Series comparison

-[PULL 00/11] tcg patch queue
+[PULL v2 0/8] tcg patch queue
-The following changes since commit 6eeea6725a70e6fcb5abba0764496bdab07ddfb3:
+The following changes since commit 79b677d658d3d35e1e776826ac4abb28cdce69b8:
-  Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-10-06' into staging (2020-10-06 21:13:34 +0100)
+  Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging (2023-02-21 11:28:31 +0000)
 are available in the Git repository at:
-  https://github.com/rth7680/qemu.git tags/pull-tcg-20201008
+  https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20230221
-for you to fetch changes up to 62475e9d007d83db4d0a6ccebcda8914f392e9c9:
+for you to fetch changes up to dbd672c87f19949bb62bfb1fb3a97b9729fd7560:
-  accel/tcg: Fix computing of is_write for MIPS (2020-10-08 05:57:32 -0500)
+  sysemu/os-win32: fix setjmp/longjmp on windows-arm64 (2023-02-21 13:45:48 -1000)
 ----------------------------------------------------------------
-Extend maximum gvec vector size
+tcg: Allow first half of insn in ram, and second half in mmio
-Fix i386 avx2 dupi
+linux-user/sparc: SIGILL for unknown trap vectors
-Fix mips host user-only write detection
+linux-user/microblaze: SIGILL for privileged insns
-Misc cleanups.
+linux-user: Fix deadlock while exiting due to signal
 target/microblaze: Add gdbstub xml
 util: Adjust cacheflush for windows-arm64
 include/sysemu/os-win32: Adjust setjmp/longjmp for windows-arm64
 ----------------------------------------------------------------
-Kele Huang (1):
+Ilya Leoshkevich (3):
-      accel/tcg: Fix computing of is_write for MIPS
+      linux-user: Always exit from exclusive state in fork_end()
       cpus: Make {start,end}_exclusive() recursive
       linux-user/microblaze: Handle privileged exception
-Richard Henderson (10):
+Pierrick Bouvier (2):
-      tcg: Adjust simd_desc size encoding
+      util/cacheflush: fix cache on windows-arm64
-      tcg: Drop union from TCGArgConstraint
+      sysemu/os-win32: fix setjmp/longjmp on windows-arm64
       tcg: Move sorted_args into TCGArgConstraint.sort_index
       tcg: Remove TCG_CT_REG
       tcg: Move some TCG_CT_* bits to TCGArgConstraint bitfields
       tcg: Remove TCGOpDef.used
       tcg/i386: Fix dupi for avx2 32-bit hosts
       tcg: Fix generation of dupi_vec for 32-bit host
       tcg/optimize: Fold dup2_vec
       tcg: Remove TCG_TARGET_HAS_cmp_vec
- include/tcg/tcg-gvec-desc.h  | 38 ++++++++++++------
+Richard Henderson (3):
- include/tcg/tcg.h            | 22 ++++------
+      accel/tcg: Allow the second page of an instruction to be MMIO
- tcg/aarch64/tcg-target.h     |  1 -
+      linux-user/sparc: Raise SIGILL for all unhandled software traps
- tcg/i386/tcg-target.h        |  1 -
+      target/microblaze: Add gdbstub xml
  tcg/ppc/tcg-target.h         |  1 -
  accel/tcg/user-exec.c        | 43 ++++++++++++++++++--
  tcg/optimize.c               | 15 +++++++
  tcg/tcg-op-gvec.c            | 35 ++++++++++++----
  tcg/tcg-op-vec.c             | 12 ++++--
  tcg/tcg.c                    | 96 +++++++++++++++++++-------------------------
  tcg/aarch64/tcg-target.c.inc | 17 ++++----
  tcg/arm/tcg-target.c.inc     | 29 ++++++-------
  tcg/i386/tcg-target.c.inc    | 39 +++++++-----------
  tcg/mips/tcg-target.c.inc    | 21 +++++-----
  tcg/ppc/tcg-target.c.inc     | 29 ++++++-------
  tcg/riscv/tcg-target.c.inc   | 16 ++++----
  tcg/s390/tcg-target.c.inc    | 22 +++++-----
  tcg/sparc/tcg-target.c.inc   | 21 ++++------
  tcg/tci/tcg-target.c.inc     |  3 +-
 files changed, 244 insertions(+), 217 deletions(-)
+ include/hw/core/cpu.h                       |  4 +-
+ include/sysemu/os-win32.h                   | 28 ++++++++++--
+ target/microblaze/cpu.h                     |  2 +
+ accel/tcg/translator.c                      | 12 +++++-
+ cpus-common.c                               | 12 +++++-
+ linux-user/main.c                           | 10 +++--
+ linux-user/microblaze/cpu_loop.c            | 10 ++++-
+ linux-user/sparc/cpu_loop.c                 |  8 ++++
+ linux-user/syscall.c                        |  1 +
+ target/microblaze/cpu.c                     |  7 ++-
+ target/microblaze/gdbstub.c                 | 51 ++++++++++++++++------
+ util/cacheflush.c                           | 14 ++++--
+ configs/targets/microblaze-linux-user.mak   |  1 +
+ configs/targets/microblaze-softmmu.mak      |  1 +
+ configs/targets/microblazeel-linux-user.mak |  1 +
+ configs/targets/microblazeel-softmmu.mak    |  1 +
+ gdb-xml/microblaze-core.xml                 | 67 +++++++++++++++++++++++++++++
+ gdb-xml/microblaze-stack-protect.xml        | 12 ++++++
+ meson.build                                 | 21 +++++++++
+files changed, 229 insertions(+), 34 deletions(-)
+ create mode 100644 gdb-xml/microblaze-core.xml
+ create mode 100644 gdb-xml/microblaze-stack-protect.xml

-[PULL 10/11] tcg: Remove TCG_TARGET_HAS_cmp_vec
+[PULL v2 1/8] accel/tcg: Allow the second page of an instruction to be MMIO
-The cmp_vec opcode is mandatory; this symbol is unused.
+If an instruction straddles a page boundary, and the first page
 was ram, but the second page was MMIO, we would abort.  Handle
 this as if both pages are MMIO, by setting the ram_addr_t for
 the first page to -1.
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
+Reported-by: Sid Manning <sidneym@quicinc.com>
 Reported-by: Jørgen Hansen <Jorgen.Hansen@wdc.com>
 Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- tcg/aarch64/tcg-target.h | 1 -
+ accel/tcg/translator.c | 12 ++++++++++--
- tcg/i386/tcg-target.h    | 1 -
+file changed, 10 insertions(+), 2 deletions(-)
  tcg/ppc/tcg-target.h     | 1 -
 files changed, 3 deletions(-)
-diff --git a/tcg/aarch64/tcg-target.h b/tcg/aarch64/tcg-target.h
+diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/aarch64/tcg-target.h
+--- a/accel/tcg/translator.c
-+++ b/tcg/aarch64/tcg-target.h
++++ b/accel/tcg/translator.c
-@@ -XXX,XX +XXX,XX @@ typedef enum {
+@@ -XXX,XX +XXX,XX @@ static void *translator_access(CPUArchState *env, DisasContextBase *db,
- #define TCG_TARGET_HAS_shi_vec          1
+         if (host == NULL) {
- #define TCG_TARGET_HAS_shs_vec          0
+             tb_page_addr_t phys_page =
- #define TCG_TARGET_HAS_shv_vec          1
+                 get_page_addr_code_hostp(env, base, &db->host_addr[1]);
--#define TCG_TARGET_HAS_cmp_vec          1
+-            /* We cannot handle MMIO as second page. */
- #define TCG_TARGET_HAS_mul_vec          1
+-            assert(phys_page != -1);
- #define TCG_TARGET_HAS_sat_vec          1
++
- #define TCG_TARGET_HAS_minmax_vec       1
++            /*
-diff --git a/tcg/i386/tcg-target.h b/tcg/i386/tcg-target.h
++             * If the second page is MMIO, treat as if the first page
-index XXXXXXX..XXXXXXX 100644
++             * was MMIO as well, so that we do not cache the TB.
---- a/tcg/i386/tcg-target.h
++             */
-+++ b/tcg/i386/tcg-target.h
++            if (unlikely(phys_page == -1)) {
-@@ -XXX,XX +XXX,XX @@ extern bool have_avx2;
++                tb_set_page_addr0(tb, -1);
- #define TCG_TARGET_HAS_shi_vec          1
++                return NULL;
- #define TCG_TARGET_HAS_shs_vec          1
++            }
- #define TCG_TARGET_HAS_shv_vec          have_avx2
++
--#define TCG_TARGET_HAS_cmp_vec          1
+             tb_set_page_addr1(tb, phys_page);
- #define TCG_TARGET_HAS_mul_vec          1
+ #ifdef CONFIG_USER_ONLY
- #define TCG_TARGET_HAS_sat_vec          1
+             page_protect(end);
  #define TCG_TARGET_HAS_minmax_vec       1
 diff --git a/tcg/ppc/tcg-target.h b/tcg/ppc/tcg-target.h
 index XXXXXXX..XXXXXXX 100644
 --- a/tcg/ppc/tcg-target.h
 +++ b/tcg/ppc/tcg-target.h
@@ -XXX,XX +XXX,XX @@ extern bool have_vsx;
  #define TCG_TARGET_HAS_shi_vec          0
  #define TCG_TARGET_HAS_shs_vec          0
  #define TCG_TARGET_HAS_shv_vec          1
 -#define TCG_TARGET_HAS_cmp_vec          1
  #define TCG_TARGET_HAS_mul_vec          1
  #define TCG_TARGET_HAS_sat_vec          1
  #define TCG_TARGET_HAS_minmax_vec       1
 --
-.25.1
+.34.1

-[PULL 09/11] tcg/optimize: Fold dup2_vec
+[PULL v2 2/8] linux-user/sparc: Raise SIGILL for all unhandled software traps
-When the two arguments are identical, this can be reduced to
+The linux kernel's trap tables vector all unassigned trap
-dup_vec or to mov_vec from a tcg_constant_vec.
+numbers to BAD_TRAP, which then raises SIGILL.
+Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
+Reported-by: Ilya Leoshkevich <iii@linux.ibm.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- tcg/optimize.c | 15 +++++++++++++++
+ linux-user/sparc/cpu_loop.c | 8 ++++++++
-file changed, 15 insertions(+)
+file changed, 8 insertions(+)
-diff --git a/tcg/optimize.c b/tcg/optimize.c
+diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/optimize.c
+--- a/linux-user/sparc/cpu_loop.c
-+++ b/tcg/optimize.c
++++ b/linux-user/sparc/cpu_loop.c
-@@ -XXX,XX +XXX,XX @@ void tcg_optimize(TCGContext *s)
+@@ -XXX,XX +XXX,XX @@ void cpu_loop (CPUSPARCState *env)
-             }
+             cpu_exec_step_atomic(cs);
-             goto do_default;
+             break;
+         default:
-+        case INDEX_op_dup2_vec:
++            /*
-+            assert(TCG_TARGET_REG_BITS == 32);
++             * Most software trap numbers vector to BAD_TRAP.
-+            if (arg_is_const(op->args[1]) && arg_is_const(op->args[2])) {
++             * Handle anything not explicitly matched above.
-+                tmp = arg_info(op->args[1])->val;
++             */
-+                if (tmp == arg_info(op->args[2])->val) {
++            if (trapnr >= TT_TRAP && trapnr <= TT_TRAP + 0x7f) {
-+                    tcg_opt_gen_movi(s, op, op->args[0], tmp);
++                force_sig_fault(TARGET_SIGILL, ILL_ILLTRP, env->pc);
-+                    break;
++                break;
 +                }
 +            } else if (args_are_copies(op->args[1], op->args[2])) {
 +                op->opc = INDEX_op_dup_vec;
 +                TCGOP_VECE(op) = MO_32;
 +                nb_iargs = 1;
 +            }
-+            goto do_default;
+             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
-+
+             cpu_dump_state(cs, stderr, 0);
-         CASE_OP_32_64(not):
+             exit(EXIT_FAILURE);
          CASE_OP_32_64(neg):
          CASE_OP_32_64(ext8s):
 --
-.25.1
+.34.1

-[PULL 11/11] accel/tcg: Fix computing of is_write for MIPS
+[PULL v2 3/8] linux-user: Always exit from exclusive state in fork_end()
-From: Kele Huang <kele.hwang@gmail.com>
+From: Ilya Leoshkevich <iii@linux.ibm.com>
-Detect all MIPS store instructions in cpu_signal_handler for all available
+fork()ed processes currently start with
-MIPS versions, and set is_write if encountering such store instructions.
+current_cpu->in_exclusive_context set, which is, strictly speaking, not
 correct, but does not cause problems (even assertion failures).
-This fixed the error while dealing with self-modified code for MIPS.
+With one of the next patches, the code begins to rely on this value, so
 fix it by always calling end_exclusive() in fork_end().
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Kele Huang <kele.hwang@gmail.com>
+Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
-Signed-off-by: Xu Zou <iwatchnima@gmail.com>
+Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
-Message-Id: <20201002081420.10814-1-kele.hwang@gmail.com>
+Message-Id: <20230214140829.45392-2-iii@linux.ibm.com>
 [rth: Use uintptr_t for pc to fix n32 build error.]
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- accel/tcg/user-exec.c | 43 +++++++++++++++++++++++++++++++++++++++----
+ linux-user/main.c    | 10 ++++++----
-file changed, 39 insertions(+), 4 deletions(-)
+ linux-user/syscall.c |  1 +
 files changed, 7 insertions(+), 4 deletions(-)
-diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
+diff --git a/linux-user/main.c b/linux-user/main.c
 index XXXXXXX..XXXXXXX 100644
---- a/accel/tcg/user-exec.c
+--- a/linux-user/main.c
-+++ b/accel/tcg/user-exec.c
++++ b/linux-user/main.c
-@@ -XXX,XX +XXX,XX @@ int cpu_signal_handler(int host_signum, void *pinfo,
+@@ -XXX,XX +XXX,XX @@ void fork_end(int child)
+         }
- #elif defined(__mips__)
+         qemu_init_cpu_list();
+         gdbserver_fork(thread_cpu);
-+#if defined(__misp16) || defined(__mips_micromips)
+-        /* qemu_init_cpu_list() takes care of reinitializing the
-+#error "Unsupported encoding"
+-         * exclusive state, so we don't need to end_exclusive() here.
-+#endif
+-         */
-+
+     } else {
- int cpu_signal_handler(int host_signum, void *pinfo,
+         cpu_list_unlock();
-                        void *puc)
+-        end_exclusive();
- {
+     }
-     siginfo_t *info = pinfo;
++    /*
-     ucontext_t *uc = puc;
++     * qemu_init_cpu_list() reinitialized the child exclusive state, but we
--    greg_t pc = uc->uc_mcontext.pc;
++     * also need to keep current_cpu consistent, so call end_exclusive() for
--    int is_write;
++     * both child and parent.
-+    uintptr_t pc = uc->uc_mcontext.pc;
++     */
-+    uint32_t insn = *(uint32_t *)pc;
++    end_exclusive();
 +    int is_write = 0;
 +
 +    /* Detect all store instructions at program counter. */
 +    switch((insn >> 26) & 077) {
 +    case 050: /* SB */
 +    case 051: /* SH */
 +    case 052: /* SWL */
 +    case 053: /* SW */
 +    case 054: /* SDL */
 +    case 055: /* SDR */
 +    case 056: /* SWR */
 +    case 070: /* SC */
 +    case 071: /* SWC1 */
 +    case 074: /* SCD */
 +    case 075: /* SDC1 */
 +    case 077: /* SD */
 +#if !defined(__mips_isa_rev) || __mips_isa_rev < 6
 +    case 072: /* SWC2 */
 +    case 076: /* SDC2 */
 +#endif
 +        is_write = 1;
 +        break;
 +    case 023: /* COP1X */
 +        /* Required in all versions of MIPS64 since
 +           MIPS64r1 and subsequent versions of MIPS32r2. */
 +        switch (insn & 077) {
 +        case 010: /* SWXC1 */
 +        case 011: /* SDXC1 */
 +        case 015: /* SUXC1 */
 +            is_write = 1;
 +        }
 +        break;
 +    }
 -    /* XXX: compute is_write */
 -    is_write = 0;
      return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
  }
+ __thread CPUState *thread_cpu;
+diff --git a/linux-user/syscall.c b/linux-user/syscall.c
+index XXXXXXX..XXXXXXX 100644
+--- a/linux-user/syscall.c
++++ b/linux-user/syscall.c
+@@ -XXX,XX +XXX,XX @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
+             cpu_clone_regs_parent(env, flags);
+             fork_end(0);
+         }
++        g_assert(!cpu_in_exclusive_context(cpu));
+     }
+     return ret;
+ }
 --
-.25.1
+.34.1

-[PULL 01/11] tcg: Adjust simd_desc size encoding
+[PULL v2 4/8] cpus: Make {start,end}_exclusive() recursive
-With larger vector sizes, it turns out oprsz == maxsz, and we only
+From: Ilya Leoshkevich <iii@linux.ibm.com>
 need to represent mismatch for oprsz <= 32.  We do, however, need
 to represent larger oprsz and do so without reducing SIMD_DATA_BITS.
-Reduce the size of the oprsz field and increase the maxsz field.
+Currently dying to one of the core_dump_signal()s deadlocks, because
-Steal the oprsz value of 24 to indicate equality with maxsz.
+dump_core_and_abort() calls start_exclusive() two times: first via
 stop_all_tasks(), and then via preexit_cleanup() ->
 qemu_plugin_user_exit().
-Tested-by: Frank Chang <frank.chang@sifive.com>
+There are a number of ways to solve this: resume after dumping core;
-Reviewed-by: Frank Chang <frank.chang@sifive.com>
+check cpu_in_exclusive_context() in qemu_plugin_user_exit(); or make
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
+{start,end}_exclusive() recursive. Pick the last option, since it's
 the most straightforward one.
 Fixes: da91c1920242 ("linux-user: Clean up when exiting due to a signal")
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
 Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
 Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
 Message-Id: <20230214140829.45392-3-iii@linux.ibm.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/tcg/tcg-gvec-desc.h | 38 ++++++++++++++++++++++++-------------
+ include/hw/core/cpu.h |  4 ++--
- tcg/tcg-op-gvec.c           | 35 ++++++++++++++++++++++++++--------
+ cpus-common.c         | 12 ++++++++++--
-files changed, 52 insertions(+), 21 deletions(-)
+files changed, 12 insertions(+), 4 deletions(-)
-diff --git a/include/tcg/tcg-gvec-desc.h b/include/tcg/tcg-gvec-desc.h
+diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
 index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg-gvec-desc.h
+--- a/include/hw/core/cpu.h
-+++ b/include/tcg/tcg-gvec-desc.h
++++ b/include/hw/core/cpu.h
-@@ -XXX,XX +XXX,XX @@
+@@ -XXX,XX +XXX,XX @@ struct CPUState {
- #ifndef TCG_TCG_GVEC_DESC_H
+     bool unplug;
- #define TCG_TCG_GVEC_DESC_H
+     bool crash_occurred;
+     bool exit_request;
--/* ??? These bit widths are set for ARM SVE, maxing out at 256 byte vectors. */
+-    bool in_exclusive_context;
--#define SIMD_OPRSZ_SHIFT   0
++    int exclusive_context_count;
--#define SIMD_OPRSZ_BITS    5
+     uint32_t cflags_next_tb;
-+/*
+     /* updates protected by BQL */
-+ * This configuration allows MAXSZ to represent 2048 bytes, and
+     uint32_t interrupt_request;
-+ * OPRSZ to match MAXSZ, or represent the smaller values 8, 16, or 32.
+@@ -XXX,XX +XXX,XX @@ void async_safe_run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data
-+ *
+  */
-+ * Encode this with:
+ static inline bool cpu_in_exclusive_context(const CPUState *cpu)
 + *   0, 1, 3 -> 8, 16, 32
 + *   2       -> maxsz
 + *
 + * This steals the input that would otherwise map to 24 to match maxsz.
 + */
 +#define SIMD_MAXSZ_SHIFT   0
 +#define SIMD_MAXSZ_BITS    8
 -#define SIMD_MAXSZ_SHIFT   (SIMD_OPRSZ_SHIFT + SIMD_OPRSZ_BITS)
 -#define SIMD_MAXSZ_BITS    5
 +#define SIMD_OPRSZ_SHIFT   (SIMD_MAXSZ_SHIFT + SIMD_MAXSZ_BITS)
 +#define SIMD_OPRSZ_BITS    2
 -#define SIMD_DATA_SHIFT    (SIMD_MAXSZ_SHIFT + SIMD_MAXSZ_BITS)
 +#define SIMD_DATA_SHIFT    (SIMD_OPRSZ_SHIFT + SIMD_OPRSZ_BITS)
  #define SIMD_DATA_BITS     (32 - SIMD_DATA_SHIFT)
  /* Create a descriptor from components.  */
  uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data);
 -/* Extract the operation size from a descriptor.  */
 -static inline intptr_t simd_oprsz(uint32_t desc)
 -{
 -    return (extract32(desc, SIMD_OPRSZ_SHIFT, SIMD_OPRSZ_BITS) + 1) * 8;
 -}
 -
  /* Extract the max vector size from a descriptor.  */
  static inline intptr_t simd_maxsz(uint32_t desc)
  {
--    return (extract32(desc, SIMD_MAXSZ_SHIFT, SIMD_MAXSZ_BITS) + 1) * 8;
+-    return cpu->in_exclusive_context;
-+    return extract32(desc, SIMD_MAXSZ_SHIFT, SIMD_MAXSZ_BITS) * 8 + 8;
++    return cpu->exclusive_context_count;
 +}
 +
 +/* Extract the operation size from a descriptor.  */
 +static inline intptr_t simd_oprsz(uint32_t desc)
 +{
 +    uint32_t f = extract32(desc, SIMD_OPRSZ_SHIFT, SIMD_OPRSZ_BITS);
 +    intptr_t o = f * 8 + 8;
 +    intptr_t m = simd_maxsz(desc);
 +    return f == 2 ? m : o;
  }
- /* Extract the operation-specific data from a descriptor.  */
+ /**
-diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
+diff --git a/cpus-common.c b/cpus-common.c
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg-op-gvec.c
+--- a/cpus-common.c
-+++ b/tcg/tcg-op-gvec.c
++++ b/cpus-common.c
-@@ -XXX,XX +XXX,XX @@ static const TCGOpcode vecop_list_empty[1] = { 0 };
+@@ -XXX,XX +XXX,XX @@ void start_exclusive(void)
-    of the operand offsets so that we can check them all at once.  */
+     CPUState *other_cpu;
- static void check_size_align(uint32_t oprsz, uint32_t maxsz, uint32_t ofs)
+     int running_cpus;
- {
--    uint32_t opr_align = oprsz >= 16 ? 15 : 7;
++    if (current_cpu->exclusive_context_count) {
--    uint32_t max_align = maxsz >= 16 || oprsz >= 16 ? 15 : 7;
++        current_cpu->exclusive_context_count++;
--    tcg_debug_assert(oprsz > 0);
++        return;
 -    tcg_debug_assert(oprsz <= maxsz);
 -    tcg_debug_assert((oprsz & opr_align) == 0);
 +    uint32_t max_align;
 +
 +    switch (oprsz) {
 +    case 8:
 +    case 16:
 +    case 32:
 +        tcg_debug_assert(oprsz <= maxsz);
 +        break;
 +    default:
 +        tcg_debug_assert(oprsz == maxsz);
 +        break;
 +    }
 +    tcg_debug_assert(maxsz <= (8 << SIMD_MAXSZ_BITS));
 +
 +    max_align = maxsz >= 16 ? 15 : 7;
      tcg_debug_assert((maxsz & max_align) == 0);
      tcg_debug_assert((ofs & max_align) == 0);
  }
@@ -XXX,XX +XXX,XX @@ uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data)
  {
      uint32_t desc = 0;
 -    assert(oprsz % 8 == 0 && oprsz <= (8 << SIMD_OPRSZ_BITS));
 -    assert(maxsz % 8 == 0 && maxsz <= (8 << SIMD_MAXSZ_BITS));
 -    assert(data == sextract32(data, 0, SIMD_DATA_BITS));
 +    check_size_align(oprsz, maxsz, 0);
 +    tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
      oprsz = (oprsz / 8) - 1;
      maxsz = (maxsz / 8) - 1;
 +
 +    /*
 +     * We have just asserted in check_size_align that either
 +     * oprsz is {8,16,32} or matches maxsz.  Encode the final
 +     * case with '2', as that would otherwise map to 24.
 +     */
 +    if (oprsz == maxsz) {
 +        oprsz = 2;
 +    }
 +
-     desc = deposit32(desc, SIMD_OPRSZ_SHIFT, SIMD_OPRSZ_BITS, oprsz);
+     qemu_mutex_lock(&qemu_cpu_list_lock);
-     desc = deposit32(desc, SIMD_MAXSZ_SHIFT, SIMD_MAXSZ_BITS, maxsz);
+     exclusive_idle();
-     desc = deposit32(desc, SIMD_DATA_SHIFT, SIMD_DATA_BITS, data);
@@ -XXX,XX +XXX,XX @@ void start_exclusive(void)
       */
      qemu_mutex_unlock(&qemu_cpu_list_lock);
 -    current_cpu->in_exclusive_context = true;
 +    current_cpu->exclusive_context_count = 1;
  }
  /* Finish an exclusive operation.  */
  void end_exclusive(void)
  {
 -    current_cpu->in_exclusive_context = false;
 +    current_cpu->exclusive_context_count--;
 +    if (current_cpu->exclusive_context_count) {
 +        return;
 +    }
      qemu_mutex_lock(&qemu_cpu_list_lock);
      qatomic_set(&pending_cpus, 0);
 --
-.25.1
+.34.1

-[PULL 02/11] tcg: Drop union from TCGArgConstraint
+Deleted patch
-The union is unused; let "regs" appear in the main structure
-without the "u.regs" wrapping.
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/tcg/tcg.h            |  4 +---
- tcg/tcg.c                    | 22 +++++++++++-----------
- tcg/aarch64/tcg-target.c.inc | 14 +++++++-------
- tcg/arm/tcg-target.c.inc     | 26 +++++++++++++-------------
- tcg/i386/tcg-target.c.inc    | 26 +++++++++++++-------------
- tcg/mips/tcg-target.c.inc    | 18 +++++++++---------
- tcg/ppc/tcg-target.c.inc     | 24 ++++++++++++------------
- tcg/riscv/tcg-target.c.inc   | 14 +++++++-------
- tcg/s390/tcg-target.c.inc    | 18 +++++++++---------
- tcg/sparc/tcg-target.c.inc   | 16 ++++++++--------
- tcg/tci/tcg-target.c.inc     |  2 +-
-files changed, 91 insertions(+), 93 deletions(-)
-diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg.h
-+++ b/include/tcg/tcg.h
-@@ -XXX,XX +XXX,XX @@ void tcg_dump_op_count(void);
- typedef struct TCGArgConstraint {
-     uint16_t ct;
-     uint8_t alias_index;
--    union {
--        TCGRegSet regs;
--    } u;
-+    TCGRegSet regs;
- } TCGArgConstraint;
- #define TCG_MAX_OP_ARGS 16
-diff --git a/tcg/tcg.c b/tcg/tcg.c
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg.c
-+++ b/tcg/tcg.c
-@@ -XXX,XX +XXX,XX @@ static int get_constraint_priority(const TCGOpDef *def, int k)
-             return 0;
-         n = 0;
-         for(i = 0; i < TCG_TARGET_NB_REGS; i++) {
--            if (tcg_regset_test_reg(arg_ct->u.regs, i))
-+            if (tcg_regset_test_reg(arg_ct->regs, i))
-                 n++;
-         }
-     }
-@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
-             /* Incomplete TCGTargetOpDef entry. */
-             tcg_debug_assert(ct_str != NULL);
--            def->args_ct[i].u.regs = 0;
-+            def->args_ct[i].regs = 0;
-             def->args_ct[i].ct = 0;
-             while (*ct_str != '\0') {
-                 switch(*ct_str) {
-@@ -XXX,XX +XXX,XX @@ static void liveness_pass_1(TCGContext *s)
-                     pset = la_temp_pref(ts);
-                     set = *pset;
--                    set &= ct->u.regs;
-+                    set &= ct->regs;
-                     if (ct->ct & TCG_CT_IALIAS) {
-                         set &= op->output_pref[ct->alias_index];
-                     }
-                     /* If the combination is not possible, restart.  */
-                     if (set == 0) {
--                        set = ct->u.regs;
-+                        set = ct->regs;
-                     }
-                     *pset = set;
-                 }
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_dup(TCGContext *s, const TCGOp *op)
-         return;
-     }
--    dup_out_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[0].u.regs;
--    dup_in_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[1].u.regs;
-+    dup_out_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[0].regs;
-+    dup_in_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[1].regs;
-     /* Allocate the output register now.  */
-     if (ots->val_type != TEMP_VAL_REG) {
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
-             }
-         }
--        temp_load(s, ts, arg_ct->u.regs, i_allocated_regs, i_preferred_regs);
-+        temp_load(s, ts, arg_ct->regs, i_allocated_regs, i_preferred_regs);
-         reg = ts->reg;
--        if (tcg_regset_test_reg(arg_ct->u.regs, reg)) {
-+        if (tcg_regset_test_reg(arg_ct->regs, reg)) {
-             /* nothing to do : the constraint is satisfied */
-         } else {
-         allocate_in_reg:
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
-                and move the temporary register into it */
-             temp_load(s, ts, tcg_target_available_regs[ts->type],
-                       i_allocated_regs, 0);
--            reg = tcg_reg_alloc(s, arg_ct->u.regs, i_allocated_regs,
-+            reg = tcg_reg_alloc(s, arg_ct->regs, i_allocated_regs,
-                                 o_preferred_regs, ts->indirect_base);
-             if (!tcg_out_mov(s, ts->type, reg, ts->reg)) {
-                 /*
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
-                 && !const_args[arg_ct->alias_index]) {
-                 reg = new_args[arg_ct->alias_index];
-             } else if (arg_ct->ct & TCG_CT_NEWREG) {
--                reg = tcg_reg_alloc(s, arg_ct->u.regs,
-+                reg = tcg_reg_alloc(s, arg_ct->regs,
-                                     i_allocated_regs | o_allocated_regs,
-                                     op->output_pref[k], ts->indirect_base);
-             } else {
--                reg = tcg_reg_alloc(s, arg_ct->u.regs, o_allocated_regs,
-+                reg = tcg_reg_alloc(s, arg_ct->regs, o_allocated_regs,
-                                     op->output_pref[k], ts->indirect_base);
-             }
-             tcg_regset_set_reg(o_allocated_regs, reg);
-diff --git a/tcg/aarch64/tcg-target.c.inc b/tcg/aarch64/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/aarch64/tcg-target.c.inc
-+++ b/tcg/aarch64/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch (*ct_str++) {
-     case 'r': /* general registers */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs |= 0xffffffffu;
-+        ct->regs |= 0xffffffffu;
-         break;
-     case 'w': /* advsimd registers */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs |= 0xffffffff00000000ull;
-+        ct->regs |= 0xffffffff00000000ull;
-         break;
-     case 'l': /* qemu_ld / qemu_st address, data_reg */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffffu;
-+        ct->regs = 0xffffffffu;
- #ifdef CONFIG_SOFTMMU
-         /* x0 and x1 will be overwritten when reading the tlb entry,
-            and x2, and x3 for helper args, better to avoid using them. */
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X0);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X1);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X2);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X3);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_X0);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_X1);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_X2);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_X3);
- #endif
-         break;
-     case 'A': /* Valid for arithmetic immediate (positive or negative).  */
-diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/arm/tcg-target.c.inc
-+++ b/tcg/arm/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     case 'r':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffff;
-+        ct->regs = 0xffff;
-         break;
-     /* qemu_ld address */
-     case 'l':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffff;
-+        ct->regs = 0xffff;
- #ifdef CONFIG_SOFTMMU
-         /* r0-r2,lr will be overwritten when reading the tlb entry,
-            so don't use these. */
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R0);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R1);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R2);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R14);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R0);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R1);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R14);
- #endif
-         break;
-     /* qemu_st address & data */
-     case 's':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffff;
-+        ct->regs = 0xffff;
-         /* r0-r2 will be overwritten when reading the tlb entry (softmmu only)
-            and r0-r1 doing the byte swapping, so don't use these. */
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R0);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R1);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R0);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R1);
- #if defined(CONFIG_SOFTMMU)
-         /* Avoid clashes with registers being used for helper args */
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R2);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
- #if TARGET_LONG_BITS == 64
-         /* Avoid clashes with registers being used for helper args */
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
- #endif
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R14);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R14);
- #endif
-         break;
-diff --git a/tcg/i386/tcg-target.c.inc b/tcg/i386/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/i386/tcg-target.c.inc
-+++ b/tcg/i386/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch(*ct_str++) {
-     case 'a':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_EAX);
-+        tcg_regset_set_reg(ct->regs, TCG_REG_EAX);
-         break;
-     case 'b':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_EBX);
-+        tcg_regset_set_reg(ct->regs, TCG_REG_EBX);
-         break;
-     case 'c':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_ECX);
-+        tcg_regset_set_reg(ct->regs, TCG_REG_ECX);
-         break;
-     case 'd':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_EDX);
-+        tcg_regset_set_reg(ct->regs, TCG_REG_EDX);
-         break;
-     case 'S':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_ESI);
-+        tcg_regset_set_reg(ct->regs, TCG_REG_ESI);
-         break;
-     case 'D':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_EDI);
-+        tcg_regset_set_reg(ct->regs, TCG_REG_EDI);
-         break;
-     case 'q':
-         /* A register that can be used as a byte operand.  */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xf;
-+        ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xf;
-         break;
-     case 'Q':
-         /* A register with an addressable second byte (e.g. %ah).  */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xf;
-+        ct->regs = 0xf;
-         break;
-     case 'r':
-         /* A general register.  */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs |= ALL_GENERAL_REGS;
-+        ct->regs |= ALL_GENERAL_REGS;
-         break;
-     case 'W':
-         /* With TZCNT/LZCNT, we can have operand-size as an input.  */
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     case 'x':
-         /* A vector register.  */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs |= ALL_VECTOR_REGS;
-+        ct->regs |= ALL_VECTOR_REGS;
-         break;
-         /* qemu_ld/st address constraint */
-     case 'L':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xff;
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_L0);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_L1);
-+        ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xff;
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_L0);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_L1);
-         break;
-     case 'e':
-diff --git a/tcg/mips/tcg-target.c.inc b/tcg/mips/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/mips/tcg-target.c.inc
-+++ b/tcg/mips/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch(*ct_str++) {
-     case 'r':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
-+        ct->regs = 0xffffffff;
-         break;
-     case 'L': /* qemu_ld input arg constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_A0);
-+        ct->regs = 0xffffffff;
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
- #if defined(CONFIG_SOFTMMU)
-         if (TCG_TARGET_REG_BITS < TARGET_LONG_BITS) {
--            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A2);
-+            tcg_regset_reset_reg(ct->regs, TCG_REG_A2);
-         }
- #endif
-         break;
-     case 'S': /* qemu_st constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_A0);
-+        ct->regs = 0xffffffff;
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
- #if defined(CONFIG_SOFTMMU)
-         if (TCG_TARGET_REG_BITS < TARGET_LONG_BITS) {
--            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A2);
--            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A3);
-+            tcg_regset_reset_reg(ct->regs, TCG_REG_A2);
-+            tcg_regset_reset_reg(ct->regs, TCG_REG_A3);
-         } else {
--            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A1);
-+            tcg_regset_reset_reg(ct->regs, TCG_REG_A1);
-         }
- #endif
-         break;
-diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/ppc/tcg-target.c.inc
-+++ b/tcg/ppc/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch (*ct_str++) {
-     case 'A': case 'B': case 'C': case 'D':
-         ct->ct |= TCG_CT_REG;
--        tcg_regset_set_reg(ct->u.regs, 3 + ct_str[0] - 'A');
-+        tcg_regset_set_reg(ct->regs, 3 + ct_str[0] - 'A');
-         break;
-     case 'r':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
-+        ct->regs = 0xffffffff;
-         break;
-     case 'v':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff00000000ull;
-+        ct->regs = 0xffffffff00000000ull;
-         break;
-     case 'L':                   /* qemu_ld constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
-+        ct->regs = 0xffffffff;
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
- #ifdef CONFIG_SOFTMMU
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R4);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R5);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R5);
- #endif
-         break;
-     case 'S':                   /* qemu_st constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
-+        ct->regs = 0xffffffff;
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
- #ifdef CONFIG_SOFTMMU
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R4);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R5);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R6);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R5);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R6);
- #endif
-         break;
-     case 'I':
-diff --git a/tcg/riscv/tcg-target.c.inc b/tcg/riscv/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/riscv/tcg-target.c.inc
-+++ b/tcg/riscv/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch (*ct_str++) {
-     case 'r':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
-+        ct->regs = 0xffffffff;
-         break;
-     case 'L':
-         /* qemu_ld/qemu_st constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
-+        ct->regs = 0xffffffff;
-         /* qemu_ld/qemu_st uses TCG_REG_TMP0 */
- #if defined(CONFIG_SOFTMMU)
--        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[0]);
--        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[1]);
--        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[2]);
--        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[3]);
--        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[4]);
-+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[0]);
-+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[1]);
-+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[2]);
-+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[3]);
-+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[4]);
- #endif
-         break;
-     case 'I':
-diff --git a/tcg/s390/tcg-target.c.inc b/tcg/s390/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/s390/tcg-target.c.inc
-+++ b/tcg/s390/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch (*ct_str++) {
-     case 'r':                  /* all registers */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffff;
-+        ct->regs = 0xffff;
-         break;
-     case 'L':                  /* qemu_ld/st constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffff;
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R2);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R4);
-+        ct->regs = 0xffff;
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
-         break;
-     case 'a':                  /* force R2 for division */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_R2);
-+        ct->regs = 0;
-+        tcg_regset_set_reg(ct->regs, TCG_REG_R2);
-         break;
-     case 'b':                  /* force R3 for division */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0;
--        tcg_regset_set_reg(ct->u.regs, TCG_REG_R3);
-+        ct->regs = 0;
-+        tcg_regset_set_reg(ct->regs, TCG_REG_R3);
-         break;
-     case 'A':
-         ct->ct |= TCG_CT_CONST_S33;
-diff --git a/tcg/sparc/tcg-target.c.inc b/tcg/sparc/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/sparc/tcg-target.c.inc
-+++ b/tcg/sparc/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     switch (*ct_str++) {
-     case 'r':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
-+        ct->regs = 0xffffffff;
-         break;
-     case 'R':
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = ALL_64;
-+        ct->regs = ALL_64;
-         break;
-     case 'A': /* qemu_ld/st address constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = TARGET_LONG_BITS == 64 ? ALL_64 : 0xffffffff;
-+        ct->regs = TARGET_LONG_BITS == 64 ? ALL_64 : 0xffffffff;
-     reserve_helpers:
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_O0);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_O1);
--        tcg_regset_reset_reg(ct->u.regs, TCG_REG_O2);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_O0);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_O1);
-+        tcg_regset_reset_reg(ct->regs, TCG_REG_O2);
-         break;
-     case 's': /* qemu_st data 32-bit constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = 0xffffffff;
-+        ct->regs = 0xffffffff;
-         goto reserve_helpers;
-     case 'S': /* qemu_st data 64-bit constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = ALL_64;
-+        ct->regs = ALL_64;
-         goto reserve_helpers;
-     case 'I':
-         ct->ct |= TCG_CT_CONST_S11;
-diff --git a/tcg/tci/tcg-target.c.inc b/tcg/tci/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tci/tcg-target.c.inc
-+++ b/tcg/tci/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     case 'L':                   /* qemu_ld constraint */
-     case 'S':                   /* qemu_st constraint */
-         ct->ct |= TCG_CT_REG;
--        ct->u.regs = BIT(TCG_TARGET_NB_REGS) - 1;
-+        ct->regs = BIT(TCG_TARGET_NB_REGS) - 1;
-         break;
-     default:
-         return NULL;
---
-.25.1

-[PULL 03/11] tcg: Move sorted_args into TCGArgConstraint.sort_index
+Deleted patch
-This uses an existing hole in the TCGArgConstraint structure
-and will be convenient for keeping the data in one place.
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/tcg/tcg.h |  2 +-
- tcg/tcg.c         | 35 +++++++++++++++++------------------
-files changed, 18 insertions(+), 19 deletions(-)
-diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg.h
-+++ b/include/tcg/tcg.h
-@@ -XXX,XX +XXX,XX @@ void tcg_dump_op_count(void);
- typedef struct TCGArgConstraint {
-     uint16_t ct;
-     uint8_t alias_index;
-+    uint8_t sort_index;
-     TCGRegSet regs;
- } TCGArgConstraint;
-@@ -XXX,XX +XXX,XX @@ typedef struct TCGOpDef {
-     uint8_t nb_oargs, nb_iargs, nb_cargs, nb_args;
-     uint8_t flags;
-     TCGArgConstraint *args_ct;
--    int *sorted_args;
- #if defined(CONFIG_DEBUG_TCG)
-     int used;
- #endif
-diff --git a/tcg/tcg.c b/tcg/tcg.c
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg.c
-+++ b/tcg/tcg.c
-@@ -XXX,XX +XXX,XX @@ void tcg_context_init(TCGContext *s)
-     int op, total_args, n, i;
-     TCGOpDef *def;
-     TCGArgConstraint *args_ct;
--    int *sorted_args;
-     TCGTemp *ts;
-     memset(s, 0, sizeof(*s));
-@@ -XXX,XX +XXX,XX @@ void tcg_context_init(TCGContext *s)
-     }
-     args_ct = g_malloc(sizeof(TCGArgConstraint) * total_args);
--    sorted_args = g_malloc(sizeof(int) * total_args);
-     for(op = 0; op < NB_OPS; op++) {
-         def = &tcg_op_defs[op];
-         def->args_ct = args_ct;
--        def->sorted_args = sorted_args;
-         n = def->nb_iargs + def->nb_oargs;
--        sorted_args += n;
-         args_ct += n;
-     }
-@@ -XXX,XX +XXX,XX @@ static int get_constraint_priority(const TCGOpDef *def, int k)
- /* sort from highest priority to lowest */
- static void sort_constraints(TCGOpDef *def, int start, int n)
- {
--    int i, j, p1, p2, tmp;
-+    int i, j;
-+    TCGArgConstraint *a = def->args_ct;
--    for(i = 0; i < n; i++)
--        def->sorted_args[start + i] = start + i;
--    if (n <= 1)
-+    for (i = 0; i < n; i++) {
-+        a[start + i].sort_index = start + i;
-+    }
-+    if (n <= 1) {
-         return;
--    for(i = 0; i < n - 1; i++) {
--        for(j = i + 1; j < n; j++) {
--            p1 = get_constraint_priority(def, def->sorted_args[start + i]);
--            p2 = get_constraint_priority(def, def->sorted_args[start + j]);
-+    }
-+    for (i = 0; i < n - 1; i++) {
-+        for (j = i + 1; j < n; j++) {
-+            int p1 = get_constraint_priority(def, a[start + i].sort_index);
-+            int p2 = get_constraint_priority(def, a[start + j].sort_index);
-             if (p1 < p2) {
--                tmp = def->sorted_args[start + i];
--                def->sorted_args[start + i] = def->sorted_args[start + j];
--                def->sorted_args[start + j] = tmp;
-+                int tmp = a[start + i].sort_index;
-+                a[start + i].sort_index = a[start + j].sort_index;
-+                a[start + j].sort_index = tmp;
-             }
-         }
-     }
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
-     for (k = 0; k < nb_iargs; k++) {
-         TCGRegSet i_preferred_regs, o_preferred_regs;
--        i = def->sorted_args[nb_oargs + k];
-+        i = def->args_ct[nb_oargs + k].sort_index;
-         arg = op->args[i];
-         arg_ct = &def->args_ct[i];
-         ts = arg_temp(arg);
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
-                     int k2, i2;
-                     reg = ts->reg;
-                     for (k2 = 0 ; k2 < k ; k2++) {
--                        i2 = def->sorted_args[nb_oargs + k2];
-+                        i2 = def->args_ct[nb_oargs + k2].sort_index;
-                         if ((def->args_ct[i2].ct & TCG_CT_IALIAS) &&
-                             reg == new_args[i2]) {
-                             goto allocate_in_reg;
-@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
-         /* satisfy the output constraints */
-         for(k = 0; k < nb_oargs; k++) {
--            i = def->sorted_args[k];
-+            i = def->args_ct[k].sort_index;
-             arg = op->args[i];
-             arg_ct = &def->args_ct[i];
-             ts = arg_temp(arg);
---
-.25.1

-[PULL 04/11] tcg: Remove TCG_CT_REG
+Deleted patch
-This wasn't actually used for anything, really.  All variable
-operands must accept registers, and which are indicated by the
-set in TCGArgConstraint.regs.
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/tcg/tcg.h            |  1 -
- tcg/tcg.c                    | 15 ++++-----------
- tcg/aarch64/tcg-target.c.inc |  3 ---
- tcg/arm/tcg-target.c.inc     |  3 ---
- tcg/i386/tcg-target.c.inc    | 11 -----------
- tcg/mips/tcg-target.c.inc    |  3 ---
- tcg/ppc/tcg-target.c.inc     |  5 -----
- tcg/riscv/tcg-target.c.inc   |  2 --
- tcg/s390/tcg-target.c.inc    |  4 ----
- tcg/sparc/tcg-target.c.inc   |  5 -----
- tcg/tci/tcg-target.c.inc     |  1 -
-files changed, 4 insertions(+), 49 deletions(-)
-diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg.h
-+++ b/include/tcg/tcg.h
-@@ -XXX,XX +XXX,XX @@ void tcg_dump_op_count(void);
- #define TCG_CT_ALIAS  0x80
- #define TCG_CT_IALIAS 0x40
- #define TCG_CT_NEWREG 0x20 /* output requires a new register */
--#define TCG_CT_REG    0x01
- #define TCG_CT_CONST  0x02 /* any constant of register size */
- typedef struct TCGArgConstraint {
-diff --git a/tcg/tcg.c b/tcg/tcg.c
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg.c
-+++ b/tcg/tcg.c
-@@ -XXX,XX +XXX,XX @@ static void tcg_dump_ops(TCGContext *s, bool have_prefs)
- /* we give more priority to constraints with less registers */
- static int get_constraint_priority(const TCGOpDef *def, int k)
- {
--    const TCGArgConstraint *arg_ct;
-+    const TCGArgConstraint *arg_ct = &def->args_ct[k];
-+    int n;
--    int i, n;
--    arg_ct = &def->args_ct[k];
-     if (arg_ct->ct & TCG_CT_ALIAS) {
-         /* an alias is equivalent to a single register */
-         n = 1;
-     } else {
--        if (!(arg_ct->ct & TCG_CT_REG))
--            return 0;
--        n = 0;
--        for(i = 0; i < TCG_TARGET_NB_REGS; i++) {
--            if (tcg_regset_test_reg(arg_ct->regs, i))
--                n++;
--        }
-+        n = ctpop64(arg_ct->regs);
-     }
-     return TCG_TARGET_NB_REGS - n + 1;
- }
-@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
-                         int oarg = *ct_str - '0';
-                         tcg_debug_assert(ct_str == tdefs->args_ct_str[i]);
-                         tcg_debug_assert(oarg < def->nb_oargs);
--                        tcg_debug_assert(def->args_ct[oarg].ct & TCG_CT_REG);
-+                        tcg_debug_assert(def->args_ct[oarg].regs != 0);
-                         /* TCG_CT_ALIAS is for the output arguments.
-                            The input is tagged with TCG_CT_IALIAS. */
-                         def->args_ct[i] = def->args_ct[oarg];
-diff --git a/tcg/aarch64/tcg-target.c.inc b/tcg/aarch64/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/aarch64/tcg-target.c.inc
-+++ b/tcg/aarch64/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch (*ct_str++) {
-     case 'r': /* general registers */
--        ct->ct |= TCG_CT_REG;
-         ct->regs |= 0xffffffffu;
-         break;
-     case 'w': /* advsimd registers */
--        ct->ct |= TCG_CT_REG;
-         ct->regs |= 0xffffffff00000000ull;
-         break;
-     case 'l': /* qemu_ld / qemu_st address, data_reg */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffffu;
- #ifdef CONFIG_SOFTMMU
-         /* x0 and x1 will be overwritten when reading the tlb entry,
-diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/arm/tcg-target.c.inc
-+++ b/tcg/arm/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-         break;
-     case 'r':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffff;
-         break;
-     /* qemu_ld address */
-     case 'l':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffff;
- #ifdef CONFIG_SOFTMMU
-         /* r0-r2,lr will be overwritten when reading the tlb entry,
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     /* qemu_st address & data */
-     case 's':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffff;
-         /* r0-r2 will be overwritten when reading the tlb entry (softmmu only)
-            and r0-r1 doing the byte swapping, so don't use these. */
-diff --git a/tcg/i386/tcg-target.c.inc b/tcg/i386/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/i386/tcg-target.c.inc
-+++ b/tcg/i386/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch(*ct_str++) {
-     case 'a':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, TCG_REG_EAX);
-         break;
-     case 'b':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, TCG_REG_EBX);
-         break;
-     case 'c':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, TCG_REG_ECX);
-         break;
-     case 'd':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, TCG_REG_EDX);
-         break;
-     case 'S':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, TCG_REG_ESI);
-         break;
-     case 'D':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, TCG_REG_EDI);
-         break;
-     case 'q':
-         /* A register that can be used as a byte operand.  */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xf;
-         break;
-     case 'Q':
-         /* A register with an addressable second byte (e.g. %ah).  */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xf;
-         break;
-     case 'r':
-         /* A general register.  */
--        ct->ct |= TCG_CT_REG;
-         ct->regs |= ALL_GENERAL_REGS;
-         break;
-     case 'W':
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-         break;
-     case 'x':
-         /* A vector register.  */
--        ct->ct |= TCG_CT_REG;
-         ct->regs |= ALL_VECTOR_REGS;
-         break;
-         /* qemu_ld/st address constraint */
-     case 'L':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xff;
-         tcg_regset_reset_reg(ct->regs, TCG_REG_L0);
-         tcg_regset_reset_reg(ct->regs, TCG_REG_L1);
-diff --git a/tcg/mips/tcg-target.c.inc b/tcg/mips/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/mips/tcg-target.c.inc
-+++ b/tcg/mips/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch(*ct_str++) {
-     case 'r':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         break;
-     case 'L': /* qemu_ld input arg constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
- #if defined(CONFIG_SOFTMMU)
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- #endif
-         break;
-     case 'S': /* qemu_st constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
- #if defined(CONFIG_SOFTMMU)
-diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/ppc/tcg-target.c.inc
-+++ b/tcg/ppc/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch (*ct_str++) {
-     case 'A': case 'B': case 'C': case 'D':
--        ct->ct |= TCG_CT_REG;
-         tcg_regset_set_reg(ct->regs, 3 + ct_str[0] - 'A');
-         break;
-     case 'r':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         break;
-     case 'v':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff00000000ull;
-         break;
-     case 'L':                   /* qemu_ld constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
- #ifdef CONFIG_SOFTMMU
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- #endif
-         break;
-     case 'S':                   /* qemu_st constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
- #ifdef CONFIG_SOFTMMU
-diff --git a/tcg/riscv/tcg-target.c.inc b/tcg/riscv/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/riscv/tcg-target.c.inc
-+++ b/tcg/riscv/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch (*ct_str++) {
-     case 'r':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         break;
-     case 'L':
-         /* qemu_ld/qemu_st constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         /* qemu_ld/qemu_st uses TCG_REG_TMP0 */
- #if defined(CONFIG_SOFTMMU)
-diff --git a/tcg/s390/tcg-target.c.inc b/tcg/s390/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/s390/tcg-target.c.inc
-+++ b/tcg/s390/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch (*ct_str++) {
-     case 'r':                  /* all registers */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffff;
-         break;
-     case 'L':                  /* qemu_ld/st constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffff;
-         tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
-         tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
-         tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
-         break;
-     case 'a':                  /* force R2 for division */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0;
-         tcg_regset_set_reg(ct->regs, TCG_REG_R2);
-         break;
-     case 'b':                  /* force R3 for division */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0;
-         tcg_regset_set_reg(ct->regs, TCG_REG_R3);
-         break;
-diff --git a/tcg/sparc/tcg-target.c.inc b/tcg/sparc/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/sparc/tcg-target.c.inc
-+++ b/tcg/sparc/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
- {
-     switch (*ct_str++) {
-     case 'r':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         break;
-     case 'R':
--        ct->ct |= TCG_CT_REG;
-         ct->regs = ALL_64;
-         break;
-     case 'A': /* qemu_ld/st address constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = TARGET_LONG_BITS == 64 ? ALL_64 : 0xffffffff;
-     reserve_helpers:
-         tcg_regset_reset_reg(ct->regs, TCG_REG_O0);
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-         tcg_regset_reset_reg(ct->regs, TCG_REG_O2);
-         break;
-     case 's': /* qemu_st data 32-bit constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = 0xffffffff;
-         goto reserve_helpers;
-     case 'S': /* qemu_st data 64-bit constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = ALL_64;
-         goto reserve_helpers;
-     case 'I':
-diff --git a/tcg/tci/tcg-target.c.inc b/tcg/tci/tcg-target.c.inc
-index XXXXXXX..XXXXXXX 100644
---- a/tcg/tci/tcg-target.c.inc
-+++ b/tcg/tci/tcg-target.c.inc
-@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
-     case 'r':
-     case 'L':                   /* qemu_ld constraint */
-     case 'S':                   /* qemu_st constraint */
--        ct->ct |= TCG_CT_REG;
-         ct->regs = BIT(TCG_TARGET_NB_REGS) - 1;
-         break;
-     default:
---
-.25.1

-[PULL 08/11] tcg: Fix generation of dupi_vec for 32-bit host
+[PULL v2 5/8] linux-user/microblaze: Handle privileged exception
-The definition of INDEX_op_dupi_vec is that it operates on
+From: Ilya Leoshkevich <iii@linux.ibm.com>
 units of tcg_target_ulong -- in this case 32 bits.  It does
 not work to use this for a uint64_t value that happens to be
 small enough to fit in tcg_target_ulong.
-Fixes: d2fd745fe8b
+Follow what kernel's full_exception() is doing.
-Fixes: db432672dc5
-Cc: qemu-stable@nongnu.org
+Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
 Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
 Message-Id: <20230214140829.45392-4-iii@linux.ibm.com>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- tcg/tcg-op-vec.c | 12 ++++++++----
+ linux-user/microblaze/cpu_loop.c | 10 ++++++++--
-file changed, 8 insertions(+), 4 deletions(-)
+file changed, 8 insertions(+), 2 deletions(-)
-diff --git a/tcg/tcg-op-vec.c b/tcg/tcg-op-vec.c
+diff --git a/linux-user/microblaze/cpu_loop.c b/linux-user/microblaze/cpu_loop.c
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg-op-vec.c
+--- a/linux-user/microblaze/cpu_loop.c
-+++ b/tcg/tcg-op-vec.c
++++ b/linux-user/microblaze/cpu_loop.c
-@@ -XXX,XX +XXX,XX @@ TCGv_vec tcg_const_ones_vec_matching(TCGv_vec m)
+@@ -XXX,XX +XXX,XX @@
- void tcg_gen_dup64i_vec(TCGv_vec r, uint64_t a)
+ void cpu_loop(CPUMBState *env)
  {
--    if (TCG_TARGET_REG_BITS == 32 && a == deposit64(a, 32, 32, a)) {
++    int trapnr, ret, si_code, sig;
--        do_dupi_vec(r, MO_32, a);
+     CPUState *cs = env_cpu(env);
--    } else if (TCG_TARGET_REG_BITS == 64 || a == (uint64_t)(int32_t)a) {
+-    int trapnr, ret, si_code;
-+    if (TCG_TARGET_REG_BITS == 64) {
-         do_dupi_vec(r, MO_64, a);
+     while (1) {
-+    } else if (a == dup_const(MO_32, a)) {
+         cpu_exec_start(cs);
-+        do_dupi_vec(r, MO_32, a);
+@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUMBState *env)
-     } else {
+             env->iflags &= ~(IMM_FLAG | D_FLAG);
-         TCGv_i64 c = tcg_const_i64(a);
+             switch (env->esr & 31) {
-         tcg_gen_dup_i64_vec(MO_64, r, c);
+             case ESR_EC_DIVZERO:
-@@ -XXX,XX +XXX,XX @@ void tcg_gen_dup8i_vec(TCGv_vec r, uint32_t a)
++                sig = TARGET_SIGFPE;
+                 si_code = TARGET_FPE_INTDIV;
- void tcg_gen_dupi_vec(unsigned vece, TCGv_vec r, uint64_t a)
+                 break;
- {
+             case ESR_EC_FPU:
--    do_dupi_vec(r, MO_REG, dup_const(vece, a));
+@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUMBState *env)
-+    if (vece == MO_64) {
+                  * if there's no recognized bit set.  Possibly this
-+        tcg_gen_dup64i_vec(r, a);
+                  * implies that si_code is 0, but follow the structure.
-+    } else {
+                  */
-+        do_dupi_vec(r, MO_REG, dup_const(vece, a));
++                sig = TARGET_SIGFPE;
-+    }
+                 si_code = env->fsr;
- }
+                 if (si_code & FSR_IO) {
+                     si_code = TARGET_FPE_FLTINV;
- void tcg_gen_dup_i64_vec(unsigned vece, TCGv_vec r, TCGv_i64 a)
+@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUMBState *env)
                      si_code = TARGET_FPE_FLTRES;
                  }
                  break;
 +            case ESR_EC_PRIVINSN:
 +                sig = SIGILL;
 +                si_code = ILL_PRVOPC;
 +                break;
              default:
                  fprintf(stderr, "Unhandled hw-exception: 0x%x\n",
                          env->esr & ESR_EC_MASK);
                  cpu_dump_state(cs, stderr, 0);
                  exit(EXIT_FAILURE);
              }
 -            force_sig_fault(TARGET_SIGFPE, si_code, env->pc);
 +            force_sig_fault(sig, si_code, env->pc);
              break;
          case EXCP_DEBUG:
 --
-.25.1
+.34.1

-[PULL 07/11] tcg/i386: Fix dupi for avx2 32-bit hosts
+[PULL v2 6/8] target/microblaze: Add gdbstub xml
-The previous change wrongly stated that 32-bit avx2 should have
+Mirroring the upstream gdb xml files, the two stack boundary
-used VPBROADCASTW.  But that's a 16-bit broadcast and we want a
+registers are separated out.
 -bit broadcast.
-Fixes: 7b60ef3264e
+Reviewed-by: Edgar E. Iglesias <edgar@zeroasic.com>
 Cc: qemu-stable@nongnu.org
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- tcg/i386/tcg-target.c.inc | 2 +-
+ target/microblaze/cpu.h                     |  2 +
-file changed, 1 insertion(+), 1 deletion(-)
+ target/microblaze/cpu.c                     |  7 ++-
  target/microblaze/gdbstub.c                 | 51 +++++++++++-----
  configs/targets/microblaze-linux-user.mak   |  1 +
  configs/targets/microblaze-softmmu.mak      |  1 +
  configs/targets/microblazeel-linux-user.mak |  1 +
  configs/targets/microblazeel-softmmu.mak    |  1 +
  gdb-xml/microblaze-core.xml                 | 67 +++++++++++++++++++++
  gdb-xml/microblaze-stack-protect.xml        | 12 ++++
 files changed, 128 insertions(+), 15 deletions(-)
  create mode 100644 gdb-xml/microblaze-core.xml
  create mode 100644 gdb-xml/microblaze-stack-protect.xml
-diff --git a/tcg/i386/tcg-target.c.inc b/tcg/i386/tcg-target.c.inc
+diff --git a/target/microblaze/cpu.h b/target/microblaze/cpu.h
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/i386/tcg-target.c.inc
+--- a/target/microblaze/cpu.h
-+++ b/tcg/i386/tcg-target.c.inc
++++ b/target/microblaze/cpu.h
-@@ -XXX,XX +XXX,XX @@ static void tcg_out_dupi_vec(TCGContext *s, TCGType type,
+@@ -XXX,XX +XXX,XX @@ hwaddr mb_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr,
-         new_pool_label(s, arg, R_386_PC32, s->code_ptr - 4, -4);
+                                         MemTxAttrs *attrs);
-     } else {
+ int mb_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
-         if (have_avx2) {
+ int mb_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
--            tcg_out_vex_modrm_pool(s, OPC_VPBROADCASTW + vex_l, ret);
++int mb_cpu_gdb_read_stack_protect(CPUArchState *cpu, GByteArray *buf, int reg);
-+            tcg_out_vex_modrm_pool(s, OPC_VPBROADCASTD + vex_l, ret);
++int mb_cpu_gdb_write_stack_protect(CPUArchState *cpu, uint8_t *buf, int reg);
-         } else {
-             tcg_out_vex_modrm_pool(s, OPC_VBROADCASTSS, ret);
+ static inline uint32_t mb_cpu_read_msr(const CPUMBState *env)
-         }
+ {
 diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/microblaze/cpu.c
 +++ b/target/microblaze/cpu.c
@@ -XXX,XX +XXX,XX @@
  #include "qemu/module.h"
  #include "hw/qdev-properties.h"
  #include "exec/exec-all.h"
 +#include "exec/gdbstub.h"
  #include "fpu/softfloat-helpers.h"
  static const struct {
@@ -XXX,XX +XXX,XX @@ static void mb_cpu_initfn(Object *obj)
      CPUMBState *env = &cpu->env;
      cpu_set_cpustate_pointers(cpu);
 +    gdb_register_coprocessor(CPU(cpu), mb_cpu_gdb_read_stack_protect,
 +                             mb_cpu_gdb_write_stack_protect, 2,
 +                             "microblaze-stack-protect.xml", 0);
      set_float_rounding_mode(float_round_nearest_even, &env->fp_status);
@@ -XXX,XX +XXX,XX @@ static void mb_cpu_class_init(ObjectClass *oc, void *data)
      cc->sysemu_ops = &mb_sysemu_ops;
  #endif
      device_class_set_props(dc, mb_properties);
 -    cc->gdb_num_core_regs = 32 + 27;
 +    cc->gdb_num_core_regs = 32 + 25;
 +    cc->gdb_core_xml_file = "microblaze-core.xml";
      cc->disas_set_info = mb_disas_set_info;
      cc->tcg_ops = &mb_tcg_ops;
 diff --git a/target/microblaze/gdbstub.c b/target/microblaze/gdbstub.c
 index XXXXXXX..XXXXXXX 100644
 --- a/target/microblaze/gdbstub.c
 +++ b/target/microblaze/gdbstub.c
@@ -XXX,XX +XXX,XX @@ enum {
      GDB_PVR0  = 32 + 6,
      GDB_PVR11 = 32 + 17,
      GDB_EDR   = 32 + 18,
 -    GDB_SLR   = 32 + 25,
 -    GDB_SHR   = 32 + 26,
 +};
 +
 +enum {
 +    GDB_SP_SHL,
 +    GDB_SP_SHR,
  };
  int mb_cpu_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
@@ -XXX,XX +XXX,XX @@ int mb_cpu_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
      case GDB_EDR:
          val = env->edr;
          break;
 -    case GDB_SLR:
 -        val = env->slr;
 -        break;
 -    case GDB_SHR:
 -        val = env->shr;
 -        break;
      default:
          /* Other SRegs aren't modeled, so report a value of 0 */
          val = 0;
@@ -XXX,XX +XXX,XX @@ int mb_cpu_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
      return gdb_get_reg32(mem_buf, val);
  }
 +int mb_cpu_gdb_read_stack_protect(CPUMBState *env, GByteArray *mem_buf, int n)
 +{
 +    uint32_t val;
 +
 +    switch (n) {
 +    case GDB_SP_SHL:
 +        val = env->slr;
 +        break;
 +    case GDB_SP_SHR:
 +        val = env->shr;
 +        break;
 +    default:
 +        return 0;
 +    }
 +    return gdb_get_reg32(mem_buf, val);
 +}
 +
  int mb_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
  {
      MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
@@ -XXX,XX +XXX,XX @@ int mb_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
      case GDB_EDR:
          env->edr = tmp;
          break;
 -    case GDB_SLR:
 -        env->slr = tmp;
 -        break;
 -    case GDB_SHR:
 -        env->shr = tmp;
 -        break;
 +    }
 +    return 4;
 +}
 +
 +int mb_cpu_gdb_write_stack_protect(CPUMBState *env, uint8_t *mem_buf, int n)
 +{
 +    switch (n) {
 +    case GDB_SP_SHL:
 +        env->slr = ldl_p(mem_buf);
 +        break;
 +    case GDB_SP_SHR:
 +        env->shr = ldl_p(mem_buf);
 +        break;
 +    default:
 +        return 0;
      }
      return 4;
  }
 diff --git a/configs/targets/microblaze-linux-user.mak b/configs/targets/microblaze-linux-user.mak
 index XXXXXXX..XXXXXXX 100644
 --- a/configs/targets/microblaze-linux-user.mak
 +++ b/configs/targets/microblaze-linux-user.mak
@@ -XXX,XX +XXX,XX @@ TARGET_SYSTBL_ABI=common
  TARGET_SYSTBL=syscall.tbl
  TARGET_BIG_ENDIAN=y
  TARGET_HAS_BFLT=y
 +TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
 diff --git a/configs/targets/microblaze-softmmu.mak b/configs/targets/microblaze-softmmu.mak
 index XXXXXXX..XXXXXXX 100644
 --- a/configs/targets/microblaze-softmmu.mak
 +++ b/configs/targets/microblaze-softmmu.mak
@@ -XXX,XX +XXX,XX @@ TARGET_ARCH=microblaze
  TARGET_BIG_ENDIAN=y
  TARGET_SUPPORTS_MTTCG=y
  TARGET_NEED_FDT=y
 +TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
 diff --git a/configs/targets/microblazeel-linux-user.mak b/configs/targets/microblazeel-linux-user.mak
 index XXXXXXX..XXXXXXX 100644
 --- a/configs/targets/microblazeel-linux-user.mak
 +++ b/configs/targets/microblazeel-linux-user.mak
@@ -XXX,XX +XXX,XX @@ TARGET_ARCH=microblaze
  TARGET_SYSTBL_ABI=common
  TARGET_SYSTBL=syscall.tbl
  TARGET_HAS_BFLT=y
 +TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
 diff --git a/configs/targets/microblazeel-softmmu.mak b/configs/targets/microblazeel-softmmu.mak
 index XXXXXXX..XXXXXXX 100644
 --- a/configs/targets/microblazeel-softmmu.mak
 +++ b/configs/targets/microblazeel-softmmu.mak
@@ -XXX,XX +XXX,XX @@
  TARGET_ARCH=microblaze
  TARGET_SUPPORTS_MTTCG=y
  TARGET_NEED_FDT=y
 +TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
 diff --git a/gdb-xml/microblaze-core.xml b/gdb-xml/microblaze-core.xml
 new file mode 100644
 index XXXXXXX..XXXXXXX
 --- /dev/null
 +++ b/gdb-xml/microblaze-core.xml
@@ -XXX,XX +XXX,XX @@
 +<?xml version="1.0"?>
 +<!-- Copyright (C) 2008 Free Software Foundation, Inc.
 +
 +     Copying and distribution of this file, with or without modification,
 +     are permitted in any medium without royalty provided the copyright
 +     notice and this notice are preserved.  -->
 +
 +<!DOCTYPE feature SYSTEM "gdb-target.dtd">
 +<feature name="org.gnu.gdb.microblaze.core">
 +  <reg name="r0" bitsize="32" regnum="0"/>
 +  <reg name="r1" bitsize="32" type="data_ptr"/>
 +  <reg name="r2" bitsize="32"/>
 +  <reg name="r3" bitsize="32"/>
 +  <reg name="r4" bitsize="32"/>
 +  <reg name="r5" bitsize="32"/>
 +  <reg name="r6" bitsize="32"/>
 +  <reg name="r7" bitsize="32"/>
 +  <reg name="r8" bitsize="32"/>
 +  <reg name="r9" bitsize="32"/>
 +  <reg name="r10" bitsize="32"/>
 +  <reg name="r11" bitsize="32"/>
 +  <reg name="r12" bitsize="32"/>
 +  <reg name="r13" bitsize="32"/>
 +  <reg name="r14" bitsize="32"/>
 +  <reg name="r15" bitsize="32"/>
 +  <reg name="r16" bitsize="32"/>
 +  <reg name="r17" bitsize="32"/>
 +  <reg name="r18" bitsize="32"/>
 +  <reg name="r19" bitsize="32"/>
 +  <reg name="r20" bitsize="32"/>
 +  <reg name="r21" bitsize="32"/>
 +  <reg name="r22" bitsize="32"/>
 +  <reg name="r23" bitsize="32"/>
 +  <reg name="r24" bitsize="32"/>
 +  <reg name="r25" bitsize="32"/>
 +  <reg name="r26" bitsize="32"/>
 +  <reg name="r27" bitsize="32"/>
 +  <reg name="r28" bitsize="32"/>
 +  <reg name="r29" bitsize="32"/>
 +  <reg name="r30" bitsize="32"/>
 +  <reg name="r31" bitsize="32"/>
 +  <reg name="rpc" bitsize="32" type="code_ptr"/>
 +  <reg name="rmsr" bitsize="32"/>
 +  <reg name="rear" bitsize="32"/>
 +  <reg name="resr" bitsize="32"/>
 +  <reg name="rfsr" bitsize="32"/>
 +  <reg name="rbtr" bitsize="32"/>
 +  <reg name="rpvr0" bitsize="32"/>
 +  <reg name="rpvr1" bitsize="32"/>
 +  <reg name="rpvr2" bitsize="32"/>
 +  <reg name="rpvr3" bitsize="32"/>
 +  <reg name="rpvr4" bitsize="32"/>
 +  <reg name="rpvr5" bitsize="32"/>
 +  <reg name="rpvr6" bitsize="32"/>
 +  <reg name="rpvr7" bitsize="32"/>
 +  <reg name="rpvr8" bitsize="32"/>
 +  <reg name="rpvr9" bitsize="32"/>
 +  <reg name="rpvr10" bitsize="32"/>
 +  <reg name="rpvr11" bitsize="32"/>
 +  <reg name="redr" bitsize="32"/>
 +  <reg name="rpid" bitsize="32"/>
 +  <reg name="rzpr" bitsize="32"/>
 +  <reg name="rtlbx" bitsize="32"/>
 +  <reg name="rtlbsx" bitsize="32"/>
 +  <reg name="rtlblo" bitsize="32"/>
 +  <reg name="rtlbhi" bitsize="32"/>
 +</feature>
 diff --git a/gdb-xml/microblaze-stack-protect.xml b/gdb-xml/microblaze-stack-protect.xml
 new file mode 100644
 index XXXXXXX..XXXXXXX
 --- /dev/null
 +++ b/gdb-xml/microblaze-stack-protect.xml
@@ -XXX,XX +XXX,XX @@
 +<?xml version="1.0"?>
 +<!-- Copyright (C) 2008 Free Software Foundation, Inc.
 +
 +     Copying and distribution of this file, with or without modification,
 +     are permitted in any medium without royalty provided the copyright
 +     notice and this notice are preserved.  -->
 +
 +<!DOCTYPE feature SYSTEM "gdb-target.dtd">
 +<feature name="org.gnu.gdb.microblaze.stack-protect">
 +  <reg name="rslr" bitsize="32"/>
 +  <reg name="rshr" bitsize="32"/>
 +</feature>
 --
-.25.1
+.34.1

-[PULL 06/11] tcg: Remove TCGOpDef.used
+[PULL v2 7/8] util/cacheflush: fix cache on windows-arm64
-The last user of this field disappeared in f69d277ece4.
+From: Pierrick Bouvier <pierrick.bouvier@linaro.org>
-Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
+ctr_el0 access is privileged on this platform and fails as an illegal
 instruction.
 Windows does not offer a way to flush data cache from userspace, and
 only FlushInstructionCache is available in Windows API.
 The generic implementation of flush_idcache_range uses,
 __builtin___clear_cache, which already use the FlushInstructionCache
 function. So we rely on that.
 Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
 Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
 Message-Id: <20230221153006.20300-2-pierrick.bouvier@linaro.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/tcg/tcg.h | 3 ---
+ util/cacheflush.c | 14 +++++++++++---
-file changed, 3 deletions(-)
+file changed, 11 insertions(+), 3 deletions(-)
-diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
+diff --git a/util/cacheflush.c b/util/cacheflush.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg.h
+--- a/util/cacheflush.c
-+++ b/include/tcg/tcg.h
++++ b/util/cacheflush.c
-@@ -XXX,XX +XXX,XX @@ typedef struct TCGOpDef {
+@@ -XXX,XX +XXX,XX @@ static void sys_cache_info(int *isize, int *dsize)
-     uint8_t nb_oargs, nb_iargs, nb_cargs, nb_args;
+ static bool have_coherent_icache;
-     uint8_t flags;
+ #endif
-     TCGArgConstraint *args_ct;
--#if defined(CONFIG_DEBUG_TCG)
+-#if defined(__aarch64__) && !defined(CONFIG_DARWIN)
--    int used;
+-/* Apple does not expose CTR_EL0, so we must use system interfaces. */
--#endif
++#if defined(__aarch64__) && !defined(CONFIG_DARWIN) && !defined(CONFIG_WIN32)
- } TCGOpDef;
++/*
++ * Apple does not expose CTR_EL0, so we must use system interfaces.
- extern TCGOpDef tcg_op_defs[];
++ * Windows neither, but we use a generic implementation of flush_idcache_range
 + * in this case.
 + */
  static uint64_t save_ctr_el0;
  static void arch_cache_info(int *isize, int *dsize)
  {
@@ -XXX,XX +XXX,XX @@ static void __attribute__((constructor)) init_cache_info(void)
  /* Caches are coherent and do not require flushing; symbol inline. */
 -#elif defined(__aarch64__)
 +#elif defined(__aarch64__) && !defined(CONFIG_WIN32)
 +/*
 + * For Windows, we use generic implementation of flush_idcache_range, that
 + * performs a call to FlushInstructionCache, through __builtin___clear_cache.
 + */
  #ifdef CONFIG_DARWIN
  /* Apple does not expose CTR_EL0, so we must use system interfaces. */
 --
-.25.1
+.34.1

-[PULL 05/11] tcg: Move some TCG_CT_* bits to TCGArgConstraint bitfields
+[PULL v2 8/8] sysemu/os-win32: fix setjmp/longjmp on windows-arm64
-These are easier to set and test when they have their own fields.
+From: Pierrick Bouvier <pierrick.bouvier@linaro.org>
 Reduce the size of alias_index and sort_index to 4 bits, which is
 sufficient for TCG_MAX_OP_ARGS.  This leaves only the bits indicating
 constants within the ct field.
-Move all initialization to allocation time, rather than init
+Windows implementation of setjmp/longjmp is done in
-individual fields in process_op_defs.
+C:/WINDOWS/system32/ucrtbase.dll. Alas, on arm64, it seems to *always*
 perform stack unwinding, which crashes from generated code.
+By using alternative implementation built in mingw, we avoid doing stack
+unwinding and this fixes crash when calling longjmp.
+Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
+Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
+Acked-by: Richard Henderson <richard.henderson@linaro.org>
+Message-Id: <20230221153006.20300-3-pierrick.bouvier@linaro.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/tcg/tcg.h | 14 +++++++-------
+ include/sysemu/os-win32.h | 28 ++++++++++++++++++++++++----
- tcg/tcg.c         | 28 ++++++++++++----------------
+ meson.build               | 21 +++++++++++++++++++++
-files changed, 19 insertions(+), 23 deletions(-)
+files changed, 45 insertions(+), 4 deletions(-)
-diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
+diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
 index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg.h
+--- a/include/sysemu/os-win32.h
-+++ b/include/tcg/tcg.h
++++ b/include/sysemu/os-win32.h
-@@ -XXX,XX +XXX,XX @@ int64_t tcg_cpu_exec_time(void);
+@@ -XXX,XX +XXX,XX @@ typedef struct sockaddr_un {
- void tcg_dump_info(void);
+ extern "C" {
- void tcg_dump_op_count(void);
+ #endif
--#define TCG_CT_ALIAS  0x80
+-#if defined(_WIN64)
--#define TCG_CT_IALIAS 0x40
+-/* On w64, setjmp is implemented by _setjmp which needs a second parameter.
--#define TCG_CT_NEWREG 0x20 /* output requires a new register */
++#if defined(__aarch64__)
--#define TCG_CT_CONST  0x02 /* any constant of register size */
++/*
-+#define TCG_CT_CONST  1 /* any constant of register size */
++ * On windows-arm64, setjmp is available in only one variant, and longjmp always
++ * does stack unwinding. This crash with generated code.
- typedef struct TCGArgConstraint {
++ * Thus, we use another implementation of setjmp (not windows one), coming from
--    uint16_t ct;
++ * mingw, which never performs stack unwinding.
--    uint8_t alias_index;
++ */
--    uint8_t sort_index;
++#undef setjmp
-+    unsigned ct : 16;
++#undef longjmp
-+    unsigned alias_index : 4;
++/*
-+    unsigned sort_index : 4;
++ * These functions are not declared in setjmp.h because __aarch64__ defines
-+    bool oalias : 1;
++ * setjmp to _setjmpex instead. However, they are still defined in libmingwex.a,
-+    bool ialias : 1;
++ * which gets linked automatically.
-+    bool newreg : 1;
++ */
-     TCGRegSet regs;
++extern int __mingw_setjmp(jmp_buf);
- } TCGArgConstraint;
++extern void __attribute__((noreturn)) __mingw_longjmp(jmp_buf, int);
++#define setjmp(env) __mingw_setjmp(env)
-diff --git a/tcg/tcg.c b/tcg/tcg.c
++#define longjmp(env, val) __mingw_longjmp(env, val)
 +#elif defined(_WIN64)
 +/*
 + * On windows-x64, setjmp is implemented by _setjmp which needs a second parameter.
   * If this parameter is NULL, longjump does no stack unwinding.
   * That is what we need for QEMU. Passing the value of register rsp (default)
 - * lets longjmp try a stack unwinding which will crash with generated code. */
 + * lets longjmp try a stack unwinding which will crash with generated code.
 + */
  # undef setjmp
  # define setjmp(env) _setjmp(env, NULL)
 -#endif
 +#endif /* __aarch64__ */
  /* QEMU uses sigsetjmp()/siglongjmp() as the portable way to specify
   * "longjmp and don't touch the signal masks". Since we know that the
   * savemask parameter will always be zero we can safely define these
 diff --git a/meson.build b/meson.build
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg.c
+--- a/meson.build
-+++ b/tcg/tcg.c
++++ b/meson.build
-@@ -XXX,XX +XXX,XX @@ void tcg_context_init(TCGContext *s)
+@@ -XXX,XX +XXX,XX @@ if targetos == 'windows'
-         total_args += n;
+     }''', name: '_lock_file and _unlock_file'))
-     }
+ endif
--    args_ct = g_malloc(sizeof(TCGArgConstraint) * total_args);
++if targetos == 'windows'
-+    args_ct = g_new0(TCGArgConstraint, total_args);
++  mingw_has_setjmp_longjmp = cc.links('''
++    #include <setjmp.h>
-     for(op = 0; op < NB_OPS; op++) {
++    int main(void) {
-         def = &tcg_op_defs[op];
++      /*
-@@ -XXX,XX +XXX,XX @@ static int get_constraint_priority(const TCGOpDef *def, int k)
++       * These functions are not available in setjmp header, but may be
-     const TCGArgConstraint *arg_ct = &def->args_ct[k];
++       * available at link time, from libmingwex.a.
-     int n;
++       */
++      extern int __mingw_setjmp(jmp_buf);
--    if (arg_ct->ct & TCG_CT_ALIAS) {
++      extern void __attribute__((noreturn)) __mingw_longjmp(jmp_buf, int);
-+    if (arg_ct->oalias) {
++      jmp_buf env;
-         /* an alias is equivalent to a single register */
++      __mingw_setjmp(env);
-         n = 1;
++      __mingw_longjmp(env, 0);
-     } else {
++    }
-@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
++  ''', name: 'mingw setjmp and longjmp')
-             /* Incomplete TCGTargetOpDef entry. */
++
-             tcg_debug_assert(ct_str != NULL);
++  if cpu == 'aarch64' and not mingw_has_setjmp_longjmp
++    error('mingw must provide setjmp/longjmp for windows-arm64')
--            def->args_ct[i].regs = 0;
++  endif
--            def->args_ct[i].ct = 0;
++endif
-             while (*ct_str != '\0') {
++
-                 switch(*ct_str) {
+ ########################
-                 case '0' ... '9':
+ # Target configuration #
-@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
+ ########################
                          tcg_debug_assert(ct_str == tdefs->args_ct_str[i]);
                          tcg_debug_assert(oarg < def->nb_oargs);
                          tcg_debug_assert(def->args_ct[oarg].regs != 0);
 -                        /* TCG_CT_ALIAS is for the output arguments.
 -                           The input is tagged with TCG_CT_IALIAS. */
                          def->args_ct[i] = def->args_ct[oarg];
 -                        def->args_ct[oarg].ct |= TCG_CT_ALIAS;
 +                        /* The output sets oalias.  */
 +                        def->args_ct[oarg].oalias = true;
                          def->args_ct[oarg].alias_index = i;
 -                        def->args_ct[i].ct |= TCG_CT_IALIAS;
 +                        /* The input sets ialias. */
 +                        def->args_ct[i].ialias = true;
                          def->args_ct[i].alias_index = oarg;
                      }
                      ct_str++;
                      break;
                  case '&':
 -                    def->args_ct[i].ct |= TCG_CT_NEWREG;
 +                    def->args_ct[i].newreg = true;
                      ct_str++;
                      break;
                  case 'i':
@@ -XXX,XX +XXX,XX @@ static void liveness_pass_1(TCGContext *s)
                      set = *pset;
                      set &= ct->regs;
 -                    if (ct->ct & TCG_CT_IALIAS) {
 +                    if (ct->ialias) {
                          set &= op->output_pref[ct->alias_index];
                      }
                      /* If the combination is not possible, restart.  */
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
          }
          i_preferred_regs = o_preferred_regs = 0;
 -        if (arg_ct->ct & TCG_CT_IALIAS) {
 +        if (arg_ct->ialias) {
              o_preferred_regs = op->output_pref[arg_ct->alias_index];
              if (ts->fixed_reg) {
                  /* if fixed register, we must allocate a new register
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
                      reg = ts->reg;
                      for (k2 = 0 ; k2 < k ; k2++) {
                          i2 = def->args_ct[nb_oargs + k2].sort_index;
 -                        if ((def->args_ct[i2].ct & TCG_CT_IALIAS) &&
 -                            reg == new_args[i2]) {
 +                        if (def->args_ct[i2].ialias && reg == new_args[i2]) {
                              goto allocate_in_reg;
                          }
                      }
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
              /* ENV should not be modified.  */
              tcg_debug_assert(!ts->fixed_reg);
 -            if ((arg_ct->ct & TCG_CT_ALIAS)
 -                && !const_args[arg_ct->alias_index]) {
 +            if (arg_ct->oalias && !const_args[arg_ct->alias_index]) {
                  reg = new_args[arg_ct->alias_index];
 -            } else if (arg_ct->ct & TCG_CT_NEWREG) {
 +            } else if (arg_ct->newreg) {
                  reg = tcg_reg_alloc(s, arg_ct->regs,
                                      i_allocated_regs | o_allocated_regs,
                                      op->output_pref[k], ts->indirect_base);
 --
-.25.1
+.34.1

The following changes since commit 6eeea6725a70e6fcb5abba0764496bdab07ddfb3:

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2020-10-06' into staging (2020-10-06 21:13:34 +0100)

are available in the Git repository at:

https://github.com/rth7680/qemu.git tags/pull-tcg-20201008

for you to fetch changes up to 62475e9d007d83db4d0a6ccebcda8914f392e9c9:

accel/tcg: Fix computing of is_write for MIPS (2020-10-08 05:57:32 -0500)

----------------------------------------------------------------
Extend maximum gvec vector size
Fix i386 avx2 dupi
Fix mips host user-only write detection
Misc cleanups.

----------------------------------------------------------------
Kele Huang (1):
      accel/tcg: Fix computing of is_write for MIPS

Richard Henderson (10):
      tcg: Adjust simd_desc size encoding
      tcg: Drop union from TCGArgConstraint
      tcg: Move sorted_args into TCGArgConstraint.sort_index
      tcg: Remove TCG_CT_REG
      tcg: Move some TCG_CT_* bits to TCGArgConstraint bitfields
      tcg: Remove TCGOpDef.used
      tcg/i386: Fix dupi for avx2 32-bit hosts
      tcg: Fix generation of dupi_vec for 32-bit host
      tcg/optimize: Fold dup2_vec
      tcg: Remove TCG_TARGET_HAS_cmp_vec

With larger vector sizes, it turns out oprsz == maxsz, and we only
need to represent mismatch for oprsz <= 32.  We do, however, need
to represent larger oprsz and do so without reducing SIMD_DATA_BITS.

Reduce the size of the oprsz field and increase the maxsz field.
Steal the oprsz value of 24 to indicate equality with maxsz.

Tested-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg-gvec-desc.h | 38 ++++++++++++++++++++++++-------------
 tcg/tcg-op-gvec.c           | 35 ++++++++++++++++++++++++++--------
 2 files changed, 52 insertions(+), 21 deletions(-)

diff --git a/include/tcg/tcg-gvec-desc.h b/include/tcg/tcg-gvec-desc.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg-gvec-desc.h
+++ b/include/tcg/tcg-gvec-desc.h
@@ -XXX,XX +XXX,XX @@
 #ifndef TCG_TCG_GVEC_DESC_H
 #define TCG_TCG_GVEC_DESC_H
 
-/* ??? These bit widths are set for ARM SVE, maxing out at 256 byte vectors. */
-#define SIMD_OPRSZ_SHIFT   0
-#define SIMD_OPRSZ_BITS    5
+/*
+ * This configuration allows MAXSZ to represent 2048 bytes, and
+ * OPRSZ to match MAXSZ, or represent the smaller values 8, 16, or 32.
+ *
+ * Encode this with:
+ *   0, 1, 3 -> 8, 16, 32
+ *   2       -> maxsz
+ *
+ * This steals the input that would otherwise map to 24 to match maxsz.
+ */
+#define SIMD_MAXSZ_SHIFT   0
+#define SIMD_MAXSZ_BITS    8
 
-#define SIMD_MAXSZ_SHIFT   (SIMD_OPRSZ_SHIFT + SIMD_OPRSZ_BITS)
-#define SIMD_MAXSZ_BITS    5
+#define SIMD_OPRSZ_SHIFT   (SIMD_MAXSZ_SHIFT + SIMD_MAXSZ_BITS)
+#define SIMD_OPRSZ_BITS    2
 
-#define SIMD_DATA_SHIFT    (SIMD_MAXSZ_SHIFT + SIMD_MAXSZ_BITS)
+#define SIMD_DATA_SHIFT    (SIMD_OPRSZ_SHIFT + SIMD_OPRSZ_BITS)
 #define SIMD_DATA_BITS     (32 - SIMD_DATA_SHIFT)
 
 /* Create a descriptor from components.  */
 uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data);
 
-/* Extract the operation size from a descriptor.  */
-static inline intptr_t simd_oprsz(uint32_t desc)
-{
-    return (extract32(desc, SIMD_OPRSZ_SHIFT, SIMD_OPRSZ_BITS) + 1) * 8;
-}
-
 /* Extract the max vector size from a descriptor.  */
 static inline intptr_t simd_maxsz(uint32_t desc)
 {
-    return (extract32(desc, SIMD_MAXSZ_SHIFT, SIMD_MAXSZ_BITS) + 1) * 8;
+    return extract32(desc, SIMD_MAXSZ_SHIFT, SIMD_MAXSZ_BITS) * 8 + 8;
+}
+
+/* Extract the operation size from a descriptor.  */
+static inline intptr_t simd_oprsz(uint32_t desc)
+{
+    uint32_t f = extract32(desc, SIMD_OPRSZ_SHIFT, SIMD_OPRSZ_BITS);
+    intptr_t o = f * 8 + 8;
+    intptr_t m = simd_maxsz(desc);
+    return f == 2 ? m : o;
 }
 
 /* Extract the operation-specific data from a descriptor.  */
diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg-op-gvec.c
+++ b/tcg/tcg-op-gvec.c
@@ -XXX,XX +XXX,XX @@ static const TCGOpcode vecop_list_empty[1] = { 0 };
    of the operand offsets so that we can check them all at once.  */
 static void check_size_align(uint32_t oprsz, uint32_t maxsz, uint32_t ofs)
 {
-    uint32_t opr_align = oprsz >= 16 ? 15 : 7;
-    uint32_t max_align = maxsz >= 16 || oprsz >= 16 ? 15 : 7;
-    tcg_debug_assert(oprsz > 0);
-    tcg_debug_assert(oprsz <= maxsz);
-    tcg_debug_assert((oprsz & opr_align) == 0);
+    uint32_t max_align;
+
+    switch (oprsz) {
+    case 8:
+    case 16:
+    case 32:
+        tcg_debug_assert(oprsz <= maxsz);
+        break;
+    default:
+        tcg_debug_assert(oprsz == maxsz);
+        break;
+    }
+    tcg_debug_assert(maxsz <= (8 << SIMD_MAXSZ_BITS));
+
+    max_align = maxsz >= 16 ? 15 : 7;
     tcg_debug_assert((maxsz & max_align) == 0);
     tcg_debug_assert((ofs & max_align) == 0);
 }
@@ -XXX,XX +XXX,XX @@ uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data)
 {
     uint32_t desc = 0;
 
-    assert(oprsz % 8 == 0 && oprsz <= (8 << SIMD_OPRSZ_BITS));
-    assert(maxsz % 8 == 0 && maxsz <= (8 << SIMD_MAXSZ_BITS));
-    assert(data == sextract32(data, 0, SIMD_DATA_BITS));
+    check_size_align(oprsz, maxsz, 0);
+    tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
 
     oprsz = (oprsz / 8) - 1;
     maxsz = (maxsz / 8) - 1;
+
+    /*
+     * We have just asserted in check_size_align that either
+     * oprsz is {8,16,32} or matches maxsz.  Encode the final
+     * case with '2', as that would otherwise map to 24.
+     */
+    if (oprsz == maxsz) {
+        oprsz = 2;
+    }
+
     desc = deposit32(desc, SIMD_OPRSZ_SHIFT, SIMD_OPRSZ_BITS, oprsz);
     desc = deposit32(desc, SIMD_MAXSZ_SHIFT, SIMD_MAXSZ_BITS, maxsz);
     desc = deposit32(desc, SIMD_DATA_SHIFT, SIMD_DATA_BITS, data);
-- 
2.25.1

The union is unused; let "regs" appear in the main structure
without the "u.regs" wrapping.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg.h            |  4 +---
 tcg/tcg.c                    | 22 +++++++++++-----------
 tcg/aarch64/tcg-target.c.inc | 14 +++++++-------
 tcg/arm/tcg-target.c.inc     | 26 +++++++++++++-------------
 tcg/i386/tcg-target.c.inc    | 26 +++++++++++++-------------
 tcg/mips/tcg-target.c.inc    | 18 +++++++++---------
 tcg/ppc/tcg-target.c.inc     | 24 ++++++++++++------------
 tcg/riscv/tcg-target.c.inc   | 14 +++++++-------
 tcg/s390/tcg-target.c.inc    | 18 +++++++++---------
 tcg/sparc/tcg-target.c.inc   | 16 ++++++++--------
 tcg/tci/tcg-target.c.inc     |  2 +-
 11 files changed, 91 insertions(+), 93 deletions(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -XXX,XX +XXX,XX @@ void tcg_dump_op_count(void);
 typedef struct TCGArgConstraint {
     uint16_t ct;
     uint8_t alias_index;
-    union {
-        TCGRegSet regs;
-    } u;
+    TCGRegSet regs;
 } TCGArgConstraint;
 
 #define TCG_MAX_OP_ARGS 16
diff --git a/tcg/tcg.c b/tcg/tcg.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ static int get_constraint_priority(const TCGOpDef *def, int k)
             return 0;
         n = 0;
         for(i = 0; i < TCG_TARGET_NB_REGS; i++) {
-            if (tcg_regset_test_reg(arg_ct->u.regs, i))
+            if (tcg_regset_test_reg(arg_ct->regs, i))
                 n++;
         }
     }
@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
             /* Incomplete TCGTargetOpDef entry. */
             tcg_debug_assert(ct_str != NULL);
 
-            def->args_ct[i].u.regs = 0;
+            def->args_ct[i].regs = 0;
             def->args_ct[i].ct = 0;
             while (*ct_str != '\0') {
                 switch(*ct_str) {
@@ -XXX,XX +XXX,XX @@ static void liveness_pass_1(TCGContext *s)
                     pset = la_temp_pref(ts);
                     set = *pset;
 
-                    set &= ct->u.regs;
+                    set &= ct->regs;
                     if (ct->ct & TCG_CT_IALIAS) {
                         set &= op->output_pref[ct->alias_index];
                     }
                     /* If the combination is not possible, restart.  */
                     if (set == 0) {
-                        set = ct->u.regs;
+                        set = ct->regs;
                     }
                     *pset = set;
                 }
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_dup(TCGContext *s, const TCGOp *op)
         return;
     }
 
-    dup_out_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[0].u.regs;
-    dup_in_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[1].u.regs;
+    dup_out_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[0].regs;
+    dup_in_regs = tcg_op_defs[INDEX_op_dup_vec].args_ct[1].regs;
 
     /* Allocate the output register now.  */
     if (ots->val_type != TEMP_VAL_REG) {
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
             }
         }
 
-        temp_load(s, ts, arg_ct->u.regs, i_allocated_regs, i_preferred_regs);
+        temp_load(s, ts, arg_ct->regs, i_allocated_regs, i_preferred_regs);
         reg = ts->reg;
 
-        if (tcg_regset_test_reg(arg_ct->u.regs, reg)) {
+        if (tcg_regset_test_reg(arg_ct->regs, reg)) {
             /* nothing to do : the constraint is satisfied */
         } else {
         allocate_in_reg:
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
                and move the temporary register into it */
             temp_load(s, ts, tcg_target_available_regs[ts->type],
                       i_allocated_regs, 0);
-            reg = tcg_reg_alloc(s, arg_ct->u.regs, i_allocated_regs,
+            reg = tcg_reg_alloc(s, arg_ct->regs, i_allocated_regs,
                                 o_preferred_regs, ts->indirect_base);
             if (!tcg_out_mov(s, ts->type, reg, ts->reg)) {
                 /*
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
                 && !const_args[arg_ct->alias_index]) {
                 reg = new_args[arg_ct->alias_index];
             } else if (arg_ct->ct & TCG_CT_NEWREG) {
-                reg = tcg_reg_alloc(s, arg_ct->u.regs,
+                reg = tcg_reg_alloc(s, arg_ct->regs,
                                     i_allocated_regs | o_allocated_regs,
                                     op->output_pref[k], ts->indirect_base);
             } else {
-                reg = tcg_reg_alloc(s, arg_ct->u.regs, o_allocated_regs,
+                reg = tcg_reg_alloc(s, arg_ct->regs, o_allocated_regs,
                                     op->output_pref[k], ts->indirect_base);
             }
             tcg_regset_set_reg(o_allocated_regs, reg);
diff --git a/tcg/aarch64/tcg-target.c.inc b/tcg/aarch64/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/aarch64/tcg-target.c.inc
+++ b/tcg/aarch64/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch (*ct_str++) {
     case 'r': /* general registers */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs |= 0xffffffffu;
+        ct->regs |= 0xffffffffu;
         break;
     case 'w': /* advsimd registers */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs |= 0xffffffff00000000ull;
+        ct->regs |= 0xffffffff00000000ull;
         break;
     case 'l': /* qemu_ld / qemu_st address, data_reg */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffffu;
+        ct->regs = 0xffffffffu;
 #ifdef CONFIG_SOFTMMU
         /* x0 and x1 will be overwritten when reading the tlb entry,
            and x2, and x3 for helper args, better to avoid using them. */
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X0);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X1);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X2);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_X3);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_X0);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_X1);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_X2);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_X3);
 #endif
         break;
     case 'A': /* Valid for arithmetic immediate (positive or negative).  */
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 
     case 'r':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffff;
+        ct->regs = 0xffff;
         break;
 
     /* qemu_ld address */
     case 'l':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffff;
+        ct->regs = 0xffff;
 #ifdef CONFIG_SOFTMMU
         /* r0-r2,lr will be overwritten when reading the tlb entry,
            so don't use these. */
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R0);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R1);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R2);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R14);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R0);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R1);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R14);
 #endif
         break;
 
     /* qemu_st address & data */
     case 's':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffff;
+        ct->regs = 0xffff;
         /* r0-r2 will be overwritten when reading the tlb entry (softmmu only)
            and r0-r1 doing the byte swapping, so don't use these. */
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R0);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R1);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R0);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R1);
 #if defined(CONFIG_SOFTMMU)
         /* Avoid clashes with registers being used for helper args */
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R2);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
 #if TARGET_LONG_BITS == 64
         /* Avoid clashes with registers being used for helper args */
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
 #endif
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R14);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R14);
 #endif
         break;
 
diff --git a/tcg/i386/tcg-target.c.inc b/tcg/i386/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/i386/tcg-target.c.inc
+++ b/tcg/i386/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch(*ct_str++) {
     case 'a':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_EAX);
+        tcg_regset_set_reg(ct->regs, TCG_REG_EAX);
         break;
     case 'b':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_EBX);
+        tcg_regset_set_reg(ct->regs, TCG_REG_EBX);
         break;
     case 'c':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_ECX);
+        tcg_regset_set_reg(ct->regs, TCG_REG_ECX);
         break;
     case 'd':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_EDX);
+        tcg_regset_set_reg(ct->regs, TCG_REG_EDX);
         break;
     case 'S':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_ESI);
+        tcg_regset_set_reg(ct->regs, TCG_REG_ESI);
         break;
     case 'D':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_EDI);
+        tcg_regset_set_reg(ct->regs, TCG_REG_EDI);
         break;
     case 'q':
         /* A register that can be used as a byte operand.  */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xf;
+        ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xf;
         break;
     case 'Q':
         /* A register with an addressable second byte (e.g. %ah).  */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xf;
+        ct->regs = 0xf;
         break;
     case 'r':
         /* A general register.  */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs |= ALL_GENERAL_REGS;
+        ct->regs |= ALL_GENERAL_REGS;
         break;
     case 'W':
         /* With TZCNT/LZCNT, we can have operand-size as an input.  */
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     case 'x':
         /* A vector register.  */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs |= ALL_VECTOR_REGS;
+        ct->regs |= ALL_VECTOR_REGS;
         break;
 
         /* qemu_ld/st address constraint */
     case 'L':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xff;
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_L0);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_L1);
+        ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xff;
+        tcg_regset_reset_reg(ct->regs, TCG_REG_L0);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_L1);
         break;
 
     case 'e':
diff --git a/tcg/mips/tcg-target.c.inc b/tcg/mips/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/mips/tcg-target.c.inc
+++ b/tcg/mips/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch(*ct_str++) {
     case 'r':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
+        ct->regs = 0xffffffff;
         break;
     case 'L': /* qemu_ld input arg constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_A0);
+        ct->regs = 0xffffffff;
+        tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
 #if defined(CONFIG_SOFTMMU)
         if (TCG_TARGET_REG_BITS < TARGET_LONG_BITS) {
-            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A2);
+            tcg_regset_reset_reg(ct->regs, TCG_REG_A2);
         }
 #endif
         break;
     case 'S': /* qemu_st constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_A0);
+        ct->regs = 0xffffffff;
+        tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
 #if defined(CONFIG_SOFTMMU)
         if (TCG_TARGET_REG_BITS < TARGET_LONG_BITS) {
-            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A2);
-            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A3);
+            tcg_regset_reset_reg(ct->regs, TCG_REG_A2);
+            tcg_regset_reset_reg(ct->regs, TCG_REG_A3);
         } else {
-            tcg_regset_reset_reg(ct->u.regs, TCG_REG_A1);
+            tcg_regset_reset_reg(ct->regs, TCG_REG_A1);
         }
 #endif
         break;
diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/ppc/tcg-target.c.inc
+++ b/tcg/ppc/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch (*ct_str++) {
     case 'A': case 'B': case 'C': case 'D':
         ct->ct |= TCG_CT_REG;
-        tcg_regset_set_reg(ct->u.regs, 3 + ct_str[0] - 'A');
+        tcg_regset_set_reg(ct->regs, 3 + ct_str[0] - 'A');
         break;
     case 'r':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
+        ct->regs = 0xffffffff;
         break;
     case 'v':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff00000000ull;
+        ct->regs = 0xffffffff00000000ull;
         break;
     case 'L':                   /* qemu_ld constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
+        ct->regs = 0xffffffff;
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
 #ifdef CONFIG_SOFTMMU
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R4);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R5);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R5);
 #endif
         break;
     case 'S':                   /* qemu_st constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
+        ct->regs = 0xffffffff;
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
 #ifdef CONFIG_SOFTMMU
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R4);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R5);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R6);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R5);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R6);
 #endif
         break;
     case 'I':
diff --git a/tcg/riscv/tcg-target.c.inc b/tcg/riscv/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/riscv/tcg-target.c.inc
+++ b/tcg/riscv/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch (*ct_str++) {
     case 'r':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
+        ct->regs = 0xffffffff;
         break;
     case 'L':
         /* qemu_ld/qemu_st constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
+        ct->regs = 0xffffffff;
         /* qemu_ld/qemu_st uses TCG_REG_TMP0 */
 #if defined(CONFIG_SOFTMMU)
-        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[0]);
-        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[1]);
-        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[2]);
-        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[3]);
-        tcg_regset_reset_reg(ct->u.regs, tcg_target_call_iarg_regs[4]);
+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[0]);
+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[1]);
+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[2]);
+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[3]);
+        tcg_regset_reset_reg(ct->regs, tcg_target_call_iarg_regs[4]);
 #endif
         break;
     case 'I':
diff --git a/tcg/s390/tcg-target.c.inc b/tcg/s390/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/s390/tcg-target.c.inc
+++ b/tcg/s390/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch (*ct_str++) {
     case 'r':                  /* all registers */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffff;
+        ct->regs = 0xffff;
         break;
     case 'L':                  /* qemu_ld/st constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffff;
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R2);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R3);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_R4);
+        ct->regs = 0xffff;
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
         break;
     case 'a':                  /* force R2 for division */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_R2);
+        ct->regs = 0;
+        tcg_regset_set_reg(ct->regs, TCG_REG_R2);
         break;
     case 'b':                  /* force R3 for division */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0;
-        tcg_regset_set_reg(ct->u.regs, TCG_REG_R3);
+        ct->regs = 0;
+        tcg_regset_set_reg(ct->regs, TCG_REG_R3);
         break;
     case 'A':
         ct->ct |= TCG_CT_CONST_S33;
diff --git a/tcg/sparc/tcg-target.c.inc b/tcg/sparc/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/sparc/tcg-target.c.inc
+++ b/tcg/sparc/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     switch (*ct_str++) {
     case 'r':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
+        ct->regs = 0xffffffff;
         break;
     case 'R':
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = ALL_64;
+        ct->regs = ALL_64;
         break;
     case 'A': /* qemu_ld/st address constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = TARGET_LONG_BITS == 64 ? ALL_64 : 0xffffffff;
+        ct->regs = TARGET_LONG_BITS == 64 ? ALL_64 : 0xffffffff;
     reserve_helpers:
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_O0);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_O1);
-        tcg_regset_reset_reg(ct->u.regs, TCG_REG_O2);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_O0);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_O1);
+        tcg_regset_reset_reg(ct->regs, TCG_REG_O2);
         break;
     case 's': /* qemu_st data 32-bit constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = 0xffffffff;
+        ct->regs = 0xffffffff;
         goto reserve_helpers;
     case 'S': /* qemu_st data 64-bit constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = ALL_64;
+        ct->regs = ALL_64;
         goto reserve_helpers;
     case 'I':
         ct->ct |= TCG_CT_CONST_S11;
diff --git a/tcg/tci/tcg-target.c.inc b/tcg/tci/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tci/tcg-target.c.inc
+++ b/tcg/tci/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     case 'L':                   /* qemu_ld constraint */
     case 'S':                   /* qemu_st constraint */
         ct->ct |= TCG_CT_REG;
-        ct->u.regs = BIT(TCG_TARGET_NB_REGS) - 1;
+        ct->regs = BIT(TCG_TARGET_NB_REGS) - 1;
         break;
     default:
         return NULL;
-- 
2.25.1

This uses an existing hole in the TCGArgConstraint structure
and will be convenient for keeping the data in one place.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg.h |  2 +-
 tcg/tcg.c         | 35 +++++++++++++++++------------------
 2 files changed, 18 insertions(+), 19 deletions(-)

This wasn't actually used for anything, really.  All variable
operands must accept registers, and which are indicated by the
set in TCGArgConstraint.regs.

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -XXX,XX +XXX,XX @@ void tcg_dump_op_count(void);
 #define TCG_CT_ALIAS  0x80
 #define TCG_CT_IALIAS 0x40
 #define TCG_CT_NEWREG 0x20 /* output requires a new register */
-#define TCG_CT_REG    0x01
 #define TCG_CT_CONST  0x02 /* any constant of register size */
 
 typedef struct TCGArgConstraint {
diff --git a/tcg/tcg.c b/tcg/tcg.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ static void tcg_dump_ops(TCGContext *s, bool have_prefs)
 /* we give more priority to constraints with less registers */
 static int get_constraint_priority(const TCGOpDef *def, int k)
 {
-    const TCGArgConstraint *arg_ct;
+    const TCGArgConstraint *arg_ct = &def->args_ct[k];
+    int n;
 
-    int i, n;
-    arg_ct = &def->args_ct[k];
     if (arg_ct->ct & TCG_CT_ALIAS) {
         /* an alias is equivalent to a single register */
         n = 1;
     } else {
-        if (!(arg_ct->ct & TCG_CT_REG))
-            return 0;
-        n = 0;
-        for(i = 0; i < TCG_TARGET_NB_REGS; i++) {
-            if (tcg_regset_test_reg(arg_ct->regs, i))
-                n++;
-        }
+        n = ctpop64(arg_ct->regs);
     }
     return TCG_TARGET_NB_REGS - n + 1;
 }
@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
                         int oarg = *ct_str - '0';
                         tcg_debug_assert(ct_str == tdefs->args_ct_str[i]);
                         tcg_debug_assert(oarg < def->nb_oargs);
-                        tcg_debug_assert(def->args_ct[oarg].ct & TCG_CT_REG);
+                        tcg_debug_assert(def->args_ct[oarg].regs != 0);
                         /* TCG_CT_ALIAS is for the output arguments.
                            The input is tagged with TCG_CT_IALIAS. */
                         def->args_ct[i] = def->args_ct[oarg];
diff --git a/tcg/aarch64/tcg-target.c.inc b/tcg/aarch64/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/aarch64/tcg-target.c.inc
+++ b/tcg/aarch64/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch (*ct_str++) {
     case 'r': /* general registers */
-        ct->ct |= TCG_CT_REG;
         ct->regs |= 0xffffffffu;
         break;
     case 'w': /* advsimd registers */
-        ct->ct |= TCG_CT_REG;
         ct->regs |= 0xffffffff00000000ull;
         break;
     case 'l': /* qemu_ld / qemu_st address, data_reg */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffffu;
 #ifdef CONFIG_SOFTMMU
         /* x0 and x1 will be overwritten when reading the tlb entry,
diff --git a/tcg/arm/tcg-target.c.inc b/tcg/arm/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/arm/tcg-target.c.inc
+++ b/tcg/arm/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
         break;
 
     case 'r':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffff;
         break;
 
     /* qemu_ld address */
     case 'l':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffff;
 #ifdef CONFIG_SOFTMMU
         /* r0-r2,lr will be overwritten when reading the tlb entry,
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 
     /* qemu_st address & data */
     case 's':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffff;
         /* r0-r2 will be overwritten when reading the tlb entry (softmmu only)
            and r0-r1 doing the byte swapping, so don't use these. */
diff --git a/tcg/i386/tcg-target.c.inc b/tcg/i386/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/i386/tcg-target.c.inc
+++ b/tcg/i386/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch(*ct_str++) {
     case 'a':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, TCG_REG_EAX);
         break;
     case 'b':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, TCG_REG_EBX);
         break;
     case 'c':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, TCG_REG_ECX);
         break;
     case 'd':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, TCG_REG_EDX);
         break;
     case 'S':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, TCG_REG_ESI);
         break;
     case 'D':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, TCG_REG_EDI);
         break;
     case 'q':
         /* A register that can be used as a byte operand.  */
-        ct->ct |= TCG_CT_REG;
         ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xf;
         break;
     case 'Q':
         /* A register with an addressable second byte (e.g. %ah).  */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xf;
         break;
     case 'r':
         /* A general register.  */
-        ct->ct |= TCG_CT_REG;
         ct->regs |= ALL_GENERAL_REGS;
         break;
     case 'W':
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
         break;
     case 'x':
         /* A vector register.  */
-        ct->ct |= TCG_CT_REG;
         ct->regs |= ALL_VECTOR_REGS;
         break;
 
         /* qemu_ld/st address constraint */
     case 'L':
-        ct->ct |= TCG_CT_REG;
         ct->regs = TCG_TARGET_REG_BITS == 64 ? 0xffff : 0xff;
         tcg_regset_reset_reg(ct->regs, TCG_REG_L0);
         tcg_regset_reset_reg(ct->regs, TCG_REG_L1);
diff --git a/tcg/mips/tcg-target.c.inc b/tcg/mips/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/mips/tcg-target.c.inc
+++ b/tcg/mips/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch(*ct_str++) {
     case 'r':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         break;
     case 'L': /* qemu_ld input arg constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
 #if defined(CONFIG_SOFTMMU)
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 #endif
         break;
     case 'S': /* qemu_st constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         tcg_regset_reset_reg(ct->regs, TCG_REG_A0);
 #if defined(CONFIG_SOFTMMU)
diff --git a/tcg/ppc/tcg-target.c.inc b/tcg/ppc/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/ppc/tcg-target.c.inc
+++ b/tcg/ppc/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch (*ct_str++) {
     case 'A': case 'B': case 'C': case 'D':
-        ct->ct |= TCG_CT_REG;
         tcg_regset_set_reg(ct->regs, 3 + ct_str[0] - 'A');
         break;
     case 'r':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         break;
     case 'v':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff00000000ull;
         break;
     case 'L':                   /* qemu_ld constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
 #ifdef CONFIG_SOFTMMU
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 #endif
         break;
     case 'S':                   /* qemu_st constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
 #ifdef CONFIG_SOFTMMU
diff --git a/tcg/riscv/tcg-target.c.inc b/tcg/riscv/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/riscv/tcg-target.c.inc
+++ b/tcg/riscv/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch (*ct_str++) {
     case 'r':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         break;
     case 'L':
         /* qemu_ld/qemu_st constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         /* qemu_ld/qemu_st uses TCG_REG_TMP0 */
 #if defined(CONFIG_SOFTMMU)
diff --git a/tcg/s390/tcg-target.c.inc b/tcg/s390/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/s390/tcg-target.c.inc
+++ b/tcg/s390/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch (*ct_str++) {
     case 'r':                  /* all registers */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffff;
         break;
     case 'L':                  /* qemu_ld/st constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffff;
         tcg_regset_reset_reg(ct->regs, TCG_REG_R2);
         tcg_regset_reset_reg(ct->regs, TCG_REG_R3);
         tcg_regset_reset_reg(ct->regs, TCG_REG_R4);
         break;
     case 'a':                  /* force R2 for division */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0;
         tcg_regset_set_reg(ct->regs, TCG_REG_R2);
         break;
     case 'b':                  /* force R3 for division */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0;
         tcg_regset_set_reg(ct->regs, TCG_REG_R3);
         break;
diff --git a/tcg/sparc/tcg-target.c.inc b/tcg/sparc/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/sparc/tcg-target.c.inc
+++ b/tcg/sparc/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
 {
     switch (*ct_str++) {
     case 'r':
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         break;
     case 'R':
-        ct->ct |= TCG_CT_REG;
         ct->regs = ALL_64;
         break;
     case 'A': /* qemu_ld/st address constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = TARGET_LONG_BITS == 64 ? ALL_64 : 0xffffffff;
     reserve_helpers:
         tcg_regset_reset_reg(ct->regs, TCG_REG_O0);
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
         tcg_regset_reset_reg(ct->regs, TCG_REG_O2);
         break;
     case 's': /* qemu_st data 32-bit constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = 0xffffffff;
         goto reserve_helpers;
     case 'S': /* qemu_st data 64-bit constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = ALL_64;
         goto reserve_helpers;
     case 'I':
diff --git a/tcg/tci/tcg-target.c.inc b/tcg/tci/tcg-target.c.inc
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tci/tcg-target.c.inc
+++ b/tcg/tci/tcg-target.c.inc
@@ -XXX,XX +XXX,XX @@ static const char *target_parse_constraint(TCGArgConstraint *ct,
     case 'r':
     case 'L':                   /* qemu_ld constraint */
     case 'S':                   /* qemu_st constraint */
-        ct->ct |= TCG_CT_REG;
         ct->regs = BIT(TCG_TARGET_NB_REGS) - 1;
         break;
     default:
-- 
2.25.1

These are easier to set and test when they have their own fields.
Reduce the size of alias_index and sort_index to 4 bits, which is
sufficient for TCG_MAX_OP_ARGS.  This leaves only the bits indicating
constants within the ct field.

Move all initialization to allocation time, rather than init
individual fields in process_op_defs.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg.h | 14 +++++++-------
 tcg/tcg.c         | 28 ++++++++++++----------------
 2 files changed, 19 insertions(+), 23 deletions(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -XXX,XX +XXX,XX @@ int64_t tcg_cpu_exec_time(void);
 void tcg_dump_info(void);
 void tcg_dump_op_count(void);
 
-#define TCG_CT_ALIAS  0x80
-#define TCG_CT_IALIAS 0x40
-#define TCG_CT_NEWREG 0x20 /* output requires a new register */
-#define TCG_CT_CONST  0x02 /* any constant of register size */
+#define TCG_CT_CONST  1 /* any constant of register size */
 
 typedef struct TCGArgConstraint {
-    uint16_t ct;
-    uint8_t alias_index;
-    uint8_t sort_index;
+    unsigned ct : 16;
+    unsigned alias_index : 4;
+    unsigned sort_index : 4;
+    bool oalias : 1;
+    bool ialias : 1;
+    bool newreg : 1;
     TCGRegSet regs;
 } TCGArgConstraint;
 
diff --git a/tcg/tcg.c b/tcg/tcg.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ void tcg_context_init(TCGContext *s)
         total_args += n;
     }
 
-    args_ct = g_malloc(sizeof(TCGArgConstraint) * total_args);
+    args_ct = g_new0(TCGArgConstraint, total_args);
 
     for(op = 0; op < NB_OPS; op++) {
         def = &tcg_op_defs[op];
@@ -XXX,XX +XXX,XX @@ static int get_constraint_priority(const TCGOpDef *def, int k)
     const TCGArgConstraint *arg_ct = &def->args_ct[k];
     int n;
 
-    if (arg_ct->ct & TCG_CT_ALIAS) {
+    if (arg_ct->oalias) {
         /* an alias is equivalent to a single register */
         n = 1;
     } else {
@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
             /* Incomplete TCGTargetOpDef entry. */
             tcg_debug_assert(ct_str != NULL);
 
-            def->args_ct[i].regs = 0;
-            def->args_ct[i].ct = 0;
             while (*ct_str != '\0') {
                 switch(*ct_str) {
                 case '0' ... '9':
@@ -XXX,XX +XXX,XX @@ static void process_op_defs(TCGContext *s)
                         tcg_debug_assert(ct_str == tdefs->args_ct_str[i]);
                         tcg_debug_assert(oarg < def->nb_oargs);
                         tcg_debug_assert(def->args_ct[oarg].regs != 0);
-                        /* TCG_CT_ALIAS is for the output arguments.
-                           The input is tagged with TCG_CT_IALIAS. */
                         def->args_ct[i] = def->args_ct[oarg];
-                        def->args_ct[oarg].ct |= TCG_CT_ALIAS;
+                        /* The output sets oalias.  */
+                        def->args_ct[oarg].oalias = true;
                         def->args_ct[oarg].alias_index = i;
-                        def->args_ct[i].ct |= TCG_CT_IALIAS;
+                        /* The input sets ialias. */
+                        def->args_ct[i].ialias = true;
                         def->args_ct[i].alias_index = oarg;
                     }
                     ct_str++;
                     break;
                 case '&':
-                    def->args_ct[i].ct |= TCG_CT_NEWREG;
+                    def->args_ct[i].newreg = true;
                     ct_str++;
                     break;
                 case 'i':
@@ -XXX,XX +XXX,XX @@ static void liveness_pass_1(TCGContext *s)
                     set = *pset;
 
                     set &= ct->regs;
-                    if (ct->ct & TCG_CT_IALIAS) {
+                    if (ct->ialias) {
                         set &= op->output_pref[ct->alias_index];
                     }
                     /* If the combination is not possible, restart.  */
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
         }
 
         i_preferred_regs = o_preferred_regs = 0;
-        if (arg_ct->ct & TCG_CT_IALIAS) {
+        if (arg_ct->ialias) {
             o_preferred_regs = op->output_pref[arg_ct->alias_index];
             if (ts->fixed_reg) {
                 /* if fixed register, we must allocate a new register
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
                     reg = ts->reg;
                     for (k2 = 0 ; k2 < k ; k2++) {
                         i2 = def->args_ct[nb_oargs + k2].sort_index;
-                        if ((def->args_ct[i2].ct & TCG_CT_IALIAS) &&
-                            reg == new_args[i2]) {
+                        if (def->args_ct[i2].ialias && reg == new_args[i2]) {
                             goto allocate_in_reg;
                         }
                     }
@@ -XXX,XX +XXX,XX @@ static void tcg_reg_alloc_op(TCGContext *s, const TCGOp *op)
             /* ENV should not be modified.  */
             tcg_debug_assert(!ts->fixed_reg);
 
-            if ((arg_ct->ct & TCG_CT_ALIAS)
-                && !const_args[arg_ct->alias_index]) {
+            if (arg_ct->oalias && !const_args[arg_ct->alias_index]) {
                 reg = new_args[arg_ct->alias_index];
-            } else if (arg_ct->ct & TCG_CT_NEWREG) {
+            } else if (arg_ct->newreg) {
                 reg = tcg_reg_alloc(s, arg_ct->regs,
                                     i_allocated_regs | o_allocated_regs,
                                     op->output_pref[k], ts->indirect_base);
-- 
2.25.1

The definition of INDEX_op_dupi_vec is that it operates on
units of tcg_target_ulong -- in this case 32 bits.  It does
not work to use this for a uint64_t value that happens to be
small enough to fit in tcg_target_ulong.

Fixes: d2fd745fe8b
Fixes: db432672dc5
Cc: qemu-stable@nongnu.org
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/tcg-op-vec.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/tcg/tcg-op-vec.c b/tcg/tcg-op-vec.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg-op-vec.c
+++ b/tcg/tcg-op-vec.c
@@ -XXX,XX +XXX,XX @@ TCGv_vec tcg_const_ones_vec_matching(TCGv_vec m)
 
 void tcg_gen_dup64i_vec(TCGv_vec r, uint64_t a)
 {
-    if (TCG_TARGET_REG_BITS == 32 && a == deposit64(a, 32, 32, a)) {
-        do_dupi_vec(r, MO_32, a);
-    } else if (TCG_TARGET_REG_BITS == 64 || a == (uint64_t)(int32_t)a) {
+    if (TCG_TARGET_REG_BITS == 64) {
         do_dupi_vec(r, MO_64, a);
+    } else if (a == dup_const(MO_32, a)) {
+        do_dupi_vec(r, MO_32, a);
     } else {
         TCGv_i64 c = tcg_const_i64(a);
         tcg_gen_dup_i64_vec(MO_64, r, c);
@@ -XXX,XX +XXX,XX @@ void tcg_gen_dup8i_vec(TCGv_vec r, uint32_t a)
 
 void tcg_gen_dupi_vec(unsigned vece, TCGv_vec r, uint64_t a)
 {
-    do_dupi_vec(r, MO_REG, dup_const(vece, a));
+    if (vece == MO_64) {
+        tcg_gen_dup64i_vec(r, a);
+    } else {
+        do_dupi_vec(r, MO_REG, dup_const(vece, a));
+    }
 }
 
 void tcg_gen_dup_i64_vec(unsigned vece, TCGv_vec r, TCGv_i64 a)
-- 
2.25.1

When the two arguments are identical, this can be reduced to
dup_vec or to mov_vec from a tcg_constant_vec.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/optimize.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/tcg/optimize.c b/tcg/optimize.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/optimize.c
+++ b/tcg/optimize.c
@@ -XXX,XX +XXX,XX @@ void tcg_optimize(TCGContext *s)
             }
             goto do_default;
 
+        case INDEX_op_dup2_vec:
+            assert(TCG_TARGET_REG_BITS == 32);
+            if (arg_is_const(op->args[1]) && arg_is_const(op->args[2])) {
+                tmp = arg_info(op->args[1])->val;
+                if (tmp == arg_info(op->args[2])->val) {
+                    tcg_opt_gen_movi(s, op, op->args[0], tmp);
+                    break;
+                }
+            } else if (args_are_copies(op->args[1], op->args[2])) {
+                op->opc = INDEX_op_dup_vec;
+                TCGOP_VECE(op) = MO_32;
+                nb_iargs = 1;
+            }
+            goto do_default;
+
         CASE_OP_32_64(not):
         CASE_OP_32_64(neg):
         CASE_OP_32_64(ext8s):
-- 
2.25.1

The cmp_vec opcode is mandatory; this symbol is unused.

Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/aarch64/tcg-target.h | 1 -
 tcg/i386/tcg-target.h    | 1 -
 tcg/ppc/tcg-target.h     | 1 -
 3 files changed, 3 deletions(-)

diff --git a/tcg/aarch64/tcg-target.h b/tcg/aarch64/tcg-target.h
index XXXXXXX..XXXXXXX 100644
--- a/tcg/aarch64/tcg-target.h
+++ b/tcg/aarch64/tcg-target.h
@@ -XXX,XX +XXX,XX @@ typedef enum {
 #define TCG_TARGET_HAS_shi_vec          1
 #define TCG_TARGET_HAS_shs_vec          0
 #define TCG_TARGET_HAS_shv_vec          1
-#define TCG_TARGET_HAS_cmp_vec          1
 #define TCG_TARGET_HAS_mul_vec          1
 #define TCG_TARGET_HAS_sat_vec          1
 #define TCG_TARGET_HAS_minmax_vec       1
diff --git a/tcg/i386/tcg-target.h b/tcg/i386/tcg-target.h
index XXXXXXX..XXXXXXX 100644
--- a/tcg/i386/tcg-target.h
+++ b/tcg/i386/tcg-target.h
@@ -XXX,XX +XXX,XX @@ extern bool have_avx2;
 #define TCG_TARGET_HAS_shi_vec          1
 #define TCG_TARGET_HAS_shs_vec          1
 #define TCG_TARGET_HAS_shv_vec          have_avx2
-#define TCG_TARGET_HAS_cmp_vec          1
 #define TCG_TARGET_HAS_mul_vec          1
 #define TCG_TARGET_HAS_sat_vec          1
 #define TCG_TARGET_HAS_minmax_vec       1
diff --git a/tcg/ppc/tcg-target.h b/tcg/ppc/tcg-target.h
index XXXXXXX..XXXXXXX 100644
--- a/tcg/ppc/tcg-target.h
+++ b/tcg/ppc/tcg-target.h
@@ -XXX,XX +XXX,XX @@ extern bool have_vsx;
 #define TCG_TARGET_HAS_shi_vec          0
 #define TCG_TARGET_HAS_shs_vec          0
 #define TCG_TARGET_HAS_shv_vec          1
-#define TCG_TARGET_HAS_cmp_vec          1
 #define TCG_TARGET_HAS_mul_vec          1
 #define TCG_TARGET_HAS_sat_vec          1
 #define TCG_TARGET_HAS_minmax_vec       1
-- 
2.25.1

From: Kele Huang <kele.hwang@gmail.com>

Detect all MIPS store instructions in cpu_signal_handler for all available
MIPS versions, and set is_write if encountering such store instructions.

This fixed the error while dealing with self-modified code for MIPS.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Kele Huang <kele.hwang@gmail.com>
Signed-off-by: Xu Zou <iwatchnima@gmail.com>
Message-Id: <20201002081420.10814-1-kele.hwang@gmail.com>
[rth: Use uintptr_t for pc to fix n32 build error.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 accel/tcg/user-exec.c | 43 +++++++++++++++++++++++++++++++++++++++----
 1 file changed, 39 insertions(+), 4 deletions(-)

diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -XXX,XX +XXX,XX @@ int cpu_signal_handler(int host_signum, void *pinfo,
 
 #elif defined(__mips__)
 
+#if defined(__misp16) || defined(__mips_micromips)
+#error "Unsupported encoding"
+#endif
+
 int cpu_signal_handler(int host_signum, void *pinfo,
                        void *puc)
 {
     siginfo_t *info = pinfo;
     ucontext_t *uc = puc;
-    greg_t pc = uc->uc_mcontext.pc;
-    int is_write;
+    uintptr_t pc = uc->uc_mcontext.pc;
+    uint32_t insn = *(uint32_t *)pc;
+    int is_write = 0;
+
+    /* Detect all store instructions at program counter. */
+    switch((insn >> 26) & 077) {
+    case 050: /* SB */
+    case 051: /* SH */
+    case 052: /* SWL */
+    case 053: /* SW */
+    case 054: /* SDL */
+    case 055: /* SDR */
+    case 056: /* SWR */
+    case 070: /* SC */
+    case 071: /* SWC1 */
+    case 074: /* SCD */
+    case 075: /* SDC1 */
+    case 077: /* SD */
+#if !defined(__mips_isa_rev) || __mips_isa_rev < 6
+    case 072: /* SWC2 */
+    case 076: /* SDC2 */
+#endif
+        is_write = 1;
+        break;
+    case 023: /* COP1X */
+        /* Required in all versions of MIPS64 since
+           MIPS64r1 and subsequent versions of MIPS32r2. */
+        switch (insn & 077) {
+        case 010: /* SWXC1 */
+        case 011: /* SDXC1 */
+        case 015: /* SUXC1 */
+            is_write = 1;
+        }
+        break;
+    }
 
-    /* XXX: compute is_write */
-    is_write = 0;
     return handle_cpu_signal(pc, info, is_write, &uc->uc_sigmask);
 }
 
-- 
2.25.1

The following changes since commit 79b677d658d3d35e1e776826ac4abb28cdce69b8:

Merge tag 'net-pull-request' of https://github.com/jasowang/qemu into staging (2023-02-21 11:28:31 +0000)

are available in the Git repository at:

https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20230221

for you to fetch changes up to dbd672c87f19949bb62bfb1fb3a97b9729fd7560:

sysemu/os-win32: fix setjmp/longjmp on windows-arm64 (2023-02-21 13:45:48 -1000)

----------------------------------------------------------------
tcg: Allow first half of insn in ram, and second half in mmio
linux-user/sparc: SIGILL for unknown trap vectors
linux-user/microblaze: SIGILL for privileged insns
linux-user: Fix deadlock while exiting due to signal
target/microblaze: Add gdbstub xml
util: Adjust cacheflush for windows-arm64
include/sysemu/os-win32: Adjust setjmp/longjmp for windows-arm64

----------------------------------------------------------------
Ilya Leoshkevich (3):
      linux-user: Always exit from exclusive state in fork_end()
      cpus: Make {start,end}_exclusive() recursive
      linux-user/microblaze: Handle privileged exception

Pierrick Bouvier (2):
      util/cacheflush: fix cache on windows-arm64
      sysemu/os-win32: fix setjmp/longjmp on windows-arm64

Richard Henderson (3):
      accel/tcg: Allow the second page of an instruction to be MMIO
      linux-user/sparc: Raise SIGILL for all unhandled software traps
      target/microblaze: Add gdbstub xml

include/hw/core/cpu.h                       |  4 +-
 include/sysemu/os-win32.h                   | 28 ++++++++++--
 target/microblaze/cpu.h                     |  2 +
 accel/tcg/translator.c                      | 12 +++++-
 cpus-common.c                               | 12 +++++-
 linux-user/main.c                           | 10 +++--
 linux-user/microblaze/cpu_loop.c            | 10 ++++-
 linux-user/sparc/cpu_loop.c                 |  8 ++++
 linux-user/syscall.c                        |  1 +
 target/microblaze/cpu.c                     |  7 ++-
 target/microblaze/gdbstub.c                 | 51 ++++++++++++++++------
 util/cacheflush.c                           | 14 ++++--
 configs/targets/microblaze-linux-user.mak   |  1 +
 configs/targets/microblaze-softmmu.mak      |  1 +
 configs/targets/microblazeel-linux-user.mak |  1 +
 configs/targets/microblazeel-softmmu.mak    |  1 +
 gdb-xml/microblaze-core.xml                 | 67 +++++++++++++++++++++++++++++
 gdb-xml/microblaze-stack-protect.xml        | 12 ++++++
 meson.build                                 | 21 +++++++++
 19 files changed, 229 insertions(+), 34 deletions(-)
 create mode 100644 gdb-xml/microblaze-core.xml
 create mode 100644 gdb-xml/microblaze-stack-protect.xml

If an instruction straddles a page boundary, and the first page
was ram, but the second page was MMIO, we would abort.  Handle
this as if both pages are MMIO, by setting the ram_addr_t for
the first page to -1.

Reported-by: Sid Manning <sidneym@quicinc.com>
Reported-by: Jørgen Hansen <Jorgen.Hansen@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 accel/tcg/translator.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/translator.c
+++ b/accel/tcg/translator.c
@@ -XXX,XX +XXX,XX @@ static void *translator_access(CPUArchState *env, DisasContextBase *db,
         if (host == NULL) {
             tb_page_addr_t phys_page =
                 get_page_addr_code_hostp(env, base, &db->host_addr[1]);
-            /* We cannot handle MMIO as second page. */
-            assert(phys_page != -1);
+
+            /*
+             * If the second page is MMIO, treat as if the first page
+             * was MMIO as well, so that we do not cache the TB.
+             */
+            if (unlikely(phys_page == -1)) {
+                tb_set_page_addr0(tb, -1);
+                return NULL;
+            }
+
             tb_set_page_addr1(tb, phys_page);
 #ifdef CONFIG_USER_ONLY
             page_protect(end);
-- 
2.34.1

The linux kernel's trap tables vector all unassigned trap
numbers to BAD_TRAP, which then raises SIGILL.

Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reported-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/sparc/cpu_loop.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/linux-user/sparc/cpu_loop.c b/linux-user/sparc/cpu_loop.c
index XXXXXXX..XXXXXXX 100644
--- a/linux-user/sparc/cpu_loop.c
+++ b/linux-user/sparc/cpu_loop.c
@@ -XXX,XX +XXX,XX @@ void cpu_loop (CPUSPARCState *env)
             cpu_exec_step_atomic(cs);
             break;
         default:
+            /*
+             * Most software trap numbers vector to BAD_TRAP.
+             * Handle anything not explicitly matched above.
+             */
+            if (trapnr >= TT_TRAP && trapnr <= TT_TRAP + 0x7f) {
+                force_sig_fault(TARGET_SIGILL, ILL_ILLTRP, env->pc);
+                break;
+            }
             fprintf(stderr, "Unhandled trap: 0x%x\n", trapnr);
             cpu_dump_state(cs, stderr, 0);
             exit(EXIT_FAILURE);
-- 
2.34.1

From: Ilya Leoshkevich <iii@linux.ibm.com>

fork()ed processes currently start with
current_cpu->in_exclusive_context set, which is, strictly speaking, not
correct, but does not cause problems (even assertion failures).

With one of the next patches, the code begins to rely on this value, so
fix it by always calling end_exclusive() in fork_end().

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20230214140829.45392-2-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/main.c    | 10 ++++++----
 linux-user/syscall.c |  1 +
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/linux-user/main.c b/linux-user/main.c
index XXXXXXX..XXXXXXX 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -XXX,XX +XXX,XX @@ void fork_end(int child)
         }
         qemu_init_cpu_list();
         gdbserver_fork(thread_cpu);
-        /* qemu_init_cpu_list() takes care of reinitializing the
-         * exclusive state, so we don't need to end_exclusive() here.
-         */
     } else {
         cpu_list_unlock();
-        end_exclusive();
     }
+    /*
+     * qemu_init_cpu_list() reinitialized the child exclusive state, but we
+     * also need to keep current_cpu consistent, so call end_exclusive() for
+     * both child and parent.
+     */
+    end_exclusive();
 }
 
 __thread CPUState *thread_cpu;
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index XXXXXXX..XXXXXXX 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -XXX,XX +XXX,XX @@ static int do_fork(CPUArchState *env, unsigned int flags, abi_ulong newsp,
             cpu_clone_regs_parent(env, flags);
             fork_end(0);
         }
+        g_assert(!cpu_in_exclusive_context(cpu));
     }
     return ret;
 }
-- 
2.34.1

From: Ilya Leoshkevich <iii@linux.ibm.com>

Currently dying to one of the core_dump_signal()s deadlocks, because
dump_core_and_abort() calls start_exclusive() two times: first via
stop_all_tasks(), and then via preexit_cleanup() ->
qemu_plugin_user_exit().

There are a number of ways to solve this: resume after dumping core;
check cpu_in_exclusive_context() in qemu_plugin_user_exit(); or make
{start,end}_exclusive() recursive. Pick the last option, since it's
the most straightforward one.

Fixes: da91c1920242 ("linux-user: Clean up when exiting due to a signal")
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20230214140829.45392-3-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/hw/core/cpu.h |  4 ++--
 cpus-common.c         | 12 ++++++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index XXXXXXX..XXXXXXX 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -XXX,XX +XXX,XX @@ struct CPUState {
     bool unplug;
     bool crash_occurred;
     bool exit_request;
-    bool in_exclusive_context;
+    int exclusive_context_count;
     uint32_t cflags_next_tb;
     /* updates protected by BQL */
     uint32_t interrupt_request;
@@ -XXX,XX +XXX,XX @@ void async_safe_run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data
  */
 static inline bool cpu_in_exclusive_context(const CPUState *cpu)
 {
-    return cpu->in_exclusive_context;
+    return cpu->exclusive_context_count;
 }
 
 /**
diff --git a/cpus-common.c b/cpus-common.c
index XXXXXXX..XXXXXXX 100644
--- a/cpus-common.c
+++ b/cpus-common.c
@@ -XXX,XX +XXX,XX @@ void start_exclusive(void)
     CPUState *other_cpu;
     int running_cpus;
 
+    if (current_cpu->exclusive_context_count) {
+        current_cpu->exclusive_context_count++;
+        return;
+    }
+
     qemu_mutex_lock(&qemu_cpu_list_lock);
     exclusive_idle();
 
@@ -XXX,XX +XXX,XX @@ void start_exclusive(void)
      */
     qemu_mutex_unlock(&qemu_cpu_list_lock);
 
-    current_cpu->in_exclusive_context = true;
+    current_cpu->exclusive_context_count = 1;
 }
 
 /* Finish an exclusive operation.  */
 void end_exclusive(void)
 {
-    current_cpu->in_exclusive_context = false;
+    current_cpu->exclusive_context_count--;
+    if (current_cpu->exclusive_context_count) {
+        return;
+    }
 
     qemu_mutex_lock(&qemu_cpu_list_lock);
     qatomic_set(&pending_cpus, 0);
-- 
2.34.1

From: Ilya Leoshkevich <iii@linux.ibm.com>

Follow what kernel's full_exception() is doing.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-Id: <20230214140829.45392-4-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/microblaze/cpu_loop.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/linux-user/microblaze/cpu_loop.c b/linux-user/microblaze/cpu_loop.c
index XXXXXXX..XXXXXXX 100644
--- a/linux-user/microblaze/cpu_loop.c
+++ b/linux-user/microblaze/cpu_loop.c
@@ -XXX,XX +XXX,XX @@
 
 void cpu_loop(CPUMBState *env)
 {
+    int trapnr, ret, si_code, sig;
     CPUState *cs = env_cpu(env);
-    int trapnr, ret, si_code;
 
     while (1) {
         cpu_exec_start(cs);
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUMBState *env)
             env->iflags &= ~(IMM_FLAG | D_FLAG);
             switch (env->esr & 31) {
             case ESR_EC_DIVZERO:
+                sig = TARGET_SIGFPE;
                 si_code = TARGET_FPE_INTDIV;
                 break;
             case ESR_EC_FPU:
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUMBState *env)
                  * if there's no recognized bit set.  Possibly this
                  * implies that si_code is 0, but follow the structure.
                  */
+                sig = TARGET_SIGFPE;
                 si_code = env->fsr;
                 if (si_code & FSR_IO) {
                     si_code = TARGET_FPE_FLTINV;
@@ -XXX,XX +XXX,XX @@ void cpu_loop(CPUMBState *env)
                     si_code = TARGET_FPE_FLTRES;
                 }
                 break;
+            case ESR_EC_PRIVINSN:
+                sig = SIGILL;
+                si_code = ILL_PRVOPC;
+                break;
             default:
                 fprintf(stderr, "Unhandled hw-exception: 0x%x\n",
                         env->esr & ESR_EC_MASK);
                 cpu_dump_state(cs, stderr, 0);
                 exit(EXIT_FAILURE);
             }
-            force_sig_fault(TARGET_SIGFPE, si_code, env->pc);
+            force_sig_fault(sig, si_code, env->pc);
             break;
 
         case EXCP_DEBUG:
-- 
2.34.1

Mirroring the upstream gdb xml files, the two stack boundary
registers are separated out.

Reviewed-by: Edgar E. Iglesias <edgar@zeroasic.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/microblaze/cpu.h                     |  2 +
 target/microblaze/cpu.c                     |  7 ++-
 target/microblaze/gdbstub.c                 | 51 +++++++++++-----
 configs/targets/microblaze-linux-user.mak   |  1 +
 configs/targets/microblaze-softmmu.mak      |  1 +
 configs/targets/microblazeel-linux-user.mak |  1 +
 configs/targets/microblazeel-softmmu.mak    |  1 +
 gdb-xml/microblaze-core.xml                 | 67 +++++++++++++++++++++
 gdb-xml/microblaze-stack-protect.xml        | 12 ++++
 9 files changed, 128 insertions(+), 15 deletions(-)
 create mode 100644 gdb-xml/microblaze-core.xml
 create mode 100644 gdb-xml/microblaze-stack-protect.xml

diff --git a/target/microblaze/cpu.h b/target/microblaze/cpu.h
index XXXXXXX..XXXXXXX 100644
--- a/target/microblaze/cpu.h
+++ b/target/microblaze/cpu.h
@@ -XXX,XX +XXX,XX @@ hwaddr mb_cpu_get_phys_page_attrs_debug(CPUState *cpu, vaddr addr,
                                         MemTxAttrs *attrs);
 int mb_cpu_gdb_read_register(CPUState *cpu, GByteArray *buf, int reg);
 int mb_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
+int mb_cpu_gdb_read_stack_protect(CPUArchState *cpu, GByteArray *buf, int reg);
+int mb_cpu_gdb_write_stack_protect(CPUArchState *cpu, uint8_t *buf, int reg);
 
 static inline uint32_t mb_cpu_read_msr(const CPUMBState *env)
 {
diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
index XXXXXXX..XXXXXXX 100644
--- a/target/microblaze/cpu.c
+++ b/target/microblaze/cpu.c
@@ -XXX,XX +XXX,XX @@
 #include "qemu/module.h"
 #include "hw/qdev-properties.h"
 #include "exec/exec-all.h"
+#include "exec/gdbstub.h"
 #include "fpu/softfloat-helpers.h"
 
 static const struct {
@@ -XXX,XX +XXX,XX @@ static void mb_cpu_initfn(Object *obj)
     CPUMBState *env = &cpu->env;
 
     cpu_set_cpustate_pointers(cpu);
+    gdb_register_coprocessor(CPU(cpu), mb_cpu_gdb_read_stack_protect,
+                             mb_cpu_gdb_write_stack_protect, 2,
+                             "microblaze-stack-protect.xml", 0);
 
     set_float_rounding_mode(float_round_nearest_even, &env->fp_status);
 
@@ -XXX,XX +XXX,XX @@ static void mb_cpu_class_init(ObjectClass *oc, void *data)
     cc->sysemu_ops = &mb_sysemu_ops;
 #endif
     device_class_set_props(dc, mb_properties);
-    cc->gdb_num_core_regs = 32 + 27;
+    cc->gdb_num_core_regs = 32 + 25;
+    cc->gdb_core_xml_file = "microblaze-core.xml";
 
     cc->disas_set_info = mb_disas_set_info;
     cc->tcg_ops = &mb_tcg_ops;
diff --git a/target/microblaze/gdbstub.c b/target/microblaze/gdbstub.c
index XXXXXXX..XXXXXXX 100644
--- a/target/microblaze/gdbstub.c
+++ b/target/microblaze/gdbstub.c
@@ -XXX,XX +XXX,XX @@ enum {
     GDB_PVR0  = 32 + 6,
     GDB_PVR11 = 32 + 17,
     GDB_EDR   = 32 + 18,
-    GDB_SLR   = 32 + 25,
-    GDB_SHR   = 32 + 26,
+};
+
+enum {
+    GDB_SP_SHL,
+    GDB_SP_SHR,
 };
 
 int mb_cpu_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
@@ -XXX,XX +XXX,XX @@ int mb_cpu_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
     case GDB_EDR:
         val = env->edr;
         break;
-    case GDB_SLR:
-        val = env->slr;
-        break;
-    case GDB_SHR:
-        val = env->shr;
-        break;
     default:
         /* Other SRegs aren't modeled, so report a value of 0 */
         val = 0;
@@ -XXX,XX +XXX,XX @@ int mb_cpu_gdb_read_register(CPUState *cs, GByteArray *mem_buf, int n)
     return gdb_get_reg32(mem_buf, val);
 }
 
+int mb_cpu_gdb_read_stack_protect(CPUMBState *env, GByteArray *mem_buf, int n)
+{
+    uint32_t val;
+
+    switch (n) {
+    case GDB_SP_SHL:
+        val = env->slr;
+        break;
+    case GDB_SP_SHR:
+        val = env->shr;
+        break;
+    default:
+        return 0;
+    }
+    return gdb_get_reg32(mem_buf, val);
+}
+
 int mb_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
 {
     MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
@@ -XXX,XX +XXX,XX @@ int mb_cpu_gdb_write_register(CPUState *cs, uint8_t *mem_buf, int n)
     case GDB_EDR:
         env->edr = tmp;
         break;
-    case GDB_SLR:
-        env->slr = tmp;
-        break;
-    case GDB_SHR:
-        env->shr = tmp;
-        break;
+    }
+    return 4;
+}
+
+int mb_cpu_gdb_write_stack_protect(CPUMBState *env, uint8_t *mem_buf, int n)
+{
+    switch (n) {
+    case GDB_SP_SHL:
+        env->slr = ldl_p(mem_buf);
+        break;
+    case GDB_SP_SHR:
+        env->shr = ldl_p(mem_buf);
+        break;
+    default:
+        return 0;
     }
     return 4;
 }
diff --git a/configs/targets/microblaze-linux-user.mak b/configs/targets/microblaze-linux-user.mak
index XXXXXXX..XXXXXXX 100644
--- a/configs/targets/microblaze-linux-user.mak
+++ b/configs/targets/microblaze-linux-user.mak
@@ -XXX,XX +XXX,XX @@ TARGET_SYSTBL_ABI=common
 TARGET_SYSTBL=syscall.tbl
 TARGET_BIG_ENDIAN=y
 TARGET_HAS_BFLT=y
+TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
diff --git a/configs/targets/microblaze-softmmu.mak b/configs/targets/microblaze-softmmu.mak
index XXXXXXX..XXXXXXX 100644
--- a/configs/targets/microblaze-softmmu.mak
+++ b/configs/targets/microblaze-softmmu.mak
@@ -XXX,XX +XXX,XX @@ TARGET_ARCH=microblaze
 TARGET_BIG_ENDIAN=y
 TARGET_SUPPORTS_MTTCG=y
 TARGET_NEED_FDT=y
+TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
diff --git a/configs/targets/microblazeel-linux-user.mak b/configs/targets/microblazeel-linux-user.mak
index XXXXXXX..XXXXXXX 100644
--- a/configs/targets/microblazeel-linux-user.mak
+++ b/configs/targets/microblazeel-linux-user.mak
@@ -XXX,XX +XXX,XX @@ TARGET_ARCH=microblaze
 TARGET_SYSTBL_ABI=common
 TARGET_SYSTBL=syscall.tbl
 TARGET_HAS_BFLT=y
+TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
diff --git a/configs/targets/microblazeel-softmmu.mak b/configs/targets/microblazeel-softmmu.mak
index XXXXXXX..XXXXXXX 100644
--- a/configs/targets/microblazeel-softmmu.mak
+++ b/configs/targets/microblazeel-softmmu.mak
@@ -XXX,XX +XXX,XX @@
 TARGET_ARCH=microblaze
 TARGET_SUPPORTS_MTTCG=y
 TARGET_NEED_FDT=y
+TARGET_XML_FILES=gdb-xml/microblaze-core.xml gdb-xml/microblaze-stack-protect.xml
diff --git a/gdb-xml/microblaze-core.xml b/gdb-xml/microblaze-core.xml
new file mode 100644
index XXXXXXX..XXXXXXX
--- /dev/null
+++ b/gdb-xml/microblaze-core.xml
@@ -XXX,XX +XXX,XX @@
+<?xml version="1.0"?>
+
+
+<!DOCTYPE feature SYSTEM "gdb-target.dtd">
+<feature name="org.gnu.gdb.microblaze.core">
+  <reg name="r0" bitsize="32" regnum="0"/>
+  <reg name="r1" bitsize="32" type="data_ptr"/>
+  <reg name="r2" bitsize="32"/>
+  <reg name="r3" bitsize="32"/>
+  <reg name="r4" bitsize="32"/>
+  <reg name="r5" bitsize="32"/>
+  <reg name="r6" bitsize="32"/>
+  <reg name="r7" bitsize="32"/>
+  <reg name="r8" bitsize="32"/>
+  <reg name="r9" bitsize="32"/>
+  <reg name="r10" bitsize="32"/>
+  <reg name="r11" bitsize="32"/>
+  <reg name="r12" bitsize="32"/>
+  <reg name="r13" bitsize="32"/>
+  <reg name="r14" bitsize="32"/>
+  <reg name="r15" bitsize="32"/>
+  <reg name="r16" bitsize="32"/>
+  <reg name="r17" bitsize="32"/>
+  <reg name="r18" bitsize="32"/>
+  <reg name="r19" bitsize="32"/>
+  <reg name="r20" bitsize="32"/>
+  <reg name="r21" bitsize="32"/>
+  <reg name="r22" bitsize="32"/>
+  <reg name="r23" bitsize="32"/>
+  <reg name="r24" bitsize="32"/>
+  <reg name="r25" bitsize="32"/>
+  <reg name="r26" bitsize="32"/>
+  <reg name="r27" bitsize="32"/>
+  <reg name="r28" bitsize="32"/>
+  <reg name="r29" bitsize="32"/>
+  <reg name="r30" bitsize="32"/>
+  <reg name="r31" bitsize="32"/>
+  <reg name="rpc" bitsize="32" type="code_ptr"/>
+  <reg name="rmsr" bitsize="32"/>
+  <reg name="rear" bitsize="32"/>
+  <reg name="resr" bitsize="32"/>
+  <reg name="rfsr" bitsize="32"/>
+  <reg name="rbtr" bitsize="32"/>
+  <reg name="rpvr0" bitsize="32"/>
+  <reg name="rpvr1" bitsize="32"/>
+  <reg name="rpvr2" bitsize="32"/>
+  <reg name="rpvr3" bitsize="32"/>
+  <reg name="rpvr4" bitsize="32"/>
+  <reg name="rpvr5" bitsize="32"/>
+  <reg name="rpvr6" bitsize="32"/>
+  <reg name="rpvr7" bitsize="32"/>
+  <reg name="rpvr8" bitsize="32"/>
+  <reg name="rpvr9" bitsize="32"/>
+  <reg name="rpvr10" bitsize="32"/>
+  <reg name="rpvr11" bitsize="32"/>
+  <reg name="redr" bitsize="32"/>
+  <reg name="rpid" bitsize="32"/>
+  <reg name="rzpr" bitsize="32"/>
+  <reg name="rtlbx" bitsize="32"/>
+  <reg name="rtlbsx" bitsize="32"/>
+  <reg name="rtlblo" bitsize="32"/>
+  <reg name="rtlbhi" bitsize="32"/>
+</feature>
diff --git a/gdb-xml/microblaze-stack-protect.xml b/gdb-xml/microblaze-stack-protect.xml
new file mode 100644
index XXXXXXX..XXXXXXX
--- /dev/null
+++ b/gdb-xml/microblaze-stack-protect.xml
@@ -XXX,XX +XXX,XX @@
+<?xml version="1.0"?>
+
+
+<!DOCTYPE feature SYSTEM "gdb-target.dtd">
+<feature name="org.gnu.gdb.microblaze.stack-protect">
+  <reg name="rslr" bitsize="32"/>
+  <reg name="rshr" bitsize="32"/>
+</feature>
-- 
2.34.1

From: Pierrick Bouvier <pierrick.bouvier@linaro.org>

ctr_el0 access is privileged on this platform and fails as an illegal
instruction.

Windows does not offer a way to flush data cache from userspace, and
only FlushInstructionCache is available in Windows API.

The generic implementation of flush_idcache_range uses,
__builtin___clear_cache, which already use the FlushInstructionCache
function. So we rely on that.

Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230221153006.20300-2-pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 util/cacheflush.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/util/cacheflush.c b/util/cacheflush.c
index XXXXXXX..XXXXXXX 100644
--- a/util/cacheflush.c
+++ b/util/cacheflush.c
@@ -XXX,XX +XXX,XX @@ static void sys_cache_info(int *isize, int *dsize)
 static bool have_coherent_icache;
 #endif
 
-#if defined(__aarch64__) && !defined(CONFIG_DARWIN)
-/* Apple does not expose CTR_EL0, so we must use system interfaces. */
+#if defined(__aarch64__) && !defined(CONFIG_DARWIN) && !defined(CONFIG_WIN32)
+/*
+ * Apple does not expose CTR_EL0, so we must use system interfaces.
+ * Windows neither, but we use a generic implementation of flush_idcache_range
+ * in this case.
+ */
 static uint64_t save_ctr_el0;
 static void arch_cache_info(int *isize, int *dsize)
 {
@@ -XXX,XX +XXX,XX @@ static void __attribute__((constructor)) init_cache_info(void)
 
 /* Caches are coherent and do not require flushing; symbol inline. */
 
-#elif defined(__aarch64__)
+#elif defined(__aarch64__) && !defined(CONFIG_WIN32)
+/*
+ * For Windows, we use generic implementation of flush_idcache_range, that
+ * performs a call to FlushInstructionCache, through __builtin___clear_cache.
+ */
 
 #ifdef CONFIG_DARWIN
 /* Apple does not expose CTR_EL0, so we must use system interfaces. */
-- 
2.34.1

From: Pierrick Bouvier <pierrick.bouvier@linaro.org>

Windows implementation of setjmp/longjmp is done in
C:/WINDOWS/system32/ucrtbase.dll. Alas, on arm64, it seems to *always*
perform stack unwinding, which crashes from generated code.

By using alternative implementation built in mingw, we avoid doing stack
unwinding and this fixes crash when calling longjmp.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Acked-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230221153006.20300-3-pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/sysemu/os-win32.h | 28 ++++++++++++++++++++++++----
 meson.build               | 21 +++++++++++++++++++++
 2 files changed, 45 insertions(+), 4 deletions(-)

diff --git a/include/sysemu/os-win32.h b/include/sysemu/os-win32.h
index XXXXXXX..XXXXXXX 100644
--- a/include/sysemu/os-win32.h
+++ b/include/sysemu/os-win32.h
@@ -XXX,XX +XXX,XX @@ typedef struct sockaddr_un {
 extern "C" {
 #endif
 
-#if defined(_WIN64)
-/* On w64, setjmp is implemented by _setjmp which needs a second parameter.
+#if defined(__aarch64__)
+/*
+ * On windows-arm64, setjmp is available in only one variant, and longjmp always
+ * does stack unwinding. This crash with generated code.
+ * Thus, we use another implementation of setjmp (not windows one), coming from
+ * mingw, which never performs stack unwinding.
+ */
+#undef setjmp
+#undef longjmp
+/*
+ * These functions are not declared in setjmp.h because __aarch64__ defines
+ * setjmp to _setjmpex instead. However, they are still defined in libmingwex.a,
+ * which gets linked automatically.
+ */
+extern int __mingw_setjmp(jmp_buf);
+extern void __attribute__((noreturn)) __mingw_longjmp(jmp_buf, int);
+#define setjmp(env) __mingw_setjmp(env)
+#define longjmp(env, val) __mingw_longjmp(env, val)
+#elif defined(_WIN64)
+/*
+ * On windows-x64, setjmp is implemented by _setjmp which needs a second parameter.
  * If this parameter is NULL, longjump does no stack unwinding.
  * That is what we need for QEMU. Passing the value of register rsp (default)
- * lets longjmp try a stack unwinding which will crash with generated code. */
+ * lets longjmp try a stack unwinding which will crash with generated code.
+ */
 # undef setjmp
 # define setjmp(env) _setjmp(env, NULL)
-#endif
+#endif /* __aarch64__ */
 /* QEMU uses sigsetjmp()/siglongjmp() as the portable way to specify
  * "longjmp and don't touch the signal masks". Since we know that the
  * savemask parameter will always be zero we can safely define these
diff --git a/meson.build b/meson.build
index XXXXXXX..XXXXXXX 100644
--- a/meson.build
+++ b/meson.build
@@ -XXX,XX +XXX,XX @@ if targetos == 'windows'
     }''', name: '_lock_file and _unlock_file'))
 endif
 
+if targetos == 'windows'
+  mingw_has_setjmp_longjmp = cc.links('''
+    #include <setjmp.h>
+    int main(void) {
+      /*
+       * These functions are not available in setjmp header, but may be
+       * available at link time, from libmingwex.a.
+       */
+      extern int __mingw_setjmp(jmp_buf);
+      extern void __attribute__((noreturn)) __mingw_longjmp(jmp_buf, int);
+      jmp_buf env;
+      __mingw_setjmp(env);
+      __mingw_longjmp(env, 0);
+    }
+  ''', name: 'mingw setjmp and longjmp')
+
+  if cpu == 'aarch64' and not mingw_has_setjmp_longjmp
+    error('mingw must provide setjmp/longjmp for windows-arm64')
+  endif
+endif
+
 ########################
 # Target configuration #
 ########################
-- 
2.34.1