At least RISC-V has the need to be able to perform a read
using execute permissions, outside of translation.
Add helpers to facilitate this.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Weiwei Li <liweiwei@iscas.ac.cn>
Tested-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Message-Id: <20230325105429.1142530-9-richard.henderson@linaro.org>
Message-Id: <20230412114333.118895-9-richard.henderson@linaro.org>
Use the attribute, which is supported by clang, instead of
the #pragma, which is not supported and, for some reason,
also not detected by the meson probe, so we fail by -Werror.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20230501210555.289806-1-richard.henderson@linaro.org>
Clang 14, with --enable-tcg-interpreter errors with
include/qemu/int128.h:487:16: error: alignment of field 'i' (128 bits)
does not match the alignment of the first field in transparent union;
transparent_union attribute ignored [-Werror,-Wignored-attributes]
__int128_t i;
^
include/qemu/int128.h:486:12: note: alignment of first field is 64 bits
Int128 s;
^
1 error generated.
By placing the __uint128_t member first, this is avoided.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20230501204625.277361-1-richard.henderson@linaro.org>
Add tcg expander and helper functions for rotate right
vector with scalar operand.
Signed-off-by: Nazar Kazakov <nazar.kazakov@codethink.co.uk>
Message-Id: <20230428144757.57530-10-lawrence.hunter@codethink.co.uk>
[rth: Split out of larger patch; mask rotation count.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Add tcg expander and helper functions for and-compliment
vector with scalar operand.
Signed-off-by: Nazar Kazakov <nazar.kazakov@codethink.co.uk>
Message-Id: <20230428144757.57530-10-lawrence.hunter@codethink.co.uk>
[rth: Split out of larger patch.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This is for use in the RISC-V vclz and vctz instructions (implemented in
proceeding commit).
Signed-off-by: Kiran Ostrolenk <kiran.ostrolenk@codethink.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230428144757.57530-11-lawrence.hunter@codethink.co.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Rotates have been fixed up to only allow for reasonable rotate amounts
(ie, no rotates >7 on an 8b value etc.) This fixes a problem with riscv
vector rotate instructions.
Signed-off-by: Dickon Hood <dickon.hood@codethink.co.uk>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230428144757.57530-9-lawrence.hunter@codethink.co.uk>
[rth: Mask shifts in both directions.]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
When PMP entry overlap part of the page, we'll set the tlb_size to 1, which
will make the address in tlb entry set with TLB_INVALID_MASK, and the next
access will again go through tlb_fill.However, this way will not work in
tb_gen_code() => get_page_addr_code_hostp(): the TLB host address will be
cached, and the following instructions can use this host address directly
which may lead to the bypass of PMP related check.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1542.
Signed-off-by: Weiwei Li <liweiwei@iscas.ac.cn>
Signed-off-by: Junqiang Wang <wangjunqiang@iscas.ac.cn>
Reviewed-by: LIU Zhiwei <zhiwei_liu@linux.alibaba.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230422130329.23555-6-liweiwei@iscas.ac.cn>
Drop inline marker: let compiler decide.
Change return type to uint64_t: this matches the computation in the
return statement and the local variable assignment in the caller.
Rename local to dirty_ring_size_MB to fix typo.
Simplify conversion to MiB via qemu_target_page_bits and right shift.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
* Support building Arm targets with CONFIG_TCG=no (ie KVM only)
* hw/net: npcm7xx_emc: set MAC in register space
* hw/arm/bcm2835_property: Implement "get command line" message
* Deprecate the '-singlestep' command line option in favour of
'-one-insn-per-tb' and '-accel one-insn-per-tb=on'
* Deprecate 'singlestep' member of QMP StatusInfo struct
* docs/about/deprecated.rst: Add "since 7.1" tag to dtb-kaslr-seed deprecation
* hw/net/msf2-emac: Don't modify descriptor in-place in emac_store_desc()
* raspi, aspeed: Write bootloader code correctly on big-endian hosts
* hw/intc/allwinner-a10-pic: Fix bug on big-endian hosts
* Fix bug in A32 ERET on big-endian hosts that caused guest crash
* hw/sd/allwinner-sdhost: Correctly byteswap descriptor fields
* hw/net/allwinner-sun8i-emac: Correctly byteswap descriptor fields
-----BEGIN PGP SIGNATURE-----
iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmRRIqoZHHBldGVyLm1h
eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3uHxEACkO5NYXhah9KnztwhEjAUH
CnM6N9IHa4iEF7doWuiS39ZP4bXxCHnX4A1GqGRhsoub5PeiXxucTXlvkwWpOfct
pX78wHW18pVNJ2jlaly0c9cEI71ojT4zbXC3kjD9f/qHx2qI3rs3Sgb6BYC8QNnx
P/EHeefrnjwgGhBvzAJ8ATO/jpMYXukuxzjbIP0/7lqB5UxcNxv5rMTTansMO46r
JN5NdOEM8M8DoJHrHR9K3+Y2Vr1XjOowDPSF8+4rRkJB2v/3415V9bInEsTAvhQu
Ftua72vjVhTRfvgLXPc9C9S5sx6KHi+NdHfl/D7eL8B4aGHtBaUXv7pJrXUZYyLy
XNztXUx5EuzxXVN2mg8PYyasnEGjNbTUckAD40iow+DSgemB+MVJRp8f7Rb2yRHh
YuajDs77NUb9rVzozM+TTJkHfgLDkWCqX2Jm2kAea/gwowzdFCVosAs0cI+cDiBb
xQUMpERGBE2QJk/+KKc5xmIHUnXZCFTC/ieY2mpr8G6upDspzP254EjNGUCgIZmW
gYI/UTSX+f7M/+fYRgtSCdJ4LYkqdxUuGfyKccc4S2F2cCuQDGURRp4jHuI1cLyt
lkrgD1Hj3d9d8ZiMwmXDtiEsJhxDmuVmikmviigfhjLZ0QBd7FdpNz7gQR3lfDwl
YEGeFrhW2MHutjWSwxQWwQ==
=ua3Q
-----END PGP SIGNATURE-----
Merge tag 'pull-target-arm-20230502-2' of https://git.linaro.org/people/pmaydell/qemu-arm into staging
target-arm queue:
* Support building Arm targets with CONFIG_TCG=no (ie KVM only)
* hw/net: npcm7xx_emc: set MAC in register space
* hw/arm/bcm2835_property: Implement "get command line" message
* Deprecate the '-singlestep' command line option in favour of
'-one-insn-per-tb' and '-accel one-insn-per-tb=on'
* Deprecate 'singlestep' member of QMP StatusInfo struct
* docs/about/deprecated.rst: Add "since 7.1" tag to dtb-kaslr-seed deprecation
* hw/net/msf2-emac: Don't modify descriptor in-place in emac_store_desc()
* raspi, aspeed: Write bootloader code correctly on big-endian hosts
* hw/intc/allwinner-a10-pic: Fix bug on big-endian hosts
* Fix bug in A32 ERET on big-endian hosts that caused guest crash
* hw/sd/allwinner-sdhost: Correctly byteswap descriptor fields
* hw/net/allwinner-sun8i-emac: Correctly byteswap descriptor fields
# -----BEGIN PGP SIGNATURE-----
#
# iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAmRRIqoZHHBldGVyLm1h
# eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3uHxEACkO5NYXhah9KnztwhEjAUH
# CnM6N9IHa4iEF7doWuiS39ZP4bXxCHnX4A1GqGRhsoub5PeiXxucTXlvkwWpOfct
# pX78wHW18pVNJ2jlaly0c9cEI71ojT4zbXC3kjD9f/qHx2qI3rs3Sgb6BYC8QNnx
# P/EHeefrnjwgGhBvzAJ8ATO/jpMYXukuxzjbIP0/7lqB5UxcNxv5rMTTansMO46r
# JN5NdOEM8M8DoJHrHR9K3+Y2Vr1XjOowDPSF8+4rRkJB2v/3415V9bInEsTAvhQu
# Ftua72vjVhTRfvgLXPc9C9S5sx6KHi+NdHfl/D7eL8B4aGHtBaUXv7pJrXUZYyLy
# XNztXUx5EuzxXVN2mg8PYyasnEGjNbTUckAD40iow+DSgemB+MVJRp8f7Rb2yRHh
# YuajDs77NUb9rVzozM+TTJkHfgLDkWCqX2Jm2kAea/gwowzdFCVosAs0cI+cDiBb
# xQUMpERGBE2QJk/+KKc5xmIHUnXZCFTC/ieY2mpr8G6upDspzP254EjNGUCgIZmW
# gYI/UTSX+f7M/+fYRgtSCdJ4LYkqdxUuGfyKccc4S2F2cCuQDGURRp4jHuI1cLyt
# lkrgD1Hj3d9d8ZiMwmXDtiEsJhxDmuVmikmviigfhjLZ0QBd7FdpNz7gQR3lfDwl
# YEGeFrhW2MHutjWSwxQWwQ==
# =ua3Q
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 02 May 2023 03:48:10 PM BST
# gpg: using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg: issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [full]
# gpg: aka "Peter Maydell <pmaydell@gmail.com>" [full]
# gpg: aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [full]
* tag 'pull-target-arm-20230502-2' of https://git.linaro.org/people/pmaydell/qemu-arm: (34 commits)
hw/net/allwinner-sun8i-emac: Correctly byteswap descriptor fields
hw/sd/allwinner-sdhost: Correctly byteswap descriptor fields
target/arm: Add compile time asserts to load/store_cpu_field macros
target/arm: Define and use new load_cpu_field_low32()
hw/intc/allwinner-a10-pic: Don't use set_bit()/clear_bit()
hw/arm/raspi: Use arm_write_bootloader() to write boot code
hw/arm/aspeed: Use arm_write_bootloader() to write the bootloader
hw/arm/boot: Make write_bootloader() public as arm_write_bootloader()
hw/net/msf2-emac: Don't modify descriptor in-place in emac_store_desc()
docs/about/deprecated.rst: Add "since 7.1" tag to dtb-kaslr-seed deprecation
qmp: Deprecate 'singlestep' member of StatusInfo
qapi/run-state.json: Fix missing newline at end of file
hmp: Add 'one-insn-per-tb' command equivalent to 'singlestep'
accel/tcg: Report one-insn-per-tb in 'info jit', not 'info status'
Document that -singlestep command line option is deprecated
bsd-user: Add '-one-insn-per-tb' option equivalent to '-singlestep'
linux-user: Add '-one-insn-per-tb' option equivalent to '-singlestep'
accel/tcg: Use one_insn_per_tb global instead of old singlestep global
softmmu: Don't use 'singlestep' global in QMP and HMP commands
make one-insn-per-tb an accel option
...
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
In allwinner-sun8i-emac we just read directly from guest memory into
a host FrameDescriptor struct and back. This only works on
little-endian hosts. Reading and writing of descriptors is already
abstracted into functions; make those functions also handle the
byte-swapping so that TransferDescriptor structs as seen by the rest
of the code are always in host-order, and fix two places that were
doing ad-hoc descriptor reading without using the functions.
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230424165053.1428857-3-peter.maydell@linaro.org
In allwinner_sdhost_process_desc() we just read directly from
guest memory into a host TransferDescriptor struct and back.
This only works on little-endian hosts. Abstract the reading
and writing of descriptors into functions that handle the
byte-swapping so that TransferDescriptor structs as seen by
the rest of the code are always in host-order.
This fixes a failure of one of the avocado tests on s390.
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230424165053.1428857-2-peter.maydell@linaro.org
Add some compile-time asserts to the load_cpu_field() and store_cpu_field()
macros that the struct field being accessed is the expected size. This
lets us catch cases where we incorrectly tried to do a 32-bit load
from a 64-bit struct field.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230424153909.1419369-3-peter.maydell@linaro.org
In several places in the 32-bit Arm translate.c, we try to use
load_cpu_field() to load from a CPUARMState field into a TCGv_i32
where the field is actually 64-bit. This works on little-endian
hosts, but gives the wrong half of the register on big-endian.
Add a new load_cpu_field_low32() which loads the low 32 bits
of a 64-bit field into a TCGv_i32. The new macro includes a
compile-time check against accidentally using it on a field
of the wrong size. Use it to fix the two places in the code
where we were using load_cpu_field() on a 64-bit field.
This fixes a bug where on big-endian hosts the guest would
crash after executing an ERET instruction, and a more corner
case one where some UNDEFs for attempted accesses to MSR
banked registers from Secure EL1 might go to the wrong EL.
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230424153909.1419369-2-peter.maydell@linaro.org
The Allwinner PIC model uses set_bit() and clear_bit() to update the
values in its irq_pending[] array when an interrupt arrives. However
it is using these functions wrongly: they work on an array of type
'long', and it is passing an array of type 'uint32_t'. Because the
code manually figures out the right array element, this works on
little-endian hosts and on 32-bit big-endian hosts, where bits 0..31
in a 'long' are in the same place as they are in a 'uint32_t'.
However it breaks on 64-bit big-endian hosts.
Remove the use of set_bit() and clear_bit() in favour of using
deposit32() on the array element. This fixes a bug where on
big-endian 64-bit hosts the guest kernel would hang early on in
bootup.
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230424152833.1334136-1-peter.maydell@linaro.org
When writing the secondary-CPU stub boot loader code to the guest,
use arm_write_bootloader() instead of directly calling
rom_add_blob_fixed(). This fixes a bug on big-endian hosts, because
arm_write_bootloader() will correctly byte-swap the host-byte-order
array values into the guest-byte-order to write into the guest
memory.
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230424152717.1333930-4-peter.maydell@linaro.org
When writing the secondary-CPU stub boot loader code to the guest,
use arm_write_bootloader() instead of directly calling
rom_add_blob_fixed(). This fixes a bug on big-endian hosts, because
arm_write_bootloader() will correctly byte-swap the host-byte-order
array values into the guest-byte-order to write into the guest
memory.
Cc: qemu-stable@nongnu.org
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20230424152717.1333930-3-peter.maydell@linaro.org
[PMM: Moved the "make arm_write_bootloader() function public" part
to its own patch; updated commit message to note that this fixes
an actual bug; adjust to the API changes noted in previous commit]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The arm boot.c code includes a utility function write_bootloader()
which assists in writing a boot-code fragment into guest memory,
including handling endianness and fixing it up with entry point
addresses and similar things. This is useful not just for the boot.c
code but also in board model code, so rename it to
arm_write_bootloader() and make it globally visible.
Since we are making it public, make its API a little neater: move the
AddressSpace* argument to be next to the hwaddr argument, and allow
the fixupcontext array to be const, since we never modify it in this
function.
Cc: qemu-stable@nongnu.org
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Tested-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20230424152717.1333930-2-peter.maydell@linaro.org
[PMM: Split out from another patch by Cédric, added doc comment]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The msf2-emac ethernet controller has functions emac_load_desc() and
emac_store_desc() which read and write the in-memory descriptor
blocks and handle conversion between guest and host endianness.
As currently written, emac_store_desc() does the endianness
conversion in-place; this means that it effectively consumes the
input EmacDesc struct, because on a big-endian host the fields will
be overwritten with the little-endian versions of their values.
Unfortunately, in all the callsites the code continues to access
fields in the EmacDesc struct after it has called emac_store_desc()
-- specifically, it looks at the d.next field.
The effect of this is that on a big-endian host networking doesn't
work because the address of the next descriptor is corrupted.
We could fix this by making the callsite avoid using the struct; but
it's more robust to have emac_store_desc() leave its input alone.
(emac_load_desc() also does an in-place conversion, but here this is
fine, because the function is supposed to be initializing the
struct.)
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-id: 20230424151919.1333299-1-peter.maydell@linaro.org
In commit 5242876f37 we deprecated the dtb-kaslr-seed property of
the virt board, but forgot the "since n.n" tag in the documentation
of this in deprecated.rst.
This deprecation note first appeared in the 7.1 release, so
retrospectively add the correct "since 7.1" annotation to it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20230420122256.1023709-1-peter.maydell@linaro.org
The 'singlestep' member of StatusInfo has never done what the QMP
documentation claims it does. What it actually reports is whether
TCG is working in "one guest instruction per translation block" mode.
We no longer need this field for the HMP 'info status' command, as
we've moved that information to 'info jit'. It seems unlikely that
anybody is monitoring the state of this obscure TCG setting via QMP,
especially since QMP provides no means for changing the setting. So
simply deprecate the field, without providing any replacement.
Until we do eventually delete the member, correct the misstatements
in the QAPI documentation about it.
If we do find that there are users for this, then the most likely way
we would provide replacement access to the information would be to
put the accelerator QOM object at a well-known path such as
/machine/accel, which could then be used with the existing qom-set
and qom-get commands.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 20230417164041.684562-11-peter.maydell@linaro.org
The run-state.json file is missing a trailing newline; add it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-10-peter.maydell@linaro.org
The 'singlestep' HMP command is confusing, because it doesn't
actually have anything to do with single-stepping the CPU. What it
does do is force TCG emulation to put one guest instruction in each
TB, which can be useful in some situations.
Create a new HMP command 'one-insn-per-tb', so we can document that
'singlestep' is just a deprecated synonym for it, and eventually
perhaps drop it.
We aren't obliged to do deprecate-and-drop for HMP commands,
but it's easy enough to do so, so we do.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-9-peter.maydell@linaro.org
Currently we report whether the TCG accelerator is in
'one-insn-per-tb' mode in the 'info status' output. This is a pretty
minor piece of TCG specific information, and we want to deprecate the
'singlestep' field of the associated QMP command. Move the
'one-insn-per-tb' reporting to 'info jit'.
We don't need a deprecate-and-drop period for this because the
HMP interface has no stability guarantees.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-8-peter.maydell@linaro.org
Document that the -singlestep command line option is now
deprecated, as it is replaced by either the TCG accelerator
property 'one-insn-per-tb' for system emulation or the new
'-one-insn-per-tb' option for usermode emulation, and remove
the only use of the deprecated syntax from a README.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-7-peter.maydell@linaro.org
The '-singlestep' option is confusing, because it doesn't actually
have anything to do with single-stepping the CPU. What it does do
is force TCG emulation to put one guest instruction in each TB,
which can be useful in some situations.
Create a new command line argument -one-insn-per-tb, so we can
document that -singlestep is just a deprecated synonym for it,
and eventually perhaps drop it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-6-peter.maydell@linaro.org
The '-singlestep' option is confusing, because it doesn't actually
have anything to do with single-stepping the CPU. What it does do
is force TCG emulation to put one guest instruction in each TB,
which can be useful in some situations.
Create a new command line argument -one-insn-per-tb, so we can
document that -singlestep is just a deprecated synonym for it,
and eventually perhaps drop it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-5-peter.maydell@linaro.org
The only place left that looks at the old 'singlestep' global
variable is the TCG curr_cflags() function. Replace the old global
with a new 'one_insn_per_tb' which is defined in tcg-all.c and
declared in accel/tcg/internal.h. This keeps it restricted to the
TCG code, unlike 'singlestep' which was available to every file in
the system and defined in multiple different places for softmmu vs
linux-user vs bsd-user.
While we're making this change, use qatomic_read() and qatomic_set()
on the accesses to the new global, because TCG will read it without
holding a lock.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-4-peter.maydell@linaro.org
The HMP 'singlestep' command, the QMP 'query-status' command and the
HMP 'info status' command (which is just wrapping the QMP command
implementation) look at the 'singlestep' global variable. Make them
access the new TCG accelerator 'one-insn-per-tb' property instead.
This leaves the HMP and QMP command/field names and output strings
unchanged; we will clean that up later.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230417164041.684562-3-peter.maydell@linaro.org
This commit adds 'one-insn-per-tb' as a property on the TCG
accelerator object, so you can enable it with
-accel tcg,one-insn-per-tb=on
It has the same behaviour as the existing '-singlestep' command line
option. We use a different name because 'singlestep' has always been
a confusing choice, because it doesn't have anything to do with
single-stepping the CPU. What it does do is force TCG emulation to
put one guest instruction in each TB, which can be useful in some
situations (such as analysing debug logs).
The existing '-singlestep' commandline options are decoupled from the
global 'singlestep' variable and instead now are syntactic sugar for
setting the accel property. (These can then go away after a
deprecation period.)
The global variable remains for the moment as:
* what the TCG code looks at to change its behaviour
* what HMP and QMP use to query and set the behaviour
In the following commits we'll clean those up to not directly
look at the global variable.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230417164041.684562-2-peter.maydell@linaro.org
This query copies the kernel command line into the message buffer. It
was previously stubbed out to return empty, this commit makes it reflect
the arguments specified with `-append`.
I observed the following peculiarities on my Pi 3B+:
- If the buffer is shorter than the string, the response header gives
the full length, but no data is actually copied.
- No NUL terminator is added: even if the buffer is long enough to fit
one, the buffer's original contents are preserved past the string's
end.
- The VC firmware adds the following extra parameters beside the
user-supplied ones (via /boot/cmdline.txt): `video`, `vc_mem.mem_base`
and `vc_mem.mem_size`. This is currently not implemented in qemu.
Signed-off-by: Daniel Bertalan <dani@danielbertalan.dev>
Message-id: 20230425103250.56653-1-dani@danielbertalan.dev
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: added comment about NUL and short-buffer behaviour]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The MAC address set from Qemu wasn't being saved into the register space.
Reviewed-by: Hao Wu <wuhaotsh@google.com>
Signed-off-by: Patrick Venture <venture@google.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: moved variable declaration to top of function]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
* Run the tpm-tis-i2c-test only if TCG is enabled
* Fix a use-after-free problem in the new reentracy checking code
-----BEGIN PGP SIGNATURE-----
iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmRQ4vERHHRodXRoQHJl
ZGhhdC5jb20ACgkQLtnXdP5wLbXo8g//dVRM+LCeCqNfjqtQLwGUUAt3ve1vruLD
v9BT4ooTNIGFScQlc9NRnweCPPBvmdSyXfxdfa3ITW62BEKEcCaf9tXiNeXE9jUE
VAQMA3u5/w0HSsWK9uqCZ/5azI4mwo5c2ykocX7XsdyP0LoFvlgydYBZ9S5PxRit
JsX78x740qTGjOSxD2O5wYocDwRUVsCcY7nAIC1Cj52gxi9Vedxqzb8MW30AU+oh
W9h49nVJAOvcx1UBNtYC0t6LCdJvMkhLPmewp4g4o0iiQqnGBjjD0pT2SUYhl1A5
pZYjsq7IBFGPDEyQOD3R4VeaMPpo22NLifLbU8Kt+BepyHJHJgCkjX/WUnCEzwu9
jmxaIUubT5/UanDzOX5qa/JDgNnUxkLfoVgZ8GOeNKoJ+Ik52xATnMm5Dqod369E
MydBN8gqnT+I7Qb7KxSS5Q18YugUS3uUd17LqpZ846yxyqMjoM2Zee2J2K7x4clO
cJ5h1AP7D6ZzyPzBMD0U9fanA+2M/qFiV3NJ9IDqiQYglafnU+gZOohE+p1Id4Dq
IeSITK+OaaYPdlADfKcVJNLy3qBvyL/ZsJ/2X1zRO5vhPVal4tMfo4Fv8Su0vx34
mXiUJO8SWk/GiPtJy7fNhxfiBBhwDTiyVX97In/+jbFC3ZKwPnwo/nq1DeBg4YI7
Rj2rHq4HS7o=
=zdof
-----END PGP SIGNATURE-----
Merge tag 'pull-request-2023-05-02' of https://gitlab.com/thuth/qemu into staging
* Fix the failing FreeBSD job in our CI
* Run the tpm-tis-i2c-test only if TCG is enabled
* Fix a use-after-free problem in the new reentracy checking code
# -----BEGIN PGP SIGNATURE-----
#
# iQJFBAABCAAvFiEEJ7iIR+7gJQEY8+q5LtnXdP5wLbUFAmRQ4vERHHRodXRoQHJl
# ZGhhdC5jb20ACgkQLtnXdP5wLbXo8g//dVRM+LCeCqNfjqtQLwGUUAt3ve1vruLD
# v9BT4ooTNIGFScQlc9NRnweCPPBvmdSyXfxdfa3ITW62BEKEcCaf9tXiNeXE9jUE
# VAQMA3u5/w0HSsWK9uqCZ/5azI4mwo5c2ykocX7XsdyP0LoFvlgydYBZ9S5PxRit
# JsX78x740qTGjOSxD2O5wYocDwRUVsCcY7nAIC1Cj52gxi9Vedxqzb8MW30AU+oh
# W9h49nVJAOvcx1UBNtYC0t6LCdJvMkhLPmewp4g4o0iiQqnGBjjD0pT2SUYhl1A5
# pZYjsq7IBFGPDEyQOD3R4VeaMPpo22NLifLbU8Kt+BepyHJHJgCkjX/WUnCEzwu9
# jmxaIUubT5/UanDzOX5qa/JDgNnUxkLfoVgZ8GOeNKoJ+Ik52xATnMm5Dqod369E
# MydBN8gqnT+I7Qb7KxSS5Q18YugUS3uUd17LqpZ846yxyqMjoM2Zee2J2K7x4clO
# cJ5h1AP7D6ZzyPzBMD0U9fanA+2M/qFiV3NJ9IDqiQYglafnU+gZOohE+p1Id4Dq
# IeSITK+OaaYPdlADfKcVJNLy3qBvyL/ZsJ/2X1zRO5vhPVal4tMfo4Fv8Su0vx34
# mXiUJO8SWk/GiPtJy7fNhxfiBBhwDTiyVX97In/+jbFC3ZKwPnwo/nq1DeBg4YI7
# Rj2rHq4HS7o=
# =zdof
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 02 May 2023 11:16:17 AM BST
# gpg: using RSA key 27B88847EEE0250118F3EAB92ED9D774FE702DB5
# gpg: issuer "thuth@redhat.com"
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [undefined]
# gpg: aka "Thomas Huth <thuth@redhat.com>" [undefined]
# gpg: aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# gpg: aka "Thomas Huth <huth@tuxfamily.org>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3 EAB9 2ED9 D774 FE70 2DB5
* tag 'pull-request-2023-05-02' of https://gitlab.com/thuth/qemu:
async: avoid use-after-free on re-entrancy guard
tests/qtest: Restrict tpm-tis-i2c-test to CONFIG_TCG
tests/qtest: Disable the spice test of readconfig-test on FreeBSD
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
The test set -accel tcg, so restrict it to when TCG is present.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230426180013.14814-13-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move all the CONFIG_FOO=y from default.mak into "default y if TCG"
statements in Kconfig. That way they won't be selected when
CONFIG_TCG=n.
I'm leaving CONFIG_ARM_VIRT in default.mak because it allows us to
keep the two default.mak files not empty and keep aarch64-default.mak
including arm-default.mak. That way we don't surprise anyone that's
used to altering these files.
With this change we can start building with --disable-tcg.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230426180013.14814-12-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We are about to enable the build without TCG, so CONFIG_SEMIHOSTING
and CONFIG_ARM_COMPATIBLE_SEMIHOSTING cannot be unconditionally set in
default.mak anymore. So reflect the change in a Kconfig.
Instead of using semihosting/Kconfig, use a target-specific file, so
that the change doesn't affect other architectures which might
implement semihosting in a way compatible with KVM.
The selection from ARM_v7M needs to be removed to avoid a cycle during
parsing.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230426180013.14814-11-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The migration tests are currently broken for an aarch64 host because
the tests pass no 'machine' and 'cpu' options on the QEMU command
line.
Add a separate class to each architecture so that we can specify
'machine' and 'cpu' options instead of relying on defaults.
Add a skip decorator to keep the current behavior of only running
migration tests when the qemu target matches the host architecture.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Message-id: 20230426180013.14814-10-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
It is possible to have a build with both TCG and KVM disabled due to
Xen requiring the i386 and x86_64 binaries to be present in an aarch64
host.
If we build with --disable-tcg on the aarch64 host, we will end-up
with a QEMU binary (x86) that does not support TCG nor KVM.
Skip tests that crash or hang in the above scenario. Do not include
any test cases if TCG and KVM are missing.
Make sure that calls to qtest_has_accel are placed after g_test_init
in similar fashion to commit ae4b01b349 ("tests: Ensure TAP version is
printed before other messages") to avoid TAP parsing errors.
Reviewed-by: Juan Quintela <quintela@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230426180013.14814-9-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
move the module containing cpu models definitions
for 32bit TCG-only CPUs to tcg/ and rename it for clarity.
Signed-off-by: Claudio Fontana <cfontana@suse.de>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230426180013.14814-8-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We're about to move the 32-bit CPUs under CONFIG_TCG, so adjust the
query-cpu-model-expansion test to check against the cortex-a7, which
is already under CONFIG_TCG. That allows the next patch to contain
only code movement. (All the test cares about is that the CPU type
it's checking is one which definitely doesn't work under KVM.)
While here add comments clarifying what we're testing.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Acked-by: Thomas Huth <thuth@redhat.com>
Message-id: 20230426180013.14814-7-farosas@suse.de
Suggested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the 64-bit CPUs that are TCG-only:
- cortex-a35
- cortex-a55
- cortex-a72
- cortex-a76
- a64fx
- neoverse-n1
Keep the CPUs that can be used with KVM:
- cortex-a57
- cortex-a53
- max
- host
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230426180013.14814-6-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We're about to move the TCG-only -cpu max configuration code under
CONFIG_TCG. To be able to do that we need to make sure the qtests
still have some cpu configured even when no other accelerator is
available.
Delineate now what is used with TCG-only and what is also used with
qtests to make the subsequent patches cleaner.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230426180013.14814-5-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Introduce aarch64_max_tcg_initfn that contains the TCG-only part of
-cpu max configuration. We'll need that to be able to restrict this
code to a TCG-only config in the next patches.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Message-id: 20230426180013.14814-4-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The sve-max-vq property has been removed from the -cpu max used with
KVM, so code under kvm_enabled in cpu_max_set_sve_max_vq is not
reachable.
Fixes: 0baa21be49 ("target/arm: Make KVM -cpu max exactly like -cpu host")
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Message-id: 20230426180013.14814-3-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The file cpu_tcg.c is about to be moved into the tcg/ directory, so
move the register definitions into a new file.
Also move the function declaration to the more appropriate cpregs.h.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230426180013.14814-2-farosas@suse.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
A BH callback can free the BH, causing a use-after-free in aio_bh_call.
Fix that by keeping a local copy of the re-entrancy guard pointer.
Buglink: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58513
Fixes: 9c86c97f12 ("async: Add an optional reentrancy guard to the BH API")
Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <20230501141956.3444868-1-alxndr@bu.edu>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
The test set -accel tcg, so restrict it to when TCG is present.
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Message-Id: <20230426180013.14814-13-farosas@suse.de>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
The spice test is currently hanging on FreeBSD. It likely was
never working before, since in the past, our configure script
was failing to detect this feature due to a bug in the spice
package there (it just got enabled recently by the commit
https://cgit.freebsd.org/ports/commit/?id=cf16b1c9063351325f0 ).
To get the CI working again, let's disable the failing test for
now until someone has enough spare time to debug and fix the real
underlying problem.
Message-Id: <20230428151351.1365822-1-thuth@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
* Update kernel headers to 6.3rc5
* Suppress GCC13 false positive in aio_bh_poll()
* Add new x86 feature bits
* Coverity fixes
* More steps towards removing qatomic_mb_set/read
* Fix reduced-phys-bits value for AMD SEV
-----BEGIN PGP SIGNATURE-----
iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmRNC0IUHHBib256aW5p
QHJlZGhhdC5jb20ACgkQv/vSX3jHroNo0wgArWNGKZpbmQ0e5L6ajMvaaPmg4mVL
a2SJGU0TwTp0fUgZr14z2iwzIpSqQrsqhzTIAzOTs0OICDBPBuNvnRucMa+SVQGO
Tc89YAwBVDo66dAKhWi+WR9tx7sTFCso0nbsBfczzdnwAw3g1MJ87Ueqc5tlPGBK
E7YSAD6l4UuogoN5BLU7bSsG/X7bwcyzeUXRB4ik+Z9abWd4DH9qiROnBKLMmBLK
nAi47h8b8MltWORpO+wf6HtkMKi37SAzl9VLHVuHcRhIdY/JhWCRhYSo0HXhgX66
JLVkyxFpIndT0dUW/xnqATGez92FRZyTxHbxbAcWM0SoC1jOVfUXB+7Gdw==
=vxou
-----END PGP SIGNATURE-----
Merge tag 'for-upstream' of https://gitlab.com/bonzini/qemu into staging
* Fix compilation issues under Debian 10
* Update kernel headers to 6.3rc5
* Suppress GCC13 false positive in aio_bh_poll()
* Add new x86 feature bits
* Coverity fixes
* More steps towards removing qatomic_mb_set/read
* Fix reduced-phys-bits value for AMD SEV
# -----BEGIN PGP SIGNATURE-----
#
# iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmRNC0IUHHBib256aW5p
# QHJlZGhhdC5jb20ACgkQv/vSX3jHroNo0wgArWNGKZpbmQ0e5L6ajMvaaPmg4mVL
# a2SJGU0TwTp0fUgZr14z2iwzIpSqQrsqhzTIAzOTs0OICDBPBuNvnRucMa+SVQGO
# Tc89YAwBVDo66dAKhWi+WR9tx7sTFCso0nbsBfczzdnwAw3g1MJ87Ueqc5tlPGBK
# E7YSAD6l4UuogoN5BLU7bSsG/X7bwcyzeUXRB4ik+Z9abWd4DH9qiROnBKLMmBLK
# nAi47h8b8MltWORpO+wf6HtkMKi37SAzl9VLHVuHcRhIdY/JhWCRhYSo0HXhgX66
# JLVkyxFpIndT0dUW/xnqATGez92FRZyTxHbxbAcWM0SoC1jOVfUXB+7Gdw==
# =vxou
# -----END PGP SIGNATURE-----
# gpg: Signature made Sat 29 Apr 2023 01:19:14 PM BST
# gpg: using RSA key F13338574B662389866C7682BFFBD25F78C7AE83
# gpg: issuer "pbonzini@redhat.com"
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" [undefined]
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" [undefined]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* tag 'for-upstream' of https://gitlab.com/bonzini/qemu:
cpus-common: stop using mb_set/mb_read
async: Suppress GCC13 false positive in aio_bh_poll()
tests: vhost-user-test: release mutex on protocol violation
Update linux headers to v6.3rc5
update-linux-headers.sh: Add missing kernel headers.
Fix libvhost-user.c compilation.
target/i386: Add support for PREFETCHIT0/1 in CPUID enumeration
target/i386: Add support for AVX-NE-CONVERT in CPUID enumeration
target/i386: Add support for AVX-VNNI-INT8 in CPUID enumeration
target/i386: Add support for AVX-IFMA in CPUID enumeration
target/i386: Add support for AMX-FP16 in CPUID enumeration
target/i386: Add support for CMPCCXADD in CPUID enumeration
i386/cpu: Update how the EBX register of CPUID 0x8000001F is set
i386/sev: Update checks and information related to reduced-phys-bits
qemu-options.hx: Update the reduced-phys-bits documentation
qapi, i386/sev: Change the reduced-phys-bits value from 5 to 1
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Use a store-release at the end of the work item, and a load-acquire when
waiting for the item to be completed. This is the standard message passing
pattern and is both enough and clearer than mb_read/mb_set.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Richard Henderson
Nazar Kazakov
Kiran Ostrolenk
Dickon Hood
Weiwei Li
Peter Maydell
Cédric Le Goater
Daniel Bertalan
Patrick Venture
Fabiano Rosas
Claudio Fontana
Alexander Bulekov
Thomas Huth
Paolo Bonzini