[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 8b0898: target/arm: Allow setting the FPCR.EB
From: |
Peter Maydell |
Subject: |
[Qemu-commits] [qemu/qemu] 8b0898: target/arm: Allow setting the FPCR.EBF bit for FEA... |
Date: |
Fri, 06 Sep 2024 06:05:22 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: 8b0898f8dd0379ae8da75d0d07ddd5ae16576216
https://github.com/qemu/qemu/commit/8b0898f8dd0379ae8da75d0d07ddd5ae16576216
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/cpu-features.h
M target/arm/cpu.h
M target/arm/vfp_helper.c
Log Message:
-----------
target/arm: Allow setting the FPCR.EBF bit for FEAT_EBF16
FEAT_EBF16 adds one new bit to the FPCR floating point control
register. Allow this bit to be read and written when the ID
registers indicate the presence of the feature.
Note that because this new bit is not in FPSCR_FPCR_MASK the bit is
not visible in the AArch32 FPSCR, and FPSCR writes do not affect it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: ecabcfa47c51df51238ffc818506adce1bca6802
https://github.com/qemu/qemu/commit/ecabcfa47c51df51238ffc818506adce1bca6802
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/tcg/helper-sme.h
M target/arm/tcg/sme_helper.c
M target/arm/tcg/translate-sme.c
Log Message:
-----------
target/arm: Pass env pointer through to sme_bfmopa helper
To implement the FEAT_EBF16 semantics, we are going to need
the CPUARMState env pointer in every helper function which calls
bfdotadd().
Pass the env pointer through from generated code to the sme_bfmopa
helper. (We'll add the code that uses it when we've adjusted
all the helpers to have access to the env pointer.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 75a6784dad3d3968a1b13698e5a11fffd089cb7a
https://github.com/qemu/qemu/commit/75a6784dad3d3968a1b13698e5a11fffd089cb7a
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/helper.h
M target/arm/tcg/translate-a64.c
M target/arm/tcg/translate-neon.c
M target/arm/tcg/translate-sve.c
M target/arm/tcg/vec_helper.c
Log Message:
-----------
target/arm: Pass env pointer through to gvec_bfdot helper
Pass the env pointer through to the gvec_bfdot helper,
so we can use it to add support for FEAT_EBF16.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: c8d644b951f64122e2a42821388117a1480ecd4a
https://github.com/qemu/qemu/commit/c8d644b951f64122e2a42821388117a1480ecd4a
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/helper.h
M target/arm/tcg/translate-a64.c
M target/arm/tcg/translate-neon.c
M target/arm/tcg/translate-sve.c
M target/arm/tcg/vec_helper.c
Log Message:
-----------
target/arm: Pass env pointer through to gvec_bfdot_idx helper
Pass the env pointer through to the gvec_bfdot_idx helper,
so we can use it to add support for FEAT_EBF16.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 2da2d7dc904c4afa84ae1a869a63438a8bf17e67
https://github.com/qemu/qemu/commit/2da2d7dc904c4afa84ae1a869a63438a8bf17e67
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/helper.h
M target/arm/tcg/translate-a64.c
M target/arm/tcg/translate-neon.c
M target/arm/tcg/translate-sve.c
M target/arm/tcg/vec_helper.c
Log Message:
-----------
target/arm: Pass env pointer through to gvec_bfmmla helper
Pass the env pointer through to the gvec_bfmmla helper,
so we can use it to add support for FEAT_EBF16.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 09b0d9e0ad24e875c006e024e184be8b79d2ad11
https://github.com/qemu/qemu/commit/09b0d9e0ad24e875c006e024e184be8b79d2ad11
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/tcg/sme_helper.c
M target/arm/tcg/vec_helper.c
M target/arm/tcg/vec_internal.h
Log Message:
-----------
target/arm: Prepare bfdotadd() callers for FEAT_EBF support
We use bfdotadd() in four callsites for various helper functions. Currently
this all assumes that we have the FPCR.EBF=0 semantics. For FPCR.EBF=1
we will need to:
* call a different routine to bfdotadd() because we need to do a
fused multiply-add rather than separate multiply and add steps
* use a different float_status that honours the FPCR rounding mode
and denormal-flushing fields
* pass in an extra float_status that has been set up to perform
round-to-odd rounding
To prepare for this, refactor all the callsites so that instead of
for (...) {
x = bfdotadd(...);
}
they are:
float_status fpst, fpst_odd;
if (is_ebf(env, &fpst, &fpst_odd)) {
for (...) {
x = bfdotadd_ebf(..., &fpst, &fpst_odd);
}
} else {
for (...) {
x = bfdotadd(..., &fpst);
}
}
For the moment the is_ebf() function always returns false, sets up
fpst for EBF=0 semantics and never sets up fpst_odd; bfdotadd_ebf()
will assert if called. We'll fill in the handling for EBF=1 in the
next commit.
This change should be a zero-behaviour-change refactor.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 0e1850182a1faae23fcafc069a0af929930b20bb
https://github.com/qemu/qemu/commit/0e1850182a1faae23fcafc069a0af929930b20bb
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/tcg/vec_helper.c
Log Message:
-----------
target/arm: Implement FPCR.EBF=1 semantics for bfdotadd()
Implement the FPCR.EBF=1 semantics for bfdotadd() operations:
* is_ebf() sets up fpst and fpst_odd
* bfdotadd_ebf() implements the fused paired-multiply-and-add
operation that we need
The paired-multiply-and-add is similar to f16_dotadd() and
we use the same trick here as in that function, but the inputs
here are bfloat16 rather than float16.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 5d1187b308e4a55285b744567e3c7078689a3b2e
https://github.com/qemu/qemu/commit/5d1187b308e4a55285b744567e3c7078689a3b2e
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M docs/system/arm/emulation.rst
M target/arm/tcg/cpu64.c
M target/arm/tcg/translate-sme.c
Log Message:
-----------
target/arm: Enable FEAT_EBF16 in the "max" CPU
Now that we've implemented the required behaviour for FEAT_EBF16, we
can enable it for the "max" CPU type, list it in our documentation,
and delete a TODO comment about it being missing.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: da7510b720591c047bb044f24015d4074938a742
https://github.com/qemu/qemu/commit/da7510b720591c047bb044f24015d4074938a742
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M accel/tcg/tcg-accel-ops-rr.c
Log Message:
-----------
accel/tcg: Remove dead code from rr_cpu_thread_fn()
The main loop in rr_cpu_thread_fn() can never terminate, so the
code at the end of the function to clean up the RCU subsystem is
dead code. Replace it with g_assert_not_reached().
(This is different from the other cpu_thread_fn for e.g. MTTCG or
for the KVM accelerator -- those can exit, if the vCPU they
are responsible for is unplugged. But the RR cpu thread fn
handles all CPUs in the system in a round-robin way, so even
if one is unplugged it keeps looping.)
Resolves: Coverity CID 1547782
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240815143634.3413679-1-peter.maydell@linaro.org
Commit: fb6051e7bb2bde491d3414279518e85bcb03c82a
https://github.com/qemu/qemu/commit/fb6051e7bb2bde491d3414279518e85bcb03c82a
Author: Cornelia Huck <cohuck@redhat.com>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/virt.c
M hw/core/machine.c
M hw/i386/pc.c
M hw/i386/pc_piix.c
M hw/i386/pc_q35.c
M hw/m68k/virt.c
M hw/ppc/spapr.c
M hw/s390x/s390-virtio-ccw.c
M include/hw/boards.h
M include/hw/i386/pc.h
Log Message:
-----------
hw: add compat machines for 9.2
Add 9.2 machine types for arm/i440fx/m68k/q35/s390x/spapr.
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240816161350.3706332-2-peter.maydell@linaro.org
Message-id: 20240816103723.2325982-1-cohuck@redhat.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 44df6d061386808052dfc490bb0158b011933d5e
https://github.com/qemu/qemu/commit/44df6d061386808052dfc490bb0158b011933d5e
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/smmuv3.c
Log Message:
-----------
hw/arm/smmuv3: Update comment documenting "stage" property
When we added support for nested (stage 1 + stage 2) translation
to the SMMU in commit 58377c363291d we forgot to update the
comment that documents the valid values of the "stage" property.
Add the new "nested" value to it.
Fixes: 58377c363291d ("hw/arm/smmuv3: Support and advertise nesting")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20240816161350.3706332-3-peter.maydell@linaro.org
Commit: 8a934f1c4a115c41d1d56efd319f2085e401ad31
https://github.com/qemu/qemu/commit/8a934f1c4a115c41d1d56efd319f2085e401ad31
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/virt.c
M include/hw/arm/virt.h
Log Message:
-----------
hw/arm/virt: Default to two-stage SMMU from virt-9.2
Now that our SMMU model supports enabling both stages of translation
at once, we can enable this in the virt board. This is no change in
behaviour for guests, because if they simply ignore stage 2 and never
configure it then it has no effect. For the usual backwards
compatibility reasons we enable this only for machine types starting
with 9.2.
(Note that the SMMU is disabled by default on the virt board and is
only created if the user passes the 'iommu=smmuv3' machine option.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20240816161350.3706332-4-peter.maydell@linaro.org
Commit: 7c824b43ba0303e139ccba117f10f5c39e157ed1
https://github.com/qemu/qemu/commit/7c824b43ba0303e139ccba117f10f5c39e157ed1
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/sbsa-ref.c
Log Message:
-----------
hw/arm/sbsa-ref: Use two-stage SMMU
Now that our SMMU model supports enabling both stages of translation
at once, we can enable this in the sbsa-ref board. Existing guest
code that only programs stage 1 and doesn't care about stage 2 should
continue to run with the same behaviour, but guests that do want to
do nested SMMU configurations can now do so.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Message-id: 20240816161350.3706332-5-peter.maydell@linaro.org
Commit: d30d590b871f5418614d7523b22384dc5a894d64
https://github.com/qemu/qemu/commit/d30d590b871f5418614d7523b22384dc5a894d64
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/misc/xlnx-versal-cfu.c
Log Message:
-----------
hw/misc/xlnx-versal-cfu: destroy fifo in finalize
Since the TYPE_XNLX_VERSAL_CFU_FDRO device creates a FIFO in its
instance_init method, we must destroy the FIFO in instance_finalize
to avoid a memory leak for the QOM introspection
"instantiate-examine-finalize" cycle:
Direct leak of 8192 byte(s) in 1 object(s) allocated from:
#0 0x55ec89eae7ee in malloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294d7ee)
(BuildId: 6d508874816cc47d17c8dd775e8f809ae520e8cb)
#1 0x7f697018f738 in g_malloc debian/build/deb/../../../glib/gmem.c:128:13
#2 0x55ec8d98d98d in fifo8_create util/fifo8.c:27:18
#3 0x55ec8aa2a624 in fifo32_create
/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/include/qemu/fifo32.h:35:5
#4 0x55ec8aa2a33c in cfu_fdro_init hw/misc/xlnx-versal-cfu.c:397:5
#5 0x55ec8ce75da1 in object_init_with_type qom/object.c:420:9
#6 0x55ec8ce5d07b in object_initialize_with_type qom/object.c:562:5
#7 0x55ec8ce5e91d in object_new_with_type qom/object.c:782:5
#8 0x55ec8ce5e9f1 in object_new qom/object.c:797:12
#9 0x55ec8d65c81d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-2-peter.maydell@linaro.org
Commit: abbfe8d82e0d8244c320de75095c420cf7edc0cc
https://github.com/qemu/qemu/commit/abbfe8d82e0d8244c320de75095c420cf7edc0cc
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/misc/xlnx-versal-trng.c
Log Message:
-----------
hw/misc/xlnx-versal-trng: Free s->prng in finalize, not unrealize
The TYPE_XLNX_VERSAL_TRNG device creates s->prng with g_rand_new()
in its init method, but it frees it in its unrealize method. This
results in a leak in the QOM introspection "initialize-inspect-finalize"
lifecycle:
Direct leak of 2500 byte(s) in 1 object(s) allocated from:
#0 0x55ec89eae9d8 in __interceptor_calloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294d9d8)
(BuildId: 6d5
08874816cc47d17c8dd775e8f809ae520e8cb)
#1 0x7f697018fc50 in g_malloc0 debian/build/deb/../../../glib/gmem.c:161:13
#2 0x7f6970197738 in g_rand_new_with_seed_array
debian/build/deb/../../../glib/grand.c:202:17
#3 0x7f6970197816 in g_rand_new
debian/build/deb/../../../glib/grand.c:286:10
#4 0x55ec8aa3656a in trng_init hw/misc/xlnx-versal-trng.c:624:15
#5 0x55ec8ce75da1 in object_init_with_type qom/object.c:420:9
#6 0x55ec8ce5d07b in object_initialize_with_type qom/object.c:562:5
#7 0x55ec8ce5e91d in object_new_with_type qom/object.c:782:5
#8 0x55ec8ce5e9f1 in object_new qom/object.c:797:12
#9 0x55ec8d65c81d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11
Move the free to finalize so it matches where we are initing
s->prng. Since that's the only thing our unrealize method was
doing, this essentially switches the whole function to be
a finalize implementation.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-3-peter.maydell@linaro.org
Commit: 4a87373f28e0b9afacb3d48007427b67663b8ded
https://github.com/qemu/qemu/commit/4a87373f28e0b9afacb3d48007427b67663b8ded
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/nvram/xlnx-bbram.c
M include/hw/nvram/xlnx-bbram.h
Log Message:
-----------
hw/nvram/xlnx-bbram: Call register_finalize_block
The TYPE_XLNX_BBRAM device creates a register block with
register_init_block32() in its instance_init method; we must
therefore destroy it in our instance_finalize method to avoid a leak
in the QOM introspection "init-inspect-finalize" lifecycle:
Direct leak of 304 byte(s) in 1 object(s) allocated from:
#0 0x5641518ca9d8 in __interceptor_calloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294d9d8)
(BuildId: 4a6
18cb63d57d5a19ed45cfc262b08da47eaafe5)
#1 0x7ff1aab31c50 in g_malloc0 debian/build/deb/../../../glib/gmem.c:161:13
#2 0x564151cffc5d in register_init_block hw/core/register.c:248:34
#3 0x564151d006be in register_init_block32 hw/core/register.c:299:12
#4 0x56415293df75 in bbram_ctrl_init hw/nvram/xlnx-bbram.c:462:9
#5 0x564154891dc1 in object_init_with_type qom/object.c:420:9
#6 0x56415487909b in object_initialize_with_type qom/object.c:562:5
#7 0x56415487a93d in object_new_with_type qom/object.c:782:5
#8 0x56415487aa11 in object_new qom/object.c:797:12
#9 0x56415507883d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-4-peter.maydell@linaro.org
Commit: 431d4d2acc42c6a52fd29a06472a57e5fea97852
https://github.com/qemu/qemu/commit/431d4d2acc42c6a52fd29a06472a57e5fea97852
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/nvram/xlnx-zynqmp-efuse.c
M include/hw/nvram/xlnx-zynqmp-efuse.h
Log Message:
-----------
hw/nvram/xlnx-zynqmp-efuse: Call register_finalize_block
The TYPE_XLNX_ZYNQMP_EFUSE device creates a register block with
register_init_block32() in its instance_init method; we must
therefore destroy it in our instance_finalize method to avoid a leak
in the QOM introspection "init-inspect-finalize" lifecycle:
Direct leak of 304 byte(s) in 1 object(s) allocated from:
#0 0x55f3ff5839d8 in __interceptor_calloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294d9d8)
(BuildId: 23cf931c66865a71b6cc4da95156d03bc106fa72)
#1 0x7f3f31c6bc50 in g_malloc0 debian/build/deb/../../../glib/gmem.c:161:13
#2 0x55f3ff9b8c5d in register_init_block hw/core/register.c:248:34
#3 0x55f3ff9b96be in register_init_block32 hw/core/register.c:299:12
#4 0x55f4005e5b25 in efuse_ctrl_init hw/nvram/xlnx-versal-efuse-ctrl.c:718:9
#5 0x55f40254afb1 in object_init_with_type qom/object.c:420:9
#6 0x55f40253228b in object_initialize_with_type qom/object.c:562:5
#7 0x55f402533b2d in object_new_with_type qom/object.c:782:5
#8 0x55f402533c01 in object_new qom/object.c:797:12
#9 0x55f402d31a2d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-5-peter.maydell@linaro.org
Commit: 14bfca0dec5dda34844d638ed2e5a78d04f196d1
https://github.com/qemu/qemu/commit/14bfca0dec5dda34844d638ed2e5a78d04f196d1
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/misc/xlnx-versal-trng.c
M include/hw/misc/xlnx-versal-trng.h
Log Message:
-----------
hw/misc/xlnx-versal-trng: Call register_finalize_block
The TYPE_XLNX_VERSAL_TRNG device creates a register block with
register_init_block32() in its instance_init method; we must
therefore destroy it in our instance_finalize method to avoid a leak
in the QOM introspection "init-inspect-finalize" lifecycle:
Direct leak of 304 byte(s) in 1 object(s) allocated from:
#0 0x55842ec799d8 in __interceptor_calloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294e9d8)
(BuildId: 47496e53f3e779f1c7e9b82cbea07407152b498b)
#1 0x7fe793c75c50 in g_malloc0 debian/build/deb/../../../glib/gmem.c:161:13
#2 0x55842f0aec5d in register_init_block hw/core/register.c:248:34
#3 0x55842f0af6be in register_init_block32 hw/core/register.c:299:12
#4 0x55842f801588 in trng_init hw/misc/xlnx-versal-trng.c:614:9
#5 0x558431c411a1 in object_init_with_type qom/object.c:420:9
#6 0x558431c2847b in object_initialize_with_type qom/object.c:562:5
#7 0x558431c29d1d in object_new_with_type qom/object.c:782:5
#8 0x558431c29df1 in object_new qom/object.c:797:12
#9 0x558432427c1d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-6-peter.maydell@linaro.org
Commit: 5b836d001aa8fbf4a33d50b4edeb1c6f0985999d
https://github.com/qemu/qemu/commit/5b836d001aa8fbf4a33d50b4edeb1c6f0985999d
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/nvram/xlnx-versal-efuse-ctrl.c
M include/hw/nvram/xlnx-versal-efuse.h
Log Message:
-----------
hm/nvram/xlnx-versal-efuse-ctrl: Call register_finalize_block
The TYPE_XLNX_VERSAL_EFUSE_CTRL device creates a register block with
register_init_block32() in its instance_init method; we must
therefore destroy it in our instance_finalize method to avoid a leak
in the QOM introspection "init-inspect-finalize" lifecycle:
Direct leak of 304 byte(s) in 1 object(s) allocated from:
#0 0x55f222b5b9d8 in __interceptor_calloc
(/mnt/nvmedisk/linaro/qemu-from-laptop/qemu/build/asan/qemu-system-aarch64+0x294e9d8)
(BuildId: 420
43d49e1139e3f3071b1f22fac1e3e7249c9a6)
#1 0x7fbb10669c50 in g_malloc0 debian/build/deb/../../../glib/gmem.c:161:13
#2 0x55f222f90c5d in register_init_block hw/core/register.c:248:34
#3 0x55f222f916be in register_init_block32 hw/core/register.c:299:12
#4 0x55f223bbdd15 in efuse_ctrl_init hw/nvram/xlnx-versal-efuse-ctrl.c:718:9
#5 0x55f225b23391 in object_init_with_type qom/object.c:420:9
#6 0x55f225b0a66b in object_initialize_with_type qom/object.c:562:5
#7 0x55f225b0bf0d in object_new_with_type qom/object.c:782:5
#8 0x55f225b0bfe1 in object_new qom/object.c:797:12
#9 0x55f226309e0d in qmp_device_list_properties qom/qom-qmp-cmds.c:144:11
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Reviewed-by: Francisco Iglesias <francisco.iglesias@amd.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20240822162127.705879-7-peter.maydell@linaro.org
Commit: c2a33809e5c119f849625132544c19a180115549
https://github.com/qemu/qemu/commit/c2a33809e5c119f849625132544c19a180115549
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/sbsa-ref.c
Log Message:
-----------
hw/arm/sbsa-ref: Don't leak string in sbsa_fdt_add_gic_node()
In sbsa_fdt_add_gic_node() we g_strdup_printf() two nodename
strings, but only free one.
Since the string is actually entirely constant and we don't
make any use of printf's format-string operations, we can
drop the g_strdup_printf() use entirely.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Gavin Shan <gshan@redhat.com>
Message-id: 20240822162323.706382-1-peter.maydell@linaro.org
Commit: 76dd36660b2553616b099ca6cd914f01a7997b2c
https://github.com/qemu/qemu/commit/76dd36660b2553616b099ca6cd914f01a7997b2c
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M target/arm/tcg/translate-vfp.c
M target/arm/tcg/vfp.decode
Log Message:
-----------
target/arm: Correct names of VFP VFNMA and VFNMS insns
In vfp.decode we have the names of the VFNMA and VFNMS instructions
the wrong way around. The architecture says that bit 6 is the 'op'
bit, which is 1 for VFNMA and 0 for VFNMS, but we label these two
lines of decode the other way around. This doesn't cause any
user-visible problem because in the handling of these functions in
translate-vfp.c we give VFNMA the behaviour specified for VFNMS and
vice-versa, but it's confusing when reading the code.
Switch the names of the VFP VFNMA and VFNMS instructions in
the decode file and flip the behaviour also.
NB: the instructions VFMA and VFMS *are* decoded with op=0 for
VFMA and op=1 for VFMS; the confusion probably arose because
we assumed VFNMA and VFNMS to be the same way around.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2536
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20240830152156.2046590-1-peter.maydell@linaro.org
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Commit: 4ab25d1aa6c17f29cac029d91cd5b920e0c2929d
https://github.com/qemu/qemu/commit/4ab25d1aa6c17f29cac029d91cd5b920e0c2929d
Author: Sebastian Huber <sebastian.huber@embedded-brains.de>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/xilinx_zynq.c
Log Message:
-----------
hw/arm/xilinx_zynq: Enable Security Extensions
The system supports the Security Extensions (core and GIC). This change is
necessary to run tests which pass on the real hardware.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Tested-by: Edgar E. Iglesias <edgar.iglesias@amd.com>
Message-id: 20240828005019.57705-1-sebastian.huber@embedded-brains.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 2b490f150af4beee10250c8cb0da8a5b66b308e7
https://github.com/qemu/qemu/commit/2b490f150af4beee10250c8cb0da8a5b66b308e7
Author: Changbin Du <changbin.du@huawei.com>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/boot.c
Log Message:
-----------
hw/arm/boot: Report error msg if loading elf/dtb failed
Print errors before exit. Do not exit silently.
Cc: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Changbin Du <changbin.du@huawei.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240903133940.3447430-1-changbin.du@huawei.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 17e93dd5faaf3ba8a1df099cc9396e4943baa892
https://github.com/qemu/qemu/commit/17e93dd5faaf3ba8a1df099cc9396e4943baa892
Author: Philippe Mathieu-Daudé <philmd@linaro.org>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/arm/boot.c
Log Message:
-----------
hw/arm/boot: Explain why load_elf_hdr() error is ignored
If the file is not an ELF file, arm_setup_direct_kernel_boot()
falls back to try it as a uimage or an AArch64 Image file or as
last resort a bare raw binary. We can discard load_elf_hdr()
error and silently return.
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20240903144154.17135-1-philmd@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Commit: 99ec7b440a1d6a6ef07450b68687d24d13a25fb5
https://github.com/qemu/qemu/commit/99ec7b440a1d6a6ef07450b68687d24d13a25fb5
Author: Gao Shiyuan <gaoshiyuan@baidu.com>
Date: 2024-09-05 (Thu, 05 Sep 2024)
Changed paths:
M hw/core/platform-bus.c
Log Message:
-----------
platform-bus: fix refcount leak
memory_region_find() returns an MR which it is the caller's
responsibility to unref, but platform_bus_map_mmio() was
forgetting to do so, thus leaking the MR.
Signed-off-by: Gao Shiyuan <gaoshiyuan@baidu.com>
Message-id: 20240829131005.9196-1-gaoshiyuan@baidu.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: tweaked commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Commit: d1e8bea9c9c1869bfbb28b7a3e9d8e3b6f8aca46
https://github.com/qemu/qemu/commit/d1e8bea9c9c1869bfbb28b7a3e9d8e3b6f8aca46
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-06 (Fri, 06 Sep 2024)
Changed paths:
M tests/qtest/dm163-test.c
M tests/qtest/stm32l4x5_usart-test.c
Log Message:
-----------
tests/qtest: Add missing qtest_quit() to stm32 tests
In the dm163-test and stm32l4x5_usart-test, a couple of subtests are
missing the qtest_quit() call. The effect of this is that on hosts
other than Linux and FreeBSD the test will timeout after executing
all the tests:
242/845 qemu:qtest+qtest-arm / qtest-arm/dm163-test
TIMEOUT 60.04s 3 subtests passed
100/845 qemu:qtest+qtest-arm / qtest-arm/stm32l4x5_usart-test
TIMEOUT 600.02s 5 subtests passed
This happens because the qemu-system-arm binary which the test
starts does not exit, and because it shares the stdout with the
test binary, the overall meson test harness thinks the test is
still running. On Linux and FreeBSD we have an extra safety net
set up in qtest_spawn_qemu() which kills off any QEMU binary that
ends up without a parent. This is intended for the case where
QEMU crashed and didn't respond to a SIGTERM or polite request
to quit, but it also sidestepped the problem in this case.
However, OpenBSD doesn't have a PDEATHSIG equivalent, so we
see the timeouts when running a 'make vm-build-openbsd' run.
Add the missing qtest_quit() calls.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20240905165554.320577-2-peter.maydell@linaro.org
Commit: bdb468294135bf259ed0281d13b0ef5d989e1c9a
https://github.com/qemu/qemu/commit/bdb468294135bf259ed0281d13b0ef5d989e1c9a
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-06 (Fri, 06 Sep 2024)
Changed paths:
M tests/qtest/meson.build
Log Message:
-----------
tests/qtest: Bump timeout on ahci-test
On my OpenBSD VM test system, the ahci-test sometimes hits its 60 second
timeout. It has 75 subtests and allowing at least two seconds per
subtest seems reasonable. Bump it to 150s.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-id: 20240905165554.320577-3-peter.maydell@linaro.org
Commit: ec08d9a51e6af3cd3edbdbf2ca6e97a1e2b5f0d1
https://github.com/qemu/qemu/commit/ec08d9a51e6af3cd3edbdbf2ca6e97a1e2b5f0d1
Author: Peter Maydell <peter.maydell@linaro.org>
Date: 2024-09-06 (Fri, 06 Sep 2024)
Changed paths:
M accel/tcg/tcg-accel-ops-rr.c
M docs/system/arm/emulation.rst
M hw/arm/boot.c
M hw/arm/sbsa-ref.c
M hw/arm/smmuv3.c
M hw/arm/virt.c
M hw/arm/xilinx_zynq.c
M hw/core/machine.c
M hw/core/platform-bus.c
M hw/i386/pc.c
M hw/i386/pc_piix.c
M hw/i386/pc_q35.c
M hw/m68k/virt.c
M hw/misc/xlnx-versal-cfu.c
M hw/misc/xlnx-versal-trng.c
M hw/nvram/xlnx-bbram.c
M hw/nvram/xlnx-versal-efuse-ctrl.c
M hw/nvram/xlnx-zynqmp-efuse.c
M hw/ppc/spapr.c
M hw/s390x/s390-virtio-ccw.c
M include/hw/arm/virt.h
M include/hw/boards.h
M include/hw/i386/pc.h
M include/hw/misc/xlnx-versal-trng.h
M include/hw/nvram/xlnx-bbram.h
M include/hw/nvram/xlnx-versal-efuse.h
M include/hw/nvram/xlnx-zynqmp-efuse.h
M target/arm/cpu-features.h
M target/arm/cpu.h
M target/arm/helper.h
M target/arm/tcg/cpu64.c
M target/arm/tcg/helper-sme.h
M target/arm/tcg/sme_helper.c
M target/arm/tcg/translate-a64.c
M target/arm/tcg/translate-neon.c
M target/arm/tcg/translate-sme.c
M target/arm/tcg/translate-sve.c
M target/arm/tcg/translate-vfp.c
M target/arm/tcg/vec_helper.c
M target/arm/tcg/vec_internal.h
M target/arm/tcg/vfp.decode
M target/arm/vfp_helper.c
Log Message:
-----------
Merge tag 'pull-target-arm-20240905' of
https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Implement FEAT_EBF16 emulation
* accel/tcg: Remove dead code from rr_cpu_thread_fn()
* hw: add compat machines for 9.2
* virt: default to two-stage SMMU from virt-9.2
* sbsa-ref: use two-stage SMMU
* hw: Various minor memory leak fixes
* target/arm: Correct names of VFP VFNMA and VFNMS insns
* hw/arm/xilinx_zynq: Enable Security Extensions
* hw/arm/boot: Report error msg if loading elf/dtb failed
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmbZqzEZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3lJ7D/9s/ZTkiCj/z+caHotwNJVt
# ECgEEVinitwZxSMINZd1f6bxTY8hYVjMewj6A6RvHtMJMr7SUOmL8wi0YlbhTm44
# jb8dZVf3pzPaZ399jxOeGnFipGyKmK0XM5rKc7CP6yJUS3B9RkUbLEHng8Q0ZBtl
# cnZqI12jJBdtHU8D4JIvBgM2N2ay4bKY8EQEPCv4S7ZTKawWcKgSR5pMd2TBIqIT
# 0gaDL3eOgCt2XWIrMzRjvaJK70obN/+n+vZQskJ/sIDsw+Kz8sZGlivdBXLRmQ+A
# OUgtdyZoD42Q8KtwM0bjoaoxz6VMNPJp5khB45EPjVgWyeyJ0L6ZcWCX7nT4hZsi
# 1C0NJaJU6HQbfsPiMIGxgHYJCbQue/mVBE02MPhmN8fZlsTRKWT9Miu67S0PI5Ib
# ZWo88Ew1coucBm25K2NWdoR3dCP8EFnxqL556L8M4iDWYQ/djf8cpFAN9QJBFrNw
# CaXS+vxIFUjZ6TSjf8gOYPAONmAg5DsCucgyO4MBKnvlY5h2J+GTq/FC+kWzL9jE
# UfhqOWSP34ol2lg319zOtKg4Ga+GOivo2DmgWQhDwZ2rmRR+xgN8rkQjpJKIT5Zj
# Ji+ucJrghBZ0sN622QYG0u0Ap9Jy4KCOxcFfS1b4gNhmMDWg27Tx9tIguXmjOE3M
# aAs4wmm4Nz4kpsf1KkB11Q==
# =gZuf
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 05 Sep 2024 13:59:29 BST
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
[ultimate]
# gpg: aka "Peter Maydell <peter@archaic.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83 15CF 3C25 25ED 1436 0CDE
* tag 'pull-target-arm-20240905' of
https://git.linaro.org/people/pmaydell/qemu-arm: (25 commits)
platform-bus: fix refcount leak
hw/arm/boot: Explain why load_elf_hdr() error is ignored
hw/arm/boot: Report error msg if loading elf/dtb failed
hw/arm/xilinx_zynq: Enable Security Extensions
target/arm: Correct names of VFP VFNMA and VFNMS insns
hw/arm/sbsa-ref: Don't leak string in sbsa_fdt_add_gic_node()
hm/nvram/xlnx-versal-efuse-ctrl: Call register_finalize_block
hw/misc/xlnx-versal-trng: Call register_finalize_block
hw/nvram/xlnx-zynqmp-efuse: Call register_finalize_block
hw/nvram/xlnx-bbram: Call register_finalize_block
hw/misc/xlnx-versal-trng: Free s->prng in finalize, not unrealize
hw/misc/xlnx-versal-cfu: destroy fifo in finalize
hw/arm/sbsa-ref: Use two-stage SMMU
hw/arm/virt: Default to two-stage SMMU from virt-9.2
hw/arm/smmuv3: Update comment documenting "stage" property
hw: add compat machines for 9.2
accel/tcg: Remove dead code from rr_cpu_thread_fn()
target/arm: Enable FEAT_EBF16 in the "max" CPU
target/arm: Implement FPCR.EBF=1 semantics for bfdotadd()
target/arm: Prepare bfdotadd() callers for FEAT_EBF support
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Compare: https://github.com/qemu/qemu/compare/becd69449791...ec08d9a51e6a
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
- [Qemu-commits] [qemu/qemu] 8b0898: target/arm: Allow setting the FPCR.EBF bit for FEA...,
Peter Maydell <=