Commit graph

3821 commits

Author SHA1 Message Date
Aleksandar Markovic 96d299bd6f
target/mips: Add basic description of MXU ASE
Add a comment that contains a basic description of MXU ASE.

Backports commit b158d449bbfe71bb203fdce978a4a33c38a4e821 from qemu
2018-10-23 13:12:35 -04:00
Aleksandar Markovic 2cf0f05c27
target/mips: Add a comment before each CP0 register section in cpu.h
Add a comment before each CP0 register section in CPUMIPSState
definition, thus visually separating these sections.

Backports commit 50e7edc5ac25af2faaacd1f91e177c7de7d696c3 from qemu
2018-10-23 13:12:04 -04:00
Aleksandar Markovic d9ae47e2da
target/mips: Add a comment with an overview of CP0 registers
Add a comment with an overview of CP0 registers close to the
definition of their corresponding fields in CPUMIPSState.

Backports commit a86d421e18d58b32d6eaba1e79160e2b4e5a0a6c from qemu
2018-10-23 13:06:39 -04:00
Lioncash 5f12065284
sve_helper: Use the QEMU_FLATTEN macro instead of the compiler attribute directly
Keeps the code compiler-independent.
2018-10-23 13:05:02 -04:00
Peter Maydell 64661a9165
target/arm: Initialize ARMMMUFaultInfo in v7m_stack_read/write
The get_phys_addr() functions take a pointer to an ARMMMUFaultInfo
struct, which they fill in only if a fault occurs. This means that
the caller must always zero-initialize the struct before passing
it in. We forgot to do this in v7m_stack_read() and v7m_stack_write().
Correct the error.

Backports commit ab44c7b71fa683b9402bea0d367b87c881704188 from qemu
2018-10-23 12:58:39 -04:00
Aaron Lindsay 1596801693
target/arm: Mask PMOVSR writes based on supported counters
This is an amendment to my earlier patch:
commit 7ece99b17e832065236c07a158dfac62619ef99b

Backports commit 599b71e277ac7e92807191b20b7163a28c5450ad from qemu
2018-10-23 12:56:45 -04:00
Aaron Lindsay 10c6887e0b
target/arm: Mark PMINTENCLR and PMINTENCLR_EL1 accesses as possibly doing IO
I previously fixed this for PMINTENSET_EL1, but missed these.

Backports commit fc5f6856a02168864a5c1a46866a12839322222f from qemu
2018-10-23 12:56:06 -04:00
Edgar E. Iglesias 0595aa5ade
target/arm: Add the Cortex-A72
Backports commit f11b452b95df4a0fc6561c278721cad03b24098b from qemu
2018-10-23 12:54:57 -04:00
Edgar E. Iglesias fa9828845f
target-arm: powerctl: Enable HVC when starting CPUs to EL2
When QEMU provides the equivalent of the EL3 firmware, we
need to enable HVCs in scr_el3 when turning on CPUs that
target EL2.

Backports commit 86278c33d1d71196f5e22ce3ce82a1b34a199754 from qemu
2018-10-23 12:53:40 -04:00
Richard Henderson 3b3bce7d4e
target/arm: Fix cortex-a7 id_isar0
The incorrect value advertised only thumb2 div without arm div.

Backports commit 37bdda89eb7615cb225f781c9fb552e144c68ea7 from qemu
2018-10-23 12:47:15 -04:00
Richard Henderson 3023a9723a
target/arm: Align cortex-r5 id_isar0
The missing nibble made it more difficult to read.

Backports commit aaab8f3400ea5ec9c6cce3607ff26f9be89321d6 from qemu
2018-10-23 12:46:28 -04:00
Richard Henderson 767242174a
target/arm: Define fields of ISAR registers
Backports commit a62e62af9f26bf655fe95ada796f28a6a16c0561 from qemu
2018-10-23 12:45:55 -04:00
Richard Henderson ce9485a63e
target/arm: Fix aarch64_sve_change_el wrt EL0
At present we assert:

arm_el_is_aa64: Assertion `el >= 1 && el <= 3' failed.

The comment in arm_el_is_aa64 explains why asking about EL0 without
extra information is impossible. Add an extra argument to provide
it from the surrounding context.

Fixes: 0ab5953b00b3

Backports commit 9a05f7b67436abdc52bce899f56acfde2e831454 from qemu
2018-10-23 12:44:04 -04:00
Peter Maydell ff812cc152
target/arm: Add v8M stack checks for MSR to SP_NS
Updating the NS stack pointer via MSR to SP_NS should include
a check whether the new SP value is below the stack limit.
No other kinds of update to the various stack pointer and
limit registers via MSR should perform a check.

Backports commit 167765f0739e4a108e8c2e2ff2f37917df5658f9 from qemu
2018-10-08 14:24:30 -04:00
Peter Maydell 76f521e6c3
target/arm: Add v8M stack checks for VLDM/VSTM
Add the v8M stack checks for the VLDM/VSTM
(aka VPUSH/VPOP) instructions. This code is currently
unreachable because we haven't yet implemented M profile
floating point support, but since the change is simple,
we add it now because otherwise we're likely to forget to
do it later.

Backports commit 8a954faf5412d5073d585d85a1da63a09bb5d84e from qemu
2018-10-08 14:23:02 -04:00
Peter Maydell 37d0c7fcf1
target/arm: Add v8M stack checks for Thumb push/pop
Add v8M stack checks for the 16-bit Thumb push/pop
encodings: STMDB, STMFD, LDM, LDMIA, LDMFD.

Backports commit aa369e5c08bbe2748d2be96f13f4ef469a4d3080 from qemu
2018-10-08 14:22:08 -04:00
Peter Maydell ef9afb1855
target/arm: Add v8M stack checks for T32 load/store single
Add v8M stack checks for the instructions in the T32
"load/store single" encoding class: these are the
"immediate pre-indexed" and "immediate, post-indexed"
LDR and STR instructions.

Backports commit 0bc003bad9752afc61624cb680226c922f34f82c from qemu
2018-10-08 14:20:58 -04:00
Peter Maydell de30651f5e
target/arm: Add v8M stack checks for Thumb2 LDM/STM
Add the v8M stack checks for:
* LDM (T2 encoding)
* STM (T2 encoding)

This includes the 32-bit encodings of the instructions listed
in v8M ARM ARM rule R_YVWT as
* LDM, LDMIA, LDMFD
* LDMDB, LDMEA
* POP (multiple registers)
* PUSH (muliple registers)
* STM, STMIA, STMEA
* STMDB, STMFD

We perform the stack limit before doing any other part
of the load or store.

Backports commit 7c0ed88e7d6bee3e55c3d8935c46226cb544191a from qemu
2018-10-08 14:19:14 -04:00
Peter Maydell bb97240df6
target/arm: Add v8M stack checks for LDRD/STRD (imm)
Add the v8M stack checks for:
* LDRD (immediate)
* STRD (immediate)

Loads and stores are more complicated than ADD/SUB/MOV, because we
must ensure that memory accesses below the stack limit are not
performed, so we can't simply do the check when we actually update
SP.

For these instructions, if the stack limit check triggers
we must not:
* perform any memory access below the SP limit
* update PC, SP or the load/store base register
but it is IMPDEF whether we:
* perform any accesses above or equal to the SP limit
* update destination registers for loads

For QEMU we choose to always check the limit before doing any other
part of the load or store, so we won't update any registers or
perform any memory accesses.

It is UNKNOWN whether the limit check triggers for a load or store
where the initial SP value is below the limit and one of the stores
would be below the limit, but the writeback moves SP to above the
limit. For QEMU we choose to trigger the check in this situation.

Note that limit checks happen only for loads and stores which update
SP via writeback; they do not happen for loads and stores which
simply use SP as a base register.

Backports commit 910d7692e5b60f2c2d08cc3d6d36076e85b6a69d from qemu
2018-10-08 14:17:27 -04:00
Lioncash cb935d868e
target/arm: Add v8M stack limit checks on NS function calls 2018-10-08 14:15:15 -04:00
Peter Maydell ed3c951fb6
target/arm: Add v8M stack checks on exception entry
Add checks for breaches of the v8M stack limit when the
stack pointer is decremented to push the exception frame
for exception entry.

Note that the exception-entry case is unique in that the
stack pointer is updated to be the limit value if the limit
is hit (per rule R_ZLZG).

Backports commit c32da7aa6205a5ff62ae8d5062f7cad0eae4c1fd from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell 0fc6e2c183
target/arm: Add some comments in Thumb decode
Add some comments to the Thumb decoder indicating what bits
of the instruction have been decoded at various points in
the code.

This is not an exhaustive set of comments; we're gradually
adding comments as we work with particular bits of the code.

Backports commit a2d12f0f34e9c5ef8a193556fde983aa186fa73a from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell ca5d7b8fd2
target/arm: Add v8M stack checks on ADD/SUB/MOV of SP
Add code to insert calls to a helper function to do the stack
limit checking when we handle these forms of instruction
that write to SP:
* ADD (SP plus immediate)
* ADD (SP plus register)
* SUB (SP minus immediate)
* SUB (SP minus register)
* MOV (register)

Backports commit 5520318939fea5d659bf808157cd726cb967b761 from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell b2146058c3
target/arm: Move v7m_using_psp() to internals.h
We're going to want v7m_using_psp() in op_helper.c in the
next patch, so move it from helper.c to internals.h.

Backports commit 5529bf188d996391ff52a0e1801daf9c6a6bfcb0 from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell ae4900fba2
target/arm: Define new EXCP type for v8M stack overflows
Define EXCP_STKOF, and arrange for it to cause us to take
a UsageFault with CFSR.STKOF set.

Backports commit 86f026de22d8854eecc004af44895de74225794f from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell 8b3b548961
target/arm: Define new TBFLAG for v8M stack checking
The Arm v8M architecture includes hardware stack limit checking.
When certain instructions update the stack pointer, if the new
value of SP is below the limit set in the associated limit register
then an exception is taken. Add a TB flag that tracks whether
the limit-checking code needs to be emitted.

Backports commit 4730fb85035e99c909db7d14ef76cd17f28f4423 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 66ffb372e7
target/arm: Pass TCGMemOpIdx to sve memory helpers
There is quite a lot of code required to compute cpu_mem_index,
or even put together the full TCGMemOpIdx. This can easily be
done at translation time.

Backports commit 500d04843ba953dc4560e44f04001efec38c14a6 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 606e8cdb8c
target/arm: Rewrite vector gather first-fault loads
This implements the feature for softmmu, and moves the
main loop out of a macro and into a function.

Backports commit 116347ce20bb7b5cac17bf2b0e6f607530b50862 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 1cd3c2a408
target/arm: Split contiguous stores for endianness
We can choose the endianness at translation time, rather than
re-computing it at execution time.

Backports commit 28d57f2dc59c287e1c40239509b0a325fd00e32f from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson c9569b3fe0
target/arm: Split contiguous loads for endianness
We can choose the endianness at translation time, rather than
re-computing it at execution time.

Backports commit 7d0a57a2e1cea188b9023261a404d7a211117230 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 2542ad17d0
target/arm: Rewrite vector gather stores
This fixes the endianness problem for softmmu, and moves
the main loop out of a macro and into an inlined function.

Backports commit 78cf1b886aa1b95c97fc5114641515c2892bb240 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson ff63807164
target/arm: Rewrite vector gather loads
This fixes the endianness problem for softmmu, and moves
the main loop out of a macro and into an inlined function.

Backports commit d4f75f25b43041e7a46d12352b3c70ae457d8cea from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 966ea163a3
target/arm: Rewrite helper_sve_st[1234]*_r
This fixes the endianness problem for softmmu, and moves the
main loop out of a macro and into an inlined function

Backports commit 9fd46c8362e0a45d04ccceae7051d06dd65c1d57 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 4978d77039
target/arm: Rewrite helper_sve_ld[234]*_r
Use the same *_tlb primitives as we use for ld1.

For linux-user, this hoists the set of helper_retaddr. For softmmu,
hoists the computation of the current mmu_idx outside the loop,
fixes the endianness problem, and moves the main loop out of a
macro and into an inlined function.

Backports commit f27d4dc2af0de9b7b45c955882b8420905c6efe8 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 5b88176e1d
target/arm: Rewrite helper_sve_ld1*_r using pages
Uses tlb_vaddr_to_host for correct operation with softmmu.
Optimize for accesses within a single page or pair of pages.

Backports commit 9123aeb6fcb14e0955ebe4e2a613802cfa0503ea from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 935eb43b5e
target/arm: Clear unused predicate bits for LD1RQ
The 16-byte load only uses 16 predicate bits. But while
reusing the other load infrastructure, we find other bits
that are set and trigger an assert. To avoid this and
retain the assert, zero-extend the predicate that we pass
to the LD1 helper.

Backports commit 2a99ab2b3545133961de034df27e24f4c22e3707 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson a37f24aa11
target/arm: Adjust aarch64_cpu_dump_state for system mode SVE
Use the existing helpers to determine if (1) the fpu is enabled,
(2) sve state is enabled, and (3) the current sve vector length.

Backports commit ced3155141755ba244c988c72c4bde32cc819670 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 87c20b52c0
target/arm: Handle SVE vector length changes in system mode
SVE vector length can change when changing EL, or when writing
to one of the ZCR_ELn registers.

For correctness, our implementation requires that predicate bits
that are inaccessible are never set. Which means noticing length
changes and zeroing the appropriate register bits.

Backports commit 0ab5953b00b3165877d00cf75de628c51670b550 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 2fb9c4c41d
target/arm: Pass in current_el to fp and sve_exception_el
We are going to want to determine whether sve is enabled
for EL other than current.

Backports commit 2de7ace292cf7846b0cda0e940272d2cb0e06859 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 00fc5d43fd
target/arm: Adjust sve_exception_el
Check for EL3 before testing CPTR_EL3.EZ. Return 0 when the exception
should be routed via AdvSIMDFPAccessTrap. Mirror the structure of
CheckSVEEnabled more closely.

Fixes: 5be5e8eda78

Backports commit 60eed0869d68b91eff71cc0a0facb01983726a5d from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 1081e5e7a4
target/arm: Define ID_AA64ZFR0_EL1
Given that the only field defined for this new register may only
be 0, we don't actually need to change anything except the name.

Backports commit 9516d7725ec1deaa6ef5ccc5a26d005650d6c524 from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell d82046cafc
target/arm: Don't read r4 from v8M exception stackframe twice
A cut-and-paste error meant we were reading r4 from the v8M
callee-saves exception stack frame twice. This is harmless
since it just meant we did two memory accesses to the same
location, but it's unnecessary. Delete it.

Backports commit e5ae4d0c063fbcca4cbbd26bcefbf1760cfac2aa from qemu
2018-10-08 14:15:15 -04:00
Peter Maydell f628cbdfc3
target/arm: Correct condition for v8M callee stack push
In v7m_exception_taken() we were incorrectly using a
"LR bit EXCRET.ES is 1" check when it should be 0
(compare the pseudocode ExceptionTaken() function).
This meant we didn't stack the callee-saved registers
when tailchaining from a NonSecure to a Secure exception.

Backports commit 7b73a1ca05b33d42278ce29cea4652e22d408165 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson e54a2b65c0
softfloat: Specialize udiv_qrnnd for ppc64
The ISA has a 128/64-bit division instruction, though it assumes the
low 64-bits of the numerator are 0, and so requires a bit more fixup
than a full 128-bit division insn.

Backports commit 27ae5109a2ba8b6b679cce3e03e16570a34390a0 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 0fd568871e
softfloat: Specialize udiv_qrnnd for s390x
The ISA has a 128/64-bit division instruction.

Backports commit 739df333dc8853ae6578492675a26a601d6be077 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 8de4da1475
softfloat: Specialize udiv_qrnnd for x86_64
The ISA has a 128/64-bit division instruction.

Backports commit b299e88d4261b0af30190e74005ad930e04f3a11 from qemu
2018-10-08 14:15:15 -04:00
Richard Henderson 90fdf9b598
softfloat: Fix division
The __udiv_qrnnd primitive that we nicked from gmp requires its
inputs to be normalized. We were not doing that. Because the
inputs are nearly normalized already, finishing that is trivial.

Replace div128to64 with a "proper" udiv_qrnnd, so that this
remains a reusable primitive.

Fixes: cf07323d494
Fixes: https://bugs.launchpad.net/qemu/+bug/1793119

Backports commit 5dfbc9e4903c0121140f2945f05df48cea72dd82 from qemu
2018-10-08 14:15:15 -04:00
Thomas Huth bd116582e8
softfloat: Replace countLeadingZeros32/64 with clz32/64
Our minimum required compiler for compiling QEMU is GCC 4.1 these days,
so we can drop the support for compilers which do not provide the
__builtin_clz*() functions yet. Since the countLeadingZeros32/64 are
then identical to the clz32/64 functions, and we do not have to sync
the softloat 2 codebase with upstream anymore (softloat 3 is a complete
rewrite) we can simply replace the functions with our QEMU versions.

Backports commit 0019d5c3a18c31604fb55f9cec3ceb13999c4866 from qemu
2018-10-08 14:15:15 -04:00
Emilio G. Cota 9f08fb35bc
softfloat: remove float64_trunc_to_int
It has not had users since f83311e476 ("target-m68k: use floatx80
internally", 2017-06-21).

Note that no other bit-width has floatX_trunc_to_int.

Backports commit c953da8f0be5e026d1c9128660736d72294feb3e from qemu
2018-10-08 14:15:11 -04:00
Marc-André Lureau df8790284f
qom/object: register 'type' property as class property
Let's save a few byte in each object instance.

Backports commit 7439a036d58f0def85751d6d4d3232461a35ebee from qemu
2018-10-08 14:14:45 -04:00
Lioncash cc3d618e61
tcg: Remove unnecessary MSVC ifdef
All relevant arrays have at least one member in them now, making this
unnecessary.
2018-10-06 05:08:17 -04:00
Catena cyber 4199ce83bb
Removes accessible assert
Backports commit 333bfdf65e55bcf6e3b03526a50f8c43aa6d4ca5 from qemu
2018-10-06 05:02:20 -04:00
Catena cyber 2c9b6df879
Mips undefined shift fix
Backports commit 46999575fb9e82ccd925e835d0d7db47200e010d from unicorn
2018-10-06 05:00:27 -04:00
Catena cyber e3b8ea18bf
Prevents abort with m68K
* Prevents abort with m68K

Raises exception instead

* M68K remove one uses of abort

* Less aborts and logs instead for M68K

Backports commit 910999d3969b682d8376db1266f9885866cd785c from unicorn
2018-10-06 04:59:11 -04:00
Catena cyber 43c48b72ea
Initializes i386 prefix value
Backports commit 4a86318cf45b7f0b8e01748ce700de1b7688d1e3 from unicorn
2018-10-06 04:57:06 -04:00
Catena cyber 6bcc61f082
Sparc increase ttl number
Backports commit b8df0675145c592da3777395f23b4ee91c09b46c from unicorn
2018-10-06 04:55:52 -04:00
Lioncash b62e892b20
mips: Use DisasContext for parameters in place of TCGContext where applicable
This is more future-friendly with qemu's main repo, as it's more
generic.
2018-10-06 04:37:28 -04:00
Lioncash 47b45f1bc2
arm: Take DisasContext as a parameter instead of TCGContext where applicable
This is more future-friendly with qemu, as it's more generic.
2018-10-06 04:17:12 -04:00
Lioncash 766c70f608
arm: Move cpu_M0 to DisasContext 2018-10-06 03:32:39 -04:00
Lioncash 787fd448b1
arm: Move cpu_V1 to DisasContext 2018-10-06 03:28:42 -04:00
Lioncash 1aa20da917
arm: Move cpu_V0 to DisasContext 2018-10-06 03:26:52 -04:00
Lioncash 06c21baaa4
arm: Move cpu_F1d to DisasContext 2018-10-06 03:11:54 -04:00
Lioncash 5f3dd68f9c
arm: Move cpu_F0d to DisasContext 2018-10-06 03:07:42 -04:00
Lioncash e457ce8ccc
arm: Move cpu_F1s to DisasContext 2018-10-06 03:02:06 -04:00
Lioncash a4f23de55f
arm: Move cpu_F0 to DisasContext
Decreases the size of the TCGContext struct for targets that don't need
to use this variable.
2018-10-06 02:58:11 -04:00
Lioncash 97a5955a2a
tcg: Remove leftover unused variable from TCGContext
This was previously used by the i386 target, however all of the locals
were moved to the DisasContext struct, leaving this unused.
2018-10-06 02:46:27 -04:00
Lioncash a61df86ef5
m68k/translate: Remove commented out code in m68k_tcg_init()
This isn't even in the main qemu repo, so we can get rid of this.
2018-10-06 02:41:09 -04:00
Peter Maydell a0a846a5d7
docs/devel/memory.txt: Document _with_attrs accessors
When we added the _with_attrs accessors we forgot to mention
them in the documentation.

Backports commit 687ac05d71bbb3172e0546248e40483ef43a4813 from qemu
2018-10-04 04:46:26 -04:00
Peter Maydell 01683fe97e
memory: Remove old_mmio accessors
Now that all the users of old_mmio MemoryRegion accessors
have been converted, we can remove the core code support.

Backports commit 62a0db942dec6ebfec19aac2b604737d3c9a2d75 from qemu
2018-10-04 04:45:30 -04:00
Philippe Mathieu-Daudé a3938167d4
memory: Fix access_with_adjusted_size(small size) on big-endian memory regions
Memory regions configured as DEVICE_BIG_ENDIAN (or DEVICE_NATIVE_ENDIAN on
big-endian guest) behave incorrectly when the memory access 'size' is smaller
than the implementation 'access_size'.

In the following code segment from access_with_adjusted_size():

if (memory_region_big_endian(mr)) {
    for (i = 0; i < size; i += access_size) {
        r |= access_fn(mr, addr + i, value, access_size,
                       (size - access_size - i) * 8, access_mask, attrs);
}

(size - access_size - i) * 8 is the number of bits that will arithmetic
shift the current value.

Currently we can only 'left' shift a read() access, and 'right' shift a write().

When the access 'size' is smaller than the implementation, we get a negative
number of bits to shift.

For the read() case, a negative 'left' shift is a 'right' shift :)
However since the 'shift' type is unsigned, there is currently no way to
right shift.

Fix this by changing the access_fn() prototype to handle signed shift values,
and modify the memory_region_shift_read|write_access() helpers to correctly
arithmetic shift the opposite direction when the 'shift' value is negative.
2018-10-04 04:40:42 -04:00
Philippe Mathieu-Daudé de28c93299
memory: Refactor common shifting code from accessors
Backports commit 3c754a9383ac70f316f1b98aec203182de250c42 from qemu
2018-10-04 04:39:29 -04:00
Philippe Mathieu-Daudé 7f0b91c261
memory: Use MAKE_64BIT_MASK()
Backports commit 36960b4d66d2dd59174f230766d1f4eaffec60a3 from qemu
2018-10-04 04:33:54 -04:00
Pavel Dovgalyuk 461fbaa9eb
target/i386: fix translation for icount mode
This patch fixes the checking of boundary crossing instructions.
In icount mode only first instruction of the block may cross
the page boundary to keep the translation deterministic.
These conditions already existed, but compared the wrong variable.

Backports commit 41d54dc09f1f327dedc79d5ba0b1b437ab7b0e94 from qemu
2018-10-04 04:32:26 -04:00
Marc-André Lureau 710467e034
qom/object: add some interface asserts
An interface can't have any instance size or callback, or itself
implement other interfaces (this is unsupported).

Backports commit 422ca1432f7b44f2a9f3ad94a65d36927da021fa from qemu
2018-10-04 04:30:42 -04:00
Paolo Bonzini 752aea8379
target/i386: rename HF_SVMI_MASK to HF_GUEST_MASK
This flag will be used for KVM's nested VMX migration; the HF_GUEST_MASK name
is already used in KVM, adopt it in QEMU as well.

Backports commit f8dc4c645ec2956a6cd97e0ca0fdd4753181f735 from qemu
2018-10-04 04:24:39 -04:00
Paolo Bonzini 0bc0ff320c
target/i386: unify masking of interrupts
Interrupt handling depends on various flags in env->hflags or env->hflags2,
and the exact detail were not exactly replicated between x86_cpu_has_work
and x86_cpu_exec_interrupt. Create a new function that extracts the
highest-priority non-masked interrupt, and use it in both functions.

Backports commit 92d5f1a4147c3722b5e9a8bcfb7dc261b7a8b855 from qemu
2018-10-04 04:19:57 -04:00
Igor Mammedov 68356c69fc
memory: cleanup side effects of memory_region_init_foo() on failure
if MemoryRegion intialization fails it's left in semi-initialized state,
where it's size is not 0 and attached as child to owner object.
And this leds to crash in following use-case:
    (monitor) object_add memory-backend-file,id=mem1,size=99999G,mem-path=/tmp/foo,discard-data=yes
    memory.c:2083: memory_region_get_ram_ptr: Assertion `mr->ram_block' failed
    Aborted (core dumped)
it happens due to assumption that memory region is intialized when
memory_region_size() != 0
and therefore it's ok to access it in
file_backend_unparent()
    if (memory_region_size() != 0)
        memory_region_get_ram_ptr()

which happens when object_add fails and unparents failed backend making
file_backend_unparent() access invalid memory region.

Fix it by making sure that memory_region_init_foo() APIs cleanup externally
visible side effects on failure (like set size to 0 and unparenting object)
2018-10-04 04:15:29 -04:00
Pavel Dovgalyuk 0242d19e79
translator: fix breakpoint processing
QEMU cannot pass through the breakpoints when 'si' command is used
in remote gdb. This patch disables inserting the breakpoints
when we are already single stepping though the gdb remote protocol.
This patch also fixes icount calculation for the blocks that include
breakpoints - instruction with breakpoint is not executed and shouldn't
be used in icount calculation.

Backports commit f9f1f56e4da088b993ce28775c271d5bcdcf49ae from qemu
2018-10-04 04:04:57 -04:00
Emilio G. Cota b9bb6cead9
target/i386: move x86_64_hregs to DisasContext
And convert it to a bool to use an existing hole
in the struct.

Backports commit 1dbe15ef57abdf7b6a26c8e638abf6413a4b9d0c from qemu
2018-10-04 04:02:50 -04:00
Emilio G. Cota 90e189ca24
target/i386: move cpu_tmp1_i64 to DisasContext
Backports commit 776678b2961848a80387509c433dc04b0f761592 from qemu
2018-10-04 03:59:13 -04:00
Emilio G. Cota 04530acab2
target/i386: move cpu_tmp3_i32 to DisasContext
Backports commit 4f82446de695f080ed148a0e47fc141e928665af from qemu
2018-10-04 03:56:05 -04:00
Emilio G. Cota 781e6bde41
target/i386: move cpu_tmp2_i32 to DisasContext
Backports commit 6bd48f6f206b6f32a5bbeebc3ae6886d4f587981 from qemu
2018-10-04 03:53:31 -04:00
Emilio G. Cota c13337d1bc
target/i386: move cpu_ptr1 to DisasContext
Backports commit 6387e8303ffb26cfb40b0f93372f1519229b4d2c from qemu
2018-10-04 03:48:09 -04:00
Emilio G. Cota 3e442d4480
target/i386: move cpu_ptr0 to DisasContext
Backports commit 2ee2646491a293a92d1c85e90e12419a8c199ed0 from qemu
2018-10-04 03:46:53 -04:00
Emilio G. Cota cc872aa711
target/i386: move cpu_tmp4 to DisasContext
Backports commit 5022f28f1e4033eb369b744ad61b96d086beca1b from qemu
2018-10-04 03:45:28 -04:00
Emilio G. Cota d2752ebc42
target/i386: move cpu_tmp0 to DisasContext
Backports commit fbd80f02df3fe272ba0f4825df27b8459dafbc14 from qemu
2018-10-04 03:41:13 -04:00
Emilio G. Cota b704b6c205
target/i386: move cpu_T1 to DisasContext
Backports commit b48597b0eda32d4c7ade2ba3f98f06f62289e3e2 from qemu
2018-10-04 03:35:10 -04:00
Emilio G. Cota 70b327dc82
target/i386: move cpu_T0 to DisasContext
Backports commit c66f97273f677d76afaaeb0e688eb08499701b1b from qemu
2018-10-04 03:29:13 -04:00
Emilio G. Cota c1d70758ea
target/i386: move cpu_A0 to DisasContext
Backports commit 6b672b5d6b14422c131969c5725f738751e12847 from qemu
2018-10-04 01:16:35 -04:00
Emilio G. Cota 30c66bcca3
target/i386: move cpu_cc_srcT to DisasContext
Backports commit 93a3e108eb6a9bb781ab7db6e92d91528e482030 from qemu
2018-10-04 00:59:00 -04:00
Daniel P. Berrangé ea64a4629f
configure: preserve various environment variables in config.status
The config.status script is auto-generated by configure upon
completion. The intention is that config.status can be later invoked by
the developer directly, or by make indirectly, to re-detect the same
environment that configure originally used.

The current config.status script, however, only contains a record of the
command line arguments to configure. Various environment variables have
an effect on what configure will find. In particular PKG_CONFIG_LIBDIR &
PKG_CONFIG_PATH vars will affect what libraries pkg-config finds. The
PATH var will affect what toolchain binaries and XXXX-config scripts are
found. The LD_LIBRARY_PATH var will affect what libraries are
found. Most commands have env variables that will override the name/path
of the default version configure finds.

All these key env variables should be recorded in the config.status script.

Autoconf would also preserve CFLAGS, LDFLAGS, LIBS, CPPFLAGS, but QEMU
deals with those differently, expecting extra flags to be set using
configure args, rather than env variables. At the end of the script we
also don't have the original values of those env vars, as we modify them
during configure.

Backports commit e811da7fe229cc17d98b230bdfeaf6d0631ea987 from qemu
2018-10-04 00:46:48 -04:00
Emilio G. Cota f3f22c94e1
atomic: fix comment s/x64_64/x86_64/
Backports commit 119c440c3c599778bfb4f90d8e39fda132925813 from qemu
2018-10-04 00:44:48 -04:00
Roman Kapl 33e69342e3
tcg/i386: fix vector operations on 32-bit hosts
The TCG backend uses LOWREGMASK to get the low 3 bits of register numbers.
This was defined as no-op for 32-bit x86, with the assumption that we have
eight registers anyway. This assumption is not true once we have xmm regs.

Since LOWREGMASK was a no-op, xmm register indidices were wrong in opcodes
and have overflown into other opcode fields, wreaking havoc.

To trigger these problems, you can try running the "movi d8, #0x0" AArch64
instruction on 32-bit x86. "vpxor %xmm0, %xmm0, %xmm0" should be generated,
but instead TCG generated "vpxor %xmm0, %xmm0, %xmm2".

Fixes: 770c2fc7bb ("Add vector operations")

Backports commit 93bf9a42733321fb632bcb9eafd049ef0e3d9417 from qemu
2018-10-02 04:22:35 -04:00
Peter Maydell 04fead0dcb
target/arm: Start AArch32 CPUs with EL2 but not EL3 in Hyp mode
The ARMv8 architecture defines that an AArch32 CPU starts
in SVC mode, unless EL2 is the highest available EL, in
which case it starts in Hyp mode. (In ARMv7 a CPU with EL2
but not EL3 was not a valid configuration, but we don't
specifically reject this if the user asks for one.)

Backports commit 060a65df056a5d6ca3a6a91e7bf150ca1fbccddf from qemu
2018-09-25 21:19:44 -04:00
Richard Henderson 994038c817
target/arm: Fix cpu_get_tb_cpu_state() for non-SVE CPUs
Not only are the sve-related tb_flags fields unused when SVE is
disabled, but not all of the cpu registers are initialized properly
for computing same. This can corrupt other fields by ORing in -1,
which might result in QEMU crashing.

This bug was not present in 3.0, but this patch is cc'd to
stable because adf92eab90e3f5f34c285 where the bug was
introduced was marked for stable.

Backports commit e79b445d896deb61909be52b61b87c98a9ed96f7 from qemu
2018-09-25 21:17:32 -04:00
Markus Armbruster 8446222237
qapi: Emit a blank line before dummy declaration
We emit a dummy variable in each .c file "to shut up OSX toolchain
warnings about empty .o files" (commit 252dc3105fc). Separate it from
the code preceding it (if any) with a blank line.

Backports commit 5f1450f5444b42cde4b1edc61ea5fdcd57404d3e from qemu
2018-09-25 21:12:16 -04:00
Peter Xu 9c05496958
qapi: Drop qapi_event_send_FOO()'s Error ** argument
The generated qapi_event_send_FOO() take an Error ** argument. They
can't actually fail, because all they do with the argument is passing it
to functions that can't fail: the QObject output visitor, and the
@qmp_emit callback, which is either monitor_qapi_event_queue() or
event_test_emit().

Drop the argument, and pass &error_abort to the QObject output visitor
and @qmp_emit instead.

Backports commit 3ab72385b21d8d66df3f5fea42097ce264dc9d6b from qemu
2018-09-25 21:11:35 -04:00
Markus Armbruster 4a8e094958
qapi: Fix build_params() for empty parameter list
build_params() returns '' instead of 'void' when there are no
parameters. Can't happen now, but the next commit will change that.

Backports commit bdd2d42b890b3a908fa3fbdc9661541e1b57eb15 from qemu
2018-09-25 21:09:42 -04:00
Andrew Dutcher 81f8a1be80
eflags patch
Preserves EFLAGS across basic blocks.

Reapplies commit 3a1f231e8f from qemu
2018-09-07 22:01:24 -04:00
vardyh 8ca718367f
x86::trans: handle illegal case for opc c6/c7
Reference Intel software developer manual vol2 Appendix A Table A-6 for
detailed decoding information.

Re-applies commit ad767abda8 from qemu
2018-09-07 19:28:01 -04:00