[Qemu-devel] [PULL 00/21] Linux-user updates

[Qemu-devel] [PULL 00/21] Linux-user updates

[riku.voipio]

From: Riku Voipio <riku.voipio@linaro.org>

The linux-user patches that have been sent to the list during the
last few weeks that do not break in any of my my tests.

The following changes since commit 549c272b3c7c2aac69155be2e158c970828b2844:

  Merge remote-tracking branch 'pmaydell/tags/pull-arm-devs-20130722' into staging (2013-07-22 10:14:24 -0500)

are available in the git repository at:

  git://git.linaro.org/people/rikuvoipio/qemu.git linux-user-for-upstream

for you to fetch changes up to a033381758841837edaf307e20edf019c5900609:

  linux-user: Handle compressed ISA encodings when processing MIPS exceptions (2013-07-23 17:31:25 +0300)

----------------------------------------------------------------
Alexander Graf (5):
  linux-user: Add i386 TLS setter
  linux-user: fix segmentation fault passing with h2g(x) != x
  linux-user: Fix epoll on ARM hosts
  linux-user: Reset copied CPUs in cpu_copy() always
  linux-user: Unlock mmap_lock when resuming guest from page_unprotect

Andreas Färber (1):
  linux-user: Avoid conditional cpu_reset()

Kwok Cheung Yeung (1):
  linux-user: Handle compressed ISA encodings when processing MIPS
    exceptions

Peter Maydell (14):
  configure: Flip default of target_nptl
  configure: Don't say target_nptl="no" if there is no linux-user target
  configure: Enable threading on all ppc and mips linux-user targets
  configure: Enable threading for unicore32-linux-user
  linux-user: Move includes of target-specific headers to end of qemu.h
  linux-user: Enable NPTL for OpenRISC
  linux-user: Enable NPTL for SPARC targets
  linux-user: Enable NPTL for m68k
  linux-user: Add missing 'break' in i386 get_thread_area syscall
  linux-user: Clean up handling of clone() argument order
  linux-user: Enable NPTL for x86-64
  configure: Make NPTL non-optional
  linux-user: Fix target_stat and target_stat64 for OpenRISC
  linux-user: Fix pipe syscall return for SPARC

 configure                        | 34 ++-------------
 exec.c                           |  4 ++
 include/exec/cpu-all.h           |  8 +++-
 include/exec/gdbstub.h           |  2 +-
 linux-user/arm/syscall.h         |  2 +
 linux-user/cris/syscall.h        |  2 +
 linux-user/i386/syscall.h        |  2 +
 linux-user/i386/target_cpu.h     | 19 ++++++++-
 linux-user/m68k/target_cpu.h     |  6 ++-
 linux-user/main.c                | 91 +++++++++++++++++++---------------------
 linux-user/microblaze/syscall.h  |  2 +
 linux-user/mips/syscall.h        |  2 +
 linux-user/mips64/syscall.h      |  2 +
 linux-user/mmap.c                | 11 -----
 linux-user/openrisc/target_cpu.h |  9 +++-
 linux-user/ppc/syscall.h         |  2 +
 linux-user/qemu.h                | 20 ++++-----
 linux-user/s390x/syscall.h       |  2 +
 linux-user/sparc/syscall.h       |  7 ++++
 linux-user/sparc/target_cpu.h    | 16 +++++--
 linux-user/sparc64/syscall.h     |  7 ++++
 linux-user/syscall.c             | 88 +++++++++++++-------------------------
 linux-user/syscall_defs.h        | 54 ++++++++++++++++++------
 translate-all.c                  | 10 +++--
 user-exec.c                      |  4 ++
 25 files changed, 218 insertions(+), 188 deletions(-)

-- 
1.8.1.2

[Qemu-devel] [PULL 01/21] configure: Flip default of target_nptl

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

Most targets either (a) support threading or (b) don't have a
linux-user/bsd-user target, so make it default to 'yes', with those
targets that don't support threading having to specifically say so.

This is a mechanical no-behaviour-change commit; some of the
"no" entries it adds will be taken out in later patches.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

diff --git a/configure b/configure
index 7c45db2..983f4d5 100755
--- a/configure
+++ b/configure
@@ -4180,7 +4180,7 @@ mkdir -p $target_dir
 echo "# Automatically generated by configure - do not modify" > $config_target_mak
 
 bflt="no"
-target_nptl="no"
+target_nptl="yes"
 interp_prefix1=`echo "$interp_prefix" | sed "s/%M/$target_name/g"`
 gdb_xml_files=""
 
@@ -4190,69 +4190,71 @@ TARGET_ABI_DIR=""
 
 case "$target_name" in
   i386)
+    target_nptl="no"
   ;;
   x86_64)
     TARGET_BASE_ARCH=i386
+    target_nptl="no"
   ;;
   alpha)
-    target_nptl="yes"
   ;;
   arm|armeb)
     TARGET_ARCH=arm
     bflt="yes"
-    target_nptl="yes"
     gdb_xml_files="arm-core.xml arm-vfp.xml arm-vfp3.xml arm-neon.xml"
   ;;
   cris)
-    target_nptl="yes"
   ;;
   lm32)
+    target_nptl="no"
   ;;
   m68k)
     bflt="yes"
     gdb_xml_files="cf-core.xml cf-fp.xml"
+    target_nptl="no"
   ;;
   microblaze|microblazeel)
     TARGET_ARCH=microblaze
     bflt="yes"
-    target_nptl="yes"
   ;;
   mips|mipsel)
     TARGET_ARCH=mips
     echo "TARGET_ABI_MIPSO32=y" >> $config_target_mak
-    target_nptl="yes"
   ;;
   mipsn32|mipsn32el)
     TARGET_ARCH=mips64
     TARGET_BASE_ARCH=mips
     echo "TARGET_ABI_MIPSN32=y" >> $config_target_mak
     echo "TARGET_ABI32=y" >> $config_target_mak
+    target_nptl="no"
   ;;
   mips64|mips64el)
     TARGET_ARCH=mips64
     TARGET_BASE_ARCH=mips
     echo "TARGET_ABI_MIPSN64=y" >> $config_target_mak
+    target_nptl="no"
   ;;
   moxie)
+    target_nptl="no"
   ;;
   or32)
     TARGET_ARCH=openrisc
     TARGET_BASE_ARCH=openrisc
+    target_nptl="no"
   ;;
   ppc)
     gdb_xml_files="power-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
-    target_nptl="yes"
   ;;
   ppcemb)
     TARGET_BASE_ARCH=ppc
     TARGET_ABI_DIR=ppc
     gdb_xml_files="power-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
-    target_nptl="yes"
   ;;
   ppc64)
     TARGET_BASE_ARCH=ppc
     TARGET_ABI_DIR=ppc
     gdb_xml_files="power64-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
+    target_nptl="no"
   ;;
   ppc64abi32)
     TARGET_ARCH=ppc64
@@ -4260,30 +4262,34 @@ case "$target_name" in
     TARGET_ABI_DIR=ppc
     echo "TARGET_ABI32=y" >> $config_target_mak
     gdb_xml_files="power64-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
+    target_nptl="no"
   ;;
   sh4|sh4eb)
     TARGET_ARCH=sh4
     bflt="yes"
-    target_nptl="yes"
   ;;
   sparc)
+    target_nptl="no"
   ;;
   sparc64)
     TARGET_BASE_ARCH=sparc
+    target_nptl="no"
   ;;
   sparc32plus)
     TARGET_ARCH=sparc64
     TARGET_BASE_ARCH=sparc
     TARGET_ABI_DIR=sparc
     echo "TARGET_ABI32=y" >> $config_target_mak
+    target_nptl="no"
   ;;
   s390x)
-    target_nptl="yes"
   ;;
   unicore32)
+    target_nptl="no"
   ;;
   xtensa|xtensaeb)
     TARGET_ARCH=xtensa
+    target_nptl="no"
   ;;
   *)
     error_exit "Unsupported target CPU"
-- 
1.8.1.2

[Qemu-devel] [PULL 02/21] configure: Don't say target_nptl="no" if there is no linux-user target

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

For architectures with no linux-user target, don't claim no NPTL
support. This has no behavioural change, but it means that we
won't accidentally add a new linux-user target without threading
support in future (because attempting to do so would be a compile
failure rather than a silent lack of support).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/configure b/configure
index 983f4d5..3792607 100755
--- a/configure
+++ b/configure
@@ -4206,7 +4206,6 @@ case "$target_name" in
   cris)
   ;;
   lm32)
-    target_nptl="no"
   ;;
   m68k)
     bflt="yes"
@@ -4235,7 +4234,6 @@ case "$target_name" in
     target_nptl="no"
   ;;
   moxie)
-    target_nptl="no"
   ;;
   or32)
     TARGET_ARCH=openrisc
@@ -4289,7 +4287,6 @@ case "$target_name" in
   ;;
   xtensa|xtensaeb)
     TARGET_ARCH=xtensa
-    target_nptl="no"
   ;;
   *)
     error_exit "Unsupported target CPU"
-- 
1.8.1.2

[Qemu-devel] [PULL 03/21] configure: Enable threading on all ppc and mips linux-user targets

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

Though threading (target_nptl) was enabled on the base PPC and MIPS
targets, it wasn't enabled for the variants mipsn32, mipsn32el,
mips64, mips64el, ppc64 or ppc46abi32 (probably an oversight).
Enable threading consistently on all these targets.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/configure b/configure
index 3792607..9b7101c 100755
--- a/configure
+++ b/configure
@@ -4225,13 +4225,11 @@ case "$target_name" in
     TARGET_BASE_ARCH=mips
     echo "TARGET_ABI_MIPSN32=y" >> $config_target_mak
     echo "TARGET_ABI32=y" >> $config_target_mak
-    target_nptl="no"
   ;;
   mips64|mips64el)
     TARGET_ARCH=mips64
     TARGET_BASE_ARCH=mips
     echo "TARGET_ABI_MIPSN64=y" >> $config_target_mak
-    target_nptl="no"
   ;;
   moxie)
   ;;
@@ -4252,7 +4250,6 @@ case "$target_name" in
     TARGET_BASE_ARCH=ppc
     TARGET_ABI_DIR=ppc
     gdb_xml_files="power64-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
-    target_nptl="no"
   ;;
   ppc64abi32)
     TARGET_ARCH=ppc64
@@ -4260,7 +4257,6 @@ case "$target_name" in
     TARGET_ABI_DIR=ppc
     echo "TARGET_ABI32=y" >> $config_target_mak
     gdb_xml_files="power64-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
-    target_nptl="no"
   ;;
   sh4|sh4eb)
     TARGET_ARCH=sh4
-- 
1.8.1.2

[Qemu-devel] [PULL 04/21] configure: Enable threading for unicore32-linux-user

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

unicore32-linux-user provides cpu_set_tls(), so the failure
to enable target_nptl was presumably an oversight. Enable it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure | 1 -
 1 file changed, 1 deletion(-)

diff --git a/configure b/configure
index 9b7101c..0b19408 100755
--- a/configure
+++ b/configure
@@ -4279,7 +4279,6 @@ case "$target_name" in
   s390x)
   ;;
   unicore32)
-    target_nptl="no"
   ;;
   xtensa|xtensaeb)
     TARGET_ARCH=xtensa
-- 
1.8.1.2

[Qemu-devel] [PULL 05/21] linux-user: Move includes of target-specific headers to end of qemu.h

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

The target-specific headers (target_cpu.h and target_signal.h)
might need to use the target-independent structure and function
definitions of qemu.h; so include them only at the bottom of
qemu.h, not the top.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/qemu.h | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 6569608..8c420da 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -16,8 +16,6 @@
 #include "exec/user/thunk.h"
 #include "syscall_defs.h"
 #include "syscall.h"
-#include "target_cpu.h"
-#include "target_signal.h"
 #include "exec/gdbstub.h"
 #include "qemu/queue.h"
 
@@ -454,4 +452,11 @@ static inline void *lock_user_string(abi_ulong guest_addr)
 #include <pthread.h>
 #endif
 
+/* Include target-specific struct and function definitions;
+ * they may need access to the target-independent structures
+ * above, so include them last.
+ */
+#include "target_cpu.h"
+#include "target_signal.h"
+
 #endif /* QEMU_H */
-- 
1.8.1.2

[Qemu-devel] [PULL 06/21] linux-user: Enable NPTL for OpenRISC

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

The OpenRISC kernel ignores CLONE_SETTLS in its copy_thread()
implementation, so a cpu_set_tls() implementation is a no-op.
cpu_clone_regs() was setting the syscall return value in the
wrong register -- it is gpr[11], not gpr[2]. With these two
things fixed, we can compile with NPTL enabled.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jia Liu <proljc@gmail.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure                        | 1 -
 linux-user/openrisc/target_cpu.h | 9 +++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/configure b/configure
index 0b19408..bfad34e 100755
--- a/configure
+++ b/configure
@@ -4236,7 +4236,6 @@ case "$target_name" in
   or32)
     TARGET_ARCH=openrisc
     TARGET_BASE_ARCH=openrisc
-    target_nptl="no"
   ;;
   ppc)
     gdb_xml_files="power-core.xml power-fpu.xml power-altivec.xml power-spe.xml"
diff --git a/linux-user/openrisc/target_cpu.h b/linux-user/openrisc/target_cpu.h
index 501fb81..32a46ac 100644
--- a/linux-user/openrisc/target_cpu.h
+++ b/linux-user/openrisc/target_cpu.h
@@ -25,9 +25,14 @@ static inline void cpu_clone_regs(CPUOpenRISCState *env, target_ulong newsp)
     if (newsp) {
         env->gpr[1] = newsp;
     }
-    env->gpr[2] = 0;
+    env->gpr[11] = 0;
 }
 
-/* TODO: need to implement cpu_set_tls() */
+static inline void cpu_set_tls(CPUOpenRISCState *env, target_ulong newtls)
+{
+    /* Linux kernel 3.10 does not pay any attention to CLONE_SETTLS
+     * in copy_thread(), so QEMU need not do so either.
+     */
+}
 
 #endif
-- 
1.8.1.2

[Qemu-devel] [PULL 07/21] linux-user: Enable NPTL for SPARC targets

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

Provide the missing cpu_set_tls(), and resolve the FIXME in
cpu_clone_regs() by clearing the carry flag for the child.
This allows us to turn on building with NPTL for SPARC.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure                     |  3 ---
 linux-user/sparc/target_cpu.h | 16 ++++++++++++----
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/configure b/configure
index bfad34e..ab3dc3c 100755
--- a/configure
+++ b/configure
@@ -4262,18 +4262,15 @@ case "$target_name" in
     bflt="yes"
   ;;
   sparc)
-    target_nptl="no"
   ;;
   sparc64)
     TARGET_BASE_ARCH=sparc
-    target_nptl="no"
   ;;
   sparc32plus)
     TARGET_ARCH=sparc64
     TARGET_BASE_ARCH=sparc
     TARGET_ABI_DIR=sparc
     echo "TARGET_ABI32=y" >> $config_target_mak
-    target_nptl="no"
   ;;
   s390x)
   ;;
diff --git a/linux-user/sparc/target_cpu.h b/linux-user/sparc/target_cpu.h
index 5a620a2..4944d46 100644
--- a/linux-user/sparc/target_cpu.h
+++ b/linux-user/sparc/target_cpu.h
@@ -25,12 +25,20 @@ static inline void cpu_clone_regs(CPUSPARCState *env, target_ulong newsp)
     if (newsp) {
         env->regwptr[22] = newsp;
     }
+    /* syscall return for clone child: 0, and clear CF since
+     * this counts as a success return value.
+     */
     env->regwptr[0] = 0;
-    /* FIXME: Do we also need to clear CF?  */
-    /* XXXXX */
-    printf("HELPME: %s:%d\n", __FILE__, __LINE__);
+#if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
+    env->xcc &= ~PSR_CARRY;
+#else
+    env->psr &= ~PSR_CARRY;
+#endif
 }
 
-/* TODO: need to implement cpu_set_tls() */
+static inline void cpu_set_tls(CPUSPARCState *env, target_ulong newtls)
+{
+    env->gregs[7] = newtls;
+}
 
 #endif
-- 
1.8.1.2

[Qemu-devel] [PULL 08/21] linux-user: Enable NPTL for m68k

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

For m68k, per-thread data is a purely kernel construct with no
CPU level support. Implement it via a field in the TaskState structure,
used by cpu_set_tls() and the set_thread_area/get_thread_area
syscalls. This allows us to enable compilation with NPTL.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by:  Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure                    |  1 -
 linux-user/m68k/target_cpu.h |  6 +++++-
 linux-user/qemu.h            |  1 +
 linux-user/syscall.c         | 12 ++++++++++++
 4 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index ab3dc3c..f065edc 100755
--- a/configure
+++ b/configure
@@ -4210,7 +4210,6 @@ case "$target_name" in
   m68k)
     bflt="yes"
     gdb_xml_files="cf-core.xml cf-fp.xml"
-    target_nptl="no"
   ;;
   microblaze|microblazeel)
     TARGET_ARCH=microblaze
diff --git a/linux-user/m68k/target_cpu.h b/linux-user/m68k/target_cpu.h
index 8a2a305..cad9c90 100644
--- a/linux-user/m68k/target_cpu.h
+++ b/linux-user/m68k/target_cpu.h
@@ -29,6 +29,10 @@ static inline void cpu_clone_regs(CPUM68KState *env, target_ulong newsp)
     env->dregs[0] = 0;
 }
 
-/* TODO: need to implement cpu_set_tls() */
+static inline void cpu_set_tls(CPUM68KState *env, target_ulong newtls)
+{
+    TaskState *ts = env->opaque;
+    ts->tp_value = newtls;
+}
 
 #endif
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 8c420da..1ff0fa8 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -121,6 +121,7 @@ typedef struct TaskState {
 #endif
 #ifdef TARGET_M68K
     int sim_syscalls;
+    abi_ulong tp_value;
 #endif
 #if defined(TARGET_ARM) || defined(TARGET_M68K) || defined(TARGET_UNICORE32)
     /* Extra fields for semihosted binaries.  */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 00a0390..9619656 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8558,6 +8558,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 #elif defined(TARGET_I386) && defined(TARGET_ABI32)
       ret = do_set_thread_area(cpu_env, arg1);
       break;
+#elif defined(TARGET_M68K)
+      {
+          TaskState *ts = ((CPUArchState *)cpu_env)->opaque;
+          ts->tp_value = arg1;
+          break;
+      }
 #else
       goto unimplemented_nowarn;
 #endif
@@ -8566,6 +8572,12 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
     case TARGET_NR_get_thread_area:
 #if defined(TARGET_I386) && defined(TARGET_ABI32)
         ret = do_get_thread_area(cpu_env, arg1);
+#elif defined(TARGET_M68K)
+        {
+            TaskState *ts = ((CPUArchState *)cpu_env)->opaque;
+            ret = ts->tp_value;
+            break;
+        }
 #else
         goto unimplemented_nowarn;
 #endif
-- 
1.8.1.2

[Qemu-devel] [PULL 09/21] linux-user: Add missing 'break' in i386 get_thread_area syscall

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

The i386 code for the get_thread_area syscall was missing a
'break' which meant it would have fallen through into the
implementation of the following syscall; add it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/syscall.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 9619656..642d0a3 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -8572,6 +8572,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
     case TARGET_NR_get_thread_area:
 #if defined(TARGET_I386) && defined(TARGET_ABI32)
         ret = do_get_thread_area(cpu_env, arg1);
+        break;
 #elif defined(TARGET_M68K)
         {
             TaskState *ts = ((CPUArchState *)cpu_env)->opaque;
-- 
1.8.1.2

[Qemu-devel] [PULL 10/21] linux-user: Clean up handling of clone() argument order

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

Linux manages to have three separate orderings of the arguments to
the clone() syscall on different architectures. In the kernel these
are selected via CONFIG_CLONE_BACKWARDS and CONFIG_CLONE_BACKWARDS2.
Clean up our implementation of this to use similar #define names
rather than a TARGET_* ifdef ladder.

This includes behaviour changes fixing bugs on cris, x86-64, m68k,
openrisc and unicore32.  cris had explicit but wrong handling; the
others were just incorrectly using QEMU's default, which happened
to be the equivalent of CONFIG_CLONE_BACKWARDS. (unicore32 appears
to be broken in the mainline kernel in that it tries to use arg3 for
both parent_tidptr and newtls simultaneously -- we don't attempt
to emulate this bug...)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/arm/syscall.h        |  2 ++
 linux-user/cris/syscall.h       |  2 ++
 linux-user/i386/syscall.h       |  2 ++
 linux-user/microblaze/syscall.h |  2 ++
 linux-user/mips/syscall.h       |  2 ++
 linux-user/mips64/syscall.h     |  2 ++
 linux-user/ppc/syscall.h        |  2 ++
 linux-user/s390x/syscall.h      |  2 ++
 linux-user/sparc/syscall.h      |  7 +++++++
 linux-user/sparc64/syscall.h    |  7 +++++++
 linux-user/syscall.c            | 18 +++++++++++-------
 11 files changed, 41 insertions(+), 7 deletions(-)

diff --git a/linux-user/arm/syscall.h b/linux-user/arm/syscall.h
index 003d424..73f2931 100644
--- a/linux-user/arm/syscall.h
+++ b/linux-user/arm/syscall.h
@@ -40,3 +40,5 @@ struct target_pt_regs {
 #else
 #define UNAME_MACHINE "armv5tel"
 #endif
+
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/cris/syscall.h b/linux-user/cris/syscall.h
index 50e50b4..832ee64 100644
--- a/linux-user/cris/syscall.h
+++ b/linux-user/cris/syscall.h
@@ -38,4 +38,6 @@ struct target_pt_regs {
         unsigned long eda;
 };
 
+#define TARGET_CLONE_BACKWARDS2
+
 #endif
diff --git a/linux-user/i386/syscall.h b/linux-user/i386/syscall.h
index 266e2c4..12b8c3b 100644
--- a/linux-user/i386/syscall.h
+++ b/linux-user/i386/syscall.h
@@ -144,3 +144,5 @@ struct target_vm86plus_struct {
 };
 
 #define UNAME_MACHINE "i686"
+
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/microblaze/syscall.h b/linux-user/microblaze/syscall.h
index c3e5c55..d550989 100644
--- a/linux-user/microblaze/syscall.h
+++ b/linux-user/microblaze/syscall.h
@@ -48,4 +48,6 @@ struct target_pt_regs {
         uint32_t kernel_mode;
 };
 
+#define TARGET_CLONE_BACKWARDS
+
 #endif
diff --git a/linux-user/mips/syscall.h b/linux-user/mips/syscall.h
index 3deb862..9d437d9 100644
--- a/linux-user/mips/syscall.h
+++ b/linux-user/mips/syscall.h
@@ -225,3 +225,5 @@ struct target_pt_regs {
 #define TARGET_QEMU_ESIGRETURN 255
 
 #define UNAME_MACHINE "mips"
+
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/mips64/syscall.h b/linux-user/mips64/syscall.h
index cd707df..1710f76 100644
--- a/linux-user/mips64/syscall.h
+++ b/linux-user/mips64/syscall.h
@@ -222,3 +222,5 @@ struct target_pt_regs {
 #define TARGET_QEMU_ESIGRETURN 255
 
 #define UNAME_MACHINE "mips64"
+
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/ppc/syscall.h b/linux-user/ppc/syscall.h
index 481047b..ba36acb 100644
--- a/linux-user/ppc/syscall.h
+++ b/linux-user/ppc/syscall.h
@@ -62,3 +62,5 @@ struct target_revectored_struct {
 #else
 #define UNAME_MACHINE "ppc"
 #endif
+
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/s390x/syscall.h b/linux-user/s390x/syscall.h
index e4603b7..ea8c304 100644
--- a/linux-user/s390x/syscall.h
+++ b/linux-user/s390x/syscall.h
@@ -21,3 +21,5 @@ struct target_pt_regs {
 };
 
 #define UNAME_MACHINE "s390x"
+
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/sparc/syscall.h b/linux-user/sparc/syscall.h
index 5a9bb7e..4cd64bf 100644
--- a/linux-user/sparc/syscall.h
+++ b/linux-user/sparc/syscall.h
@@ -7,3 +7,10 @@ struct target_pt_regs {
 };
 
 #define UNAME_MACHINE "sun4"
+
+/* SPARC kernels don't define this in their Kconfig, but they have the
+ * same ABI as if they did, implemented by sparc-specific code which fishes
+ * directly in the u_regs() struct for half the parameters in sparc_do_fork()
+ * and copy_thread().
+ */
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/sparc64/syscall.h b/linux-user/sparc64/syscall.h
index 81a816d..e60bf31 100644
--- a/linux-user/sparc64/syscall.h
+++ b/linux-user/sparc64/syscall.h
@@ -8,3 +8,10 @@ struct target_pt_regs {
 };
 
 #define UNAME_MACHINE "sun4u"
+
+/* SPARC kernels don't define this in their Kconfig, but they have the
+ * same ABI as if they did, implemented by sparc-specific code which fishes
+ * directly in the u_regs() struct for half the parameters in sparc_do_fork()
+ * and copy_thread().
+ */
+#define TARGET_CLONE_BACKWARDS
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 642d0a3..b167d7f 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -6956,16 +6956,20 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
         ret = get_errno(fsync(arg1));
         break;
     case TARGET_NR_clone:
-#if defined(TARGET_SH4) || defined(TARGET_ALPHA)
-        ret = get_errno(do_fork(cpu_env, arg1, arg2, arg3, arg5, arg4));
-#elif defined(TARGET_CRIS)
-        ret = get_errno(do_fork(cpu_env, arg2, arg1, arg3, arg4, arg5));
-#elif defined(TARGET_MICROBLAZE)
+        /* Linux manages to have three different orderings for its
+         * arguments to clone(); the BACKWARDS and BACKWARDS2 defines
+         * match the kernel's CONFIG_CLONE_* settings.
+         * Microblaze is further special in that it uses a sixth
+         * implicit argument to clone for the TLS pointer.
+         */
+#if defined(TARGET_MICROBLAZE)
         ret = get_errno(do_fork(cpu_env, arg1, arg2, arg4, arg6, arg5));
-#elif defined(TARGET_S390X)
+#elif defined(TARGET_CLONE_BACKWARDS)
+        ret = get_errno(do_fork(cpu_env, arg1, arg2, arg3, arg4, arg5));
+#elif defined(TARGET_CLONE_BACKWARDS2)
         ret = get_errno(do_fork(cpu_env, arg2, arg1, arg3, arg5, arg4));
 #else
-        ret = get_errno(do_fork(cpu_env, arg1, arg2, arg3, arg4, arg5));
+        ret = get_errno(do_fork(cpu_env, arg1, arg2, arg3, arg5, arg4));
 #endif
         break;
 #ifdef __NR_exit_group
-- 
1.8.1.2

[Qemu-devel] [PULL 11/21] linux-user: Add i386 TLS setter

[riku.voipio]

From: Alexander Graf <agraf@suse.de>

We can easily set the TLS on i386. Add code to do so.

Signed-off-by: Alexander Graf <agraf@suse.de>
[PMM: also remove "target_nptl=no" line from configure, for
 consistency with other patches in this series]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure                    |  1 -
 linux-user/i386/target_cpu.h | 12 ++++++++++--
 linux-user/syscall.c         |  2 +-
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/configure b/configure
index f065edc..547297b 100755
--- a/configure
+++ b/configure
@@ -4190,7 +4190,6 @@ TARGET_ABI_DIR=""
 
 case "$target_name" in
   i386)
-    target_nptl="no"
   ;;
   x86_64)
     TARGET_BASE_ARCH=i386
diff --git a/linux-user/i386/target_cpu.h b/linux-user/i386/target_cpu.h
index abcac79..1170d84 100644
--- a/linux-user/i386/target_cpu.h
+++ b/linux-user/i386/target_cpu.h
@@ -28,6 +28,14 @@ static inline void cpu_clone_regs(CPUX86State *env, target_ulong newsp)
     env->regs[R_EAX] = 0;
 }
 
-/* TODO: need to implement cpu_set_tls() */
+#if defined(TARGET_ABI32)
+abi_long do_set_thread_area(CPUX86State *env, abi_ulong ptr);
 
-#endif
+static inline void cpu_set_tls(CPUX86State *env, target_ulong newtls)
+{
+    do_set_thread_area(env, newtls);
+    cpu_x86_load_seg(env, R_GS, env->segs[R_GS].selector);
+}
+#endif /* defined(TARGET_ABI32) */
+
+#endif /* !defined(TARGET_CPU_H) */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index b167d7f..452b89d 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4055,7 +4055,7 @@ static abi_long do_modify_ldt(CPUX86State *env, int func, abi_ulong ptr,
 }
 
 #if defined(TARGET_I386) && defined(TARGET_ABI32)
-static abi_long do_set_thread_area(CPUX86State *env, abi_ulong ptr)
+abi_long do_set_thread_area(CPUX86State *env, abi_ulong ptr)
 {
     uint64_t *gdt_table = g2h(env->gdt.base);
     struct target_modify_ldt_ldt_s ldt_info;
-- 
1.8.1.2

[Qemu-devel] [PULL 12/21] linux-user: Enable NPTL for x86-64

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

Add x86-64 implementation of cpu_set_tls() (like the kernel, we
just have to call do_arch_prctl() to set FS); this allows us to
enable NPTL.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure                    | 1 -
 linux-user/i386/target_cpu.h | 7 +++++++
 linux-user/syscall.c         | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 547297b..999b2ce 100755
--- a/configure
+++ b/configure
@@ -4193,7 +4193,6 @@ case "$target_name" in
   ;;
   x86_64)
     TARGET_BASE_ARCH=i386
-    target_nptl="no"
   ;;
   alpha)
   ;;
diff --git a/linux-user/i386/target_cpu.h b/linux-user/i386/target_cpu.h
index 1170d84..58f8645 100644
--- a/linux-user/i386/target_cpu.h
+++ b/linux-user/i386/target_cpu.h
@@ -36,6 +36,13 @@ static inline void cpu_set_tls(CPUX86State *env, target_ulong newtls)
     do_set_thread_area(env, newtls);
     cpu_x86_load_seg(env, R_GS, env->segs[R_GS].selector);
 }
+#else
+abi_long do_arch_prctl(CPUX86State *env, int code, abi_ulong addr);
+
+static inline void cpu_set_tls(CPUX86State *env, target_ulong newtls)
+{
+    do_arch_prctl(env, TARGET_ARCH_SET_FS, newtls);
+}
 #endif /* defined(TARGET_ABI32) */
 
 #endif /* !defined(TARGET_CPU_H) */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 452b89d..d3b3590 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4189,7 +4189,7 @@ static abi_long do_get_thread_area(CPUX86State *env, abi_ulong ptr)
 #endif /* TARGET_I386 && TARGET_ABI32 */
 
 #ifndef TARGET_ABI32
-static abi_long do_arch_prctl(CPUX86State *env, int code, abi_ulong addr)
+abi_long do_arch_prctl(CPUX86State *env, int code, abi_ulong addr)
 {
     abi_long ret = 0;
     abi_ulong val;
-- 
1.8.1.2

[Qemu-devel] [PULL 13/21] configure: Make NPTL non-optional

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

Now all linux-user targets support building with NPTL, we can make it
mandatory. This is a good idea because:
 * NPTL is no longer new and experimental; it is completely standard
 * in practice, linux-user without NPTL is nearly useless for
   binaries built against non-ancient glibc
 * it allows us to delete the rather untested code for handling
   the non-NPTL configuration

Note that this patch leaves the CONFIG_USE_NPTL ifdefs in the
bsd-user codebase alone. This makes no change for bsd-user, since
our configure test for NPTL had a "#include <linux/futex.h>"
which means bsd-user would never have been compiled with
CONFIG_USE_NPTL defined, and it still is not.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 configure              | 25 +++----------------------
 include/exec/gdbstub.h |  2 +-
 linux-user/main.c      | 43 -------------------------------------------
 linux-user/mmap.c      | 11 -----------
 linux-user/qemu.h      | 10 ----------
 linux-user/syscall.c   | 47 +----------------------------------------------
 6 files changed, 5 insertions(+), 133 deletions(-)

diff --git a/configure b/configure
index 999b2ce..9d9088e 100755
--- a/configure
+++ b/configure
@@ -155,7 +155,6 @@ curl=""
 curses=""
 docs=""
 fdt=""
-nptl=""
 pixman=""
 sdl=""
 virtfs=""
@@ -855,10 +854,6 @@ for opt do
   ;;
   --enable-fdt) fdt="yes"
   ;;
-  --disable-nptl) nptl="no"
-  ;;
-  --enable-nptl) nptl="yes"
-  ;;
   --enable-mixemu) mixemu="yes"
   ;;
   --disable-linux-aio) linux_aio="no"
@@ -1096,8 +1091,6 @@ echo "  --disable-slirp          disable SLIRP userspace network connectivity"
 echo "  --disable-kvm            disable KVM acceleration support"
 echo "  --enable-kvm             enable KVM acceleration support"
 echo "  --enable-tcg-interpreter enable TCG with bytecode interpreter (TCI)"
-echo "  --disable-nptl           disable usermode NPTL support"
-echo "  --enable-nptl            enable usermode NPTL support"
 echo "  --enable-system          enable all system emulation targets"
 echo "  --disable-system         disable all system emulation targets"
 echo "  --enable-user            enable supported user emulation targets"
@@ -1432,7 +1425,7 @@ fi
 ##########################################
 # NPTL probe
 
-if test "$nptl" != "no" ; then
+if test "$linux_user" = "yes"; then
   cat > $TMPC <<EOF
 #include <sched.h>
 #include <linux/futex.h>
@@ -1443,14 +1436,8 @@ int main(void) {
   return 0;
 }
 EOF
-
-  if compile_object ; then
-    nptl=yes
-  else
-    if test "$nptl" = "yes" ; then
-      feature_not_found "nptl"
-    fi
-    nptl=no
+  if ! compile_object ; then
+    feature_not_found "nptl"
   fi
 fi
 
@@ -3550,7 +3537,6 @@ echo "bluez  support    $bluez"
 echo "Documentation     $docs"
 [ ! -z "$uname_release" ] && \
 echo "uname -r          $uname_release"
-echo "NPTL support      $nptl"
 echo "GUEST_BASE        $guest_base"
 echo "PIE               $pie"
 echo "vde support       $vde"
@@ -4180,7 +4166,6 @@ mkdir -p $target_dir
 echo "# Automatically generated by configure - do not modify" > $config_target_mak
 
 bflt="no"
-target_nptl="yes"
 interp_prefix1=`echo "$interp_prefix" | sed "s/%M/$target_name/g"`
 gdb_xml_files=""
 
@@ -4351,10 +4336,6 @@ fi
 if test "$target_user_only" = "yes" -a "$bflt" = "yes"; then
   echo "TARGET_HAS_BFLT=y" >> $config_target_mak
 fi
-if test "$target_user_only" = "yes" \
-        -a "$nptl" = "yes" -a "$target_nptl" = "yes"; then
-  echo "CONFIG_USE_NPTL=y" >> $config_target_mak
-fi
 if test "$target_user_only" = "yes" -a "$guest_base" = "yes"; then
   echo "CONFIG_USE_GUEST_BASE=y" >> $config_target_mak
 fi
diff --git a/include/exec/gdbstub.h b/include/exec/gdbstub.h
index ded4160..8065f40 100644
--- a/include/exec/gdbstub.h
+++ b/include/exec/gdbstub.h
@@ -32,7 +32,7 @@ void gdb_register_coprocessor(CPUArchState *env,
 
 static inline int cpu_index(CPUState *cpu)
 {
-#if defined(CONFIG_USER_ONLY) && defined(CONFIG_USE_NPTL)
+#if defined(CONFIG_USER_ONLY)
     return cpu->host_tid;
 #else
     return cpu->cpu_index + 1;
diff --git a/linux-user/main.c b/linux-user/main.c
index 99c3b3f..5537967 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -92,7 +92,6 @@ int cpu_get_pic_interrupt(CPUX86State *env)
 }
 #endif
 
-#if defined(CONFIG_USE_NPTL)
 /***********************************************************/
 /* Helper routines for implementing atomic operations.  */
 
@@ -207,43 +206,6 @@ void cpu_list_unlock(void)
 {
     pthread_mutex_unlock(&cpu_list_mutex);
 }
-#else /* if !CONFIG_USE_NPTL */
-/* These are no-ops because we are not threadsafe.  */
-static inline void cpu_exec_start(CPUState *cpu)
-{
-}
-
-static inline void cpu_exec_end(CPUState *cpu)
-{
-}
-
-static inline void start_exclusive(void)
-{
-}
-
-static inline void end_exclusive(void)
-{
-}
-
-void fork_start(void)
-{
-}
-
-void fork_end(int child)
-{
-    if (child) {
-        gdbserver_fork((CPUArchState *)thread_cpu->env_ptr);
-    }
-}
-
-void cpu_list_lock(void)
-{
-}
-
-void cpu_list_unlock(void)
-{
-}
-#endif
 
 
 #ifdef TARGET_I386
@@ -3156,12 +3118,7 @@ THREAD CPUState *thread_cpu;
 void task_settid(TaskState *ts)
 {
     if (ts->ts_tid == 0) {
-#ifdef CONFIG_USE_NPTL
         ts->ts_tid = (pid_t)syscall(SYS_gettid);
-#else
-        /* when no threads are used, tid becomes pid */
-        ts->ts_tid = getpid();
-#endif
     }
 }
 
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index de22197..a249f0c 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -33,7 +33,6 @@
 
 //#define DEBUG_MMAP
 
-#if defined(CONFIG_USE_NPTL)
 static pthread_mutex_t mmap_mutex = PTHREAD_MUTEX_INITIALIZER;
 static __thread int mmap_lock_count;
 
@@ -66,16 +65,6 @@ void mmap_fork_end(int child)
     else
         pthread_mutex_unlock(&mmap_mutex);
 }
-#else
-/* We aren't threadsafe to start with, so no need to worry about locking.  */
-void mmap_lock(void)
-{
-}
-
-void mmap_unlock(void)
-{
-}
-#endif
 
 /* NOTE: all the constants are the HOST ones, but addresses are target. */
 int target_mprotect(abi_ulong start, abi_ulong len, int prot)
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 1ff0fa8..4a16e8f 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -19,11 +19,7 @@
 #include "exec/gdbstub.h"
 #include "qemu/queue.h"
 
-#if defined(CONFIG_USE_NPTL)
 #define THREAD __thread
-#else
-#define THREAD
-#endif
 
 /* This struct is used to hold certain information about the image.
  * Basically, it replicates in user space what would be certain
@@ -116,9 +112,7 @@ typedef struct TaskState {
     uint32_t v86flags;
     uint32_t v86mask;
 #endif
-#ifdef CONFIG_USE_NPTL
     abi_ulong child_tidptr;
-#endif
 #ifdef TARGET_M68K
     int sim_syscalls;
     abi_ulong tp_value;
@@ -268,10 +262,8 @@ void mmap_unlock(void);
 abi_ulong mmap_find_vma(abi_ulong, abi_ulong);
 void cpu_list_lock(void);
 void cpu_list_unlock(void);
-#if defined(CONFIG_USE_NPTL)
 void mmap_fork_start(void);
 void mmap_fork_end(int child);
-#endif
 
 /* main.c */
 extern unsigned long guest_stack_size;
@@ -449,9 +441,7 @@ static inline void *lock_user_string(abi_ulong guest_addr)
 #define unlock_user_struct(host_ptr, guest_addr, copy)		\
     unlock_user(host_ptr, guest_addr, (copy) ? sizeof(*host_ptr) : 0)
 
-#if defined(CONFIG_USE_NPTL)
 #include <pthread.h>
-#endif
 
 /* Include target-specific struct and function definitions;
  * they may need access to the target-independent structures
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index d3b3590..5bd57d0 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -111,13 +111,8 @@ int __clone2(int (*fn)(void *), void *child_stack_base,
 
 #include "qemu.h"
 
-#if defined(CONFIG_USE_NPTL)
 #define CLONE_NPTL_FLAGS2 (CLONE_SETTLS | \
     CLONE_PARENT_SETTID | CLONE_CHILD_SETTID | CLONE_CHILD_CLEARTID)
-#else
-/* XXX: Hardcode the above values.  */
-#define CLONE_NPTL_FLAGS2 0
-#endif
 
 //#define DEBUG
 
@@ -234,12 +229,10 @@ _syscall1(int,exit_group,int,error_code)
 #if defined(TARGET_NR_set_tid_address) && defined(__NR_set_tid_address)
 _syscall1(int,set_tid_address,int *,tidptr)
 #endif
-#if defined(CONFIG_USE_NPTL)
 #if defined(TARGET_NR_futex) && defined(__NR_futex)
 _syscall6(int,sys_futex,int *,uaddr,int,op,int,val,
           const struct timespec *,timeout,int *,uaddr2,int,val3)
 #endif
-#endif
 #define __NR_sys_sched_getaffinity __NR_sched_getaffinity
 _syscall3(int, sys_sched_getaffinity, pid_t, pid, unsigned int, len,
           unsigned long *, user_mask_ptr);
@@ -4227,7 +4220,6 @@ abi_long do_arch_prctl(CPUX86State *env, int code, abi_ulong addr)
 
 #define NEW_STACK_SIZE 0x40000
 
-#if defined(CONFIG_USE_NPTL)
 
 static pthread_mutex_t clone_lock = PTHREAD_MUTEX_INITIALIZER;
 typedef struct {
@@ -4272,16 +4264,6 @@ static void *clone_func(void *arg)
     /* never exits */
     return NULL;
 }
-#else
-
-static int clone_func(void *arg)
-{
-    CPUArchState *env = arg;
-    cpu_loop(env);
-    /* never exits */
-    return 0;
-}
-#endif
 
 /* do_fork() Must return host values and target errnos (unlike most
    do_*() functions). */
@@ -4292,12 +4274,8 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
     int ret;
     TaskState *ts;
     CPUArchState *new_env;
-#if defined(CONFIG_USE_NPTL)
     unsigned int nptl_flags;
     sigset_t sigmask;
-#else
-    uint8_t *new_stack;
-#endif
 
     /* Emulate vfork() with fork() */
     if (flags & CLONE_VFORK)
@@ -4305,10 +4283,9 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
 
     if (flags & CLONE_VM) {
         TaskState *parent_ts = (TaskState *)env->opaque;
-#if defined(CONFIG_USE_NPTL)
         new_thread_info info;
         pthread_attr_t attr;
-#endif
+
         ts = g_malloc0(sizeof(TaskState));
         init_task_state(ts);
         /* we create a new CPU instance. */
@@ -4321,7 +4298,6 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
         new_env->opaque = ts;
         ts->bprm = parent_ts->bprm;
         ts->info = parent_ts->info;
-#if defined(CONFIG_USE_NPTL)
         nptl_flags = flags;
         flags &= ~CLONE_NPTL_FLAGS2;
 
@@ -4371,17 +4347,6 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
         pthread_cond_destroy(&info.cond);
         pthread_mutex_destroy(&info.mutex);
         pthread_mutex_unlock(&clone_lock);
-#else
-        if (flags & CLONE_NPTL_FLAGS2)
-            return -EINVAL;
-        /* This is probably going to die very quickly, but do it anyway.  */
-        new_stack = g_malloc0 (NEW_STACK_SIZE);
-#ifdef __ia64__
-        ret = __clone2(clone_func, new_stack, NEW_STACK_SIZE, flags, new_env);
-#else
-	ret = clone(clone_func, new_stack + NEW_STACK_SIZE, flags, new_env);
-#endif
-#endif
     } else {
         /* if no CLONE_VM, we consider it is a fork */
         if ((flags & ~(CSIGNAL | CLONE_NPTL_FLAGS2)) != 0)
@@ -4392,7 +4357,6 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
             /* Child Process.  */
             cpu_clone_regs(env, newsp);
             fork_end(1);
-#if defined(CONFIG_USE_NPTL)
             /* There is a race condition here.  The parent process could
                theoretically read the TID in the child process before the child
                tid is set.  This would require using either ptrace
@@ -4408,7 +4372,6 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
                 cpu_set_tls (env, newtls);
             if (flags & CLONE_CHILD_CLEARTID)
                 ts->child_tidptr = child_tidptr;
-#endif
         } else {
             fork_end(0);
         }
@@ -4834,7 +4797,6 @@ static inline abi_long host_to_target_stat64(void *cpu_env,
 }
 #endif
 
-#if defined(CONFIG_USE_NPTL)
 /* ??? Using host futex calls even when target atomic operations
    are not really atomic probably breaks things.  However implementing
    futexes locally would make futexes shared between multiple processes
@@ -4886,7 +4848,6 @@ static int do_futex(target_ulong uaddr, int op, int val, target_ulong timeout,
         return -TARGET_ENOSYS;
     }
 }
-#endif
 
 /* Map host to target signal numbers for the wait family of syscalls.
    Assume all other status bits are the same.  */
@@ -5132,9 +5093,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
                     abi_long arg5, abi_long arg6, abi_long arg7,
                     abi_long arg8)
 {
-#ifdef CONFIG_USE_NPTL
     CPUState *cpu = ENV_GET_CPU(cpu_env);
-#endif
     abi_long ret;
     struct stat st;
     struct statfs stfs;
@@ -5148,7 +5107,6 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
 
     switch(num) {
     case TARGET_NR_exit:
-#ifdef CONFIG_USE_NPTL
         /* In old applications this may be used to implement _exit(2).
            However in threaded applictions it is used for thread termination,
            and _exit_group is used for application termination.
@@ -5186,7 +5144,6 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
             g_free(ts);
             pthread_exit(NULL);
         }
-#endif
 #ifdef TARGET_GPROF
         _mcleanup();
 #endif
@@ -8687,11 +8644,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
         }
 	break;
 #endif
-#if defined(CONFIG_USE_NPTL)
     case TARGET_NR_futex:
         ret = do_futex(arg1, arg2, arg3, arg4, arg5, arg6);
         break;
-#endif
 #if defined(TARGET_NR_inotify_init) && defined(__NR_inotify_init)
     case TARGET_NR_inotify_init:
         ret = get_errno(sys_inotify_init());
-- 
1.8.1.2

[Qemu-devel] [PULL 14/21] linux-user: Avoid conditional cpu_reset()

[riku.voipio]

From: Andreas Färber <afaerber@suse.de>

Some CPUs reset as part of cpu_init(), some others were reset
afterwards, some not at all. While some targets didn't implement a
cpu_[state_]reset() function, QOM cpu_reset() is always available.
There's nothing wrong with resetting twice on startup, so drop
the #ifdef.

Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/main.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 5537967..547884c 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -3594,9 +3594,7 @@ int main(int argc, char **argv, char **envp)
         fprintf(stderr, "Unable to find CPU definition\n");
         exit(1);
     }
-#if defined(TARGET_SPARC) || defined(TARGET_PPC)
     cpu_reset(ENV_GET_CPU(env));
-#endif
 
     thread_cpu = ENV_GET_CPU(env);
 
-- 
1.8.1.2

[Qemu-devel] [PULL 15/21] linux-user: Fix target_stat and target_stat64 for OpenRISC

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

OpenRISC uses the asm-generic versions of target_stat and
target_stat64, but it was incorrectly using the x86/ARM/etc version
due to a misplaced defined(TARGET_OPENRISC).  The previously unused
OpenRISC section of the ifdef ladder also defined an incorrect
target_stat and omitted the target_stat64 definition.  Fix
target_stat, provide target_stat64, and add a comment noting that
these are the asm-generic versions for the benefit of future ports.

Reviewed-by: Jia Liu <proljc@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/syscall_defs.h | 49 +++++++++++++++++++++++++++++++++++------------
 1 file changed, 37 insertions(+), 12 deletions(-)

diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index 92c01a9..cb6341f 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -1138,8 +1138,7 @@ struct target_winsize {
 #endif
 
 #if (defined(TARGET_I386) && defined(TARGET_ABI32)) || defined(TARGET_ARM) \
-    || defined(TARGET_CRIS) || defined(TARGET_UNICORE32) \
-    || defined(TARGET_OPENRISC)
+    || defined(TARGET_CRIS) || defined(TARGET_UNICORE32)
 struct target_stat {
 	unsigned short st_dev;
 	unsigned short __pad1;
@@ -1837,29 +1836,55 @@ struct target_stat {
     abi_ulong  __unused[3];
 };
 #elif defined(TARGET_OPENRISC)
+
+/* These are the asm-generic versions of the stat and stat64 structures */
+
 struct target_stat {
     abi_ulong st_dev;
     abi_ulong st_ino;
-    abi_ulong st_nlink;
-
     unsigned int st_mode;
+    unsigned int st_nlink;
     unsigned int st_uid;
     unsigned int st_gid;
-    unsigned int __pad0;
     abi_ulong st_rdev;
+    abi_ulong __pad1;
     abi_long st_size;
-    abi_long st_blksize;
-    abi_long st_blocks;    /* Number 512-byte blocks allocated. */
-
-    abi_ulong target_st_atime;
+    int st_blksize;
+    int __pad2;
+    abi_long st_blocks;
+    abi_long target_st_atime;
     abi_ulong target_st_atime_nsec;
-    abi_ulong target_st_mtime;
+    abi_long target_st_mtime;
     abi_ulong target_st_mtime_nsec;
-    abi_ulong target_st_ctime;
+    abi_long target_st_ctime;
     abi_ulong target_st_ctime_nsec;
+    unsigned int __unused4;
+    unsigned int __unused5;
+};
 
-    abi_long __unused[3];
+struct target_stat64 {
+    uint64_t st_dev;
+    uint64_t st_ino;
+    unsigned int st_mode;
+    unsigned int st_nlink;
+    unsigned int st_uid;
+    unsigned int st_gid;
+    uint64_t st_rdev;
+    uint64_t __pad1;
+    int64_t st_size;
+    int st_blksize;
+    int __pad2;
+    int64_t st_blocks;
+    int target_st_atime;
+    unsigned int target_st_atime_nsec;
+    int target_st_mtime;
+    unsigned int target_st_mtime_nsec;
+    int target_st_ctime;
+    unsigned int target_st_ctime_nsec;
+    unsigned int __unused4;
+    unsigned int __unused5;
 };
+
 #else
 #error unsupported CPU
 #endif
-- 
1.8.1.2

[Qemu-devel] [PULL 16/21] linux-user: Fix pipe syscall return for SPARC

[riku.voipio]

From: Peter Maydell <peter.maydell@linaro.org>

SPARC is one of the CPUs which has a funny syscall ABI for the
pipe syscall; add it to the set of special cases in do_pipe().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/syscall.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 5bd57d0..a797afc 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1032,6 +1032,9 @@ static abi_long do_pipe(void *cpu_env, abi_ulong pipedes,
 #elif defined(TARGET_SH4)
         ((CPUSH4State*)cpu_env)->gregs[1] = host_pipe[1];
         return host_pipe[0];
+#elif defined(TARGET_SPARC)
+        ((CPUSPARCState*)cpu_env)->regwptr[1] = host_pipe[1];
+        return host_pipe[0];
 #endif
     }
 
-- 
1.8.1.2

[Qemu-devel] [PULL 17/21] linux-user: fix segmentation fault passing with h2g(x) != x

[riku.voipio]

From: Alexander Graf <agraf@suse.de>

When forwarding a segmentation fault into the guest process, we were passing
the host's address directly into the guest process's signal descriptor.

That obviously confused the guest process, since it didn't know what to make
of the (usually 32-bit truncated) address. Passing in h2g(address) makes the
guest process a lot happier.

To make the code more obvious, introduce a h2g_nocheck() macro that does the
same as h2g(), but allows us to convert addresses that may be outside of guest
mapped range into the guest's view of address space.

This fixes java running in arm-linux-user for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 include/exec/cpu-all.h | 8 ++++++--
 user-exec.c            | 4 ++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index 5084202..f1cde97 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -209,11 +209,15 @@ extern unsigned long reserved_va;
 })
 #endif
 
-#define h2g(x) ({ \
+#define h2g_nocheck(x) ({ \
     unsigned long __ret = (unsigned long)(x) - GUEST_BASE; \
+    (abi_ulong)__ret; \
+})
+
+#define h2g(x) ({ \
     /* Check if given address fits target address space */ \
     assert(h2g_valid(x)); \
-    (abi_ulong)__ret; \
+    h2g_nocheck(x); \
 })
 
 #define saddr(x) g2h(x)
diff --git a/user-exec.c b/user-exec.c
index d45ca8e..82bfa66 100644
--- a/user-exec.c
+++ b/user-exec.c
@@ -95,6 +95,10 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
         return 1;
     }
 
+    /* Convert forcefully to guest address space, invalid addresses
+       are still valid segv ones */
+    address = h2g_nocheck(address);
+
     env = current_cpu->env_ptr;
     /* see if it is an MMU fault */
     ret = cpu_handle_mmu_fault(env, address, is_write, MMU_USER_IDX);
-- 
1.8.1.2

[Qemu-devel] [PULL 18/21] linux-user: Fix epoll on ARM hosts

[riku.voipio]

From: Alexander Graf <agraf@suse.de>

The epoll emulation uses data structures without packing them, so the
compiler might choose to add padding inside.

This patch makes the most offending one (target_epoll_event) a packed
structure to make sure we don't pad it by accident. ARM would pad it,
so declare the padding mandatory for ARM targets.

This fixes i386-on-ARM epoll emulation for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/syscall_defs.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/linux-user/syscall_defs.h b/linux-user/syscall_defs.h
index cb6341f..086fbff 100644
--- a/linux-user/syscall_defs.h
+++ b/linux-user/syscall_defs.h
@@ -2459,8 +2459,11 @@ typedef union target_epoll_data {
 
 struct target_epoll_event {
     uint32_t events;
+#ifdef TARGET_ARM
+    uint32_t __pad;
+#endif
     target_epoll_data_t data;
-};
+} QEMU_PACKED;
 #endif
 struct target_rlimit64 {
     uint64_t rlim_cur;
-- 
1.8.1.2

[Qemu-devel] [PULL 19/21] linux-user: Reset copied CPUs in cpu_copy() always

[riku.voipio]

From: Alexander Graf <agraf@suse.de>

When a new thread gets created, we need to reset non arch specific state to
get the new CPU into clean state.

However this reset should happen before the arch specific CPU contents get
copied over. Otherwise we end up having clean reset state in our newly created
thread.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 exec.c               | 4 ++++
 linux-user/syscall.c | 3 ---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/exec.c b/exec.c
index c8658c6..2426bf7 100644
--- a/exec.c
+++ b/exec.c
@@ -642,6 +642,10 @@ CPUArchState *cpu_copy(CPUArchState *env)
     CPUWatchpoint *wp;
 #endif
 
+    /* Reset non arch specific state */
+    cpu_reset(ENV_GET_CPU(new_env));
+
+    /* Copy arch specific state into the new CPU */
     memcpy(new_env, env, sizeof(CPUArchState));
 
     /* Clone all break/watchpoints.
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index a797afc..3f6db4b 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -4293,9 +4293,6 @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
         init_task_state(ts);
         /* we create a new CPU instance. */
         new_env = cpu_copy(env);
-#if defined(TARGET_I386) || defined(TARGET_SPARC) || defined(TARGET_PPC)
-        cpu_reset(ENV_GET_CPU(new_env));
-#endif
         /* Init regs that differ from the parent.  */
         cpu_clone_regs(new_env, newsp);
         new_env->opaque = ts;
-- 
1.8.1.2

[Qemu-devel] [PULL 20/21] linux-user: Unlock mmap_lock when resuming guest from page_unprotect

[riku.voipio]

From: Alexander Graf <agraf@suse.de>

The page_unprotect() function is running everything locked. Before every
potential exit path of the function mmap_unlock() gets called to make sure
we don't leak the lock.

However, the function calls tb_invalidate_phys_page() which again can
exit a signal through longjmp, leaving our mmap_unlock() attempts in vain.

Add a hint to tb_invalidate_phys_page() that we need to unlock before we
can leave back into guest context, so that we don't leak the lock.

This fixes 16-bit i386 wine programs running in linux-user for me.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 translate-all.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/translate-all.c b/translate-all.c
index e8683d2..3b5fc7c 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -1148,7 +1148,8 @@ void tb_invalidate_phys_page_fast(tb_page_addr_t start, int len)
 
 #if !defined(CONFIG_SOFTMMU)
 static void tb_invalidate_phys_page(tb_page_addr_t addr,
-                                    uintptr_t pc, void *puc)
+                                    uintptr_t pc, void *puc,
+                                    bool locked)
 {
     TranslationBlock *tb;
     PageDesc *p;
@@ -1206,6 +1207,9 @@ static void tb_invalidate_phys_page(tb_page_addr_t addr,
            itself */
         cpu->current_tb = NULL;
         tb_gen_code(env, current_pc, current_cs_base, current_flags, 1);
+        if (locked) {
+            mmap_unlock();
+        }
         cpu_resume_from_signal(env, puc);
     }
 #endif
@@ -1723,7 +1727,7 @@ void page_set_flags(target_ulong start, target_ulong end, int flags)
         if (!(p->flags & PAGE_WRITE) &&
             (flags & PAGE_WRITE) &&
             p->first_tb) {
-            tb_invalidate_phys_page(addr, 0, NULL);
+            tb_invalidate_phys_page(addr, 0, NULL, false);
         }
         p->flags = flags;
     }
@@ -1818,7 +1822,7 @@ int page_unprotect(target_ulong address, uintptr_t pc, void *puc)
 
             /* and since the content will be modified, we must invalidate
                the corresponding translated code. */
-            tb_invalidate_phys_page(addr, pc, puc);
+            tb_invalidate_phys_page(addr, pc, puc, true);
 #ifdef DEBUG_TB_CHECK
             tb_invalidate_check(addr);
 #endif
-- 
1.8.1.2

[Qemu-devel] [PULL 21/21] linux-user: Handle compressed ISA encodings when processing MIPS exceptions

[riku.voipio]

From: Kwok Cheung Yeung <kcy@codesourcery.com>

Decode trap instructions during the handling of an EXCP_BREAK or EXCP_TRAP
according to the current ISA mode.

Signed-off-by: Kwok Cheung Yeung <kcy@codesourcery.com>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
---
 linux-user/main.c | 46 +++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 43 insertions(+), 3 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index 547884c..441e31d 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -2310,7 +2310,31 @@ done_syscall:
                 abi_ulong trap_instr;
                 unsigned int code;
 
-                ret = get_user_ual(trap_instr, env->active_tc.PC);
+                if (env->hflags & MIPS_HFLAG_M16) {
+                    if (env->insn_flags & ASE_MICROMIPS) {
+                        /* microMIPS mode */
+                        abi_ulong instr[2];
+
+                        ret = get_user_u16(instr[0], env->active_tc.PC) ||
+                              get_user_u16(instr[1], env->active_tc.PC + 2);
+
+                        trap_instr = (instr[0] << 16) | instr[1];
+                    } else {
+                        /* MIPS16e mode */
+                        ret = get_user_u16(trap_instr, env->active_tc.PC);
+                        if (ret != 0) {
+                            goto error;
+                        }
+                        code = (trap_instr >> 6) & 0x3f;
+                        if (do_break(env, &info, code) != 0) {
+                            goto error;
+                        }
+                        break;
+                    }
+                } else {
+                    ret = get_user_ual(trap_instr, env->active_tc.PC);
+                }
+
                 if (ret != 0) {
                     goto error;
                 }
@@ -2334,14 +2358,30 @@ done_syscall:
                 abi_ulong trap_instr;
                 unsigned int code = 0;
 
-                ret = get_user_ual(trap_instr, env->active_tc.PC);
+                if (env->hflags & MIPS_HFLAG_M16) {
+                    /* microMIPS mode */
+                    abi_ulong instr[2];
+
+                    ret = get_user_u16(instr[0], env->active_tc.PC) ||
+                          get_user_u16(instr[1], env->active_tc.PC + 2);
+
+                    trap_instr = (instr[0] << 16) | instr[1];
+                } else {
+                    ret = get_user_ual(trap_instr, env->active_tc.PC);
+                }
+
                 if (ret != 0) {
                     goto error;
                 }
 
                 /* The immediate versions don't provide a code.  */
                 if (!(trap_instr & 0xFC000000)) {
-                    code = ((trap_instr >> 6) & ((1 << 10) - 1));
+                    if (env->hflags & MIPS_HFLAG_M16) {
+                        /* microMIPS mode */
+                        code = ((trap_instr >> 12) & ((1 << 4) - 1));
+                    } else {
+                        code = ((trap_instr >> 6) & ((1 << 10) - 1));
+                    }
                 }
 
                 if (do_break(env, &info, code) != 0) {
-- 
1.8.1.2