[PULL 0/3] MIPS patches for 5.2-rc1

[PULL 0/3] MIPS patches for 5.2-rc1

[Philippe Mathieu-Daudé]

The following changes since commit 3493c36f0371777c62d1d72b205b0eb6117e2156:

  Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20201106' into staging (2020-11-06 13:43:28 +0000)

are available in the Git repository at:

  https://gitlab.com/philmd/qemu.git tags/mips-fixes-20201109

for you to fetch changes up to bf4ee88ab63fcf2dcb75f0d68cc6c8d2edb68212:

  hw/mips/boston: Fix memory leak in boston_fdt_filter() error-handling paths (2020-11-09 00:40:44 +0100)

----------------------------------------------------------------
MIPS patches queue

- Deprecate nanoMIPS ISA
- Fix PageMask with variable page size (Huacai Chen)
- Fix memory leak in boston_fdt_filter (Coverity CID 1432275, Peter Maydell)

CI jobs results:
. https://cirrus-ci.com/build/5439131968864256
. https://gitlab.com/philmd/qemu/-/pipelines/213403385
. https://travis-ci.org/github/philmd/qemu/builds/742312387
----------------------------------------------------------------

Jiaxun Yang (1):
  target/mips: Fix PageMask with variable page size

Peter Maydell (1):
  hw/mips/boston: Fix memory leak in boston_fdt_filter() error-handling
    paths

Philippe Mathieu-Daudé (1):
  target/mips: Deprecate nanoMIPS ISA

 docs/system/deprecated.rst | 23 +++++++++++++++++++++++
 target/mips/cpu.h          |  1 +
 hw/mips/boston.c           | 10 ++++------
 target/mips/cp0_helper.c   | 27 +++++++++++++++++++++------
 MAINTAINERS                |  6 +++++-
 5 files changed, 54 insertions(+), 13 deletions(-)

-- 
2.26.2

[PULL 1/3] target/mips: Deprecate nanoMIPS ISA

[Philippe Mathieu-Daudé]

The nanoMIPS ISA has been announced in 2018 for various projects:

GCC:   https://gcc.gnu.org/legacy-ml/gcc/2018-05/msg00012.html
Linux: https://lwn.net/Articles/753605/
QEMU:  https://www.mail-archive.com/qemu-devel@nongnu.org/msg530721.html

Unfortunately the links referenced doesn't work anymore (www.mips.com).

From this Wayback machine link [1] we can get to a working place to
download a toolchain (a more recent release than the one referenced
in the announcement mails):
http://codescape.mips.com/components/toolchain/nanomips/2018.04-02/downloads.html

The toolchain page mention LLVM but simply links http://llvm.org/
where there is no reference on nanoMIPS.

The only reference in the GCC mailing list, is the nanoMIPS
announcement: https://gcc.gnu.org/pipermail/gcc/2018-May.txt

The developer who authored the announcements have been emailed [2]
to ask for more information but all their emails are now bouncing:

- Your message to Stefan.Markovic@mips.com couldn't be delivered.

- Your message to smarkovic@wavecomp.com couldn't be delivered.

- Couldn't deliver the message to the following recipients:
    Robert.Suchanek@mips.com, matthew.fortune@mips.com,
    marcin.nowakowski@mips.com

Our deprecation policy do not allow feature removal before 2 release,
therefore declare the nanoMIPS ISA code deprecated as of QEMU 5.2.
This gives time to developers to update the QEMU community, or
interested parties to step in to maintain this code.

[1] https://web.archive.org/web/20180904044530/https://www.mips.com/develop/tools/compilers/
[2] https://www.mail-archive.com/qemu-devel@nongnu.org/msg756392.html

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20201102202710.2224691-1-f4bug@amsat.org>
---
 docs/system/deprecated.rst | 23 +++++++++++++++++++++++
 MAINTAINERS                |  6 +++++-
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/docs/system/deprecated.rst b/docs/system/deprecated.rst
index 8c1dc7645d7..bbaae0d97c3 100644
--- a/docs/system/deprecated.rst
+++ b/docs/system/deprecated.rst
@@ -310,6 +310,13 @@ to build binaries for it.
 ``Icelake-Client`` CPU Models are deprecated. Use ``Icelake-Server`` CPU
 Models instead.
 
+MIPS ``I7200`` CPU Model (since 5.2)
+''''''''''''''''''''''''''''''''''''
+
+The ``I7200`` guest CPU relies on the nanoMIPS ISA, which is deprecated
+(the ISA has never been upstreamed to a compiler toolchain). Therefore
+this CPU is also deprecated.
+
 System emulator devices
 -----------------------
 
@@ -407,6 +414,13 @@ The ``ppc64abi32`` architecture has a number of issues which regularly
 trip up our CI testing and is suspected to be quite broken. For that
 reason the maintainers strongly suspect no one actually uses it.
 
+MIPS ``I7200`` CPU (since 5.2)
+''''''''''''''''''''''''''''''
+
+The ``I7200`` guest CPU relies on the nanoMIPS ISA, which is deprecated
+(the ISA has never been upstreamed to a compiler toolchain). Therefore
+this CPU is also deprecated.
+
 Related binaries
 ----------------
 
@@ -471,6 +485,15 @@ versions, aliases will point to newer CPU model versions
 depending on the machine type, so management software must
 resolve CPU model aliases before starting a virtual machine.
 
+Guest Emulator ISAs
+-------------------
+
+nanoMIPS ISA
+''''''''''''
+
+The ``nanoMIPS`` ISA has never been upstreamed to any compiler toolchain.
+As it is hard to generate binaries for it, declare it deprecated.
+
 
 Recently removed features
 =========================
diff --git a/MAINTAINERS b/MAINTAINERS
index 63223e1183d..16aace05624 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -227,7 +227,7 @@ R: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>
 S: Odd Fixes
 F: target/mips/
 F: default-configs/*mips*
-F: disas/*mips*
+F: disas/mips.c
 F: docs/system/cpu-models-mips.rst.inc
 F: hw/intc/mips_gic.c
 F: hw/mips/
@@ -240,6 +240,10 @@ F: include/hw/timer/mips_gictimer.h
 F: tests/tcg/mips/
 K: ^Subject:.*(?i)mips
 
+MIPS TCG CPUs (nanoMIPS ISA)
+S: Orphan
+F: disas/nanomips.*
+
 Moxie TCG CPUs
 M: Anthony Green <green@moxielogic.com>
 S: Maintained
-- 
2.26.2

[PULL 2/3] target/mips: Fix PageMask with variable page size

[Philippe Mathieu-Daudé]

From: Jiaxun Yang <jiaxun.yang@flygoat.com>

Our current code assumed the target page size is always 4k
when handling PageMask and VPN2, however, variable page size
was just added to mips target and that's no longer true.

Fixes: ee3863b9d414 ("target/mips: Support variable page size")
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
Signed-off-by: Huacai Chen <chenhc@lemote.com>
Message-Id: <1604636510-8347-2-git-send-email-chenhc@lemote.com>
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
[PMD: Replaced find_first_zero_bit() by cto32()]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 target/mips/cpu.h        |  1 +
 target/mips/cp0_helper.c | 27 +++++++++++++++++++++------
 2 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/target/mips/cpu.h b/target/mips/cpu.h
index d41579d44ae..23f8c6f96cd 100644
--- a/target/mips/cpu.h
+++ b/target/mips/cpu.h
@@ -619,6 +619,7 @@ struct CPUMIPSState {
  * CP0 Register 5
  */
     int32_t CP0_PageMask;
+#define CP0PM_MASK 13
     int32_t CP0_PageGrain_rw_bitmask;
     int32_t CP0_PageGrain;
 #define CP0PG_RIE 31
diff --git a/target/mips/cp0_helper.c b/target/mips/cp0_helper.c
index 709cc9a7e3d..a1b5140ccaf 100644
--- a/target/mips/cp0_helper.c
+++ b/target/mips/cp0_helper.c
@@ -892,13 +892,28 @@ void helper_mtc0_memorymapid(CPUMIPSState *env, target_ulong arg1)
 
 void update_pagemask(CPUMIPSState *env, target_ulong arg1, int32_t *pagemask)
 {
-    uint64_t mask = arg1 >> (TARGET_PAGE_BITS + 1);
-    if (!(env->insn_flags & ISA_MIPS32R6) || (arg1 == ~0) ||
-        (mask == 0x0000 || mask == 0x0003 || mask == 0x000F ||
-         mask == 0x003F || mask == 0x00FF || mask == 0x03FF ||
-         mask == 0x0FFF || mask == 0x3FFF || mask == 0xFFFF)) {
-        env->CP0_PageMask = arg1 & (0x1FFFFFFF & (TARGET_PAGE_MASK << 1));
+    uint32_t mask;
+    int maskbits;
+
+    /* Don't care MASKX as we don't support 1KB page */
+    mask = extract32((uint32_t)arg1, CP0PM_MASK, 16);
+    maskbits = cto32(mask);
+
+    /* Ensure no more set bit after first zero */
+    if ((mask >> maskbits) != 0) {
+        goto invalid;
     }
+    /* We don't support VTLB entry smaller than target page */
+    if ((maskbits + 12) < TARGET_PAGE_BITS) {
+        goto invalid;
+    }
+    env->CP0_PageMask = mask << CP0PM_MASK;
+
+    return;
+
+invalid:
+    /* When invalid, set to default target page size. */
+    env->CP0_PageMask = (~TARGET_PAGE_MASK >> 12) << CP0PM_MASK;
 }
 
 void helper_mtc0_pagemask(CPUMIPSState *env, target_ulong arg1)
-- 
2.26.2

[PULL 3/3] hw/mips/boston: Fix memory leak in boston_fdt_filter() error-handling paths

[Philippe Mathieu-Daudé]

From: Peter Maydell <peter.maydell@linaro.org>

Coverity points out that the error-handling paths in the
boston_fdt_filter() function don't free the fdt that was allocated.
Fix the leak by using g_autofree.

Fixes: Coverity CID 1432275

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20201106175823.1650-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 hw/mips/boston.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/hw/mips/boston.c b/hw/mips/boston.c
index 3356d7a6814..3d40867dc4c 100644
--- a/hw/mips/boston.c
+++ b/hw/mips/boston.c
@@ -349,11 +349,9 @@ static const void *boston_fdt_filter(void *opaque, const void *fdt_orig,
     MachineState *machine = s->mach;
     const char *cmdline;
     int err;
-    void *fdt;
-    size_t fdt_sz, ram_low_sz, ram_high_sz;
-
-    fdt_sz = fdt_totalsize(fdt_orig) * 2;
-    fdt = g_malloc0(fdt_sz);
+    size_t ram_low_sz, ram_high_sz;
+    size_t fdt_sz = fdt_totalsize(fdt_orig) * 2;
+    g_autofree void *fdt = g_malloc0(fdt_sz);
 
     err = fdt_open_into(fdt_orig, fdt, fdt_sz);
     if (err) {
@@ -380,7 +378,7 @@ static const void *boston_fdt_filter(void *opaque, const void *fdt_orig,
 
     s->fdt_base = *load_addr;
 
-    return fdt;
+    return g_steal_pointer(&fdt);
 }
 
 static const void *boston_kernel_filter(void *opaque, const void *kernel,
-- 
2.26.2

Re: [PULL 0/3] MIPS patches for 5.2-rc1

[Peter Maydell]

On Sun, 8 Nov 2020 at 23:45, Philippe Mathieu-Daudé <f4bug@amsat.org> wrote:
>
> The following changes since commit 3493c36f0371777c62d1d72b205b0eb6117e2156:
>
>   Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20201106' into staging (2020-11-06 13:43:28 +0000)
>
> are available in the Git repository at:
>
>   https://gitlab.com/philmd/qemu.git tags/mips-fixes-20201109
>
> for you to fetch changes up to bf4ee88ab63fcf2dcb75f0d68cc6c8d2edb68212:
>
>   hw/mips/boston: Fix memory leak in boston_fdt_filter() error-handling paths (2020-11-09 00:40:44 +0100)
>
> ----------------------------------------------------------------
> MIPS patches queue
>
> - Deprecate nanoMIPS ISA
> - Fix PageMask with variable page size (Huacai Chen)
> - Fix memory leak in boston_fdt_filter (Coverity CID 1432275, Peter Maydell)
>
> CI jobs results:
> . https://cirrus-ci.com/build/5439131968864256
> . https://gitlab.com/philmd/qemu/-/pipelines/213403385
> . https://travis-ci.org/github/philmd/qemu/builds/742312387
> ----------------------------------------------------------------


Applied, thanks.

Please update the changelog at https://wiki.qemu.org/ChangeLog/5.2
for any user-visible changes.

-- PMM