We can't allow the supervisor to control SEIP as this would allow the
supervisor to clear a pending external interrupt which will result in
lost a interrupt in the case a PLIC is attached. The SEIP bit must be
hardware controlled when a PLIC is attached.
This logic was previously hard-coded so SEIP was always masked even
if no PLIC was attached. This patch adds riscv_cpu_claim_interrupts
so that the PLIC can register control of SEIP. In the case of models
without a PLIC (spike), the SEIP bit remains software controlled.
This interface allows for hardware control of supervisor timer and
software interrupts by other interrupt controller models.
Backports commit e3e7039cc24ecf47d81c091e8bb04552d6564ad8 from qemu
Add a debugger field to CPURISCVState. Add riscv_csrrw_debug function
to set it. Disable mode checks when debugger field true.
Backports commit 753e3fe207db08ce0ef0405e8452c3397c9b9308 from qemu
This adds some missing CSR_* register macros, and documents some as being
priv v1.9.1 specific.
Backports commit 8e73df6aa3f2f0e5c26c03a94a88406616291815 from qemu
during the refactor to decodetree we removed the manual decoding that is
necessary for c.jal/c.addiw and removed the translation of c.flw/c.ld
and c.fsw/c.sd. This reintroduces the manual parsing and the
omited implementation.
Backports commit f330433b3633647b047cfa418c2ca4d18fda69c7 from qemu
These instructions do not trap when SVE is disabled in EL0,
causing them to be executed with wrong size information.
Backports commit 5de56742a3c91de3d646326bec43a989bba83ca4 from qemu
Some generic arch timer registers are Config-RW in the EL0,
which means the EL0 exception level can have write permission
if it is appropriately configured.
When VM access registers, QEMU firstly checks whether they have RW
permission, then check whether it is appropriately configured.
If they are defined to read only in EL0, even though they have been
appropriately configured, they still do not have write permission.
So need to add the write permission according to ARMV8 spec when
define it.
Backports commit daf1dc5f82cefe2a57f184d5053e8b274ad2ba9a from qemu
with all 16 bit insns moved to decodetree no path is falling back to
gen_system(), so we can remove it.
Backports commit 8f7bc273868939f0821e07fb23792db63d45bffb from qemu
manual decoding in gen_arith() is not necessary with decodetree. For now
the function is called trans_arith as the original gen_arith still
exists. The former will be renamed to gen_arith as soon as the old
gen_arith can be removed.
Backports commit f2ab1728675772cd475a33f4df3d2f68a22c188f from qemu
gen_arith_imm() does a lot of decoding manually, which was hard to read
in case of the shift instructions and is not necessary anymore with
decodetree.
Backports commit 7a50d3e2ae7f13b24fe55990ea0b8ddcbbb43130 from qemu
With decodetree we don't need to convert RISC-V opcodes into to MemOps
as the old gen_store() did.
Backports commit bce8a342a1f0919479d18ec812b100136daa746b from qemu
With decodetree we don't need to convert RISC-V opcodes into to MemOps
as the old gen_load() did.
Backports commit 98898b20e9cca462843c22ad952c216ffd57d654 from qemu
We now utilizes argument-sets of decodetree such that no manual
decoding is necessary.
Backports commit 090cc2c898a04e42350eabf1bcf7d245471603f9 from qemu
we cannot remove the call to gen_arith() in decode_RV32_64G() since it
is used to translate multiply instructions.
Backports commit b73a987b09ad5081123dc6b1e8e6c8305a1c8673 from qemu
this splits the 64-bit only instructions into its own decode file such
that we generate the decoder for these instructions only for the RISC-V
64 bit target.
Backports commit 7e45a682edc32ba90d6955215f062210531b835b from qemu
for now only LUI & AUIPC are decoded and translated. If decodetree fails, we
fall back to the old decoder.
Backports commit 2a53cff418335ccb4719e9a94fde55f6ebcc895d from qemu
Previously this would result in an exception for shifting
the field mask by a negative number.
Backports commit 2decfc95583dc28add69810eaca6ada7b4b44d3a from qemu
This is interesting for bisection, where an output file is plumbed,
but does not yet have patterns.
Backports commit 82bfac1c06cadeb5c7252734dc695d951185916c from qemu
As a consequence, the 'return false' gets pushed up one level.
This will allow us to perform some other action when the
translator returns failure.
Backports commit eb6b87fac70dd62e3f1286703db20c012e7a9611 from qemu
flatview_add_to_dispatch() registers page based on the condition of
*section*, which may looks like this:
|s|PPPPPPP|s|
where s stands for subpage and P for page.
The procedure of this function could be described as:
- register first subpage
- register page
- register last subpage
This means the procedure could be simplified into these three steps
instead of a loop iteration.
This patch refactors the function into three corresponding steps and
adds some comment to clarify it.
Backports commit 494d199727ba248c96326b4e1c97f86eb11a5ec7 from qemu
Since OpenBSD 6.0 [1], W^X is enforced by default [2].
TCG requires WX access. Disable W^X if it is available.
This fixes:
\# lm32-softmmu/qemu-system-lm32
Could not allocate dynamic translator buffer
\# sysctl kern.wxabort=1
kern.wxabort: 0 -> 1
\# lm32-softmmu/qemu-system-lm32
mmap: Not supported
Abort trap (core dumped)
\# gdb -q lm32-softmmu/qemu-system-lm32 qemu-system-lm32.core
(gdb) bt
\#0 0x000017e3c156c50a in _thread_sys___syscall () at {standard input}:5
\#1 0x000017e3c15e5d7a in *_libc_mmap (addr=Variable "addr" is not available.) at /usr/src/lib/libc/sys/mmap.c:47
\#2 0x000017e17d9abc8b in alloc_code_gen_buffer () at /usr/src/qemu/accel/tcg/translate-all.c:1064
\#3 0x000017e17d9abd04 in code_gen_alloc (tb_size=0) at /usr/src/qemu/accel/tcg/translate-all.c:1112
\#4 0x000017e17d9abe81 in tcg_exec_init (tb_size=0) at /usr/src/qemu/accel/tcg/translate-all.c:1149
\#5 0x000017e17d9897e9 in tcg_init (ms=0x17e45e456800) at /usr/src/qemu/accel/tcg/tcg-all.c:66
\#6 0x000017e17d9891b8 in accel_init_machine (acc=0x17e3c3f50800, ms=0x17e45e456800) at /usr/src/qemu/accel/accel.c:63
\#7 0x000017e17d989312 in configure_accelerator (ms=0x17e45e456800, progname=0x7f7fffff07b0 "lm32-softmmu/qemu-system-lm32") at /usr/src/qemu/accel/accel.c:111
\#8 0x000017e17d9d8616 in main (argc=1, argv=0x7f7fffff06b8, envp=0x7f7fffff06c8) at vl.c:4325
[1] https://www.openbsd.org/faq/upgrade60.html
[2] https://undeadly.org/cgi?action=article&sid=20160527203200
Backports commit 7776ea6b49873ed18a2111e25ed8a6d94bd73db8 from qemu
Intel Processor Trace required CPUID[0x14] but the cpuid_level
have no change when create a kvm guest with
e.g. "-cpu qemu64,+intel-pt
Backports relevant bits of commit
f24c3a79a415042f6dc195f029a2ba7247d14cac from qemu
This ports over the RISC-V architecture from Qemu. This is currently a
very barebones transition. No code hooking or any fancy stuff.
Currently, you can feed it instructions and query the CPU state itself.
This also allows choosing whether or not RISC-V 32-bit or RISC-V 64-bit
is desirable through Unicorn's interface as well.
Extremely basic examples of executing a single instruction have been
added to the samples directory to help demonstrate how to use the basic
functionality.