pmccntr_read and pmccntr_write contained duplicate code that was already
being handled by pmccntr_sync. Consolidate the duplicated code into two
functions: pmccntr_op_start and pmccntr_op_finish. Add a companion to
c15_ccnt in CPUARMState so that we can simultaneously save both the
architectural register value and the last underlying cycle count - this
ensures time isn't lost and will also allow us to access the 'old'
architectural register value in order to detect overflows in later
patches.
Backports commit 5d05b9d462666ed21b7fef61aa45dec9aaa9f0ff from qemu
The arm_regime_tbi{0,1} functions are replacable with the new function
by giving the lowest and highest address.
Backports commit 5d8634f5a3a8474525edcfd581a659830e9e97c0 from qemu
We need to reuse this from helper-a64.c. Provide a stub
definition for CONFIG_USER_ONLY. This matches the stub
definitions that we removed for arm_regime_tbi{0,1} before.
Backports commit bf0be433878935e824479e8ae890493e1fb646ed from qemu
While we could expose stage_1_mmu_idx, the combination is
probably going to be more useful.
Backports commit 64be86ab1b5ef10b660a4230ee7f27c0da499043 from qemu
The pattern
ARMMMUIdx mmu_idx = core_to_arm_mmu_idx(env, cpu_mmu_index(env, false));
is computing the full ARMMMUIdx, stripping off the ARM bits,
and then putting them back.
Avoid the extra two steps with the appropriate helper function.
Backports commit 50494a279dab22a015aba9501a94fcc3cd52140e from qemu
The cryptographic internals are stubbed out for now,
but the enable and trap bits are checked.
Backports commit 0d43e1a2d29a05f7b0d5629caaff18733cbdf3bb from qemu
Replace arm_hcr_el2_{fmo,imo,amo} with a more general routine
that also takes SCR_EL3.NS (aka arm_is_secure_below_el3) into
account, as documented for the plethora of bits in HCR_EL2.
Backports commit f77784446045231f7dfa46c9b872091241fa1557 from qemu
In commit 8a0fc3a29fc2315325400 we tried to implement HCR_EL2.{VI,VF},
but we got it wrong and had to revert it.
In that commit we implemented them as simply tracking whether there
is a pending virtual IRQ or virtual FIQ. This is not correct -- these
bits cause a software-generated VIRQ/VFIQ, which is distinct from
whether there is a hardware-generated VIRQ/VFIQ caused by the
external interrupt controller. So we need to track separately
the HCR_EL2 bit state and the external virq/vfiq line state, and
OR the two together to get the actual pending VIRQ/VFIQ state.
Fixes: 8a0fc3a29fc2315325400c738f807d0d4ae0ab7f
Backports commit 89430fc6f80a5aef1d4cbd6fc26b40c30793786c from qemu
Add a new flag to mark memory region that are used as non-volatile, by
NVDIMM for example. That bit is propagated down to the flat view, and
reflected in HMP info mtree with a "nv-" prefix on the memory type.
This way, guest_phys_blocks_region_add() can skip the NV memory
regions for dumps and TCG memory clear in a following patch.
Backports commit c26763f8ec70b1011098cab0da9178666d8256a5 from qemu
Add code to insert calls to a helper function to do the stack
limit checking when we handle these forms of instruction
that write to SP:
* ADD (SP plus immediate)
* ADD (SP plus register)
* SUB (SP minus immediate)
* SUB (SP minus register)
* MOV (register)
Backports commit 5520318939fea5d659bf808157cd726cb967b761 from qemu
This implements the feature for softmmu, and moves the
main loop out of a macro and into a function.
Backports commit 116347ce20bb7b5cac17bf2b0e6f607530b50862 from qemu
We can choose the endianness at translation time, rather than
re-computing it at execution time.
Backports commit 28d57f2dc59c287e1c40239509b0a325fd00e32f from qemu
We can choose the endianness at translation time, rather than
re-computing it at execution time.
Backports commit 7d0a57a2e1cea188b9023261a404d7a211117230 from qemu
This fixes the endianness problem for softmmu, and moves
the main loop out of a macro and into an inlined function.
Backports commit 78cf1b886aa1b95c97fc5114641515c2892bb240 from qemu
This fixes the endianness problem for softmmu, and moves
the main loop out of a macro and into an inlined function.
Backports commit d4f75f25b43041e7a46d12352b3c70ae457d8cea from qemu
Use the existing helpers to determine if (1) the fpu is enabled,
(2) sve state is enabled, and (3) the current sve vector length.
Backports commit ced3155141755ba244c988c72c4bde32cc819670 from qemu
SVE vector length can change when changing EL, or when writing
to one of the ZCR_ELn registers.
For correctness, our implementation requires that predicate bits
that are inaccessible are never set. Which means noticing length
changes and zeroing the appropriate register bits.
Backports commit 0ab5953b00b3165877d00cf75de628c51670b550 from qemu
It has not had users since f83311e476 ("target-m68k: use floatx80
internally", 2017-06-21).
Note that no other bit-width has floatX_trunc_to_int.
Backports commit c953da8f0be5e026d1c9128660736d72294feb3e from qemu
if MemoryRegion intialization fails it's left in semi-initialized state,
where it's size is not 0 and attached as child to owner object.
And this leds to crash in following use-case:
(monitor) object_add memory-backend-file,id=mem1,size=99999G,mem-path=/tmp/foo,discard-data=yes
memory.c:2083: memory_region_get_ram_ptr: Assertion `mr->ram_block' failed
Aborted (core dumped)
it happens due to assumption that memory region is intialized when
memory_region_size() != 0
and therefore it's ok to access it in
file_backend_unparent()
if (memory_region_size() != 0)
memory_region_get_ram_ptr()
which happens when object_add fails and unparents failed backend making
file_backend_unparent() access invalid memory region.
Fix it by making sure that memory_region_init_foo() APIs cleanup externally
visible side effects on failure (like set size to 0 and unparenting object)
The API for cpu_transaction_failed() says that it takes the physical
address for the failed transaction. However we were actually passing
it the offset within the target MemoryRegion. We don't currently
have any target CPU implementations of this hook that require the
physical address; fix this bug so we don't get confused if we ever
do add one.
Backports commit 2d54f19401bc54b3b56d1cc44c96e4087b604b97 from qemu
Excepting MOVPRFX, which isn't a reduction. Presumably it is
placed within the group because of its encoding.
Backports commit 047cec971d2791b206677b954227ea92ff7ee3db from qemu
Including only 4, as-yet unimplemented, instruction patterns
so that the whole thing compiles.
Backports commit 38388f7ee3adc04a7e7246c04352451c4f8d00fb from qemu
Instead of passing env and leaving it up to the helper to get the
right fpstatus we pass it explicitly. There was already a get_fpstatus
helper for neon for the 32 bit code. We also add an get_ahp_flag() for
passing the state of the alternative FP16 format flag. This leaves
scope for later tracking the AHP state in translation flags.
Backports commit 486624fcd3eaca6165ab8401d73bbae6c0fb81c1 from qemu
The instruction "ucvtf v0.4h, v04h, #2", with input 0x8000u,
overflows the intermediate float16 to infinity before we have a
chance to scale the output. Use float64 as the intermediate type
so that no input argument (uint32_t in this case) can overflow
or round before scaling. Given the declared argument, the signed
int32_t function has the same problem.
When converting from float16 to integer, using u/int32_t instead
of u/int16_t means that the bounding is incorrect.
Backports commit 88808a022c06f98d81cd3f2d105a5734c5614839 from qemu
Given that this atomic operation will be used by both risc-v
and aarch64, let's not duplicate code across the two targets.
Backports commit 5507c2bf35aa6b4705939349184e71afd5e058b2 from qemu
These operations are re-invented by several targets so far.
Several supported hosts have insns for these, so place the
expanders out-of-line for a future introduction of tcg opcodes.
Backports commit b87fb8cd9f9a0ba599ff79e7bf03222da02e5724 from qemu
Drop TCGV_PTR_TO_NAT and TCGV_NAT_TO_PTR internal macros.
Add tcg_temp_local_new_ptr, tcg_gen_brcondi_ptr, tcg_gen_ext_i32_ptr,
tcg_gen_trunc_i64_ptr, tcg_gen_extu_ptr_i64, tcg_gen_trunc_ptr_i32.
Use inlines instead of macros where possible.
Backports commit 5bfa803448638a45542441fd6b7cc1241403ea72 from qemu
Because the design of the PMU requires that the counter values be
converted between their delta and guest-visible forms for mode
filtering, an additional hook which occurs before the EL is changed is
necessary.
Backports commit b5c53d1b3886387874f8c8582b205aeb3e4c3df6 from qemu
The MDCR_EL2.TDE bit allows the exception level targeted by debug
exceptions to be set to EL2 for code executing at EL0. We handle
this in the arm_debug_target_el() function, but this is only used for
hardware breakpoint and watchpoint exceptions, not for the exception
generated when the guest executes an AArch32 BKPT or AArch64 BRK
instruction. We don't have enough information for a translate-time
equivalent of arm_debug_target_el(), so instead make BKPT and BRK
call a special purpose helper which can do the routing, rather than
the generic exception_with_syndrome helper.
Backports commit c900a2e62dd6dde11c8f5249b638caad05bb15be from qemu
Currently CPUState::cpu_index is monotonically increasing and a newly
created CPU always gets the next higher index. The next available
index is calculated by counting the existing number of CPUs. This is
fine as long as we only add CPUs, but there are architectures which
are starting to support CPU removal, too. For an architecture like PowerPC
which derives its CPU identifier (device tree ID) from cpu_index, the
existing logic of generating cpu_index values causes problems.
With the currently proposed method of handling vCPU removal by parking
the vCPU fd in QEMU
(Ref: http://lists.gnu.org/archive/html/qemu-devel/2015-02/msg02604.html),
generating cpu_index this way will not work for PowerPC.
This patch changes the way cpu_index is handed out by maintaining
a bit map of the CPUs that tracks both addition and removal of CPUs.
The CPU bitmap allocation logic is part of cpu_exec_init(), which is
called by instance_init routines of various CPU targets. Newly added
cpu_exec_exit() API handles the deallocation part and this routine is
called from generic CPU instance_finalize.
Note: This new CPU enumeration is for !CONFIG_USER_ONLY only.
CONFIG_USER_ONLY continues to have the old enumeration logic.
Backports commit b7bca7333411bd19c449147e8202ae6b0e4a8e09 from qemu
With all targets defining CPU_RESOLVING_TYPE, refactor
cpu_parse_cpu_model(type, cpu_model) to parse_cpu_model(cpu_model)
so that callers won't have to know internal resolving cpu
type. Place it in exec.c so it could be called from both
target independed vl.c and *-user/main.c.
That allows us to stop abusing cpu type from
MachineClass::default_cpu_type
as resolver class in vl.c which were confusing part of
cpu_parse_cpu_model().
Also with new parse_cpu_model(), the last users of cpu_init()
in null-machine.c and bsd/linux-user targets could be switched
to cpu_create() API and cpu_init() API will be removed by
follow up patch.
With no longer users left remove MachineState::cpu_model field,
new code should use MachineState::cpu_type instead and
leave cpu_model parsing to generic code in vl.c.
Backports commit 2278b93941d42c30e2950d4b8dff4943d064e7de from qemu
The only difference from qstring_get_str() is that it allows the qstring
to be NULL. If so, NULL is returned.
Backports commit 775932020dd6bd7e9c1acc0d7779677d8b4c094c from qemu
Instantiate a QObject* from a literal QLitObject.
LitObject only supports int64_t for now. uint64_t and double aren't
implemented.
Backports commit 3cf42b8b3af1bd61e736a9ca0f94806c7931ae56 from qemu
Backports commits 2994fd96d986578a342f2342501b4ad30f6d0a85,
701e3c78ce45fa630ffc6826c4b9a4218954bc7f, and
d1853231c60d16af78cf4d1608d043614bfbac0b from qemuu
This function needs to be converted to QOM hook and virtualised for
multi-arch. This rename interferes, as cpu-qom will not have access
to the renaming causing name divergence. This rename doesn't really do
anything anyway so just delete it.
Backports commit 8642c1b81e0418df066a7960a7426d85a923a253 from qemu
Unify half a dozen copies of very similar code (the only difference being
whether comparisons were case-sensitive) and use it also in Tricore,
which did not do any sorting of CPU model names.
Backports commit 47c66009ab793241e8210b3018c77a9ce9506aa8 from qemu
A few block drivers will need to rename .bdrv_create options for their
QAPIfication, so let's have a helper function for that.
Backports commit bcebf102ccc3c6db327f341adc379fdf0673ca6b from qemu
This shares an cached empty FlatView among address spaces. The empty
FV is used every time when a root MR renders into a FV without memory
sections which happens when MR or its children are not enabled or
zero-sized. The empty_view is not NULL to keep the rest of memory
API intact; it also has a dispatch tree for the same reason.
On POWER8 with 255 CPUs, 255 virtio-net, 40 PCI bridges guest this halves
the amount of FlatView's in use (557 -> 260) and dispatch tables
(~800000 -> ~370000). In an unrelated experiment with 112 non-virtio
devices on x86 ("-M pc"), only 4 FlatViews are alive, and about ~2000
are created at startup.
Backports commit 092aa2fc65b7a35121616aad8f39d47b8f921618 from qemu
Since FlatViews are shared now and ASes not, this gets rid of
address_space_init_shareable().
This should cause no behavioural change.
Backports commit b516572f31c0ea0937cd9d11d9bd72dd83809886 from qemu
This renames some helpers to reflect better what they do.
This should cause no behavioural change.
Backports commit 8629d3fcb77e9775e44d9051bad0fb5187925eae from qemu
FlatView's will be shared between AddressSpace's and subpage_t
and MemoryRegionSection cannot store AS anymore, hence this change.
In particular, for:
typedef struct subpage_t {
MemoryRegion iomem;
- AddressSpace *as;
+ FlatView *fv;
hwaddr base;
uint16_t sub_section[];
} subpage_t;
struct MemoryRegionSection {
MemoryRegion *mr;
- AddressSpace *address_space;
+ FlatView *fv;
hwaddr offset_within_region;
Int128 size;
hwaddr offset_within_address_space;
bool readonly;
};
This should cause no behavioural change.
Backports commit 166206845f7fd75e720e6feea0bb01957c8da07f from qemu
As we are going to share FlatView's between AddressSpace's,
and AddressSpaceDispatch is a structure to perform quick lookup
in FlatView, this moves ASD to FlatView.
After previosly open coded ASD rendering, we can also remove
as->next_dispatch as the new FlatView pointer is stored
on a stack and set to an AS atomically.
flatview_destroy() is executed under RCU instead of
address_space_dispatch_free() now.
This makes mem_begin/mem_commit to work with ASD and mem_add with FV
as later on mem_add will be taking FV as an argument anyway.
This should cause no behavioural change.
Backports commit 66a6df1dc6d5b28cc3e65db0d71683fbdddc6b62 from qemu
Convert all machines to use DEFINE_MACHINE() instead of QEMUMachine
automatically using a script.
Backports commit e264d29de28c5b0be3d063307ce9fb613b427cc3 from qemu
Since f3218a8 ("softfloat: add floatx80 constants")
floatx80_infinity is defined but never used.
This patch updates floatx80 functions to use
this definition.
This allows to define a different default Infinity
value on m68k: the m68k FPU defines infinity with
all bits set to zero in the mantissa.
Backports commit 0f605c889ca3fe9744166ad4149d0dff6dacb696 from qemu
Much like recpe the ARM ARM has simplified the pseudo code for the
calculation which is done on a fixed point 9 bit integer maths. So
while adding f16 we can also clean this up to be a little less heavy
on the floating point and just return the fractional part and leave
the calle's to do the final packing of the result.
Backports commit d719cbc7641991d16b891ffbbfc3a16a04e37b9a from qemu
Also removes a load of symbols that seem unnecessary from the header_gen script
It looks like the ARM ARM has simplified the pseudo code for the
calculation which is done on a fixed point 9 bit integer maths. So
while adding f16 we can also clean this up to be a little less heavy
on the floating point and just return the fractional part and leave
the calle's to do the final packing of the result.
Backports commit 5eb70735af1c0b607bf2671a53aff3710cc1672f from qemu
This adds the full range of half-precision floating point to integral
instructions.
Backports commit 6109aea2d954891027acba64a13f1f1c7463cfac from qemu
A bunch of the vectorised bitwise operations just operate on larger
chunks at a time. We can do the same for the new half-precision
operations by introducing some TWOHALFOP helpers which work on each
half of a pair of half-precision operations at once.
Hopefully all this hoop jumping will get simpler once we have
generically vectorised helpers here.
Backports commit 6089030c7322d8f96b54fb9904e53b0f464bb8fe from qemu
As some of the constants here will also be needed
elsewhere (specifically for the upcoming SVE support) we move them out
to softfloat.h.
Backports commit 026e2d6ef74000afb9049f46add4b94f594c8fb3 from qemu
Backports commit 2deb992b767d28035fac3b374c7730494ff0b43d from qemu
Also backports the fp16 changes introduced in commit f566c0474a9b9bbd9ed248607e4007e24d3358c0
These use the generic float16_compare functionality which in turn uses
the common float_compare code from the softfloat re-factor.
Backports commit d32adeae1a71a8e71374fa48d3d6ab0ad4c23e94 from qemu
The fprintf is only there for debugging as the skeleton is added to,
it will be removed once the skeleton is complete.
Backports commit 372087348d561e7f4051d7b32609bda417092ddf from qemu
This implements the half-precision variants of the across vector
reduction operations. This involves a re-factor of the reduction code
which more closely matches the ARM ARM order (and handles 8 element
reductions).
Backports commit 807cdd504283c11addcd7ea95ba594bbddc86fe4 from qemu
This is a little bit of a departure from softfloat's original approach
as we skip the estimate step in favour of a straight iteration. There
is a minor optimisation to avoid calculating more bits of precision
than we need however this still brings a performance drop, especially
for float64 operations.
Backports commit c13bb2da9eedfbc5886c8048df1bc1114b285fb0 from qemu
The compare function was already expanded from a macro. I keep the
macro expansion but move most of the logic into a compare_decomposed.
Backports commit 0c4c90929143a530730e2879204a55a30bf63758 from qemu
Let's do the same re-factor treatment for minmax functions. I still
use the MACRO trick to expand but now all the checking code is common.
Backports commit 89360067071b1844bf745682e18db7dde74cdb8d from qemu
This is one of the simpler manipulations you could make to a floating
point number.
Backports commit 0bfc9f195209593e91a98cf2233753f56a2e5c02 from qemu
These are considerably simpler as the lower order integers can just
use the higher order conversion function. As the decomposed fractional
part is a full 64 bit rounding and inexact handling comes from the
pack functions.
Backports commit c02e1fb80b553d47420f7492de4bc590c2461a86 from qemu
We share the common int64/uint64_pack_decomposed function across all
the helpers and simply limit the final result depending on the final
size.
Backports commit ab52f973a504f8de0c5df64631ba4caea70a7d9e from qemu
We can now add float16_round_to_int and use the common round_decomposed and
canonicalize functions to have a single implementation for
float16/32/64 round_to_int functions.
Backports commit dbe4d53a590f5689772b683984588b3cf6df163e from qemu
We can now add float16_muladd and use the common decompose and
canonicalize functions to have a single implementation for
float16/32/64 muladd functions.
Backports commit d446830a3aac33e7221e361dad3ab1e1892646cb from qemu
We can now add float16_div and use the common decompose and
canonicalize functions to have a single implementation for
float16/32/64 versions.
Backports commit cf07323d494f4bc225e405688c2e455c3423cc40 from qemu
We can now add float16_mul and use the common decompose and
canonicalize functions to have a single implementation for
float16/32/64 versions.
Backports commit 74d707e2cc1e406068acad8e5559cd2584b1073a from qemu
We can now add float16_add/sub and use the common decompose and
canonicalize functions to have a single implementation for
float16/32/64 add and sub functions.
Backports commit 6fff216769cf7eaa3961c85dee7a72838696d365 from qemu
This will be required when expanding the MINMAX() macro for 16
bit/half-precision operations.
Backports commit 210cbd4910ae9e41e0a1785b96890ea2c291b381 from qemu
compare_litqobj_to_qobj() lacks a qlit_ prefix. Moreover, "compare"
suggests -1, 0, +1 for less than, equal and greater than. The
function actually returns non-zero for equal, zero for unequal.
Rename to qlit_equal_qobject().
Its return type will be cleaned up in the next patch.
Backports commit 60cc2eb7afd40b9cbaa35a5e0b54f365ac6e49f1 from qemu
This implements emulation of the new SM4 instructions that have
been added as an optional extension to the ARMv8 Crypto Extensions
in ARM v8.2.
Backports commit b6577bcd251ca0d57ae1de149e3c706b38f21587 from qemu
