[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 9aea1e: target/arm: Fix 32-bit address trunca
From: |
GitHub |
Subject: |
[Qemu-commits] [qemu/qemu] 9aea1e: target/arm: Fix 32-bit address truncation |
Date: |
Thu, 25 Jan 2018 10:05:51 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 9aea1ea31af25fe344a88da086ff913cca09c667
https://github.com/qemu/qemu/commit/9aea1ea31af25fe344a88da086ff913cca09c667
Author: Ard Biesheuvel <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/helper.c
Log Message:
-----------
target/arm: Fix 32-bit address truncation
Commit ("3b39d734141a target/arm: Handle page table walk load failures
correctly") modified both versions of the page table walking code (i.e.,
arm_ldl_ptw and arm_ldq_ptw) to record the result of the translation in
a temporary 'data' variable so that it can be inspected before being
returned. However, arm_ldq_ptw() returns an uint64_t, and using a
temporary uint32_t variable truncates the upper bits, corrupting the
result. This causes problems when using more than 4 GB of memory in
a TCG guest. So use a uint64_t instead.
Signed-off-by: Ard Biesheuvel <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 1b58d58f76289212f40d71282ae3a85d6cd65fef
https://github.com/qemu/qemu/commit/1b58d58f76289212f40d71282ae3a85d6cd65fef
Author: Jean-Christophe Dubois <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/net/imx_fec.c
Log Message:
-----------
i.MX: Fix FEC/ENET receive funtions
The actual imx_eth_enable_rx() function is buggy.
It updates s->regs[ENET_RDAR] after calling qemu_flush_queued_packets().
qemu_flush_queued_packets() is going to call imx_XXX_receive() which itself
is going to call imx_eth_enable_rx().
By updating s->regs[ENET_RDAR] after calling qemu_flush_queued_packets()
we end up updating the register with an outdated value which might
lead to disabling the receive function in the i.MX FEC/ENET device.
This patch change the place where the register update is done so that the
register value stays up to date and the receive function can keep
running.
Reported-by: Fyleo <address@hidden>
Tested-by: Fyleo <address@hidden>
Signed-off-by: Jean-Christophe Dubois <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Andrey Smirnov <address@hidden>
Tested-by: Andrey Smirnov <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: cf96a682481bbfb1e6b53d2436c3d51563d5dff8
https://github.com/qemu/qemu/commit/cf96a682481bbfb1e6b53d2436c3d51563d5dff8
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/translate.h
Log Message:
-----------
target/arm: Mark disas_set_insn_syndrome inline
If it isn't used when translate.h is included,
we'll get a compiler Werror.
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Message-id: address@hidden
Signed-off-by: Peter Maydell <address@hidden>
Commit: 1a66ac61af45af04688d1d15896737310e366c06
https://github.com/qemu/qemu/commit/1a66ac61af45af04688d1d15896737310e366c06
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/crypto_helper.c
M target/arm/helper.h
M target/arm/translate-a64.c
M target/arm/translate.c
Log Message:
-----------
target/arm: Use pointers in crypto helpers
Rather than passing regnos to the helpers, pass pointers to the
vector registers directly. This eliminates the need to pass in
the environment pointer and reduces the number of places that
directly access env->vfp.regs[].
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Message-id: address@hidden
Signed-off-by: Peter Maydell <address@hidden>
Commit: b13708bbbdda54c7f7e28222b22453986c026391
https://github.com/qemu/qemu/commit/b13708bbbdda54c7f7e28222b22453986c026391
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/helper.h
M target/arm/neon_helper.c
M target/arm/translate.c
Log Message:
-----------
target/arm: Use pointers in neon zip/uzp helpers
Rather than passing regnos to the helpers, pass pointers to the
vector registers directly. This eliminates the need to pass in
the environment pointer and reduces the number of places that
directly access env->vfp.regs[].
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Message-id: address@hidden
Signed-off-by: Peter Maydell <address@hidden>
Commit: e7c06c4e4c98c47899417f154df1f2ef4e8d09a0
https://github.com/qemu/qemu/commit/e7c06c4e4c98c47899417f154df1f2ef4e8d09a0
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/helper.h
M target/arm/op_helper.c
M target/arm/translate.c
Log Message:
-----------
target/arm: Use pointers in neon tbl helper
Rather than passing a regno to the helper, pass pointers to the
vector register directly. This eliminates the need to pass in
the environment pointer and reduces the number of places that
directly access env->vfp.regs[].
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 3f68b8a5a6862f856524bb347bf348ae364dd43c
https://github.com/qemu/qemu/commit/3f68b8a5a6862f856524bb347bf348ae364dd43c
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/arch_dump.c
M target/arm/cpu.h
M target/arm/helper.c
M target/arm/machine.c
M target/arm/translate-a64.c
M target/arm/translate.c
Log Message:
-----------
target/arm: Change the type of vfp.regs
All direct users of this field want an integral value. Drop all
of the extra casting between uint64_t and float64.
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 9a2b5256ea1f68c89d5da4b54f180f576c2c82d6
https://github.com/qemu/qemu/commit/9a2b5256ea1f68c89d5da4b54f180f576c2c82d6
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M linux-user/signal.c
M target/arm/arch_dump.c
M target/arm/cpu.h
M target/arm/helper-a64.c
M target/arm/helper.c
M target/arm/kvm32.c
M target/arm/kvm64.c
M target/arm/translate-a64.c
M target/arm/translate.c
Log Message:
-----------
target/arm: Add aa{32, 64}_vfp_{dreg, qreg} helpers
Helpers that return a pointer into env->vfp.regs so that we isolate
the logic of how to index the regs array for different cpu modes.
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: a006f1229d57c1925b445f026dbfeaff47fe6026
https://github.com/qemu/qemu/commit/a006f1229d57c1925b445f026dbfeaff47fe6026
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M include/migration/vmstate.h
Log Message:
-----------
vmstate: Add VMSTATE_UINT64_SUB_ARRAY
At the same time, move VMSTATE_UINT32_SUB_ARRAY
beside the other UINT32 definitions.
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 0d0a16c647650d476219a5e1313dec434f9fbebb
https://github.com/qemu/qemu/commit/0d0a16c647650d476219a5e1313dec434f9fbebb
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/cpu.h
Log Message:
-----------
target/arm: Add ARM_FEATURE_SVE
Not enabled anywhere so far.
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: a9e013112f03bf1644a549a769be599a3ceb6155
https://github.com/qemu/qemu/commit/a9e013112f03bf1644a549a769be599a3ceb6155
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/cpu.h
M target/arm/helper.c
Log Message:
-----------
target/arm: Move cpu_get_tb_cpu_state out of line
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: b9adaa70a0dfce7a8e4bdb27a7c6bec5c6f633c4
https://github.com/qemu/qemu/commit/b9adaa70a0dfce7a8e4bdb27a7c6bec5c6f633c4
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/helper.c
Log Message:
-----------
target/arm: Hoist store to flags output in cpu_get_tb_cpu_state
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 55faa21273151259de38da271c8a2f2b37d6c250
https://github.com/qemu/qemu/commit/55faa21273151259de38da271c8a2f2b37d6c250
Author: Richard Henderson <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M target/arm/helper.c
Log Message:
-----------
target/arm: Simplify fp_exception_el for user-only
Signed-off-by: Richard Henderson <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Reviewed-by: Alex Bennée <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 91f4e18d9550a19ccb33fdac37ab0caf084549c0
https://github.com/qemu/qemu/commit/91f4e18d9550a19ccb33fdac37ab0caf084549c0
Author: Luc MICHEL <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/intc/arm_gic.c
Log Message:
-----------
hw/intc/arm_gic: Prevent the GIC from signaling an IRQ when it's "active and
pending"
In the GIC, when an IRQ is acknowledged, its state goes from "pending"
to:
- "active" if the corresponding IRQ pin has been de-asserted
- "active and pending" otherwise.
The GICv2 manual states that when a IRQ becomes active (or active and
pending), the GIC should either signal another (higher priority) IRQ to
the CPU if there is one, or de-assert the CPU IRQ pin.
The current implementation of the GIC in QEMU does not check if the
IRQ is already active when looking for pending interrupts with
sufficient priority in gic_update(). This can lead to signaling an
interrupt that is already active.
This usually happens when splitting priority drop and interrupt
deactivation. On priority drop, the IRQ stays active until deactivation.
If it becomes pending again, chances are that it will be incorrectly
selected as best_irq in gic_update().
This commit fixes this by checking if the IRQ is not already active when
looking for best_irq in gic_update().
Note that regarding the ARM11MPCore GIC version, the corresponding
manual is not clear on that point, but it has has no priority
drop/interrupt deactivation separation, so this case should not happen.
Signed-off-by: Luc MICHEL <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 71aa735b0a12201c2b14a76004ee3a58ff43798c
https://github.com/qemu/qemu/commit/71aa735b0a12201c2b14a76004ee3a58ff43798c
Author: Luc MICHEL <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/intc/arm_gic.c
Log Message:
-----------
hw/intc/arm_gic: Fix C_RPR value on idle priority
When there is no active interrupts in the GIC, a read to the C_RPR
register should return the value of the "Idle priority", which is either
the maximum value an IRQ priority field can be set to, or 0xff.
Since the QEMU GIC model implements all the 8 priority bits, the Idle
priority is 0xff.
Internally, when there is no active interrupt, the running priority
value is 0x100. The gic_get_running_priority function returns an uint8_t
and thus, truncate this value to 0x00 when returning it. This is wrong since
a value of 0x00 correspond to the maximum possible priority.
This commit fixes the returned value when the internal value is 0x100.
Note that it is correct for the Non-Secure view to return 0xff even
though from the NS world point of view, only 7 priority bits are
implemented. The specification states that the Idle priority can be 0xff
even when not all the 8 priority bits are implemented. This has been
verified against a real GICv2 hardware on a Xilinx ZynqMP based board.
Regarding the ARM11MPCore version of the GIC, the specification is not
clear on that point, so this commit does not alter its behavior.
Signed-off-by: Luc MICHEL <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: fc05a6f22a15503b1e95be640a62e44a06c95d25
https://github.com/qemu/qemu/commit/fc05a6f22a15503b1e95be640a62e44a06c95d25
Author: Luc MICHEL <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/intc/arm_gic.c
Log Message:
-----------
hw/intc/arm_gic: Fix group priority computation for group 1 IRQs
When determining the group priority of a group 1 IRQ, if C_CTRL.CBPR is
0, the non-secure BPR value is used. However, this value must be
incremented by one so that it matches the secure world number of
implemented priority bits (NS world has one less priority bit compared
to the Secure world).
Signed-off-by: Luc MICHEL <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: add assert, as the gicv3 code has]
Signed-off-by: Peter Maydell <address@hidden>
Commit: 421a3c224e2c4c5d2dfd9309d7357f3369ed30e0
https://github.com/qemu/qemu/commit/421a3c224e2c4c5d2dfd9309d7357f3369ed30e0
Author: Luc MICHEL <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/intc/arm_gic.c
Log Message:
-----------
hw/intc/arm_gic: Fix the NS view of C_BPR when C_CTRL.CBPR is 1
When C_CTRL.CBPR is 1, the Non-Secure view of C_BPR is altered:
- A Non-Secure read of C_BPR should return the BPR value plus 1,
saturated to 7,
- A Non-Secure write should be ignored.
Signed-off-by: Luc MICHEL <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: fixed comment typo]
Signed-off-by: Peter Maydell <address@hidden>
Commit: c88bc3e0dbe7d460a0be723379fce63a9dc6a6f5
https://github.com/qemu/qemu/commit/c88bc3e0dbe7d460a0be723379fce63a9dc6a6f5
Author: Peter Maydell <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/arm/virt.c
Log Message:
-----------
hw/arm/virt: Check that the CPU realize method succeeded
We were passing a NULL error pointer to the object_property_set_bool()
call that realizes the CPU object. This meant that we wouldn't detect
failure, and would plough blindly on to crash later trying to use a
NULL CPU object pointer. Detect errors and fail instead.
In particular, this will be necessary to detect the user error
of using "-cpu host" without "-enable-kvm" once we make the host
CPU type be registered unconditionally rather than only in
kvm_arch_init().
Signed-off-by: Peter Maydell <address@hidden>
Commit: 02e57e1c14a32aa1ed64e79d349d8e0e37cfaa27
https://github.com/qemu/qemu/commit/02e57e1c14a32aa1ed64e79d349d8e0e37cfaa27
Author: Philippe Mathieu-Daudé <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/sd/sdhci.c
M include/hw/sd/sdhci.h
Log Message:
-----------
sdhci: fix a NULL pointer dereference due to uninitialized AddresSpace object
missed in 60765b6ceeb4.
Thread 1 "qemu-system-aarch64" received signal SIGSEGV, Segmentation fault.
address_space_init (as=0x0, root=0x55555726e410, address@hidden "sdhci-dma")
at memory.c:3050
3050 as->root = root;
(gdb) bt
#0 address_space_init (as=0x0, root=0x55555726e410, address@hidden
"sdhci-dma") at memory.c:3050
#1 0x0000555555af62c3 in sdhci_sysbus_realize (dev=<optimized out>,
errp=0x7fff7f931150) at hw/sd/sdhci.c:1564
#2 0x00005555558b25e5 in zynqmp_sdhci_realize (dev=0x555557051520,
errp=0x7fff7f931150) at hw/sd/zynqmp-sdhci.c:151
#3 0x0000555555a2e7f3 in device_set_realized (obj=0x555557051520,
value=<optimized out>, errp=0x7fff7f931270) at hw/core/qdev.c:966
#4 0x0000555555ba3f74 in property_set_bool (obj=0x555557051520, v=<optimized
out>, name=<optimized out>, opaque=0x555556e04a20,
errp=0x7fff7f931270) at qom/object.c:1906
#5 0x0000555555ba51f4 in object_property_set (address@hidden, address@hidden,
address@hidden "realized", address@hidden) at qom/object.c:1102
Suggested-by: Peter Maydell <address@hidden>
Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: fbe5dac7b2777626670097218ce4dfc4a19a17e9
https://github.com/qemu/qemu/commit/fbe5dac7b2777626670097218ce4dfc4a19a17e9
Author: Francisco Iglesias <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/ssi/xilinx_spips.c
Log Message:
-----------
xilinx_spips: Correct usage of an uninitialized local variable
Coverity found that the variable tx_rx in the function
xilinx_spips_flush_txfifo was being used uninitialized (CID 1383841). This
patch corrects this by always initializing tx_rx to zeros.
Signed-off-by: Francisco Iglesias <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
Signed-off-by: Peter Maydell <address@hidden>
Commit: 24da047af0e99a83fcc0d50b86c0f2627f7418b3
https://github.com/qemu/qemu/commit/24da047af0e99a83fcc0d50b86c0f2627f7418b3
Author: Linus Walleij <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/display/pl110.c
Log Message:
-----------
pl110: Implement vertical compare/next base interrupts
This implements rudimentary support for interrupt generation on the
PL110. I am working on a new DRI/KMS driver for Linux and since that
uses the blanking interrupt, we need something to fire here. Without
any interrupt support Linux waits for a while and then gives ugly
messages about the vblank not working in the console (it does not
hang perpetually or anything though, DRI is pretty forgiving).
I solved it for now by setting up a timer to fire at 60Hz and pull
the interrupts for "vertical compare" and "next memory base"
at this interval. This works fine and fires roughly the same number
of IRQs on QEMU as on the hardware and leaves the console clean
and nice.
People who want to create more accurate emulation can probably work
on top of this if need be. It is certainly closer to the hardware
behaviour than what we have today anyway.
Cc: Peter Maydell <address@hidden>
Signed-off-by: Linus Walleij <address@hidden>
Message-id: address@hidden
Reviewed-by: Peter Maydell <address@hidden>
[PMM: folded long lines]
Signed-off-by: Peter Maydell <address@hidden>
Commit: 2077fef91d5eb8e3745a84fabd87a5ee7d2b535d
https://github.com/qemu/qemu/commit/2077fef91d5eb8e3745a84fabd87a5ee7d2b535d
Author: Peter Maydell <address@hidden>
Date: 2018-01-25 (Thu, 25 Jan 2018)
Changed paths:
M hw/arm/virt.c
M hw/display/pl110.c
M hw/intc/arm_gic.c
M hw/net/imx_fec.c
M hw/sd/sdhci.c
M hw/ssi/xilinx_spips.c
M include/hw/sd/sdhci.h
M include/migration/vmstate.h
M linux-user/signal.c
M target/arm/arch_dump.c
M target/arm/cpu.h
M target/arm/crypto_helper.c
M target/arm/helper-a64.c
M target/arm/helper.c
M target/arm/helper.h
M target/arm/kvm32.c
M target/arm/kvm64.c
M target/arm/machine.c
M target/arm/neon_helper.c
M target/arm/op_helper.c
M target/arm/translate-a64.c
M target/arm/translate.c
M target/arm/translate.h
Log Message:
-----------
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180125'
into staging
target-arm queue:
* target/arm: Fix address truncation in 64-bit pagetable walks
* i.MX: Fix FEC/ENET receive functions
* target/arm: preparatory refactoring for SVE emulation
* hw/intc/arm_gic: Prevent the GIC from signaling an IRQ when it's "active and
pending"
* hw/intc/arm_gic: Fix C_RPR value on idle priority
* hw/intc/arm_gic: Fix group priority computation for group 1 IRQs
* hw/intc/arm_gic: Fix the NS view of C_BPR when C_CTRL.CBPR is 1
* hw/arm/virt: Check that the CPU realize method succeeded
* sdhci: fix a NULL pointer dereference due to uninitialized AddressSpace
object
* xilinx_spips: Correct usage of an uninitialized local variable
* pl110: Implement vertical compare/next base interrupts
# gpg: Signature made Thu 25 Jan 2018 12:59:25 GMT
# gpg: using RSA key 0x3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <address@hidden>"
# gpg: aka "Peter Maydell <address@hidden>"
# gpg: aka "Peter Maydell <address@hidden>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* remotes/pmaydell/tags/pull-target-arm-20180125: (21 commits)
pl110: Implement vertical compare/next base interrupts
xilinx_spips: Correct usage of an uninitialized local variable
sdhci: fix a NULL pointer dereference due to uninitialized AddresSpace object
hw/arm/virt: Check that the CPU realize method succeeded
hw/intc/arm_gic: Fix the NS view of C_BPR when C_CTRL.CBPR is 1
hw/intc/arm_gic: Fix group priority computation for group 1 IRQs
hw/intc/arm_gic: Fix C_RPR value on idle priority
hw/intc/arm_gic: Prevent the GIC from signaling an IRQ when it's "active and
pending"
target/arm: Simplify fp_exception_el for user-only
target/arm: Hoist store to flags output in cpu_get_tb_cpu_state
target/arm: Move cpu_get_tb_cpu_state out of line
target/arm: Add ARM_FEATURE_SVE
vmstate: Add VMSTATE_UINT64_SUB_ARRAY
target/arm: Add aa{32, 64}_vfp_{dreg, qreg} helpers
target/arm: Change the type of vfp.regs
target/arm: Use pointers in neon tbl helper
target/arm: Use pointers in neon zip/uzp helpers
target/arm: Use pointers in crypto helpers
target/arm: Mark disas_set_insn_syndrome inline
i.MX: Fix FEC/ENET receive funtions
...
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/a3f9362af5c7...2077fef91d5e
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 9aea1e: target/arm: Fix 32-bit address truncation,
GitHub <=