Commit graph

6147 commits

Author SHA1 Message Date
Wanpeng Li c041f5f2cc
target-i386: adds PV_SCHED_YIELD CPUID feature bit
Adds PV_SCHED_YIELD CPUID feature bit.

Backports commit b896c4b50da107bf0d40e6215d4ee20daf64723b from qemu
2019-11-18 21:38:26 -05:00
Aleksandar Markovic 551b3db088
target/mips: Style improvements in translate.c
Fixes mostly errors and warnings reported by 'checkpatch.pl -f'.

Backports commit 71375b59241a27b75d287b9216e5e82e43d763d8 from qemu
2019-11-18 21:36:30 -05:00
Aleksandar Markovic cf6adb51e0
target/mips: Style improvements in cpu.c
Fixes mostly errors and warnings reported by 'checkpatch.pl -f'.

Backports commit cf02a1164815ed6682c21070ddc95b88c31ff476 from qemu
2019-11-18 21:25:54 -05:00
Aleksandar Markovic 780b748780
target/mips: Style improvements in cp0_timer.c
Fixes mostly errors and warnings reported by 'checkpatch.pl -f'.

Backports commit 2f0d0196721d207297ce00a6cb39fc52005ccc7a from qemu
2019-11-18 21:24:37 -05:00
Richard Henderson 8767d64b66
target/riscv: Remove redundant declaration pragmas
These are now generated by decodetree itself.

Backports commit 59a3a1c0c211640e18b058a1b0444154c4eb6f99 from qemu
2019-11-18 21:22:09 -05:00
Richard Henderson b33a5bd513
decodetree: Suppress redundant declaration warnings
We can tell that a decodetree input file is "secondary" when it
uses an argument set marked "!extern". This indicates that at
least one of the insn translation functions will have already
been declared by the "primary" input file, but given only the
secondary we cannot tell which.

Avoid redundant declaration warnings by suppressing them with pragmas.

Backports commit c692079597d98337b6f25deff7599afe39b2a468 from qemu
2019-11-18 21:21:30 -05:00
Richard Henderson 6e2358ab60
decodetree: Allow !function with no input bits
Call this form a "parameter", returning a value extracted
from the DisasContext.

Backports commit 94597b6146f30f949f2c454f424082a2b0f55a0e from qemu
2019-11-18 21:21:25 -05:00
Alex Bennée 14b401f0bf
target/riscv: rationalise softfloat includes
We should avoid including the whole of softfloat headers in cpu.h and
explicitly include it only where we will be calling softfloat
functions. We can use the -types.h and -helpers.h in cpu.h for the few
bits that are global.

Backports commit 135b03cb9defbd080b8834b30e3d45bed00c6137 from qemu
2019-11-18 21:17:03 -05:00
Alex Bennée 3afb3723c7
target/mips: rationalise softfloat includes
We should avoid including the whole of softfloat headers in cpu.h and
explicitly include it only where we will be calling softfloat
functions. We can use the -types.h in cpu.h for the few bits that are
global. We also move the restore_snan_bit_mode into internal.h and
include -helpers.h there.

Backports commit 502700d0674919309a19bfd016ea0680c6b7747d from qemu
2019-11-18 21:15:19 -05:00
Alex Bennée 9d83300f3e
fpu: rename softfloat-specialize.h -> .inc.c
This is not a normal header and should only be included in the main
softfloat.c file to bring in the various target specific
specialisations. Indeed as it contains non-inlined C functions it is
not even a legal header. Rename it to match our included C convention.

Backports commit 00f43279a3e5e7ea3a0fa853157863663e838e2e from qemu
2019-11-18 21:12:30 -05:00
Alex Bennée 064f50cdf6
fpu: make softfloat-macros self-contained
The macros use the "flags" type and to be consistent if anyone just
needs the macros we should bring in the header we need. There is an
outstanding TODO to audit the use of "flags" and replace with bool at
which point this include could be dropped.

Backports commit 5937fb63a92d54cc4e5270256e4387c4d3a70091 from qemu
2019-11-18 21:10:39 -05:00
Alex Bennée 5ab2ac8dac
fpu: move inline helpers into a separate header
There are a bunch of users of the inline helpers who do not need
access to the entire softfloat API. Move those inline helpers into a
new header file which can be included without bringing in the rest of
the world.

Backports commit e34c47ea3fb5f324b58db117b3c010a494c8d6ca from qemu
2019-11-18 21:09:02 -05:00
Alex Bennée be878fb0e9
fpu: remove the LIT64 macro
Now the rest of the code has been cleaned up we can remove this.

Backports commit 472038ccf5d69ebcad44d835488a36ee640c219f from qemu
2019-11-18 21:06:55 -05:00
Alex Bennée affde8930a
target/m68k: replace LIT64 with UINT64_C macros
In our quest to eliminate the home rolled LIT64 macro we fixup usage
inside for m68k's many constants.

Backports commit e23263004d5fea809ad0f78c523f498e04ba788f from qemu
2019-11-18 21:05:59 -05:00
Alex Bennée dbddafe2df
fpu: replace LIT64 with UINT64_C macros
In our quest to eliminate the home rolled LIT64 macro we fixup usage
inside the softfloat code. While we are at it we remove some of the
extraneous spaces to closer fit the house style.

Backports commit e932112420f063776f2b9d9e5512830cd6890a7a from qemu
2019-11-18 20:57:12 -05:00
Alex Bennée 6eb3c9ee79
fpu: use min/max values from stdint.h for integral overflow
Remove some more use of LIT64 while making the meaning more clear. We
also avoid the need of casts as the results by definition fit into the
return type.

Backports commit 2c217da0fc9f1127bda804e2a500b8138b02c581 from qemu
2019-11-18 20:45:40 -05:00
Alex Bennée 0d573763c9
fpu: convert float[16/32/64]_squash_denormal to new modern style
This also allows us to remove the extractFloat16exp/frac helpers. We
avoid using the floatXX_pack_raw functions as they are slight overkill
for masking out all but the top bit of the number. The generated code
is almost exactly the same as makes no difference to the
pre-conversion code.

Backports commit e6b405fe00d8e6424a58492b37a1656d1ef0929b from qemu
2019-11-18 20:42:06 -05:00
Alex Bennée e5c799cd3c
fpu: replace LIT64 usage with UINT64_C for specialize constants
We have a wrapper that does the right thing from stdint.h so lets use
it for our constants in softfloat-specialize.h

Backports commit f7e81a945737631c19405a39d510d2284257c3ff from qemu
2019-11-18 20:39:03 -05:00
Richard Henderson 9d2a3064af
target/arm: Use tcg_gen_extrh_i64_i32 to extract the high word
Separate shift + extract low will result in one extra insn
for hosts like RISC-V, MIPS, and Sparc.

Backports commit 664b7e3b97d6376f3329986c465b3782458b0f8b from qemu
2019-11-18 20:36:19 -05:00
Richard Henderson 93c016a3e7
target/arm: Simplify SMMLA, SMMLAR, SMMLS, SMMLSR
All of the inputs to these instructions are 32-bits. Rather than
extend each input to 64-bits and then extract the high 32-bits of
the output, use tcg_gen_muls2_i32 and other 32-bit generator functions.

Backports commit 5f8cd06ebcf57420be8fea4574de2e074de46709 from qemu
2019-11-18 20:31:12 -05:00
Richard Henderson 4a1cc16eef
target/arm: Use tcg_gen_rotri_i32 for gen_swap_half
Rotate is the more compact and obvious way to swap 16-bit
elements of a 32-bit word.

Backports commit adefba76e8bf10dfb342094d2f5debfeedb1a74d from qemu
2019-11-18 20:27:12 -05:00
Richard Henderson 751ab7b24b
target/arm: Use ror32 instead of open-coding the operation
The helper function is more documentary, and also already
handles the case of rotate by zero.

Backports commit dd861b3f29be97a9e3cdb9769dcbc0c7d7825185 from qemu
2019-11-18 20:25:51 -05:00
Richard Henderson df4c773ed2
target/arm: Remove redundant shift tests
The immediate shift generator functions already test for,
and eliminate, the case of a shift by zero.

Backports commit 464eaa9571fae5867d9aea7d7209c091c8a50223 from qemu
2019-11-18 20:24:39 -05:00
Richard Henderson 4dd30ebfbd
target/arm: Use tcg_gen_deposit_i32 for PKHBT, PKHTB
Use deposit as the composit operation to merge the
bits from the two inputs.

Backports commit d1f8755fc93911f5b27246b1da794542d222fa1b from qemu
2019-11-18 20:22:00 -05:00
Richard Henderson 25ccd28e78
target/arm: Use tcg_gen_extract_i32 for shifter_out_im
Extract is a compact combination of shift + and.

Backports commit 191f4bfe8d6cf0c7d5cd7f84cd7076e32e3745dd from qemu
2019-11-18 20:19:40 -05:00
Andrew Jones ad63ee7509
target/arm/cpu: Use div-round-up to determine predicate register array size
Unless we're guaranteed to always increase ARM_MAX_VQ by a multiple of
four, then we should use DIV_ROUND_UP to ensure we get an appropriate
array size.

Backports commit 46417784d21c89446763f2047228977bdc267895 from qemu
2019-11-18 20:16:46 -05:00
Andrew Jones bb8b3bc42b
target/arm/helper: zcr: Add build bug next to value range assumption
The current implementation of ZCR_ELx matches the architecture, only
implementing the lower four bits, with the rest RAZ/WI. This puts
a strict limit on ARM_MAX_VQ of 16. Make sure we don't let ARM_MAX_VQ
grow without a corresponding update here.

Backports commit 7b351d98709d3f77d6bb18562e1bf228862b0d57 from qemu
2019-11-18 20:14:42 -05:00
Richard Henderson 3d3d56056b
target/arm: Remove helper_double_saturate
Replace x = double_saturate(y) with x = add_saturate(y, y).
There is no need for a separate more specialized helper.

Backports commit 640581a06d14e2d0d3c3ba79b916de6bc43578b0 from qemu
2019-11-18 20:13:21 -05:00
Richard Henderson fb2d3c9a9a
target/arm: Use unallocated_encoding for aarch32
Promote this function from aarch64 to fully general use.
Use it to unify the code sequences for generating illegal
opcode exceptions.

Backports commit 3cb36637157088892e9e33ddb1034bffd1251d3b from qemu
2019-11-18 20:10:50 -05:00
Richard Henderson d562bea784
target/arm: Remove offset argument to gen_exception_bkpt_insn
Unlike the other more generic gen_exception{,_internal}_insn
interfaces, breakpoints always refer to the current instruction.

Backports commit 06bcbda3f64d464b6ecac789bce4bd69f199cd68 from qemu
2019-11-18 20:05:45 -05:00
Richard Henderson f19b4df20d
target/arm: Replace offset with pc in gen_exception_internal_insn
The offset is variable depending on the instruction set.
Passing in the actual value is clearer in intent.

Backpors commit aee828e7541a5895669ade3a4b6978382b6b094a from qemu
2019-11-18 20:05:23 -05:00
Richard Henderson 00fbadf637
target/arm: Replace s->pc with s->base.pc_next
We must update s->base.pc_next when we return from the translate_insn
hook to the main translator loop. By incrementing s->base.pc_next
immediately after reading the insn word, "pc_next" contains the address
of the next instruction throughout translation.

All remaining uses of s->pc are referencing the address of the next insn,
so this is now a simple global replacement. Remove the "s->pc" field.

Backports commit a04159166b880b505ccadc16f2fe84169806883d from qemu
2019-11-18 17:32:53 -05:00
Richard Henderson 7d1fcef722
target/arm: Remove redundant s->pc & ~1
The thumb bit has already been removed from s->pc, and is always even.

Backports commit 4818c3743b0e0095fdcecd24457da9b3443730ab from qemu
2019-11-18 17:32:53 -05:00
Richard Henderson a2e60445de
target/arm: Introduce add_reg_for_lit
Provide a common routine for the places that require ALIGN(PC, 4)
as the base address as opposed to plain PC. The two are always
the same for A32, but the difference is meaningful for thumb mode.

Backports commit 16e0d8234ef9291747332d2c431e46808a060472 from qemu
2019-11-18 17:32:49 -05:00
Richard Henderson 1c0914e58c
target/arm: Introduce read_pc
We currently have 3 different ways of computing the architectural
value of "PC" as seen in the ARM ARM.

The value of s->pc has been incremented past the current insn,
but that is all. Thus for a32, PC = s->pc + 4; for t32, PC = s->pc;
for t16, PC = s->pc + 2. These differing computations make it
impossible at present to unify the various code paths.

With the newly introduced s->pc_curr, we can compute the correct
value for all cases, using the formula given in the ARM ARM.

This changes the behaviour for load_reg() and load_reg_var()
when called with reg==15 from a 32-bit Thumb instruction:
previously they would have returned the incorrect value
of pc_curr + 6, and now they will return the architecturally
correct value of PC, which is pc_curr + 4. This will not
affect well-behaved guest software, because all of the places
we call these functions from T32 code are instructions where
using r15 is UNPREDICTABLE. Using the architectural PC value
here is more consistent with the T16 and A32 behaviour.

Backports commit fdbcf6329d0c2984c55d7019419a72bf8e583c36 from qemu
2019-11-18 17:04:50 -05:00
Richard Henderson 0048f3e887
target/arm: Introduce pc_curr
Add a new field to retain the address of the instruction currently
being translated. The 32-bit uses are all within subroutines used
by a32 and t32. This will become less obvious when t16 support is
merged with a32+t32, and having a clear definition will help.

Convert aarch64 as well for consistency. Note that there is one
instance of a pre-assert fprintf that used the wrong value for the
address of the current instruction.

Backports commit 43722a6d4f0c92f7e7e1e291580039b0f9789df1 from qemu
2019-11-18 16:58:40 -05:00
Richard Henderson 1aa3c685a8
target/arm: Pass in pc to thumb_insn_is_16bit
This function is used in two different contexts, and it will be
clearer if the function is given the address to which it applies.

Backports commit 331b1ca616cb708db30dab68e3262d286e687f24 from qemu
2019-11-18 16:52:35 -05:00
Peter Maydell c61e22627d
target/arm: Fix routing of singlestep exceptions
When generating an architectural single-step exception we were
routing it to the "default exception level", which is to say
the same exception level we execute at except that EL0 exceptions
go to EL1. This is incorrect because the debug exception level
can be configured by the guest for situations such as single
stepping of EL0 and EL1 code by EL2.

We have to track the target debug exception level in the TB
flags, because it is dependent on CPU state like HCR_EL2.TGE
and MDCR_EL2.TDE. (That we were previously calling the
arm_debug_target_el() function to determine dc->ss_same_el
is itself a bug, though one that would only have manifested
as incorrect syndrome information.) Since we are out of TB
flag bits unless we want to expand into the cs_base field,
we share some bits with the M-profile only HANDLER and
STACKCHECK bits, since only A-profile has this singlestep.

Fixes: https://bugs.launchpad.net/qemu/+bug/1838913

Backports commit 8bd587c1066f4456ddfe611b571d9439a947d74c from qemu
2019-11-18 16:50:15 -05:00
Peter Maydell 3f531fac61
target/arm: Factor out 'generate singlestep exception' function
Factor out code to 'generate a singlestep exception', which is
currently repeated in four places.

To do this we need to also pull the identical copies of the
gen-exception() function out of translate-a64.c and translate.c
into translate.h.

(There is a bug in the code: we're taking the exception to the wrong
target EL. This will be simpler to fix if there's only one place to
do it.)

Backports commit c1d5f50f094ab204accfacc2ee6aafc9601dd5c4 from qemu
2019-11-18 16:47:08 -05:00
Alex Bennée 0d6ed39333
target/arm: generate a custom MIDR for -cpu max
While most features are now detected by probing the ID_* registers
kernels can (and do) use MIDR_EL1 for working out of they have to
apply errata. This can trip up warnings in the kernel as it tries to
work out if it should apply workarounds to features that don't
actually exist in the reported CPU type.

Avoid this problem by synthesising our own MIDR value.

Backports commit 2bd5f41c00686a1f847a60824d0375f3df2c26bf from qemu
2019-11-18 16:42:51 -05:00
Markus Armbruster bb1f47545c
typedefs: Separate incomplete types and function types
While there, rewrite the obsolete file comment.

Backports commit 2a28720d773df2193c9fb633c02092cca107a9e5 from qemu
2019-11-18 16:42:51 -05:00
Peter Maydell f773fd7fef
Open 4.2 development tree
Backports commit f8f2eac4e5de8ce8ef17591ee1b84904437be25b from qemu
2019-11-18 16:42:51 -05:00
Michael Roth 867b7dcd08
Update version for 4.1.1 release
Backports commit 99c5874a9b6c9f70aef285d6eff85d4f46de3c52 from qemu
2019-11-18 16:42:51 -05:00
Dr. David Alan Gilbert 0b8add4e6f
memory: Provide an equality function for MemoryRegionSections
Provide a comparison function that checks all the fields are the same.

Backports commit 42b6571357a083f721a27daa6dfdc69e4bd516bd from qemu
2019-11-18 16:42:50 -05:00
Dr. David Alan Gilbert 3807ec09de
memory: Align MemoryRegionSections fields
MemoryRegionSection includes an Int128 'size' field;
on some platforms the compiler causes an alignment of this to
a 128bit boundary, leaving 8 bytes of dead space.
This deadspace can be filled with junk.

Move the size field to the top avoiding unnecessary alignment.

Backports commit c0aca9352d51c102c55fe29ce5c1bf8e74a5183e from qemu
2019-11-18 16:42:47 -05:00
Christophe Lyon 8264cb84fe
target/arm: Allow reading flags from FPSCR for M-profile
rt==15 is a special case when reading the flags: it means the
destination is APSR. This patch avoids rejecting vmrs apsr_nzcv, fpscr
as illegal instruction.

Backports commit cdc6896659b85f7ed8f7552850312e55170de0c5 from qemu
2019-11-18 16:32:06 -05:00
Peter Maydell 3fc86e1901
target/arm: Don't abort on M-profile exception return in linux-user mode
An attempt to do an exception-return (branch to one of the magic
addresses) in linux-user mode for M-profile should behave like
a normal branch, because linux-user mode is always going to be
in 'handler' mode. This used to work, but we broke it when we added
support for the M-profile security extension in commit d02a8698d7ae2bfed.

In that commit we allowed even handler-mode calls to magic return
values to be checked for and dealt with by causing an
EXCP_EXCEPTION_EXIT exception to be taken, because this is
needed for the FNC_RETURN return-from-non-secure-function-call
handling. For system mode we added a check in do_v7m_exception_exit()
to make any spurious calls from Handler mode behave correctly, but
forgot that linux-user mode would also be affected.

How an attempted return-from-non-secure-function-call in linux-user
mode should be handled is not clear -- on real hardware it would
result in return to secure code (not to the Linux kernel) which
could then handle the error in any way it chose. For QEMU we take
the simple approach of treating this erroneous return the same way
it would be handled on a CPU without the security extensions --
treat it as a normal branch.

The upshot of all this is that for linux-user mode we should never
do any of the bx_excret magic, so the code change is simple.

This ought to be a weird corner case that only affects broken guest
code (because Linux user processes should never be attempting to do
exception returns or NS function returns), except that the code that
assigns addresses in RAM for the process and stack in our linux-user
code does not attempt to avoid this magic address range, so
legitimate code attempting to return to a trampoline routine on the
stack can fall into this case. This change fixes those programs,
but we should also look at restricting the range of memory we
use for M-profile linux-user guests to the area that would be
real RAM in hardware.

Backports commit 9027d3fba605d8f6093342ebe4a1da450d374630 from qemu
2019-11-18 16:30:43 -05:00
Peter Maydell 8f7f19ce43
target/arm: Free TCG temps in trans_VMOV_64_sp()
The function neon_store_reg32() doesn't free the TCG temp that it
is passed, so the caller must do that. We got this right in most
places but forgot to free the TCG temps in trans_VMOV_64_sp().

Backports commit 38fb634853ac6547326d9f88b9a068d9fc6b4ad4 from qemu
2019-11-18 16:27:21 -05:00
Peter Maydell 96f2342a21
Update version for v4.1.0 release
Backports commit 9e06029aea3b2eca1d5261352e695edc1e7d7b8b from qemu
2019-11-18 16:25:50 -05:00
Peter Maydell 0f45c5565f
Update version for v4.1.0-rc5 release
Backports commit f28ed74fd116491e31329044d140fde4aa23b2a0 from qemu
2019-11-18 16:25:18 -05:00