Commit graph

260 commits

Author SHA1 Message Date
Richard Henderson acd7e4cb18 target/arm: Revise decoding for disas_add_sub_imm
The current Arm ARM has adjusted the official decode of
"Add/subtract (immediate)" so that the shift field is only bit 22,
and bit 23 is part of the op1 field of the parent category
"Data processing - immediate".

Backports commit 21a8b343eaae63f6984f9a200092b0ea167647f1 from qemu
2021-02-25 14:38:46 -05:00
Richard Henderson 58f3dd2cc7 target/arm: Implement the IRG instruction
Backports commit da54941f45b820cbaca72aa6efd5669b3dc86e2f from qemu
2021-02-25 14:36:11 -05:00
Richard Henderson 6bec295bf8 target/arm: Add MTE bits to tb_flags
Cache the composite ATA setting.

Cache when MTE is fully enabled, i.e. access to tags are enabled
and tag checks affect the PE. Do this for both the normal context
and the UNPRIV context.

Backports commit 81ae05fa2d21ac1a0054935b74342aa38a5ecef7 from qemu
2021-02-25 14:31:41 -05:00
Richard Henderson f6be2a1a42 target/arm: Add MTE system registers
This is TFSRE0_EL1, TFSR_EL1, TFSR_EL2, TFSR_EL3,
RGSR_EL1, GCR_EL1, GMID_EL1, and PSTATE.TCO.

Backports commit 4b779cebb3e5ab30b945181f1ba3932f5f8a1cb5 from qemu
2021-02-25 14:12:24 -05:00
Richard Henderson 179a3aacdf target/arm: Add DISAS_UPDATE_NOCHAIN
Add an option that writes back the PC, like DISAS_UPDATE_EXIT,
but does not exit back to the main loop.

Backports commit 329833286d7a1b0ef8c7daafe13c6ae32429694e from qemu
2021-02-25 14:08:08 -05:00
Richard Henderson eaa6291aa7 target/arm: Rename DISAS_UPDATE to DISAS_UPDATE_EXIT
Emphasize that the is_jmp option exits to the main loop.

Backports commit 14407ec2007e18536ed34772eef46f6e0a0e3d0e from qemu
2021-02-25 14:02:46 -05:00
Peter Maydell 4a1996502f target/arm: Remove dead code relating to SABA and UABA
In commit cfdb2c0c95ae9205b0 ("target/arm: Vectorize SABA/UABA") we
replaced the old handling of SABA/UABA with a vectorized implementation
which returns early rather than falling into the loop-ever-elements
code. We forgot to delete the part of the old looping code that
did the accumulate step, and Coverity correctly warns (CID 1428955)
that this code is now dead. Delete it.

Fixes: cfdb2c0c95ae9205b0

Backports commit ced7e8edb282765685d2ba0206a11f8692d8ec1c from qemu
2021-02-25 13:18:51 -05:00
Peter Maydell 3c1289c594 target/arm: Fix capitalization in NeonGenTwo{Single, Double}OPFn typedefs
All the other typedefs like these spell "Op" with a lowercase 'p';
remane the NeonGenTwoSingleOPFn and NeonGenTwoDoubleOPFn typedefs to
match.

Backports commit 5de3fd045be11b74cd0fbf36c6d4fb8387d5463b from qemu
2021-02-25 12:38:30 -05:00
Peter Maydell fa6727ebba target/arm: Rename NeonGenOneOpFn to NeonGenOne64OpFn
The NeonGenOneOpFn typedef breaks with the pattern of the other
NeonGen*Fn typedefs, because it is a TCGv_i64 -> TCGv_i64 operation
but it does not have '64' in its name. Rename it to NeonGenOne64OpFn,
so that the old name is available for a TCGv_i32 -> TCGv_i32 operation
(which we will need in a subsequent commit).

Backports commit 039f4e809ad2772fb33de4511ff68a485d875618 from qemu
2021-02-25 12:34:51 -05:00
Richard Henderson 1d95dd1c89 target/arm: Split helper_crypto_sm3tt
Rather than passing an opcode to a helper, fully decode the
operation at translate time. Use clear_tail_16 to zap the
balance of the SVE register with the AdvSIMD write.

Backports commit 43fa36c96c24349145497adc1b451f9caf74e344 from qemu
2020-06-14 23:24:21 -04:00
Richard Henderson 5ca8caf656 target/arm: Split helper_crypto_sha1_3reg
Rather than passing an opcode to a helper, fully decode the
operation at translate time. Use clear_tail_16 to zap the
balance of the SVE register with the AdvSIMD write.

Backports commit afc8b7d32668547308bdd654a63cf5228936e0ba from qemu
2020-06-14 23:18:45 -04:00
Richard Henderson 41c4efdb22 target/arm: Convert sha1 and sha256 to gvec helpers
Do not yet convert the helpers to loop over opr_sz, but the
descriptor allows the vector tail to be cleared. Which fixes
an existing bug vs SVE.

Backports commit effa992f153f5e7ab97ab843b565690748c5b402 from qemu
2020-06-14 23:11:28 -04:00
Richard Henderson 2c6c4da80c target/arm: Convert sha512 and sm3 to gvec helpers
Do not yet convert the helpers to loop over opr_sz, but the
descriptor allows the vector tail to be cleared. Which fixes
an existing bug vs SVE.

Backports commit aaffebd6d3135b8aed7e61932af53b004d261579 from qemu
2020-06-14 23:01:49 -04:00
Richard Henderson 894f2168da target/arm: Convert rax1 to gvec helpers
With this conversion, we will be able to use the same helpers
with sve. This also fixes a bug in which we failed to clear
the high bits of the SVE register after an AdvSIMD operation.

Backports commit 1738860d7e60dec5dbeba17f8b44d31aae3accac from qemu
2020-06-14 22:49:36 -04:00
Richard Henderson 1df7314dc3 target/arm: Convert aes and sm4 to gvec helpers
With this conversion, we will be able to use the same helpers
with sve. In particular, pass 3 vector parameters for the
3-operand operations; for advsimd the destination register
is also an input.

This also fixes a bug in which we failed to clear the high bits
of the SVE register after an AdvSIMD operation.

Backports commit a04b68e1d4c4f0cd5cd7542697b1b230b84532f5 from qemu
2020-06-14 22:41:33 -04:00
Richard Henderson acdd5c6065 target/arm: Use clear_vec_high more effectively
Do not explicitly store zero to the NEON high part
when we can pass !is_q to clear_vec_high.

Backports commit e1f778596ebfa8782276f4dd4651f2b285d734ff from qemu
2020-06-14 21:06:40 -04:00
Richard Henderson 3ac9b9b206 target/arm: Use tcg_gen_gvec_mov for clear_vec_high
The 8-byte store for the end a !is_q operation can be
merged with the other stores. Use a no-op vector move
to trigger the expand_clr portion of tcg_gen_gvec_mov.

Backports commit 5c27392dd08bd8534893abf25ef501f1bd8680fe from qemu
2020-06-14 21:00:57 -04:00
Peter Maydell bb0aa79847 target/arm: Convert Neon VADD, VSUB, VABD 3-reg-same insns to decodetree
Convert the Neon VADD, VSUB, VABD 3-reg-same insns to decodetree.
We already have gvec helpers for addition and subtraction, but must
add one for fabd.

Backports commit a26a352bb498662cd0c205cb433a352f86fac7d2 from qemu
2020-05-15 23:26:51 -04:00
Richard Henderson 451683ee79 target/arm: Vectorize SABA/UABA
Include 64-bit element size in preparation for SVE2.

Backports commit cfdb2c0c95ae9205b0dd7f0f5e970cdec50fef20 from qemu
2020-05-15 22:15:14 -04:00
Richard Henderson 98c79f9afc target/arm: Vectorize SABD/UABD
Include 64-bit element size in preparation for SVE2.

Backports commit 50c160d44eb059c7fc7f348ae2c3b0cb41437044 from qemu
2020-05-15 22:01:29 -04:00
Richard Henderson 3c4f226e00 target/arm: Create gen_gvec_{qrdmla,qrdmls}
Provide a functional interface for the vector expansion.
This fits better with the existing set of helpers that
we provide for other operations.

Backports commit 146aa66ce58b686b8037d0eb3921c1125942dbde from qemu
2020-05-15 21:43:22 -04:00
Richard Henderson efdcad70b1 target/arm: Remove fp_status from helper_{recpe, rsqrte}_u32
These operations do not touch fp_status.

Backports commit fe6fb4beb2f9bb0afc813e565504b66a92bbf04b from qemu
2020-05-15 21:32:03 -04:00
Richard Henderson 9dfc0479ff target/arm: Create gen_gvec_{uqadd, sqadd, uqsub, sqsub}
Provide a functional interface for the vector expansion.
This fits better with the existing set of helpers that
we provide for other operations.

Backports commit c7715b6b51a6f7a5412c5fcb40a4c8586105e597 from qemu
2020-05-15 21:25:06 -04:00
Richard Henderson 4abfe5156d target/arm: Create gen_gvec_{cmtst,ushl,sshl}
Provide a functional interface for the vector expansion.
This fits better with the existing set of helpers that
we provide for other operations.

Backports commit 8161b75357095fef54c76b1a6ed1e54d0e8655e0 from qemu
2020-05-15 21:15:49 -04:00
Richard Henderson 546db9089c target/arm: Create gen_gvec_{mla,mls}
Provide a functional interface for the vector expansion.
This fits better with the existing set of helpers that
we provide for other operations.

Backports commit 271063206a46062a45fc6bab8dabe45f0b88159d from qemu
2020-05-15 21:06:06 -04:00
Richard Henderson 340f97bf4c target/arm: Create gen_gvec_{ceq,clt,cle,cgt,cge}0
Provide a functional interface for the vector expansion.
This fits better with the existing set of helpers that
we provide for other operations.

Macro-ize the 5 nearly identical comparisons.

Backports commit 69d5e2bf8c3cefedbfa1c1670137e636dbd7faa5 from qemu
2020-05-15 20:57:33 -04:00
Richard Henderson e08c2b8ece target/arm: Tidy handle_vec_simd_shri
Now that we've converted all cases to gvec, there is quite a bit
of dead code at the end of the function. Remove it.

Sink the call to gen_gvec_fn2i to the end, loading a function
pointer within the switch statement.

Backports commit 3f08f0bce841e7857ec98ce7909629d0c335005e from qemu
2020-05-15 20:47:47 -04:00
Richard Henderson 6190be3191 target/arm: Create gen_gvec_{sri,sli}
The functions eliminate duplication of the special cases for
this operation. They match up with the GVecGen2iFn typedef.

Add out-of-line helpers. We got away with only having inline
expanders because the neon vector size is only 16 bytes, and
we know that the inline expansion will always succeed.
When we reuse this for SVE, tcg-gvec-op may decide to use an
out-of-line helper due to longer vector lengths.

Backports commit 893ab0542aa385a287cbe46d5535c8b9e95ce699 from qemu
2020-05-15 20:39:28 -04:00
Richard Henderson 2609e6f319 target/arm: Create gen_gvec_{u,s}{rshr,rsra}
Create vectorized versions of handle_shri_with_rndacc
for shift+round and shift+round+accumulate. Add out-of-line
helpers in preparation for longer vector lengths from SVE.

Backports commit 6ccd48d4ea244c1c46a24dfa50bfb547f11422dd from qemu
2020-05-15 20:28:44 -04:00
Richard Henderson 5d7c46204d target/arm: Create gen_gvec_[us]sra
The functions eliminate duplication of the special cases for
this operation. They match up with the GVecGen2iFn typedef.

Add out-of-line helpers. We got away with only having inline
expanders because the neon vector size is only 16 bytes, and
we know that the inline expansion will always succeed.
When we reuse this for SVE, tcg-gvec-op may decide to use an
out-of-line helper due to longer vector lengths.

Backports commit 631e565450c483e0622eec3d8b61d7fa41d16bca from qemu
2020-05-15 20:10:32 -04:00
Richard Henderson b0f6374149 target/arm: Use tcg_gen_gvec_dup_imm
In a few cases, we're able to remove some manual replication.

Backports commit 8711e71f9cbb692d614e6ecf5d51222372f7b77e from qemu
2020-05-07 10:05:49 -04:00
Peter Maydell d350125eab target/arm: Move gen_ function typedefs to translate.h
We're going to want at least some of the NeonGen* typedefs
for the refactored 32-bit Neon decoder, so move them all
to translate.h since it makes more sense to keep them in
one group.

Backports commit 9aefc6cf9b73f66062d2f914a0136756e7a28211 from qemu
2020-05-07 09:51:52 -04:00
Richard Henderson b26b4c06cd target/arm: Vectorize integer comparison vs zero
These instructions are often used in glibc's string routines.
They were the final uses of the 32-bit at a time neon helpers.

Backports commit 6b375d3546b009d1e63e07397ec9c6af256e15e9 from qemu
2020-04-30 21:29:17 -04:00
Richard Henderson c9ee9a2729 target/arm: Move computation of index in handle_simd_dupe
Coverity reports a BAD_SHIFT with ctz32(imm5), with imm5 == 0.
This is an invalid encoding, but we diagnose that just below
by rejecting size > 3. Avoid the warning by sinking the
computation of index below the check.

Backports commit 550a04893c2bd4442211b353680b9a6408d94dba from qemu
2020-04-30 06:54:39 -04:00
Richard Henderson fd4ce2cba0 target/arm: Assert immh != 0 in disas_simd_shift_imm
Coverity raised a shed-load of errors cascading from inferring
that clz32(immh) might yield 32, from immh might be 0.

While immh cannot be 0 from encoding, it is not obvious even to
a human how we've checked that: via the filtering provided by
data_proc_simd[].

Backports commit 3944d58db3fc5bf131345a21a44013bc13849a12 from qemu
2020-04-30 06:53:54 -04:00
Richard Henderson 6c8172fd08 target/arm: Disable clean_data_tbi for system mode
We must include the tag in the FAR_ELx register when raising
an addressing exception. Which means that we should not clear
out the tag during translation.

We cannot at present comply with this for user mode, so we
retain the clean_data_tbi function for the moment, though it
no longer does what it says on the tin for system mode. This
function is to be replaced with MTE, so don't worry about the
slight misnaming.

Buglink: https://bugs.launchpad.net/qemu/+bug/1867072

Backports commit 38d931687fa196a7ef860f8583815abc7fd5521a from qemu
2020-04-30 06:18:31 -04:00
Richard Henderson e040675fbf target/arm: Clean address for DC ZVA
This data access was forgotten when we added support for cleaning
addresses of TBI information.

Fixes: 3a471103ac1823ba

Backports commit 597d61a3b1f94c53a3aaa77671697c0c5f797dbf from qemu.
2020-04-30 06:16:03 -04:00
Richard Henderson a22a2a8b71 target/arm: Introduce core_to_aa64_mmu_idx
If by context we know that we're in AArch64 mode, we need not
test for M-profile when reconstructing the full ARMMMUIdx.

Backports commit 20dc67c947a691fa9df05e76aec6df50204b4b94 from qemu
2020-04-30 05:58:59 -04:00
Peter Maydell 5416c5a672 target/arm: Implement v8.4-RCPC
The v8.4-RCPC extension implements some new instructions:
* LDAPUR, LDAPURB, LDAPURH, LDAPRSB, LDAPRSH, LDAPRSW
* STLUR, STLURB, STLURH

These are all in a new subgroup of encodings that sits below the
top-level "Loads and Stores" group in the Arm ARM.

The STLUR* instructions have standard store-release semantics; the
LDAPUR* have Load-AcquirePC semantics, but (as with LDAPR*) we choose
to implement them as the slightly stronger Load-Acquire.

Backports commit a1229109dec4375259d3fff99f362405aab7917a from qemu
2020-03-22 00:15:46 -04:00
Peter Maydell f72582bb7a target/arm: Implement v8.3-RCPC
The v8.3-RCPC extension implements three new load instructions
which provide slightly weaker consistency guarantees than the
existing load-acquire operations. For QEMU we choose to simply
implement them with a full LDAQ barrier.

Backports commit 2677cf9f92a5319bb995927f9225940414ce879d from qemu
2020-03-22 00:13:08 -04:00
Richard Henderson fcce8d4aa1 target/arm: Convert PMULL.8 to gvec
We still need two different helpers, since NEON and SVE2 get the
inputs from different locations within the source vector. However,
we can convert both to the same internal form for computation.

The sve2 helper is not used yet, but adding it with this patch
helps illustrate why the neon changes are helpful.

Backports commit e7e96fc5ec8c79dc77fef522d5226ac09f684ba5 from qemu
2020-03-21 19:35:46 -04:00
Richard Henderson c00f72f74f target/arm: Convert PMULL.64 to gvec
The gvec form will be needed for implementing SVE2.

Backports commit b9ed510e46f2f9e31e5e8adb4661d5d1cbe9a459 from qemu
2020-03-21 19:27:38 -04:00
Richard Henderson db8a935b44 target/arm: Convert PMUL.8 to gvec
The gvec form will be needed for implementing SVE2.

Extend the implementation to operate on uint64_t instead of uint32_t.
Use a counted inner loop instead of terminating when op1 goes to zero,
looking toward the required implementation for ARMv8.4-DIT.

Backports commit a21bb78e5817be3f494922e1dadd6455fe5d6318 from qemu
2020-03-21 19:22:18 -04:00
Richard Henderson d3139f2f0a target/arm: Vectorize USHL and SSHL
These instructions shift left or right depending on the sign
of the input, and 7 bits are significant to the shift. This
requires several masks and selects in addition to the actual
shifts to form the complete answer.

That said, the operation is still a small improvement even for
two 64-bit elements -- 13 vector operations instead of 2 * 7
integer operations.

Backports commit 87b74e8b6edd287ea2160caa0ebea725fa8f1ca1 from qemu
2020-03-21 19:14:17 -04:00
Richard Henderson 51b6064ba4 target/arm: Flush high bits of sve register after AdvSIMD INS
Writes to AdvSIMD registers flush the bits above 128.

Backports commit 528dc354b6f3aa82d65141cc60bc0e725e6cae98 from qemu
2020-03-21 17:58:09 -04:00
Richard Henderson 74cbfceb56 target/arm: Flush high bits of sve register after AdvSIMD ZIP/UZP/TRN
Writes to AdvSIMD registers flush the bits above 128.

Backports commit 33649de62e40df0060a1c514574e4ef25c4e52e1 from qemu
2020-03-21 17:56:40 -04:00
Richard Henderson 6eb8472344 target/arm: Flush high bits of sve register after AdvSIMD TBL/TBX
Writes to AdvSIMD registers flush the bits above 128.

Backports commit 263273bc988e677ebadeaf7d0e49f6792a112db5 from qemu
2020-03-21 17:56:08 -04:00
Richard Henderson 18e9c4805f target/arm: Flush high bits of sve register after AdvSIMD EXT
Writes to AdvSIMD registers flush the bits above 128.

Backports commit 78cedfabd53b6f64e7e64fc84878d848e5df1d08 from qemu
2020-03-21 17:55:12 -04:00
Richard Henderson 5b5050c6ca target/arm: Update MSR access to UAO
Backports commit 9eeb7a1c9531cb3574bfe2c36eb7624802c3ec00 from qemu
2020-03-21 17:48:01 -04:00
Richard Henderson 35fab80c57 target/arm: Update MSR access for PAN
For aarch64, there's a dedicated msr (imm, reg) insn.
For aarch32, this is done via msr to cpsr. Writes from el0
are ignored, which is already handled by the CPSR_USER mask.

Backports commit 220f508f49c5f49fb771d5105f991c19ffede3f7 from qemu
2020-03-21 17:33:16 -04:00