Series comparison

-[PULL 0/3] tcg patch queue
+[PULL 0/4] tcg patch queue
-The following changes since commit e18e5501d8ac692d32657a3e1ef545b14e72b730:
+The following changes since commit 67e41fe0cfb62e6cdfa659f0155417d17e5274ea:
-  Merge remote-tracking branch 'remotes/dgilbert-gitlab/tags/pull-virtiofs-20200210' into staging (2020-02-10 18:09:14 +0000)
+  Merge tag 'pull-ppc-20220104' of https://github.com/legoater/qemu into staging (2022-01-04 07:23:27 -0800)
 are available in the Git repository at:
-  https://github.com/rth7680/qemu.git tags/pull-tcg-20200212
+  https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20220104
-for you to fetch changes up to 2445971604c1cfd3ec484457159f4ac300fb04d2:
+for you to fetch changes up to d7478d4229f0a2b2817a55487e6b17081099fae4:
-  tcg: Add tcg_gen_gvec_5_ptr (2020-02-12 14:58:36 -0800)
+  common-user: Fix tail calls to safe_syscall_set_errno_tail (2022-01-04 15:41:03 -0800)
 ----------------------------------------------------------------
-Fix breakpoint invalidation.
+Fix for safe_syscall_base.
-Add support for tcg helpers with 7 arguments.
+Fix for folding of vector add/sub.
-Add support for gvec helpers with 5 arguments.
+Fix build on loongarch64 with gcc 8.
 Remove decl for qemu_run_machine_init_done_notifiers.
 ----------------------------------------------------------------
-Max Filippov (1):
+Philippe Mathieu-Daudé (1):
-      exec: flush CPU TB cache in breakpoint_invalidate
+      linux-user: Fix trivial build error on loongarch64 hosts
-Richard Henderson (1):
+Richard Henderson (2):
-      tcg: Add tcg_gen_gvec_5_ptr
+      tcg/optimize: Fix folding of vector ops
       common-user: Fix tail calls to safe_syscall_set_errno_tail
-Taylor Simpson (1):
+Xiaoyao Li (1):
-      tcg: Add support for a helper with 7 arguments
+      sysemu: Cleanup qemu_run_machine_init_done_notifiers()
- include/exec/helper-gen.h   | 13 +++++++++++++
+ include/sysemu/sysemu.h                    |  1 -
- include/exec/helper-head.h  |  2 ++
+ linux-user/host/loongarch64/host-signal.h  |  4 +--
- include/exec/helper-proto.h |  6 ++++++
+ tcg/optimize.c                             | 49 +++++++++++++++++++++++-------
- include/exec/helper-tcg.h   |  7 +++++++
+ common-user/host/i386/safe-syscall.inc.S   |  1 +
- include/tcg/tcg-op-gvec.h   |  7 +++++++
+ common-user/host/mips/safe-syscall.inc.S   |  1 +
- exec.c                      | 15 +++++++--------
+ common-user/host/x86_64/safe-syscall.inc.S |  1 +
- tcg/tcg-op-gvec.c           | 32 ++++++++++++++++++++++++++++++++
+files changed, 42 insertions(+), 15 deletions(-)
 files changed, 74 insertions(+), 8 deletions(-)

-[PULL 3/3] tcg: Add tcg_gen_gvec_5_ptr
+[PULL 1/4] tcg/optimize: Fix folding of vector ops
-Extend the vector generator infrastructure to handle
+Bitwise operations are easy to fold, because the operation is
-vector arguments.
+identical regardless of element size.  But add and sub need
 extra element size info that is not currently propagated.
-Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Fixes: 2f9f08ba43d
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Cc: qemu-stable@nongnu.org
-Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/799
 Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/tcg/tcg-op-gvec.h |  7 +++++++
+ tcg/optimize.c | 49 ++++++++++++++++++++++++++++++++++++++-----------
- tcg/tcg-op-gvec.c         | 32 ++++++++++++++++++++++++++++++++
+file changed, 38 insertions(+), 11 deletions(-)
 files changed, 39 insertions(+)
-diff --git a/include/tcg/tcg-op-gvec.h b/include/tcg/tcg-op-gvec.h
+diff --git a/tcg/optimize.c b/tcg/optimize.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg-op-gvec.h
+--- a/tcg/optimize.c
-+++ b/include/tcg/tcg-op-gvec.h
++++ b/tcg/optimize.c
-@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+@@ -XXX,XX +XXX,XX @@ static uint64_t do_constant_folding_2(TCGOpcode op, uint64_t x, uint64_t y)
-                         uint32_t maxsz, int32_t data,
+     CASE_OP_32_64(mul):
-                         gen_helper_gvec_4_ptr *fn);
+         return x * y;
-+typedef void gen_helper_gvec_5_ptr(TCGv_ptr, TCGv_ptr, TCGv_ptr, TCGv_ptr,
+-    CASE_OP_32_64(and):
-+                                   TCGv_ptr, TCGv_ptr, TCGv_i32);
++    CASE_OP_32_64_VEC(and):
-+void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+         return x & y;
-+                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
-+                        uint32_t oprsz, uint32_t maxsz, int32_t data,
+-    CASE_OP_32_64(or):
-+                        gen_helper_gvec_5_ptr *fn);
++    CASE_OP_32_64_VEC(or):
-+
+         return x | y;
- /* Expand a gvec operation.  Either inline or out-of-line depending on
-    the actual vector size and the operations supported by the host.  */
+-    CASE_OP_32_64(xor):
- typedef struct {
++    CASE_OP_32_64_VEC(xor):
-diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
+         return x ^ y;
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg-op-gvec.c
+     case INDEX_op_shl_i32:
-+++ b/tcg/tcg-op-gvec.c
+@@ -XXX,XX +XXX,XX @@ static uint64_t do_constant_folding_2(TCGOpcode op, uint64_t x, uint64_t y)
-@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+     case INDEX_op_rotl_i64:
-     tcg_temp_free_i32(desc);
+         return rol64(x, y & 63);
 -    CASE_OP_32_64(not):
 +    CASE_OP_32_64_VEC(not):
          return ~x;
      CASE_OP_32_64(neg):
          return -x;
 -    CASE_OP_32_64(andc):
 +    CASE_OP_32_64_VEC(andc):
          return x & ~y;
 -    CASE_OP_32_64(orc):
 +    CASE_OP_32_64_VEC(orc):
          return x | ~y;
      CASE_OP_32_64(eqv):
@@ -XXX,XX +XXX,XX @@ static bool fold_const2(OptContext *ctx, TCGOp *op)
      return false;
  }
-+/* Generate a call to a gvec-style helper with five vector operands
++static bool fold_commutative(OptContext *ctx, TCGOp *op)
 +   and an extra pointer operand.  */
 +void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
 +                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
 +                        uint32_t oprsz, uint32_t maxsz, int32_t data,
 +                        gen_helper_gvec_5_ptr *fn)
 +{
-+    TCGv_ptr a0, a1, a2, a3, a4;
++    swap_commutative(op->args[0], &op->args[1], &op->args[2]);
-+    TCGv_i32 desc = tcg_const_i32(simd_desc(oprsz, maxsz, data));
++    return false;
 +
 +    a0 = tcg_temp_new_ptr();
 +    a1 = tcg_temp_new_ptr();
 +    a2 = tcg_temp_new_ptr();
 +    a3 = tcg_temp_new_ptr();
 +    a4 = tcg_temp_new_ptr();
 +
 +    tcg_gen_addi_ptr(a0, cpu_env, dofs);
 +    tcg_gen_addi_ptr(a1, cpu_env, aofs);
 +    tcg_gen_addi_ptr(a2, cpu_env, bofs);
 +    tcg_gen_addi_ptr(a3, cpu_env, cofs);
 +    tcg_gen_addi_ptr(a4, cpu_env, eofs);
 +
 +    fn(a0, a1, a2, a3, a4, ptr, desc);
 +
 +    tcg_temp_free_ptr(a0);
 +    tcg_temp_free_ptr(a1);
 +    tcg_temp_free_ptr(a2);
 +    tcg_temp_free_ptr(a3);
 +    tcg_temp_free_ptr(a4);
 +    tcg_temp_free_i32(desc);
 +}
 +
- /* Return true if we want to implement something of OPRSZ bytes
+ static bool fold_const2_commutative(OptContext *ctx, TCGOp *op)
-    in units of LNSZ.  This limits the expansion of inline code.  */
+ {
- static inline bool check_size_impl(uint32_t oprsz, uint32_t lnsz)
+     swap_commutative(op->args[0], &op->args[1], &op->args[2]);
@@ -XXX,XX +XXX,XX @@ static bool fold_add(OptContext *ctx, TCGOp *op)
      return false;
  }
 +/* We cannot as yet do_constant_folding with vectors. */
 +static bool fold_add_vec(OptContext *ctx, TCGOp *op)
 +{
 +    if (fold_commutative(ctx, op) ||
 +        fold_xi_to_x(ctx, op, 0)) {
 +        return true;
 +    }
 +    return false;
 +}
 +
  static bool fold_addsub2(OptContext *ctx, TCGOp *op, bool add)
  {
      if (arg_is_const(op->args[2]) && arg_is_const(op->args[3]) &&
@@ -XXX,XX +XXX,XX @@ static bool fold_sub_to_neg(OptContext *ctx, TCGOp *op)
      return false;
  }
 -static bool fold_sub(OptContext *ctx, TCGOp *op)
 +/* We cannot as yet do_constant_folding with vectors. */
 +static bool fold_sub_vec(OptContext *ctx, TCGOp *op)
  {
 -    if (fold_const2(ctx, op) ||
 -        fold_xx_to_i(ctx, op, 0) ||
 +    if (fold_xx_to_i(ctx, op, 0) ||
          fold_xi_to_x(ctx, op, 0) ||
          fold_sub_to_neg(ctx, op)) {
          return true;
@@ -XXX,XX +XXX,XX @@ static bool fold_sub(OptContext *ctx, TCGOp *op)
      return false;
  }
 +static bool fold_sub(OptContext *ctx, TCGOp *op)
 +{
 +    return fold_const2(ctx, op) || fold_sub_vec(ctx, op);
 +}
 +
  static bool fold_sub2(OptContext *ctx, TCGOp *op)
  {
      return fold_addsub2(ctx, op, false);
@@ -XXX,XX +XXX,XX @@ void tcg_optimize(TCGContext *s)
           * Sorted alphabetically by opcode as much as possible.
           */
          switch (opc) {
 -        CASE_OP_32_64_VEC(add):
 +        CASE_OP_32_64(add):
              done = fold_add(&ctx, op);
              break;
 +        case INDEX_op_add_vec:
 +            done = fold_add_vec(&ctx, op);
 +            break;
          CASE_OP_32_64(add2):
              done = fold_add2(&ctx, op);
              break;
@@ -XXX,XX +XXX,XX @@ void tcg_optimize(TCGContext *s)
          CASE_OP_32_64(sextract):
              done = fold_sextract(&ctx, op);
              break;
 -        CASE_OP_32_64_VEC(sub):
 +        CASE_OP_32_64(sub):
              done = fold_sub(&ctx, op);
              break;
 +        case INDEX_op_sub_vec:
 +            done = fold_sub_vec(&ctx, op);
 +            break;
          CASE_OP_32_64(sub2):
              done = fold_sub2(&ctx, op);
              break;
 --
-.20.1
+.25.1

-[PULL 2/3] tcg: Add support for a helper with 7 arguments
+[PULL 2/4] linux-user: Fix trivial build error on loongarch64 hosts
-From: Taylor Simpson <tsimpson@quicinc.com>
+From: Philippe Mathieu-Daudé <f4bug@amsat.org>
-Currently, helpers can only take up to 6 arguments.  This patch adds the
+When building using GCC 8.3.0 on loongarch64 (Loongnix) we get:
 capability for up to 7 arguments.  I have tested it with the Hexagon port
 that I am preparing for submission.
-Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
+  In file included from ../linux-user/signal.c:33:
-Message-Id: <1580942510-2820-1-git-send-email-tsimpson@quicinc.com>
+  ../linux-user/host/loongarch64/host-signal.h: In function ‘host_signal_write’:
   ../linux-user/host/loongarch64/host-signal.h:57:9: error: a label can only be part of a statement and a declaration is not a statement
          uint32_t sel = (insn >> 15) & 0b11111111111;
          ^~~~~~~~
 We don't use the 'sel' variable more than once, so drop it.
 Meson output for the record:
   Host machine cpu family: loongarch64
   Host machine cpu: loongarch64
   C compiler for the host machine: cc (gcc 8.3.0 "cc (Loongnix 8.3.0-6.lnd.vec.27) 8.3.0")
   C linker for the host machine: cc ld.bfd 2.31.1-system
 Fixes: ad812c3bd65 ("linux-user: Implement CPU-specific signal handler for loongarch64 hosts")
 Reported-by: Song Gao <gaosong@loongson.cn>
 Suggested-by: Song Gao <gaosong@loongson.cn>
 Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
 Reviewed-by: WANG Xuerui <git@xen0n.name>
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
 Message-Id: <20220104215027.2180972-1-f4bug@amsat.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/exec/helper-gen.h   | 13 +++++++++++++
+ linux-user/host/loongarch64/host-signal.h | 4 +---
- include/exec/helper-head.h  |  2 ++
+file changed, 1 insertion(+), 3 deletions(-)
  include/exec/helper-proto.h |  6 ++++++
  include/exec/helper-tcg.h   |  7 +++++++
 files changed, 28 insertions(+)
-diff --git a/include/exec/helper-gen.h b/include/exec/helper-gen.h
+diff --git a/linux-user/host/loongarch64/host-signal.h b/linux-user/host/loongarch64/host-signal.h
 index XXXXXXX..XXXXXXX 100644
---- a/include/exec/helper-gen.h
+--- a/linux-user/host/loongarch64/host-signal.h
-+++ b/include/exec/helper-gen.h
++++ b/linux-user/host/loongarch64/host-signal.h
-@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
+@@ -XXX,XX +XXX,XX @@ static inline bool host_signal_write(siginfo_t *info, ucontext_t *uc)
-   tcg_gen_callN(HELPER(name), dh_retvar(ret), 6, args);                 \
+         }
- }
+         break;
+     case 0b001110: /* indexed, atomic, bounds-checking memory operations */
-+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7)\
+-        uint32_t sel = (insn >> 15) & 0b11111111111;
-+static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
+-
-+    dh_arg_decl(t1, 1),  dh_arg_decl(t2, 2), dh_arg_decl(t3, 3),        \
+-        switch (sel) {
-+    dh_arg_decl(t4, 4), dh_arg_decl(t5, 5), dh_arg_decl(t6, 6),         \
++        switch ((insn >> 15) & 0b11111111111) {
-+    dh_arg_decl(t7, 7))                                                 \
+         case 0b00000100000: /* stx.b */
-+{                                                                       \
+         case 0b00000101000: /* stx.h */
-+  TCGTemp *args[7] = { dh_arg(t1, 1), dh_arg(t2, 2), dh_arg(t3, 3),     \
+         case 0b00000110000: /* stx.w */
 +                     dh_arg(t4, 4), dh_arg(t5, 5), dh_arg(t6, 6),       \
 +                     dh_arg(t7, 7) };                                   \
 +  tcg_gen_callN(HELPER(name), dh_retvar(ret), 7, args);                 \
 +}
 +
  #include "helper.h"
  #include "trace/generated-helpers.h"
  #include "trace/generated-helpers-wrappers.h"
@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
  #undef DEF_HELPER_FLAGS_4
  #undef DEF_HELPER_FLAGS_5
  #undef DEF_HELPER_FLAGS_6
 +#undef DEF_HELPER_FLAGS_7
  #undef GEN_HELPER
  #endif /* HELPER_GEN_H */
 diff --git a/include/exec/helper-head.h b/include/exec/helper-head.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/exec/helper-head.h
 +++ b/include/exec/helper-head.h
@@ -XXX,XX +XXX,XX @@
      DEF_HELPER_FLAGS_5(name, 0, ret, t1, t2, t3, t4, t5)
  #define DEF_HELPER_6(name, ret, t1, t2, t3, t4, t5, t6) \
      DEF_HELPER_FLAGS_6(name, 0, ret, t1, t2, t3, t4, t5, t6)
 +#define DEF_HELPER_7(name, ret, t1, t2, t3, t4, t5, t6, t7) \
 +    DEF_HELPER_FLAGS_7(name, 0, ret, t1, t2, t3, t4, t5, t6, t7)
  /* MAX_OPC_PARAM_IARGS must be set to n if last entry is DEF_HELPER_FLAGS_n. */
 diff --git a/include/exec/helper-proto.h b/include/exec/helper-proto.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/exec/helper-proto.h
 +++ b/include/exec/helper-proto.h
@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
  dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
                              dh_ctype(t4), dh_ctype(t5), dh_ctype(t6));
 +#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7) \
 +dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
 +                            dh_ctype(t4), dh_ctype(t5), dh_ctype(t6), \
 +                            dh_ctype(t7));
 +
  #include "helper.h"
  #include "trace/generated-helpers.h"
  #include "tcg-runtime.h"
@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
  #undef DEF_HELPER_FLAGS_4
  #undef DEF_HELPER_FLAGS_5
  #undef DEF_HELPER_FLAGS_6
 +#undef DEF_HELPER_FLAGS_7
  #endif /* HELPER_PROTO_H */
 diff --git a/include/exec/helper-tcg.h b/include/exec/helper-tcg.h
 index XXXXXXX..XXXXXXX 100644
 --- a/include/exec/helper-tcg.h
 +++ b/include/exec/helper-tcg.h
@@ -XXX,XX +XXX,XX @@
      | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
      | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) },
 +#define DEF_HELPER_FLAGS_7(NAME, FLAGS, ret, t1, t2, t3, t4, t5, t6, t7) \
 +  { .func = HELPER(NAME), .name = str(NAME), .flags = FLAGS, \
 +    .sizemask = dh_sizemask(ret, 0) | dh_sizemask(t1, 1) \
 +    | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
 +    | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) | dh_sizemask(t7, 7) },
 +
  #include "helper.h"
  #include "trace/generated-helpers.h"
  #include "tcg-runtime.h"
@@ -XXX,XX +XXX,XX @@
  #undef DEF_HELPER_FLAGS_4
  #undef DEF_HELPER_FLAGS_5
  #undef DEF_HELPER_FLAGS_6
 +#undef DEF_HELPER_FLAGS_7
  #endif /* HELPER_TCG_H */
 --
-.20.1
+.25.1

-[PULL 1/3] exec: flush CPU TB cache in breakpoint_invalidate
+[PULL 3/4] sysemu: Cleanup qemu_run_machine_init_done_notifiers()
-From: Max Filippov <jcmvbkbc@gmail.com>
+From: Xiaoyao Li <xiaoyao.li@intel.com>
-When a breakpoint is inserted at location for which there's currently no
+Remove qemu_run_machine_init_done_notifiers() since no implementation
-virtual to physical translation no action is taken on CPU TB cache. If a
+and user.
 TB for that virtual address already exists but is not visible ATM the
 breakpoint won't be hit next time an instruction at that address will be
 executed.
-Flush entire CPU TB cache in breakpoint_invalidate to force
+Fixes: f66dc8737c9 ("vl: move all generic initialization out of vl.c")
-re-translation of all TBs for the breakpoint address.
+Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
+Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
-This change fixes the following scenario:
+Message-Id: <20220104024136.1433545-1-xiaoyao.li@intel.com>
 - linux user application is running
 - a breakpoint is inserted from QEMU gdbstub for a user address that is
   not currently present in the target CPU TLB
 - an instruction at that address is executed, but the external debugger
   doesn't get control.
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
 Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
 Message-Id: <20191127220602.10827-2-jcmvbkbc@gmail.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- exec.c | 15 +++++++--------
+ include/sysemu/sysemu.h | 1 -
-file changed, 7 insertions(+), 8 deletions(-)
+file changed, 1 deletion(-)
-diff --git a/exec.c b/exec.c
+diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
 index XXXXXXX..XXXXXXX 100644
---- a/exec.c
+--- a/include/sysemu/sysemu.h
-+++ b/exec.c
++++ b/include/sysemu/sysemu.h
-@@ -XXX,XX +XXX,XX @@ void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
+@@ -XXX,XX +XXX,XX @@ extern bool qemu_uuid_set;
+ void qemu_add_exit_notifier(Notifier *notify);
- static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
+ void qemu_remove_exit_notifier(Notifier *notify);
- {
--    MemTxAttrs attrs;
+-void qemu_run_machine_init_done_notifiers(void);
--    hwaddr phys = cpu_get_phys_page_attrs_debug(cpu, pc, &attrs);
+ void qemu_add_machine_init_done_notifier(Notifier *notify);
--    int asidx = cpu_asidx_from_attrs(cpu, attrs);
+ void qemu_remove_machine_init_done_notifier(Notifier *notify);
 -    if (phys != -1) {
 -        /* Locks grabbed by tb_invalidate_phys_addr */
 -        tb_invalidate_phys_addr(cpu->cpu_ases[asidx].as,
 -                                phys | (pc & ~TARGET_PAGE_MASK), attrs);
 -    }
 +    /*
 +     * There may not be a virtual to physical translation for the pc
 +     * right now, but there may exist cached TB for this pc.
 +     * Flush the whole TB cache to force re-translation of such TBs.
 +     * This is heavyweight, but we're debugging anyway.
 +     */
 +    tb_flush(cpu);
  }
  #endif
 --
-.20.1
+.25.1

-New patch
+[PULL 4/4] common-user: Fix tail calls to safe_syscall_set_errno_tail
+For the ABIs in which the syscall return register is not
+also the first function argument register, move the errno
+value into the correct place.
+Fixes: a3310c0397e2 ("linux-user: Move syscall error detection into safe_syscall_base")
+Reported-by: Laurent Vivier <laurent@vivier.eu>
+Tested-by: Laurent Vivier <laurent@vivier.eu>
+Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
+Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
+Message-Id: <20220104190454.542225-1-richard.henderson@linaro.org>
+---
+ common-user/host/i386/safe-syscall.inc.S   | 1 +
+ common-user/host/mips/safe-syscall.inc.S   | 1 +
+ common-user/host/x86_64/safe-syscall.inc.S | 1 +
+files changed, 3 insertions(+)
+diff --git a/common-user/host/i386/safe-syscall.inc.S b/common-user/host/i386/safe-syscall.inc.S
+index XXXXXXX..XXXXXXX 100644
+--- a/common-user/host/i386/safe-syscall.inc.S
++++ b/common-user/host/i386/safe-syscall.inc.S
+@@ -XXX,XX +XXX,XX @@ safe_syscall_end:
+         pop     %ebp
+         .cfi_adjust_cfa_offset -4
+         .cfi_restore ebp
++        mov     %eax, (%esp)
+         jmp     safe_syscall_set_errno_tail
+         .cfi_endproc
+diff --git a/common-user/host/mips/safe-syscall.inc.S b/common-user/host/mips/safe-syscall.inc.S
+index XXXXXXX..XXXXXXX 100644
+--- a/common-user/host/mips/safe-syscall.inc.S
++++ b/common-user/host/mips/safe-syscall.inc.S
+@@ -XXX,XX +XXX,XX @@ safe_syscall_end:
+:      USE_ALT_CP(t0)
+         SETUP_GPX(t1)
+         SETUP_GPX64(t0, t1)
++        move    a0, v0
+         PTR_LA  t9, safe_syscall_set_errno_tail
+         jr      t9
+diff --git a/common-user/host/x86_64/safe-syscall.inc.S b/common-user/host/x86_64/safe-syscall.inc.S
+index XXXXXXX..XXXXXXX 100644
+--- a/common-user/host/x86_64/safe-syscall.inc.S
++++ b/common-user/host/x86_64/safe-syscall.inc.S
+@@ -XXX,XX +XXX,XX @@ safe_syscall_end:
+:      pop     %rbp
+         .cfi_def_cfa_offset 8
+         .cfi_restore rbp
++        mov     %eax, %edi
+         jmp     safe_syscall_set_errno_tail
+         .cfi_endproc
+--
+.25.1

The following changes since commit e18e5501d8ac692d32657a3e1ef545b14e72b730:

Merge remote-tracking branch 'remotes/dgilbert-gitlab/tags/pull-virtiofs-20200210' into staging (2020-02-10 18:09:14 +0000)

are available in the Git repository at:

https://github.com/rth7680/qemu.git tags/pull-tcg-20200212

for you to fetch changes up to 2445971604c1cfd3ec484457159f4ac300fb04d2:

tcg: Add tcg_gen_gvec_5_ptr (2020-02-12 14:58:36 -0800)

----------------------------------------------------------------
Fix breakpoint invalidation.
Add support for tcg helpers with 7 arguments.
Add support for gvec helpers with 5 arguments.

----------------------------------------------------------------
Max Filippov (1):
      exec: flush CPU TB cache in breakpoint_invalidate

Richard Henderson (1):
      tcg: Add tcg_gen_gvec_5_ptr

Taylor Simpson (1):
      tcg: Add support for a helper with 7 arguments

From: Max Filippov <jcmvbkbc@gmail.com>

When a breakpoint is inserted at location for which there's currently no
virtual to physical translation no action is taken on CPU TB cache. If a
TB for that virtual address already exists but is not visible ATM the
breakpoint won't be hit next time an instruction at that address will be
executed.

Flush entire CPU TB cache in breakpoint_invalidate to force
re-translation of all TBs for the breakpoint address.

This change fixes the following scenario:
- linux user application is running
- a breakpoint is inserted from QEMU gdbstub for a user address that is
  not currently present in the target CPU TLB
- an instruction at that address is executed, but the external debugger
  doesn't get control.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Message-Id: <20191127220602.10827-2-jcmvbkbc@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 exec.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/exec.c b/exec.c
index XXXXXXX..XXXXXXX 100644
--- a/exec.c
+++ b/exec.c
@@ -XXX,XX +XXX,XX @@ void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
 
 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
 {
-    MemTxAttrs attrs;
-    hwaddr phys = cpu_get_phys_page_attrs_debug(cpu, pc, &attrs);
-    int asidx = cpu_asidx_from_attrs(cpu, attrs);
-    if (phys != -1) {
-        /* Locks grabbed by tb_invalidate_phys_addr */
-        tb_invalidate_phys_addr(cpu->cpu_ases[asidx].as,
-                                phys | (pc & ~TARGET_PAGE_MASK), attrs);
-    }
+    /*
+     * There may not be a virtual to physical translation for the pc
+     * right now, but there may exist cached TB for this pc.
+     * Flush the whole TB cache to force re-translation of such TBs.
+     * This is heavyweight, but we're debugging anyway.
+     */
+    tb_flush(cpu);
 }
 #endif
 
-- 
2.20.1

From: Taylor Simpson <tsimpson@quicinc.com>

Currently, helpers can only take up to 6 arguments.  This patch adds the
capability for up to 7 arguments.  I have tested it with the Hexagon port
that I am preparing for submission.

Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Message-Id: <1580942510-2820-1-git-send-email-tsimpson@quicinc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/helper-gen.h   | 13 +++++++++++++
 include/exec/helper-head.h  |  2 ++
 include/exec/helper-proto.h |  6 ++++++
 include/exec/helper-tcg.h   |  7 +++++++
 4 files changed, 28 insertions(+)

diff --git a/include/exec/helper-gen.h b/include/exec/helper-gen.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-gen.h
+++ b/include/exec/helper-gen.h
@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
   tcg_gen_callN(HELPER(name), dh_retvar(ret), 6, args);                 \
 }
 
+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7)\
+static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
+    dh_arg_decl(t1, 1),  dh_arg_decl(t2, 2), dh_arg_decl(t3, 3),        \
+    dh_arg_decl(t4, 4), dh_arg_decl(t5, 5), dh_arg_decl(t6, 6),         \
+    dh_arg_decl(t7, 7))                                                 \
+{                                                                       \
+  TCGTemp *args[7] = { dh_arg(t1, 1), dh_arg(t2, 2), dh_arg(t3, 3),     \
+                     dh_arg(t4, 4), dh_arg(t5, 5), dh_arg(t6, 6),       \
+                     dh_arg(t7, 7) };                                   \
+  tcg_gen_callN(HELPER(name), dh_retvar(ret), 7, args);                 \
+}
+
 #include "helper.h"
 #include "trace/generated-helpers.h"
 #include "trace/generated-helpers-wrappers.h"
@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
 #undef DEF_HELPER_FLAGS_4
 #undef DEF_HELPER_FLAGS_5
 #undef DEF_HELPER_FLAGS_6
+#undef DEF_HELPER_FLAGS_7
 #undef GEN_HELPER
 
 #endif /* HELPER_GEN_H */
diff --git a/include/exec/helper-head.h b/include/exec/helper-head.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-head.h
+++ b/include/exec/helper-head.h
@@ -XXX,XX +XXX,XX @@
     DEF_HELPER_FLAGS_5(name, 0, ret, t1, t2, t3, t4, t5)
 #define DEF_HELPER_6(name, ret, t1, t2, t3, t4, t5, t6) \
     DEF_HELPER_FLAGS_6(name, 0, ret, t1, t2, t3, t4, t5, t6)
+#define DEF_HELPER_7(name, ret, t1, t2, t3, t4, t5, t6, t7) \
+    DEF_HELPER_FLAGS_7(name, 0, ret, t1, t2, t3, t4, t5, t6, t7)
 
 /* MAX_OPC_PARAM_IARGS must be set to n if last entry is DEF_HELPER_FLAGS_n. */
 
diff --git a/include/exec/helper-proto.h b/include/exec/helper-proto.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-proto.h
+++ b/include/exec/helper-proto.h
@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
 dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
                             dh_ctype(t4), dh_ctype(t5), dh_ctype(t6));
 
+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7) \
+dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
+                            dh_ctype(t4), dh_ctype(t5), dh_ctype(t6), \
+                            dh_ctype(t7));
+
 #include "helper.h"
 #include "trace/generated-helpers.h"
 #include "tcg-runtime.h"
@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
 #undef DEF_HELPER_FLAGS_4
 #undef DEF_HELPER_FLAGS_5
 #undef DEF_HELPER_FLAGS_6
+#undef DEF_HELPER_FLAGS_7
 
 #endif /* HELPER_PROTO_H */
diff --git a/include/exec/helper-tcg.h b/include/exec/helper-tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-tcg.h
+++ b/include/exec/helper-tcg.h
@@ -XXX,XX +XXX,XX @@
     | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
     | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) },
 
+#define DEF_HELPER_FLAGS_7(NAME, FLAGS, ret, t1, t2, t3, t4, t5, t6, t7) \
+  { .func = HELPER(NAME), .name = str(NAME), .flags = FLAGS, \
+    .sizemask = dh_sizemask(ret, 0) | dh_sizemask(t1, 1) \
+    | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
+    | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) | dh_sizemask(t7, 7) },
+
 #include "helper.h"
 #include "trace/generated-helpers.h"
 #include "tcg-runtime.h"
@@ -XXX,XX +XXX,XX @@
 #undef DEF_HELPER_FLAGS_4
 #undef DEF_HELPER_FLAGS_5
 #undef DEF_HELPER_FLAGS_6
+#undef DEF_HELPER_FLAGS_7
 
 #endif /* HELPER_TCG_H */
-- 
2.20.1

Extend the vector generator infrastructure to handle
5 vector arguments.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg-op-gvec.h |  7 +++++++
 tcg/tcg-op-gvec.c         | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/include/tcg/tcg-op-gvec.h b/include/tcg/tcg-op-gvec.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg-op-gvec.h
+++ b/include/tcg/tcg-op-gvec.h
@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
                         uint32_t maxsz, int32_t data,
                         gen_helper_gvec_4_ptr *fn);
 
+typedef void gen_helper_gvec_5_ptr(TCGv_ptr, TCGv_ptr, TCGv_ptr, TCGv_ptr,
+                                   TCGv_ptr, TCGv_ptr, TCGv_i32);
+void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
+                        uint32_t oprsz, uint32_t maxsz, int32_t data,
+                        gen_helper_gvec_5_ptr *fn);
+
 /* Expand a gvec operation.  Either inline or out-of-line depending on
    the actual vector size and the operations supported by the host.  */
 typedef struct {
diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg-op-gvec.c
+++ b/tcg/tcg-op-gvec.c
@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
     tcg_temp_free_i32(desc);
 }
 
+/* Generate a call to a gvec-style helper with five vector operands
+   and an extra pointer operand.  */
+void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
+                        uint32_t oprsz, uint32_t maxsz, int32_t data,
+                        gen_helper_gvec_5_ptr *fn)
+{
+    TCGv_ptr a0, a1, a2, a3, a4;
+    TCGv_i32 desc = tcg_const_i32(simd_desc(oprsz, maxsz, data));
+
+    a0 = tcg_temp_new_ptr();
+    a1 = tcg_temp_new_ptr();
+    a2 = tcg_temp_new_ptr();
+    a3 = tcg_temp_new_ptr();
+    a4 = tcg_temp_new_ptr();
+
+    tcg_gen_addi_ptr(a0, cpu_env, dofs);
+    tcg_gen_addi_ptr(a1, cpu_env, aofs);
+    tcg_gen_addi_ptr(a2, cpu_env, bofs);
+    tcg_gen_addi_ptr(a3, cpu_env, cofs);
+    tcg_gen_addi_ptr(a4, cpu_env, eofs);
+
+    fn(a0, a1, a2, a3, a4, ptr, desc);
+
+    tcg_temp_free_ptr(a0);
+    tcg_temp_free_ptr(a1);
+    tcg_temp_free_ptr(a2);
+    tcg_temp_free_ptr(a3);
+    tcg_temp_free_ptr(a4);
+    tcg_temp_free_i32(desc);
+}
+
 /* Return true if we want to implement something of OPRSZ bytes
    in units of LNSZ.  This limits the expansion of inline code.  */
 static inline bool check_size_impl(uint32_t oprsz, uint32_t lnsz)
-- 
2.20.1

The following changes since commit 67e41fe0cfb62e6cdfa659f0155417d17e5274ea:

Merge tag 'pull-ppc-20220104' of https://github.com/legoater/qemu into staging (2022-01-04 07:23:27 -0800)

are available in the Git repository at:

https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20220104

for you to fetch changes up to d7478d4229f0a2b2817a55487e6b17081099fae4:

common-user: Fix tail calls to safe_syscall_set_errno_tail (2022-01-04 15:41:03 -0800)

----------------------------------------------------------------
Fix for safe_syscall_base.
Fix for folding of vector add/sub.
Fix build on loongarch64 with gcc 8.
Remove decl for qemu_run_machine_init_done_notifiers.

----------------------------------------------------------------
Philippe Mathieu-Daudé (1):
      linux-user: Fix trivial build error on loongarch64 hosts

Richard Henderson (2):
      tcg/optimize: Fix folding of vector ops
      common-user: Fix tail calls to safe_syscall_set_errno_tail

Xiaoyao Li (1):
      sysemu: Cleanup qemu_run_machine_init_done_notifiers()

include/sysemu/sysemu.h                    |  1 -
 linux-user/host/loongarch64/host-signal.h  |  4 +--
 tcg/optimize.c                             | 49 +++++++++++++++++++++++-------
 common-user/host/i386/safe-syscall.inc.S   |  1 +
 common-user/host/mips/safe-syscall.inc.S   |  1 +
 common-user/host/x86_64/safe-syscall.inc.S |  1 +
 6 files changed, 42 insertions(+), 15 deletions(-)

Bitwise operations are easy to fold, because the operation is
identical regardless of element size.  But add and sub need
extra element size info that is not currently propagated.

Fixes: 2f9f08ba43d
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/799
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/optimize.c | 49 ++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 38 insertions(+), 11 deletions(-)

diff --git a/tcg/optimize.c b/tcg/optimize.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -XXX,XX +XXX,XX @@ static uint64_t do_constant_folding_2(TCGOpcode op, uint64_t x, uint64_t y)
     CASE_OP_32_64(mul):
         return x * y;
 
-    CASE_OP_32_64(and):
+    CASE_OP_32_64_VEC(and):
         return x & y;
 
-    CASE_OP_32_64(or):
+    CASE_OP_32_64_VEC(or):
         return x | y;
 
-    CASE_OP_32_64(xor):
+    CASE_OP_32_64_VEC(xor):
         return x ^ y;
 
     case INDEX_op_shl_i32:
@@ -XXX,XX +XXX,XX @@ static uint64_t do_constant_folding_2(TCGOpcode op, uint64_t x, uint64_t y)
     case INDEX_op_rotl_i64:
         return rol64(x, y & 63);
 
-    CASE_OP_32_64(not):
+    CASE_OP_32_64_VEC(not):
         return ~x;
 
     CASE_OP_32_64(neg):
         return -x;
 
-    CASE_OP_32_64(andc):
+    CASE_OP_32_64_VEC(andc):
         return x & ~y;
 
-    CASE_OP_32_64(orc):
+    CASE_OP_32_64_VEC(orc):
         return x | ~y;
 
     CASE_OP_32_64(eqv):
@@ -XXX,XX +XXX,XX @@ static bool fold_const2(OptContext *ctx, TCGOp *op)
     return false;
 }
 
+static bool fold_commutative(OptContext *ctx, TCGOp *op)
+{
+    swap_commutative(op->args[0], &op->args[1], &op->args[2]);
+    return false;
+}
+
 static bool fold_const2_commutative(OptContext *ctx, TCGOp *op)
 {
     swap_commutative(op->args[0], &op->args[1], &op->args[2]);
@@ -XXX,XX +XXX,XX @@ static bool fold_add(OptContext *ctx, TCGOp *op)
     return false;
 }
 
+/* We cannot as yet do_constant_folding with vectors. */
+static bool fold_add_vec(OptContext *ctx, TCGOp *op)
+{
+    if (fold_commutative(ctx, op) ||
+        fold_xi_to_x(ctx, op, 0)) {
+        return true;
+    }
+    return false;
+}
+
 static bool fold_addsub2(OptContext *ctx, TCGOp *op, bool add)
 {
     if (arg_is_const(op->args[2]) && arg_is_const(op->args[3]) &&
@@ -XXX,XX +XXX,XX @@ static bool fold_sub_to_neg(OptContext *ctx, TCGOp *op)
     return false;
 }
 
-static bool fold_sub(OptContext *ctx, TCGOp *op)
+/* We cannot as yet do_constant_folding with vectors. */
+static bool fold_sub_vec(OptContext *ctx, TCGOp *op)
 {
-    if (fold_const2(ctx, op) ||
-        fold_xx_to_i(ctx, op, 0) ||
+    if (fold_xx_to_i(ctx, op, 0) ||
         fold_xi_to_x(ctx, op, 0) ||
         fold_sub_to_neg(ctx, op)) {
         return true;
@@ -XXX,XX +XXX,XX @@ static bool fold_sub(OptContext *ctx, TCGOp *op)
     return false;
 }
 
+static bool fold_sub(OptContext *ctx, TCGOp *op)
+{
+    return fold_const2(ctx, op) || fold_sub_vec(ctx, op);
+}
+
 static bool fold_sub2(OptContext *ctx, TCGOp *op)
 {
     return fold_addsub2(ctx, op, false);
@@ -XXX,XX +XXX,XX @@ void tcg_optimize(TCGContext *s)
          * Sorted alphabetically by opcode as much as possible.
          */
         switch (opc) {
-        CASE_OP_32_64_VEC(add):
+        CASE_OP_32_64(add):
             done = fold_add(&ctx, op);
             break;
+        case INDEX_op_add_vec:
+            done = fold_add_vec(&ctx, op);
+            break;
         CASE_OP_32_64(add2):
             done = fold_add2(&ctx, op);
             break;
@@ -XXX,XX +XXX,XX @@ void tcg_optimize(TCGContext *s)
         CASE_OP_32_64(sextract):
             done = fold_sextract(&ctx, op);
             break;
-        CASE_OP_32_64_VEC(sub):
+        CASE_OP_32_64(sub):
             done = fold_sub(&ctx, op);
             break;
+        case INDEX_op_sub_vec:
+            done = fold_sub_vec(&ctx, op);
+            break;
         CASE_OP_32_64(sub2):
             done = fold_sub2(&ctx, op);
             break;
-- 
2.25.1

From: Philippe Mathieu-Daudé <f4bug@amsat.org>

When building using GCC 8.3.0 on loongarch64 (Loongnix) we get:

In file included from ../linux-user/signal.c:33:
  ../linux-user/host/loongarch64/host-signal.h: In function ‘host_signal_write’:
  ../linux-user/host/loongarch64/host-signal.h:57:9: error: a label can only be part of a statement and a declaration is not a statement
         uint32_t sel = (insn >> 15) & 0b11111111111;
         ^~~~~~~~

We don't use the 'sel' variable more than once, so drop it.

Meson output for the record:

Host machine cpu family: loongarch64
  Host machine cpu: loongarch64
  C compiler for the host machine: cc (gcc 8.3.0 "cc (Loongnix 8.3.0-6.lnd.vec.27) 8.3.0")
  C linker for the host machine: cc ld.bfd 2.31.1-system

Fixes: ad812c3bd65 ("linux-user: Implement CPU-specific signal handler for loongarch64 hosts")
Reported-by: Song Gao <gaosong@loongson.cn>
Suggested-by: Song Gao <gaosong@loongson.cn>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: WANG Xuerui <git@xen0n.name>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220104215027.2180972-1-f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/host/loongarch64/host-signal.h | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/linux-user/host/loongarch64/host-signal.h b/linux-user/host/loongarch64/host-signal.h
index XXXXXXX..XXXXXXX 100644
--- a/linux-user/host/loongarch64/host-signal.h
+++ b/linux-user/host/loongarch64/host-signal.h
@@ -XXX,XX +XXX,XX @@ static inline bool host_signal_write(siginfo_t *info, ucontext_t *uc)
         }
         break;
     case 0b001110: /* indexed, atomic, bounds-checking memory operations */
-        uint32_t sel = (insn >> 15) & 0b11111111111;
-
-        switch (sel) {
+        switch ((insn >> 15) & 0b11111111111) {
         case 0b00000100000: /* stx.b */
         case 0b00000101000: /* stx.h */
         case 0b00000110000: /* stx.w */
-- 
2.25.1

For the ABIs in which the syscall return register is not
also the first function argument register, move the errno
value into the correct place.

Fixes: a3310c0397e2 ("linux-user: Move syscall error detection into safe_syscall_base")
Reported-by: Laurent Vivier <laurent@vivier.eu>
Tested-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220104190454.542225-1-richard.henderson@linaro.org>
---
 common-user/host/i386/safe-syscall.inc.S   | 1 +
 common-user/host/mips/safe-syscall.inc.S   | 1 +
 common-user/host/x86_64/safe-syscall.inc.S | 1 +
 3 files changed, 3 insertions(+)

diff --git a/common-user/host/i386/safe-syscall.inc.S b/common-user/host/i386/safe-syscall.inc.S
index XXXXXXX..XXXXXXX 100644
--- a/common-user/host/i386/safe-syscall.inc.S
+++ b/common-user/host/i386/safe-syscall.inc.S
@@ -XXX,XX +XXX,XX @@ safe_syscall_end:
         pop     %ebp
         .cfi_adjust_cfa_offset -4
         .cfi_restore ebp
+        mov     %eax, (%esp)
         jmp     safe_syscall_set_errno_tail
 
         .cfi_endproc
diff --git a/common-user/host/mips/safe-syscall.inc.S b/common-user/host/mips/safe-syscall.inc.S
index XXXXXXX..XXXXXXX 100644
--- a/common-user/host/mips/safe-syscall.inc.S
+++ b/common-user/host/mips/safe-syscall.inc.S
@@ -XXX,XX +XXX,XX @@ safe_syscall_end:
 1:      USE_ALT_CP(t0)
         SETUP_GPX(t1)
         SETUP_GPX64(t0, t1)
+        move    a0, v0
         PTR_LA  t9, safe_syscall_set_errno_tail
         jr      t9
 
diff --git a/common-user/host/x86_64/safe-syscall.inc.S b/common-user/host/x86_64/safe-syscall.inc.S
index XXXXXXX..XXXXXXX 100644
--- a/common-user/host/x86_64/safe-syscall.inc.S
+++ b/common-user/host/x86_64/safe-syscall.inc.S
@@ -XXX,XX +XXX,XX @@ safe_syscall_end:
 1:      pop     %rbp
         .cfi_def_cfa_offset 8
         .cfi_restore rbp
+        mov     %eax, %edi
         jmp     safe_syscall_set_errno_tail
         .cfi_endproc
 
-- 
2.25.1