Commit graph

2129 commits

Author SHA1 Message Date
Thomas Huth 6053203c1c target/i386: Remove obsolete TODO file
The last real change to this file is from 2012, so it is very likely
that this file is completely out-of-date and ignored today. Let's
simply remove it to avoid confusion if someone finds it by accident.

Backports commit 3575b0aea983ad57804c9af739ed8ff7bc168393 from qemu
2020-06-15 13:22:56 -04:00
Joseph Myers 18b0ae9ebd target/i386: correct fix for pcmpxstrx substring search
This corrects a bug introduced in my previous fix for SSE4.2 pcmpestri
/ pcmpestrm / pcmpistri / pcmpistrm substring search, commit
ae35eea7e4a9f21dd147406dfbcd0c4c6aaf2a60.

That commit fixed a bug that showed up in four GCC tests with one libc
implementation. The tests in question generate random inputs to the
intrinsics and compare results to a C implementation, but they only
test 1024 possible random inputs, and when the tests use the cases of
those instructions that work with word rather than byte inputs, it's
easy to have problematic cases that show up much less frequently than
that. Thus, testing with a different libc implementation, and so a
different random number generator, showed up a problem with the
previous patch.

When investigating the previous test failures, I found the description
of these instructions in the Intel manuals (starting from computing a
16x16 or 8x8 set of comparison results) confusing and hard to match up
with the more optimized implementation in QEMU, and referred to AMD
manuals which described the instructions in a different way. Those
AMD descriptions are very explicit that the whole of the string being
searched for must be found in the other operand, not running off the
end of that operand; they say "If the prototype and the SUT are equal
in length, the two strings must be identical for the comparison to be
TRUE.". However, that statement is incorrect.

In my previous commit message, I noted:

The operation in this case is a search for a string (argument d to
the helper) in another string (argument s to the helper); if a copy
of d at a particular position would run off the end of s, the
resulting output bit should be 0 whether or not the strings match in
the region where they overlap, but the QEMU implementation was
wrongly comparing only up to the point where s ends and counting it
as a match if an initial segment of d matched a terminal segment of
s. Here, "run off the end of s" means that some byte of d would
overlap some byte outside of s; thus, if d has zero length, it is
considered to match everywhere, including after the end of s.

The description "some byte of d would overlap some byte outside of s"
is accurate only when understood to refer to overlapping some byte
*within the 16-byte operand* but at or after the zero terminator; it
is valid to run over the end of s if the end of s is the end of the
16-byte operand. So the fix in the previous patch for the case of d
being empty was correct, but the other part of that patch was not
correct (as it never allowed partial matches even at the end of the
16-byte operand). Nor was the code before the previous patch correct
for the case of d nonempty, as it would always have allowed partial
matches at the end of s.

Fix with a partial revert of my previous change, combined with
inserting a check for the special case of s having maximum length to
determine where it is necessary to check for matches.

In the added test, test 1 is for the case of empty strings, which
failed before my 2017 patch, test 2 is for the bug introduced by my
2017 patch and test 3 deals with the case where a match of an initial
segment at the end of the string is not valid when the string ends
before the end of the 16-byte operand (that is, the case that would be
broken by a simple revert of the non-empty-string part of my 2017
patch).

Backports commit bc921b2711c4e2e8ab99a3045f6c0f134a93b535 from qemu
2020-06-15 13:20:48 -04:00
Joseph Myers e79024e0cf target/i386: fix IEEE x87 floating-point exception raising
Most x87 instruction implementations fail to raise the expected IEEE
floating-point exceptions because they do nothing to convert the
exception state from the softfloat machinery into the exception flags
in the x87 status word. There is special-case handling of division to
raise the divide-by-zero exception, but that handling is itself buggy:
it raises the exception in inappropriate cases (inf / 0 and nan / 0,
which should not raise any exceptions, and 0 / 0, which should raise
"invalid" instead).

Fix this by converting the floating-point exceptions raised during an
operation by the softfloat machinery into exceptions in the x87 status
word (passing through the existing fpu_set_exception function for
handling related to trapping exceptions). There are special cases
where some functions convert to integer internally but exceptions from
that conversion are not always correct exceptions for the instruction
to raise.

There might be scope for some simplification if the softfloat
exception state either could always be assumed to be in sync with the
state in the status word, or could always be ignored at the start of
each instruction and just set to 0 then; I haven't looked into that in
detail, and it might run into interactions with the various ways the
emulation does not yet handle trapping exceptions properly. I think
the approach taken here, of saving the softfloat state, setting
exceptions there to 0 and then merging the old exceptions back in
after carrying out the operation, is conservatively safe

Backports commit 975af797f1e04e4d1b1a12f1731141d3770fdbce from qemu
2020-06-15 13:19:27 -04:00
Joseph Myers cb50df6aae target/i386: fix fisttpl, fisttpll handling of out-of-range values
The fist / fistt family of instructions should all store the most
negative integer in the destination format when the rounded /
truncated integer result is out of range or the input is an invalid
encoding, infinity or NaN. The fisttpl and fisttpll implementations
(32-bit and 64-bit results, truncate towards zero) failed to do this,
producing the most positive integer in some cases instead. Fix this
by copying the code used to handle this issue for fistpl and fistpll,
adjusted to use the _round_to_zero functions for the actual
conversion (but without any other changes to that code).

Backports commit c8af85b10c818709755f5dc8061c69920611fd4c from qemu
2020-06-15 13:10:23 -04:00
Joseph Myers ceaa77e576 target/i386: fix fbstp handling of out-of-range values
The fbstp implementation fails to check for out-of-range and invalid
values, instead just taking the result of conversion to int64_t and
storing its sign and low 18 decimal digits. Fix this by checking for
an out-of-range result (invalid conversions always result in INT64_MAX
or INT64_MIN from the softfloat code, which are large enough to be
considered as out-of-range by this code) and storing the packed BCD
indefinite encoding in that case.

Backports commit 374ff4d0a3c2cce2bc6e4ba8a77eaba55c165252 from qemu
2020-06-15 13:09:23 -04:00
Joseph Myers 477a0af161 target/i386: fix fbstp handling of negative zero
The fbstp implementation stores +0 when the rounded result should be
-0 because it compares an integer value with 0 to determine the sign.
Fix this by checking the sign bit of the operand instead.

Backports commit 18c53e1e73197a24f9f4b66b1276eb9868db5bf0 from qemu
2020-06-15 13:08:38 -04:00
Joseph Myers c796ee5e13 target/i386: fix fxam handling of invalid encodings
The fxam implementation does not check for invalid encodings, instead
treating them like NaN or normal numbers depending on the exponent.
Fix it to check that the high bit of the significand is set before
treating an encoding as NaN or normal, thus resulting in correct
handling (all of C0, C2 and C3 cleared) for invalid encodings.

Backports commit 34b9cc076ff423023a779a04a9f7cd7c17372cbf from qemu
2020-06-15 13:07:54 -04:00
Joseph Myers 5a01ea31eb target/i386: fix floating-point load-constant rounding
The implementations of the fldl2t, fldl2e, fldpi, fldlg2 and fldln2
instructions load fixed constants independent of the rounding mode.
Fix them to load a value correctly rounded for the current rounding
mode (but always rounded to 64-bit precision independent of the
precision control, and without setting "inexact") as specified.

Backports commit 80b4008c805ebcfd4c0d302ac31c1689e34571e0 from qemu
2020-06-15 13:07:06 -04:00
Joseph Myers 95368d250b target/i386: fix fscale handling of rounding precision
The fscale implementation uses floatx80_scalbn for the final scaling
operation. floatx80_scalbn ends up rounding the result using the
dynamic rounding precision configured for the FPU. But only a limited
set of x87 floating-point instructions are supposed to respect the
dynamic rounding precision, and fscale is not in that set. Fix the
implementation to save and restore the rounding precision around the
call to floatx80_scalbn.

Backports commit c535d68755576bfa33be7aef7bd294a601f776e0 from qemu
2020-06-15 13:05:31 -04:00
Joseph Myers ad83656acc target/i386: fix fscale handling of infinite exponents
The fscale implementation passes infinite exponents through to generic
code that rounds the exponent to a 32-bit integer before using
floatx80_scalbn. In round-to-nearest mode, and ignoring exceptions,
this works in many cases. But it fails to handle the special cases of
scaling 0 by a +Inf exponent or an infinity by a -Inf exponent, which
should produce a NaN, and because it produces an inexact result for
finite nonzero numbers being scaled, the result is sometimes incorrect
in other rounding modes. Add appropriate handling of infinite
exponents to produce a NaN or an appropriately signed exact zero or
infinity as a result

Backports commit c1c5fb8f9067c830e36830c2b82c0ec146c03d7b from qemu
2020-06-15 13:04:46 -04:00
Joseph Myers bbbf25fdd9 target/i386: fix fscale handling of invalid exponent encodings
The fscale implementation does not check for invalid encodings in the
exponent operand, thus treating them like INT_MIN (the value returned
for invalid encodings by floatx80_to_int32_round_to_zero). Fix it to
treat them similarly to signaling NaN exponents, thus generating a
quiet NaN result.

Backports commit b40eec96b26028b68c3594fbf34b6d6f029df26a from qemu
2020-06-15 13:03:54 -04:00
Joseph Myers d96c218664 target/i386: fix fscale handling of signaling NaN
The implementation of the fscale instruction returns a NaN exponent
unchanged. Fix it to return a quiet NaN when the provided exponent is
a signaling NaN.

Backports commit 0d48b436327955c69e2eb53f88aba9aa1e0dbaa0 from qemu
2020-06-15 13:03:16 -04:00
Joseph Myers 18fc17ca25 target/i386: implement special cases for fxtract
The implementation of the fxtract instruction treats all nonzero
operands as normal numbers, so yielding incorrect results for invalid
formats, infinities, NaNs and subnormal and pseudo-denormal operands.
Implement appropriate handling of all those cases.

Backports commit c415f2c58296d86e9abb7e4a133111acf7031da3 from qemu
2020-06-15 13:02:33 -04:00
Liran Alon 7373942623 i386/cpu: Store LAPIC bus frequency in CPU structure
No functional change.
This information will be used by following patches.

Backports commit 73b994f6d74ec00a1d78daf4145096ff9f0e2982 from qemu
2020-06-15 13:00:58 -04:00
Janne Grunau 6f41687234 target/i386: fix phadd* with identical destination and source register
Detected by asm test suite failures in dav1d
(https://code.videolan.org/videolan/dav1d). Can be reproduced by
`qemu-x86_64 -cpu core2duo ./tests/checkasm --test=mc_8bpc 1659890620`.

Backports commit 2dfbea1a872727fb747ca6adf2390e09956cdc6e from qemu
2020-06-15 12:59:49 -04:00
Philippe Mathieu-Daudé 34930da196 target/i386: Fix OUTL debug output
Fix OUTL instructions incorrectly displayed as OUTW.

Backports commit ce8540fde2cb535923a52a012f57b418eea85e1b from qemu
2020-06-15 12:56:33 -04:00
Richard Henderson a93d01c61d target/arm: Use a non-overlapping group for misc control
The miscellaneous control instructions are mutually exclusive
within the t32 decode sub-group.

Backports commit d6084fba47bb9aef79775c1102d4b647eb58c365 from qemu
2020-06-15 12:52:48 -04:00
Peter Maydell 7427cca6cc target/arm: Convert Neon one-register-and-immediate insns to decodetree
Convert the insns in the one-register-and-immediate group to decodetree.

In the new decode, our asimd_imm_const() function returns a 64-bit value
rather than a 32-bit one, which means we don't need to treat cmode=14 op=1
as a special case in the decoder (it is the only encoding where the two
halves of the 64-bit value are different).

Backports commit 2c35a39eda0b16c2ed85c94cec204bf5efb97812 from qemu
2020-06-15 12:44:54 -04:00
Peter Maydell 93e6d464c8 target/arm: Convert VCVT fixed-point ops to decodetree
Convert the VCVT fixed-point conversion operations in the
Neon 2-regs-and-shift group to decodetree.

Backports commit 3da26f11711caeaa18318b6afa14dfb81d7650ab from qemu
2020-06-15 12:40:59 -04:00
Peter Maydell a5f903b2a5 target/arm: Convert Neon VSHLL, VMOVL to decodetree
Convert the VSHLL and VMOVL insns from the 2-reg-shift group
to decodetree. Since the loop always has two passes, we unroll
it to avoid the awkward reassignment of one TCGv to another.

Backports commit 968bf842742a5ffbb0041cb31089e61a9f7a833d from qemu
2020-06-15 12:35:32 -04:00
Peter Maydell 6fc8fdaa2b target/arm: Convert Neon narrowing shifts with op==9 to decodetree
Convert the remaining Neon narrowing shifts to decodetree:
* VQSHRN
* VQRSHRN

Backports commit b4a3a77bb7a0dff1cc5673fe3be467d9e3635d44 from qemu
2020-06-15 12:31:35 -04:00
Peter Maydell ef29b91a43 target/arm: Convert Neon narrowing shifts with op==8 to decodetree
Convert the Neon narrowing shifts where op==8 to decodetree:
* VSHRN
* VRSHRN
* VQSHRUN
* VQRSHRUN

backports commit 712182d340e33c2ce86143f25fb2f04ae23d90de from qemu
2020-06-15 12:29:09 -04:00
Peter Maydell 69a3312e3a target/arm: Convert VQSHLU, VQSHL 2-reg-shift insns to decodetree
Convert the VQSHLU and QVSHL 2-reg-shift insns to decodetree.
These are the last of the simple shift-by-immediate insns.

Backports commit 37bfce81b10450071193c8495a07f182ec652e2a from qemu
2020-06-15 12:21:10 -04:00
Peter Maydell 055c96f985 target/arm: Convert Neon VSHR 2-reg-shift insns to decodetree
Convert the VSHR 2-reg-shift insns to decodetree.

Note that unlike the legacy decoder, we present the right shift
amount to the trans_ function as a positive integer.

Backports commit 66432d6b8294e3508218b360acfdf7c244eea993 from qemu
2020-06-15 12:15:29 -04:00
Peter Maydell bf18bf983d target/arm: Convert Neon VSHL and VSLI 2-reg-shift insn to decodetree
Convert the VSHL and VSLI insns from the Neon 2-registers-and-a-shift
group to decodetree.

Backports commit d3c8c736f8b4bdd02831076286b1788232f46ced from qemu
2020-06-15 12:07:02 -04:00
Richard Henderson 1d95dd1c89 target/arm: Split helper_crypto_sm3tt
Rather than passing an opcode to a helper, fully decode the
operation at translate time. Use clear_tail_16 to zap the
balance of the SVE register with the AdvSIMD write.

Backports commit 43fa36c96c24349145497adc1b451f9caf74e344 from qemu
2020-06-14 23:24:21 -04:00
Richard Henderson 5ca8caf656 target/arm: Split helper_crypto_sha1_3reg
Rather than passing an opcode to a helper, fully decode the
operation at translate time. Use clear_tail_16 to zap the
balance of the SVE register with the AdvSIMD write.

Backports commit afc8b7d32668547308bdd654a63cf5228936e0ba from qemu
2020-06-14 23:18:45 -04:00
Richard Henderson 41c4efdb22 target/arm: Convert sha1 and sha256 to gvec helpers
Do not yet convert the helpers to loop over opr_sz, but the
descriptor allows the vector tail to be cleared. Which fixes
an existing bug vs SVE.

Backports commit effa992f153f5e7ab97ab843b565690748c5b402 from qemu
2020-06-14 23:11:28 -04:00
Richard Henderson 2c6c4da80c target/arm: Convert sha512 and sm3 to gvec helpers
Do not yet convert the helpers to loop over opr_sz, but the
descriptor allows the vector tail to be cleared. Which fixes
an existing bug vs SVE.

Backports commit aaffebd6d3135b8aed7e61932af53b004d261579 from qemu
2020-06-14 23:01:49 -04:00
Richard Henderson 894f2168da target/arm: Convert rax1 to gvec helpers
With this conversion, we will be able to use the same helpers
with sve. This also fixes a bug in which we failed to clear
the high bits of the SVE register after an AdvSIMD operation.

Backports commit 1738860d7e60dec5dbeba17f8b44d31aae3accac from qemu
2020-06-14 22:49:36 -04:00
Richard Henderson 1df7314dc3 target/arm: Convert aes and sm4 to gvec helpers
With this conversion, we will be able to use the same helpers
with sve. In particular, pass 3 vector parameters for the
3-operand operations; for advsimd the destination register
is also an input.

This also fixes a bug in which we failed to clear the high bits
of the SVE register after an AdvSIMD operation.

Backports commit a04b68e1d4c4f0cd5cd7542697b1b230b84532f5 from qemu
2020-06-14 22:41:33 -04:00
Alistair Francis 2b2f91f82c target/riscv: Add the lowRISC Ibex CPU
The reset vector is set in the init function don't set it again in
realize.

Backports commit 36b80ad99f7ea4979a4c5fc6e4072619b405e3b0 from qemu
2020-06-14 22:28:55 -04:00
Alistair Francis 2584ab8ee5 target/riscv: Drop support for ISA spec version 1.09.1
The RISC-V ISA spec version 1.09.1 has been deprecated in QEMU since
4.1. It's not commonly used so let's remove support for it.

Backports commit 1a9540d1f1a9c5022d9273d0244e5809679dd33b from qemu
2020-06-14 22:23:26 -04:00
Alistair Francis e35d56a146 target/riscv: Remove the deprecated CPUs 2020-06-14 22:15:16 -04:00
Laurent Vivier 50aa85e560 target/m68k: implement opcode fetoxm1
Example provided in the launchpad bug fails with:

qemu: uncaught target signal 4 (Illegal instruction) - core dumped
Illegal instruction (core dumped)

It appears fetoxm1 is not implemented:

IN: expm1f
0x800005cc: fetoxm1x %fp2,%fp0
Disassembler disagrees with translator over instruction decoding
Please report this to qemu-devel@nongnu.org

(gdb) x/2hx 0x800005cc
0x800005cc: 0xf200 0x0808

This patch adds the instruction.

Backports commit 250b1da35d579f42319af234f36207902ca4baa4 from qemu
2020-06-14 21:13:29 -04:00
Laurent Vivier aa69ab54ad target/m68k: implement fmove.l #<data>,FPCR
The immediate value mode was ignored and instruction execution
ends to an invalid access mode.

This was found running 'R' that set FPSR to 0 at startup with
a 'fmove.l #0,FPSR' in qemu-system-m68k emulation and triggers a
kernel crash:

[ 56.640000] *** ADDRESS ERROR *** FORMAT=2
[ 56.640000] Current process id is 728
[ 56.640000] BAD KERNEL TRAP: 00000000
[ 56.640000] Modules linked in: sg evdev mac_hid ip_tables x_tables sha1_generic hmac ipv6 nf_defrag_ipv6 autofs4 ext4 crc16 mbcache jbd2 crc32c_generic sd_mod t10_pi crc_t10dif crct10dif_generic crct10dif_common sr_mod cdrom mac_esp macsonic esp_scsi
[ 56.640000] PC: [<00016a2c>] X_UNSUPP+0x2c/0x3c
[ 56.640000] SR: 2004 SP: 3eb5e68c a2: c02e239a
[ 56.640000] d0: 00000040 d1: 00000002 d2: 8002adec d3: 8002ad50
[ 56.640000] d4: 8002c768 d5: 0000000d a0: ffffffc2 a1: ffffffc1
[ 56.640000] Process R (pid: 728, task=a3dfda5d)
[ 56.640000] Frame format=2 instr addr=00000000
[ 56.650000] Stack from 3a4d9f30:
[ 56.650000] 41000000 00000002 00000002 ffffffc2 ffffffc1 1fff0000 80000000 00000000
[ 56.650000] 3fbf0000 80000000 00000000 00000000 20000000 00000000 7fff0000 ffffffff
[ 56.650000] ffffffff 00000000 00050008 00000000 8000067c c02c2000 efffee20 000002d8
[ 56.650000] 00002a28 3a4d9f98 00000002 00000014 fffffffe 8002c768 00000002 00000041
[ 56.650000] 00000002 c041fc58 c0743758 ffffffff 00000000 0008c075 00002b24 00000012
[ 56.650000] 000007d0 00000024 00000002 c05bef04 c05bef04 0000005e 00000077 c28aca70
[ 56.650000] Call Trace: [<00050008>] copy_overflow+0x10/0x28
[ 56.650000] [<00002a28>] buserr+0x20/0x28
[ 56.650000] [<0008c075>] bpf_check+0x57f/0x1cfa
[ 56.650000] [<00002b24>] syscall+0x8/0xc
[ 56.650000] [<0000c019>] dn_sched_init+0x75/0x88
[ 56.650000] Code: 1017 0200 00f0 0c00 0040 66ff 0000 05ac <f23c> 8800 0000 0000 f23c 9000 0000 0000 222e ff84 082e 0005 ff1c 6600 000a 0281
[ 56.650000] Disabling lock debugging due to kernel taint
...

Backports commit 6a0e8bb4956c34328f4624e20bd3a6c2b1d90adc from qemu
2020-06-14 21:11:54 -04:00
Huacai Chen 504946fb79 target/mips: Support variable page size
Traditionally, MIPS use 4KB page size, but Loongson prefer 16KB page
size in system emulator. So, let's define TARGET_PAGE_BITS_VARY and
TARGET_PAGE_BITS_MIN to support variable page size.

Backports commit ee3863b9d414f0b4a59a88f2a79b496a99d4f6dd from qemu
2020-06-14 21:09:51 -04:00
Peter Maydell 1c6b0339e6 target/arm: Allow user-mode code to write CPSR.E via MSR
Using the MSR instruction to write to CPSR.E is deprecated, but it is
required to work from any mode including unprivileged code. We were
incorrectly forbidding usermode code from writing it because
CPSR_USER did not include the CPSR_E bit.

We use CPSR_USER in only three places:
* as the mask of what to allow userspace MSR to write to CPSR
* when deciding what bits a linux-user signal-return should be
able to write from the sigcontext structure
* in target_user_copy_regs() when we set up the initial
registers for the linux-user process

In the first two cases not being able to update CPSR.E is a bug, and
in the third case it doesn't matter because CPSR.E is always 0 there.
So we can fix both bugs by adding CPSR_E to CPSR_USER.

Because the cpsr_write() in restore_sigcontext() is now changing
a CPSR bit which is cached in hflags, we need to add an
arm_rebuild_hflags() call there; the callsite in
target_user_copy_regs() was already rebuilding hflags for other
reasons.

(The recommended way to change CPSR.E is to use the 'SETEND'
instruction, which we do correctly allow from usermode code.)

Backports commit 268b1b3dfbb92a9348406f728a33f39e3d8dcd8a from qemu
2020-06-14 21:08:03 -04:00
Richard Henderson acdd5c6065 target/arm: Use clear_vec_high more effectively
Do not explicitly store zero to the NEON high part
when we can pass !is_q to clear_vec_high.

Backports commit e1f778596ebfa8782276f4dd4651f2b285d734ff from qemu
2020-06-14 21:06:40 -04:00
Richard Henderson 3ac9b9b206 target/arm: Use tcg_gen_gvec_mov for clear_vec_high
The 8-byte store for the end a !is_q operation can be
merged with the other stores. Use a no-op vector move
to trigger the expand_clr portion of tcg_gen_gvec_mov.

Backports commit 5c27392dd08bd8534893abf25ef501f1bd8680fe from qemu
2020-06-14 21:00:57 -04:00
Richard Henderson d960523cbd softfloat: Name compare relation enum
Give the previously unnamed enum a typedef name. Use it in the
prototypes of compare functions. Use it to hold the results
of the compare functions.

Backports commit 71bfd65c5fcd72f8af2735905415c7ce4220f6dc from qemu
2020-05-21 18:08:52 -04:00
Richard Henderson 8adc704058 softfloat: Name rounding mode enum
Give the previously unnamed enum a typedef name. Use the packed
attribute so that we do not affect the layout of the float_status
struct. Use it in the prototypes of relevant functions.

Adjust switch statements as necessary to avoid compiler warnings.

Backports commit 3dede407cc61b64997f0c30f6dbf4df09949abc9 from qemu
2020-05-21 18:02:05 -04:00
Richard Henderson a417227674 softfloat: Replace flag with bool
We have had this on the to-do list for quite some time.

Backports commit c120391c0090d9c40425c92cdb00f38ea8588ff6 from qemu
2020-05-21 17:48:12 -04:00
Richard Henderson 6530d6342f softfloat: Use post test for floatN_mul
The existing f{32,64}_addsub_post test, which checks for zero
inputs, is identical to f{32,64}_mul_fast_test. Which means
we can eliminate the fast_test/fast_op hooks in favor of
reusing the same post hook.

This means we have one fewer test along the fast path for multiply.

Backports commit b240c9c497b9880ac0ba29465907d5ebecd48083 from qemu
2020-05-21 17:24:00 -04:00
Peter Maydell 7b2fb5bc63 target/arm: Convert NEON VFMA, VFMS 3-reg-same insns to decodetree
Convert the Neon floating point VFMA and VFMS insn to decodetree.
These are the last insns in the 3-reg-same group so we can
remove all the support/loop code from the old decoder.

Backports commit e95485f85657be21135c17a9226e297c21e73360 from qemu
2020-05-15 23:49:20 -04:00
Peter Maydell 82484db863 target/arm: Convert Neon fp VMAX/VMIN/VMAXNM/VMINNM/VRECPS/VRSQRTS to decodetree
Convert the Neon fp VMAX/VMIN/VMAXNM/VMINNM/VRECPS/VRSQRTS 3-reg-same
insns to decodetree. (These are all the remaining non-accumulation
instructions in this group.)

Backports commit d5fdf9e9e1c6f2bbb0a4bcaafd85d344cce9c298 from qemu
2020-05-15 23:44:52 -04:00
Peter Maydell a593866af6 target/arm: Move 'env' argument of recps_f32 and rsqrts_f32 helpers to usual place
The usual location for the env argument in the argument list of a TCG helper
is immediately after the return-value argument. recps_f32 and rsqrts_f32
differ in that they put it at the end.

Move the env argument to its usual place; this will allow us to
more easily use these helper functions with the gvec APIs.

Backports commit 26c6f695cfd2a3ccddb4d015a25b56f56aa62928 from qemu
2020-05-15 23:41:37 -04:00
Peter Maydell 05e72483f4 target/arm: Convert Neon 3-reg-same compare insns to decodetree
Convert the Neon integer 3-reg-same compare insns VCGE, VCGT,
VCEQ, VACGE and VACGT to decodetree.

Backports commit 727ff1d63213e6666e511956903b9e97a339ec7e from qemu
2020-05-15 23:37:53 -04:00
Peter Maydell 042df686ca target/arm: Convert Neon fp VMUL, VMLA, VMLS 3-reg-same insns to decodetree
Convert the Neon integer VMUL, VMLA, and VMLS 3-reg-same inssn to
decodetree.

We don't have a gvec helper for multiply-accumulate, so VMLA and VMLS
need a loop function do_3same_fp(). This takes a reads_vd parameter
to do_3same_fp() which tells it to load the old value into vd before
calling the callback function, in the same way that the do_vfp_3op_sp()
and do_vfp_3op_dp() functions in translate-vfp.inc.c work. (The
only uses in this patch pass reads_vd == true, but later commits
will use reads_vd == false.)

This conversion fixes in passing an underdecoding for VMUL

Backports commit 8aa71ead912ca0a9c0d29b74e0976f91952f950a from qemu
2020-05-15 23:35:21 -04:00
Peter Maydell 2527e76926 target/arm: Convert Neon VPMIN/VPMAX/VPADD float 3-reg-same insns to decodetree
Convert the Neon float VPMIN, VPMAX and VPADD 3-reg-same insns to
decodetree. These are the only remaining 'pairwise' operations,
so we can delete the pairwise-specific bits of the old decoder's
for-each-element loop now.

Backports commit ab978335a56e3618212868fdce3a54217c6e71e6 from qemu
2020-05-15 23:31:15 -04:00