Re: [PATCH 4/4] hw/i386/pc: Have pc_init_isa() pass a NULL pci_type argument
Am 1. März 2024 18:59:36 UTC schrieb "Philippe Mathieu-Daudé" : >The "isapc" machine only provides an ISA bus, not a PCI one, >and doesn't instanciate any i440FX south bridge. >Its machine class defines PCMachineClass::pci_enabled = false, >and pc_init1() only uses the pci_type argument when pci_enabled >is true. Since for this machine the argument is not used, >passing NULL makes more sense. > >Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Bernhard Beschow
Re: [PATCH 7/8] target/arm: Implement FEAT_ECV CNTPOFF_EL2 handling
On Fri, 1 Mar 2024 at 21:54, Richard Henderson
wrote:
>
> On 3/1/24 08:32, Peter Maydell wrote:
> > +static uint64_t gt_phys_raw_cnt_offset(CPUARMState *env)
> > +{
> > +if ((env->cp15.scr_el3 & SCR_ECVEN) &&
> > +FIELD_EX64(env->cp15.cnthctl_el2, CNTHCTL, ECV) &&
> > +arm_is_el2_enabled(env) &&
> > +(arm_hcr_el2_eff(env) & (HCR_E2H | HCR_TGE)) != (HCR_E2H |
> > HCR_TGE)) {
>
> arm_hcr_el2_eff checks arm_is_el2_enabled and returns 0 if disabled.
Yes, and if it returns 0 then the E2H|TGE bits will not be E2H|TGE,
and so we'll incorrectly apply the CNTPOFF value. We can only elide
the arm_is_el2_enabled() test if we're checking for some HCR bit
being 1. (I also initially thought the arm_is_el2_enabled() check was
redundant and then found it was not :-))
-- PMM
Re: [PATCH 3/5] hw/isa: Embed TYPE_PORT92 in south bridges used in PC machines
Am 28. Februar 2024 13:02:55 UTC schrieb BALATON Zoltan : >On Wed, 28 Feb 2024, BALATON Zoltan wrote: >> On Tue, 27 Feb 2024, Bernhard Beschow wrote: >>> Am 27. Februar 2024 21:54:19 UTC schrieb BALATON Zoltan >>> : On Tue, 27 Feb 2024, Bernhard Beschow wrote: > Am 21. Februar 2024 11:53:21 UTC schrieb Mark Cave-Ayland > : >> On 18/02/2024 13:16, Bernhard Beschow wrote: >>> Port 92 is an integral part of the PIIX and ICH south bridges, so >>> instantiate it >>> there. The isapc machine now needs to instantiate it explicitly, >>> analoguous to >>> the RTC. >>> >>> Note that due to migration compatibility, port92 is optional in the >>> south >>> bridges. It is always instantiated the isapc machine for simplicity. >>> >>> Signed-off-by: Bernhard Beschow >>> --- >>> include/hw/i386/pc.h | 2 +- >>> include/hw/southbridge/ich9.h | 4 >>> include/hw/southbridge/piix.h | 3 +++ >>> hw/i386/pc.c | 18 -- >>> hw/i386/pc_piix.c | 9 +++-- >>> hw/i386/pc_q35.c | 8 +--- >>> hw/isa/lpc_ich9.c | 9 + >>> hw/isa/piix.c | 9 + >>> hw/isa/Kconfig| 2 ++ >>> 9 files changed, 52 insertions(+), 12 deletions(-) >> >> I had a look at this (and did a bit of revision around 8042 and A20), >> and I am starting to wonder if the PORT92 device isn't something that >> belongs to the southbridge, but more specifically to the superio chip? > > If there is agreement to model real hardware in QEMU, then I think that I think there's no such agreement and QEMU is more lax about it both for historical reasons and to simplify machine models. Indeed, QEMU sometimes models non-existing machines (e.g. the mac99 or virt boards) that don't correspond to real hardware but allow guest OSes to boot. Even when modelllng real hardware it's ofren modelled just enough for guests to work and unused details are omitted for simplicity. It is recommended to follow what real hardware does when modelling real hardware but not always required. Although it might help both with verifying a device model and to compose machines with these models to try to follow the real hardware. >>> >>> Composing real machines and verifying device models is exactly what I'm >>> after. I'm aware that QEMU provides virt machines such as the microvm, and >>> from the context I didn't refer to these. >> >> Even without pure virt machines currently a lot of QEMU machines don't >> exactly model real hardware. They may roughly follow real hardware but not >> exactly such as mac99 is a non-existent Mac and the pc machines also use >> some parts that don't exist in real life such as PIIX4-PIIX3 hybrid you've >> been working on resolving. Some of these however are restricted by backward >> compatibilty requirements. But you probably aware of all of that but this >> means the argument that real hardware should be followed is not enough. At >> least it should not break backward compatibility too much and that's more >> important than exactly modelling real machine. Also having a simple model >> may be more important than modeling every detail even when not used just to >> follow real hardware. >> > port 92 belongs into any device model where the hardware has one. All our > PC-like southbridges (PIIX, ICH, VIA) have port 92. Many FDC37 > including the FDC37M81x as used in the Malta board have one, too -- where > it must first be enabled. So port92 is not a real hardware but a QEMU abstraction or model of some functionality found in some machines. Real chips probably implement this in different ways so we could either model this in these chips independently the same way as real hardware does or use the abstracted model anywhere in our machine model. Since this does not exist in real hardware as this abstract model it also does not belong anywhere so we are free to put it where it's most convenient or simple to do. >>> >>> As mentioned already, port 92 is an integral part of PIIX, ICH, and VIA >>> southbridges. >> >> Mark argued that more specifically it's part of the superio within those >> couthbridges. That makes sense, considering this port92 is related to >> functionality that was in the keyboard contorller before which is part of >> the superio. I don't know PC hardware too well but reading about this fast >> gate A20 feature looks like original PC and XT had only a 1 MB address space >> but addresses above 1 MB wrapped to 0 and some software depended on that. >> Then AT added more memory but then it needed a way to control if addresses >> above 1 MB would wrap or access high memory. This was done with some free >> part of the keyboard co
Re: [PATCH 3/5] hw/isa: Embed TYPE_PORT92 in south bridges used in PC machines
On Sat, 2 Mar 2024, Bernhard Beschow wrote: Am 28. Februar 2024 13:02:55 UTC schrieb BALATON Zoltan : On Wed, 28 Feb 2024, BALATON Zoltan wrote: On Tue, 27 Feb 2024, Bernhard Beschow wrote: Am 27. Februar 2024 21:54:19 UTC schrieb BALATON Zoltan : On Tue, 27 Feb 2024, Bernhard Beschow wrote: Am 21. Februar 2024 11:53:21 UTC schrieb Mark Cave-Ayland : On 18/02/2024 13:16, Bernhard Beschow wrote: Port 92 is an integral part of the PIIX and ICH south bridges, so instantiate it there. The isapc machine now needs to instantiate it explicitly, analoguous to the RTC. Note that due to migration compatibility, port92 is optional in the south bridges. It is always instantiated the isapc machine for simplicity. Signed-off-by: Bernhard Beschow --- include/hw/i386/pc.h | 2 +- include/hw/southbridge/ich9.h | 4 include/hw/southbridge/piix.h | 3 +++ hw/i386/pc.c | 18 -- hw/i386/pc_piix.c | 9 +++-- hw/i386/pc_q35.c | 8 +--- hw/isa/lpc_ich9.c | 9 + hw/isa/piix.c | 9 + hw/isa/Kconfig| 2 ++ 9 files changed, 52 insertions(+), 12 deletions(-) I had a look at this (and did a bit of revision around 8042 and A20), and I am starting to wonder if the PORT92 device isn't something that belongs to the southbridge, but more specifically to the superio chip? If there is agreement to model real hardware in QEMU, then I think that I think there's no such agreement and QEMU is more lax about it both for historical reasons and to simplify machine models. Indeed, QEMU sometimes models non-existing machines (e.g. the mac99 or virt boards) that don't correspond to real hardware but allow guest OSes to boot. Even when modelllng real hardware it's ofren modelled just enough for guests to work and unused details are omitted for simplicity. It is recommended to follow what real hardware does when modelling real hardware but not always required. Although it might help both with verifying a device model and to compose machines with these models to try to follow the real hardware. Composing real machines and verifying device models is exactly what I'm after. I'm aware that QEMU provides virt machines such as the microvm, and from the context I didn't refer to these. Even without pure virt machines currently a lot of QEMU machines don't exactly model real hardware. They may roughly follow real hardware but not exactly such as mac99 is a non-existent Mac and the pc machines also use some parts that don't exist in real life such as PIIX4-PIIX3 hybrid you've been working on resolving. Some of these however are restricted by backward compatibilty requirements. But you probably aware of all of that but this means the argument that real hardware should be followed is not enough. At least it should not break backward compatibility too much and that's more important than exactly modelling real machine. Also having a simple model may be more important than modeling every detail even when not used just to follow real hardware. port 92 belongs into any device model where the hardware has one. All our PC-like southbridges (PIIX, ICH, VIA) have port 92. Many FDC37 including the FDC37M81x as used in the Malta board have one, too -- where it must first be enabled. So port92 is not a real hardware but a QEMU abstraction or model of some functionality found in some machines. Real chips probably implement this in different ways so we could either model this in these chips independently the same way as real hardware does or use the abstracted model anywhere in our machine model. Since this does not exist in real hardware as this abstract model it also does not belong anywhere so we are free to put it where it's most convenient or simple to do. As mentioned already, port 92 is an integral part of PIIX, ICH, and VIA southbridges. Mark argued that more specifically it's part of the superio within those couthbridges. That makes sense, considering this port92 is related to functionality that was in the keyboard contorller before which is part of the superio. I don't know PC hardware too well but reading about this fast gate A20 feature looks like original PC and XT had only a 1 MB address space but addresses above 1 MB wrapped to 0 and some software depended on that. Then AT added more memory but then it needed a way to control if addresses above 1 MB would wrap or access high memory. This was done with some free part of the keyboard controller but that was too slow so an alternative fast way was added with this port92 device. But then the old keyboard controller and this port92 stuff are interacting so may need to consider both. Apart from that all of this is not relevant to other machines that don't use this functionality. QEMU decided to model it as a separate QOM object that is now instantiated by the machines that use it. This
Re: rutabaga 0.1.3
Hi Gurchetan, > >> > Would this be a suitable commit for the 0.1.3 release of rutabaga? > >> > > >> > https://chromium.googlesource.com/crosvm/crosvm/+/5dfd74a0680d317c6edf44138def886f47cb1c7c > >> > > >> > The gfxstream/AEMU commits would remain unchanged. > >> > >> That combination works for me. > > > > Just FYI, still working on it. Could take 1-2 more weeks. > > FYI: > > https://android.googlesource.com/platform/hardware/google/gfxstream/+/refs/tags/v0.1.2-gfxstream-release > > https://android.googlesource.com/platform/hardware/google/aemu/+/refs/tags/v0.1.2-aemu-release > > https://chromium.googlesource.com/crosvm/crosvm/+/refs/tags/v0.1.3-rutabaga-release Unlike the commit I tested for you, the commit that ended up being tagged as v0.1.3-rutabaga-release doesn't work for me: qemu: The errno is EBADF: Bad file number qemu: CHECK failed in rutabaga_cmd_resource_map_blob() ../hw/display/virtio-gpu-rutabaga.c:655 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x208, error 0x1200 qemu: CHECK failed in rutabaga_cmd_resource_unmap_blob() ../hw/display/virtio-gpu-rutabaga.c:723 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x209, error 0x1200 qemu: The errno is EBADF: Bad file number qemu: CHECK failed in rutabaga_cmd_resource_map_blob() ../hw/display/virtio-gpu-rutabaga.c:655 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x208, error 0x1200 qemu: CHECK failed in rutabaga_cmd_resource_unmap_blob() ../hw/display/virtio-gpu-rutabaga.c:723 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x209, error 0x1200 qemu: The errno is EBADF: Bad file number qemu: CHECK failed in rutabaga_cmd_resource_map_blob() ../hw/display/virtio-gpu-rutabaga.c:655 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x208, error 0x1200 qemu: invalid resource id qemu: CHECK failed in rutabaga_cmd_submit_3d() ../hw/display/virtio-gpu-rutabaga.c:341 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x207, error 0x1200 qemu: CHECK failed in rutabaga_cmd_resource_unmap_blob() ../hw/display/virtio-gpu-rutabaga.c:723 qemu: virtio_gpu_rutabaga_process_cmd: ctrl 0x209, error 0x1200 I bisected it to: commit f3dbf20eedadb135e2fd813474fbb9731d465f3a Author: Andrew Walbran Date: Wed Nov 29 17:23:45 2023 + rutabaga_gfx: Uprev nix to 0.27.1 The new version of nix uses OwnedFd in various places, which allows us to have less unsafe code. TEST=CQ BUG=b:293289578 Change-Id: I61aa80c4105eaf1182c5c325109b5aba11cf60de Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5072293 Auto-Submit: Andrew Walbran Reviewed-by: Gurchetan Singh Reviewed-by: Frederick Mayle Commit-Queue: Frederick Mayle signature.asc Description: PGP signature
Re: [RFC 5/8] virtio-ccw: Handle extra notification data
On 01/03/2024 14.43, Jonah Palmer wrote:
Add support to virtio-ccw devices for handling the extra data sent from
the driver to the device when the VIRTIO_F_NOTIFICATION_DATA transport
feature has been negotiated.
The extra data that's passed to the virtio-ccw device when this feature
is enabled varies depending on the device's virtqueue layout.
That data passed to the virtio-ccw device is in the same format as the
data passed to virtio-pci devices.
Signed-off-by: Jonah Palmer
---
hw/s390x/s390-virtio-ccw.c | 18 ++
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 62804cc228..b8e193956c 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -140,9 +140,11 @@ static void subsystem_reset(void)
static int virtio_ccw_hcall_notify(const uint64_t *args)
{
uint64_t subch_id = args[0];
-uint64_t queue = args[1];
+uint64_t data = args[1];
SubchDev *sch;
+VirtIODevice *vdev;
int cssid, ssid, schid, m;
+uint16_t vq_idx;
if (ioinst_disassemble_sch_ident(subch_id, &m, &cssid, &ssid, &schid)) {
return -EINVAL;
@@ -151,12 +153,20 @@ static int virtio_ccw_hcall_notify(const uint64_t *args)
if (!sch || !css_subch_visible(sch)) {
return -EINVAL;
}
-if (queue >= VIRTIO_QUEUE_MAX) {
+
+vdev = virtio_ccw_get_vdev(sch);
+if (virtio_vdev_has_feature(vdev, VIRTIO_F_NOTIFICATION_DATA)) {
+vq_idx = data & 0x;
+virtio_set_notification_data(vdev, vq_idx, data);
+} else {
+vq_idx = data;
+}
+
+if (vq_idx >= VIRTIO_QUEUE_MAX) {
return -EINVAL;
}
-virtio_queue_notify(virtio_ccw_get_vdev(sch), queue);
+virtio_queue_notify(vdev, vq_idx);
return 0;
-
}
Acked-by: Thomas Huth
Re: [RFC 6/8] virtio-ccw: Lock ioeventfd state with VIRTIO_F_NOTIFICATION_DATA
On 01/03/2024 14.43, Jonah Palmer wrote:
Prevent ioeventfd from being enabled/disabled when a virtio-ccw device
has negotiated the VIRTIO_F_NOTIFICATION_DATA transport feature.
Due to the ioeventfd not being able to carry the extra data associated
with this feature, the ioeventfd should be left in a disabled state for
emulated virtio-ccw devices using this feature.
Signed-off-by: Jonah Palmer
---
hw/s390x/virtio-ccw.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index b4676909dd..936ba78fda 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -530,14 +530,16 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
if (ret) {
break;
}
-if (!(status & VIRTIO_CONFIG_S_DRIVER_OK)) {
+if (!(status & VIRTIO_CONFIG_S_DRIVER_OK) &&
+!virtio_vdev_has_feature(vdev, VIRTIO_F_NOTIFICATION_DATA)) {
virtio_ccw_stop_ioeventfd(dev);
}
if (virtio_set_status(vdev, status) == 0) {
if (vdev->status == 0) {
virtio_ccw_reset_virtio(dev);
}
-if (status & VIRTIO_CONFIG_S_DRIVER_OK) {
+if ((status & VIRTIO_CONFIG_S_DRIVER_OK) &&
+!virtio_vdev_has_feature(vdev,
VIRTIO_F_NOTIFICATION_DATA)) {
virtio_ccw_start_ioeventfd(dev);
}
sch->curr_status.scsw.count = ccw.count - sizeof(status);
Acked-by: Thomas Huth
[PATCH RFC] hppa: assemble_16() in wide mode
Hi Richard, while looking into a HPPA tcg issue i noticed that the current tcg code doesn't do the special wide mode handling described in the Parisc 2.0 specification, Chapter E -> assemble_16(). In wide mode, assemble_16() adds two more bits to the immediate value/displacement of certain instruction like ldo(ldi), st[bhwd] and ld[bhwd] and some others. I wonder what the easiest way to implement this is - it has to be xor'd and is dependend on the W bit, so i don't think it will be possible to implement this with changing only insn.decode. I came up with the attached patch, do you think there's a better way? Thanks! Sven
[PATCH] target/hppa: add assemble_16()
Signed-off-by: Sven Schnelle --- target/hppa/insns.decode | 99 target/hppa/translate.c | 22 + 2 files changed, 72 insertions(+), 49 deletions(-) diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode index f5a3f02fd1..8f17e18cd0 100644 --- a/target/hppa/insns.decode +++ b/target/hppa/insns.decode @@ -62,7 +62,7 @@ # All insns that need to form a virtual address should use this set. -&ldst t b x disp sp m scale size +&ldst t b x disp sp m scale size w16 &rr_cf_dt r cf d &rrrt r1 r2 @@ -138,7 +138,7 @@ getshadowregs 1101 1110 1010 1101 0010 @addrx .. b:5 x:5 .. m:1 .\ -&ldst disp=0 scale=0 t=0 sp=0 size=0 +&ldst disp=0 scale=0 t=0 sp=0 size=0 w16=0 nop 01 - - -- 11001010 0 - # fdc, disp nop_addrx 01 . . -- 01001010 . - @addrx # fdc, index @@ -163,24 +163,24 @@ ixtlbt 01 r2:5 r1:5 000 data:1 10 0 0# idtlbt # pdtlb, pitlb pxtlb 01 b:5 x:5 sp:2 01001000 m:1 - \ -&ldst disp=0 scale=0 size=0 t=0 +&ldst disp=0 scale=0 size=0 t=0 w16=0 pxtlb 01 b:5 x:5 ... 0001000 m:1 - \ -&ldst disp=0 scale=0 size=0 t=0 sp=%assemble_sr3x +&ldst disp=0 scale=0 size=0 t=0 sp=%assemble_sr3x w16=0 # ... pa20 local pxtlb_l 01 b:5 x:5 sp:2 01011000 m:1 - \ -&ldst disp=0 scale=0 size=0 t=0 +&ldst disp=0 scale=0 size=0 t=0 w16=0 pxtlb_l 01 b:5 x:5 ... 0011000 m:1 - \ -&ldst disp=0 scale=0 size=0 t=0 sp=%assemble_sr3x +&ldst disp=0 scale=0 size=0 t=0 sp=%assemble_sr3x w16=0 # pdtlbe, pitlbe pxtlbe 01 b:5 x:5 sp:2 01001001 m:1 - \ -&ldst disp=0 scale=0 size=0 t=0 +&ldst disp=0 scale=0 size=0 t=0 w16=0 pxtlbe 01 b:5 x:5 ... 0001001 m:1 - \ -&ldst disp=0 scale=0 size=0 t=0 sp=%assemble_sr3x +&ldst disp=0 scale=0 size=0 t=0 sp=%assemble_sr3x w16=0 lpa 01 b:5 x:5 sp:2 01001101 m:1 t:5\ -&ldst disp=0 scale=0 size=0 +&ldst disp=0 scale=0 size=0 w16=0 lci 01 - - -- 01001100 0 t:5 @@ -221,7 +221,7 @@ sub_b_tsv 10 . . 110100 . . @rrr_cf_d ldil001000 t:5 .i=%assemble_21 addil 001010 r:5 .i=%assemble_21 -ldo 001101 b:5 t:5 -- ..i=%lowsign_14 +ldo 001101 b:5 t:5 s:2 ..i=%lowsign_14 w16=1 addi101101 . . 0 ... @rri_cf addi_tsv101101 . . 1 ... @rri_cf @@ -264,19 +264,19 @@ permh 10 r1:5 r2:5 0 c0:2 0 c1:2 c2:2 c3:2 0 t:5 @stim5 .. b:5 t:5 sp:2 . . \ &ldst disp=%im5_0 x=0 scale=0 m=%ma_to_m -ld 11 . . .. . 1 -- 00 size:2 .. @ldim5 -ld 11 . . .. . 0 -- 00 size:2 .. @ldstx -st 11 . . .. . 1 -- 10 size:2 .. @stim5 -ldc 11 . . .. . 1 -- 0111 .. @ldim5 size=2 -ldc 11 . . .. . 0 -- 0111 .. @ldstx size=2 -ldc 11 . . .. . 1 -- 0101 .. @ldim5 size=3 -ldc 11 . . .. . 0 -- 0101 .. @ldstx size=3 -lda 11 . . .. . 1 -- 0110 .. @ldim5 size=2 -lda 11 . . .. . 0 -- 0110 .. @ldstx size=2 -lda 11 . . .. . 1 -- 0100 .. @ldim5 size=3 -lda 11 . . .. . 0 -- 0100 .. @ldstx size=3 -sta 11 . . .. . 1 -- 1110 .. @stim5 size=2 -sta 11 . . .. . 1 -- .. @stim5 size=3 +ld 11 . . .. . 1 -- 00 size:2 .. @ldim5 w16=0 +ld 11 . . .. . 0 -- 00 size:2 .. @ldstx w16=0 +st 11 . . .. . 1 -- 10 size:2 .. @stim5 w16=0 +ldc 11 . . .. . 1 -- 0111 .. @ldim5 size=2 w16=0 +ldc 11 . . .. . 0 -- 0111 .. @ldstx size=2 w16=0 +ldc 11 . . .. . 1 -- 0101 .. @ldim5 size=3 w16=0 +ldc 11 . . .. . 0 -- 0101 .. @ldstx size=3 w16=0 +lda 11 . . .. . 1 -- 0110 .. @ldim5 size=2 w16=0 +lda 11 . . .. . 0 -- 0110 .. @ldstx size=2 w16=0 +lda 11 . . .. . 1 -- 0100 ...
[PATCH] hw/scsi/lsi53c895a: stop script on phase mismatch
Netbsd isn't happy with qemu lsi53c895a emulation:
cd0(esiop0:0:2:0): command with tag id 0 reset
esiop0: autoconfiguration error: phase mismatch without command
esiop0: autoconfiguration error: unhandled scsi interrupt, sist=0x80 sstat1=0x0
DSA=0x23a64b1 DSP=0x50
This is because lsi_bad_phase() triggers a phase mismatch, which
stops SCRIPT processing. However, after returning to
lsi_command_complete(), SCRIPT is restarted with lsi_resume_script().
Fix this by adding a return value to lsi_bad_phase(), and only resume
script processing when lsi_bad_phase() didn't trigger a host interrupt.
Signed-off-by: Sven Schnelle
---
hw/scsi/lsi53c895a.c | 16
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index 4ff9470381..59b88aff3f 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -573,8 +573,9 @@ static inline void lsi_set_phase(LSIState *s, int phase)
s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
}
-static void lsi_bad_phase(LSIState *s, int out, int new_phase)
+static int lsi_bad_phase(LSIState *s, int out, int new_phase)
{
+int ret = 0;
/* Trigger a phase mismatch. */
if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
@@ -587,8 +588,10 @@ static void lsi_bad_phase(LSIState *s, int out, int
new_phase)
trace_lsi_bad_phase_interrupt();
lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
lsi_stop_script(s);
+ret = 1;
}
lsi_set_phase(s, new_phase);
+return ret;
}
@@ -792,7 +795,7 @@ static int lsi_queue_req(LSIState *s, SCSIRequest *req,
uint32_t len)
static void lsi_command_complete(SCSIRequest *req, size_t resid)
{
LSIState *s = LSI53C895A(req->bus->qbus.parent);
-int out;
+int out, stop = 0;
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
trace_lsi_command_complete(req->status);
@@ -800,7 +803,10 @@ static void lsi_command_complete(SCSIRequest *req, size_t
resid)
s->command_complete = 2;
if (s->waiting && s->dbc != 0) {
/* Raise phase mismatch for short transfers. */
-lsi_bad_phase(s, out, PHASE_ST);
+stop = lsi_bad_phase(s, out, PHASE_ST);
+if (stop) {
+s->waiting = 0;
+}
} else {
lsi_set_phase(s, PHASE_ST);
}
@@ -810,7 +816,9 @@ static void lsi_command_complete(SCSIRequest *req, size_t
resid)
lsi_request_free(s, s->current);
scsi_req_unref(req);
}
-lsi_resume_script(s);
+if (!stop) {
+lsi_resume_script(s);
+}
}
/* Callback to indicate that the SCSI layer has completed a transfer. */
--
2.43.2
[PATCH 2/5] target/hppa: Restore unwind_breg before calculating ior
From: Helge Deller
When calculating the IOR for the exception handlers, the current
unwind_breg value is needed on 64-bit hppa machines.
Restore that value by calling cpu_restore_state() earlier, which in turn
calls hppa_restore_state_to_opc() which restores the unwind_breg for the
current instruction.
Signed-off-by: Helge Deller
Fixes: 3824e0d643f3 ("target/hppa: Export function hppa_set_ior_and_isr()")
---
target/hppa/cpu.c| 3 ++-
target/hppa/mem_helper.c | 3 ++-
target/hppa/op_helper.c | 3 ++-
3 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
index afe73d4474..3831cb6db2 100644
--- a/target/hppa/cpu.c
+++ b/target/hppa/cpu.c
@@ -121,9 +121,10 @@ void hppa_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
CPUHPPAState *env = &cpu->env;
cs->exception_index = EXCP_UNALIGN;
+cpu_restore_state(cs, retaddr);
hppa_set_ior_and_isr(env, addr, MMU_IDX_MMU_DISABLED(mmu_idx));
-cpu_loop_exit_restore(cs, retaddr);
+cpu_loop_exit(cs);
}
#endif /* CONFIG_USER_ONLY */
diff --git a/target/hppa/mem_helper.c b/target/hppa/mem_helper.c
index 66b8fa7d72..3fc895c1c2 100644
--- a/target/hppa/mem_helper.c
+++ b/target/hppa/mem_helper.c
@@ -348,9 +348,10 @@ raise_exception_with_ior(CPUHPPAState *env, int excp,
uintptr_t retaddr,
CPUState *cs = env_cpu(env);
cs->exception_index = excp;
+cpu_restore_state(cs, retaddr);
hppa_set_ior_and_isr(env, addr, mmu_disabled);
-cpu_loop_exit_restore(cs, retaddr);
+cpu_loop_exit(cs);
}
void hppa_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
diff --git a/target/hppa/op_helper.c b/target/hppa/op_helper.c
index b1f24a5aad..480fe80844 100644
--- a/target/hppa/op_helper.c
+++ b/target/hppa/op_helper.c
@@ -351,11 +351,12 @@ target_ulong HELPER(probe)(CPUHPPAState *env,
target_ulong addr,
excp = hppa_get_physical_address(env, addr, mmu_idx, 0, &phys,
&prot, NULL);
if (excp >= 0) {
+cpu_restore_state(env_cpu(env), GETPC());
hppa_set_ior_and_isr(env, addr, MMU_IDX_MMU_DISABLED(mmu_idx));
if (excp == EXCP_DTLB_MISS) {
excp = EXCP_NA_DTLB_MISS;
}
-hppa_dynamic_excp(env, excp, GETPC());
+helper_excp(env, excp);
}
return (want & prot) != 0;
#endif
--
2.44.0
[PATCH 1/5] target/hppa: Fix unaligned double word accesses for hppa64
From: Guenter Roeck
Unaligned 64-bit accesses were found in Linux to clobber carry bits,
resulting in bad results if an arithmetic operation involving a
carry bit was executed after an unaligned 64-bit operation.
hppa 2.0 defines additional carry bits in PSW register bits 32..39.
When restoring PSW after executing an unaligned instruction trap,
those bits were not cleared and ended up to be active all the time.
Clearing bit 32..39 in psw prior to restoring it solves the problem.
Fixes: 931adff31478 ("target/hppa: Update cpu_hppa_get/put_psw for hppa64")
Cc: Richard Henderson
Cc: Charlie Jenkins
Cc: Helge Deller
Signed-off-by: Guenter Roeck
Reviewed-by: Richard Henderson
---
target/hppa/helper.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index 859644c47a..7b798d1227 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -76,7 +76,12 @@ void cpu_hppa_put_psw(CPUHPPAState *env, target_ulong psw)
}
psw &= ~reserved;
-env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+if (hppa_is_pa20(env)) {
+env->psw = psw & ~(PSW_N | PSW_V | PSW_CB | 0xffull);
+} else {
+env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+}
+
env->psw_n = (psw / PSW_N) & 1;
env->psw_v = -((psw / PSW_V) & 1);
--
2.44.0
[PATCH 3/5] pc-bios/meson: Add hppa-firmware64.img blob
From: Helge Deller
Add the missing 64-bit hppa firmware blob so that it gets installed.
Signed-off-by: Helge Deller
Fixes: 7c0dfcf9395e ("target/hppa: Update SeaBIOS-hppa to version 16")
---
pc-bios/meson.build | 1 +
1 file changed, 1 insertion(+)
diff --git a/pc-bios/meson.build b/pc-bios/meson.build
index e67fa433a1..0760612bea 100644
--- a/pc-bios/meson.build
+++ b/pc-bios/meson.build
@@ -73,6 +73,7 @@ blobs = [
'qemu_vga.ndrv',
'edk2-licenses.txt',
'hppa-firmware.img',
+ 'hppa-firmware64.img',
'opensbi-riscv32-generic-fw_dynamic.bin',
'opensbi-riscv64-generic-fw_dynamic.bin',
'npcm7xx_bootrom.bin',
--
2.44.0
[PATCH 4/5] pc-bios/README: Add information about hppa-firmware
From: Helge Deller Signed-off-by: Helge Deller --- pc-bios/README | 6 ++ 1 file changed, 6 insertions(+) diff --git a/pc-bios/README b/pc-bios/README index b8a0210d24..6ffc46006e 100644 --- a/pc-bios/README +++ b/pc-bios/README @@ -75,3 +75,9 @@ initialize and run boot images stored in SPI flash, but may grow more features over time as needed. The source code is available at: https://github.com/google/vbootrom + +- hppa-firmware.img (32-bit) and hppa-firmware64.img (64-bit) are firmware + files for the HP-PARISC (hppa) architecture. + The are built form the SeaBIOS-hppa sources, which is a fork of SeaBIOS + adapted for hppa. + SeaBIOS-hppa is available at https://github.com/hdeller/seabios-hppa -- 2.44.0
[PATCH 5/5] roms/hppa: Add build rules for hppa-firmware
From: Helge Deller Signed-off-by: Helge Deller Suggested-by: Michael Tokarev --- roms/Makefile | 7 +++ 1 file changed, 7 insertions(+) diff --git a/roms/Makefile b/roms/Makefile index 67f709ba2d..8e5d8d26a9 100644 --- a/roms/Makefile +++ b/roms/Makefile @@ -68,6 +68,7 @@ default help: @echo " opensbi32-generic -- update OpenSBI for 32-bit generic machine" @echo " opensbi64-generic -- update OpenSBI for 64-bit generic machine" @echo " qboot -- update qboot" + @echo " hppa-firmware -- update 32- and 64-bit hppa firmware" @echo " clean -- delete the files generated by the previous" \ "build targets" @@ -177,6 +178,11 @@ npcm7xx_bootrom: $(MAKE) -C vbootrom CROSS_COMPILE=$(arm_cross_prefix) cp vbootrom/npcm7xx_bootrom.bin ../pc-bios/npcm7xx_bootrom.bin +hppa-firmware: + $(MAKE) -C seabios-hppa parisc + cp seabios-hppa/out/hppa-firmware.img ../pc-bios/ + cp seabios-hppa/out-64/hppa-firmware64.img ../pc-bios/ + clean: rm -rf seabios/.config seabios/out seabios/builds $(MAKE) -C ipxe/src veryclean @@ -189,3 +195,4 @@ clean: $(MAKE) -C opensbi clean $(MAKE) -C qboot clean $(MAKE) -C vbootrom clean + $(MAKE) -C seabios-hppa clean -- 2.44.0
[PATCH 0/5] HPPA64 updates
From: Helge Deller Some fixes for the hppa64 target. Add references to SeaBIOS-hppa and hppa-firmware into pc-bios/README file and add rom make targets. Patches 2-5 need review. Guenter Roeck (1): target/hppa: Fix unaligned double word accesses for hppa64 Helge Deller (4): target/hppa: Restore unwind_breg before calculating ior pc-bios/meson: Add hppa-firmware64.img blob pc-bios/README: Add information about hppa-firmware roms/hppa: Add build rules for hppa-firmware pc-bios/README | 6 ++ pc-bios/meson.build | 1 + roms/Makefile| 7 +++ target/hppa/cpu.c| 3 ++- target/hppa/helper.c | 7 ++- target/hppa/mem_helper.c | 3 ++- target/hppa/op_helper.c | 3 ++- 7 files changed, 26 insertions(+), 4 deletions(-) -- 2.44.0
[PATCH] hw/scsi/lsi53c895a: Fix typo in comment
Signed-off-by: BALATON Zoltan
---
hw/scsi/lsi53c895a.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index d607a5f9fb..4f784be749 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -225,7 +225,7 @@ struct LSIState {
MemoryRegion io_io;
AddressSpace pci_io_as;
-int carry; /* ??? Should this be an a visible register somewhere? */
+int carry; /* ??? Should this be in a visible register somewhere? */
int status;
int msg_action;
int msg_len;
--
2.30.9
Re: [PATCH] hw/scsi/lsi53c895a: stop script on phase mismatch
On 3/2/24 22:44, Sven Schnelle wrote:
Netbsd isn't happy with qemu lsi53c895a emulation:
cd0(esiop0:0:2:0): command with tag id 0 reset
esiop0: autoconfiguration error: phase mismatch without command
esiop0: autoconfiguration error: unhandled scsi interrupt, sist=0x80 sstat1=0x0
DSA=0x23a64b1 DSP=0x50
This is because lsi_bad_phase() triggers a phase mismatch, which
stops SCRIPT processing. However, after returning to
lsi_command_complete(), SCRIPT is restarted with lsi_resume_script().
Fix this by adding a return value to lsi_bad_phase(), and only resume
script processing when lsi_bad_phase() didn't trigger a host interrupt.
Signed-off-by: Sven Schnelle
Tested-by: Helge Deller
Helge
---
hw/scsi/lsi53c895a.c | 16
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index 4ff9470381..59b88aff3f 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -573,8 +573,9 @@ static inline void lsi_set_phase(LSIState *s, int phase)
s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
}
-static void lsi_bad_phase(LSIState *s, int out, int new_phase)
+static int lsi_bad_phase(LSIState *s, int out, int new_phase)
{
+int ret = 0;
/* Trigger a phase mismatch. */
if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
@@ -587,8 +588,10 @@ static void lsi_bad_phase(LSIState *s, int out, int
new_phase)
trace_lsi_bad_phase_interrupt();
lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
lsi_stop_script(s);
+ret = 1;
}
lsi_set_phase(s, new_phase);
+return ret;
}
@@ -792,7 +795,7 @@ static int lsi_queue_req(LSIState *s, SCSIRequest *req,
uint32_t len)
static void lsi_command_complete(SCSIRequest *req, size_t resid)
{
LSIState *s = LSI53C895A(req->bus->qbus.parent);
-int out;
+int out, stop = 0;
out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
trace_lsi_command_complete(req->status);
@@ -800,7 +803,10 @@ static void lsi_command_complete(SCSIRequest *req, size_t
resid)
s->command_complete = 2;
if (s->waiting && s->dbc != 0) {
/* Raise phase mismatch for short transfers. */
-lsi_bad_phase(s, out, PHASE_ST);
+stop = lsi_bad_phase(s, out, PHASE_ST);
+if (stop) {
+s->waiting = 0;
+}
} else {
lsi_set_phase(s, PHASE_ST);
}
@@ -810,7 +816,9 @@ static void lsi_command_complete(SCSIRequest *req, size_t
resid)
lsi_request_free(s, s->current);
scsi_req_unref(req);
}
-lsi_resume_script(s);
+if (!stop) {
+lsi_resume_script(s);
+}
}
/* Callback to indicate that the SCSI layer has completed a transfer. */
lsi53c895a assert with AmigaOS
Hello, AmigaOS4 also has a driver for this card so I've tried to test it but it trips an assert. Does anybody have an idea why and how it could be fixed? Sven's recent patches don't seem to have an effect on this, it still happens shortly after it tries to access the SCSI device with those patches applied. (Unfortunately AmigaOS is not freely available so it's a bit hard to reproduce but I can do tests if needed.) I got the following traces: lsi_reg_write Write reg SIEN0 0x40 = 0x84 lsi_reg_write Write reg SIEN1 0x41 = 0x04 lsi_reg_write Write reg DIEN 0x39 = 0xff lsi_reg_write Write reg DSP0 0x2c = 0x00 lsi_reg_write Write reg DSP1 0x2d = 0x80 lsi_reg_write Write reg DSP2 0x2e = 0x19 lsi_reg_write Write reg DSP3 0x2f = 0x00 lsi_execute_script SCRIPTS dsp=0x198000 opcode 0x7c07fe00 arg 0x0 lsi_execute_script_io_opcode Read-Modify-Write reg 0x7 AND data8=0xfe sfbr=0x01 lsi_reg_read Read reg GPREG 0x7 = 0x7f lsi_reg_write Write reg GPREG 0x7 = 0x7e lsi_execute_script SCRIPTS dsp=0x198008 opcode 0x6200 arg 0x0 lsi_execute_script_io_clear Clear TM lsi_execute_script SCRIPTS dsp=0x198010 opcode 0x4000 arg 0x198208 lsi_execute_script_io_alreadyreselected Already reselected, jumping to alternative address lsi_execute_script SCRIPTS dsp=0x198208 opcode 0x800a arg 0x1982e0 lsi_execute_script_tc_compp Compare phase MSGIN == DOUT lsi_execute_script_tc_cc_failed Control condition failed lsi_execute_script SCRIPTS dsp=0x198210 opcode 0x810a arg 0x198280 lsi_execute_script_tc_compp Compare phase MSGIN == DIN lsi_execute_script_tc_cc_failed Control condition failed lsi_execute_script SCRIPTS dsp=0x198218 opcode 0x830a arg 0x198340 lsi_execute_script_tc_compp Compare phase MSGIN == STATUS lsi_execute_script_tc_cc_failed Control condition failed lsi_execute_script SCRIPTS dsp=0x198220 opcode 0x820a arg 0x1981f8 lsi_execute_script_tc_compp Compare phase MSGIN == CMD lsi_execute_script_tc_cc_failed Control condition failed lsi_execute_script SCRIPTS dsp=0x198228 opcode 0x860a arg 0x198060 lsi_execute_script_tc_compp Compare phase MSGIN == MSGOUT lsi_execute_script_tc_cc_failed Control condition failed lsi_execute_script SCRIPTS dsp=0x198230 opcode 0x870a arg 0x1980c0 lsi_execute_script_tc_compp Compare phase MSGIN == MSGIN lsi_execute_script_tc_jump Jump to 0x1980c0 lsi_execute_script SCRIPTS dsp=0x1980c0 opcode 0xf01 arg 0x199040 lsi_do_msgin Message in len=1 2 lsi_execute_script SCRIPTS dsp=0x1980c8 opcode 0x800c arg 0x198398 lsi_execute_script_tc_compd Compare data 0x0 & 0xff == 0x0 lsi_execute_script_tc_jump Jump to 0x198398 lsi_execute_script SCRIPTS dsp=0x198398 opcode 0x7c027f00 arg 0x0 lsi_execute_script_io_opcode Read-Modify-Write reg 0x2 AND data8=0x7f sfbr=0x00 lsi_reg_read Read reg SCNTL2 0x2 = 0x00 lsi_reg_write Write reg SCNTL2 0x2 = 0x00 lsi_execute_script SCRIPTS dsp=0x1983a0 opcode 0x6048 arg 0x0 lsi_execute_script_io_clear Clear ATN ACK lsi_execute_script SCRIPTS dsp=0x1983a8 opcode 0x4800 arg 0x0 lsi_execute_script_io_disconnect Wait Disconnect lsi_execute_script SCRIPTS dsp=0x1983b0 opcode 0x7a070100 arg 0x0 lsi_execute_script_io_opcode Read-Modify-Write reg 0x7 OR data8=0x01 sfbr=0x00 lsi_reg_read Read reg GPREG 0x7 = 0x7f lsi_reg_write Write reg GPREG 0x7 = 0x7f lsi_execute_script SCRIPTS dsp=0x1983b8 opcode 0x9808 arg 0x10 lsi_execute_script_tc_interrupt Interrupt 0x10 lsi_script_dma_interrupt DMA Interrupt 0x4 prev 0x0 lsi_update_irq Update IRQ level 1 dstat 0x04 sist 0x000x00 lsi_execute_script_stop SCRIPTS execution stopped lsi_reg_read Read reg ISTAT 0x14 = 0x01 lsi_update_irq Update IRQ level 0 dstat 0x00 sist 0x000x00 lsi_reg_read Read reg DSTAT 0xc = 0x84 lsi_reg_read Read reg DSPS0 0x30 = 0x10 lsi_reg_read Read reg DSPS1 0x31 = 0x00 lsi_reg_read Read reg DSPS2 0x32 = 0x00 lsi_reg_read Read reg DSPS3 0x33 = 0x00 lsi_reg_write Write reg SIEN0 0x40 = 0x84 lsi_reg_write Write reg SIEN1 0x41 = 0x04 lsi_reg_write Write reg DIEN 0x39 = 0xff lsi_reg_write Write reg DSP0 0x2c = 0x00 lsi_reg_write Write reg DSP1 0x2d = 0x80 lsi_reg_write Write reg DSP2 0x2e = 0x19 lsi_reg_write Write reg DSP3 0x2f = 0x00 lsi_execute_script SCRIPTS dsp=0x198000 opcode 0x7c07fe00 arg 0x0 lsi_execute_script_io_opcode Read-Modify-Write reg 0x7 AND data8=0xfe sfbr=0x00 lsi_reg_read Read reg GPREG 0x7 = 0x7f lsi_reg_write Write reg GPREG 0x7 = 0x7e lsi_execute_script SCRIPTS dsp=0x198008 opcode 0x6200 arg 0x0 lsi_execute_script_io_clear Clear TM lsi_execute_script SCRIPTS dsp=0x198010 opcode 0x4000 arg 0x198208 lsi_execute_script_io_selected Selected target 0 lsi_execute_script SCRIPTS dsp=0x198018 opcode 0x8008 arg 0x1981f8 lsi_execute_script_tc_jump Jump to 0x1981f8 lsi_execute_script SCRIPTS dsp=0x1981f8 opcode 0xa06 arg 0x199000 lsi_execute_script_blockmove_badphase Wrong phase got MSGOUT expected CMD lsi_script_scsi_interrupt SCSI Interrupt 0x000x80 prev 0x000x00 lsi_update_irq Update IRQ level 1 dstat 0x00 sist 0x000x80 lsi_execute_script_stop
Re: lsi53c895a assert with AmigaOS
BALATON Zoltan writes:
> AmigaOS4 also has a driver for this card so I've tried to test it but
> it trips an assert. Does anybody have an idea why and how it could be
> fixed? Sven's recent patches don't seem to have an effect on this, it
> still happens shortly after it tries to access the SCSI device with
> those patches applied. (Unfortunately AmigaOS is not freely available
> so it's a bit hard to reproduce but I can do tests if needed.) I got
> the following traces:
> [..]
> lsi_do_command Send command len=6
> qemu-system-ppc: ../hw/scsi/lsi53c895a.c:863: lsi_do_command: Assertion
> `s->current == NULL' failed.
>
> Any idea what could it be and what could be done about it?
I think the Host is resetting the SCSI controller while it still has
some request pending. I made a hack to work around that bug, but so
far i haven't spent the time to verify whether it's correct or whether
there are additional changes required. Here it is:
>From 6a807653679fde5e3e09a7f27576c673f335fef6 Mon Sep 17 00:00:00 2001
From: Sven Schnelle
Date: Sat, 3 Feb 2024 19:46:07 +0100
Subject: [PATCH] lsi53c895a: free pending requests on reset
Signed-off-by: Sven Schnelle
---
hw/scsi/lsi53c895a.c | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index d607a5f9fb..c6bd801a7e 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -346,6 +346,8 @@ static lsi_request *get_pending_req(LSIState *s)
static void lsi_soft_reset(LSIState *s)
{
+lsi_request *p, *p_next;
+
trace_lsi_reset();
s->carry = 0;
@@ -413,8 +415,14 @@ static void lsi_soft_reset(LSIState *s)
s->sbc = 0;
s->csbc = 0;
s->sbr = 0;
-assert(QTAILQ_EMPTY(&s->queue));
-assert(!s->current);
+
+QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
+scsi_req_cancel(p->req);
+}
+
+if (s->current)
+scsi_req_cancel(s->current->req);
+s->current = NULL;
}
static int lsi_dma_40bit(LSIState *s)
@@ -860,7 +868,9 @@ static void lsi_do_command(LSIState *s)
return;
}
-assert(s->current == NULL);
+if (s->current)
+scsi_req_cancel(s->current->req);
+
s->current = g_new0(lsi_request, 1);
s->current->tag = s->select_tag;
s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
--
2.43.2
Re: lsi53c895a assert with AmigaOS
On Sun, 3 Mar 2024, Sven Schnelle wrote:
BALATON Zoltan writes:
AmigaOS4 also has a driver for this card so I've tried to test it but
it trips an assert. Does anybody have an idea why and how it could be
fixed? Sven's recent patches don't seem to have an effect on this, it
still happens shortly after it tries to access the SCSI device with
those patches applied. (Unfortunately AmigaOS is not freely available
so it's a bit hard to reproduce but I can do tests if needed.) I got
the following traces:
[..]
lsi_do_command Send command len=6
qemu-system-ppc: ../hw/scsi/lsi53c895a.c:863: lsi_do_command: Assertion
`s->current == NULL' failed.
Any idea what could it be and what could be done about it?
I think the Host is resetting the SCSI controller while it still has
some request pending. I made a hack to work around that bug, but so
far i haven't spent the time to verify whether it's correct or whether
there are additional changes required. Here it is:
This does avoid the assert and now it boots but then can't read the scsi
device. (I've tried with a scsi-cd with an iso image and it thinks it's an
audio CD and cannot read data from it). Maybe something else is needed but
this seems to go one step further. However I don't see "lsi_reset Reset"
traces other than once when the driver starts so not sure it's really
related to reset. Could it be that the driver expects it to be able to
send commands while another one is still processing so the pending one
would need to be put back in the queue instead of cancelling ir? But I
don't know how to do that so cannot try unless you can give me a patch.
Regards,
BALATON Zoltan
From 6a807653679fde5e3e09a7f27576c673f335fef6 Mon Sep 17 00:00:00 2001
From: Sven Schnelle
Date: Sat, 3 Feb 2024 19:46:07 +0100
Subject: [PATCH] lsi53c895a: free pending requests on reset
Signed-off-by: Sven Schnelle
---
hw/scsi/lsi53c895a.c | 16 +---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/hw/scsi/lsi53c895a.c b/hw/scsi/lsi53c895a.c
index d607a5f9fb..c6bd801a7e 100644
--- a/hw/scsi/lsi53c895a.c
+++ b/hw/scsi/lsi53c895a.c
@@ -346,6 +346,8 @@ static lsi_request *get_pending_req(LSIState *s)
static void lsi_soft_reset(LSIState *s)
{
+lsi_request *p, *p_next;
+
trace_lsi_reset();
s->carry = 0;
@@ -413,8 +415,14 @@ static void lsi_soft_reset(LSIState *s)
s->sbc = 0;
s->csbc = 0;
s->sbr = 0;
-assert(QTAILQ_EMPTY(&s->queue));
-assert(!s->current);
+
+QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
+scsi_req_cancel(p->req);
+}
+
+if (s->current)
+scsi_req_cancel(s->current->req);
+s->current = NULL;
}
static int lsi_dma_40bit(LSIState *s)
@@ -860,7 +868,9 @@ static void lsi_do_command(LSIState *s)
return;
}
-assert(s->current == NULL);
+if (s->current)
+scsi_req_cancel(s->current->req);
+
s->current = g_new0(lsi_request, 1);
s->current->tag = s->select_tag;
s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
Re: [PATCH RFC] hppa: assemble_16() in wide mode
On 3/2/24 07:21, Sven Schnelle wrote: Hi Richard, while looking into a HPPA tcg issue i noticed that the current tcg code doesn't do the special wide mode handling described in the Parisc 2.0 specification, Chapter E -> assemble_16(). In wide mode, assemble_16() adds two more bits to the immediate value/displacement of certain instruction like ldo(ldi), st[bhwd] and ld[bhwd] and some others. I wonder what the easiest way to implement this is - it has to be xor'd and is dependend on the W bit, so i don't think it will be possible to implement this with changing only insn.decode. I came up with the attached patch, do you think there's a better way? Yes, it is possible to do this with decodetree. I'll whip something up. r~
Re: [PATCH 1/5] target/hppa: Fix unaligned double word accesses for hppa64
On 3/2/24 12:35, del...@kernel.org wrote:
From: Guenter Roeck
Unaligned 64-bit accesses were found in Linux to clobber carry bits,
resulting in bad results if an arithmetic operation involving a
carry bit was executed after an unaligned 64-bit operation.
hppa 2.0 defines additional carry bits in PSW register bits 32..39.
When restoring PSW after executing an unaligned instruction trap,
those bits were not cleared and ended up to be active all the time.
Clearing bit 32..39 in psw prior to restoring it solves the problem.
Fixes: 931adff31478 ("target/hppa: Update cpu_hppa_get/put_psw for hppa64")
Cc: Richard Henderson
Cc: Charlie Jenkins
Cc: Helge Deller
Signed-off-by: Guenter Roeck
Reviewed-by: Richard Henderson
---
target/hppa/helper.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index 859644c47a..7b798d1227 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -76,7 +76,12 @@ void cpu_hppa_put_psw(CPUHPPAState *env, target_ulong psw)
}
psw &= ~reserved;
-env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+if (hppa_is_pa20(env)) {
+env->psw = psw & ~(PSW_N | PSW_V | PSW_CB | 0xffull);
+} else {
+env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+}
https://patchew.org/QEMU/20240217015811.1975411-1-li...@roeck-us.net/
was the better version.
r~
[PATCH 0/3] target/hppa: Fix some wide mode displacements
As reported by Sven Schnelle, fixed via decodetree functions. r~ Richard Henderson (3): target/hppa: Fix assemble_16 insns for wide mode target/hppa: Fix assemble_11a insns for wide mode target/hppa: Fix assemble_12a insns for wide mode target/hppa/insns.decode | 49 +++- target/hppa/translate.c | 61 2 files changed, 84 insertions(+), 26 deletions(-) -- 2.34.1
[PATCH 3/3] target/hppa: Fix assemble_12a insns for wide mode
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
---
target/hppa/insns.decode | 27 ---
target/hppa/translate.c | 17 +
2 files changed, 33 insertions(+), 11 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index 9c6f92444c..5412ff9836 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -26,7 +26,7 @@
%assemble_11a 4:12 0:1 !function=expand_11a
%assemble_120:s1 2:1 3:10!function=expand_shl2
-%assemble_12a 0:s1 3:11!function=expand_shl2
+%assemble_12a 3:13 0:1 !function=expand_12a
%assemble_160:16 !function=expand_16
%assemble_170:s1 16:5 2:1 3:10 !function=expand_shl2
%assemble_220:s1 16:10 2:1 3:10 !function=expand_shl2
@@ -314,8 +314,9 @@ fstd001011 . . .. . 1 -- 100 0 . .
@fldstdi
@ldstim14m .. b:5 t:5 \
&ldst sp=%assemble_sp disp=%assemble_16 \
x=0 scale=0 m=%neg_to_m
-@ldstim12m .. b:5 t:5 sp:2 .. \
-&ldst disp=%assemble_12a x=0 scale=0 m=%pos_to_m
+@ldstim12m .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_12a \
+x=0 scale=0 m=%pos_to_m
# LDB, LDH, LDW, LDWM
ld 01 . . .. ..@ldstim14 size=0
@@ -331,15 +332,19 @@ st 011010 . . .. ..
@ldstim14 size=2
st 011011 . . .. ..@ldstim14m size=2
st 01 . . .. ...10.@ldstim12m size=2
-fldw010110 b:5 . sp:2 ..\
-&ldst disp=%assemble_12a t=%rm64 m=%a_to_m x=0 scale=0 size=2
-fldw010111 b:5 . sp:2 ...0..\
-&ldst disp=%assemble_12a t=%rm64 m=0 x=0 scale=0 size=2
+fldw010110 b:5 . \
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=%a_to_m x=0 scale=0 size=2
+fldw010111 b:5 . .0..\
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=0 x=0 scale=0 size=2
-fstw00 b:5 . sp:2 ..\
-&ldst disp=%assemble_12a t=%rm64 m=%a_to_m x=0 scale=0 size=2
-fstw01 b:5 . sp:2 ...0..\
-&ldst disp=%assemble_12a t=%rm64 m=0 x=0 scale=0 size=2
+fstw00 b:5 . \
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=%a_to_m x=0 scale=0 size=2
+fstw01 b:5 . .0..\
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=0 x=0 scale=0 size=2
ld 010100 . . .. 0.@ldstim11
fldd010100 . . .. 1.@ldstim11
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 6dcc74e681..1ef266c403 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -155,6 +155,23 @@ static int expand_11a(DisasContext *ctx, int val)
return i;
}
+/* Expander for assemble_16a(s,im11a,i). */
+static int expand_12a(DisasContext *ctx, int val)
+{
+/*
+ * @val is bit 0 and bits [3:15].
+ * Swizzle thing around depending on PSW.W.
+ */
+int im11a = extract32(val, 1, 11);
+int sp = extract32(val, 12, 2);
+int i = (-(val & 1) << 13) | (im11a << 2);
+
+if (ctx->tb_flags & PSW_W) {
+i ^= sp << 13;
+}
+return i;
+}
+
/* Expander for assemble_16(s,im14). */
static int expand_16(DisasContext *ctx, int val)
{
--
2.34.1
[PATCH 1/3] target/hppa: Fix assemble_16 insns for wide mode
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
---
target/hppa/insns.decode | 15 +--
target/hppa/translate.c | 21 +
2 files changed, 30 insertions(+), 6 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index f5a3f02fd1..0d9f8159ec 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -27,13 +27,14 @@
%assemble_11a 0:s1 4:10!function=expand_shl3
%assemble_120:s1 2:1 3:10!function=expand_shl2
%assemble_12a 0:s1 3:11!function=expand_shl2
+%assemble_160:16 !function=expand_16
%assemble_170:s1 16:5 2:1 3:10 !function=expand_shl2
%assemble_220:s1 16:10 2:1 3:10 !function=expand_shl2
+%assemble_sp14:2 !function=sp0_if_wide
%assemble_210:s1 1:11 14:2 16:5 12:2 !function=expand_shl11
%lowsign_11 0:s1 1:10
-%lowsign_14 0:s1 1:13
%sm_imm 16:10 !function=expand_sm_imm
@@ -221,7 +222,7 @@ sub_b_tsv 10 . . 110100 . .
@rrr_cf_d
ldil001000 t:5 .i=%assemble_21
addil 001010 r:5 .i=%assemble_21
-ldo 001101 b:5 t:5 -- ..i=%lowsign_14
+ldo 001101 b:5 t:5 i=%assemble_16
addi101101 . . 0 ... @rri_cf
addi_tsv101101 . . 1 ... @rri_cf
@@ -306,10 +307,12 @@ fstd001011 . . .. . 1 -- 100 0 .
. @fldstdi
@ldstim11 .. b:5 t:5 sp:2 .. \
&ldst disp=%assemble_11a m=%ma2_to_m x=0 scale=0 size=3
-@ldstim14 .. b:5 t:5 sp:2 .. \
-&ldst disp=%lowsign_14 x=0 scale=0 m=0
-@ldstim14m .. b:5 t:5 sp:2 .. \
-&ldst disp=%lowsign_14 x=0 scale=0 m=%neg_to_m
+@ldstim14 .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_16 \
+x=0 scale=0 m=0
+@ldstim14m .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_16 \
+x=0 scale=0 m=%neg_to_m
@ldstim12m .. b:5 t:5 sp:2 .. \
&ldst disp=%assemble_12a x=0 scale=0 m=%pos_to_m
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 01f3188656..585d836959 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -144,6 +144,27 @@ static int assemble_6(DisasContext *ctx, int val)
return (val ^ 31) + 1;
}
+/* Expander for assemble_16(s,im14). */
+static int expand_16(DisasContext *ctx, int val)
+{
+/*
+ * @val is bits [0:15], containing both im14 and s.
+ * Swizzle thing around depending on PSW.W.
+ */
+int i = (-(val & 1) << 13) | extract32(val, 1, 13);
+
+if (ctx->tb_flags & PSW_W) {
+i ^= val & (3 << 13);
+}
+return i;
+}
+
+/* The sp field is only present with !PSW_W. */
+static int sp0_if_wide(DisasContext *ctx, int sp)
+{
+return ctx->tb_flags & PSW_W ? 0 : sp;
+}
+
/* Translate CMPI doubleword conditions to standard. */
static int cmpbid_c(DisasContext *ctx, int val)
{
--
2.34.1
[PATCH 2/3] target/hppa: Fix assemble_11a insns for wide mode
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
---
target/hppa/insns.decode | 7 ---
target/hppa/translate.c | 23 +--
2 files changed, 21 insertions(+), 9 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index 0d9f8159ec..9c6f92444c 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -24,7 +24,7 @@
%assemble_sr3 13:1 14:2
%assemble_sr3x 13:1 14:2 !function=expand_sr3x
-%assemble_11a 0:s1 4:10!function=expand_shl3
+%assemble_11a 4:12 0:1 !function=expand_11a
%assemble_120:s1 2:1 3:10!function=expand_shl2
%assemble_12a 0:s1 3:11!function=expand_shl2
%assemble_160:16 !function=expand_16
@@ -305,8 +305,9 @@ fstd001011 . . .. . 1 -- 100 0 . .
@fldstdi
# Offset Mem
-@ldstim11 .. b:5 t:5 sp:2 .. \
-&ldst disp=%assemble_11a m=%ma2_to_m x=0 scale=0 size=3
+@ldstim11 .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_11a \
+m=%ma2_to_m x=0 scale=0 size=3
@ldstim14 .. b:5 t:5 \
&ldst sp=%assemble_sp disp=%assemble_16 \
x=0 scale=0 m=0
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 585d836959..6dcc74e681 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -121,12 +121,6 @@ static int expand_shl2(DisasContext *ctx, int val)
return val << 2;
}
-/* Used for fp memory ops. */
-static int expand_shl3(DisasContext *ctx, int val)
-{
-return val << 3;
-}
-
/* Used for assemble_21. */
static int expand_shl11(DisasContext *ctx, int val)
{
@@ -144,6 +138,23 @@ static int assemble_6(DisasContext *ctx, int val)
return (val ^ 31) + 1;
}
+/* Expander for assemble_16a(s,cat(im10a,0),i). */
+static int expand_11a(DisasContext *ctx, int val)
+{
+/*
+ * @val is bit 0 and bits [4:15].
+ * Swizzle thing around depending on PSW.W.
+ */
+int im10a = extract32(val, 1, 10);
+int sp = extract32(val, 11, 2);
+int i = (-(val & 1) << 13) | (im10a << 3);
+
+if (ctx->tb_flags & PSW_W) {
+i ^= sp << 13;
+}
+return i;
+}
+
/* Expander for assemble_16(s,im14). */
static int expand_16(DisasContext *ctx, int val)
{
--
2.34.1
Re: [PATCH 2/5] target/hppa: Restore unwind_breg before calculating ior
On 3/2/24 12:35, del...@kernel.org wrote:
From: Helge Deller
When calculating the IOR for the exception handlers, the current
unwind_breg value is needed on 64-bit hppa machines.
Restore that value by calling cpu_restore_state() earlier, which in turn
calls hppa_restore_state_to_opc() which restores the unwind_breg for the
current instruction.
Signed-off-by: Helge Deller
Fixes: 3824e0d643f3 ("target/hppa: Export function hppa_set_ior_and_isr()")
---
target/hppa/cpu.c| 3 ++-
target/hppa/mem_helper.c | 3 ++-
target/hppa/op_helper.c | 3 ++-
3 files changed, 6 insertions(+), 3 deletions(-)
Reviewed-by: Richard Henderson
r~
Re: [PATCH 3/5] pc-bios/meson: Add hppa-firmware64.img blob
On 3/2/24 12:35, del...@kernel.org wrote:
From: Helge Deller
Add the missing 64-bit hppa firmware blob so that it gets installed.
Signed-off-by: Helge Deller
Fixes: 7c0dfcf9395e ("target/hppa: Update SeaBIOS-hppa to version 16")
---
pc-bios/meson.build | 1 +
1 file changed, 1 insertion(+)
Reviewed-by: Richard Henderson
r~
Re: [PATCH 4/5] pc-bios/README: Add information about hppa-firmware
On 3/2/24 12:35, del...@kernel.org wrote: From: Helge Deller Signed-off-by: Helge Deller --- pc-bios/README | 6 ++ 1 file changed, 6 insertions(+) Reviewed-by: Richard Henderson r~
Re: [PATCH 5/5] roms/hppa: Add build rules for hppa-firmware
On 3/2/24 12:35, del...@kernel.org wrote: From: Helge Deller Signed-off-by: Helge Deller Suggested-by: Michael Tokarev --- roms/Makefile | 7 +++ 1 file changed, 7 insertions(+) Reviewed-by: Richard Henderson r~
Re: [PATCH 1/5] target/hppa: Fix unaligned double word accesses for hppa64
On 3/3/24 03:10, Richard Henderson wrote:
On 3/2/24 12:35, del...@kernel.org wrote:
From: Guenter Roeck
Unaligned 64-bit accesses were found in Linux to clobber carry bits,
resulting in bad results if an arithmetic operation involving a
carry bit was executed after an unaligned 64-bit operation.
hppa 2.0 defines additional carry bits in PSW register bits 32..39.
When restoring PSW after executing an unaligned instruction trap,
those bits were not cleared and ended up to be active all the time.
Clearing bit 32..39 in psw prior to restoring it solves the problem.
Fixes: 931adff31478 ("target/hppa: Update cpu_hppa_get/put_psw for hppa64")
Cc: Richard Henderson
Cc: Charlie Jenkins
Cc: Helge Deller
Signed-off-by: Guenter Roeck
Reviewed-by: Richard Henderson
---
target/hppa/helper.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index 859644c47a..7b798d1227 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -76,7 +76,12 @@ void cpu_hppa_put_psw(CPUHPPAState *env, target_ulong psw)
}
psw &= ~reserved;
- env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+ if (hppa_is_pa20(env)) {
+ env->psw = psw & ~(PSW_N | PSW_V | PSW_CB | 0xffull);
+ } else {
+ env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+ }
https://patchew.org/QEMU/20240217015811.1975411-1-li...@roeck-us.net/
was the better version.
Oh, yes. Will use that one in the pull request.
Thanks!
Helge
[PULL 1/5] target: hppa: Fix unaligned double word accesses for hppa64
From: Guenter Roeck
Unaligned 64-bit accesses were found in Linux to clobber carry bits,
resulting in bad results if an arithmetic operation involving a
carry bit was executed after an unaligned 64-bit operation.
hppa 2.0 defines additional carry bits in PSW register bits 32..39.
When restoring PSW after executing an unaligned instruction trap, those
bits were not cleared and ended up to be active all the time. Since there
are no bits other than the upper carry bits needed in the upper 32 bit of
env->psw and since those are stored in env->psw_cb, just clear the entire
upper 32 bit when storing psw to solve the problem unconditionally.
Fixes: 931adff31478 ("target/hppa: Update cpu_hppa_get/put_psw for hppa64")
Cc: Richard Henderson
Cc: Charlie Jenkins
Cc: Helge Deller
Reviewed-by: Richard Henderson
Signed-off-by: Guenter Roeck
Signed-off-by: Helge Deller
---
target/hppa/helper.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index 859644c47a..9d217d051c 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -76,7 +76,8 @@ void cpu_hppa_put_psw(CPUHPPAState *env, target_ulong psw)
}
psw &= ~reserved;
-env->psw = psw & ~(PSW_N | PSW_V | PSW_CB);
+env->psw = psw & (uint32_t)~(PSW_N | PSW_V | PSW_CB);
+
env->psw_n = (psw / PSW_N) & 1;
env->psw_v = -((psw / PSW_V) & 1);
--
2.44.0
[PULL 5/5] roms/hppa: Add build rules for hppa-firmware
From: Helge Deller Signed-off-by: Helge Deller Suggested-by: Michael Tokarev Reviewed-by: Richard Henderson --- roms/Makefile | 7 +++ 1 file changed, 7 insertions(+) diff --git a/roms/Makefile b/roms/Makefile index 67f709ba2d..8e5d8d26a9 100644 --- a/roms/Makefile +++ b/roms/Makefile @@ -68,6 +68,7 @@ default help: @echo " opensbi32-generic -- update OpenSBI for 32-bit generic machine" @echo " opensbi64-generic -- update OpenSBI for 64-bit generic machine" @echo " qboot -- update qboot" + @echo " hppa-firmware -- update 32- and 64-bit hppa firmware" @echo " clean -- delete the files generated by the previous" \ "build targets" @@ -177,6 +178,11 @@ npcm7xx_bootrom: $(MAKE) -C vbootrom CROSS_COMPILE=$(arm_cross_prefix) cp vbootrom/npcm7xx_bootrom.bin ../pc-bios/npcm7xx_bootrom.bin +hppa-firmware: + $(MAKE) -C seabios-hppa parisc + cp seabios-hppa/out/hppa-firmware.img ../pc-bios/ + cp seabios-hppa/out-64/hppa-firmware64.img ../pc-bios/ + clean: rm -rf seabios/.config seabios/out seabios/builds $(MAKE) -C ipxe/src veryclean @@ -189,3 +195,4 @@ clean: $(MAKE) -C opensbi clean $(MAKE) -C qboot clean $(MAKE) -C vbootrom clean + $(MAKE) -C seabios-hppa clean -- 2.44.0
[PULL 4/5] pc-bios/README: Add information about hppa-firmware
From: Helge Deller Signed-off-by: Helge Deller Reviewed-by: Richard Henderson --- pc-bios/README | 6 ++ 1 file changed, 6 insertions(+) diff --git a/pc-bios/README b/pc-bios/README index b8a0210d24..7ffb2f43a4 100644 --- a/pc-bios/README +++ b/pc-bios/README @@ -75,3 +75,9 @@ initialize and run boot images stored in SPI flash, but may grow more features over time as needed. The source code is available at: https://github.com/google/vbootrom + +- hppa-firmware.img (32-bit) and hppa-firmware64.img (64-bit) are firmware + files for the HP-PARISC (hppa) architecture. + They are built form the SeaBIOS-hppa sources, which is a fork of SeaBIOS + adapted for hppa. + SeaBIOS-hppa is available at https://github.com/hdeller/seabios-hppa -- 2.44.0
[PULL 0/5] Hppa latest patches
From: Helge Deller The following changes since commit e1007b6bab5cf97705bf4f2aaec1f607787355b8: Merge tag 'pull-request-2024-03-01' of https://gitlab.com/thuth/qemu into staging (2024-03-01 10:14:32 +) are available in the Git repository at: https://github.com/hdeller/qemu-hppa.git tags/hppa-latest-pull-request for you to fetch changes up to 839a88e8bd1a1efe05844c39a59985482894f4de: roms/hppa: Add build rules for hppa-firmware (2024-03-03 06:41:19 +0100) HPPA64 updates Guenter Roeck (1): target: hppa: Fix unaligned double word accesses for hppa64 Helge Deller (4): target/hppa: Restore unwind_breg before calculating ior pc-bios/meson: Add hppa-firmware64.img blob pc-bios/README: Add information about hppa-firmware roms/hppa: Add build rules for hppa-firmware pc-bios/README | 6 ++ pc-bios/meson.build | 1 + roms/Makefile| 7 +++ target/hppa/cpu.c| 3 ++- target/hppa/helper.c | 3 ++- target/hppa/mem_helper.c | 3 ++- target/hppa/op_helper.c | 3 ++- 7 files changed, 22 insertions(+), 4 deletions(-) -- 2.44.0
[PULL 3/5] pc-bios/meson: Add hppa-firmware64.img blob
From: Helge Deller
Add the missing 64-bit hppa firmware blob so that it gets installed.
Signed-off-by: Helge Deller
Fixes: 7c0dfcf9395e ("target/hppa: Update SeaBIOS-hppa to version 16")
Reviewed-by: Richard Henderson
---
pc-bios/meson.build | 1 +
1 file changed, 1 insertion(+)
diff --git a/pc-bios/meson.build b/pc-bios/meson.build
index e67fa433a1..0760612bea 100644
--- a/pc-bios/meson.build
+++ b/pc-bios/meson.build
@@ -73,6 +73,7 @@ blobs = [
'qemu_vga.ndrv',
'edk2-licenses.txt',
'hppa-firmware.img',
+ 'hppa-firmware64.img',
'opensbi-riscv32-generic-fw_dynamic.bin',
'opensbi-riscv64-generic-fw_dynamic.bin',
'npcm7xx_bootrom.bin',
--
2.44.0
[PULL 2/5] target/hppa: Restore unwind_breg before calculating ior
From: Helge Deller
When calculating the IOR for the exception handlers, the current
unwind_breg value is needed on 64-bit hppa machines.
Restore that value by calling cpu_restore_state() earlier, which in turn
calls hppa_restore_state_to_opc() which restores the unwind_breg for the
current instruction.
Signed-off-by: Helge Deller
Fixes: 3824e0d643f3 ("target/hppa: Export function hppa_set_ior_and_isr()")
Reviewed-by: Richard Henderson
---
target/hppa/cpu.c| 3 ++-
target/hppa/mem_helper.c | 3 ++-
target/hppa/op_helper.c | 3 ++-
3 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
index afe73d4474..3831cb6db2 100644
--- a/target/hppa/cpu.c
+++ b/target/hppa/cpu.c
@@ -121,9 +121,10 @@ void hppa_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
CPUHPPAState *env = &cpu->env;
cs->exception_index = EXCP_UNALIGN;
+cpu_restore_state(cs, retaddr);
hppa_set_ior_and_isr(env, addr, MMU_IDX_MMU_DISABLED(mmu_idx));
-cpu_loop_exit_restore(cs, retaddr);
+cpu_loop_exit(cs);
}
#endif /* CONFIG_USER_ONLY */
diff --git a/target/hppa/mem_helper.c b/target/hppa/mem_helper.c
index 66b8fa7d72..3fc895c1c2 100644
--- a/target/hppa/mem_helper.c
+++ b/target/hppa/mem_helper.c
@@ -348,9 +348,10 @@ raise_exception_with_ior(CPUHPPAState *env, int excp,
uintptr_t retaddr,
CPUState *cs = env_cpu(env);
cs->exception_index = excp;
+cpu_restore_state(cs, retaddr);
hppa_set_ior_and_isr(env, addr, mmu_disabled);
-cpu_loop_exit_restore(cs, retaddr);
+cpu_loop_exit(cs);
}
void hppa_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
diff --git a/target/hppa/op_helper.c b/target/hppa/op_helper.c
index b1f24a5aad..480fe80844 100644
--- a/target/hppa/op_helper.c
+++ b/target/hppa/op_helper.c
@@ -351,11 +351,12 @@ target_ulong HELPER(probe)(CPUHPPAState *env,
target_ulong addr,
excp = hppa_get_physical_address(env, addr, mmu_idx, 0, &phys,
&prot, NULL);
if (excp >= 0) {
+cpu_restore_state(env_cpu(env), GETPC());
hppa_set_ior_and_isr(env, addr, MMU_IDX_MMU_DISABLED(mmu_idx));
if (excp == EXCP_DTLB_MISS) {
excp = EXCP_NA_DTLB_MISS;
}
-hppa_dynamic_excp(env, excp, GETPC());
+helper_excp(env, excp);
}
return (want & prot) != 0;
#endif
--
2.44.0
Re: [PATCH 1/3] target/hppa: Fix assemble_16 insns for wide mode
On 3/3/24 03:19, Richard Henderson wrote:
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
---
target/hppa/insns.decode | 15 +--
target/hppa/translate.c | 21 +
2 files changed, 30 insertions(+), 6 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index f5a3f02fd1..0d9f8159ec 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -27,13 +27,14 @@
%assemble_11a 0:s1 4:10!function=expand_shl3
%assemble_120:s1 2:1 3:10!function=expand_shl2
%assemble_12a 0:s1 3:11!function=expand_shl2
+%assemble_160:16 !function=expand_16
%assemble_170:s1 16:5 2:1 3:10 !function=expand_shl2
%assemble_220:s1 16:10 2:1 3:10 !function=expand_shl2
+%assemble_sp14:2 !function=sp0_if_wide
%assemble_210:s1 1:11 14:2 16:5 12:2 !function=expand_shl11
%lowsign_11 0:s1 1:10
-%lowsign_14 0:s1 1:13
%sm_imm 16:10 !function=expand_sm_imm
@@ -221,7 +222,7 @@ sub_b_tsv 10 . . 110100 . .
@rrr_cf_d
ldil001000 t:5 .i=%assemble_21
addil 001010 r:5 .i=%assemble_21
-ldo 001101 b:5 t:5 -- ..i=%lowsign_14
+ldo 001101 b:5 t:5 i=%assemble_16
addi101101 . . 0 ... @rri_cf
addi_tsv101101 . . 1 ... @rri_cf
@@ -306,10 +307,12 @@ fstd001011 . . .. . 1 -- 100 0 .
. @fldstdi
@ldstim11 .. b:5 t:5 sp:2 .. \
&ldst disp=%assemble_11a m=%ma2_to_m x=0 scale=0 size=3
-@ldstim14 .. b:5 t:5 sp:2 .. \
-&ldst disp=%lowsign_14 x=0 scale=0 m=0
-@ldstim14m .. b:5 t:5 sp:2 .. \
-&ldst disp=%lowsign_14 x=0 scale=0 m=%neg_to_m
+@ldstim14 .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_16 \
+x=0 scale=0 m=0
+@ldstim14m .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_16 \
+x=0 scale=0 m=%neg_to_m
@ldstim12m .. b:5 t:5 sp:2 .. \
&ldst disp=%assemble_12a x=0 scale=0 m=%pos_to_m
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 01f3188656..585d836959 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -144,6 +144,27 @@ static int assemble_6(DisasContext *ctx, int val)
return (val ^ 31) + 1;
}
+/* Expander for assemble_16(s,im14). */
+static int expand_16(DisasContext *ctx, int val)
+{
+/*
+ * @val is bits [0:15], containing both im14 and s.
+ * Swizzle thing around depending on PSW.W.
+ */
+int i = (-(val & 1) << 13) | extract32(val, 1, 13);
+
+if (ctx->tb_flags & PSW_W) {
+i ^= val & (3 << 13);
Patch boots when I change to:
+i ^= ((val >> 14) & 3) << 13;
Helge
+}
+return i;
+}
+
+/* The sp field is only present with !PSW_W. */
+static int sp0_if_wide(DisasContext *ctx, int sp)
+{
+return ctx->tb_flags & PSW_W ? 0 : sp;
+}
+
/* Translate CMPI doubleword conditions to standard. */
static int cmpbid_c(DisasContext *ctx, int val)
{
Re: [PATCH 2/3] target/hppa: Fix assemble_11a insns for wide mode
On 3/3/24 03:19, Richard Henderson wrote:
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
---
target/hppa/insns.decode | 7 ---
target/hppa/translate.c | 23 +--
2 files changed, 21 insertions(+), 9 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index 0d9f8159ec..9c6f92444c 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -24,7 +24,7 @@
%assemble_sr3 13:1 14:2
%assemble_sr3x 13:1 14:2 !function=expand_sr3x
-%assemble_11a 0:s1 4:10!function=expand_shl3
+%assemble_11a 4:12 0:1 !function=expand_11a
%assemble_120:s1 2:1 3:10!function=expand_shl2
%assemble_12a 0:s1 3:11!function=expand_shl2
%assemble_160:16 !function=expand_16
@@ -305,8 +305,9 @@ fstd001011 . . .. . 1 -- 100 0 . .
@fldstdi
# Offset Mem
-@ldstim11 .. b:5 t:5 sp:2 .. \
-&ldst disp=%assemble_11a m=%ma2_to_m x=0 scale=0 size=3
+@ldstim11 .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_11a \
+m=%ma2_to_m x=0 scale=0 size=3
@ldstim14 .. b:5 t:5 \
&ldst sp=%assemble_sp disp=%assemble_16 \
x=0 scale=0 m=0
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 585d836959..6dcc74e681 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -121,12 +121,6 @@ static int expand_shl2(DisasContext *ctx, int val)
return val << 2;
}
-/* Used for fp memory ops. */
-static int expand_shl3(DisasContext *ctx, int val)
-{
-return val << 3;
-}
-
/* Used for assemble_21. */
static int expand_shl11(DisasContext *ctx, int val)
{
@@ -144,6 +138,23 @@ static int assemble_6(DisasContext *ctx, int val)
return (val ^ 31) + 1;
}
+/* Expander for assemble_16a(s,cat(im10a,0),i). */
Typo above, should be assemble_11a().
Otherwise:
Tested-by: Helge Deller
Reviewed-by: Helge Deller
+static int expand_11a(DisasContext *ctx, int val)
+{
+/*
+ * @val is bit 0 and bits [4:15].
+ * Swizzle thing around depending on PSW.W.
+ */
+int im10a = extract32(val, 1, 10);
+int sp = extract32(val, 11, 2);
+int i = (-(val & 1) << 13) | (im10a << 3);
+
+if (ctx->tb_flags & PSW_W) {
+i ^= sp << 13;
+}
+return i;
+}
+
/* Expander for assemble_16(s,im14). */
static int expand_16(DisasContext *ctx, int val)
{
Re: [PATCH 2/3] target/hppa: Fix assemble_11a insns for wide mode
On 3/3/24 07:52, Helge Deller wrote:
On 3/3/24 03:19, Richard Henderson wrote:
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
---
target/hppa/insns.decode | 7 ---
target/hppa/translate.c | 23 +--
2 files changed, 21 insertions(+), 9 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index 0d9f8159ec..9c6f92444c 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -24,7 +24,7 @@
%assemble_sr3 13:1 14:2
%assemble_sr3x 13:1 14:2 !function=expand_sr3x
-%assemble_11a 0:s1 4:10 !function=expand_shl3
+%assemble_11a 4:12 0:1 !function=expand_11a
%assemble_12 0:s1 2:1 3:10 !function=expand_shl2
%assemble_12a 0:s1 3:11 !function=expand_shl2
%assemble_16 0:16 !function=expand_16
@@ -305,8 +305,9 @@ fstd 001011 . . .. . 1 -- 100 0 . .
@fldstdi
# Offset Mem
-@ldstim11 .. b:5 t:5 sp:2 .. \
- &ldst disp=%assemble_11a m=%ma2_to_m x=0 scale=0 size=3
+@ldstim11 .. b:5 t:5 \
+ &ldst sp=%assemble_sp disp=%assemble_11a \
+ m=%ma2_to_m x=0 scale=0 size=3
@ldstim14 .. b:5 t:5 \
&ldst sp=%assemble_sp disp=%assemble_16 \
x=0 scale=0 m=0
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 585d836959..6dcc74e681 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -121,12 +121,6 @@ static int expand_shl2(DisasContext *ctx, int val)
return val << 2;
}
-/* Used for fp memory ops. */
-static int expand_shl3(DisasContext *ctx, int val)
-{
- return val << 3;
-}
-
/* Used for assemble_21. */
static int expand_shl11(DisasContext *ctx, int val)
{
@@ -144,6 +138,23 @@ static int assemble_6(DisasContext *ctx, int val)
return (val ^ 31) + 1;
}
+/* Expander for assemble_16a(s,cat(im10a,0),i). */
Typo above, should be assemble_11a().
^^ Ignore that.
Helge
Otherwise:
Tested-by: Helge Deller
Reviewed-by: Helge Deller
+static int expand_11a(DisasContext *ctx, int val)
+{
+ /*
+ * @val is bit 0 and bits [4:15].
+ * Swizzle thing around depending on PSW.W.
+ */
+ int im10a = extract32(val, 1, 10);
+ int sp = extract32(val, 11, 2);
+ int i = (-(val & 1) << 13) | (im10a << 3);
+
+ if (ctx->tb_flags & PSW_W) {
+ i ^= sp << 13;
+ }
+ return i;
+}
+
/* Expander for assemble_16(s,im14). */
static int expand_16(DisasContext *ctx, int val)
{
Re: [PATCH 3/3] target/hppa: Fix assemble_12a insns for wide mode
On 3/3/24 03:19, Richard Henderson wrote:
Reported-by: Sven Schnelle
Signed-off-by: Richard Henderson
Tested-by: Helge Deller
---
target/hppa/insns.decode | 27 ---
target/hppa/translate.c | 17 +
2 files changed, 33 insertions(+), 11 deletions(-)
diff --git a/target/hppa/insns.decode b/target/hppa/insns.decode
index 9c6f92444c..5412ff9836 100644
--- a/target/hppa/insns.decode
+++ b/target/hppa/insns.decode
@@ -26,7 +26,7 @@
%assemble_11a 4:12 0:1 !function=expand_11a
%assemble_120:s1 2:1 3:10!function=expand_shl2
-%assemble_12a 0:s1 3:11!function=expand_shl2
+%assemble_12a 3:13 0:1 !function=expand_12a
%assemble_160:16 !function=expand_16
%assemble_170:s1 16:5 2:1 3:10 !function=expand_shl2
%assemble_220:s1 16:10 2:1 3:10 !function=expand_shl2
@@ -314,8 +314,9 @@ fstd001011 . . .. . 1 -- 100 0 . .
@fldstdi
@ldstim14m .. b:5 t:5 \
&ldst sp=%assemble_sp disp=%assemble_16 \
x=0 scale=0 m=%neg_to_m
-@ldstim12m .. b:5 t:5 sp:2 .. \
-&ldst disp=%assemble_12a x=0 scale=0 m=%pos_to_m
+@ldstim12m .. b:5 t:5 \
+&ldst sp=%assemble_sp disp=%assemble_12a \
+x=0 scale=0 m=%pos_to_m
# LDB, LDH, LDW, LDWM
ld 01 . . .. ..@ldstim14 size=0
@@ -331,15 +332,19 @@ st 011010 . . .. ..
@ldstim14 size=2
st 011011 . . .. ..@ldstim14m size=2
st 01 . . .. ...10.@ldstim12m size=2
-fldw010110 b:5 . sp:2 ..\
-&ldst disp=%assemble_12a t=%rm64 m=%a_to_m x=0 scale=0 size=2
-fldw010111 b:5 . sp:2 ...0..\
-&ldst disp=%assemble_12a t=%rm64 m=0 x=0 scale=0 size=2
+fldw010110 b:5 . \
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=%a_to_m x=0 scale=0 size=2
+fldw010111 b:5 . .0..\
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=0 x=0 scale=0 size=2
-fstw00 b:5 . sp:2 ..\
-&ldst disp=%assemble_12a t=%rm64 m=%a_to_m x=0 scale=0 size=2
-fstw01 b:5 . sp:2 ...0..\
-&ldst disp=%assemble_12a t=%rm64 m=0 x=0 scale=0 size=2
+fstw00 b:5 . \
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=%a_to_m x=0 scale=0 size=2
+fstw01 b:5 . .0..\
+&ldst disp=%assemble_12a sp=%assemble_sp \
+t=%rm64 m=0 x=0 scale=0 size=2
ld 010100 . . .. 0.@ldstim11
fldd010100 . . .. 1.@ldstim11
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index 6dcc74e681..1ef266c403 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -155,6 +155,23 @@ static int expand_11a(DisasContext *ctx, int val)
return i;
}
+/* Expander for assemble_16a(s,im11a,i). */
+static int expand_12a(DisasContext *ctx, int val)
+{
+/*
+ * @val is bit 0 and bits [3:15].
+ * Swizzle thing around depending on PSW.W.
+ */
+int im11a = extract32(val, 1, 11);
+int sp = extract32(val, 12, 2);
+int i = (-(val & 1) << 13) | (im11a << 2);
+
+if (ctx->tb_flags & PSW_W) {
+i ^= sp << 13;
+}
+return i;
+}
+
/* Expander for assemble_16(s,im14). */
static int expand_16(DisasContext *ctx, int val)
{
[Stable-7.2.10 53/54] tests/unit/test-blockjob: Disable complete_in_standby test
From: Peter Maydell
The blockjob/complete_in_standby test is flaky and fails
intermittently in CI:
172/621 qemu:unit / test-blockjob
ERROR 0.26s killed by signal 6 SIGABRT
11:03:46 MALLOC_PERTURB_=176
G_TEST_SRCDIR=/Users/pm215/src/qemu-for-merges/tests/unit
G_TEST_BUILDDIR=/Users/pm215/src/qemu-for-merges/build/all/tests/unit
/Users/pm215/src/qemu-for-merges/build/all/tests/unit/test-blockjob
--tap -k
--- output ---
stdout:
# random seed: R02S8c79d6e1c01ce0b25475b2210a253242
1..9
# Start of blockjob tests
ok 1 /blockjob/ids
stderr:
Assertion failed: (job->status == JOB_STATUS_STANDBY), function
test_complete_in_standby, file ../../tests/unit/test-blockjob.c, line
499.
Seen on macOS/x86_64, FreeBSD 13/x86_64, msys2-64bit, eg:
https://gitlab.com/qemu-project/qemu/-/jobs/3872508803
https://gitlab.com/qemu-project/qemu/-/jobs/3950667240
Disable this subtest until somebody has time to investigate.
Signed-off-by: Peter Maydell
Message-Id: <20230317143534.1481947-1-peter.mayd...@linaro.org>
Signed-off-by: Thomas Huth
(cherry picked from commit b6903cbe3a2e3feb7204636209b5607e70fee998)
Signed-off-by: Michael Tokarev
diff --git a/tests/unit/test-blockjob.c b/tests/unit/test-blockjob.c
index c0426bd10c..a130f6fefb 100644
--- a/tests/unit/test-blockjob.c
+++ b/tests/unit/test-blockjob.c
@@ -531,6 +531,13 @@ int main(int argc, char **argv)
g_test_add_func("/blockjob/cancel/standby", test_cancel_standby);
g_test_add_func("/blockjob/cancel/pending", test_cancel_pending);
g_test_add_func("/blockjob/cancel/concluded", test_cancel_concluded);
-g_test_add_func("/blockjob/complete_in_standby", test_complete_in_standby);
+
+/*
+ * This test is flaky and sometimes fails in CI and otherwise:
+ * don't run unless user opts in via environment variable.
+ */
+if (getenv("QEMU_TEST_FLAKY_TESTS")) {
+g_test_add_func("/blockjob/complete_in_standby",
test_complete_in_standby);
+}
return g_test_run();
}
--
2.39.2
[Stable-7.2.10 50/54] tests/unit/test-util-sockets: Remove temporary file after test
From: Thomas Huth
test-util-sockets leaves the temporary socket files around in the
temporary files folder. Let's better remove them at the end of the
testing.
Fixes: 4d3a329af5 ("tests/util-sockets: add abstract unix socket cases")
Message-ID: <20240226082728.249753-1-th...@redhat.com>
Reviewed-by: Marc-André Lureau
Reviewed-by: Philippe Mathieu-Daudé
Signed-off-by: Thomas Huth
(cherry picked from commit f0cb6828ae34fb56fbb869bb3147a636d1c984ce)
Signed-off-by: Michael Tokarev
diff --git a/tests/unit/test-util-sockets.c b/tests/unit/test-util-sockets.c
index 63909ccb2b..4c9dd0b271 100644
--- a/tests/unit/test-util-sockets.c
+++ b/tests/unit/test-util-sockets.c
@@ -326,6 +326,7 @@ static void test_socket_unix_abstract(void)
test_socket_unix_abstract_row(&matrix[i]);
}
+unlink(addr.u.q_unix.path);
g_free(addr.u.q_unix.path);
}
--
2.39.2
[Stable-7.2.10 54/54] target/i386: the sgx_epc_get_section stub is reachable
From: Paolo Bonzini
The sgx_epc_get_section stub is reachable from cpu_x86_cpuid. It
should not assert, instead it should just return true just like
the "real" sgx_epc_get_section does when SGX is disabled.
Reported-by: Vladimír Beneš
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini
Message-ID: <20220201190941.106001-1-pbonz...@redhat.com>
Signed-off-by: Paolo Bonzini
(cherry picked from commit 219615740425d9683588207b40a365e6741691a6)
Signed-off-by: Michael Tokarev
diff --git a/hw/i386/sgx-stub.c b/hw/i386/sgx-stub.c
index 26833eb233..16b1dfd90b 100644
--- a/hw/i386/sgx-stub.c
+++ b/hw/i386/sgx-stub.c
@@ -34,5 +34,5 @@ void pc_machine_init_sgx_epc(PCMachineState *pcms)
bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
{
-g_assert_not_reached();
+return true;
}
--
2.39.2
[Stable-7.2.10 52/54] tests/qtest/display-vga-test: Add proper checks if a device is available
From: Thomas Huth
display-vga-test currently tries to guess the usable VGA devices
according to the target architecture that is used for the test.
This of course does not work if QEMU has been built with the
"--without-default-devices" configure switch. To fix this, use the
qtest_has_device() function for the decision instead. This way
we can also consolidate most of the test functions into one single
function (that takes a parameter with the device name now), except
for the multihead test that tries to instantiate two devices and
thus is a little bit different.
Message-Id: <20230130104446.1286773-4-th...@redhat.com>
Reviewed-by: Richard Henderson
Signed-off-by: Thomas Huth
(cherry picked from commit f2e57851b831922625f9d364d78c11a0258331a6)
Signed-off-by: Michael Tokarev
diff --git a/tests/qtest/display-vga-test.c b/tests/qtest/display-vga-test.c
index ace3bb28e0..75b341a9c6 100644
--- a/tests/qtest/display-vga-test.c
+++ b/tests/qtest/display-vga-test.c
@@ -8,61 +8,46 @@
*/
#include "qemu/osdep.h"
-#include "libqtest-single.h"
-
-static void pci_cirrus(void)
-{
-qtest_start("-vga none -device cirrus-vga");
-qtest_end();
-}
-
-static void pci_stdvga(void)
-{
-qtest_start("-vga none -device VGA");
-qtest_end();
-}
-
-static void pci_secondary(void)
-{
-qtest_start("-vga none -device secondary-vga");
-qtest_end();
-}
+#include "libqtest.h"
static void pci_multihead(void)
{
-qtest_start("-vga none -device VGA -device secondary-vga");
-qtest_end();
-}
+QTestState *qts;
-static void pci_virtio_gpu(void)
-{
-qtest_start("-vga none -device virtio-gpu-pci");
-qtest_end();
+qts = qtest_init("-vga none -device VGA -device secondary-vga");
+qtest_quit(qts);
}
-static void pci_virtio_vga(void)
+static void test_vga(gconstpointer data)
{
-qtest_start("-vga none -device virtio-vga");
-qtest_end();
+QTestState *qts;
+
+qts = qtest_initf("-vga none -device %s", (const char *)data);
+qtest_quit(qts);
}
int main(int argc, char **argv)
{
-const char *arch = qtest_get_arch();
+static const char *devices[] = {
+"cirrus-vga",
+"VGA",
+"secondary-vga",
+"virtio-gpu-pci",
+"virtio-vga"
+};
g_test_init(&argc, &argv, NULL);
-if (strcmp(arch, "alpha") == 0 || strcmp(arch, "i386") == 0 ||
-strcmp(arch, "mips") == 0 || strcmp(arch, "x86_64") == 0) {
-qtest_add_func("/display/pci/cirrus", pci_cirrus);
+for (int i = 0; i < ARRAY_SIZE(devices); i++) {
+if (qtest_has_device(devices[i])) {
+char *testpath = g_strdup_printf("/display/pci/%s", devices[i]);
+qtest_add_data_func(testpath, devices[i], test_vga);
+g_free(testpath);
+}
}
-qtest_add_func("/display/pci/stdvga", pci_stdvga);
-qtest_add_func("/display/pci/secondary", pci_secondary);
-qtest_add_func("/display/pci/multihead", pci_multihead);
-qtest_add_func("/display/pci/virtio-gpu", pci_virtio_gpu);
-if (g_str_equal(arch, "i386") || g_str_equal(arch, "x86_64") ||
-g_str_equal(arch, "hppa") || g_str_equal(arch, "ppc64")) {
-qtest_add_func("/display/pci/virtio-vga", pci_virtio_vga);
+
+if (qtest_has_device("secondary-vga")) {
+qtest_add_func("/display/pci/multihead", pci_multihead);
}
return g_test_run();
--
2.39.2
[Stable-7.2.10 49/54] hw/usb/bus.c: PCAP adding 0xA in Windows version
From: Benjamin David Lunt
Since Windows text files use CRLFs for all \n, the Windows version of QEMU
inserts a CR in the PCAP stream when a LF is encountered when using USB PCAP
files. This is due to the fact that the PCAP file is opened as TEXT instead
of BINARY.
To show an example, when using a very common protocol to USB disks, the BBB
protocol uses a 10-byte command packet. For example, the READ_CAPACITY(10)
command will have a command block length of 10 (0xA). When this 10-byte
command (part of the 31-byte CBW) is placed into the PCAP file, the Windows
file manager inserts a 0xD before the 0xA, turning the 31-byte CBW into a
32-byte CBW.
Actual CBW:
0040 55 53 42 43 01 00 00 00 08 00 00 00 80 00 0a 25 USBC...%
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ...
PCAP CBW
0040 55 53 42 43 01 00 00 00 08 00 00 00 80 00 0d 0a USBC
0050 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 %..
I believe simply opening the PCAP file as BINARY instead of TEXT will fix
this issue.
Resolves: https://bugs.launchpad.net/qemu/+bug/2054889
Signed-off-by: Benjamin David Lunt
Message-ID: <000101da6823$ce1bbf80$6a533e80$@fysnet.net>
[thuth: Break long line to avoid checkpatch.pl error]
Signed-off-by: Thomas Huth
(cherry picked from commit 5e02a4fdebc442e34c5bb05e4540f85cc6e802f0)
Signed-off-by: Michael Tokarev
diff --git a/hw/usb/bus.c b/hw/usb/bus.c
index 92d6ed5626..4d4c671913 100644
--- a/hw/usb/bus.c
+++ b/hw/usb/bus.c
@@ -273,13 +273,14 @@ static void usb_qdev_realize(DeviceState *qdev, Error
**errp)
}
if (dev->pcap_filename) {
-int fd = qemu_open_old(dev->pcap_filename, O_CREAT | O_WRONLY |
O_TRUNC, 0666);
+int fd = qemu_open_old(dev->pcap_filename,
+ O_CREAT | O_WRONLY | O_TRUNC | O_BINARY, 0666);
if (fd < 0) {
error_setg(errp, "open %s failed", dev->pcap_filename);
usb_qdev_unrealize(qdev);
return;
}
-dev->pcap = fdopen(fd, "w");
+dev->pcap = fdopen(fd, "wb");
usb_pcap_init(dev->pcap);
}
}
--
2.39.2
[Stable-7.2.10 51/54] test-vmstate: fix bad GTree usage, use-after-free
From: Eric Auger
According to g_tree_foreach() documentation:
"The tree may not be modified while iterating over it (you can't
add/remove items)."
compare_trees()/diff_tree() fail to respect this rule.
Historically GLib2 used a slice allocator for the GTree APIs
which did not immediately release the memory back to the system
allocator. As a result QEMU's use-after-free bug was not visible.
With GLib > 2.75.3 however, GLib2 has switched to using malloc
and now a SIGSEGV can be observed while running test-vmstate.
Get rid of the node removal within the tree traversal. Also
check the trees have the same number of nodes before the actual
diff.
Fixes: 9a85e4b8f6 ("migration: Support gtree migration")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1518
Signed-off-by: Marc-André Lureau
Signed-off-by: Eric Auger
Reported-by: Richard W.M. Jones
Tested-by: Richard W.M. Jones
Reviewed-by: Richard W.M. Jones
Reviewed-by: Daniel P. Berrangé
Reviewed-by: Juan Quintela
Signed-off-by: Juan Quintela
(cherry picked from commit abe2c4bdb65e8dd9cb2f01c355baa394bf49a8af)
Signed-off-by: Michael Tokarev
diff --git a/tests/unit/test-vmstate.c b/tests/unit/test-vmstate.c
index 541bb4f63e..aae32bbf91 100644
--- a/tests/unit/test-vmstate.c
+++ b/tests/unit/test-vmstate.c
@@ -1074,7 +1074,6 @@ static gboolean diff_tree(gpointer key, gpointer value,
gpointer data)
struct match_node_data d = {tp->tree2, key, value};
g_tree_foreach(tp->tree2, tp->match_node, &d);
-g_tree_remove(tp->tree1, key);
return false;
}
@@ -1083,9 +1082,9 @@ static void compare_trees(GTree *tree1, GTree *tree2,
{
struct tree_cmp_data tp = {tree1, tree2, function};
+assert(g_tree_nnodes(tree1) == g_tree_nnodes(tree2));
g_tree_foreach(tree1, diff_tree, &tp);
-assert(g_tree_nnodes(tree1) == 0);
-assert(g_tree_nnodes(tree2) == 0);
+g_tree_destroy(g_tree_ref(tree1));
}
static void diff_domain(TestGTreeDomain *d1, TestGTreeDomain *d2)
--
2.39.2
[Stable-7.2.10 v3 00/54] Patch Round-up for stable 7.2.10, freeze on 2024-03-02 (frozen)
The following patches are queued for QEMU stable v7.2.10:
https://gitlab.com/qemu-project/qemu/-/commits/staging-7.2
Patch freeze is 2024-03-02, and the release is planned for 2024-03-04:
https://wiki.qemu.org/Planning/7.2
The changes which are staging for inclusion, with the original commit hash
from master branch, are given below the bottom line.
Thanks!
/mjt
--
01* 27eb8499edb2 Fabiano Rosas:
migration: Fix use-after-free of migration state object
02* db101376af52 Yihuan Pan:
qemu-docs: Update options for graphical frontends
03* 615eaeab3d31 Richard W.M. Jones:
block/blkio: Make s->mem_region_alignment be 64 bits
04* f670be1aad33 Jan Klötzke:
target/arm: fix exception syndrome for AArch32 bkpt insn
05* d2019a9d0c34 Peter Maydell:
system/vl.c: Fix handling of '-serial none -serial something'
06* 747bfaf3a9d2 Peter Maydell:
qemu-options.hx: Improve -serial option documentation
07* 8a7315202033 Guenter Roeck:
pci-host: designware: Limit value range of iATU viewport register
08* cd8a35b913c2 Akihiko Odaki:
hw/smbios: Fix OEM strings table option validation
09* 196578c9d051 Akihiko Odaki:
hw/smbios: Fix port connector option validation
10* aa05bd9ef407 Andrey Ignatov:
vhost-user.rst: Fix vring address description
11* c62926f730d0 Ira Weiny:
cxl/cdat: Handle cdat table build errors
12* 64fdad5e6758 Ira Weiny:
cxl/cdat: Fix header sum value in CDAT checksum
13* 729d45a6af06 Li Zhijian:
hw/cxl: Pass CXLComponentState to cache_mem_ops
14* 9a457383ce9d Zhenzhong Duan:
virtio_iommu: Clear IOMMUPciBus pointer cache when system reset
15* 8a6b3f4dc95a Zhenzhong Duan:
smmu: Clear SMMUPciBus pointer cache when system reset
16* 14ec4ff3e429 Jonathan Cameron:
tests/acpi: Allow update of DSDT.cxl
17* d9ae5802f656 Jonathan Cameron:
hw/i386: Fix _STA return value for ACPI0017
18* b24a981b9f1c Jonathan Cameron:
tests/acpi: Update DSDT.cxl to reflect change _STA return value.
19* 681dfc0d5529 Richard Henderson:
linux-user/aarch64: Choose SYNC as the preferred MTE mode
20* 64c6e7444dff Richard Henderson:
target/arm: Fix nregs computation in do_{ld,st}_zpa
21* 855f94eca80c Richard Henderson:
target/arm: Fix SVE/SME gross MTE suppression checks
22* ac1d88e9e7ca Peter Maydell:
target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking
ARM_FEATURE_PMU
23* cc29c12ec629 Kevin Wolf:
iotests: Make 144 deterministic again
24* 81f5cad3858f Xiaoyao Li:
i386/cpu: Clear FEAT_XSAVE_XSS_LO/HI leafs when CPUID_EXT_XSAVE is not
available
25* a11a365159b9 Xiaoyao Li:
i386/cpu: Mask with XCR0/XSS mask for FEAT_XSAVE_XCR0_HI and
FEAT_XSAVE_XSS_HI leafs
26* 10f92799af8b Xiaoyao Li:
i386/cpuid: Decrease cpuid_i when skipping CPUID leaf 1F
27* 0729857c7075 Xiaoyao Li:
i386/cpuid: Move leaf 7 to correct group
28* 99d0dcd7f102 Ziqiao Kong:
target/i386: Generate an illegal opcode exception on cmp instructions
with lock prefix
29* 4cba8388968b Daniel P. Berrangé:
ui: reject extended clipboard message if not activated
30* 405484b29f65 Fiona Ebner:
ui/clipboard: mark type as not available when there is no data
31* 9c416582611b Fiona Ebner:
ui/clipboard: add asserts for update and request
32* 95b08fee8f68 Tianlan Zhou:
ui/console: Fix console resize with placeholder surface
33* 1222070e7728 Marc-André Lureau:
meson: ensure dbus-display generated code is built before other units
34* d67611907590 Akihiko Odaki:
audio: Depend on dbus_display1_dep
35* 4a20ac400ff0 Tianlan Zhou:
docs/system: Update description for input grab key
36* 185311130f54 Tianlan Zhou:
system/vl: Update description for input grab key
37* 5cd3ae4903e3 Peter Maydell:
.gitlab-ci.d/windows.yml: Drop msys2-32bit job
38* 2cc0e449d173 Nicholas Piggin:
target/ppc: Fix lxv/stxv MSR facility check
39* d2b5bb860e6c Klaus Jensen:
hw/nvme: fix invalid endian conversion
40* 4d28d57c9f2e Jessica Clarke:
pl031: Update last RTCLR value on write in case it's read back
41* 68fb78d7d572 Paolo Bonzini:
target/i386: mask high bits of CR3 in 32-bit mode
42* d09c79010ffd Paolo Bonzini:
target/i386: check validity of VMCB addresses
43* b1661801c184 Paolo Bonzini:
target/i386: Fix physical address truncation
44* a28fe7dc1939 Paolo Bonzini:
target/i386: remove unnecessary/wrong application of the A20 mask
45* b5a9de3259f4 Paolo Bonzini:
target/i386: leave the A20 bit set in the final NPT walk
46* 8467ac75b3b7 Alex Bennée:
tests/vm: update openbsd image to 7.4
47* 151b7dba391f Alex Bennée:
tests/vm: avoid re-building the VM images all the time
48 a8bf9de2f4f3 Daniel P. Berrangé:
gitlab: force allow use of pip in Cirrus jobs
49 5e02a4fdebc4 Benjamin David Lunt:
hw/usb/bus.c: PCAP adding 0xA in Windows version
50 f0cb6828ae34 Thomas Huth:
tests/unit/test-util-sockets: Remove temporary file after test
51 abe2c4bdb65e Eric Auger:
test-vmstate: fix bad GTree usage, use-after-free
52 f2e57851b831
[Stable-7.2.10 48/54] gitlab: force allow use of pip in Cirrus jobs
From: Daniel P. Berrangé
Python is transitioning to a world where you're not allowed to use 'pip
install' outside of a virutal env by default. The rationale is to stop
use of pip clashing with distro provided python packages, which creates
a major headache on distro upgrades.
All our CI environments, however, are 100% disposable so the upgrade
headaches don't exist. Thus we can undo the python defaults to allow
pip to work.
Signed-off-by: Daniel P. Berrangé
Tested-by: Philippe Mathieu-Daudé
Tested-by: Thomas Huth
Message-id: 20240222114038.2348718-1-berra...@redhat.com
Signed-off-by: Peter Maydell
(cherry picked from commit a8bf9de2f4f398315ac5340e4b88c478d5457731)
Signed-off-by: Michael Tokarev
diff --git a/.gitlab-ci.d/cirrus/build.yml b/.gitlab-ci.d/cirrus/build.yml
index 7ef6af8d33..d8cf08dc14 100644
--- a/.gitlab-ci.d/cirrus/build.yml
+++ b/.gitlab-ci.d/cirrus/build.yml
@@ -19,7 +19,7 @@ build_task:
install_script:
- @UPDATE_COMMAND@
- @INSTALL_COMMAND@ @PKGS@
-- if test -n "@PYPI_PKGS@" ; then @PIP3@ install @PYPI_PKGS@ ; fi
+- if test -n "@PYPI_PKGS@" ; then PYLIB=$(@PYTHON@ -c 'import sysconfig;
print(sysconfig.get_path("stdlib"))'); rm -f $PYLIB/EXTERNALLY-MANAGED; @PIP3@
install @PYPI_PKGS@ ; fi
clone_script:
- git clone --depth 100 "$CI_REPOSITORY_URL" .
- git fetch origin "$CI_COMMIT_REF_NAME"
--
2.39.2
