Commit graph

92 commits

Author SHA1 Message Date
Joel Sing 14c6ed2cca
RISC-V: Clear load reservations on context switch and SC
This prevents a load reservation from being placed in one context/process,
then being used in another, resulting in an SC succeeding incorrectly and
breaking atomics.

Backports commit c13b169f1a3dd158d6c75727cdc388f95988db39 from qemu
2019-08-08 17:15:45 -04:00
Palmer Dabbelt 4a3d8417ca
RISC-V: Add support for the Zicsr extension
The various CSR instructions have been split out of the base ISA as part
of the ratification process. This patch adds a Zicsr argument, which
disables all the CSR instructions.

Backports commit 591bddea8d874e1500921de0353818e5586618f5 from qemu
2019-08-08 17:10:34 -04:00
Palmer Dabbelt 5b59f956b3
RISC-V: Add support for the Zifencei extension
fence.i has been split out of the base ISA as part of the ratification
process. This patch adds a Zifencei argument, which disables the
fence.i instruction.

Backports commit 50fba816cd226001bec3e495c39879deb2fa5432 from qemu
2019-08-08 17:09:09 -04:00
Alistair Francis e006204543
target/riscv: Set privledge spec 1.11.0 as default
Set the priv spec version 1.11.0 as the default and allow selecting it
via the command line.

Backports commit e3147506b02edcdd7c14ebb41a10fcc3027dcc5c from qemu
2019-08-08 17:05:40 -04:00
Alistair Francis 2ed6459e98
target/riscv: Add the mcountinhibit CSR
1.11 defines mcountinhibit, which has the same numeric CSR value as
mucounteren from 1.09.1 but has different semantics. This patch enables
the CSR for 1.11-based targets, which is trivial to implement because
the counters in QEMU never tick (legal according to the spec).

Backports commit 747a43e818dc36bd50ef98c2b11a7c31ceb810fa from qemu
2019-08-08 17:04:52 -04:00
Alistair Francis 4934db3de6
target/riscv: Add the privledge spec version 1.11.0
Add support for the ratified RISC-V privledge spec.

Backports commit 6729dbbd420696fcf69cf2c86bdfc66e072058ce from qemu
2019-08-08 17:03:33 -04:00
Alistair Francis 9241c2c842
target/riscv: Restructure deprecatd CPUs
Restructure the deprecated CPUs to make it clear in the code that these
are depreated. They are already marked as deprecated in
qemu-deprecated.texi. There are no functional changes.

Backports commit c1fb65e63cfca4506a14b084afd0eca2dc464fe8 from qemu
2019-08-08 17:01:22 -04:00
Hesham Almatary 39bfe52bc6
RISC-V: Fix a PMP check with the correct access size
The PMP check should be of the memory access size rather
than TARGET_PAGE_SIZE.

Backports commit db21e6f72721996ddf1948c35a8ee35238089da4 from qemu
2019-08-08 16:57:03 -04:00
Hesham Almatary e648455989
RISC-V: Fix a PMP bug where it succeeds even if PMP entry is off
The current implementation returns 1 (PMP check success) if the address is in
range even if the PMP entry is off. This is a bug.

For example, if there is a PMP check in S-Mode which is in range, but its PMP
entry is off, this will succeed, which it should not.

The patch fixes this bug by only checking the PMP permissions if the address is
in range and its corresponding PMP entry it not off. Otherwise, it will keep
the ret = -1 which will be checked and handled correctly at the end of the
function.

Backports commit f8162068f18f2f264a0355938784f54089234211 from qemu
2019-08-08 16:55:52 -04:00
Hesham Almatary e0592a9a58
RISC-V: Check PMP during Page Table Walks
The PMP should be checked when doing a page table walk, and report access
fault exception if the to-be-read PTE failed the PMP check.

Backports commit 1f447aec787bfbbd078afccae44fc4c92acb4fed from qemu
2019-08-08 16:54:45 -04:00
Hesham Almatary 614c2954b0
RISC-V: Check for the effective memory privilege mode during PMP checks
The current PMP check function checks for env->priv which is not the effective
memory privilege mode.

For example, mstatus.MPRV could be set while executing in M-Mode, and in that
case the privilege mode for the PMP check should be S-Mode rather than M-Mode
(in env->priv) if mstatus.MPP == PRV_S.

This patch passes the effective memory privilege mode to the PMP check.
Functions that call the PMP check should pass the correct memory privilege mode
after reading mstatus' MPRV/MPP or hstatus.SPRV (if Hypervisor mode exists).

Backports commit cc0fdb298517ce56c770803447f8b02a90271152 from qemu
2019-08-08 16:52:57 -04:00
Hesham Almatary e8edd4d109
RISC-V: Raise access fault exceptions on PMP violations
Section 3.6 in RISC-V v1.10 privilege specification states that PMP violations
report "access exceptions." The current PMP implementation has
a bug which wrongly reports "page exceptions" on PMP violations.

This patch fixes this bug by reporting the correct PMP access exceptions
trap values.

Backports commit 635b0b0ea39a13d1a3df932452e5728aebbb3f6e from qemu
2019-08-08 16:50:57 -04:00
Hesham Almatary f597727171
RISC-V: Only Check PMP if MMU translation succeeds
The current implementation unnecessarily checks for PMP even if MMU translation
failed. This may trigger a wrong PMP access exception instead of
a page exception.

For example, the very first instruction fetched after the first satp write in
S-Mode will trigger a PMP access fault instead of an instruction fetch page
fault.

This patch prioritises MMU exceptions over PMP exceptions and only checks for
PMP if MMU translation succeeds. This patch is required for future commits
that properly report PMP exception violations if PTW succeeds.

Backports commit e0f8fa72deba7ac7a7ae06ba25e6498aaad93ace from qemu
2019-08-08 16:49:06 -04:00
Michael Clark 6ab36ed89e
target/riscv: Implement riscv_cpu_unassigned_access
This patch adds support for the riscv_cpu_unassigned_access call
and will raise a load or store access fault.

Backports commit cbf5827693addaff4e4d2102afedbf078a204eb2 from qemu
2019-08-08 16:48:02 -04:00
Dayeol Lee 6528c78fd5
target/riscv: Fix PMP range boundary address bug
A wrong address is passed to `pmp_is_in_range` while checking if a
memory access is within a PMP range.
Since the ending address of the pmp range (i.e., pmp_state.addr[i].ea)
is set to the last address in the range (i.e., pmp base + pmp size - 1),
memory accesses containg the last address in the range will always fail.

For example, assume that a PMP range is 4KB from 0x87654000 such that
the last address within the range is 0x87654fff.
1-byte access to 0x87654fff should be considered to be fully inside the
PMP range.
However the access now fails and complains partial inclusion because
pmp_is_in_range(env, i, addr + size) returns 0 whereas
pmp_is_in_range(env, i, addr) returns 1.

Backports commit 49db9fa1fd7c252596b53cf80876e06f407d09ed from qemu
2019-08-08 16:42:24 -04:00
Richard Henderson 8f53f09a05
cpu: Introduce CPUNegativeOffsetState
Nothing in there so far, but all of the plumbing done
within the target ArchCPU state.

Backports commit 5b146dc716cfd247f99556c04e6e46fbd67565a0 from qemu
2019-06-13 15:08:25 -04:00
Richard Henderson a672b89e3b
cpu: Introduce cpu_set_cpustate_pointers
Consolidate some boilerplate from foo_cpu_initfn.

Backports commit 7506ed902eb97fe4e2a1dd16766c621d32ecc40d from qemu
2019-06-12 12:27:16 -04:00
Richard Henderson ac176ccb38
cpu: Move ENV_OFFSET to exec/gen-icount.h
Now that we have ArchCPU, we can define this generically,
in the one place that needs it.

Backports commit 677c4d69ac21961e76a386f9bfc892a44923acc0 from qemu
2019-06-12 12:20:21 -04:00
Richard Henderson 47b797f1bb
target/riscv: Use env_cpu, env_archcpu
Cleanup in the boilerplate that each target must define.
Replace riscv_env_get_cpu with env_archcpu. The combination
CPU(riscv_env_get_cpu) should have used ENV_GET_CPU to begin;
use env_cpu now.

Backports commit 3109cd98a6c0c618189b38a83a8aa29cb20acbce from qemu
2019-06-12 12:06:19 -04:00
Richard Henderson fbf91a6535
cpu: Replace ENV_GET_CPU with env_cpu
Now that we have both ArchCPU and CPUArchState, we can define
this generically instead of via macro in each target's cpu.h.

Backports commit 29a0af618ddd21f55df5753c3e16b0625f534b3c from qemu
2019-06-12 11:16:16 -04:00
Richard Henderson ae94fb5992
cpu: Define ArchCPU
For all targets, do this just before including exec/cpu-all.h.

Backports commit 2161a612b4e1d388046320bc464adefd6bba01a0 from qemu
2019-06-12 11:08:39 -04:00
Richard Henderson e3f1f25996
cpu: Define CPUArchState with typedef
For all targets, do this just before including exec/cpu-all.h.

Backports commit 4f7c64b3819d559417615ed2b1d028ebc1a49580 from qemu
2019-06-12 11:06:36 -04:00
Markus Armbruster 5e5197b136
Supply missing header guards
Backports applicable parts of commit
f91005e195e7e1485e60cb121731589960f1a3c9 from qemu
2019-06-12 10:59:10 -04:00
Richard Henderson df2a890bd7
tcg: Split out target/arch/cpu-param.h
For all targets, into this new file move TARGET_LONG_BITS,
TARGET_PAGE_BITS, TARGET_PHYS_ADDR_SPACE_BITS,
TARGET_VIRT_ADDR_SPACE_BITS, and NB_MMU_MODES.

Include this new file from exec/cpu-defs.h.

This now removes the somewhat odd requirement that target/arch/cpu.h
defines TARGET_LONG_BITS before including exec/cpu-defs.h, so push the
bulk of the includes within target/arch/cpu.h to the top.

Backports commit 74433bf083b0766aba81534f92de13194f23ff3e from qemu
2019-06-10 19:35:46 -04:00
Jonathan Behrens 1d6acaa604
target/riscv: Only flush TLB if SATP.ASID changes
There is an analogous change for ARM here:
https://patchwork.kernel.org/patch/10649857

Backports commit 1e0d985fa9136a563168a3da66f3d17820404ee2 from qemu
2019-05-28 19:22:51 -04:00
Jonathan Behrens 7922aa54c0
target/riscv: More accurate handling of CSR
According to the spec, "All bits besides SSIP, USIP, and UEIP in the sip
register are read-only." Further, if an interrupt is not delegated to mode x,
then "the corresponding bits in xip [...] should appear to be hardwired to
zero. This patch implements both of those requirements.

Backports commit 087b051a51a0c2a5bc1e8d435a484a8896b4176b from qemu
2019-05-28 19:22:04 -04:00
Richard Henderson d1ad8bf44c
target/riscv: Add checks for several RVC reserved operands
C.ADDI16SP, C.LWSP, C.JR, C.ADDIW, C.LDSP all have reserved
operands that were not diagnosed.

Backports commit 4cc16b3b9282e04fab8e84d136540757e82af019 from qemu
2019-05-28 19:20:36 -04:00
Alistair Francis aca20201d4
target/riscv: Add the HGATP register masks
Backports commit e06431108b0b1ef6ca76398d2b0b792ea24ae6bc from qemu
2019-05-28 19:19:00 -04:00
Alistair Francis 294297b646
target/riscv: Add the HSTATUS register masks
Backports commit d28b15a4d3b1e000ec7bf9090fe870cbc5f1eb2c from qemu
2019-05-28 19:18:28 -04:00
Alistair Francis 2e6d11ee47
target/riscv: Add Hypervisor CSR macros
Add the 1.10.1 Hypervisor CSRs and remove the 1.9.1 spec versions.

Backports commit 71f09a5bb48d0c51b87e70158407ec2db4a9c6e2 from qemu
2019-05-28 19:17:54 -04:00
Alistair Francis 47e4e047bc
target/riscv: Allow setting mstatus virtulisation bits
Backports commit 1f0419cb0475eebdbefea67483e85287f3af07a7 from qemu
2019-05-28 19:17:18 -04:00
Alistair Francis c64f57c360
target/riscv: Add the MPV and MTL mstatus bits
Backports commit 49aaa3e534f5422a56313bb93c1880e70fc1da7e from qemu
2019-05-28 19:15:33 -04:00
Alistair Francis b44de569f0
target/riscv: Improve the scause logic
No functional change, just making the code easier to read.

Backports commit 16fdb8ff64374ed51b246437e13043039a8eb9f9 from qemu
2019-05-28 19:14:44 -04:00
Alistair Francis 4b0355dcfc
target/riscv: Mark privilege level 2 as reserved
Backports commit 356d74192a035c71a78a22d24812a6df6099ae40 from qemu
2019-05-28 19:12:10 -04:00
Alistair Francis ea2fee2d4d
target/riscv: Add a base 32 and 64 bit CPU
At the same time deprecate the ISA string CPUs.

It is dobtful anyone specifies the CPUs, but we are keeping them for the
Spike machine (which is about to be depreated) so we may as well just
mark them as deprecated.

Backports commit 8903bf6e6d73d03b988b4a8197132de2ad681ff5 from qemu
2019-05-28 19:11:12 -04:00
Richard Henderson 9c1212f627
target/riscv: Remove spaces from register names
These extra spaces make the "-d op" dump look weird.

Backports commit 7f9188e210aff6522a960d9669a583a3a752ddc0 from qemu
2019-05-28 19:08:50 -04:00
Richard Henderson 68ce00ac2f
target/riscv: Split gen_arith_imm into functional and temp
The tcg_gen_fooi_tl functions have some immediate constant
folding built in, which match up with some of the riscv asm
builtin macros, like mv and not.

Backports commit 598aa1160c3d17ab9271daf1f69d093ebada3f25 from qemu
2019-05-28 19:07:53 -04:00
Richard Henderson a62b4e5def
target/riscv: Split RVC32 and RVC64 insns into separate files
This eliminates all functions in insn_trans/trans_rvc.inc.c,
so the entire file can be removed.

Backports commit 0e68e240a9bd3b44a91cd6012f0e2bf2a43b9fe2 from qemu
2019-05-28 19:00:23 -04:00
Richard Henderson a968769d26
target/riscv: Use pattern groups in insn16.decode
This eliminates about half of the complicated decode
bits within insn_trans/trans_rvc.inc.c.

Backports commit c2cfb97c01a3636867c1a4a24f8a99fd8c6bed28 from qemu
2019-05-28 18:55:28 -04:00
Richard Henderson 8360c1fa3b
target/riscv: Merge argument decode for RVC shifti
Special handling for IMM==0 is the only difference between
RVC shifti and RVI shifti. This can be handled with !function.

Backports commit 6cafec92f1c862a9754ef6a28be68ba7178a284d from qemu
2019-05-28 18:52:50 -04:00
Richard Henderson dc087c4c0c
target/riscv: Merge argument sets for insn32 and insn16
In some cases this allows us to directly use the insn32
translator function. In some cases we still need a shim.

Backports commit e1d455dd91c935c714412dafeb24db947429a929 from qemu
2019-05-28 18:50:48 -04:00
Richard Henderson cb2ce66814
target/riscv: Use --static-decode for decodetree
The generated functions are only used within translate.c
and do not need to be global, or declared.

Backports commit 81770255581bd210c57b86a6e808628ab8d0c543 from qemu
2019-05-28 18:45:23 -04:00
Richard Henderson d51505f6e9
target/riscv: Name the argument sets for all of insn32 formats
Backports commit e761799796ac2211b9706753c459e117e7be58fa from qemu
2019-05-28 18:36:53 -04:00
Fabien Chouteau 7e6d37b51d
RISC-V: fix single stepping over ret and other branching instructions
This patch introduces wrappers around the tcg_gen_exit_tb() and
tcg_gen_lookup_and_goto_ptr() functions that handle single stepping,
i.e. call gen_exception_debug() when single stepping is enabled.

Theses functions are then used instead of the originals, bringing single
stepping handling in places where it was previously ignored such as jalr
and system branch instructions (ecall, mret, sret, etc.).

Backports commit 6e2716d8ca4edf3597307accef7af36e8ad966eb from qemu
2019-05-28 18:35:07 -04:00
Jonathan Behrens 25c0333213
target/riscv: Do not allow sfence.vma from user mode
The 'sfence.vma' instruction is privileged, and should only ever be allowed
when executing in supervisor mode or higher.

Backports commit b86f4167630802128d94f3c89043d97d2f4c2546 from qemu
2019-05-28 18:29:46 -04:00
Richard Henderson dab0061a0d
tcg: Use CPUClass::tlb_fill in cputlb.c
We can now use the CPUClass hook instead of a named function.

Create a static tlb_fill function to avoid other changes within
cputlb.c. This also isolates the asserts within. Remove the
named tlb_fill function from all of the targets.

Backports commit c319dc13579a92937bffe02ad2c9f1a550e73973 from qemu
2019-05-16 17:35:37 -04:00
Richard Henderson e98c731550
target/riscv: Convert to CPUClass::tlb_fill
Note that env->pc is removed from the qemu_log as that value is garbage.
The PC isn't recovered until cpu_restore_state, called from
cpu_loop_exit_restore, called from riscv_raise_exception.

Backports commit 8a4ca3c10a96be6ed7f023b685b688c4d409bbcb from qemu
2019-05-16 17:24:01 -04:00
Markus Armbruster 1b2c8c44d5
Clean up ill-advised or unusual header guards
Leading underscores are ill-advised because such identifiers are
reserved. Trailing underscores are merely ugly. Strip both.

Our header guards commonly end in _H. Normalize the exceptions.

Done with scripts/clean-header-guards.pl.

Backports commit a8b991b52dcde75ab5065046653626951aac666d from qemu
2019-05-14 08:02:53 -04:00
Lioncash a71c027063
decodetree: Add DisasContext argument to !function expanders
This does require adjusting all existing users.

Backports commit 451e4ffdb0003ab5ed0d98bd37b385c076aba183 from qemu
2019-05-09 17:40:45 -04:00
Richard Henderson bca82cde84
tcg: Hoist max_insns computation to tb_gen_code
In order to handle TB's that translate to too much code, we
need to place the control of the length of the translation
in the hands of the code gen master loop.

Backports commit 8b86d6d25807e13a63ab6ea879f976b9f18cc45a from qemu
2019-04-30 09:49:57 -04:00