>>
>>
>>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20151110
>>
>> for you to fetch changes up to 577bf808958d06497928c639efaa473bf8c5e099:
>>
>>   target-arm: Clean up DISAS_UPDATE usage in AArch32 translation code (2015-11-10 13:37:33 +0000)
>>
>> ----------------------------------------------------------------
>> target-arm queue:
>>  * fix bugs in gdb singlestep handling and breakpoints
>>  * minor code cleanup in arm_gic
>>  * clean up error messages in hw/arm/virt
>>  * fix highbank kernel booting by adding a board-setup blob
>>
>
> Applied, thanks.
>
> -- PMM
>

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 10 November 2015 at 17:12, Peter Crosthwaite
<crosthwaitepeter@gmail.com> wrote:
> On Tue, Nov 10, 2015 at 8:38 AM, Peter Maydell <peter.maydell@linaro.org> wrote:
>> On 10 November 2015 at 13:51, Peter Maydell <peter.maydell@linaro.org> wrote:
>>> A small set of ARM patches, notably fixing bugs in breakpoint
>>> and singlestep code, and repairing the long-broken highbank model.
>>>
>>> The only other ARM thing I have on my radar for 2.5 is the Zynq
>>> ADC controller, which I'll send separately if it makes it before
>>> the freeze deadline.
>>>
>
> It is on list I think. I don't see further review:
>
> [PATCH for-2.5 v4 1/1] hw/misc: Add support for ADC controller in
> Xilinx Zynq 7000

Ah yes, found it -- not sure why my search didn't turn it up earlier.

thanks
-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

A small set of arm bugfixes for rc0.



The following changes since commit 5853e92207193e967abf5e4c25b4a551c7604725:

  Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20171107' into staging (2017-11-07 12:19:48 +0000)

are available in the git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20171107

for you to fetch changes up to 8a7348b5d62d7ea16807e6bea54b448a0184bb0f:

  hw/intc/arm_gicv3_its: Don't abort on table save failure (2017-11-07 13:03:52 +0000)

----------------------------------------------------------------
target-arm queue:
 * arm_gicv3_its: Don't abort on table save failure
 * arm_gicv3_its: Fix the VM termination in vm_change_state_handler()
 * translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD
 * hw/arm: Mark the "fsl,imx31/25/6" devices with user_creatable = false
 * arm: implement cache/shareability attribute bits for PAR registers

----------------------------------------------------------------
Andrew Baumann (1):
      arm: implement cache/shareability attribute bits for PAR registers

Eric Auger (1):
      hw/intc/arm_gicv3_its: Don't abort on table save failure

Peter Maydell (1):
      translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD

Shanker Donthineni (1):
      hw/intc/arm_gicv3_its: Fix the VM termination in vm_change_state_handler()

Thomas Huth (3):
      hw/arm: Mark the "fsl,imx6" device with user_creatable = false
      hw/arm: Mark the "fsl,imx25" device with user_creatable = false
      hw/arm: Mark the "fsl,imx31" device with user_creatable = false

 hw/arm/fsl-imx25.c          |   6 +-
 hw/arm/fsl-imx31.c          |   6 +-
 hw/arm/fsl-imx6.c           |   3 +-
 hw/intc/arm_gicv3_its_kvm.c |  12 +--
 target/arm/helper.c         | 178 ++++++++++++++++++++++++++++++++++++++++----
 target/arm/translate.c      |  39 ++++++++--
 6 files changed, 214 insertions(+), 30 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 7 November 2017 at 13:35, Peter Maydell <peter.maydell@linaro.org> wrote:
> A small set of arm bugfixes for rc0.
>
>
>
> The following changes since commit 5853e92207193e967abf5e4c25b4a551c7604725:
>
>   Merge remote-tracking branch 'remotes/pmaydell/tags/pull-cocoa-20171107' into staging (2017-11-07 12:19:48 +0000)
>
> are available in the git repository at:
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20171107
>
> for you to fetch changes up to 8a7348b5d62d7ea16807e6bea54b448a0184bb0f:
>
>   hw/intc/arm_gicv3_its: Don't abort on table save failure (2017-11-07 13:03:52 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * arm_gicv3_its: Don't abort on table save failure
>  * arm_gicv3_its: Fix the VM termination in vm_change_state_handler()
>  * translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD
>  * hw/arm: Mark the "fsl,imx31/25/6" devices with user_creatable = false
>  * arm: implement cache/shareability attribute bits for PAR registers
>
> ----------------------------------------------------------------
> Andrew Baumann (1):
>       arm: implement cache/shareability attribute bits for PAR registers
>
> Eric Auger (1):
>       hw/intc/arm_gicv3_its: Don't abort on table save failure
>
> Peter Maydell (1):
>       translate.c: Fix usermode big-endian AArch32 LDREXD and STREXD
>
> Shanker Donthineni (1):
>       hw/intc/arm_gicv3_its: Fix the VM termination in vm_change_state_handler()
>
> Thomas Huth (3):
>       hw/arm: Mark the "fsl,imx6" device with user_creatable = false
>       hw/arm: Mark the "fsl,imx25" device with user_creatable = false
>       hw/arm: Mark the "fsl,imx31" device with user_creatable = false

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

ARM queue for 2.10: all M profile bugfixes...

thanks
-- PMM

The following changes since commit 25dd0e77898c3e10796d4cbeb35e8af5ba6ce975:

  Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-fetch' into staging (2017-07-31 11:27:43 +0100)

are available in the git repository at:

  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170731

for you to fetch changes up to 89cbc3778a3d61761e2231e740269218c9a8a41d:

  hw/mps2_scc: fix incorrect properties (2017-07-31 13:11:56 +0100)

----------------------------------------------------------------
target-arm queue:
 * fix broken properties on MPS2 SCC device
 * fix MPU trace handling of write vs exec
 * fix MPU M profile bugs:
   - not handling system space or PPB region correctly
   - not resetting state
   - not migrating MPU_RNR

----------------------------------------------------------------
Peter Maydell (6):
      target/arm: Correct MPU trace handling of write vs execute
      target/arm: Don't do MPU lookups for addresses in M profile PPB region
      target/arm: Don't allow guest to make System space executable for M profile
      target/arm: Rename cp15.c6_rgnr to pmsav7.rnr
      target/arm: Move PMSAv7 reset into arm_cpu_reset() so M profile MPUs get reset
      target/arm: Migrate MPU_RNR register state for M profile cores

Philippe Mathieu-Daudé (1):
      hw/mps2_scc: fix incorrect properties

 target/arm/cpu.h      |  3 +--
 hw/intc/armv7m_nvic.c | 14 +++++-----
 hw/misc/mps2-scc.c    |  4 +--
 target/arm/cpu.c      | 14 ++++++++++
 target/arm/helper.c   | 71 ++++++++++++++++++++++++++++++++++-----------------
 target/arm/machine.c  | 30 +++++++++++++++++++++-
 6 files changed, 101 insertions(+), 35 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 31 July 2017 at 13:22, Peter Maydell <peter.maydell@linaro.org> wrote:
> ARM queue for 2.10: all M profile bugfixes...
>
> thanks
> -- PMM
>
> The following changes since commit 25dd0e77898c3e10796d4cbeb35e8af5ba6ce975:
>
>   Merge remote-tracking branch 'remotes/mjt/tags/trivial-patches-fetch' into staging (2017-07-31 11:27:43 +0100)
>
> are available in the git repository at:
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170731
>
> for you to fetch changes up to 89cbc3778a3d61761e2231e740269218c9a8a41d:
>
>   hw/mps2_scc: fix incorrect properties (2017-07-31 13:11:56 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * fix broken properties on MPS2 SCC device
>  * fix MPU trace handling of write vs exec
>  * fix MPU M profile bugs:
>    - not handling system space or PPB region correctly
>    - not resetting state
>    - not migrating MPU_RNR
>
> ----------------------------------------------------------------
> Peter Maydell (6):
>       target/arm: Correct MPU trace handling of write vs execute
>       target/arm: Don't do MPU lookups for addresses in M profile PPB region
>       target/arm: Don't allow guest to make System space executable for M profile
>       target/arm: Rename cp15.c6_rgnr to pmsav7.rnr
>       target/arm: Move PMSAv7 reset into arm_cpu_reset() so M profile MPUs get reset
>       target/arm: Migrate MPU_RNR register state for M profile cores
>
> Philippe Mathieu-Daudé (1):
>       hw/mps2_scc: fix incorrect properties

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Try number 2 with format string fix...

-- PMM

The following changes since commit fefa4b128de06cec6d513f00ee61e8208aed4a87:

  Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150923.0' into staging (2015-09-23 21:39:46 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150924

for you to fetch changes up to 85b4d5dae12580ecdd446c0f71afa04a95641c91:

  MAINTAINERS: update Allwinner A10 maintainer (2015-09-24 01:29:37 +0100)

----------------------------------------------------------------
target-arm queue:
 * support VGICv3 in KVM
 * fix bug in ACPI table entries for flash devices in virt board
 * update Allwinner entry in MAINTAINERS

----------------------------------------------------------------
Beniamino Galvani (1):
      MAINTAINERS: update Allwinner A10 maintainer

Pavel Fedin (4):
      intc/gic: Extract some reusable vGIC code
      arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create()
      hw/intc: Initial implementation of vGICv3
      hw/arm/virt: Add gic-version option to virt machine

Shannon Zhao (1):
      hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table

Shlomo Pongratz (1):
      hw/intc: Implement GIC-500 base class

 MAINTAINERS                        |   6 +-
 hw/arm/virt-acpi-build.c           |  56 ++++++++------
 hw/arm/virt.c                      | 124 ++++++++++++++++++++++++------
 hw/intc/Makefile.objs              |   2 +
 hw/intc/arm_gic_kvm.c              |  98 ++++++++----------------
 hw/intc/arm_gicv3_common.c         | 140 ++++++++++++++++++++++++++++++++++
 hw/intc/arm_gicv3_kvm.c            | 149 +++++++++++++++++++++++++++++++++++++
 hw/intc/vgic_common.h              |  35 +++++++++
 include/hw/acpi/acpi-defs.h        |   9 +++
 include/hw/arm/virt-acpi-build.h   |   1 +
 include/hw/arm/virt.h              |   4 +-
 include/hw/intc/arm_gicv3_common.h |  68 +++++++++++++++++
 include/sysemu/kvm.h               |  26 +++++++
 kvm-all.c                          |  34 +++++++++
 target-arm/kvm.c                   |  19 +++--
 target-arm/kvm_arm.h               |  19 +++++
 target-arm/machine.c               |  18 +++++
 17 files changed, 686 insertions(+), 122 deletions(-)
 create mode 100644 hw/intc/arm_gicv3_common.c
 create mode 100644 hw/intc/arm_gicv3_kvm.c
 create mode 100644 hw/intc/vgic_common.h
 create mode 100644 include/hw/intc/arm_gicv3_common.h

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Pavel Fedin]

 Hello!

 Thank you very much for your support and cooperation. I am back from my vacation and continuing my
work on live migration. Actually i already have working code, but need to settle down kernel API
first.

Kind regards,
Pavel Fedin
Expert Engineer
Samsung Electronics Research center Russia

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 23 September 2015 at 17:31, Peter Maydell <peter.maydell@linaro.org> wrote:
> Try number 2 with format string fix...
>
> -- PMM
>
> The following changes since commit fefa4b128de06cec6d513f00ee61e8208aed4a87:
>
>   Merge remote-tracking branch 'remotes/awilliam/tags/vfio-update-20150923.0' into staging (2015-09-23 21:39:46 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150924
>
> for you to fetch changes up to 85b4d5dae12580ecdd446c0f71afa04a95641c91:
>
>   MAINTAINERS: update Allwinner A10 maintainer (2015-09-24 01:29:37 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * support VGICv3 in KVM
>  * fix bug in ACPI table entries for flash devices in virt board
>  * update Allwinner entry in MAINTAINERS
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

A small pullreq, but I don't have anything else pending and I wanted
to get the GICv3 patches in this week.

-- PMM


The following changes since commit 684bb5770ec5d72a66620f64fc5d9672bf8d3509:

  Merge remote-tracking branch 'remotes/dgibson/tags/spapr-next-20150923' into staging (2015-09-23 16:52:54 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150923-1

for you to fetch changes up to 5d23e959fc6c8604d3c19b39b71c5a1effb2c347:

  MAINTAINERS: update Allwinner A10 maintainer (2015-09-23 22:37:40 +0100)

----------------------------------------------------------------
target-arm queue:
 * support VGICv3 in KVM
 * fix bug in ACPI table entries for flash devices in virt board
 * update Allwinner entry in MAINTAINERS

----------------------------------------------------------------
Beniamino Galvani (1):
      MAINTAINERS: update Allwinner A10 maintainer

Pavel Fedin (4):
      intc/gic: Extract some reusable vGIC code
      arm_kvm: Do not assume particular GIC type in kvm_arch_irqchip_create()
      hw/intc: Initial implementation of vGICv3
      hw/arm/virt: Add gic-version option to virt machine

Shannon Zhao (1):
      hw/arm/virt-acpi-build: Fix wrong size of flash in ACPI table

Shlomo Pongratz (1):
      hw/intc: Implement GIC-500 base class

 MAINTAINERS                        |   6 +-
 hw/arm/virt-acpi-build.c           |  56 ++++++++------
 hw/arm/virt.c                      | 124 ++++++++++++++++++++++++------
 hw/intc/Makefile.objs              |   2 +
 hw/intc/arm_gic_kvm.c              |  98 ++++++++----------------
 hw/intc/arm_gicv3_common.c         | 140 ++++++++++++++++++++++++++++++++++
 hw/intc/arm_gicv3_kvm.c            | 149 +++++++++++++++++++++++++++++++++++++
 hw/intc/vgic_common.h              |  35 +++++++++
 include/hw/acpi/acpi-defs.h        |   9 +++
 include/hw/arm/virt-acpi-build.h   |   1 +
 include/hw/arm/virt.h              |   4 +-
 include/hw/intc/arm_gicv3_common.h |  68 +++++++++++++++++
 include/sysemu/kvm.h               |  26 +++++++
 kvm-all.c                          |  34 +++++++++
 target-arm/kvm.c                   |  19 +++--
 target-arm/kvm_arm.h               |  19 +++++
 target-arm/machine.c               |  18 +++++
 17 files changed, 686 insertions(+), 122 deletions(-)
 create mode 100644 hw/intc/arm_gicv3_common.c
 create mode 100644 hw/intc/arm_gicv3_kvm.c
 create mode 100644 hw/intc/vgic_common.h
 create mode 100644 include/hw/intc/arm_gicv3_common.h

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 23 September 2015 at 14:43, Peter Maydell <peter.maydell@linaro.org> wrote:
> A small pullreq, but I don't have anything else pending and I wanted
> to get the GICv3 patches in this week.
>
> -- PMM
>
>
> The following changes since commit 684bb5770ec5d72a66620f64fc5d9672bf8d3509:
>
>   Merge remote-tracking branch 'remotes/dgibson/tags/spapr-next-20150923' into staging (2015-09-23 16:52:54 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150923-1
>
> for you to fetch changes up to 5d23e959fc6c8604d3c19b39b71c5a1effb2c347:
>
>   MAINTAINERS: update Allwinner A10 maintainer (2015-09-23 22:37:40 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * support VGICv3 in KVM
>  * fix bug in ACPI table entries for flash devices in virt board
>  * update Allwinner entry in MAINTAINERS
>
> ----------------------------------------------------------------

Minor fixup required to get it to compile on 32-bit:

--- a/kvm-all.c
+++ b/kvm-all.c
@@ -2036,7 +2036,7 @@ void kvm_device_access(int fd, int group, uint64_t attr,
                            &kvmattr);
     if (err < 0) {
         error_report("KVM_%s_DEVICE_ATTR failed: %s\n"
-                     "Group %d attr 0x%016zX", write ? "SET" : "GET",
+                     "Group %d attr 0x%016" PRIx64 , write ? "SET" : "GET",
                      strerror(-err), group, attr);
         abort();
     }


-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

target-arm queue before hardfreeze: these are pretty much all
bugfixes.

-- PMM

The following changes since commit f50a1640fb82708a5d528dee1ace42a224b95b15:

  Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging (2015-07-05 20:35:47 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150706

for you to fetch changes up to 257621a9566054472d1d55a819880d0f9da02bda:

  arm_mptimer: Respect IT bit state (2015-07-06 10:26:35 +0100)

----------------------------------------------------------------
target-arm queue:
 * TLBI ALLEI1IS should operate on all CPUs, not just this one
 * Fix interval interrupt of cadence ttc in decrement mode
 * Implement YIELD insn to yield in ARM and Thumb translators
 * ARM GIC: reset all registers
 * arm_mptimer: fix timer shutdown and mode change
 * arm_mptimer: respect IT bit state

----------------------------------------------------------------
Dmitry Osipenko (2):
      arm_mptimer: Fix timer shutdown and mode change
      arm_mptimer: Respect IT bit state

Johannes Schlatow (1):
      Fix interval interrupt of cadence ttc when timer is in decrement mode

Peter Maydell (3):
      target-arm: Split DISAS_YIELD from DISAS_WFE
      target-arm: Implement YIELD insn to yield in ARM and Thumb translators
      hw/intc/arm_gic_common.c: Reset all registers

Sergey Fedorov (1):
      target-arm: fix write helper for TLBI ALLE1IS

 hw/intc/arm_gic_common.c   | 21 ++++++++++++++++++---
 hw/timer/arm_mptimer.c     | 13 ++++++++++---
 hw/timer/cadence_ttc.c     |  9 ++++-----
 target-arm/helper.c        |  2 +-
 target-arm/helper.h        |  1 +
 target-arm/op_helper.c     | 18 +++++++++++++++---
 target-arm/translate-a64.c |  6 ++++++
 target-arm/translate.c     |  7 +++++++
 target-arm/translate.h     |  1 +
 9 files changed, 63 insertions(+), 15 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 6 July 2015 at 10:59, Peter Maydell <peter.maydell@linaro.org> wrote:
> target-arm queue before hardfreeze: these are pretty much all
> bugfixes.
>
> -- PMM
>
> The following changes since commit f50a1640fb82708a5d528dee1ace42a224b95b15:
>
>   Merge remote-tracking branch 'remotes/jnsnow/tags/ide-pull-request' into staging (2015-07-05 20:35:47 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150706
>
> for you to fetch changes up to 257621a9566054472d1d55a819880d0f9da02bda:
>
>   arm_mptimer: Respect IT bit state (2015-07-06 10:26:35 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * TLBI ALLEI1IS should operate on all CPUs, not just this one
>  * Fix interval interrupt of cadence ttc in decrement mode
>  * Implement YIELD insn to yield in ARM and Thumb translators
>  * ARM GIC: reset all registers
>  * arm_mptimer: fix timer shutdown and mode change
>  * arm_mptimer: respect IT bit state

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

target-arm queue: a few new features, but all minor stuff.

thanks
-- PMM


The following changes since commit ccb0c7e122db72d3a5da798c6414d4912bba828f:

  Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150626' into staging (2015-06-26 11:32:58 +0100)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150626

for you to fetch changes up to 4e2c0b2a4ab810c8989e181a010e75aeaa1c55f3:

  hw/arm/virt: Make block devices default to virtio (2015-06-26 14:22:37 +0100)

----------------------------------------------------------------
target-arm queue:
 * Change the virt board's default interface type for block devices to virtio
 * Improve some error messages that will now be triggered by some incorrect
   but previously worked-by-accident command lines
 * Print ELR if we're doing debug logging of AArch64 exception entry
 * Handle the "completely empty semihosting commandline" correctly for
   softmmu (we already did for linux-user)
 * Add GICv2m description to ACPI tables for virt board
 * Fix some incorrect table revision entries in virt board ACPI tables

----------------------------------------------------------------
Liviu Ionescu (1):
      target-arm: default empty semihosting cmdline

Peter Maydell (3):
      qdev-properties-system: Change set_pointer's parse callback to use Error
      qdev-properties-system: Improve error message for drive assignment conflict
      hw/arm/virt: Make block devices default to virtio

Shannon Zhao (2):
      hw/arm/virt-acpi-build: Fix table revision and some comments
      hw/arm/virt-acpi-build: Add GICv2m description in ACPI MADT table

Soren Brinkmann (1):
      target-arm: A64: Print ELR when taking exceptions

 hw/arm/virt-acpi-build.c         | 22 ++++++++++++++++-----
 hw/arm/virt.c                    |  2 ++
 hw/core/qdev-properties-system.c | 42 +++++++++++++++++++++++++++-------------
 include/hw/acpi/acpi-defs.h      | 12 ++++++++++++
 target-arm/arm-semi.c            | 11 +++++++++--
 target-arm/helper-a64.c          |  2 ++
 6 files changed, 71 insertions(+), 20 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 26 June 2015 at 14:31, Peter Maydell <peter.maydell@linaro.org> wrote:
> target-arm queue: a few new features, but all minor stuff.
>
> thanks
> -- PMM
>
>
> The following changes since commit ccb0c7e122db72d3a5da798c6414d4912bba828f:
>
>   Merge remote-tracking branch 'remotes/lalrae/tags/mips-20150626' into staging (2015-06-26 11:32:58 +0100)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150626
>
> for you to fetch changes up to 4e2c0b2a4ab810c8989e181a010e75aeaa1c55f3:
>
>   hw/arm/virt: Make block devices default to virtio (2015-06-26 14:22:37 +0100)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * Change the virt board's default interface type for block devices to virtio
>  * Improve some error messages that will now be triggered by some incorrect
>    but previously worked-by-accident command lines
>  * Print ELR if we're doing debug logging of AArch64 exception entry
>  * Handle the "completely empty semihosting commandline" correctly for
>    softmmu (we already did for linux-user)
>  * Add GICv2m description to ACPI tables for virt board
>  * Fix some incorrect table revision entries in virt board ACPI tables
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Last batch of bugfixes before hardfreeze...

-- PMM

The following changes since commit f421f05754ac5aabe15f12051390204116408b00:

  Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.1-20150316-1' into staging (2015-03-16 10:58:11 +0000)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150316

for you to fetch changes up to b8d43285a4db12156c40ba6fdbd8002c383fcbca:

  linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs (2015-03-16 12:30:47 +0000)

----------------------------------------------------------------
target-arm queue:
 * fix handling of execute-never bits in page table walks
 * tell kernel to initialize KVM GIC in realize function
 * fix handling of STM (user) with r15 in register list
 * ignore low bit of PC in M-profile exception return
 * fix linux-user get/set_tls syscalls on CPUs with TZ

----------------------------------------------------------------
Andrew Jones (3):
      target-arm: convert check_ap to ap_to_rw_prot
      target-arm: fix get_phys_addr_v6/SCTLR_AFE access check
      target-arm: get_phys_addr_lpae: more xn control

Eric Auger (1):
      hw/intc/arm_gic: Initialize the vgic in the realize function

Mikhail Ilyin (1):
      linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs

Peter Maydell (2):
      target-arm: Fix handling of STM (user) with r15 in register list
      target-arm: Ignore low bit of PC in M-profile exception return

 hw/intc/arm_gic_kvm.c       |   7 ++
 linux-user/arm/target_cpu.h |  15 ++-
 linux-user/main.c           |   2 +-
 target-arm/helper.c         | 222 ++++++++++++++++++++++++++++++++------------
 target-arm/translate.c      |  18 ++--
 5 files changed, 197 insertions(+), 67 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 16 March 2015 at 12:40, Peter Maydell <peter.maydell@linaro.org> wrote:
> Last batch of bugfixes before hardfreeze...
>
> -- PMM
>
> The following changes since commit f421f05754ac5aabe15f12051390204116408b00:
>
>   Merge remote-tracking branch 'remotes/kraxel/tags/pull-seabios-1.8.1-20150316-1' into staging (2015-03-16 10:58:11 +0000)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20150316
>
> for you to fetch changes up to b8d43285a4db12156c40ba6fdbd8002c383fcbca:
>
>   linux-user: Access correct register for get/set_tls syscalls on ARM TZ CPUs (2015-03-16 12:30:47 +0000)

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Last handful of patches before hardfreeze; these are just
refactoring/cleanup, but I'd like to get them in to avoid
clashes and merge conflicts with other series like TZ.

thanks
-- PMM

The following changes since commit 949ca9e479c381a63ddb257adca1a6f0c44d898e:

  Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2014-11-03 22:51:08 +0000)

are available in the git repository at:


  git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20141104

for you to fetch changes up to 9fae24f55496ea178e9e8e351f82a02f34ddaf4d:

  target-arm: Correct condition for taking VIRQ and VFIQ (2014-11-04 12:05:23 +0000)

----------------------------------------------------------------
target-arm queue:
 * avoid passing CPU env pointer around in A32/T32 decoders
 * split M profile exception masking out from A/R profile

----------------------------------------------------------------
Peter Maydell (7):
      target-arm/translate.c: Use arm_dc_feature() in ENABLE_ARCH_ macros
      target-arm/translate.c: Use arm_dc_feature() rather than arm_feature()
      target-arm/translate.c: Don't use IS_M()
      target-arm/translate.c: Don't pass CPUARMState around in the decoder
      target-arm/translate.c: Don't pass CPUARMState * to disas_arm_insn()
      target-arm: Separate out M profile cpu_exec_interrupt handling
      target-arm: Correct condition for taking VIRQ and VFIQ

 target-arm/cpu.c       |  49 +++++++--
 target-arm/cpu.h       |  20 +---
 target-arm/translate.c | 280 +++++++++++++++++++++++++++----------------------
 3 files changed, 197 insertions(+), 152 deletions(-)

Re: [Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

On 4 November 2014 12:30, Peter Maydell <peter.maydell@linaro.org> wrote:
> Last handful of patches before hardfreeze; these are just
> refactoring/cleanup, but I'd like to get them in to avoid
> clashes and merge conflicts with other series like TZ.
>
> thanks
> -- PMM
>
> The following changes since commit 949ca9e479c381a63ddb257adca1a6f0c44d898e:
>
>   Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging (2014-11-03 22:51:08 +0000)
>
> are available in the git repository at:
>
>
>   git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20141104
>
> for you to fetch changes up to 9fae24f55496ea178e9e8e351f82a02f34ddaf4d:
>
>   target-arm: Correct condition for taking VIRQ and VFIQ (2014-11-04 12:05:23 +0000)
>
> ----------------------------------------------------------------
> target-arm queue:
>  * avoid passing CPU env pointer around in A32/T32 decoders
>  * split M profile exception masking out from A/R profile
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

[Qemu-devel] [PULL 0/7] target-arm queue

[Peter Maydell]

Hi; these are the pending target-arm patches I'd like to get in for 1.0;
a couple of minor ones plus the A15 insn work. Please pull.

PS: I'm not sure who the best person to cc on target-arm pull requests
is; any suggestions?

thanks
-- PMM

The following changes since commit cfce6d8934243871c4dc6d0c5248b0b27a1b8d80:

  i8259: Move to hw library (2011-10-16 11:11:56 +0000)

are available in the git repository at:
  git://git.linaro.org/people/pmaydell/qemu-arm.git target-arm.for-upstream

Christophe LYON (1):
      rsqrte_f32: No need to copy sign bit.

Dmitry Koshelev (1):
      target-arm/machine.c: Restore VFP registers correctly

Peter Maydell (5):
      target-arm: v6 media multiply space: UNDEF on unassigned encodings
      target-arm: Rename ARM_FEATURE_DIV to _THUMB_DIV
      target-arm: Add ARM UDIV/SDIV support
      softfloat: Implement fused multiply-add
      target-arm: Implement VFPv4 fused multiply-accumulate insns

 fpu/softfloat-specialize.h |  178 ++++++++++++++++++
 fpu/softfloat.c            |  427 ++++++++++++++++++++++++++++++++++++++++++++
 fpu/softfloat.h            |   14 ++
 target-arm/cpu.h           |    4 +-
 target-arm/helper.c        |   24 ++-
 target-arm/helper.h        |    3 +
 target-arm/machine.c       |    2 +-
 target-arm/translate.c     |  118 ++++++++++++-
 8 files changed, 759 insertions(+), 11 deletions(-)