Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* target/i386: Introduce SapphireRapids-v3 to add missing features
* switch boards to "default y"
* allow building emulators

Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging

* target/i386: Introduce SapphireRapids-v3 to add missing features
* switch boards to "default y"
* allow building emulators without any board
* configs: list "implied" device groups in the default configs
* remove unnecessary declarations from typedefs.h
* target/i386: Give IRQs a chance when resetting HF_INHIBIT_IRQ_MASK

# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmY1ILsUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroNtIwf+MEehq2HudZvsK1M8FrvNmkB/AssO
# x4tqL8DlTus23mQDBu9+rANTB93ManJdK9ybtf6NfjEwK+R8RJslLVnuy/qT+aQX
# PD208L88fjZg17G8uyawwvD1VmqWzHFSN14ShmKzqB2yPXXo/1cJ30w78DbD50yC
# 6rw/xbC5j195CwE2u8eBcIyY4Hh2PUYEE4uyHbYVr57cMjfmmA5Pg4I4FJrpLrF3
# eM2Avl/4pIbsW3zxXVB8QbAkgypxZErk3teDK1AkPJnlnBYM1jGKbt/GdKe7vcHR
# V/o+7NlcbS3oHVItQ2gP3m91stjFq+NhixaZpa0VlmuqayBa3xNGl0G6OQ==
# =ZbNW
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 03 May 2024 10:36:59 AM PDT
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [full]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [full]

* tag 'for-upstream' of https://gitlab.com/bonzini/qemu: (46 commits)
qga/commands-posix: fix typo in qmp_guest_set_user_password
migration: do not include coroutine_int.h
kvm: move target-dependent interrupt routing out of kvm-all.c
pci: remove some types from typedefs.h
tcg: remove CPU* types from typedefs.h
display: remove GraphicHwOps from typedefs.h
qapi/machine: remove types from typedefs.h
monitor: remove MonitorDef from typedefs.h
migration: remove PostcopyDiscardState from typedefs.h
lockable: remove QemuLockable from typedefs.h
intc: remove PICCommonState from typedefs.h
qemu-option: remove QemuOpt from typedefs.h
net: remove AnnounceTimer from typedefs.h
numa: remove types from typedefs.h
qdev-core: remove DeviceListener from typedefs.h
fw_cfg: remove useless declarations from typedefs.h
build: do not build virtio-vga-gl if virgl/opengl not available
bitmap: Use g_try_new0/g_new0/g_renew
target/i386: Introduce SapphireRapids-v3 to add missing features
docs: document new convention for Kconfig board symbols
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

tcg: remove CPU* types from typedefs.h

hw/core/cpu.h is already using struct forward declarations in some cases
to avoid inclusions, and otherwise CPUAddressSpace and CPUJumpCache
are only used toge

tcg: remove CPU* types from typedefs.h

hw/core/cpu.h is already using struct forward declarations in some cases
to avoid inclusions, and otherwise CPUAddressSpace and CPUJumpCache
are only used together with their definition. CPUTLBEntryFull is
always used when their definition is available. Remove all three
from typedefs.h.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

show more ...

Merge tag 'accel-20240426' of https://github.com/philmd/qemu into staging

Accelerators patches

A lot of trivial cleanups and simplifications (moving methods around,
adding/removing #include stateme

Merge tag 'accel-20240426' of https://github.com/philmd/qemu into staging

Accelerators patches

A lot of trivial cleanups and simplifications (moving methods around,
adding/removing #include statements). Most notable changes:

- Rename NEED_CPU_H -> COMPILING_PER_TARGET
- Rename few template headers using the '.h.inc' suffix
- Extract some definitions / declarations into their own header:
- accel/tcg/user-retaddr.h (helper_retaddr)
- include/exec/abi_ptr.h (abi_ptr)
- include/exec/breakpoint.h (CPUBreakpoint, CPUWatchpoint)
- include/exec/mmu-access-type.h (MMUAccessType)
- include/user/tswap-target.h (tswapl, bswaptls)

# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmYsAuEACgkQ4+MsLN6t
# wN78Rg//V9UoE0U9Lh6Sd2WpcSAYP9D1CBa+iGXhrmel0utER1sQLu022nvcLdHc
# XtCgtX3H0yECF8dPX02rVp8IbSlOv3c8N/a6BxD79cRGqgXBYR/dEUqfXqeLJn3l
# a58YU3i7sLNQ0l7VnwTiBnI0lw170/xJl2B2mcR1SvWuH3dr5vTeIXNureu36ORo
# rc0oqWHbw1Pyyn8ADE2kPyFCOiwPwvcOvAk8dXGfib+mNCwNVV+ZUtAPi711VD8d
# 9VW2gu2sXwnWdpROrSugSw+aPVF4UjltL9qJEl5bxoqWFmlET1Zn2NpKvsocUXmh
# CMQQS2Tr4LpaaVQJGxx0yUe0B65X5+gCkIhsMOubED7GRyTCjrkOPm6exz3ge6WV
# YmIboggFAk3OjAzLs7yZVkWsTK1Y3+3eX0u7AWPUsUu7rCT/Toc6QxDS7eT2hJfq
# UDXI355PGbImgiArQa+OsT7v1Le4/iQa+TfN4fdUDpxEdfaxhnijWh+E91CEp+w/
# Mq7db9Z1aMnhFKIKdkPYyfwB74yXQrmYchJ0QojZjbzqNGwkt9VeC7O9RcYjEaHM
# hMIexwccxexqGH22wn8vPd6ZVKtiLaG4AXO0v6Dn2YJ7/zb/ntcI6lRZqdBAHKNK
# MzkjTRRRR0wAfu8Lk8CaNNEqUP4Po43fbYymo6AZhIR8NqfApL0=
# =ifBx
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 26 Apr 2024 12:39:13 PM PDT
# gpg: using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]

* tag 'accel-20240426' of https://github.com/philmd/qemu: (38 commits)
plugins: Include missing 'qemu/bitmap.h' header
hw/core: Avoid including the full 'hw/core/cpu.h' in 'tcg-cpu-ops.h'
exec: Move CPUTLBEntry helpers to cputlb.c
exec: Restrict inclusion of 'user/guest-base.h'
exec: Rename 'exec/user/guest-base.h' as 'user/guest-base.h'
exec: Restrict 'cpu_ldst.h' to TCG accelerator
exec: Restrict TCG specific declarations of 'cputlb.h'
exec: Declare CPUBreakpoint/CPUWatchpoint type in 'breakpoint.h' header
exec: Declare MMUAccessType type in 'mmu-access-type.h' header
exec: Declare abi_ptr type in its own 'abi_ptr.h' header
exec/user: Do not include 'cpu.h' in 'abitypes.h'
exec: Move [b]tswapl() declarations to 'exec/user/tswap-target.h'
exec: Declare target_words_bigendian() in 'exec/tswap.h'
exec/cpu-all: Remove unused tswapls() definitions
exec/cpu-all: Remove unused 'qemu/thread.h' header
exec/cpu-all: Reduce 'qemu/rcu.h' header inclusion
accel/hvf: Use accel-specific per-vcpu @dirty field
accel/nvmm: Use accel-specific per-vcpu @dirty field
accel/whpx: Use accel-specific per-vcpu @dirty field
accel/tcg: Rename helper-head.h -> helper-head.h.inc
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Include missing headers in 'tb-jmp-cache.h'

Due to missing headers, when including "tb-jmp-cache.h" we might get:

accel/tcg/tb-jmp-cache.h:21:21: error: field ‘rcu’ has incomplete type

accel/tcg: Include missing headers in 'tb-jmp-cache.h'

Due to missing headers, when including "tb-jmp-cache.h" we might get:

accel/tcg/tb-jmp-cache.h:21:21: error: field ‘rcu’ has incomplete type
21 | struct rcu_head rcu;
| ^~~
accel/tcg/tb-jmp-cache.h:24:9: error: unknown type name ‘vaddr’
24 | vaddr pc;
| ^~~~~

Add the missing "qemu/rcu.h" and "exec/cpu-common.h" headers.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240111162442.43755-1-philmd@linaro.org>

show more ...

Merge tag 'pull-tcg-20240130' of https://gitlab.com/rth7680/qemu into staging

linux-user: Allow gdbstub to ignore page protection
cpu-exec: simplify jump cache management
include/exec: Cleanups towa

Merge tag 'pull-tcg-20240130' of https://gitlab.com/rth7680/qemu into staging

linux-user: Allow gdbstub to ignore page protection
cpu-exec: simplify jump cache management
include/exec: Cleanups toward building accel/tcg once

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmW4LXcdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+CgAf8CdqkvKsUK9/5bu99
# 9E4kRBkR8KqWYvBfRs4IFmjoEdEa4sCujWrHliOcW7Kh+XlVyAPI9rZG32QkxCEQ
# hi9WXieXjfPLTTmrbeiq7cwxztSj8Z55wwvbxkrtFyGDQ0AMccp49tAvfejEb6VD
# Ssx96nWQDgryLrn+My+wMQjl9aVKUWp5vB8k12aAcpRXPH2yoGE2JHAZ1C743nA6
# rShiJAT78HwERcMXDeYmmriYg0s4Z4+A6ErTiXDnFgj87YanHZc0I/55G5Sh+pW8
# REicD3jwS0GHOOHL0K781FopE1wTM442GLVxobXoxUXsHEiO+3TK5JdEIqvSstYA
# fRB8Pg==
# =xZOe
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 29 Jan 2024 22:57:59 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F

* tag 'pull-tcg-20240130' of https://gitlab.com/rth7680/qemu: (31 commits)
target/i386: Extract x86_cpu_exec_halt() from accel/tcg/
accel/tcg: Introduce TCGCPUOps::cpu_exec_halt() handler
accel/tcg: Inline need_replay_interrupt
target/i386: Extract x86_need_replay_interrupt() from accel/tcg/
accel/tcg: Introduce TCGCPUOps::need_replay_interrupt() handler
accel/tcg: Use CPUState.cc instead of CPU_GET_CLASS in cpu-exec.c
target/loongarch: Constify loongarch_tcg_ops
include/qemu: Add TCGCPUOps typedef to typedefs.h
accel/tcg: Un-inline icount_exit_request() for clarity
accel/tcg: Rename tcg_cpus_exec() -> tcg_cpu_exec()
accel/tcg: Rename tcg_cpus_destroy() -> tcg_cpu_destroy()
accel/tcg: Rename tcg_ss[] -> tcg_specific_ss[] in meson
accel/tcg: Move perf and debuginfo support to tcg/
accel/tcg: Remove #ifdef TARGET_I386 from perf.c
tcg: Make tb_cflags() usable from target-agnostic code
accel/tcg: Make use of qemu_target_page_mask() in perf.c
target: Make qemu_target_page_mask() available for *-user
accel/tcg/cpu-exec: Use RCU_READ_LOCK_GUARD
tests/tcg: Add the PROT_NONE gdbstub test
tests/tcg: Factor out gdbstub test functions
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

cpu-exec: simplify jump cache management

Unless I'm missing something egregious, the jmp cache is only every
populated with a valid entry by the same thread that reads the cache.
Therefore, the cont

cpu-exec: simplify jump cache management

Unless I'm missing something egregious, the jmp cache is only every
populated with a valid entry by the same thread that reads the cache.
Therefore, the contents of any valid entry are always consistent and
there is no need for any acquire/release magic.

Indeed ->tb has to be accessed with atomics, because concurrent
invalidations would otherwise cause data races. But ->pc is only ever
accessed by one thread, and accesses to ->tb and ->pc within tb_lookup
can never race with another tb_lookup. While the TranslationBlock
(especially the flags) could be modified by a concurrent invalidation,
store-release and load-acquire operations on the cache entry would
not add any additional ordering beyond what you get from performing
the accesses within a single thread.

Because of this, there is really nothing to win in splitting the CF_PCREL
and !CF_PCREL paths. It is easier to just always use the ->pc field in
the jump cache.

I noticed this while working on splitting commit 8ed558ec0cb
("accel/tcg: Introduce TARGET_TB_PCREL", 2022-10-04) into multiple
pieces, for the sake of finding a more fine-grained bisection
result for https://gitlab.com/qemu-project/qemu/-/issues/2092.
It does not (and does not intend to) fix that issue; therefore
it may make sense to not commit it until the root cause
of issue #2092 is found.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Tested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240122153409.351959-1-pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

Merge tag 'pull-tcg-20230626' of https://gitlab.com/rth7680/qemu into staging

accel/tcg: Replace target_ulong in some APIs
accel/tcg: Remove CONFIG_PROFILER
accel/tcg: Store some tlb flags in CPUTLB

Merge tag 'pull-tcg-20230626' of https://gitlab.com/rth7680/qemu into staging

accel/tcg: Replace target_ulong in some APIs
accel/tcg: Remove CONFIG_PROFILER
accel/tcg: Store some tlb flags in CPUTLBEntryFull
tcg: Issue memory barriers as required for the guest memory model
tcg: Fix temporary variable in tcg_gen_gvec_andcs

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmSZsPgdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+kWAf+ODI9qRvVbb4/uYv8
# k7wMhCxX9kk5bRVr+QcqDn9RekAdsyOKSdkAAv4NeRFqHs3ukxhMxu0N2aiVXGDw
# WtpsV73FrivAXaCxRj0aaYCsX8qFUQM4eWORZX2+V4AO0BtMHx1loK3bUQwdBTqN
# jgkpn8BYeFdfUJjvvEj9XeSJ7s0n/p7esaf6VKajef/PbrcgYAeHg72tb5Vv5LTI
# oxhU4icpaq/FT+SolnGzh4nRV7yqji9qFJ2INb0Uanx/WxCMD6CQJ0rDw55UouvH
# t7zGDn8FKDZJGQGxAbUav3evqWcBlkG5VzuhQli3P1+WbGF9jV0KI1nelOuafCKI
# 0enECg==
# =XvZb
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon 26 Jun 2023 05:38:32 PM CEST
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [ultimate]

* tag 'pull-tcg-20230626' of https://gitlab.com/rth7680/qemu: (22 commits)
accel/tcg: Renumber TLB_DISCARD_WRITE
accel/tcg: Move TLB_WATCHPOINT to TLB_SLOW_FLAGS_MASK
accel/tcg: Store some tlb flags in CPUTLBEntryFull
accel/tcg: Remove check_tcg_memory_orders_compatible
tcg: Add host memory barriers to cpu_ldst.h interfaces
tcg: Do not elide memory barriers for !CF_PARALLEL in system mode
target/microblaze: Define TCG_GUEST_DEFAULT_MO
tcg: Fix temporary variable in tcg_gen_gvec_andcs
accel/tcg: remove CONFIG_PROFILER
tests/plugin: Remove duplicate insn log from libinsn.so
softfloat: use QEMU_FLATTEN to avoid mistaken isra inlining
cpu: Replace target_ulong with hwaddr in tb_invalidate_phys_addr()
accel/tcg: Replace target_ulong with vaddr in translator_*()
accel/tcg: Replace target_ulong with vaddr in *_mmu_lookup()
accel: Replace target_ulong with vaddr in probe_*()
accel/tcg: Widen pc to vaddr in CPUJumpCache
accel/tcg/cpu-exec.c: Widen pc to vaddr
accel/tcg/cputlb.c: Widen addr in MMULookupPageData
accel/tcg/cputlb.c: Widen CPUTLBEntry access functions
target: Widen pc/cs_base in cpu_get_tb_cpu_state
...

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Widen pc to vaddr in CPUJumpCache

Related functions dealing with the jump cache are also updated.

Signed-off-by: Anton Johansson <anjo@rev.ng>
Reviewed-by: Richard Henderson <richard.hen

accel/tcg: Widen pc to vaddr in CPUJumpCache

Related functions dealing with the jump cache are also updated.

Signed-off-by: Anton Johansson <anjo@rev.ng>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230621135633.1649-8-anjo@rev.ng>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

Merge tag 'pull-tcg-20230301' of https://gitlab.com/rth7680/qemu into staging

helper-head: Add fpu/softfloat-types.h
softmmu: Use memmove in flatview_write_continue
tcg: Add sign param to probe_acce

Merge tag 'pull-tcg-20230301' of https://gitlab.com/rth7680/qemu into staging

helper-head: Add fpu/softfloat-types.h
softmmu: Use memmove in flatview_write_continue
tcg: Add sign param to probe_access_flags, probe_access_full
tcg: Convert TARGET_TB_PCREL to CF_PCREL
tcg: Simplify temporary lifetimes for translators

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmP/jWUdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9TcQf7B7+K/lrWvUVhZ4By
# 7zrNIJKGwsxuQhGq9mS2Nx9ds9es5mS8SQT1ieNG6a51n6Gq8S2B8yFCRFdlDZWD
# /QrMSjxrs+4c6pNHZu4v20Huy/VW0y004eYdGc8Lu5cXTDpy1mUZ2PrZYlWNQEVY
# 4Ts5rTWdSZHRU1+dbB8MTWlml9//++TPB+ZvzqSb8jnRJfw4z7ijVJjUEEb93gQg
# 8S3JiPU6d1ZzoXzGMK7Wd0MMi4pQUZkaX1HOpzvmQXjeErSP87CZvvji/Cucm8iW
# rJ4U7t99nmZDqG9W1zdZfYfKNp4nLlfVldQWFVIx45awSPS0mCzrmeBT5NHyrxYK
# 4OtuNQ==
# =vzqE
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed 01 Mar 2023 17:37:41 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F

* tag 'pull-tcg-20230301' of https://gitlab.com/rth7680/qemu: (62 commits)
tcg: Update docs/devel/tcg-ops.rst for temporary changes
tcg: Remove tcg_temp_local_new_*, tcg_const_local_*
exec/gen-icount: Don't use tcg_temp_local_new_i32
target/xtensa: Don't use tcg_temp_local_new_*
target/ppc: Don't use tcg_temp_local_new
target/mips: Don't use tcg_temp_local_new
target/i386: Don't use tcg_temp_local_new
target/hppa: Don't use tcg_temp_local_new
target/hexagon/idef-parser: Drop gen_tmp_local
target/hexagon: Don't use tcg_temp_local_new_*
target/cris: Don't use tcg_temp_local_new
target/arm: Don't use tcg_temp_local_new_*
target/arm: Drop copies in gen_sve_{ldr,str}
tcg: Change default temp lifetime to TEMP_TB
tcg: Don't re-use TEMP_TB temporaries
accel/tcg/plugin: Tidy plugin_gen_disable_mem_helpers
accel/tcg/plugin: Use tcg_temp_ebb_*
tcg: Use tcg_constant_ptr in do_dup
tcg: Use tcg_temp_ebb_new_* in tcg/
tcg: Add tcg_temp_ebb_new_{i32,i64,ptr}
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

accel/tcg: Move jmp-cache `CF_PCREL` checks to caller

tb-jmp-cache.h contains a few small functions that only exist to hide a
CF_PCREL check, however the caller often already performs such a check.

accel/tcg: Move jmp-cache `CF_PCREL` checks to caller

tb-jmp-cache.h contains a few small functions that only exist to hide a
CF_PCREL check, however the caller often already performs such a check.

This patch moves CF_PCREL checks from the callee to the caller, and also
removes these functions which now only hide an access of the jmp-cache.

Signed-off-by: Anton Johansson <anjo@rev.ng>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230227135202.9710-12-anjo@rev.ng>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Replace `TARGET_TB_PCREL` with `CF_PCREL`

Signed-off-by: Anton Johansson <anjo@rev.ng>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230227135202.9710-5-anjo@rev.

accel/tcg: Replace `TARGET_TB_PCREL` with `CF_PCREL`

Signed-off-by: Anton Johansson <anjo@rev.ng>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-Id: <20230227135202.9710-5-anjo@rev.ng>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

Merge tag 'pull-jan-omnibus-020223-1' of https://gitlab.com/stsquad/qemu into staging

Testing, docs, semihosting and plugin updates

- update playbooks for custom runners
- add section timing su

Merge tag 'pull-jan-omnibus-020223-1' of https://gitlab.com/stsquad/qemu into staging

Testing, docs, semihosting and plugin updates

- update playbooks for custom runners
- add section timing support to gitlab
- upgrade fedora images to 37
- purge perl from the build system and deps
- disable unstable tests in CI
- improve intro, emulation and semihosting docs
- semihosting bug fix and O_BINARY default
- add memory-sve test
- fix some races in qht
- improve plugin handling of memory helpers
- optimise plugin hooks
- fix some plugin deadlocks
- reduce win64-cross build time by dropping some targets

# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAmPb3fgACgkQ+9DbCVqe
# KkQbXAf9Eoc+PdNvafbqzH/blPjvd9ve8pJ+GcPDukNXwxP8OF/jFEJUQ1E7l9O7
# y0qV4akKCdIqVice4R5bK2CAq44Y3aut8SDf56C8E3Riha2zA2RbQWOv/zCvA3OP
# LFF+OaXZyg4JTR48HUKzh9ei2bd1+ccBSUe+xlRi59XaV5K8+5bmcZj10QKUR0lD
# 0HC5auEWWpayvd5D7Da15C7+oVY3LMCFxSdpHwbuIPPan/TRo5yqMI6ChYDKB8QD
# gdwMCL8znj2ADCTBftyBDYDAtjKVyLQidf7KdQHiSF+nmXYopS6SbsPCOMtJqCMH
# tXcKAIxs/MEntPrWTKTdtdnzotJVKw==
# =AtfN
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 02 Feb 2023 15:59:52 GMT
# gpg: using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8 DF35 FBD0 DB09 5A9E 2A44

* tag 'pull-jan-omnibus-020223-1' of https://gitlab.com/stsquad/qemu: (36 commits)
gitlab: cut even more from cross-win64-system build
plugins: Iterate on cb_lists in qemu_plugin_user_exit
cpu-exec: assert that plugin_mem_cbs is NULL after execution
tcg: exclude non-memory effecting helpers from instrumentation
translator: always pair plugin_gen_insn_{start, end} calls
plugins: fix optimization in plugin_gen_disable_mem_helpers
plugins: make qemu_plugin_user_exit's locking order consistent with fork_start's
util/qht: use striped locks under TSAN
thread: de-const qemu_spin_destroy
util/qht: add missing atomic_set(hashes[i])
cpu: free cpu->tb_jmp_cache with RCU
tests/tcg: add memory-sve test for aarch64
semihosting: add O_BINARY flag in host_open for NT compatibility
semihosting: Write back semihosting data before completion callback
docs: add an introduction to the system docs
semihosting: add semihosting section to the docs
docs: add a new section to outline emulation support
docs: add hotlinks to about preface text
MAINTAINERS: Fix the entry for tests/tcg/nios2
gitlab: wrap up test results for custom runners
...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

show more ...

cpu: free cpu->tb_jmp_cache with RCU

Fixes the appended use-after-free. The root cause is that
during tb invalidation we use CPU_FOREACH, and therefore
to safely free a vCPU we must wait for an RCU

cpu: free cpu->tb_jmp_cache with RCU

Fixes the appended use-after-free. The root cause is that
during tb invalidation we use CPU_FOREACH, and therefore
to safely free a vCPU we must wait for an RCU grace period
to elapse.

$ x86_64-linux-user/qemu-x86_64 tests/tcg/x86_64-linux-user/munmap-pthread
=================================================================
==1800604==ERROR: AddressSanitizer: heap-use-after-free on address 0x62d0005f7418 at pc 0x5593da6704eb bp 0x7f4961a7ac70 sp 0x7f4961a7ac60
READ of size 8 at 0x62d0005f7418 thread T2
#0 0x5593da6704ea in tb_jmp_cache_inval_tb ../accel/tcg/tb-maint.c:244
#1 0x5593da6704ea in do_tb_phys_invalidate ../accel/tcg/tb-maint.c:290
#2 0x5593da670631 in tb_phys_invalidate__locked ../accel/tcg/tb-maint.c:306
#3 0x5593da670631 in tb_invalidate_phys_page_range__locked ../accel/tcg/tb-maint.c:542
#4 0x5593da67106d in tb_invalidate_phys_range ../accel/tcg/tb-maint.c:614
#5 0x5593da6a64d4 in target_munmap ../linux-user/mmap.c:766
#6 0x5593da6dba05 in do_syscall1 ../linux-user/syscall.c:10105
#7 0x5593da6f564c in do_syscall ../linux-user/syscall.c:13329
#8 0x5593da49e80c in cpu_loop ../linux-user/x86_64/../i386/cpu_loop.c:233
#9 0x5593da6be28c in clone_func ../linux-user/syscall.c:6633
#10 0x7f496231cb42 in start_thread nptl/pthread_create.c:442
#11 0x7f49623ae9ff (/lib/x86_64-linux-gnu/libc.so.6+0x1269ff)

0x62d0005f7418 is located 28696 bytes inside of 32768-byte region [0x62d0005f0400,0x62d0005f8400)
freed by thread T148 here:
#0 0x7f49627b6460 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:52
#1 0x5593da5ac057 in cpu_exec_unrealizefn ../cpu.c:180
#2 0x5593da81f851 (/home/cota/src/qemu/build/qemu-x86_64+0x484851)

Signed-off-by: Emilio Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230111151628.320011-2-cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20230124180127.1881110-27-alex.bennee@linaro.org>

show more ...

Merge tag 'pull-tcg-20221004' of https://gitlab.com/rth7680/qemu into staging

Cache CPUClass for use in hot code paths.
Add CPUTLBEntryFull, probe_access_full, tlb_set_page_full.
Add generic support

Merge tag 'pull-tcg-20221004' of https://gitlab.com/rth7680/qemu into staging

Cache CPUClass for use in hot code paths.
Add CPUTLBEntryFull, probe_access_full, tlb_set_page_full.
Add generic support for TARGET_TB_PCREL.
tcg/ppc: Optimize 26-bit jumps using STQ for POWER 2.07
target/sh4: Fix TB_FLAG_UNALIGN

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmM8jXEdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV/oEggArAHK8FtydfQ4ZwnF
# SjXfpdP50OC0SZn3uBN93FZOrxz9UYG9t1oDHs39J/+b/u2nwJYch//EH2k+NtOW
# hc3iIgS9bWgs/UWZESkViKQccw7gpYlc21Br38WWwFNEFyecX0p+e9pJgld5rSv1
# mRGvCs5J2svH2tcXl/Sb/JWgcumOJoG7qy2aLyJGolR6UOfwcfFMzQXzq8qjpRKH
# Jh84qusE/rLbzBsdN6snJY4+dyvUo03lT5IJ4d+FQg2tUip+Qqt7pnMbsqq6qF6H
# R6fWU1JTbsh7GxXJwQJ83jLBnUsi8cy6FKrZ3jyiBq76+DIpR0PqoEe+PN/weInU
# TN0z4g==
# =RfXJ
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 04 Oct 2022 15:45:53 EDT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F

* tag 'pull-tcg-20221004' of https://gitlab.com/rth7680/qemu:
target/sh4: Fix TB_FLAG_UNALIGN
tcg/ppc: Optimize 26-bit jumps
accel/tcg: Introduce TARGET_TB_PCREL
accel/tcg: Introduce tb_pc and log_pc
hw/core: Add CPUClass.get_pc
include/hw/core: Create struct CPUJumpCache
accel/tcg: Inline tb_flush_jmp_cache
accel/tcg: Do not align tb->page_addr[0]
accel/tcg: Use DisasContextBase in plugin_gen_tb_start
accel/tcg: Use bool for page_find_alloc
accel/tcg: Remove PageDesc code_bitmap
include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA
accel/tcg: Introduce tlb_set_page_full
accel/tcg: Introduce probe_access_full
accel/tcg: Suppress auto-invalidate in probe_access_internal
accel/tcg: Drop addr member from SavedIOTLB
accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull
cputlb: used cached CPUClass in our hot-paths
hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs
cpu: cache CPUClass in CPUState for hot code paths

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

show more ...

accel/tcg: Introduce TARGET_TB_PCREL

Prepare for targets to be able to produce TBs that can
run in more than one virtual context.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Ri

accel/tcg: Introduce TARGET_TB_PCREL

Prepare for targets to be able to produce TBs that can
run in more than one virtual context.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

include/hw/core: Create struct CPUJumpCache

Wrap the bare TranslationBlock pointer into a structure.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@ams

include/hw/core: Create struct CPUJumpCache

Wrap the bare TranslationBlock pointer into a structure.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...