Series comparison

-[PULL 00/12] tcg patch queue
+[PULL 0/4] tcg patch queue
-The following changes since commit bad76ac319556dab2497429d473b49a237672e1c:
+Pretty small still, but there are two patches that ought
 to get backported to stable, so no point in delaying.
-  Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-pull-request' into staging (2019-10-25 14:17:08 +0100)
+r~
 The following changes since commit a5ba0a7e4e150d1350a041f0d0ef9ca6c8d7c307:
   Merge tag 'pull-aspeed-20241211' of https://github.com/legoater/qemu into staging (2024-12-11 15:16:47 +0000)
 are available in the Git repository at:
-  https://github.com/rth7680/qemu.git tags/pull-tcg-20191025
+  https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20241212
-for you to fetch changes up to 0ed1bfb046b740b70eed2cf3581e01768703b185:
+for you to fetch changes up to 7ac87b14a92234b6a89b701b4043ad6cf8bdcccf:
-  translate-all: Remove tb_alloc (2019-10-25 10:15:25 -0400)
+  target/sparc: Use memcpy() and remove memcpy32() (2024-12-12 14:28:38 -0600)
 ----------------------------------------------------------------
-Improvements for TARGET_PAGE_BITS_VARY
+tcg: Reset free_temps before tcg_optimize
-Fix for TCI ld16u_i64.
+tcg/riscv: Fix StoreStore barrier generation
-Fix for segv on icount execute from i/o memory.
+include/exec: Introduce fpst alias in helper-head.h.inc
-Two misc cleanups.
+target/sparc: Use memcpy() and remove memcpy32()
 ----------------------------------------------------------------
-Alex Bennée (1):
+Philippe Mathieu-Daudé (1):
-      cputlb: ensure _cmmu helper functions follow the naming standard
+      target/sparc: Use memcpy() and remove memcpy32()
-Clement Deschamps (1):
+Richard Henderson (2):
-      translate-all: fix uninitialized tb->orig_tb
+      tcg: Reset free_temps before tcg_optimize
       include/exec: Introduce fpst alias in helper-head.h.inc
-Richard Henderson (8):
+Roman Artemev (1):
-      exec: Split out variable page size support to exec-vary.c
+      tcg/riscv: Fix StoreStore barrier generation
       configure: Detect compiler support for __attribute__((alias))
       exec: Use const alias for TARGET_PAGE_BITS_VARY
       exec: Restrict TARGET_PAGE_BITS_VARY assert to CONFIG_DEBUG_TCG
       exec: Promote TARGET_PAGE_MASK to target_long
       exec: Cache TARGET_PAGE_MASK for TARGET_PAGE_BITS_VARY
       cputlb: Fix tlb_vaddr_to_host
       translate-all: Remove tb_alloc
-Stefan Weil (1):
+ include/tcg/tcg-temp-internal.h |  6 ++++++
-      tci: Add implementation for INDEX_op_ld16u_i64
+ accel/tcg/plugin-gen.c          |  2 +-
  target/sparc/win_helper.c       | 26 ++++++++------------------
  tcg/tcg.c                       |  5 ++++-
  include/exec/helper-head.h.inc  |  3 +++
  tcg/riscv/tcg-target.c.inc      |  2 +-
 files changed, 23 insertions(+), 21 deletions(-)
-Wei Yang (1):
-      cpu: use ROUND_UP() to define xxx_PAGE_ALIGN
- Makefile.target                  |   2 +-
- include/exec/cpu-all.h           |  33 +++++++++----
- include/exec/cpu_ldst_template.h |   4 +-
- include/qemu-common.h            |   6 +++
- tcg/tcg.h                        |  20 +++++---
- accel/tcg/cputlb.c               |  26 ++++++++--
- accel/tcg/translate-all.c        |  21 ++------
- exec-vary.c                      | 102 +++++++++++++++++++++++++++++++++++++++
- exec.c                           |  34 -------------
- target/cris/translate_v10.inc.c  |   3 +-
- tcg/tci.c                        |  15 ++++++
- configure                        |  19 ++++++++
-files changed, 208 insertions(+), 77 deletions(-)
- create mode 100644 exec-vary.c

-[PULL 01/12] tci: Add implementation for INDEX_op_ld16u_i64
+Deleted patch
-From: Stefan Weil <sw@weilnetz.de>
-This fixes "make check-tcg" on a Debian x86_64 host.
-Signed-off-by: Stefan Weil <sw@weilnetz.de>
-Tested-by: Thomas Huth <thuth@redhat.com>
-Message-Id: <20190410194838.10123-1-sw@weilnetz.de>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- tcg/tci.c | 15 +++++++++++++++
-file changed, 15 insertions(+)
-diff --git a/tcg/tci.c b/tcg/tci.c
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tci.c
-+++ b/tcg/tci.c
-@@ -XXX,XX +XXX,XX @@ static void tci_write_reg8(tcg_target_ulong *regs, TCGReg index, uint8_t value)
-     tci_write_reg(regs, index, value);
- }
-+static void
-+tci_write_reg16(tcg_target_ulong *regs, TCGReg index, uint16_t value)
-+{
-+    tci_write_reg(regs, index, value);
-+}
-+
- static void
- tci_write_reg32(tcg_target_ulong *regs, TCGReg index, uint32_t value)
- {
-@@ -XXX,XX +XXX,XX @@ uintptr_t tcg_qemu_tb_exec(CPUArchState *env, uint8_t *tb_ptr)
-             tci_write_reg8(regs, t0, *(uint8_t *)(t1 + t2));
-             break;
-         case INDEX_op_ld8s_i32:
-+            TODO();
-+            break;
-         case INDEX_op_ld16u_i32:
-             TODO();
-             break;
-@@ -XXX,XX +XXX,XX @@ uintptr_t tcg_qemu_tb_exec(CPUArchState *env, uint8_t *tb_ptr)
-             tci_write_reg8(regs, t0, *(uint8_t *)(t1 + t2));
-             break;
-         case INDEX_op_ld8s_i64:
-+            TODO();
-+            break;
-         case INDEX_op_ld16u_i64:
-+            t0 = *tb_ptr++;
-+            t1 = tci_read_r(regs, &tb_ptr);
-+            t2 = tci_read_s32(&tb_ptr);
-+            tci_write_reg16(regs, t0, *(uint16_t *)(t1 + t2));
-+            break;
-         case INDEX_op_ld16s_i64:
-             TODO();
-             break;
---
-.17.1

-[PULL 04/12] exec: Split out variable page size support to exec-vary.c
+[PULL 1/4] tcg: Reset free_temps before tcg_optimize
-The next patch will play a trick with "const" that will
+When allocating new temps during tcg_optmize, do not re-use
-confuse the compiler about the uses of target_page_bits
+any EBB temps that were used within the TB.  We do not have
-within exec.c.  Moving everything to a new file prevents
+any idea what span of the TB in which the temp was live.
 this confusion.
-No functional change so far.
+Introduce tcg_temp_ebb_reset_freed and use before tcg_optimize,
 as well as replacing the equivalent in plugin_gen_inject and
 tcg_func_start.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Cc: qemu-stable@nongnu.org
-Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Fixes: fb04ab7ddd8 ("tcg/optimize: Lower TCG_COND_TST{EQ,NE} if unsupported")
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2711
 Reported-by: wannacu <wannacu2049@gmail.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
 ---
- Makefile.target       |  2 +-
+ include/tcg/tcg-temp-internal.h | 6 ++++++
- include/qemu-common.h |  6 +++++
+ accel/tcg/plugin-gen.c          | 2 +-
- exec-vary.c           | 57 +++++++++++++++++++++++++++++++++++++++++++
+ tcg/tcg.c                       | 5 ++++-
- exec.c                | 34 --------------------------
+files changed, 11 insertions(+), 2 deletions(-)
 files changed, 64 insertions(+), 35 deletions(-)
  create mode 100644 exec-vary.c
-diff --git a/Makefile.target b/Makefile.target
+diff --git a/include/tcg/tcg-temp-internal.h b/include/tcg/tcg-temp-internal.h
 index XXXXXXX..XXXXXXX 100644
---- a/Makefile.target
+--- a/include/tcg/tcg-temp-internal.h
-+++ b/Makefile.target
++++ b/include/tcg/tcg-temp-internal.h
-@@ -XXX,XX +XXX,XX @@ obj-y += trace/
+@@ -XXX,XX +XXX,XX @@ TCGv_i64 tcg_temp_ebb_new_i64(void);
+ TCGv_ptr tcg_temp_ebb_new_ptr(void);
- #########################################################
+ TCGv_i128 tcg_temp_ebb_new_i128(void);
- # cpu emulator library
--obj-y += exec.o
++/* Forget all freed EBB temps, so that new allocations produce new temps. */
-+obj-y += exec.o exec-vary.o
++static inline void tcg_temp_ebb_reset_freed(TCGContext *s)
  obj-y += accel/
  obj-$(CONFIG_TCG) += tcg/tcg.o tcg/tcg-op.o tcg/tcg-op-vec.o tcg/tcg-op-gvec.o
  obj-$(CONFIG_TCG) += tcg/tcg-common.o tcg/optimize.o
 diff --git a/include/qemu-common.h b/include/qemu-common.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/qemu-common.h
 +++ b/include/qemu-common.h
@@ -XXX,XX +XXX,XX @@ void cpu_exec_step_atomic(CPUState *cpu);
   */
  bool set_preferred_target_page_bits(int bits);
 +/**
 + * finalize_target_page_bits:
 + * Commit the final value set by set_preferred_target_page_bits.
 + */
 +void finalize_target_page_bits(void);
 +
  /**
   * Sends a (part of) iovec down a socket, yielding when the socket is full, or
   * Receives data into a (part of) iovec from a socket,
 diff --git a/exec-vary.c b/exec-vary.c
 new file mode 100644
 index XXXXXXX..XXXXXXX
 --- /dev/null
 +++ b/exec-vary.c
@@ -XXX,XX +XXX,XX @@
 +/*
 + * Variable page size handling
 + *
 + *  Copyright (c) 2003 Fabrice Bellard
 + *
 + * This library is free software; you can redistribute it and/or
 + * modify it under the terms of the GNU Lesser General Public
 + * License as published by the Free Software Foundation; either
 + * version 2 of the License, or (at your option) any later version.
 + *
 + * This library is distributed in the hope that it will be useful,
 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 + * Lesser General Public License for more details.
 + *
 + * You should have received a copy of the GNU Lesser General Public
 + * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 + */
 +
 +#include "qemu/osdep.h"
 +#include "qemu-common.h"
 +#include "exec/exec-all.h"
 +
 +#ifdef TARGET_PAGE_BITS_VARY
 +int target_page_bits;
 +bool target_page_bits_decided;
 +#endif
 +
 +bool set_preferred_target_page_bits(int bits)
 +{
-+    /*
++    memset(s->free_temps, 0, sizeof(s->free_temps));
 +     * The target page size is the lowest common denominator for all
 +     * the CPUs in the system, so we can only make it smaller, never
 +     * larger. And we can't make it smaller once we've committed to
 +     * a particular size.
 +     */
 +#ifdef TARGET_PAGE_BITS_VARY
 +    assert(bits >= TARGET_PAGE_BITS_MIN);
 +    if (target_page_bits == 0 || target_page_bits > bits) {
 +        if (target_page_bits_decided) {
 +            return false;
 +        }
 +        target_page_bits = bits;
 +    }
 +#endif
 +    return true;
 +}
 +
-+void finalize_target_page_bits(void)
+ #endif /* TCG_TEMP_FREE_H */
-+{
+diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
 +#ifdef TARGET_PAGE_BITS_VARY
 +    if (target_page_bits == 0) {
 +        target_page_bits = TARGET_PAGE_BITS_MIN;
 +    }
 +    target_page_bits_decided = true;
 +#endif
 +}
 diff --git a/exec.c b/exec.c
 index XXXXXXX..XXXXXXX 100644
---- a/exec.c
+--- a/accel/tcg/plugin-gen.c
-+++ b/exec.c
++++ b/accel/tcg/plugin-gen.c
-@@ -XXX,XX +XXX,XX @@ AddressSpace address_space_memory;
+@@ -XXX,XX +XXX,XX @@ static void plugin_gen_inject(struct qemu_plugin_tb *plugin_tb)
- static MemoryRegion io_mem_unassigned;
+      * that might be live within the existing opcode stream.
       * The simplest solution is to release them all and create new.
       */
 -    memset(tcg_ctx->free_temps, 0, sizeof(tcg_ctx->free_temps));
 +    tcg_temp_ebb_reset_freed(tcg_ctx);
      QTAILQ_FOREACH_SAFE(op, &tcg_ctx->ops, link, next) {
          switch (op->opc) {
 diff --git a/tcg/tcg.c b/tcg/tcg.c
 index XXXXXXX..XXXXXXX 100644
 --- a/tcg/tcg.c
 +++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ void tcg_func_start(TCGContext *s)
      s->nb_temps = s->nb_globals;
      /* No temps have been previously allocated for size or locality.  */
 -    memset(s->free_temps, 0, sizeof(s->free_temps));
 +    tcg_temp_ebb_reset_freed(s);
      /* No constant temps have been previously allocated. */
      for (int i = 0; i < TCG_TYPE_COUNT; ++i) {
@@ -XXX,XX +XXX,XX @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb, uint64_t pc_start)
      }
  #endif
--#ifdef TARGET_PAGE_BITS_VARY
++    /* Do not reuse any EBB that may be allocated within the TB. */
--int target_page_bits;
++    tcg_temp_ebb_reset_freed(s);
--bool target_page_bits_decided;
++
--#endif
+     tcg_optimize(s);
--
- CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
+     reachable_code_pass(s);
  /* current CPU in the current thread. It is only valid inside
@@ -XXX,XX +XXX,XX @@ int use_icount;
  uintptr_t qemu_host_page_size;
  intptr_t qemu_host_page_mask;
 -bool set_preferred_target_page_bits(int bits)
 -{
 -    /* The target page size is the lowest common denominator for all
 -     * the CPUs in the system, so we can only make it smaller, never
 -     * larger. And we can't make it smaller once we've committed to
 -     * a particular size.
 -     */
 -#ifdef TARGET_PAGE_BITS_VARY
 -    assert(bits >= TARGET_PAGE_BITS_MIN);
 -    if (target_page_bits == 0 || target_page_bits > bits) {
 -        if (target_page_bits_decided) {
 -            return false;
 -        }
 -        target_page_bits = bits;
 -    }
 -#endif
 -    return true;
 -}
 -
  #if !defined(CONFIG_USER_ONLY)
 -static void finalize_target_page_bits(void)
 -{
 -#ifdef TARGET_PAGE_BITS_VARY
 -    if (target_page_bits == 0) {
 -        target_page_bits = TARGET_PAGE_BITS_MIN;
 -    }
 -    target_page_bits_decided = true;
 -#endif
 -}
 -
  typedef struct PhysPageEntry PhysPageEntry;
  struct PhysPageEntry {
 --
-.17.1
+.43.0

-[PULL 10/12] cputlb: Fix tlb_vaddr_to_host
+[PULL 2/4] tcg/riscv: Fix StoreStore barrier generation
-Using uintptr_t instead of target_ulong meant that, for 64-bit guest
+From: Roman Artemev <roman.artemev@syntacore.com>
 and 32-bit host, we truncated the guest address comparator and so may
 not hit the tlb when we should.
-Fixes: 4811e9095c0
+On RISC-V to StoreStore barrier corresponds
-Reviewed-by: David Hildenbrand <david@redhat.com>
+`fence w, w` not `fence r, r`
 Cc: qemu-stable@nongnu.org
 Fixes: efbea94c76b ("tcg/riscv: Add slowpath load and store instructions")
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
 Signed-off-by: Denis Tomashev <denis.tomashev@syntacore.com>
 Signed-off-by: Roman Artemev <roman.artemev@syntacore.com>
 Message-ID: <e2f2131e294a49e79959d4fa9ec02cf4@syntacore.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- accel/tcg/cputlb.c | 2 +-
+ tcg/riscv/tcg-target.c.inc | 2 +-
 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
+diff --git a/tcg/riscv/tcg-target.c.inc b/tcg/riscv/tcg-target.c.inc
 index XXXXXXX..XXXXXXX 100644
---- a/accel/tcg/cputlb.c
+--- a/tcg/riscv/tcg-target.c.inc
-+++ b/accel/tcg/cputlb.c
++++ b/tcg/riscv/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ void *tlb_vaddr_to_host(CPUArchState *env, abi_ptr addr,
+@@ -XXX,XX +XXX,XX @@ static void tcg_out_mb(TCGContext *s, TCGArg a0)
-                         MMUAccessType access_type, int mmu_idx)
+         insn |= 0x02100000;
- {
+     }
-     CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
+     if (a0 & TCG_MO_ST_ST) {
--    uintptr_t tlb_addr, page;
+-        insn |= 0x02200000;
-+    target_ulong tlb_addr, page;
++        insn |= 0x01100000;
-     size_t elt_ofs;
+     }
+     tcg_out32(s, insn);
-     switch (access_type) {
+ }
 --
-.17.1
+.43.0

-[PULL 12/12] translate-all: Remove tb_alloc
+[PULL 3/4] include/exec: Introduce fpst alias in helper-head.h.inc
-Since 2ac01d6dafab, this function does only two things: assert a
+This allows targets to declare that the helper requires a
-lock is held, and call tcg_tb_alloc.  It is used exactly once,
+float_status pointer and instead of a generic void pointer.
 and its user has already done the assert.
-Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
 Reviewed-by: Clement Deschamps <clement.deschamps@greensocs.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- accel/tcg/translate-all.c | 20 ++------------------
+ include/exec/helper-head.h.inc | 3 +++
-file changed, 2 insertions(+), 18 deletions(-)
+file changed, 3 insertions(+)
-diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
+diff --git a/include/exec/helper-head.h.inc b/include/exec/helper-head.h.inc
 index XXXXXXX..XXXXXXX 100644
---- a/accel/tcg/translate-all.c
+--- a/include/exec/helper-head.h.inc
-+++ b/accel/tcg/translate-all.c
++++ b/include/exec/helper-head.h.inc
-@@ -XXX,XX +XXX,XX @@ void tcg_exec_init(unsigned long tb_size)
+@@ -XXX,XX +XXX,XX @@
- #endif
+ #define dh_alias_ptr ptr
- }
+ #define dh_alias_cptr ptr
+ #define dh_alias_env ptr
--/*
++#define dh_alias_fpst ptr
-- * Allocate a new translation block. Flush the translation buffer if
+ #define dh_alias_void void
-- * too many translation blocks or too much generated code.
+ #define dh_alias_noreturn noreturn
-- */
+ #define dh_alias(t) glue(dh_alias_, t)
--static TranslationBlock *tb_alloc(target_ulong pc)
+@@ -XXX,XX +XXX,XX @@
--{
+ #define dh_ctype_ptr void *
--    TranslationBlock *tb;
+ #define dh_ctype_cptr const void *
--
+ #define dh_ctype_env CPUArchState *
--    assert_memory_lock();
++#define dh_ctype_fpst float_status *
--
+ #define dh_ctype_void void
--    tb = tcg_tb_alloc(tcg_ctx);
+ #define dh_ctype_noreturn G_NORETURN void
--    if (unlikely(tb == NULL)) {
+ #define dh_ctype(t) dh_ctype_##t
--        return NULL;
+@@ -XXX,XX +XXX,XX @@
--    }
+ #define dh_typecode_f64 dh_typecode_i64
--    return tb;
+ #define dh_typecode_cptr dh_typecode_ptr
--}
+ #define dh_typecode_env dh_typecode_ptr
--
++#define dh_typecode_fpst dh_typecode_ptr
- /* call with @p->lock held */
+ #define dh_typecode(t) dh_typecode_##t
- static inline void invalidate_page_bitmap(PageDesc *p)
- {
+ #define dh_callflag_i32  0
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
      TCGProfile *prof = &tcg_ctx->prof;
      int64_t ti;
  #endif
 +
      assert_memory_lock();
      phys_pc = get_page_addr_code(env, pc);
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
      }
   buffer_overflow:
 -    tb = tb_alloc(pc);
 +    tb = tcg_tb_alloc(tcg_ctx);
      if (unlikely(!tb)) {
          /* flush must be done */
          tb_flush(cpu);
 --
-.17.1
+.43.0

-[PULL 02/12] cputlb: ensure _cmmu helper functions follow the naming standard
+[PULL 4/4] target/sparc: Use memcpy() and remove memcpy32()
-From: Alex Bennée <alex.bennee@linaro.org>
+From: Philippe Mathieu-Daudé <philmd@linaro.org>
-We document this in docs/devel/load-stores.rst so lets follow it. The
+Rather than manually copying each register, use
-bit and 64 bit access functions have historically not included the
+the libc memcpy(), which is well optimized nowadays.
 sign so we leave those as is. We also introduce some signed helpers
 which are used for loading immediate values in the translator.
-Fixes: 282dffc8
+Suggested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
 Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
+Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
-Message-Id: <20191021150910.23216-1-alex.bennee@linaro.org>
+Message-ID: <20241205205418.67613-1-philmd@linaro.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/exec/cpu_ldst_template.h |  4 ++--
+ target/sparc/win_helper.c | 26 ++++++++------------------
- tcg/tcg.h                        | 20 ++++++++++++++------
+file changed, 8 insertions(+), 18 deletions(-)
  accel/tcg/cputlb.c               | 24 +++++++++++++++++++++---
  target/cris/translate_v10.inc.c  |  3 +--
 files changed, 38 insertions(+), 13 deletions(-)
-diff --git a/include/exec/cpu_ldst_template.h b/include/exec/cpu_ldst_template.h
+diff --git a/target/sparc/win_helper.c b/target/sparc/win_helper.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/exec/cpu_ldst_template.h
+--- a/target/sparc/win_helper.c
-+++ b/include/exec/cpu_ldst_template.h
++++ b/target/sparc/win_helper.c
 @@ -XXX,XX +XXX,XX @@
- #ifdef SOFTMMU_CODE_ACCESS
+ #include "exec/helper-proto.h"
- #define ADDR_READ addr_code
+ #include "trace.h"
- #define MMUSUFFIX _cmmu
--#define URETSUFFIX SUFFIX
+-static inline void memcpy32(target_ulong *dst, const target_ulong *src)
--#define SRETSUFFIX SUFFIX
+-{
-+#define URETSUFFIX USUFFIX
+-    dst[0] = src[0];
-+#define SRETSUFFIX glue(s, SUFFIX)
+-    dst[1] = src[1];
- #else
+-    dst[2] = src[2];
- #define ADDR_READ addr_read
+-    dst[3] = src[3];
- #define MMUSUFFIX _mmu
+-    dst[4] = src[4];
-diff --git a/tcg/tcg.h b/tcg/tcg.h
+-    dst[5] = src[5];
-index XXXXXXX..XXXXXXX 100644
+-    dst[6] = src[6];
---- a/tcg/tcg.h
+-    dst[7] = src[7];
-+++ b/tcg/tcg.h
+-}
-@@ -XXX,XX +XXX,XX @@ void helper_be_stl_mmu(CPUArchState *env, target_ulong addr, uint32_t val,
+-
- void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
+ void cpu_set_cwp(CPUSPARCState *env, int new_cwp)
-                        TCGMemOpIdx oi, uintptr_t retaddr);
+ {
+     /* put the modified wrap registers at their proper location */
--uint8_t helper_ret_ldb_cmmu(CPUArchState *env, target_ulong addr,
+     if (env->cwp == env->nwindows - 1) {
-+uint8_t helper_ret_ldub_cmmu(CPUArchState *env, target_ulong addr,
+-        memcpy32(env->regbase, env->regbase + env->nwindows * 16);
-                             TCGMemOpIdx oi, uintptr_t retaddr);
++        memcpy(env->regbase, env->regbase + env->nwindows * 16,
--uint16_t helper_le_ldw_cmmu(CPUArchState *env, target_ulong addr,
++               sizeof(env->gregs));
-+int8_t helper_ret_ldsb_cmmu(CPUArchState *env, target_ulong addr,
+     }
-                             TCGMemOpIdx oi, uintptr_t retaddr);
+     env->cwp = new_cwp;
-+uint16_t helper_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
-+                             TCGMemOpIdx oi, uintptr_t retaddr);
+     /* put the wrap registers at their temporary location */
-+int16_t helper_le_ldsw_cmmu(CPUArchState *env, target_ulong addr,
+     if (new_cwp == env->nwindows - 1) {
-+                             TCGMemOpIdx oi, uintptr_t retaddr);
+-        memcpy32(env->regbase + env->nwindows * 16, env->regbase);
- uint32_t helper_le_ldl_cmmu(CPUArchState *env, target_ulong addr,
++        memcpy(env->regbase + env->nwindows * 16, env->regbase,
-                             TCGMemOpIdx oi, uintptr_t retaddr);
++               sizeof(env->gregs));
- uint64_t helper_le_ldq_cmmu(CPUArchState *env, target_ulong addr,
+     }
-                             TCGMemOpIdx oi, uintptr_t retaddr);
+     env->regwptr = env->regbase + (new_cwp * 16);
 -uint16_t helper_be_ldw_cmmu(CPUArchState *env, target_ulong addr,
 -                            TCGMemOpIdx oi, uintptr_t retaddr);
 +uint16_t helper_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
 +                             TCGMemOpIdx oi, uintptr_t retaddr);
 +int16_t helper_be_ldsw_cmmu(CPUArchState *env, target_ulong addr,
 +                             TCGMemOpIdx oi, uintptr_t retaddr);
  uint32_t helper_be_ldl_cmmu(CPUArchState *env, target_ulong addr,
                              TCGMemOpIdx oi, uintptr_t retaddr);
  uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
@@ -XXX,XX +XXX,XX @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
  # define helper_ret_stw_mmu   helper_be_stw_mmu
  # define helper_ret_stl_mmu   helper_be_stl_mmu
  # define helper_ret_stq_mmu   helper_be_stq_mmu
 -# define helper_ret_ldw_cmmu  helper_be_ldw_cmmu
 +# define helper_ret_lduw_cmmu  helper_be_lduw_cmmu
 +# define helper_ret_ldsw_cmmu  helper_be_ldsw_cmmu
  # define helper_ret_ldl_cmmu  helper_be_ldl_cmmu
  # define helper_ret_ldq_cmmu  helper_be_ldq_cmmu
  #else
@@ -XXX,XX +XXX,XX @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
  # define helper_ret_stw_mmu   helper_le_stw_mmu
  # define helper_ret_stl_mmu   helper_le_stl_mmu
  # define helper_ret_stq_mmu   helper_le_stq_mmu
 -# define helper_ret_ldw_cmmu  helper_le_ldw_cmmu
 +# define helper_ret_lduw_cmmu  helper_le_lduw_cmmu
 +# define helper_ret_ldsw_cmmu  helper_le_ldsw_cmmu
  # define helper_ret_ldl_cmmu  helper_le_ldl_cmmu
  # define helper_ret_ldq_cmmu  helper_le_ldq_cmmu
  #endif
 diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
 index XXXXXXX..XXXXXXX 100644
 --- a/accel/tcg/cputlb.c
 +++ b/accel/tcg/cputlb.c
@@ -XXX,XX +XXX,XX @@ static uint64_t full_ldub_cmmu(CPUArchState *env, target_ulong addr,
      return load_helper(env, addr, oi, retaddr, MO_8, true, full_ldub_cmmu);
  }
+@@ -XXX,XX +XXX,XX @@ void cpu_gl_switch_gregs(CPUSPARCState *env, uint32_t new_gl)
--uint8_t helper_ret_ldb_cmmu(CPUArchState *env, target_ulong addr,
+     dst = get_gl_gregset(env, env->gl);
-+uint8_t helper_ret_ldub_cmmu(CPUArchState *env, target_ulong addr,
-                             TCGMemOpIdx oi, uintptr_t retaddr)
+     if (src != dst) {
- {
+-        memcpy32(dst, env->gregs);
-     return full_ldub_cmmu(env, addr, oi, retaddr);
+-        memcpy32(env->gregs, src);
 +        memcpy(dst, env->gregs, sizeof(env->gregs));
 +        memcpy(env->gregs, src, sizeof(env->gregs));
      }
  }
-+int8_t helper_ret_ldsb_cmmu(CPUArchState *env, target_ulong addr,
+@@ -XXX,XX +XXX,XX @@ void cpu_change_pstate(CPUSPARCState *env, uint32_t new_pstate)
-+                            TCGMemOpIdx oi, uintptr_t retaddr)
+         /* Switch global register bank */
-+{
+         src = get_gregset(env, new_pstate_regs);
-+    return (int8_t) full_ldub_cmmu(env, addr, oi, retaddr);
+         dst = get_gregset(env, pstate_regs);
-+}
+-        memcpy32(dst, env->gregs);
-+
+-        memcpy32(env->gregs, src);
- static uint64_t full_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
++        memcpy(dst, env->gregs, sizeof(env->gregs));
-                                   TCGMemOpIdx oi, uintptr_t retaddr)
++        memcpy(env->gregs, src, sizeof(env->gregs));
- {
+     } else {
-@@ -XXX,XX +XXX,XX @@ static uint64_t full_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
+         trace_win_helper_no_switch_pstate(new_pstate_regs);
-                        full_le_lduw_cmmu);
+     }
  }
 -uint16_t helper_le_ldw_cmmu(CPUArchState *env, target_ulong addr,
 +uint16_t helper_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
                              TCGMemOpIdx oi, uintptr_t retaddr)
  {
      return full_le_lduw_cmmu(env, addr, oi, retaddr);
  }
 +int16_t helper_le_ldsw_cmmu(CPUArchState *env, target_ulong addr,
 +                            TCGMemOpIdx oi, uintptr_t retaddr)
 +{
 +    return (int16_t) full_le_lduw_cmmu(env, addr, oi, retaddr);
 +}
 +
  static uint64_t full_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
                                    TCGMemOpIdx oi, uintptr_t retaddr)
  {
@@ -XXX,XX +XXX,XX @@ static uint64_t full_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
                         full_be_lduw_cmmu);
  }
 -uint16_t helper_be_ldw_cmmu(CPUArchState *env, target_ulong addr,
 +uint16_t helper_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
                              TCGMemOpIdx oi, uintptr_t retaddr)
  {
      return full_be_lduw_cmmu(env, addr, oi, retaddr);
  }
 +int16_t helper_be_ldsw_cmmu(CPUArchState *env, target_ulong addr,
 +                            TCGMemOpIdx oi, uintptr_t retaddr)
 +{
 +    return (int16_t) full_be_lduw_cmmu(env, addr, oi, retaddr);
 +}
 +
  static uint64_t full_le_ldul_cmmu(CPUArchState *env, target_ulong addr,
                                    TCGMemOpIdx oi, uintptr_t retaddr)
  {
 diff --git a/target/cris/translate_v10.inc.c b/target/cris/translate_v10.inc.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/cris/translate_v10.inc.c
 +++ b/target/cris/translate_v10.inc.c
@@ -XXX,XX +XXX,XX @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc)
          case CRISV10_IND_BCC_M:
              cris_cc_mask(dc, 0);
 -            imm = cpu_ldsw_code(env, dc->pc + 2);
 -            simm = (int16_t)imm;
 +            simm = cpu_ldsw_code(env, dc->pc + 2);
              simm += 4;
              LOG_DIS("bcc_m: b%s %x\n", cc_name(dc->cond), dc->pc + simm);
 --
-.17.1
+.43.0

-[PULL 03/12] cpu: use ROUND_UP() to define xxx_PAGE_ALIGN
+Deleted patch
-From: Wei Yang <richardw.yang@linux.intel.com>
-Use ROUND_UP() to define, which is a little bit easy to read.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
-Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
-Reviewed-by: Juan Quintela <quintela@redhat.com>
-Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
-Message-Id: <20191013021145.16011-2-richardw.yang@linux.intel.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/exec/cpu-all.h | 7 +++----
-file changed, 3 insertions(+), 4 deletions(-)
-diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/cpu-all.h
-+++ b/include/exec/cpu-all.h
-@@ -XXX,XX +XXX,XX @@ extern int target_page_bits;
- #define TARGET_PAGE_SIZE (1 << TARGET_PAGE_BITS)
- #define TARGET_PAGE_MASK ~(TARGET_PAGE_SIZE - 1)
--#define TARGET_PAGE_ALIGN(addr) (((addr) + TARGET_PAGE_SIZE - 1) & TARGET_PAGE_MASK)
-+#define TARGET_PAGE_ALIGN(addr) ROUND_UP((addr), TARGET_PAGE_SIZE)
- /* Using intptr_t ensures that qemu_*_page_mask is sign-extended even
-  * when intptr_t is 32-bit and we are aligning a long long.
-@@ -XXX,XX +XXX,XX @@ extern int target_page_bits;
- extern uintptr_t qemu_host_page_size;
- extern intptr_t qemu_host_page_mask;
--#define HOST_PAGE_ALIGN(addr) (((addr) + qemu_host_page_size - 1) & qemu_host_page_mask)
--#define REAL_HOST_PAGE_ALIGN(addr) (((addr) + qemu_real_host_page_size - 1) & \
--                                    qemu_real_host_page_mask)
-+#define HOST_PAGE_ALIGN(addr) ROUND_UP((addr), qemu_host_page_size)
-+#define REAL_HOST_PAGE_ALIGN(addr) ROUND_UP((addr), qemu_real_host_page_size)
- /* same as PROT_xxx */
- #define PAGE_READ      0x0001
---
-.17.1

-[PULL 05/12] configure: Detect compiler support for __attribute__((alias))
+Deleted patch
-Such support is present almost everywhere, except for Xcode 9.
-It is added in Xcode 10, but travis uses xcode9 by default,
-so we should support it for a while yet.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- configure | 19 +++++++++++++++++++
-file changed, 19 insertions(+)
-diff --git a/configure b/configure
-index XXXXXXX..XXXXXXX 100755
---- a/configure
-+++ b/configure
-@@ -XXX,XX +XXX,XX @@ if compile_prog "" "" ; then
-   vector16=yes
- fi
-+########################################
-+# See if __attribute__((alias)) is supported.
-+# This false for Xcode 9, but has been remedied for Xcode 10.
-+# Unfortunately, travis uses Xcode 9 by default.
-+
-+attralias=no
-+cat > $TMPC << EOF
-+int x = 1;
-+extern const int y __attribute__((alias("x")));
-+int main(void) { return 0; }
-+EOF
-+if compile_prog "" "" ; then
-+    attralias=yes
-+fi
-+
- ########################################
- # check if getauxval is available.
-@@ -XXX,XX +XXX,XX @@ if test "$vector16" = "yes" ; then
-   echo "CONFIG_VECTOR16=y" >> $config_host_mak
- fi
-+if test "$attralias" = "yes" ; then
-+  echo "CONFIG_ATTRIBUTE_ALIAS=y" >> $config_host_mak
-+fi
-+
- if test "$getauxval" = "yes" ; then
-   echo "CONFIG_GETAUXVAL=y" >> $config_host_mak
- fi
---
-.17.1

-[PULL 06/12] exec: Use const alias for TARGET_PAGE_BITS_VARY
+Deleted patch
-Using a variable that is declared "const" for this tells the
-compiler that it may read the value once and assume that it
-does not change across function calls.
-For target_page_size, this means we have only one assert per
-function, and one read of the variable.
-This reduces the size of qemu-system-aarch64 by 8k.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/exec/cpu-all.h | 14 +++++++---
- exec-vary.c            | 60 ++++++++++++++++++++++++++++++++++++------
-files changed, 62 insertions(+), 12 deletions(-)
-diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/cpu-all.h
-+++ b/include/exec/cpu-all.h
-@@ -XXX,XX +XXX,XX @@ static inline void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val
- /* page related stuff */
- #ifdef TARGET_PAGE_BITS_VARY
--extern bool target_page_bits_decided;
--extern int target_page_bits;
--#define TARGET_PAGE_BITS ({ assert(target_page_bits_decided); \
--                            target_page_bits; })
-+typedef struct {
-+    bool decided;
-+    int bits;
-+} TargetPageBits;
-+# if defined(CONFIG_ATTRIBUTE_ALIAS) || !defined(IN_EXEC_VARY)
-+extern const TargetPageBits target_page;
-+#else
-+extern TargetPageBits target_page;
-+# endif
-+#define TARGET_PAGE_BITS (assert(target_page.decided), target_page.bits)
- #else
- #define TARGET_PAGE_BITS_MIN TARGET_PAGE_BITS
- #endif
-diff --git a/exec-vary.c b/exec-vary.c
-index XXXXXXX..XXXXXXX 100644
---- a/exec-vary.c
-+++ b/exec-vary.c
-@@ -XXX,XX +XXX,XX @@
- #include "qemu/osdep.h"
- #include "qemu-common.h"
-+
-+#define IN_EXEC_VARY 1
-+
- #include "exec/exec-all.h"
- #ifdef TARGET_PAGE_BITS_VARY
--int target_page_bits;
--bool target_page_bits_decided;
-+# ifdef CONFIG_ATTRIBUTE_ALIAS
-+/*
-+ * We want to declare the "target_page" variable as const, which tells
-+ * the compiler that it can cache any value that it reads across calls.
-+ * This avoids multiple assertions and multiple reads within any one user.
-+ *
-+ * This works because we initialize the target_page data very early, in a
-+ * location far removed from the functions that require the final results.
-+ *
-+ * This also requires that we have a non-constant symbol by which we can
-+ * perform the actual initialization, and which forces the data to be
-+ * allocated within writable memory.  Thus "init_target_page", and we use
-+ * that symbol exclusively in the two functions that initialize this value.
-+ *
-+ * The "target_page" symbol is created as an alias of "init_target_page".
-+ */
-+static TargetPageBits init_target_page;
-+
-+/*
-+ * Note that this is *not* a redundant decl, this is the definition of
-+ * the "target_page" symbol.  The syntax for this definition requires
-+ * the use of the extern keyword.  This seems to be a GCC bug in
-+ * either the syntax for the alias attribute or in -Wredundant-decls.
-+ *
-+ * See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91765
-+ */
-+#  pragma GCC diagnostic push
-+#  pragma GCC diagnostic ignored "-Wredundant-decls"
-+
-+extern const TargetPageBits target_page
-+    __attribute__((alias("init_target_page")));
-+
-+#  pragma GCC diagnostic pop
-+# else
-+/*
-+ * When aliases are not supported then we force two different declarations,
-+ * by way of suppressing the header declaration with IN_EXEC_VARY.
-+ * We assume that on such an old compiler, LTO cannot be used, and so the
-+ * compiler cannot not detect the mismatched declarations, and all is well.
-+ */
-+TargetPageBits target_page;
-+#  define init_target_page target_page
-+# endif
- #endif
- bool set_preferred_target_page_bits(int bits)
-@@ -XXX,XX +XXX,XX @@ bool set_preferred_target_page_bits(int bits)
-      */
- #ifdef TARGET_PAGE_BITS_VARY
-     assert(bits >= TARGET_PAGE_BITS_MIN);
--    if (target_page_bits == 0 || target_page_bits > bits) {
--        if (target_page_bits_decided) {
-+    if (init_target_page.bits == 0 || init_target_page.bits > bits) {
-+        if (init_target_page.decided) {
-             return false;
-         }
--        target_page_bits = bits;
-+        init_target_page.bits = bits;
-     }
- #endif
-     return true;
-@@ -XXX,XX +XXX,XX @@ bool set_preferred_target_page_bits(int bits)
- void finalize_target_page_bits(void)
- {
- #ifdef TARGET_PAGE_BITS_VARY
--    if (target_page_bits == 0) {
--        target_page_bits = TARGET_PAGE_BITS_MIN;
-+    if (init_target_page.bits == 0) {
-+        init_target_page.bits = TARGET_PAGE_BITS_MIN;
-     }
--    target_page_bits_decided = true;
-+    init_target_page.decided = true;
- #endif
- }
---
-.17.1

-[PULL 07/12] exec: Restrict TARGET_PAGE_BITS_VARY assert to CONFIG_DEBUG_TCG
+Deleted patch
-This reduces the size of a release build by about 10k.
-Noticably, within the tlb miss helpers.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/exec/cpu-all.h | 6 +++++-
-file changed, 5 insertions(+), 1 deletion(-)
-diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/cpu-all.h
-+++ b/include/exec/cpu-all.h
-@@ -XXX,XX +XXX,XX @@ extern const TargetPageBits target_page;
- #else
- extern TargetPageBits target_page;
- # endif
--#define TARGET_PAGE_BITS (assert(target_page.decided), target_page.bits)
-+# ifdef CONFIG_DEBUG_TCG
-+#  define TARGET_PAGE_BITS (assert(target_page.decided), target_page.bits)
-+# else
-+#  define TARGET_PAGE_BITS target_page.bits
-+# endif
- #else
- #define TARGET_PAGE_BITS_MIN TARGET_PAGE_BITS
- #endif
---
-.17.1

-[PULL 08/12] exec: Promote TARGET_PAGE_MASK to target_long
+Deleted patch
-There are some uint64_t uses that expect TARGET_PAGE_MASK to
-extend for a 32-bit, so this must continue to be a signed type.
-Define based on TARGET_PAGE_BITS not TARGET_PAGE_SIZE; this
-will make a following patch more clear.
-This should not have a functional effect so far.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/exec/cpu-all.h | 2 +-
-file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/cpu-all.h
-+++ b/include/exec/cpu-all.h
-@@ -XXX,XX +XXX,XX @@ extern TargetPageBits target_page;
- #endif
- #define TARGET_PAGE_SIZE (1 << TARGET_PAGE_BITS)
--#define TARGET_PAGE_MASK ~(TARGET_PAGE_SIZE - 1)
-+#define TARGET_PAGE_MASK ((target_long)-1 << TARGET_PAGE_BITS)
- #define TARGET_PAGE_ALIGN(addr) ROUND_UP((addr), TARGET_PAGE_SIZE)
- /* Using intptr_t ensures that qemu_*_page_mask is sign-extended even
---
-.17.1

-[PULL 09/12] exec: Cache TARGET_PAGE_MASK for TARGET_PAGE_BITS_VARY
+Deleted patch
-This eliminates a set of runtime shifts.  It turns out that we
-require TARGET_PAGE_MASK more often than TARGET_PAGE_SIZE, so
-redefine TARGET_PAGE_SIZE based on TARGET_PAGE_MASK instead of
-the other way around.
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Reviewed-by: David Hildenbrand <david@redhat.com>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/exec/cpu-all.h | 8 ++++++--
- exec-vary.c            | 1 +
-files changed, 7 insertions(+), 2 deletions(-)
-diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/cpu-all.h
-+++ b/include/exec/cpu-all.h
-@@ -XXX,XX +XXX,XX @@ static inline void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val
- typedef struct {
-     bool decided;
-     int bits;
-+    target_long mask;
- } TargetPageBits;
- # if defined(CONFIG_ATTRIBUTE_ALIAS) || !defined(IN_EXEC_VARY)
- extern const TargetPageBits target_page;
-@@ -XXX,XX +XXX,XX @@ extern TargetPageBits target_page;
- # endif
- # ifdef CONFIG_DEBUG_TCG
- #  define TARGET_PAGE_BITS (assert(target_page.decided), target_page.bits)
-+#  define TARGET_PAGE_MASK (assert(target_page.decided), target_page.mask)
- # else
- #  define TARGET_PAGE_BITS target_page.bits
-+#  define TARGET_PAGE_MASK target_page.mask
- # endif
-+# define TARGET_PAGE_SIZE  (-(int)TARGET_PAGE_MASK)
- #else
- #define TARGET_PAGE_BITS_MIN TARGET_PAGE_BITS
-+#define TARGET_PAGE_SIZE   (1 << TARGET_PAGE_BITS)
-+#define TARGET_PAGE_MASK   ((target_long)-1 << TARGET_PAGE_BITS)
- #endif
--#define TARGET_PAGE_SIZE (1 << TARGET_PAGE_BITS)
--#define TARGET_PAGE_MASK ((target_long)-1 << TARGET_PAGE_BITS)
- #define TARGET_PAGE_ALIGN(addr) ROUND_UP((addr), TARGET_PAGE_SIZE)
- /* Using intptr_t ensures that qemu_*_page_mask is sign-extended even
-diff --git a/exec-vary.c b/exec-vary.c
-index XXXXXXX..XXXXXXX 100644
---- a/exec-vary.c
-+++ b/exec-vary.c
-@@ -XXX,XX +XXX,XX @@ void finalize_target_page_bits(void)
-         init_target_page.bits = TARGET_PAGE_BITS_MIN;
-     }
-     init_target_page.decided = true;
-+    init_target_page.mask = (target_long)-1 << init_target_page.bits;
- #endif
- }
---
-.17.1

-[PULL 11/12] translate-all: fix uninitialized tb->orig_tb
+Deleted patch
-From: Clement Deschamps <clement.deschamps@greensocs.com>
-This fixes a segmentation fault in icount mode when executing
-from an IO region.
-TB is marked as CF_NOCACHE but tb->orig_tb is not initialized
-(equals previous value in code_gen_buffer).
-The issue happens in cpu_io_recompile() when it tries to invalidate orig_tb.
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Clement Deschamps <clement.deschamps@greensocs.com>
-Message-Id: <20191022140016.918371-1-clement.deschamps@greensocs.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- accel/tcg/translate-all.c | 1 +
-file changed, 1 insertion(+)
-diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
-index XXXXXXX..XXXXXXX 100644
---- a/accel/tcg/translate-all.c
-+++ b/accel/tcg/translate-all.c
-@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
-     tb->cs_base = cs_base;
-     tb->flags = flags;
-     tb->cflags = cflags;
-+    tb->orig_tb = NULL;
-     tb->trace_vcpu_dstate = *cpu->trace_dstate;
-     tcg_ctx->tb_cflags = cflags;
-  tb_overflow:
---
-.17.1

The following changes since commit bad76ac319556dab2497429d473b49a237672e1c:

Merge remote-tracking branch 'remotes/vivier2/tags/trivial-branch-pull-request' into staging (2019-10-25 14:17:08 +0100)

are available in the Git repository at:

https://github.com/rth7680/qemu.git tags/pull-tcg-20191025

for you to fetch changes up to 0ed1bfb046b740b70eed2cf3581e01768703b185:

translate-all: Remove tb_alloc (2019-10-25 10:15:25 -0400)

----------------------------------------------------------------
Improvements for TARGET_PAGE_BITS_VARY
Fix for TCI ld16u_i64.
Fix for segv on icount execute from i/o memory.
Two misc cleanups.

----------------------------------------------------------------
Alex Bennée (1):
      cputlb: ensure _cmmu helper functions follow the naming standard

Clement Deschamps (1):
      translate-all: fix uninitialized tb->orig_tb

Richard Henderson (8):
      exec: Split out variable page size support to exec-vary.c
      configure: Detect compiler support for __attribute__((alias))
      exec: Use const alias for TARGET_PAGE_BITS_VARY
      exec: Restrict TARGET_PAGE_BITS_VARY assert to CONFIG_DEBUG_TCG
      exec: Promote TARGET_PAGE_MASK to target_long
      exec: Cache TARGET_PAGE_MASK for TARGET_PAGE_BITS_VARY
      cputlb: Fix tlb_vaddr_to_host
      translate-all: Remove tb_alloc

Stefan Weil (1):
      tci: Add implementation for INDEX_op_ld16u_i64

Wei Yang (1):
      cpu: use ROUND_UP() to define xxx_PAGE_ALIGN

From: Stefan Weil <sw@weilnetz.de>

This fixes "make check-tcg" on a Debian x86_64 host.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Tested-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190410194838.10123-1-sw@weilnetz.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/tci.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/tcg/tci.c b/tcg/tci.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tci.c
+++ b/tcg/tci.c
@@ -XXX,XX +XXX,XX @@ static void tci_write_reg8(tcg_target_ulong *regs, TCGReg index, uint8_t value)
     tci_write_reg(regs, index, value);
 }
 
+static void
+tci_write_reg16(tcg_target_ulong *regs, TCGReg index, uint16_t value)
+{
+    tci_write_reg(regs, index, value);
+}
+
 static void
 tci_write_reg32(tcg_target_ulong *regs, TCGReg index, uint32_t value)
 {
@@ -XXX,XX +XXX,XX @@ uintptr_t tcg_qemu_tb_exec(CPUArchState *env, uint8_t *tb_ptr)
             tci_write_reg8(regs, t0, *(uint8_t *)(t1 + t2));
             break;
         case INDEX_op_ld8s_i32:
+            TODO();
+            break;
         case INDEX_op_ld16u_i32:
             TODO();
             break;
@@ -XXX,XX +XXX,XX @@ uintptr_t tcg_qemu_tb_exec(CPUArchState *env, uint8_t *tb_ptr)
             tci_write_reg8(regs, t0, *(uint8_t *)(t1 + t2));
             break;
         case INDEX_op_ld8s_i64:
+            TODO();
+            break;
         case INDEX_op_ld16u_i64:
+            t0 = *tb_ptr++;
+            t1 = tci_read_r(regs, &tb_ptr);
+            t2 = tci_read_s32(&tb_ptr);
+            tci_write_reg16(regs, t0, *(uint16_t *)(t1 + t2));
+            break;
         case INDEX_op_ld16s_i64:
             TODO();
             break;
-- 
2.17.1

From: Alex Bennée <alex.bennee@linaro.org>

We document this in docs/devel/load-stores.rst so lets follow it. The
32 bit and 64 bit access functions have historically not included the
sign so we leave those as is. We also introduce some signed helpers
which are used for loading immediate values in the translator.

Fixes: 282dffc8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20191021150910.23216-1-alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/cpu_ldst_template.h |  4 ++--
 tcg/tcg.h                        | 20 ++++++++++++++------
 accel/tcg/cputlb.c               | 24 +++++++++++++++++++++---
 target/cris/translate_v10.inc.c  |  3 +--
 4 files changed, 38 insertions(+), 13 deletions(-)

diff --git a/include/exec/cpu_ldst_template.h b/include/exec/cpu_ldst_template.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/cpu_ldst_template.h
+++ b/include/exec/cpu_ldst_template.h
@@ -XXX,XX +XXX,XX @@
 #ifdef SOFTMMU_CODE_ACCESS
 #define ADDR_READ addr_code
 #define MMUSUFFIX _cmmu
-#define URETSUFFIX SUFFIX
-#define SRETSUFFIX SUFFIX
+#define URETSUFFIX USUFFIX
+#define SRETSUFFIX glue(s, SUFFIX)
 #else
 #define ADDR_READ addr_read
 #define MMUSUFFIX _mmu
diff --git a/tcg/tcg.h b/tcg/tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -XXX,XX +XXX,XX @@ void helper_be_stl_mmu(CPUArchState *env, target_ulong addr, uint32_t val,
 void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
                        TCGMemOpIdx oi, uintptr_t retaddr);
 
-uint8_t helper_ret_ldb_cmmu(CPUArchState *env, target_ulong addr,
+uint8_t helper_ret_ldub_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr);
-uint16_t helper_le_ldw_cmmu(CPUArchState *env, target_ulong addr,
+int8_t helper_ret_ldsb_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr);
+uint16_t helper_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
+                             TCGMemOpIdx oi, uintptr_t retaddr);
+int16_t helper_le_ldsw_cmmu(CPUArchState *env, target_ulong addr,
+                             TCGMemOpIdx oi, uintptr_t retaddr);
 uint32_t helper_le_ldl_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr);
 uint64_t helper_le_ldq_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr);
-uint16_t helper_be_ldw_cmmu(CPUArchState *env, target_ulong addr,
-                            TCGMemOpIdx oi, uintptr_t retaddr);
+uint16_t helper_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
+                             TCGMemOpIdx oi, uintptr_t retaddr);
+int16_t helper_be_ldsw_cmmu(CPUArchState *env, target_ulong addr,
+                             TCGMemOpIdx oi, uintptr_t retaddr);
 uint32_t helper_be_ldl_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr);
 uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
@@ -XXX,XX +XXX,XX @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
 # define helper_ret_stw_mmu   helper_be_stw_mmu
 # define helper_ret_stl_mmu   helper_be_stl_mmu
 # define helper_ret_stq_mmu   helper_be_stq_mmu
-# define helper_ret_ldw_cmmu  helper_be_ldw_cmmu
+# define helper_ret_lduw_cmmu  helper_be_lduw_cmmu
+# define helper_ret_ldsw_cmmu  helper_be_ldsw_cmmu
 # define helper_ret_ldl_cmmu  helper_be_ldl_cmmu
 # define helper_ret_ldq_cmmu  helper_be_ldq_cmmu
 #else
@@ -XXX,XX +XXX,XX @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
 # define helper_ret_stw_mmu   helper_le_stw_mmu
 # define helper_ret_stl_mmu   helper_le_stl_mmu
 # define helper_ret_stq_mmu   helper_le_stq_mmu
-# define helper_ret_ldw_cmmu  helper_le_ldw_cmmu
+# define helper_ret_lduw_cmmu  helper_le_lduw_cmmu
+# define helper_ret_ldsw_cmmu  helper_le_ldsw_cmmu
 # define helper_ret_ldl_cmmu  helper_le_ldl_cmmu
 # define helper_ret_ldq_cmmu  helper_le_ldq_cmmu
 #endif
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -XXX,XX +XXX,XX @@ static uint64_t full_ldub_cmmu(CPUArchState *env, target_ulong addr,
     return load_helper(env, addr, oi, retaddr, MO_8, true, full_ldub_cmmu);
 }
 
-uint8_t helper_ret_ldb_cmmu(CPUArchState *env, target_ulong addr,
+uint8_t helper_ret_ldub_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr)
 {
     return full_ldub_cmmu(env, addr, oi, retaddr);
 }
 
+int8_t helper_ret_ldsb_cmmu(CPUArchState *env, target_ulong addr,
+                            TCGMemOpIdx oi, uintptr_t retaddr)
+{
+    return (int8_t) full_ldub_cmmu(env, addr, oi, retaddr);
+}
+
 static uint64_t full_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
                                   TCGMemOpIdx oi, uintptr_t retaddr)
 {
@@ -XXX,XX +XXX,XX @@ static uint64_t full_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
                        full_le_lduw_cmmu);
 }
 
-uint16_t helper_le_ldw_cmmu(CPUArchState *env, target_ulong addr,
+uint16_t helper_le_lduw_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr)
 {
     return full_le_lduw_cmmu(env, addr, oi, retaddr);
 }
 
+int16_t helper_le_ldsw_cmmu(CPUArchState *env, target_ulong addr,
+                            TCGMemOpIdx oi, uintptr_t retaddr)
+{
+    return (int16_t) full_le_lduw_cmmu(env, addr, oi, retaddr);
+}
+
 static uint64_t full_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
                                   TCGMemOpIdx oi, uintptr_t retaddr)
 {
@@ -XXX,XX +XXX,XX @@ static uint64_t full_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
                        full_be_lduw_cmmu);
 }
 
-uint16_t helper_be_ldw_cmmu(CPUArchState *env, target_ulong addr,
+uint16_t helper_be_lduw_cmmu(CPUArchState *env, target_ulong addr,
                             TCGMemOpIdx oi, uintptr_t retaddr)
 {
     return full_be_lduw_cmmu(env, addr, oi, retaddr);
 }
 
+int16_t helper_be_ldsw_cmmu(CPUArchState *env, target_ulong addr,
+                            TCGMemOpIdx oi, uintptr_t retaddr)
+{
+    return (int16_t) full_be_lduw_cmmu(env, addr, oi, retaddr);
+}
+
 static uint64_t full_le_ldul_cmmu(CPUArchState *env, target_ulong addr,
                                   TCGMemOpIdx oi, uintptr_t retaddr)
 {
diff --git a/target/cris/translate_v10.inc.c b/target/cris/translate_v10.inc.c
index XXXXXXX..XXXXXXX 100644
--- a/target/cris/translate_v10.inc.c
+++ b/target/cris/translate_v10.inc.c
@@ -XXX,XX +XXX,XX @@ static unsigned int dec10_ind(CPUCRISState *env, DisasContext *dc)
         case CRISV10_IND_BCC_M:
 
             cris_cc_mask(dc, 0);
-            imm = cpu_ldsw_code(env, dc->pc + 2);
-            simm = (int16_t)imm;
+            simm = cpu_ldsw_code(env, dc->pc + 2);
             simm += 4;
 
             LOG_DIS("bcc_m: b%s %x\n", cc_name(dc->cond), dc->pc + simm);
-- 
2.17.1

From: Wei Yang <richardw.yang@linux.intel.com>

Use ROUND_UP() to define, which is a little bit easy to read.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Wei Yang <richardw.yang@linux.intel.com>
Message-Id: <20191013021145.16011-2-richardw.yang@linux.intel.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/cpu-all.h | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -XXX,XX +XXX,XX @@ extern int target_page_bits;
 
 #define TARGET_PAGE_SIZE (1 << TARGET_PAGE_BITS)
 #define TARGET_PAGE_MASK ~(TARGET_PAGE_SIZE - 1)
-#define TARGET_PAGE_ALIGN(addr) (((addr) + TARGET_PAGE_SIZE - 1) & TARGET_PAGE_MASK)
+#define TARGET_PAGE_ALIGN(addr) ROUND_UP((addr), TARGET_PAGE_SIZE)
 
 /* Using intptr_t ensures that qemu_*_page_mask is sign-extended even
  * when intptr_t is 32-bit and we are aligning a long long.
@@ -XXX,XX +XXX,XX @@ extern int target_page_bits;
 extern uintptr_t qemu_host_page_size;
 extern intptr_t qemu_host_page_mask;
 
-#define HOST_PAGE_ALIGN(addr) (((addr) + qemu_host_page_size - 1) & qemu_host_page_mask)
-#define REAL_HOST_PAGE_ALIGN(addr) (((addr) + qemu_real_host_page_size - 1) & \
-                                    qemu_real_host_page_mask)
+#define HOST_PAGE_ALIGN(addr) ROUND_UP((addr), qemu_host_page_size)
+#define REAL_HOST_PAGE_ALIGN(addr) ROUND_UP((addr), qemu_real_host_page_size)
 
 /* same as PROT_xxx */
 #define PAGE_READ      0x0001
-- 
2.17.1

The next patch will play a trick with "const" that will
confuse the compiler about the uses of target_page_bits
within exec.c.  Moving everything to a new file prevents
this confusion.

No functional change so far.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 Makefile.target       |  2 +-
 include/qemu-common.h |  6 +++++
 exec-vary.c           | 57 +++++++++++++++++++++++++++++++++++++++++++
 exec.c                | 34 --------------------------
 4 files changed, 64 insertions(+), 35 deletions(-)
 create mode 100644 exec-vary.c

diff --git a/Makefile.target b/Makefile.target
index XXXXXXX..XXXXXXX 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -XXX,XX +XXX,XX @@ obj-y += trace/
 
 #########################################################
 # cpu emulator library
-obj-y += exec.o
+obj-y += exec.o exec-vary.o
 obj-y += accel/
 obj-$(CONFIG_TCG) += tcg/tcg.o tcg/tcg-op.o tcg/tcg-op-vec.o tcg/tcg-op-gvec.o
 obj-$(CONFIG_TCG) += tcg/tcg-common.o tcg/optimize.o
diff --git a/include/qemu-common.h b/include/qemu-common.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu-common.h
+++ b/include/qemu-common.h
@@ -XXX,XX +XXX,XX @@ void cpu_exec_step_atomic(CPUState *cpu);
  */
 bool set_preferred_target_page_bits(int bits);
 
+/**
+ * finalize_target_page_bits:
+ * Commit the final value set by set_preferred_target_page_bits.
+ */
+void finalize_target_page_bits(void);
+
 /**
  * Sends a (part of) iovec down a socket, yielding when the socket is full, or
  * Receives data into a (part of) iovec from a socket,
diff --git a/exec-vary.c b/exec-vary.c
new file mode 100644
index XXXXXXX..XXXXXXX
--- /dev/null
+++ b/exec-vary.c
@@ -XXX,XX +XXX,XX @@
+/*
+ * Variable page size handling
+ *
+ *  Copyright (c) 2003 Fabrice Bellard
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "qemu/osdep.h"
+#include "qemu-common.h"
+#include "exec/exec-all.h"
+
+#ifdef TARGET_PAGE_BITS_VARY
+int target_page_bits;
+bool target_page_bits_decided;
+#endif
+
+bool set_preferred_target_page_bits(int bits)
+{
+    /*
+     * The target page size is the lowest common denominator for all
+     * the CPUs in the system, so we can only make it smaller, never
+     * larger. And we can't make it smaller once we've committed to
+     * a particular size.
+     */
+#ifdef TARGET_PAGE_BITS_VARY
+    assert(bits >= TARGET_PAGE_BITS_MIN);
+    if (target_page_bits == 0 || target_page_bits > bits) {
+        if (target_page_bits_decided) {
+            return false;
+        }
+        target_page_bits = bits;
+    }
+#endif
+    return true;
+}
+
+void finalize_target_page_bits(void)
+{
+#ifdef TARGET_PAGE_BITS_VARY
+    if (target_page_bits == 0) {
+        target_page_bits = TARGET_PAGE_BITS_MIN;
+    }
+    target_page_bits_decided = true;
+#endif
+}
diff --git a/exec.c b/exec.c
index XXXXXXX..XXXXXXX 100644
--- a/exec.c
+++ b/exec.c
@@ -XXX,XX +XXX,XX @@ AddressSpace address_space_memory;
 static MemoryRegion io_mem_unassigned;
 #endif
 
-#ifdef TARGET_PAGE_BITS_VARY
-int target_page_bits;
-bool target_page_bits_decided;
-#endif
-
 CPUTailQ cpus = QTAILQ_HEAD_INITIALIZER(cpus);
 
 /* current CPU in the current thread. It is only valid inside
@@ -XXX,XX +XXX,XX @@ int use_icount;
 uintptr_t qemu_host_page_size;
 intptr_t qemu_host_page_mask;
 
-bool set_preferred_target_page_bits(int bits)
-{
-    /* The target page size is the lowest common denominator for all
-     * the CPUs in the system, so we can only make it smaller, never
-     * larger. And we can't make it smaller once we've committed to
-     * a particular size.
-     */
-#ifdef TARGET_PAGE_BITS_VARY
-    assert(bits >= TARGET_PAGE_BITS_MIN);
-    if (target_page_bits == 0 || target_page_bits > bits) {
-        if (target_page_bits_decided) {
-            return false;
-        }
-        target_page_bits = bits;
-    }
-#endif
-    return true;
-}
-
 #if !defined(CONFIG_USER_ONLY)
 
-static void finalize_target_page_bits(void)
-{
-#ifdef TARGET_PAGE_BITS_VARY
-    if (target_page_bits == 0) {
-        target_page_bits = TARGET_PAGE_BITS_MIN;
-    }
-    target_page_bits_decided = true;
-#endif
-}
-
 typedef struct PhysPageEntry PhysPageEntry;
 
 struct PhysPageEntry {
-- 
2.17.1

Such support is present almost everywhere, except for Xcode 9.
It is added in Xcode 10, but travis uses xcode9 by default,
so we should support it for a while yet.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 configure | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/configure b/configure
index XXXXXXX..XXXXXXX 100755
--- a/configure
+++ b/configure
@@ -XXX,XX +XXX,XX @@ if compile_prog "" "" ; then
   vector16=yes
 fi
 
+########################################
+# See if __attribute__((alias)) is supported.
+# This false for Xcode 9, but has been remedied for Xcode 10.
+# Unfortunately, travis uses Xcode 9 by default.
+
+attralias=no
+cat > $TMPC << EOF
+int x = 1;
+extern const int y __attribute__((alias("x")));
+int main(void) { return 0; }
+EOF
+if compile_prog "" "" ; then
+    attralias=yes
+fi
+
 ########################################
 # check if getauxval is available.
 
@@ -XXX,XX +XXX,XX @@ if test "$vector16" = "yes" ; then
   echo "CONFIG_VECTOR16=y" >> $config_host_mak
 fi
 
+if test "$attralias" = "yes" ; then
+  echo "CONFIG_ATTRIBUTE_ALIAS=y" >> $config_host_mak
+fi
+
 if test "$getauxval" = "yes" ; then
   echo "CONFIG_GETAUXVAL=y" >> $config_host_mak
 fi
-- 
2.17.1

Using a variable that is declared "const" for this tells the
compiler that it may read the value once and assume that it
does not change across function calls.

For target_page_size, this means we have only one assert per
function, and one read of the variable.

This reduces the size of qemu-system-aarch64 by 8k.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/cpu-all.h | 14 +++++++---
 exec-vary.c            | 60 ++++++++++++++++++++++++++++++++++++------
 2 files changed, 62 insertions(+), 12 deletions(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -XXX,XX +XXX,XX @@ static inline void stl_phys_notdirty(AddressSpace *as, hwaddr addr, uint32_t val
 /* page related stuff */
 
 #ifdef TARGET_PAGE_BITS_VARY
-extern bool target_page_bits_decided;
-extern int target_page_bits;
-#define TARGET_PAGE_BITS ({ assert(target_page_bits_decided); \
-                            target_page_bits; })
+typedef struct {
+    bool decided;
+    int bits;
+} TargetPageBits;
+# if defined(CONFIG_ATTRIBUTE_ALIAS) || !defined(IN_EXEC_VARY)
+extern const TargetPageBits target_page;
+#else
+extern TargetPageBits target_page;
+# endif
+#define TARGET_PAGE_BITS (assert(target_page.decided), target_page.bits)
 #else
 #define TARGET_PAGE_BITS_MIN TARGET_PAGE_BITS
 #endif
diff --git a/exec-vary.c b/exec-vary.c
index XXXXXXX..XXXXXXX 100644
--- a/exec-vary.c
+++ b/exec-vary.c
@@ -XXX,XX +XXX,XX @@
 
 #include "qemu/osdep.h"
 #include "qemu-common.h"
+
+#define IN_EXEC_VARY 1
+
 #include "exec/exec-all.h"
 
 #ifdef TARGET_PAGE_BITS_VARY
-int target_page_bits;
-bool target_page_bits_decided;
+# ifdef CONFIG_ATTRIBUTE_ALIAS
+/*
+ * We want to declare the "target_page" variable as const, which tells
+ * the compiler that it can cache any value that it reads across calls.
+ * This avoids multiple assertions and multiple reads within any one user.
+ *
+ * This works because we initialize the target_page data very early, in a
+ * location far removed from the functions that require the final results.
+ *
+ * This also requires that we have a non-constant symbol by which we can
+ * perform the actual initialization, and which forces the data to be
+ * allocated within writable memory.  Thus "init_target_page", and we use
+ * that symbol exclusively in the two functions that initialize this value.
+ *
+ * The "target_page" symbol is created as an alias of "init_target_page".
+ */
+static TargetPageBits init_target_page;
+
+/*
+ * Note that this is *not* a redundant decl, this is the definition of
+ * the "target_page" symbol.  The syntax for this definition requires
+ * the use of the extern keyword.  This seems to be a GCC bug in
+ * either the syntax for the alias attribute or in -Wredundant-decls.
+ *
+ * See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91765
+ */
+#  pragma GCC diagnostic push
+#  pragma GCC diagnostic ignored "-Wredundant-decls"
+
+extern const TargetPageBits target_page
+    __attribute__((alias("init_target_page")));
+
+#  pragma GCC diagnostic pop
+# else
+/*
+ * When aliases are not supported then we force two different declarations,
+ * by way of suppressing the header declaration with IN_EXEC_VARY.
+ * We assume that on such an old compiler, LTO cannot be used, and so the
+ * compiler cannot not detect the mismatched declarations, and all is well.
+ */
+TargetPageBits target_page;
+#  define init_target_page target_page
+# endif
 #endif
 
 bool set_preferred_target_page_bits(int bits)
@@ -XXX,XX +XXX,XX @@ bool set_preferred_target_page_bits(int bits)
      */
 #ifdef TARGET_PAGE_BITS_VARY
     assert(bits >= TARGET_PAGE_BITS_MIN);
-    if (target_page_bits == 0 || target_page_bits > bits) {
-        if (target_page_bits_decided) {
+    if (init_target_page.bits == 0 || init_target_page.bits > bits) {
+        if (init_target_page.decided) {
             return false;
         }
-        target_page_bits = bits;
+        init_target_page.bits = bits;
     }
 #endif
     return true;
@@ -XXX,XX +XXX,XX @@ bool set_preferred_target_page_bits(int bits)
 void finalize_target_page_bits(void)
 {
 #ifdef TARGET_PAGE_BITS_VARY
-    if (target_page_bits == 0) {
-        target_page_bits = TARGET_PAGE_BITS_MIN;
+    if (init_target_page.bits == 0) {
+        init_target_page.bits = TARGET_PAGE_BITS_MIN;
     }
-    target_page_bits_decided = true;
+    init_target_page.decided = true;
 #endif
 }
-- 
2.17.1

There are some uint64_t uses that expect TARGET_PAGE_MASK to
extend for a 32-bit, so this must continue to be a signed type.
Define based on TARGET_PAGE_BITS not TARGET_PAGE_SIZE; this
will make a following patch more clear.

This should not have a functional effect so far.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/cpu-all.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/exec/cpu-all.h b/include/exec/cpu-all.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/cpu-all.h
+++ b/include/exec/cpu-all.h
@@ -XXX,XX +XXX,XX @@ extern TargetPageBits target_page;
 #endif
 
 #define TARGET_PAGE_SIZE (1 << TARGET_PAGE_BITS)
-#define TARGET_PAGE_MASK ~(TARGET_PAGE_SIZE - 1)
+#define TARGET_PAGE_MASK ((target_long)-1 << TARGET_PAGE_BITS)
 #define TARGET_PAGE_ALIGN(addr) ROUND_UP((addr), TARGET_PAGE_SIZE)
 
 /* Using intptr_t ensures that qemu_*_page_mask is sign-extended even
-- 
2.17.1

This eliminates a set of runtime shifts.  It turns out that we
require TARGET_PAGE_MASK more often than TARGET_PAGE_SIZE, so
redefine TARGET_PAGE_SIZE based on TARGET_PAGE_MASK instead of
the other way around.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/cpu-all.h | 8 ++++++--
 exec-vary.c            | 1 +
 2 files changed, 7 insertions(+), 2 deletions(-)

From: Clement Deschamps <clement.deschamps@greensocs.com>

This fixes a segmentation fault in icount mode when executing
from an IO region.

TB is marked as CF_NOCACHE but tb->orig_tb is not initialized
(equals previous value in code_gen_buffer).

The issue happens in cpu_io_recompile() when it tries to invalidate orig_tb.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Clement Deschamps <clement.deschamps@greensocs.com>
Message-Id: <20191022140016.918371-1-clement.deschamps@greensocs.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 accel/tcg/translate-all.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
     tb->cs_base = cs_base;
     tb->flags = flags;
     tb->cflags = cflags;
+    tb->orig_tb = NULL;
     tb->trace_vcpu_dstate = *cpu->trace_dstate;
     tcg_ctx->tb_cflags = cflags;
  tb_overflow:
-- 
2.17.1

Since 2ac01d6dafab, this function does only two things: assert a
lock is held, and call tcg_tb_alloc.  It is used exactly once,
and its user has already done the assert.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Clement Deschamps <clement.deschamps@greensocs.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 accel/tcg/translate-all.c | 20 ++------------------
 1 file changed, 2 insertions(+), 18 deletions(-)

diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -XXX,XX +XXX,XX @@ void tcg_exec_init(unsigned long tb_size)
 #endif
 }
 
-/*
- * Allocate a new translation block. Flush the translation buffer if
- * too many translation blocks or too much generated code.
- */
-static TranslationBlock *tb_alloc(target_ulong pc)
-{
-    TranslationBlock *tb;
-
-    assert_memory_lock();
-
-    tb = tcg_tb_alloc(tcg_ctx);
-    if (unlikely(tb == NULL)) {
-        return NULL;
-    }
-    return tb;
-}
-
 /* call with @p->lock held */
 static inline void invalidate_page_bitmap(PageDesc *p)
 {
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
     TCGProfile *prof = &tcg_ctx->prof;
     int64_t ti;
 #endif
+
     assert_memory_lock();
 
     phys_pc = get_page_addr_code(env, pc);
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
     }
 
  buffer_overflow:
-    tb = tb_alloc(pc);
+    tb = tcg_tb_alloc(tcg_ctx);
     if (unlikely(!tb)) {
         /* flush must be done */
         tb_flush(cpu);
-- 
2.17.1

Pretty small still, but there are two patches that ought
to get backported to stable, so no point in delaying.

The following changes since commit a5ba0a7e4e150d1350a041f0d0ef9ca6c8d7c307:

Merge tag 'pull-aspeed-20241211' of https://github.com/legoater/qemu into staging (2024-12-11 15:16:47 +0000)

are available in the Git repository at:

https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20241212

for you to fetch changes up to 7ac87b14a92234b6a89b701b4043ad6cf8bdcccf:

target/sparc: Use memcpy() and remove memcpy32() (2024-12-12 14:28:38 -0600)

----------------------------------------------------------------
tcg: Reset free_temps before tcg_optimize
tcg/riscv: Fix StoreStore barrier generation
include/exec: Introduce fpst alias in helper-head.h.inc
target/sparc: Use memcpy() and remove memcpy32()

----------------------------------------------------------------
Philippe Mathieu-Daudé (1):
      target/sparc: Use memcpy() and remove memcpy32()

Richard Henderson (2):
      tcg: Reset free_temps before tcg_optimize
      include/exec: Introduce fpst alias in helper-head.h.inc

Roman Artemev (1):
      tcg/riscv: Fix StoreStore barrier generation

When allocating new temps during tcg_optmize, do not re-use
any EBB temps that were used within the TB.  We do not have
any idea what span of the TB in which the temp was live.

Introduce tcg_temp_ebb_reset_freed and use before tcg_optimize,
as well as replacing the equivalent in plugin_gen_inject and
tcg_func_start.

Cc: qemu-stable@nongnu.org
Fixes: fb04ab7ddd8 ("tcg/optimize: Lower TCG_COND_TST{EQ,NE} if unsupported")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2711
Reported-by: wannacu <wannacu2049@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
---
 include/tcg/tcg-temp-internal.h | 6 ++++++
 accel/tcg/plugin-gen.c          | 2 +-
 tcg/tcg.c                       | 5 ++++-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/include/tcg/tcg-temp-internal.h b/include/tcg/tcg-temp-internal.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg-temp-internal.h
+++ b/include/tcg/tcg-temp-internal.h
@@ -XXX,XX +XXX,XX @@ TCGv_i64 tcg_temp_ebb_new_i64(void);
 TCGv_ptr tcg_temp_ebb_new_ptr(void);
 TCGv_i128 tcg_temp_ebb_new_i128(void);
 
+/* Forget all freed EBB temps, so that new allocations produce new temps. */
+static inline void tcg_temp_ebb_reset_freed(TCGContext *s)
+{
+    memset(s->free_temps, 0, sizeof(s->free_temps));
+}
+
 #endif /* TCG_TEMP_FREE_H */
diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/plugin-gen.c
+++ b/accel/tcg/plugin-gen.c
@@ -XXX,XX +XXX,XX @@ static void plugin_gen_inject(struct qemu_plugin_tb *plugin_tb)
      * that might be live within the existing opcode stream.
      * The simplest solution is to release them all and create new.
      */
-    memset(tcg_ctx->free_temps, 0, sizeof(tcg_ctx->free_temps));
+    tcg_temp_ebb_reset_freed(tcg_ctx);
 
     QTAILQ_FOREACH_SAFE(op, &tcg_ctx->ops, link, next) {
         switch (op->opc) {
diff --git a/tcg/tcg.c b/tcg/tcg.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ void tcg_func_start(TCGContext *s)
     s->nb_temps = s->nb_globals;
 
     /* No temps have been previously allocated for size or locality.  */
-    memset(s->free_temps, 0, sizeof(s->free_temps));
+    tcg_temp_ebb_reset_freed(s);
 
     /* No constant temps have been previously allocated. */
     for (int i = 0; i < TCG_TYPE_COUNT; ++i) {
@@ -XXX,XX +XXX,XX @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb, uint64_t pc_start)
     }
 #endif
 
+    /* Do not reuse any EBB that may be allocated within the TB. */
+    tcg_temp_ebb_reset_freed(s);
+
     tcg_optimize(s);
 
     reachable_code_pass(s);
-- 
2.43.0

From: Roman Artemev <roman.artemev@syntacore.com>

On RISC-V to StoreStore barrier corresponds
`fence w, w` not `fence r, r`

Cc: qemu-stable@nongnu.org
Fixes: efbea94c76b ("tcg/riscv: Add slowpath load and store instructions")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Denis Tomashev <denis.tomashev@syntacore.com>
Signed-off-by: Roman Artemev <roman.artemev@syntacore.com>
Message-ID: <e2f2131e294a49e79959d4fa9ec02cf4@syntacore.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/riscv/tcg-target.c.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tcg/riscv/tcg-target.c.inc b/tcg/riscv/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/riscv/tcg-target.c.inc
+++ b/tcg/riscv/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static void tcg_out_mb(TCGContext *s, TCGArg a0)
         insn |= 0x02100000;
     }
     if (a0 & TCG_MO_ST_ST) {
-        insn |= 0x02200000;
+        insn |= 0x01100000;
     }
     tcg_out32(s, insn);
 }
-- 
2.43.0

This allows targets to declare that the helper requires a
float_status pointer and instead of a generic void pointer.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/helper-head.h.inc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/include/exec/helper-head.h.inc b/include/exec/helper-head.h.inc
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-head.h.inc
+++ b/include/exec/helper-head.h.inc
@@ -XXX,XX +XXX,XX @@
 #define dh_alias_ptr ptr
 #define dh_alias_cptr ptr
 #define dh_alias_env ptr
+#define dh_alias_fpst ptr
 #define dh_alias_void void
 #define dh_alias_noreturn noreturn
 #define dh_alias(t) glue(dh_alias_, t)
@@ -XXX,XX +XXX,XX @@
 #define dh_ctype_ptr void *
 #define dh_ctype_cptr const void *
 #define dh_ctype_env CPUArchState *
+#define dh_ctype_fpst float_status *
 #define dh_ctype_void void
 #define dh_ctype_noreturn G_NORETURN void
 #define dh_ctype(t) dh_ctype_##t
@@ -XXX,XX +XXX,XX @@
 #define dh_typecode_f64 dh_typecode_i64
 #define dh_typecode_cptr dh_typecode_ptr
 #define dh_typecode_env dh_typecode_ptr
+#define dh_typecode_fpst dh_typecode_ptr
 #define dh_typecode(t) dh_typecode_##t
 
 #define dh_callflag_i32  0
-- 
2.43.0

From: Philippe Mathieu-Daudé <philmd@linaro.org>

Rather than manually copying each register, use
the libc memcpy(), which is well optimized nowadays.

Suggested-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20241205205418.67613-1-philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/sparc/win_helper.c | 26 ++++++++------------------
 1 file changed, 8 insertions(+), 18 deletions(-)

diff --git a/target/sparc/win_helper.c b/target/sparc/win_helper.c
index XXXXXXX..XXXXXXX 100644
--- a/target/sparc/win_helper.c
+++ b/target/sparc/win_helper.c
@@ -XXX,XX +XXX,XX @@
 #include "exec/helper-proto.h"
 #include "trace.h"
 
-static inline void memcpy32(target_ulong *dst, const target_ulong *src)
-{
-    dst[0] = src[0];
-    dst[1] = src[1];
-    dst[2] = src[2];
-    dst[3] = src[3];
-    dst[4] = src[4];
-    dst[5] = src[5];
-    dst[6] = src[6];
-    dst[7] = src[7];
-}
-
 void cpu_set_cwp(CPUSPARCState *env, int new_cwp)
 {
     /* put the modified wrap registers at their proper location */
     if (env->cwp == env->nwindows - 1) {
-        memcpy32(env->regbase, env->regbase + env->nwindows * 16);
+        memcpy(env->regbase, env->regbase + env->nwindows * 16,
+               sizeof(env->gregs));
     }
     env->cwp = new_cwp;
 
     /* put the wrap registers at their temporary location */
     if (new_cwp == env->nwindows - 1) {
-        memcpy32(env->regbase + env->nwindows * 16, env->regbase);
+        memcpy(env->regbase + env->nwindows * 16, env->regbase,
+               sizeof(env->gregs));
     }
     env->regwptr = env->regbase + (new_cwp * 16);
 }
@@ -XXX,XX +XXX,XX @@ void cpu_gl_switch_gregs(CPUSPARCState *env, uint32_t new_gl)
     dst = get_gl_gregset(env, env->gl);
 
     if (src != dst) {
-        memcpy32(dst, env->gregs);
-        memcpy32(env->gregs, src);
+        memcpy(dst, env->gregs, sizeof(env->gregs));
+        memcpy(env->gregs, src, sizeof(env->gregs));
     }
 }
 
@@ -XXX,XX +XXX,XX @@ void cpu_change_pstate(CPUSPARCState *env, uint32_t new_pstate)
         /* Switch global register bank */
         src = get_gregset(env, new_pstate_regs);
         dst = get_gregset(env, pstate_regs);
-        memcpy32(dst, env->gregs);
-        memcpy32(env->gregs, src);
+        memcpy(dst, env->gregs, sizeof(env->gregs));
+        memcpy(env->gregs, src, sizeof(env->gregs));
     } else {
         trace_win_helper_no_switch_pstate(new_pstate_regs);
     }
-- 
2.43.0