target-arm queue for 3.1: mostly bug fixes, but the "turn on

EL2 support for Cortex-A7 and -A15" is technically enabling

of a new feature... I think this is OK since we're only at rc1,

and it's easy to revert that feature bit flip if necessary.

The following changes since commit 5704c36d25ee84e7129722cb0db53df9faefe943:

Merge remote-tracking branch 'remotes/kraxel/tags/fixes-31-20181112-pull-request' into staging (2018-11-12 15:55:40 +0000)

https://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20181112

for you to fetch changes up to 1a4c1a6dbf60aebddd07753f1013ea896c06ad29:

target/arm/cpu: Give Cortex-A15 and -A7 the EL2 feature (2018-11-12 16:52:29 +0000)

target/arm queue:

* Remove no-longer-needed workaround for small SAU regions for v8M

* Remove antique TODO comment

* MAINTAINERS: Add an entry for the 'collie' machine

* hw/arm/sysbus-fdt: Only call match_fn callback if the type matches

* Fix infinite recursion in tlbi_aa64_vmalle1_write()

* ARM KVM: fix various bugs in handling of guest debugging

* Correctly implement handling of HCR_EL2.{VI, VF}

* Hyp mode R14 is shared with User and System

* Give Cortex-A15 and -A7 the EL2 feature

Alex Bennée (6):

target/arm64: properly handle DBGVR RESS bits

target/arm64: hold BQL when calling do_interrupt()

target/arm64: kvm debug set target_el when passing exception to guest

tests/guest-debug: fix scoping of failcount

arm: use symbolic MDCR_TDE in arm_debug_target_el

arm: fix aa64_generate_debug_exceptions to work with EL2

Eric Auger (1):

hw/arm/sysbus-fdt: Only call match_fn callback if the type matches

Peter Maydell (7):

target/arm: Remove workaround for small SAU regions

target/arm: Remove antique TODO comment

Revert "target/arm: Implement HCR.VI and VF"

target/arm: Track the state of our irq lines from the GIC explicitly

target/arm: Correctly implement handling of HCR_EL2.{VI, VF}

target/arm: Hyp mode R14 is shared with User and System

target/arm/cpu: Give Cortex-A15 and -A7 the EL2 feature

Richard Henderson (1):

target/arm: Fix typo in tlbi_aa64_vmalle1_write

Thomas Huth (1):

MAINTAINERS: Add an entry for the 'collie' machine

Before we supported direct execution from MMIO regions, we

implemented workarounds in commit 720424359917887c926a33d2

which let us avoid doing so, even if the SAU or MPU region

was less than page-sized.

Once we implemented execute-from-MMIO, we removed part

of those workarounds in commit d4b6275df320cee76; but

we forgot the one in get_phys_addr_pmsav8() which

suppressed use of small SAU regions in executable regions.

Remove that workaround now.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Message-id: 20181106163801.14474-1-peter.maydell@linaro.org

target/arm/helper.c | 12 ------------

1 file changed, 12 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c

--- a/target/arm/helper.c

+++ b/target/arm/helper.c

@@ -XXX,XX +XXX,XX @@ static bool get_phys_addr_pmsav8(CPUARMState *env, uint32_t address,

ret = pmsav8_mpu_lookup(env, address, access_type, mmu_idx, phys_ptr,

txattrs, prot, &mpu_is_subpage, fi, NULL);

- /*

- * TODO: this is a temporary hack to ignore the fact that the SAU region

- * is smaller than a page if this is an executable region. We never

- * supported small MPU regions, but we did (accidentally) allow small

- * SAU regions, and if we now made small SAU regions not be executable

- * then this would break previously working guest code. We can't

- * remove this until/unless we implement support for execution from

- * small regions.

- */

- if (*prot & PAGE_EXEC) {

- sattrs.subpage = false;

- }

*page_size = sattrs.subpage || mpu_is_subpage ? 1 : TARGET_PAGE_SIZE;

return ret;

}

2.19.1

Remove a TODO comment about implementing the vectored interrupt

controller. We have had an implementation of that for a decade;

it's in hw/intc/pl190.c.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Message-id: 20181106164118.16184-1-peter.maydell@linaro.org

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

target/arm/helper.c | 1 -

1 file changed, 1 deletion(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c

--- a/target/arm/helper.c

+++ b/target/arm/helper.c

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_do_interrupt_aarch32(CPUState *cs)

return;

}

- /* TODO: Vectored interrupt controller. */

switch (cs->exception_index) {

case EXCP_UDEF:

new_mode = ARM_CPU_MODE_UND;

2.19.1

From: Eric Auger <eric.auger@redhat.com>

Commit af7d64ede0b9 (hw/arm/sysbus-fdt: Allow device matching with DT

compatible value) introduced a match_fn callback which gets called

for each registered combo to check whether a sysbus device can be

dynamically instantiated. However the callback gets called even if

the device type does not match the binding combo typename field.

This causes an assert when passing "-device ramfb" to the qemu

command line as vfio_platform_match() gets called on a non

vfio-platform device.

To fix this regression, let's change the add_fdt_node() logic so

that we first check the type and if the match_fn callback is defined,

then we also call it.

hw/arm/sysbus-fdt.c | 12 +++++++-----

1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/hw/arm/sysbus-fdt.c b/hw/arm/sysbus-fdt.c

--- a/hw/arm/sysbus-fdt.c

+++ b/hw/arm/sysbus-fdt.c

@@ -XXX,XX +XXX,XX @@ static bool type_match(SysBusDevice *sbdev, const BindingEntry *entry)

return !strcmp(object_get_typename(OBJECT(sbdev)), entry->typename);

-#define TYPE_BINDING(type, add_fn) {(type), NULL, (add_fn), type_match}

+#define TYPE_BINDING(type, add_fn) {(type), NULL, (add_fn), NULL}

/* list of supported dynamic sysbus bindings */

static const BindingEntry bindings[] = {

@@ -XXX,XX +XXX,XX @@ static void add_fdt_node(SysBusDevice *sbdev, void *opaque)

for (i = 0; i < ARRAY_SIZE(bindings); i++) {

const BindingEntry *iter = &bindings[i];

- if (iter->match_fn(sbdev, iter)) {

- ret = iter->add_fn(sbdev, opaque);

- assert(!ret);

- return;

+ if (type_match(sbdev, iter)) {

+ if (!iter->match_fn || iter->match_fn(sbdev, iter)) {

+ ret = iter->add_fn(sbdev, opaque);

+ assert(!ret);

+ return;

+ }

}

}

error_report("Device %s can not be dynamically instantiated",

2.19.1

From: Richard Henderson <richard.henderson@linaro.org>

This would cause an infinite recursion or loop.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 20181110121711.15257-1-richard.henderson@linaro.org

target/arm/helper.c | 2 +-

1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c

--- a/target/arm/helper.c

+++ b/target/arm/helper.c

@@ -XXX,XX +XXX,XX @@ static void tlbi_aa64_vmalle1_write(CPUARMState *env, const ARMCPRegInfo *ri,

CPUState *cs = ENV_GET_CPU(env);

if (tlb_force_broadcast(env)) {

- tlbi_aa64_vmalle1_write(env, NULL, value);

+ tlbi_aa64_vmalle1is_write(env, NULL, value);

return;

}

2.19.1

From: Alex Bennée <alex.bennee@linaro.org>

When we are debugging the guest all exceptions come our way but might

be for the guest's own debug exceptions. We use the ->do_interrupt()

infrastructure to inject the exception into the guest. However, we are

missing a full setup of the exception structure, causing an assert

later down the line.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Message-id: 20181109152119.9242-4-alex.bennee@linaro.org

target/arm/kvm64.c | 1 +

1 file changed, 1 insertion(+)

diff --git a/target/arm/kvm64.c b/target/arm/kvm64.c

--- a/target/arm/kvm64.c

+++ b/target/arm/kvm64.c

@@ -XXX,XX +XXX,XX @@ bool kvm_arm_handle_debug(CPUState *cs, struct kvm_debug_exit_arch *debug_exit)

cs->exception_index = EXCP_BKPT;

env->exception.syndrome = debug_exit->hsr;

env->exception.vaddress = debug_exit->far;

+ env->exception.target_el = 1;

qemu_mutex_lock_iothread();

cc->do_interrupt(cs);

qemu_mutex_unlock_iothread();

2.19.1

From: Alex Bennée <alex.bennee@linaro.org>

You should declare you are using a global version of a variable before

you attempt to modify it in a function.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

tests/guest-debug/test-gdbstub.py | 1 +

1 file changed, 1 insertion(+)

diff --git a/tests/guest-debug/test-gdbstub.py b/tests/guest-debug/test-gdbstub.py

--- a/tests/guest-debug/test-gdbstub.py

+++ b/tests/guest-debug/test-gdbstub.py

@@ -XXX,XX +XXX,XX @@ def report(cond, msg):

print ("PASS: %s" % (msg))

else:

print ("FAIL: %s" % (msg))

+ global failcount

failcount += 1

2.19.1

From: Alex Bennée <alex.bennee@linaro.org>

target/arm/cpu.h | 2 +-

diff --git a/target/arm/cpu.h b/target/arm/cpu.h

--- a/target/arm/cpu.h

+++ b/target/arm/cpu.h

@@ -XXX,XX +XXX,XX @@ static inline int arm_debug_target_el(CPUARMState *env)

if (arm_feature(env, ARM_FEATURE_EL2) && !secure) {

route_to_el2 = env->cp15.hcr_el2 & HCR_TGE ||

- env->cp15.mdcr_el2 & (1 << 8);

+ env->cp15.mdcr_el2 & MDCR_TDE;

}

if (route_to_el2) {

2.19.1

From: Alex Bennée <alex.bennee@linaro.org>

The test was incomplete and incorrectly caused debug exceptions to be

generated when returning to EL2 after a failed attempt to single-step

an EL1 instruction. Fix this while cleaning up the function a little.

Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

Message-id: 20181109152119.9242-8-alex.bennee@linaro.org

target/arm/cpu.h | 39 ++++++++++++++++++++++++---------------

1 file changed, 24 insertions(+), 15 deletions(-)

diff --git a/target/arm/cpu.h b/target/arm/cpu.h

--- a/target/arm/cpu.h

+++ b/target/arm/cpu.h

@@ -XXX,XX +XXX,XX @@ static inline bool arm_v7m_csselr_razwi(ARMCPU *cpu)

return (cpu->clidr & R_V7M_CLIDR_CTYPE_ALL_MASK) != 0;

}

+/* See AArch64.GenerateDebugExceptionsFrom() in ARM ARM pseudocode */

static inline bool aa64_generate_debug_exceptions(CPUARMState *env)

- if (arm_is_secure(env)) {

- /* MDCR_EL3.SDD disables debug events from Secure state */

- if (extract32(env->cp15.mdcr_el3, 16, 1) != 0

- || arm_current_el(env) == 3) {

- return false;

- }

+ int cur_el = arm_current_el(env);

+ int debug_el;

+

+ if (cur_el == 3) {

+ return false;

}

- if (arm_current_el(env) == arm_debug_target_el(env)) {

- if ((extract32(env->cp15.mdscr_el1, 13, 1) == 0)

- || (env->daif & PSTATE_D)) {

- return false;

- }

+ /* MDCR_EL3.SDD disables debug events from Secure state */

+ if (arm_is_secure_below_el3(env)

+ && extract32(env->cp15.mdcr_el3, 16, 1)) {

+ return false;

}

- return true;

+

+ * Same EL to same EL debug exceptions need MDSCR_KDE enabled

+ * while not masking the (D)ebug bit in DAIF.

+ debug_el = arm_debug_target_el(env);

+

+ if (cur_el == debug_el) {

+ return extract32(env->cp15.mdscr_el1, 13, 1)

+ && !(env->daif & PSTATE_D);

+ }

+

+ /* Otherwise the debug target needs to be a higher EL */

+ return debug_el > cur_el;

static inline bool aa32_generate_debug_exceptions(CPUARMState *env)

@@ -XXX,XX +XXX,XX @@ static inline bool aa32_generate_debug_exceptions(CPUARMState *env)

* since the pseudocode has it at all callsites except for the one in

* CheckSoftwareStep(), where it is elided because both branches would

* always return the same value.

- *

- * Parts of the pseudocode relating to EL2 and EL3 are omitted because we

- * don't yet implement those exception levels or their associated trap bits.

*/

static inline bool arm_generate_debug_exceptions(CPUARMState *env)

{

2.19.1

This reverts commit 8a0fc3a29fc2315325400c738f807d0d4ae0ab7f.

The implementation of HCR.VI and VF in that commit is not

correct -- they do not track the overall "is there a pending

VIRQ or VFIQ" status, but whether there is a pending interrupt

due to "this mechanism", ie the hypervisor having set the VI/VF

bits. The overall pending state for VIRQ and VFIQ is effectively

the logical OR of the inbound lines from the GIC with the

VI and VF bits. Commit 8a0fc3a29fc231 would result in pending

VIRQ/VFIQ possibly being lost when the hypervisor wrote to HCR.

As a preliminary to implementing the HCR.VI/VF feature properly,

revert the broken one entirely.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 20181109134731.11605-2-peter.maydell@linaro.org

target/arm/helper.c | 47 ++++-----------------------------------------

1 file changed, 4 insertions(+), 43 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c

--- a/target/arm/helper.c

+++ b/target/arm/helper.c

@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo el3_no_el2_v8_cp_reginfo[] = {

static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)

ARMCPU *cpu = arm_env_get_cpu(env);

- CPUState *cs = ENV_GET_CPU(env);

uint64_t valid_mask = HCR_MASK;

if (arm_feature(env, ARM_FEATURE_EL3)) {

@@ -XXX,XX +XXX,XX @@ static void hcr_write(CPUARMState *env, const ARMCPRegInfo *ri, uint64_t value)

/* Clear RES0 bits. */

value &= valid_mask;

- /*

- * VI and VF are kept in cs->interrupt_request. Modifying that

- * requires that we have the iothread lock, which is done by

- * marking the reginfo structs as ARM_CP_IO.

- * Note that if a write to HCR pends a VIRQ or VFIQ it is never

- * possible for it to be taken immediately, because VIRQ and

- * VFIQ are masked unless running at EL0 or EL1, and HCR

- * can only be written at EL2.

- */

- g_assert(qemu_mutex_iothread_locked());

- if (value & HCR_VI) {

- cs->interrupt_request |= CPU_INTERRUPT_VIRQ;

- } else {

- cs->interrupt_request &= ~CPU_INTERRUPT_VIRQ;

- }

- if (value & HCR_VF) {

- cs->interrupt_request |= CPU_INTERRUPT_VFIQ;

- } else {

- cs->interrupt_request &= ~CPU_INTERRUPT_VFIQ;

- }

- value &= ~(HCR_VI | HCR_VF);

-

/* These bits change the MMU setup:

* HCR_VM enables stage 2 translation

* HCR_PTW forbids certain page-table setups

@@ -XXX,XX +XXX,XX @@ static void hcr_writelow(CPUARMState *env, const ARMCPRegInfo *ri,

hcr_write(env, NULL, value);

-static uint64_t hcr_read(CPUARMState *env, const ARMCPRegInfo *ri)

-{

- /* The VI and VF bits live in cs->interrupt_request */

- uint64_t ret = env->cp15.hcr_el2 & ~(HCR_VI | HCR_VF);

- CPUState *cs = ENV_GET_CPU(env);

-

- if (cs->interrupt_request & CPU_INTERRUPT_VIRQ) {

- ret |= HCR_VI;

- }

- if (cs->interrupt_request & CPU_INTERRUPT_VFIQ) {

- ret |= HCR_VF;

- }

- return ret;

-}

-

static const ARMCPRegInfo el2_cp_reginfo[] = {

{ .name = "HCR_EL2", .state = ARM_CP_STATE_AA64,

- .type = ARM_CP_IO,

.opc0 = 3, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 0,

.access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.hcr_el2),

- .writefn = hcr_write, .readfn = hcr_read },

+ .writefn = hcr_write },

{ .name = "HCR", .state = ARM_CP_STATE_AA32,

- .type = ARM_CP_ALIAS | ARM_CP_IO,

+ .type = ARM_CP_ALIAS,

.cp = 15, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 0,

.access = PL2_RW, .fieldoffset = offsetof(CPUARMState, cp15.hcr_el2),

- .writefn = hcr_writelow, .readfn = hcr_read },

+ .writefn = hcr_writelow },

{ .name = "ELR_EL2", .state = ARM_CP_STATE_AA64,

.type = ARM_CP_ALIAS,

.opc0 = 3, .opc1 = 4, .crn = 4, .crm = 0, .opc2 = 1,

@@ -XXX,XX +XXX,XX @@ static const ARMCPRegInfo el2_cp_reginfo[] = {

static const ARMCPRegInfo el2_v8_cp_reginfo[] = {

{ .name = "HCR2", .state = ARM_CP_STATE_AA32,

- .type = ARM_CP_ALIAS | ARM_CP_IO,

+ .type = ARM_CP_ALIAS,

.cp = 15, .opc1 = 4, .crn = 1, .crm = 1, .opc2 = 4,

.access = PL2_RW,

.fieldoffset = offsetofhigh32(CPUARMState, cp15.hcr_el2),

2.19.1

Currently we track the state of the four irq lines from the GIC

only via the cs->interrupt_request or KVM irq state. That means

that we assume that an interrupt is asserted if and only if the

external line is set. This assumption is incorrect for VIRQ

and VFIQ, because the HCR_EL2.{VI,VF} bits allow assertion

of VIRQ and VFIQ separately from the state of the external line.

To handle this, start tracking the state of the external lines

explicitly in a CPU state struct field, as is common practice

for devices.

The complicated part of this is dealing with inbound migration

from an older QEMU which didn't have this state. We assume in

that case that the older QEMU did not implement the HCR_EL2.{VI,VF}

bits as generating interrupts, and so the line state matches

the current state in cs->interrupt_request. (This is not quite

true between commit 8a0fc3a29fc2315325400c7 and its revert, but

that commit is broken and never made it into any released QEMU

version.)

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 20181109134731.11605-3-peter.maydell@linaro.org

target/arm/cpu.h | 3 +++

target/arm/cpu.c | 16 ++++++++++++++

target/arm/machine.c | 51 ++++++++++++++++++++++++++++++++++++++++++++

3 files changed, 70 insertions(+)

diff --git a/target/arm/cpu.h b/target/arm/cpu.h

--- a/target/arm/cpu.h

+++ b/target/arm/cpu.h

@@ -XXX,XX +XXX,XX @@ typedef struct CPUARMState {

uint64_t esr;

} serror;

+ /* State of our input IRQ/FIQ/VIRQ/VFIQ lines */

+ uint32_t irq_line_state;

+

/* Thumb-2 EE state. */

uint32_t teecr;

uint32_t teehbr;

diff --git a/target/arm/cpu.c b/target/arm/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/cpu.c

+++ b/target/arm/cpu.c

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_set_irq(void *opaque, int irq, int level)

[ARM_CPU_VFIQ] = CPU_INTERRUPT_VFIQ

};

+ if (level) {

+ env->irq_line_state |= mask[irq];

+ } else {

+ env->irq_line_state &= ~mask[irq];

+ }

+

switch (irq) {

case ARM_CPU_VIRQ:

case ARM_CPU_VFIQ:

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_kvm_set_irq(void *opaque, int irq, int level)

ARMCPU *cpu = opaque;

CPUState *cs = CPU(cpu);

int kvm_irq = KVM_ARM_IRQ_TYPE_CPU << KVM_ARM_IRQ_TYPE_SHIFT;

+ uint32_t linestate_bit;

switch (irq) {

case ARM_CPU_IRQ:

kvm_irq |= KVM_ARM_IRQ_CPU_IRQ;

+ linestate_bit = CPU_INTERRUPT_HARD;

break;

case ARM_CPU_FIQ:

kvm_irq |= KVM_ARM_IRQ_CPU_FIQ;

+ linestate_bit = CPU_INTERRUPT_FIQ;

break;

default:

g_assert_not_reached();

}

+

+ if (level) {

+ env->irq_line_state |= linestate_bit;

+ } else {

+ env->irq_line_state &= ~linestate_bit;

+ }

+

kvm_irq |= cs->cpu_index << KVM_ARM_IRQ_VCPU_SHIFT;

kvm_set_irq(kvm_state, kvm_irq, level ? 1 : 0);

#endif

diff --git a/target/arm/machine.c b/target/arm/machine.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/machine.c

+++ b/target/arm/machine.c

@@ -XXX,XX +XXX,XX @@ static const VMStateDescription vmstate_serror = {

}

+static bool irq_line_state_needed(void *opaque)

+{

+ return true;

+}

+

+static const VMStateDescription vmstate_irq_line_state = {

+ .name = "cpu/irq-line-state",

+ .version_id = 1,

+ .minimum_version_id = 1,

+ .needed = irq_line_state_needed,

+ .fields = (VMStateField[]) {

+ VMSTATE_UINT32(env.irq_line_state, ARMCPU),

+ VMSTATE_END_OF_LIST()

+ }

+};

+

static bool m_needed(void *opaque)

{

ARMCPU *cpu = opaque;

@@ -XXX,XX +XXX,XX @@ static int cpu_pre_save(void *opaque)

return 0;

}

+static int cpu_pre_load(void *opaque)

+{

+ ARMCPU *cpu = opaque;

+ CPUARMState *env = &cpu->env;

+

+ /*

+ * Pre-initialize irq_line_state to a value that's never valid as

+ * real data, so cpu_post_load() can tell whether we've seen the

+ * irq-line-state subsection in the incoming migration state.

+ */

+ env->irq_line_state = UINT32_MAX;

+

+ return 0;

+}

+

static int cpu_post_load(void *opaque, int version_id)

{

ARMCPU *cpu = opaque;

+ CPUARMState *env = &cpu->env;

int i, v;

+ /*

+ * Handle migration compatibility from old QEMU which didn't

+ * send the irq-line-state subsection. A QEMU without it did not

+ * implement the HCR_EL2.{VI,VF} bits as generating interrupts,

+ * so for TCG the line state matches the bits set in cs->interrupt_request.

+ * For KVM the line state is not stored in cs->interrupt_request

+ * and so this will leave irq_line_state as 0, but this is OK because

+ * we only need to care about it for TCG.

+ */

+ if (env->irq_line_state == UINT32_MAX) {

+ CPUState *cs = CPU(cpu);

+

+ env->irq_line_state = cs->interrupt_request &

+ (CPU_INTERRUPT_HARD | CPU_INTERRUPT_FIQ |

+ CPU_INTERRUPT_VIRQ | CPU_INTERRUPT_VFIQ);

+ }

+

/* Update the values list from the incoming migration data.

* Anything in the incoming data which we don't know about is

* a migration failure; anything we know about but the incoming

@@ -XXX,XX +XXX,XX @@ const VMStateDescription vmstate_arm_cpu = {

.version_id = 22,

.minimum_version_id = 22,

.pre_save = cpu_pre_save,

+ .pre_load = cpu_pre_load,

.post_load = cpu_post_load,

.fields = (VMStateField[]) {

VMSTATE_UINT32_ARRAY(env.regs, ARMCPU, 16),

@@ -XXX,XX +XXX,XX @@ const VMStateDescription vmstate_arm_cpu = {

&vmstate_sve,

#endif

&vmstate_serror,

+ &vmstate_irq_line_state,

NULL

}

2.19.1