Commit graph

835 commits

Author SHA1 Message Date
Richard Henderson 3a51861c05
target/arm: Implement SVE Memory Contiguous Store Group
Backports commit 1a039c7e58533d5f9431a2064771113d5961c964 from qemu
2018-07-03 01:57:52 -04:00
Richard Henderson 22a155a5d4
target/arm: Implement SVE Contiguous Load, first-fault and no-fault
Backports commit e2654d757598d6c06d1ceb25c62ddf7d63cac32f from qemu
2018-07-03 01:52:38 -04:00
Richard Henderson da1eeb226e
target/arm: Implement SVE Memory Contiguous Load Group
Backports commit c4e7c493da2fdd2c92a7958e592e38200af2f1ba from qemu
2018-07-03 01:40:18 -04:00
Jan Kiszka a27161c7a0
target-i386: Mark cpu_vmexit noreturn
It calls cpu_loop_exit in system emulation mode (and should never be
called in user emulation mode).

Backports commit 50b3de6e5cd464dcc20e3a48f5a09e0299a184ac from qemu
2018-07-03 01:30:01 -04:00
Jan Kiszka fab6f4cd3a
target-i386: Allow interrupt injection after STGI
We need to terminate the translation block after STGI so that pending
interrupts can be injected.

This fixes pending NMI injection for Jailhouse which uses "stgi; clgi"
to open a brief injection window.

Backports commit df2518aa587a0157bbfbc635fe47295629d9914a from qemu
2018-07-03 01:29:43 -04:00
Jan Kiszka 7c01627388
target-i386: Add NMI interception to SVM
Check for SVM interception prior to injecting an NMI. Tested via the
Jailhouse hypervisor.

Backports commit 02f7fd25a446a220905c2e5cb0fc3655d7f63b29 from qemu
2018-07-03 01:25:29 -04:00
Richard Henderson 91359e67f9
target/i386: Fix BLSR and BLSI
The implementation of these two instructions was swapped.
At the same time, unify the setup of eflags for the insn group.

Backports commit 13672386a93fef64cfd33bd72fbf3d80f2c00e94 from qemu
2018-07-03 01:22:04 -04:00
Yongbok Kim a63e549673
target/mips: Fix data type for offset
Offset can be larger than 16 bit from nanoMIPS,
and immediate field can be larger than 16 bits as well.

Backports commit 72e1f16f18fe62504f8f25d7a3f6813b24b221be from qemu
2018-07-03 01:01:09 -04:00
Yongbok Kim f2d68a4079
target/mips: Update gen_flt_ldst()
Update gen_flt_ldst() in order to reuse the functions for nanoMIPS

Backports commit b52d3bfa2d54d99ef25f6d008815eecc53b67bfe from qemu
2018-07-03 00:59:47 -04:00
Yongbok Kim a246bdb5b3
target/mips: Fix microMIPS on reset
Fix to activate microMIPS on reset when Config3.ISA == {1, 3}

Backports commit 0305d194be1dbda09fa7a7c883894030d07c355f from qemu
2018-07-03 00:57:50 -04:00
Yongbok Kim 872be901d4
target/mips: Raise a RI when given fs is n/a from CTC1
Fix to raise a Reserved Instruction exception when given fs is not
available from CTC1.

Backports commit f48a2cb21824217a61ec7be797860a0702e5325c from qemu
2018-07-03 00:57:09 -04:00
Peter Maydell 4abcf14b52
target/arm: Handle small regions in get_phys_addr_pmsav8()
Allow ARMv8M to handle small MPU and SAU region sizes, by making
get_phys_add_pmsav8() set the page size to the 1 if the MPU or
SAU region covers less than a TARGET_PAGE_SIZE.

We choose to use a size of 1 because it makes no difference to
the core code, and avoids having to track both the base and
limit for SAU and MPU and then convert into an artificially
restricted "page size" that the core code will then ignore.

Since the core TCG code can't handle execution from small
MPU regions, we strip the exec permission from them so that
any execution attempts will cause an MPU exception, rather
than allowing it to end up with a cpu_abort() in
get_page_addr_code().

(The previous code's intention was to make any small page be
treated as having no permissions, but unfortunately errors
in the implementation meant that it didn't behave that way.
It's possible that some binaries using small regions were
accidentally working with our old behaviour and won't now.)

We also retain an existing bug, where we ignored the possibility
that the SAU region might not cover the entire page, in the
case of executable regions. This is necessary because some
currently-working guest code images rely on being able to
execute from addresses which are covered by a page-sized
MPU region but a smaller SAU region. We can remove this
workaround if we ever support execution from small regions.

Backports commit 720424359917887c926a33d248131fbff84c9c28 from qemu
2018-07-03 00:55:37 -04:00
Peter Maydell 5e8e8b9bf8
target/arm: Set page (region) size in get_phys_addr_pmsav7()
We want to handle small MPU region sizes for ARMv7M. To do this,
make get_phys_addr_pmsav7() set the page size to the region
size if it is less that TARGET_PAGE_SIZE, rather than working
only in TARGET_PAGE_SIZE chunks.

Since the core TCG code con't handle execution from small
MPU regions, we strip the exec permission from them so that
any execution attempts will cause an MPU exception, rather
than allowing it to end up with a cpu_abort() in
get_page_addr_code().

(The previous code's intention was to make any small page be
treated as having no permissions, but unfortunately errors
in the implementation meant that it didn't behave that way.
It's possible that some binaries using small regions were
accidentally working with our old behaviour and won't now.)

Backports commit e5e40999b5e03567ef654546e3d448431643f8f3 from qemu
2018-07-03 00:49:51 -04:00
Babu Moger ec6b1f1554
i386: Enable TOPOEXT feature on AMD EPYC CPU
Enable TOPOEXT feature on EPYC CPU. This is required to support
hyperthreading on VM guests. Also extend xlevel to 0x8000001E.

Disable topoext on PC_COMPAT_2_12 and keep xlevel 0x8000000a.

Backports commit e00516475c270dcb6705753da96063f95699abf2 from qemu
2018-07-03 00:32:50 -04:00
Babu Moger b5f47a4884
i386: Fix up the Node id for CPUID_8000_001E
This is part of topoext support. To keep the compatibility, it is better
we support all the combination of nr_cores and nr_threads currently
supported. By allowing more nr_cores and nr_threads, we might end up with
more nodes than we can actually support with the real hardware. We need to
fix up the node id to make this work. We can achieve this by shifting the
socket_id bits left to address more nodes.

Backports commit 631be32155dbafa1fe886f2488127956c9120ba6 from qemu
2018-07-03 00:31:38 -04:00
Konrad Rzeszutek Wilk 475062aca9
i386: Define AMD's no SSB mitigation needed.
AMD future CPUs expose a mechanism to tell the guest that the
Speculative Store Bypass Disable is not needed and that the
CPU is all good.

This is exposed via the CPUID 8000_0008.EBX[26] bit.

See 124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf

A copy of this document is available at
https://bugzilla.kernel.org/show_bug.cgi?id=199889

Backports commit 254790a909a2f153d689bfa7d8e8f0386cda870d from qemu
2018-07-03 00:24:58 -04:00
Konrad Rzeszutek Wilk 0023d048aa
i386: define the AMD 'amd-ssbd' CPUID feature bit
AMD future CPUs expose _two_ ways to utilize the Intel equivalant
of the Speculative Store Bypass Disable. The first is via
the virtualized VIRT_SPEC CTRL MSR (0xC001_011f) and the second
is via the SPEC_CTRL MSR (0x48). The document titled:
124441_AMD64_SpeculativeStoreBypassDisable_Whitepaper_final.pdf

gives priority of SPEC CTRL MSR over the VIRT SPEC CTRL MSR.

A copy of this document is available at
https://bugzilla.kernel.org/show_bug.cgi?id=199889

Anyhow, this means that on future AMD CPUs there will be _two_ ways to
deal with SSBD.

Backports commit a764f3f7197f4d7ad8fe8424269933de912224cb from qemu
2018-07-03 00:24:24 -04:00
Eduardo Habkost bffd8c6244
i386: Remove ospke CPUID flag name
OSPKE is not a static feature flag: it changes dynamically at
runtime depending on CR4, and it was never configurable: KVM
never returned OSPKE on GET_SUPPORTED_CPUID, and on TCG enables
it automatically if CR4_PKE_MASK is set.

Remove OSPKE from the feature name array so users don't try to
configure it manually.

Backports commit 9ccb9784b57804f5c74434ad6ccb66650a015ffc from qemu
2018-07-03 00:23:33 -04:00
Eduardo Habkost f294aa7cb5
i386: Remove osxsave CPUID flag name
OSXAVE is not a static feature flag: it changes dynamically at
runtime depending on CR4, and it was never configurable: KVM
never returned OSXSAVE on GET_SUPPORTED_CPUID, and it is not
included in TCG_EXT_FEATURES.

Remove OSXSAVE from the feature name array so users don't try to
configure it manually.

Backports commit f1a23522b03a569f13aad49294bb4c4b1a9500c7 from qemu
2018-07-03 00:22:32 -04:00
Babu Moger c07a5c06e7
i386: Add support for CPUID_8000_001E for AMD
Add support for cpuid leaf CPUID_8000_001E. Build the config that closely
match the underlying hardware. Please refer to the Processor Programming
Reference (PPR) for AMD Family 17h Model for more details.

Backports commit ed78467a214595a63af7800a073a03ffe37cd7db from qemu
2018-07-03 00:21:23 -04:00
Julia Suvorova f28514178a
target/arm: Strict alignment for ARMv6-M and ARMv8-M Baseline
Unlike ARMv7-M, ARMv6-M and ARMv8-M Baseline only supports naturally
aligned memory accesses for load/store instructions.

Backports commit 2aeba0d007d33efa12a6339bb140aa634e0d52eb from qemu
2018-06-29 14:15:33 -05:00
Julia Suvorova 65d0e176c3
target/arm: Introduce ARM_FEATURE_M_MAIN
This feature is intended to distinguish ARMv8-M variants: Baseline and
Mainline. ARMv7-M compatibility requires the Main Extension. ARMv6-M
compatibility is provided by all ARMv8-M implementations.

Backports commit cc2ae7c9de14efd72c6205825eb7cd980ac09c11 from qemu
2018-06-29 14:14:18 -05:00
Edgar E. Iglesias dfc6bd6a0b
target-arm: Add the Cortex-R5F
Add the Cortex-R5F with the optional FPU enabled.

Backports commit ebac5458c7517ed7b8ee06eb90beacc7472b295d from qemu
2018-06-29 13:53:31 -05:00
Julia Suvorova 38747fc125
target/arm: Minor cleanup for ARMv6-M 32-bit instructions
The arrays were made static, "if" was simplified because V7M and V8M
define V6 feature.

Backports commit 8297cb13e407db8a96cc7ed6b6a6c318a150759a from qemu
2018-06-29 13:50:30 -05:00
Julia Suvorova f447a6f668
target/arm: Allow ARMv6-M Thumb2 instructions
ARMv6-M supports 6 Thumb2 instructions. This patch checks for these
instructions and allows their execution.
Like Thumb2 cores, ARMv6-M always interprets BL instruction as 32-bit.

This patch is required for future Cortex-M0 support.

Backports commit 14120108f87b3f9e1beacdf0a6096e464e62bb65 from qemu
2018-06-15 14:12:20 -04:00
Richard Henderson d81cc5f5cd
target/arm: Implement SVE Floating Point Arithmetic - Unpredicated Group
Backports commit 29b80469dc51ae4064e9ef9223967882d2610523 from qemu
2018-06-15 14:10:16 -04:00
Richard Henderson e56db70fee
target/arm: Implement SVE Integer Wide Immediate - Unpredicated Group
Backports commit 6e6a157d683058d86a224cf128320d67b0915365 from qemu
2018-06-15 14:05:11 -04:00
Richard Henderson b5352c6ba1
target/arm: Implement FDUP/DUP
Backports commit ed49196125360c037d7f23c1c315a85cc234e72d from qemu
2018-06-15 13:56:03 -04:00
Richard Henderson 496bb35c97
target/arm: Implement SVE Integer Compare - Scalars Group
Backports commit caf1cefc72be98497e0907d0e07f4327fc641e96 from qemu
2018-06-15 13:54:05 -04:00
Richard Henderson bc55b3e570
target/arm: Implement SVE Predicate Count Group
Backports commit 9ee3a611de28b8d0862fa687215b04b5aad20747 from qemu
2018-06-15 13:49:58 -04:00
Richard Henderson bb930f35b0
target/arm: Implement SVE Partition Break Group
Backports commit 35da316f5e847292ffbe7b6d16cd3988043dfe22 from qemu
2018-06-15 13:42:35 -04:00
Richard Henderson ade246e87b
target/arm: Implement SVE Integer Compare - Immediate Group
Backports commit 38cadeba0daf0f16cf2aeaa5b2752b26fb0676c5 from qemu
2018-06-15 13:35:40 -04:00
Richard Henderson 2969a38d61
target/arm: Implement SVE Integer Compare - Vectors Group
Backports commit 757f9cff1b63895bfd6fc8d66a6e52d7c40baa7b from qemu
2018-06-15 13:29:15 -04:00
Richard Henderson 7211d415a4
target/arm: Implement SVE Select Vectors Group
Backports commit d3fe4a29d754dee73cbf3cb7584db222981179ac from qemu
2018-06-15 13:17:47 -04:00
Richard Henderson 7698c1634e
target/arm: Implement SVE vector splice (predicated)
Backports commit b48ff24098c72f86e187e6abb7e9ca4de40a7fb4 from qemu
2018-06-15 13:14:33 -04:00
Richard Henderson 7d930e8515
target/arm: Implement SVE reverse within elements
Backports commit dae8fb9019d2aa6ccb151a19871df40de6c98e29 from qemu
2018-06-15 13:12:14 -04:00
Richard Henderson 53d151de58
target/arm: Implement SVE copy to vector (predicated)
Backports commit 792a557847697235037fea30eaaacb9b45b4c9e5 from qemu
2018-06-15 13:03:36 -04:00
Richard Henderson 0bb2fdd752
target/arm: Implement SVE conditionally broadcast/extract element
Backports commit ef23cb726dc32375bc2fca7ac3e9f34816f6ee13 from qemu
2018-06-15 13:01:40 -04:00
Richard Henderson 8ba3bde59b
target/arm: Implement SVE compress active elements
Backports commit 3ca879aeb3412bc2be35d01a7bedf5fada960b5d from qemu
2018-06-15 12:52:19 -04:00
Richard Henderson d9ed221567
target/arm: Implement SVE Permute - Interleaving Group
Backports commit 234b48e9c68759aea78ff5a1e49c2ba806cd1d83 from qemu
2018-06-15 12:49:42 -04:00
Richard Henderson 3722ab310b
target/arm: Implement SVE Permute - Predicates Group
Backports commit d731d8cb3c74258669211f065c918353eb7b8f4a from qemu
2018-06-15 12:44:50 -04:00
Richard Henderson c57ff23c56
target/arm: Implement SVE Permute - Unpredicated Group
Backports commit 30562ab716bcec0bf718b47b5268949856b17604 from qemu
2018-06-15 12:37:56 -04:00
Richard Henderson 4dc2b5ea79
target/arm: Extend vec_reg_offset to larger sizes
Rearrange the arithmetic so that we are agnostic about the total size
of the vector and the size of the element. This will allow us to index
up to the 32nd byte and with 16-byte elements.

Backports commit 66f2dbd783d0b6172043e3679171421b2d0bac11 from qemu
2018-06-15 12:23:35 -04:00
Babu Moger d4ad9e37a2
i386: Populate AMD Processor Cache Information for cpuid 0x8000001D
Add information for cpuid 0x8000001D leaf. Populate cache topology information
for different cache types (Data Cache, Instruction Cache, L2 and L3) supported
by 0x8000001D leaf. Please refer to the Processor Programming Reference (PPR)
for AMD Family 17h Model for more details.

Backports commit 8f4202fb1080f86958782b1fca0bf0279f67d136 from qemu
2018-06-15 11:52:28 -04:00
Eduardo Habkost 7837f23cd9
i386: Clean up cache CPUID code
Always initialize CPUCaches structs with cache information, even
if legacy_cache=true. Use different CPUCaches struct for
CPUID[2], CPUID[4], and the AMD CPUID leaves.

This will simplify a lot the logic inside cpu_x86_cpuid()

Backports commit a9f27ea9adc8c695197bd08f2e938ef7b4183f07 from qemu
2018-06-15 11:51:09 -04:00
Richard Henderson 1a91edd263
target/m68k: Merge disas_m68k_insn into m68k_tr_translate_insn
Backports commit a56f36c1d2bccbc50a53fa8093b93d205607f1b8 from qemu
2018-06-15 11:40:18 -04:00
Richard Henderson a8540a30d2
target/m68k: Improve ending TB at page boundaries
Rather than limit total TB size to PAGE-32 bytes, end the TB when
near the end of a page. This should provide proper semantics of
SIGSEGV when executing near the end of a page.

Backports commit 4c7a0f6f34869b3dfe7091d28ff27a8dfbdd8b70 from qemu
2018-06-15 11:36:08 -04:00
Richard Henderson c42ca54685
target/m68k: Convert to TranslatorOps
Backports commit 11ab74b01e0a8ea4973eed89c6b90fa6e4fb9fb6 from qemu
2018-06-15 11:35:31 -04:00
Richard Henderson f4432cbca7
target/m68k: Convert to DisasContextBase
Removed ctx->insn_pc in favour of ctx->base.pc_next.
Yes, it is annoying, but didn't want to waste its 4 bytes.

Backports commit a575cbe01caecf22ab322a9baa5930a6d9e39ca6 from qemu
2018-06-15 11:25:23 -04:00
Richard Henderson 0445fcf34a
target/m68k: Rename DISAS_UPDATE and gen_lookup_tb
The name gen_lookup_tb is at odds with tcg_gen_lookup_and_goto_tb.
For these cases, we do indeed want to exit back to the main loop.
Similarly, DISAS_UPDATE performs no actual update, whereas DISAS_EXIT
does what it says.

Backports commit 4106f26e95c83b8759c3fe61a4d3a1fa740db0a9 from qemu
2018-06-15 10:50:34 -04:00
Richard Henderson 90b3770665
target/m68k: Use lookup_and_goto_tb for DISAS_JUMP
These are all indirect or out-of-page direct jumps.
We can indirectly chain to the next TB without going
back to the main loop.

Backports commit 8aaf7da9c3b1f282b5a123de3e87a2e6ca87f3b9 from qemu
2018-06-15 10:48:18 -04:00
Richard Henderson c2fe05f7d9
target/m68k: Remove DISAS_JUMP_NEXT as unused
Backports commit 707ddb5ac6f91309ff6ed6bec988ed8100846f50 from qemu
2018-06-15 10:46:26 -04:00
Richard Henderson 76b8bd614d
target/m68k: Replace DISAS_TB_JUMP with DISAS_NORETURN
We have exited the TB after using goto_tb; there is no
distinction from DISAS_NORETURN.

Backports commit 825340f5659647deb62743c3cb479ec8d78f1862 from qemu
2018-06-15 10:45:33 -04:00
Richard Henderson 3c01ea765d
target/m68k: Use DISAS_NORETURN for exceptions
The raise_exception helper does not return. Do not generate
any code following that.

Backports commit cb4add334a5a8db263c20c33c5365be3868f8967 from qemu
2018-06-15 10:44:07 -04:00
Philippe Mathieu-Daudé 145174a359
target/m68k: Add trailing '\n' to qemu_log() call
Backports commit 21528149eba03fc17f428a8e1660d8666683ca85 from qemu
2018-06-08 19:25:21 -04:00
Philippe Mathieu-Daudé 5992214b3b
target/arm: Add trailing '\n' to qemu_log() calls
Backports commit 0221c8fdf2321137b34bd4dbb2557d0725739822 from qemu
2018-06-08 19:24:38 -04:00
Richard Henderson 10e2b13650
tcg: Pass tb and index to tcg_gen_exit_tb separately
Do the cast to uintptr_t within the helper, so that the compiler
can type check the pointer argument. We can also do some more
sanity checking of the index argument.

Backports commit 07ea28b41830f946de3841b0ac61a3413679feb9 from qemu
2018-06-07 11:56:32 -04:00
Richard Henderson 533a3f6a6c
tcg: Fix helper function vs host abi for float16
Depending on the host abi, float16, aka uint16_t, values are
passed and returned either zero-extended in the host register
or with garbage at the top of the host register.

The tcg code generator has so far been assuming garbage, as that
matches the x86 abi, but this is incorrect for other host abis.
Further, target/arm has so far been assuming zero-extended results,
so that it may store the 16-bit value into a 32-bit slot with the
high 16-bits already clear.

Rectify both problems by mapping "f16" in the helper definition
to uint32_t instead of (a typedef for) uint16_t. This forces
the host compiler to assume garbage in the upper 16 bits on input
and to zero-extend the result on output.

Backports commit 6c2be133a7478e443c99757b833d0f265c48e0a6 from qemu
2018-06-02 10:10:12 -04:00
Peter Maydell 0f0b2e0bd8
target/arm: Honour FPCR.FZ in FRECPX
The FRECPX instructions should (like most other floating point operations)
honour the FPCR.FZ bit which specifies whether input denormals should
be flushed to zero (or FZ16 for the half-precision version).
We forgot to implement this, which doesn't affect the results (since
the calculation doesn't actually care about the mantissa bits) but did
mean we were failing to set the FPSR.IDC bit.

Backports commit 2cfbf36ec07f7cac1aabb3b86f1c95c8a55424ba from qemu
2018-06-02 10:02:57 -04:00
Konrad Rzeszutek Wilk a08dcb8aa6
i386: define the AMD 'virt-ssbd' CPUID feature bit (CVE-2018-3639)
AMD Zen expose the Intel equivalant to Speculative Store Bypass Disable
via the 0x80000008_EBX[25] CPUID feature bit.

This needs to be exposed to guest OS to allow them to protect
against CVE-2018-3639.

Backports commit 403503b162ffc33fb64cfefdf7b880acf41772cd from qemu
2018-05-22 16:58:25 -04:00
Konrad Rzeszutek Wilk 860411e045
i386: Define the Virt SSBD MSR and handling of it (CVE-2018-3639)
"Some AMD processors only support a non-architectural means of enabling
speculative store bypass disable (SSBD). To allow a simplified view of
this to a guest, an architectural definition has been created through a new
CPUID bit, 0x80000008_EBX[25], and a new MSR, 0xc001011f. With this, a
hypervisor can virtualize the existence of this definition and provide an
architectural method for using SSBD to a guest.

Add the new CPUID feature, the new MSR and update the existing SSBD
support to use this MSR when present." (from x86/speculation: Add virtualized
speculative store bypass disable support in Linux).

Backports commit cfeea0c021db6234c154dbc723730e81553924ff from qemu
2018-05-22 16:57:39 -04:00
Daniel P. Berrangé 795bcc7de3
i386: define the 'ssbd' CPUID feature bit (CVE-2018-3639)
New microcode introduces the "Speculative Store Bypass Disable"
CPUID feature bit. This needs to be exposed to guest OS to allow
them to protect against CVE-2018-3639.

Backports commit d19d1f965904a533998739698020ff4ee8a103da from qemu
2018-05-22 16:56:41 -04:00
Emilio G. Cota 7e8902eccc
tcg: fix s/compliment/complement/ typos
Backports commit 1d349821551c2da4dfefe36c6ac17319f33ebbd5 from qemu
2018-05-22 00:29:51 -04:00
Richard Henderson 6835b2dd13
target/arm: Implement SVE Permute - Extract Group
Backports commit b94f8f60bd841c5b737185cd38263e26822f77ab from qemu
2018-05-20 05:26:55 -04:00
Richard Henderson 9917f0d536
target/arm: Implement SVE Integer Wide Immediate - Predicated Group
Backports commit f25a2361539626721dbccce14c077cad03b2e72c from qemu
2018-05-20 05:24:04 -04:00
Richard Henderson f4ecf1a152
target/arm: Implement SVE Bitwise Immediate Group
Backports commit e1fa1164f397bbd381439ed32d97d9b4b4d7eb43 from qemu
2018-05-20 05:17:53 -04:00
Richard Henderson 89038c1e4b
target/arm: Implement SVE Element Count Group
Backports commit 24e82e68341e73ec0f65534c78c13fd03395b188 from qemu
2018-05-20 05:15:35 -04:00
Richard Henderson 0249ab3f7e
target/arm: Implement SVE floating-point trig select coefficient
Backports commit a1f233f25fd502f9a5b40c14df1b4dbdda463487 from qemu
2018-05-20 05:05:20 -04:00
Richard Henderson d6c18fc788
target/arm: Implement SVE floating-point exponential accelerator
Backports commit 0762cd428fd7b471207f5cb5b4bd4bd8f141dbe0 from qemu
2018-05-20 05:01:16 -04:00
Richard Henderson cb55a3acdb
target/arm: Implement SVE Compute Vector Address Group
Backports commit 4b242d9c1b6beaf5c81d84e956243b614a4a1d84 from qemu
2018-05-20 04:57:18 -04:00
Richard Henderson 45e009269e
target/arm: Implement SVE Bitwise Shift - Unpredicated Group
Backports commit d9d78dccc86eed10ccf1c8e1ac236e41ec330b06 from qemu
2018-05-20 04:51:58 -04:00
Lioncash bf97c44a2b
target/arm: Implement SVE Stack Allocation Group 2018-05-20 04:45:53 -04:00
Richard Henderson 45a09e2f25
target/arm: Implement SVE Index Generation Group
Backports commit 9a56c9c3a955b77fe436beef7ac03c76a65fa32d from qemu
2018-05-20 04:43:01 -04:00
Richard Henderson 390bd68287
target/arm: Implement SVE Integer Arithmetic - Unpredicated Group
Backports commit fea98f9c3077e4666f6d4933030b5891fbd6bb12 from qemu
2018-05-20 04:36:54 -04:00
Richard Henderson 1730d3cff0
target/arm: Implement SVE Integer Multiply-Add Group
Backports commit 96a36e4a44bbf296ac212ed68ebf4e48d3dfb1f0 from qemu
2018-05-20 04:35:36 -04:00
Richard Henderson 32949156d2
target/arm: Implement SVE Integer Arithmetic - Unary Predicated Group
Backports commit afac6d0467c1327ad2e30a3c35347fcf5a773742 from qemu
2018-05-20 04:31:18 -04:00
Lioncash 878b862a04
target/arm: Implement SVE bitwise shift by wide elements (predicated) 2018-05-20 03:10:24 -04:00
Richard Henderson 5aa51a3a74
target/arm: Implement SVE bitwise shift by vector (predicated)
Backports commit 27721dbb7ae5e2a52f06588cf38854e4cbc613c0 from qemu
2018-05-20 03:07:02 -04:00
Richard Henderson 7bb3067b95
target/arm: Implement SVE bitwise shift by immediate (predicated)
Backports commit ccd841c3d71db6943f8b6d3d56bd2abb548ba40c from qemu
2018-05-20 03:01:07 -04:00
Richard Henderson 837e39ea63
target/arm: Implement SVE Integer Reduction Group
Excepting MOVPRFX, which isn't a reduction. Presumably it is
placed within the group because of its encoding.

Backports commit 047cec971d2791b206677b954227ea92ff7ee3db from qemu
2018-05-20 02:53:04 -04:00
Richard Henderson 331aabddeb
target/arm: Implement SVE Predicate Misc Group
Backports commit 028e2a7b876631eff165cac59eb43bdb2dcc213b and
f97cfd596ed9bd38644323cb61d19b85ac703c81 from qemu
2018-05-20 02:43:36 -04:00
Richard Henderson 65f74e3608
target/arm: Implement SVE Predicate Logical Operations Group
Backports commit 516e246a1a292f6c6f6aad5451799accbb08acd9 from qemu
2018-05-20 01:35:59 -04:00
Lioncash 1eaa2e4571
target/arm: Implement SVE predicate test 2018-05-20 01:16:16 -04:00
Richard Henderson e6a0b2c2bc
target/arm: Implement SVE Bitwise Logical - Unpredicated Group
These were the instructions that were stubbed out when
introducing the decode skeleton.

Backports commit 39eea56172e668cc4cca611ed9166779df54ac63 from qemu
2018-05-20 01:00:52 -04:00
Richard Henderson 49def4bbde
target/arm: Add SVE decode skeleton
Including only 4, as-yet unimplemented, instruction patterns
so that the whole thing compiles.

Backports commit 38388f7ee3adc04a7e7246c04352451c4f8d00fb from qemu
2018-05-20 00:48:14 -04:00
Richard Henderson d2d8e2fc33
target/arm: Introduce translate-a64.h
Move some stuff that will be common to both translate-a64.c
and translate-sve.c.

Backports commit 8c71baedb8055beaa681823206ee3a74f9f8649a from qemu
2018-05-20 00:34:25 -04:00
Abdallah Bouassida 11149ba82b
target/arm: Add _S suffix to the secure version of a sysreg
This is a preparation for the coming feature of creating dynamically an XML
description for the ARM sysregs.
Add "_S" suffix to the secure version of sysregs that have both S and NS views
Replace (S) and (NS) by _S and _NS for the register that are manually defined,
so all the registers follow the same convention.

Backports commit 9c513e786d85cc58b8ba56a482566f759e0835b6 from qemu
2018-05-20 00:19:34 -04:00
Abdallah Bouassida 079615b2a0
target/arm: Add ARM_CP_NO_GDB as a new bit field for ARMCPRegInfo type
This is a preparation for the coming feature of creating dynamically an XML
description for the ARM sysregs.
A register has ARM_CP_NO_GDB enabled will not be shown in the dynamic XML.
This bit is enabled automatically when creating CP_ANY wildcard aliases.
This bit could be enabled manually for any register we want to remove from the
dynamic XML description.

Backports commit 1f16378718fa87d63f70d0797f4546a88d8e3dd7 from qemu
2018-05-20 00:15:56 -04:00
Richard Henderson 4c8b31e7fe
target/mips: Remove floatX_maybe_silence_nan from conversions
This is now handled properly by the generic softfloat code.

Backports commit 4accd4a89f776b0d2a34d1edf74c785549c7f3b9 from qemu
2018-05-19 23:25:04 -04:00
Richard Henderson 4e9ca91bb2
target/m68k: Use floatX_silence_nan when we have already checked for SNaN
Backports commit 1c0c951f717e66b4be45611c0d6661a2dff4241c from qemu
2018-05-19 23:23:56 -04:00
Richard Henderson 1b6cac4e7e
target/arm: Remove floatX_maybe_silence_nan from conversions
This is now handled properly by the generic softfloat code.

Backports commit a9d173dc603af74102c24c1c92d479ba580bbf07 from qemu
2018-05-19 23:23:09 -04:00
Richard Henderson 5e532f6d20
target/arm: Use floatX_silence_nan when we have already checked for SNaN
Backports commit d7ecc062c4e264f716ed239df931f52adb340508 from qemu
2018-05-19 23:21:28 -04:00
Alex Bennée 50105cf593
target/arm: squash FZ16 behaviour for conversions
The ARM ARM specifies FZ16 is suppressed for conversions. Rather than
pushing this logic into the softfloat code we can simply save the FZ
state and temporarily disable it for the softfloat call.

Backports commit 0acb9e7cb341cd767e39ec0875c8706eb2f1c359 from qemu
2018-05-19 23:00:09 -04:00
Alex Bennée 40d57900bf
target/arm: convert conversion helpers to fpst/ahp_flag
Instead of passing env and leaving it up to the helper to get the
right fpstatus we pass it explicitly. There was already a get_fpstatus
helper for neon for the 32 bit code. We also add an get_ahp_flag() for
passing the state of the alternative FP16 format flag. This leaves
scope for later tracking the AHP state in translation flags.

Backports commit 486624fcd3eaca6165ab8401d73bbae6c0fb81c1 from qemu
2018-05-19 22:58:25 -04:00
Babu Moger 5091ebe6fb
i386: Add new property to control cache info
The property legacy-cache will be used to control the cache information.
If user passes "-cpu legacy-cache" then older information will
be displayed even if the hardware supports new information. Otherwise
use the statically loaded cache definitions if available.

Renamed the previous cache structures to legacy_*. If there is any change in
the cache information, then it needs to be initialized in builtin_x86_defs.

Backports commit ab8f992e3e63e91be257e4e343d386dae7be4bcb from qemu
2018-05-17 19:04:56 -04:00
Babu Moger 1add2da704
i386: Initialize cache information for EPYC family processors
Initialize pre-determined cache information for EPYC processors.

Backports commit fe52acd2a054b97765963a42037f2f886545e30c from qemu
2018-05-17 19:01:19 -04:00
Babu Moger c5b8a6a704
i386: Add cache information in X86CPUDefinition
Add cache information in X86CPUDefinition and CPUX86State.

Backports commit 6aaeb05492ef668f415324f43e7d875c0f1e90b3 from qemu
2018-05-17 18:56:12 -04:00
Eduardo Habkost db87beaaa6
i386: Helpers to encode cache information consistently
Instead of having a collection of macros that need to be used in
complex expressions to build CPUID data, define a CPUCacheInfo
struct that can hold information about a given cache. Helper
functions will take a CPUCacheInfo struct as input to encode
CPUID leaves for a cache.

This will help us ensure consistency between cache information
CPUID leaves, and make the existing inconsistencies in CPUID info
more visible.

Backports commit 7e3482f824809e1f6ffeb5bb8103ba27a7d1a52a from qemu
2018-05-17 18:54:29 -04:00
Jingqi Liu 9c93f3f530
x86/cpu: Enable CLDEMOTE(Demote Cache Line) cpu feature
The CLDEMOTE instruction hints to hardware that the cache line that
contains the linear address should be moved("demoted") from
the cache(s) closest to the processor core to a level more distant
from the processor core. This may accelerate subsequent accesses
to the line by other cores in the same coherence domain,
especially if the line was written by the core that demotes the line.

Intel Snow Ridge has added new cpu feature, CLDEMOTE.
The new cpu feature needs to be exposed to guest VM.

The bit definition:
CPUID.(EAX=7,ECX=0):ECX[bit 25] CLDEMOTE

The release document ref below link:
https://software.intel.com/sites/default/files/managed/c5/15/\
architecture-instruction-set-extensions-programming-reference.pdf

Backports commit 0da0fb062841d0dcd8ba47e4a989d2e952cdf0ff from qemu
2018-05-17 18:37:17 -04:00
Boqun Feng 09b42d05fe
i386: add KnightsMill cpu model
A new cpu model called "KnightsMill" is added to model Knights Mill
processors. Compared to "Skylake-Server" cpu model, the following
features are added:

avx512_4vnniw avx512_4fmaps avx512pf avx512er avx512_vpopcntdq

and the following features are removed:

pcid invpcid clflushopt avx512dq avx512bw clwb smap rtm mpx
xsavec xgetbv1 hle

Backports commit a18495159a35e9c5973d9aa0f612a97318bf684d from qemu
2018-05-17 18:35:37 -04:00
Alex Bennée 070276faf6
target/arm: Fix sqrt_f16 exception raising
We are meant to explicitly pass fpst, not cpu_env.

Backports commit 905edee9101c54cda5b72286b7f7607cf1c3c4d1 from qemu
2018-05-15 22:29:54 -04:00
Alex Bennée f8e1f71df9
target/arm: Implement FMOV (immediate) for fp16
All the hard work is already done by vfp_expand_imm, we just need to
make sure we pick up the correct size.

Backports commit 6ba28ddb9be37bdb67e3e38007a53ccbdcd010df from qemu
2018-05-15 22:28:46 -04:00
Alex Bennée cd76e7aaaa
target/arm: Implement FCSEL for fp16
These were missed out from the rest of the half-precision work.

Backports commit ace97feef3613194900d4eb9ffc6819b840fbaeb from qemu
2018-05-15 22:26:53 -04:00
Alex Bennée 80074e4745
target/arm: Implement FCMP for fp16
These where missed out from the rest of the half-precision work.

Backports commit 7a1929256ea1a03df12625e75ed571c60dca5bfb from qemu
2018-05-15 22:24:39 -04:00
Richard Henderson eeab666292
target/arm: Implement FP data-processing (3 source) for fp16
We missed all of the scalar fp16 fma operations.

Backports commit 95f9864fde6078e2d2c036a07cc4fe44f199be96 from qemu
2018-05-15 22:19:42 -04:00
Richard Henderson a614dbb3c7
target/arm: Implement FP data-processing (2 source) for fp16
We missed all of the scalar fp16 binary operations.

Backports commit b8f5171cf01420a9f0ee895c5591e9b9914f391a from qemu
2018-05-15 22:14:43 -04:00
Richard Henderson 60dfdb724b
target/arm: Introduce and use read_fp_hreg
Backports commit 3d99d931266eaeaf7e83703a53f32232cd6faad7 from qemu
2018-05-15 22:10:51 -04:00
Richard Henderson 9b42d01480
target/arm: Implement FCVT (scalar, fixed-point) for fp16
Backports commit 2752728016bef06e7c9cfb961019272859beeca4 from qemu
2018-05-15 22:08:07 -04:00
Richard Henderson 8436080518
target/arm: Implement FCVT (scalar, integer) for fp16
Backports commit 564a0632504fad840491aa9a59453f4e64a316c4 from qemu
2018-05-15 22:06:49 -04:00
Richard Henderson 75643ab1cf
target/arm: Early exit after unallocated_encoding in disas_fp_int_conv
No sense in emitting code after the exception.

Backports commit 8c738d430796edeae5e13d6daf0895c02c62bd54 from qemu
2018-05-15 21:55:42 -04:00
Richard Henderson bcaceb9bc7
target/arm: Implement FMOV (general) for fp16
Adding the fp16 moves to/from general registers.

Backports commit 68130236e30a1ec64363f4915349feee181bfbc1 from qemu
2018-05-15 21:54:32 -04:00
Peter Maydell 2629c0122e
target/arm: Fix fp_status_f16 tininess before rounding
In commit d81ce0ef2c4f105 we added an extra float_status field
fp_status_fp16 for Arm, but forgot to initialize it correctly
by setting it to float_tininess_before_rounding. This currently
will only cause problems for the new V8_FP16 feature, since the
float-to-float conversion code doesn't use it yet. The effect
would be that we failed to set the Underflow IEEE exception flag
in all the cases where we should.

Add the missing initialization.

Backports commit bcc531f0364796104df4443d17f99b5fb494eca2 from qemu
2018-05-15 21:51:48 -04:00
Laurent Vivier 664396a635
m68k: fix floatx80_mod() (Coverity CID1390568)
Update the variable checked by the loop condition (expDiff).
Backport the update from Previous.

Fixes: 591596b77a ("target/m68k: add fmod/frem")

Backports commit 5a73e7f313da0e4657bcac61b533ced71b0d0224 from qemu
2018-05-15 07:44:12 -04:00
Richard Henderson 5902f32abf
target/arm: Clear SVE high bits for FMOV
Use write_fp_dreg and clear_vec_high to zero the bits
that need zeroing for these cases.

Backports commit 9a9f1f59521f46e8ff4527d9a2b52f83577e2aa3 from qemu
2018-05-14 08:43:55 -04:00
Richard Henderson 67740bbc7f
target/arm: Fix float16 to/from int16
The instruction "ucvtf v0.4h, v04h, #2", with input 0x8000u,
overflows the intermediate float16 to infinity before we have a
chance to scale the output. Use float64 as the intermediate type
so that no input argument (uint32_t in this case) can overflow
or round before scaling. Given the declared argument, the signed
int32_t function has the same problem.

When converting from float16 to integer, using u/int32_t instead
of u/int16_t means that the bounding is incorrect.

Backports commit 88808a022c06f98d81cd3f2d105a5734c5614839 from qemu
2018-05-14 08:41:20 -04:00
Richard Henderson e403957a5e
target/arm: Implement vector shifted FCVT for fp16
While we have some of the scalar paths for FCVT for fp16,
we failed to decode the fp16 version of these instructions.

Backports commit d0ba8e74acd299b092786ffc30b306638d395a9e from qemu
2018-05-14 08:36:54 -04:00
Richard Henderson ad6c191d96
target/arm: Implement vector shifted SCVF/UCVF for fp16
While we have some of the scalar paths for *CVF for fp16,
we failed to decode the fp16 version of these instructions.

Backports commit a6117fae4576edfe7a5a5b802a742c33112c0993 from qemu
2018-05-14 08:31:29 -04:00
Richard Henderson 5752b2086b
target/arm: Enable ARM_FEATURE_V8_ATOMICS for user-only
Backports commit ec7f05fae36637d11de272da82ad1e6c233e77d7 from qemu
2018-05-14 08:29:59 -04:00
Richard Henderson 688d0fd0ed
target/arm: Implement CAS and CASP
Backports commit 44ac14b06fa33f60982923b6b8a3bf8dd2fea61d from qemu
2018-05-14 08:28:45 -04:00
Richard Henderson b23c543e1a
target/arm: Fill in disas_ldst_atomic
This implements all of the v8.1-Atomics instructions except
for compare-and-swap, which is decoded elsewhere.

Backports commit 74608ea45434c9b07055b21885e093528c5ed98c from qemu
2018-05-14 08:18:37 -04:00
Richard Henderson 7ae8671b5e
target/arm: Introduce ARM_FEATURE_V8_ATOMICS and initial decode
The insns in the ARMv8.1-Atomics are added to the existing
load/store exclusive and load/store reg opcode spaces.
Rearrange the top-level decoders for these to accomodate.
The Atomics insns themselves still generate Unallocated.

Backports commit 68412d2ecedbab5a43b0d346cddb27e00d724aff from qemu
2018-05-14 08:15:52 -04:00
Richard Henderson b2af557a0f
target/arm: Use new min/max expanders
The generic expanders replace nearly identical code in the translator.

Backports commit ecb8ab8d71aab770555a6972428b711400a27248 from qemu
2018-05-14 07:34:52 -04:00
Emilio G. Cota bb95f85569
target/mips: convert to TranslatorOps
Notes:

- DISAS_TOO_MANY replaces the former "break" in the translation loop.
However, care must be taken not to overwrite a previous condition
in is_jmp; that's why in translate_insn we first check is_jmp and
return if it's != DISAS_NEXT.

- Added an assert in translate_insn, before exiting due to an exception,
to make sure that is_jmp is set to DISAS_NORETURN (the exception
generation function always sets it.)

- Added an assert for the default case in is_jmp's switch.

Backports commit 18f440edfb974feaff8490d4861844b5a2b7a3b5 from qemu
2018-05-12 16:42:21 -04:00
Emilio G. Cota 2c93423acd
target/mips: use *ctx for DisasContext
No changes to the logic here; this is just to make the diff
that follows easier to read.

While at it, remove the unnecessary 'struct' in
'struct TranslationBlock'.

Note that checkpatch complains with a false positive:
ERROR: space prohibited after that '&' (ctx:WxW)
\#75: FILE: target/mips/translate.c:20220:
+ ctx->kscrexist = (env->CP0_Config4 >> CP0C4_KScrExist) & 0xff;
^

Backports commit 12be92588cf26a192f1b62846906983fc1e102a7 from qemu
2018-05-12 16:26:06 -04:00
Emilio G. Cota dae6b84c14
target/mips: convert to DisasContextBase
Backports commit eeb3bba8477cebc46c482ef37d565d54e771c2d3 from qemu
2018-05-12 16:18:00 -04:00
Emilio G. Cota de5d90f9a4
target/mips: convert to DisasJumpType
Notes:

- BS_EXCP in generate_exception_err and after hen_helper_wait
becomes DISAS_NORETURN, because we do not return after
raising an exception.

- Some uses of BS_EXCP are misleading in that they're used
only as a "not BS_STOP" exit condition, i.e. they have nothing
to do with an actual exception. For those cases, define
and use DISAS_EXIT, which is clearer. With this and the
above change, BS_EXCP goes away completely.

- fix a comment typo (s/intetrupt/interrupt/).

Backports commit b28425babc2ad4b90cd87d07a1809d3322b9c065 from qemu
2018-05-11 16:17:02 -04:00
Richard Henderson 8a416b8146
target/mips: use lookup_and_goto_ptr on BS_STOP
The TB after BS_STOP is not fixed (e.g. helper_mtc0_hwrena
changes hflags, which ends up changing the TB flags via
cpu_get_tb_cpu_state). This requires a full lookup (i.e.
with flags) via lookup_and_goto_ptr instead of gen_goto_tb,
since the latter only looks at the PC for in-page goto's. Fix it.

Backports commit cd314a7d0190a03122ca0606ecf71b4b873a22c6 from qemu.
2018-05-11 15:18:23 -04:00
Emilio G. Cota 26dc4a6682
target/sparc: convert to TranslatorOps
Notes:

- Moved the cross-page check from the end of translate_insn to
init_disas_context.

Backports commit 6e61bc941025345ab01c48d116bef60bb8990406 from qemu
2018-05-11 15:17:12 -04:00
Emilio G. Cota 7071a144c2
target/sparc: convert to DisasContextBase
Notes:

- pc and npc are left unmodified, since they can point to out-of-TB
jump targets.

- Got rid of last_pc in gen_intermediate_code(), using base.pc_next
instead. Only update pc_next (1) on a breakpoint (so that tb->size
includes the insn), and (2) after reading the current instruction
from memory. This allows us to use base.pc_next in the BP check,
which is what the translator loop does.

Backports commit af00be490b30d7f576d12ac7b2bc5406ca6fda3f from qemu
2018-05-11 14:20:49 -04:00
Emilio G. Cota 3180dcaa98
target/sparc: convert to DisasJumpType
Backports commit c5e6ccdf6c8d32d3a45d9dca4d6847dcff741882 from qemu
2018-05-11 14:03:23 -04:00
Emilio G. Cota d26bf1d446
translator: merge max_insns into DisasContextBase
While at it, use int for both num_insns and max_insns to make
sure we have same-type comparisons.

Backports commit b542683d77b4f56cef0221b267c341616d87bce9 from qemu
2018-05-11 13:59:17 -04:00
Emilio G. Cota 28cfe5dab0
target/mips: avoid integer overflow in next_page PC check
If the PC is in the last page of the address space, next_page_start
overflows to 0. Fix it.

Backports commit 6cd79443d33e6ba6b4c5b787eb713ca1cec56328 from qemu
2018-05-11 13:51:51 -04:00
Emilio G. Cota 8162e6f1c6
target/arm: avoid integer overflow in next_page PC check
If the PC is in the last page of the address space, next_page_start
overflows to 0. Fix it.

Backports commit bfe7ad5be77a6a8925a7ab1628452c8942222102 from qemu
2018-05-11 13:49:57 -04:00
Richard Henderson 991683af73
target/m68k: Fix build Werror with gcc 8.0.1
The Werror stems from the compiler finding a path through the second
switch via a missing default case in which src1 is uninitialized, and
not being able to prove that the missing default case is unreachable
due to the first switch.

Simplify the second switch to merge default with OS_LONG,
which returns directly. This removes the unreachable path.

Backports commit 5cbc61110738accb16ff8ed1f08a32906d02790f from qemu.
2018-05-11 10:37:45 -04:00
Peter Maydell ca9b601d0d
target/arm: Implement v8M VLLDM and VLSTM
For v8M the instructions VLLDM and VLSTM support lazy saving
and restoring of the secure floating-point registers. Even
if the floating point extension is not implemented, these
instructions must act as NOPs in Secure state, so they can
be used as part of the secure-to-nonsecure call sequence.

Fixes: https://bugs.launchpad.net/qemu/+bug/1768295

Backports commit b1e5336a9899016c53d59eba53ebf6abcc21995c from qemu
2018-05-08 08:29:12 -04:00
Mathew Maidment 06da6ae3c8
target/arm: Correct MPUIR privilege level in register_cp_regs_for_features() conditional case
The duplication of id_tlbtr_reginfo was unintentionally added within
3281af8114c6b8ead02f08b58e3c36895c1ea047 which should have been
id_mpuir_reginfo.

The effect was that for OMAP and StrongARM CPUs we would
incorrectly UNDEF writes to MPUIR rather than NOPing them.

Backports commit 100061121c1f69a672ce7bb3e9e3781f8018f9f6 from qemu
2018-05-08 08:27:40 -04:00
Richard Henderson 5940a36394
target/arm: Tidy condition in disas_simd_two_reg_misc
Path analysis shows that size == 3 && !is_q has been eliminated.

Fixes: Coverity CID1385853

Backports commit a8766e3172c1671cab297c1ef4566a3c5d094822 from qemu
2018-05-08 08:26:31 -04:00
Richard Henderson cb324fd039
target/arm: Tidy conditions in handle_vec_simd_shri
The (size > 3 && !is_q) condition is identical to the preceeding test
of bit 3 in immh; eliminate it. For the benefit of Coverity, assert
that size is within the bounds we expect.

Fixes: Coverity CID1385846
Fixes: Coverity CID1385849
Fixes: Coverity CID1385852
Fixes: Coverity CID1385857

Backports commit 8dae46970532afcf93470b00e83ca9921980efc3 from qemu
2018-05-08 08:25:37 -04:00
Laurent Vivier 97c8507f00
m68k: remove dead code (Coverity CID1390617)
floatx80_sin() and floatx80_cos() are derived from one
sincos() function. They have both unused code coming from
their common origin. Remove it.

Backports commit 6361d2984ce88912976a34e1797a5ad5139c649b from qemu
2018-05-01 11:44:18 -04:00
Laurent Vivier ebf0c8f9ca
m68k: Fix floatx80_lognp1 (Coverity CID1390587)
return the result of packFloatx80() instead of
dropping it.

Backports commit 981348af5c3c72335d95f6877abf702d80176eb3 from qemu
2018-05-01 11:41:07 -04:00
Pavel Dovgalyuk bf16c6daee
m68k: fix subx mem, mem instruction
This patch fixes decrement of the pointers for subx mem, mem instructions.
Without the patch pointers are decremented by OS_* constant value instead of
retrieving the corresponding data size and using it as a decrement.

Backports commit 355d4d1c00e708907ff391c24ca708f1c9c06bf0 from qemu
2018-05-01 11:40:00 -04:00
Aaron Lindsay d3e7bbffea
target/arm: Make PMOVSCLR and PMUSERENR 64 bits wide
This is a bug fix to ensure 64-bit reads of these registers don't read
adjacent data.

Backports commit e4e91a217c17fff4045dd4b423cdcb471b3d6a0e from qemu
2018-04-26 09:25:09 -04:00
Aaron Lindsay 4ed7524444
target/arm: Fix bitmask for PMCCFILTR writes
It was shifted to the left one bit too few.

Backports commit ac57fd24cd864d42e7551f82266bc0930bd39547 from qemu
2018-04-26 09:23:04 -04:00
Aaron Lindsay 99a0be89a8
target/arm: Add pre-EL change hooks
Because the design of the PMU requires that the counter values be
converted between their delta and guest-visible forms for mode
filtering, an additional hook which occurs before the EL is changed is
necessary.

Backports commit b5c53d1b3886387874f8c8582b205aeb3e4c3df6 from qemu
2018-04-26 09:21:54 -04:00
Aaron Lindsay 8caf217d26
target/arm: Support multiple EL change hooks
Backports commit 08267487c99e8150382420936ab72c1e0ad74ce3 from qemu
2018-04-26 09:16:09 -04:00
Aaron Lindsay dfe1f54920
target/arm: Fetch GICv3 state directly from CPUARMState
This eliminates the need for fetching it from el_change_hook_opaque, and
allows for supporting multiple el_change_hooks without having to hack
something together to find the registered opaque belonging to GICv3.

Backports commit d5a5e4c93dae0dc3feb402cf7ee78d846da1a7e1 from qemu
2018-04-26 09:10:32 -04:00
Aaron Lindsay 1228bcf45d
target/arm: Mask PMU register writes based on PMCR_EL0.N
This is in preparation for enabling counters other than PMCCNTR

Backports commit 7ece99b17e832065236c07a158dfac62619ef99b from qemu
2018-04-26 09:09:12 -04:00
Aaron Lindsay e1d021ad74
target/arm: Treat PMCCNTR as alias of PMCCNTR_EL0
They share the same underlying state

Backports commit 169c893874977eee8303a6dad4a3f25c5464858f from qemu
2018-04-26 09:07:50 -04:00
Aaron Lindsay e1bffbf7df
target/arm: Check PMCNTEN for whether PMCCNTR is enabled
Backports commit ccbc0e338486b21cb0eb52e52cd309bbbe6a7507 from qemu
2018-04-26 09:07:02 -04:00
Peter Maydell 43e7478d3f
target/arm: Use v7m_stack_read() for reading the frame signature
In commit 95695effe8caa552b8f2 we changed the v7M/v8M stack
pop code to use a new v7m_stack_read() function that checks
whether the read should fail due to an MPU or bus abort.
We missed one call though, the one which reads the signature
word for the callee-saved register part of the frame.

Correct the omission.

Backports commit 4818bad98c8212fbbb0525d10761b6b65279ab92 from qemu
2018-04-26 09:02:11 -04:00