Commit graph

81 commits

Author SHA1 Message Date
Hesham Almatary e8edd4d109
RISC-V: Raise access fault exceptions on PMP violations
Section 3.6 in RISC-V v1.10 privilege specification states that PMP violations
report "access exceptions." The current PMP implementation has
a bug which wrongly reports "page exceptions" on PMP violations.

This patch fixes this bug by reporting the correct PMP access exceptions
trap values.

Backports commit 635b0b0ea39a13d1a3df932452e5728aebbb3f6e from qemu
2019-08-08 16:50:57 -04:00
Hesham Almatary f597727171
RISC-V: Only Check PMP if MMU translation succeeds
The current implementation unnecessarily checks for PMP even if MMU translation
failed. This may trigger a wrong PMP access exception instead of
a page exception.

For example, the very first instruction fetched after the first satp write in
S-Mode will trigger a PMP access fault instead of an instruction fetch page
fault.

This patch prioritises MMU exceptions over PMP exceptions and only checks for
PMP if MMU translation succeeds. This patch is required for future commits
that properly report PMP exception violations if PTW succeeds.

Backports commit e0f8fa72deba7ac7a7ae06ba25e6498aaad93ace from qemu
2019-08-08 16:49:06 -04:00
Michael Clark 6ab36ed89e
target/riscv: Implement riscv_cpu_unassigned_access
This patch adds support for the riscv_cpu_unassigned_access call
and will raise a load or store access fault.

Backports commit cbf5827693addaff4e4d2102afedbf078a204eb2 from qemu
2019-08-08 16:48:02 -04:00
Dayeol Lee 6528c78fd5
target/riscv: Fix PMP range boundary address bug
A wrong address is passed to `pmp_is_in_range` while checking if a
memory access is within a PMP range.
Since the ending address of the pmp range (i.e., pmp_state.addr[i].ea)
is set to the last address in the range (i.e., pmp base + pmp size - 1),
memory accesses containg the last address in the range will always fail.

For example, assume that a PMP range is 4KB from 0x87654000 such that
the last address within the range is 0x87654fff.
1-byte access to 0x87654fff should be considered to be fully inside the
PMP range.
However the access now fails and complains partial inclusion because
pmp_is_in_range(env, i, addr + size) returns 0 whereas
pmp_is_in_range(env, i, addr) returns 1.

Backports commit 49db9fa1fd7c252596b53cf80876e06f407d09ed from qemu
2019-08-08 16:42:24 -04:00
Richard Henderson 8f53f09a05
cpu: Introduce CPUNegativeOffsetState
Nothing in there so far, but all of the plumbing done
within the target ArchCPU state.

Backports commit 5b146dc716cfd247f99556c04e6e46fbd67565a0 from qemu
2019-06-13 15:08:25 -04:00
Richard Henderson a672b89e3b
cpu: Introduce cpu_set_cpustate_pointers
Consolidate some boilerplate from foo_cpu_initfn.

Backports commit 7506ed902eb97fe4e2a1dd16766c621d32ecc40d from qemu
2019-06-12 12:27:16 -04:00
Richard Henderson ac176ccb38
cpu: Move ENV_OFFSET to exec/gen-icount.h
Now that we have ArchCPU, we can define this generically,
in the one place that needs it.

Backports commit 677c4d69ac21961e76a386f9bfc892a44923acc0 from qemu
2019-06-12 12:20:21 -04:00
Richard Henderson 47b797f1bb
target/riscv: Use env_cpu, env_archcpu
Cleanup in the boilerplate that each target must define.
Replace riscv_env_get_cpu with env_archcpu. The combination
CPU(riscv_env_get_cpu) should have used ENV_GET_CPU to begin;
use env_cpu now.

Backports commit 3109cd98a6c0c618189b38a83a8aa29cb20acbce from qemu
2019-06-12 12:06:19 -04:00
Richard Henderson fbf91a6535
cpu: Replace ENV_GET_CPU with env_cpu
Now that we have both ArchCPU and CPUArchState, we can define
this generically instead of via macro in each target's cpu.h.

Backports commit 29a0af618ddd21f55df5753c3e16b0625f534b3c from qemu
2019-06-12 11:16:16 -04:00
Richard Henderson ae94fb5992
cpu: Define ArchCPU
For all targets, do this just before including exec/cpu-all.h.

Backports commit 2161a612b4e1d388046320bc464adefd6bba01a0 from qemu
2019-06-12 11:08:39 -04:00
Richard Henderson e3f1f25996
cpu: Define CPUArchState with typedef
For all targets, do this just before including exec/cpu-all.h.

Backports commit 4f7c64b3819d559417615ed2b1d028ebc1a49580 from qemu
2019-06-12 11:06:36 -04:00
Markus Armbruster 5e5197b136
Supply missing header guards
Backports applicable parts of commit
f91005e195e7e1485e60cb121731589960f1a3c9 from qemu
2019-06-12 10:59:10 -04:00
Richard Henderson df2a890bd7
tcg: Split out target/arch/cpu-param.h
For all targets, into this new file move TARGET_LONG_BITS,
TARGET_PAGE_BITS, TARGET_PHYS_ADDR_SPACE_BITS,
TARGET_VIRT_ADDR_SPACE_BITS, and NB_MMU_MODES.

Include this new file from exec/cpu-defs.h.

This now removes the somewhat odd requirement that target/arch/cpu.h
defines TARGET_LONG_BITS before including exec/cpu-defs.h, so push the
bulk of the includes within target/arch/cpu.h to the top.

Backports commit 74433bf083b0766aba81534f92de13194f23ff3e from qemu
2019-06-10 19:35:46 -04:00
Jonathan Behrens 1d6acaa604
target/riscv: Only flush TLB if SATP.ASID changes
There is an analogous change for ARM here:
https://patchwork.kernel.org/patch/10649857

Backports commit 1e0d985fa9136a563168a3da66f3d17820404ee2 from qemu
2019-05-28 19:22:51 -04:00
Jonathan Behrens 7922aa54c0
target/riscv: More accurate handling of CSR
According to the spec, "All bits besides SSIP, USIP, and UEIP in the sip
register are read-only." Further, if an interrupt is not delegated to mode x,
then "the corresponding bits in xip [...] should appear to be hardwired to
zero. This patch implements both of those requirements.

Backports commit 087b051a51a0c2a5bc1e8d435a484a8896b4176b from qemu
2019-05-28 19:22:04 -04:00
Richard Henderson d1ad8bf44c
target/riscv: Add checks for several RVC reserved operands
C.ADDI16SP, C.LWSP, C.JR, C.ADDIW, C.LDSP all have reserved
operands that were not diagnosed.

Backports commit 4cc16b3b9282e04fab8e84d136540757e82af019 from qemu
2019-05-28 19:20:36 -04:00
Alistair Francis aca20201d4
target/riscv: Add the HGATP register masks
Backports commit e06431108b0b1ef6ca76398d2b0b792ea24ae6bc from qemu
2019-05-28 19:19:00 -04:00
Alistair Francis 294297b646
target/riscv: Add the HSTATUS register masks
Backports commit d28b15a4d3b1e000ec7bf9090fe870cbc5f1eb2c from qemu
2019-05-28 19:18:28 -04:00
Alistair Francis 2e6d11ee47
target/riscv: Add Hypervisor CSR macros
Add the 1.10.1 Hypervisor CSRs and remove the 1.9.1 spec versions.

Backports commit 71f09a5bb48d0c51b87e70158407ec2db4a9c6e2 from qemu
2019-05-28 19:17:54 -04:00
Alistair Francis 47e4e047bc
target/riscv: Allow setting mstatus virtulisation bits
Backports commit 1f0419cb0475eebdbefea67483e85287f3af07a7 from qemu
2019-05-28 19:17:18 -04:00
Alistair Francis c64f57c360
target/riscv: Add the MPV and MTL mstatus bits
Backports commit 49aaa3e534f5422a56313bb93c1880e70fc1da7e from qemu
2019-05-28 19:15:33 -04:00
Alistair Francis b44de569f0
target/riscv: Improve the scause logic
No functional change, just making the code easier to read.

Backports commit 16fdb8ff64374ed51b246437e13043039a8eb9f9 from qemu
2019-05-28 19:14:44 -04:00
Alistair Francis 4b0355dcfc
target/riscv: Mark privilege level 2 as reserved
Backports commit 356d74192a035c71a78a22d24812a6df6099ae40 from qemu
2019-05-28 19:12:10 -04:00
Alistair Francis ea2fee2d4d
target/riscv: Add a base 32 and 64 bit CPU
At the same time deprecate the ISA string CPUs.

It is dobtful anyone specifies the CPUs, but we are keeping them for the
Spike machine (which is about to be depreated) so we may as well just
mark them as deprecated.

Backports commit 8903bf6e6d73d03b988b4a8197132de2ad681ff5 from qemu
2019-05-28 19:11:12 -04:00
Richard Henderson 9c1212f627
target/riscv: Remove spaces from register names
These extra spaces make the "-d op" dump look weird.

Backports commit 7f9188e210aff6522a960d9669a583a3a752ddc0 from qemu
2019-05-28 19:08:50 -04:00
Richard Henderson 68ce00ac2f
target/riscv: Split gen_arith_imm into functional and temp
The tcg_gen_fooi_tl functions have some immediate constant
folding built in, which match up with some of the riscv asm
builtin macros, like mv and not.

Backports commit 598aa1160c3d17ab9271daf1f69d093ebada3f25 from qemu
2019-05-28 19:07:53 -04:00
Richard Henderson a62b4e5def
target/riscv: Split RVC32 and RVC64 insns into separate files
This eliminates all functions in insn_trans/trans_rvc.inc.c,
so the entire file can be removed.

Backports commit 0e68e240a9bd3b44a91cd6012f0e2bf2a43b9fe2 from qemu
2019-05-28 19:00:23 -04:00
Richard Henderson a968769d26
target/riscv: Use pattern groups in insn16.decode
This eliminates about half of the complicated decode
bits within insn_trans/trans_rvc.inc.c.

Backports commit c2cfb97c01a3636867c1a4a24f8a99fd8c6bed28 from qemu
2019-05-28 18:55:28 -04:00
Richard Henderson 8360c1fa3b
target/riscv: Merge argument decode for RVC shifti
Special handling for IMM==0 is the only difference between
RVC shifti and RVI shifti. This can be handled with !function.

Backports commit 6cafec92f1c862a9754ef6a28be68ba7178a284d from qemu
2019-05-28 18:52:50 -04:00
Richard Henderson dc087c4c0c
target/riscv: Merge argument sets for insn32 and insn16
In some cases this allows us to directly use the insn32
translator function. In some cases we still need a shim.

Backports commit e1d455dd91c935c714412dafeb24db947429a929 from qemu
2019-05-28 18:50:48 -04:00
Richard Henderson cb2ce66814
target/riscv: Use --static-decode for decodetree
The generated functions are only used within translate.c
and do not need to be global, or declared.

Backports commit 81770255581bd210c57b86a6e808628ab8d0c543 from qemu
2019-05-28 18:45:23 -04:00
Richard Henderson d51505f6e9
target/riscv: Name the argument sets for all of insn32 formats
Backports commit e761799796ac2211b9706753c459e117e7be58fa from qemu
2019-05-28 18:36:53 -04:00
Fabien Chouteau 7e6d37b51d
RISC-V: fix single stepping over ret and other branching instructions
This patch introduces wrappers around the tcg_gen_exit_tb() and
tcg_gen_lookup_and_goto_ptr() functions that handle single stepping,
i.e. call gen_exception_debug() when single stepping is enabled.

Theses functions are then used instead of the originals, bringing single
stepping handling in places where it was previously ignored such as jalr
and system branch instructions (ecall, mret, sret, etc.).

Backports commit 6e2716d8ca4edf3597307accef7af36e8ad966eb from qemu
2019-05-28 18:35:07 -04:00
Jonathan Behrens 25c0333213
target/riscv: Do not allow sfence.vma from user mode
The 'sfence.vma' instruction is privileged, and should only ever be allowed
when executing in supervisor mode or higher.

Backports commit b86f4167630802128d94f3c89043d97d2f4c2546 from qemu
2019-05-28 18:29:46 -04:00
Richard Henderson dab0061a0d
tcg: Use CPUClass::tlb_fill in cputlb.c
We can now use the CPUClass hook instead of a named function.

Create a static tlb_fill function to avoid other changes within
cputlb.c. This also isolates the asserts within. Remove the
named tlb_fill function from all of the targets.

Backports commit c319dc13579a92937bffe02ad2c9f1a550e73973 from qemu
2019-05-16 17:35:37 -04:00
Richard Henderson e98c731550
target/riscv: Convert to CPUClass::tlb_fill
Note that env->pc is removed from the qemu_log as that value is garbage.
The PC isn't recovered until cpu_restore_state, called from
cpu_loop_exit_restore, called from riscv_raise_exception.

Backports commit 8a4ca3c10a96be6ed7f023b685b688c4d409bbcb from qemu
2019-05-16 17:24:01 -04:00
Markus Armbruster 1b2c8c44d5
Clean up ill-advised or unusual header guards
Leading underscores are ill-advised because such identifiers are
reserved. Trailing underscores are merely ugly. Strip both.

Our header guards commonly end in _H. Normalize the exceptions.

Done with scripts/clean-header-guards.pl.

Backports commit a8b991b52dcde75ab5065046653626951aac666d from qemu
2019-05-14 08:02:53 -04:00
Lioncash a71c027063
decodetree: Add DisasContext argument to !function expanders
This does require adjusting all existing users.

Backports commit 451e4ffdb0003ab5ed0d98bd37b385c076aba183 from qemu
2019-05-09 17:40:45 -04:00
Richard Henderson bca82cde84
tcg: Hoist max_insns computation to tb_gen_code
In order to handle TB's that translate to too much code, we
need to place the control of the length of the translation
in the hands of the code gen master loop.

Backports commit 8b86d6d25807e13a63ab6ea879f976b9f18cc45a from qemu
2019-04-30 09:49:57 -04:00
Kito Cheng 5a7ad783e9
target/riscv: Fix wrong expanding for c.fswsp
base register is no rs1 not rs2 for fsw.

Backports commit 620455350a8da7cc62ae82cb69dd5c556f744136 from qemu
2019-03-26 20:39:34 -04:00
Palmer Dabbelt fc662c281a
target/riscv: Zero extend the inputs of divuw and remuw
While running the GCC test suite against 4.0.0-rc0, Kito found a
regression introduced by the decodetree conversion that caused divuw and
remuw to sign-extend their inputs. The ISA manual says they are
supposed to be zero extended:

DIVW and DIVUW instructions are only valid for RV64, and divide the
lower 32 bits of rs1 by the lower 32 bits of rs2, treating them as
signed and unsigned integers respectively, placing the 32-bit
quotient in rd, sign-extended to 64 bits. REMW and REMUW
instructions are only valid for RV64, and provide the corresponding
signed and unsigned remainder operations respectively. Both REMW
and REMUW always sign-extend the 32-bit result to 64 bits, including
on a divide by zero.

Here's Kito's reduced test case from the GCC test suite

unsigned calc_mp(unsigned mod)
{
unsigned a,b,c;
c=-1;
a=c/mod;
b=0-a*mod;
if (b > mod) { a += 1; b-=mod; }
return b;
}

int main(int argc, char *argv[])
{
unsigned x = 1234;
unsigned y = calc_mp(x);

if ((sizeof (y) == 4 && y != 680)
|| (sizeof (y) == 2 && y != 134))
abort ();
exit (0);
}

I haven't done any other testing on this, but it does fix the test case.

Backports commit f17e02cd3731bdfe2942d1d0b2a92f26da02408c from qemu
2019-03-26 20:38:17 -04:00
Alistair Francis a9cc62cb23
target/riscv: Remove unused struct
Backports commit 6b745d4fada5c73db44f596a62e29a5dbe3fc53f from qemu
2019-03-19 23:58:31 -04:00
Michael Clark b247ee234d
RISC-V: Update load reservation comment in do_interrupt
Backports commit d9360e96885dbd69ce4aa925d1701c7a10cf54ae from qemu
2019-03-19 23:58:31 -04:00
Michael Clark d3dbcb6dfc
RISC-V: Add support for vectored interrupts
If vectored interrupts are enabled (bits[1:0]
of mtvec/stvec == 1) then use the following
logic for trap entry address calculation:

pc = mtvec + cause * 4

In addition to adding support for vectored interrupts
this patch simplifies the interrupt delivery logic
by making sync/async cause decoding and encoding
steps distinct.

The cause code and the sign bit indicating sync/async
is split at the beginning of the function and fixed
cause is renamed to cause. The MSB setting for async
traps is delayed until setting mcause/scause to allow
redundant variables to be eliminated. Some variables
are renamed for conciseness and moved so that decls
are at the start of the block.

Backports commit acbbb94e5730c9808830938e869d243014e2923a from qemu
2019-03-19 23:58:31 -04:00
Michael Clark 8ffa68e757
RISC-V: Change local interrupts from edge to level
This effectively changes riscv_cpu_update_mip
from edge to level. i.e. cpu_interrupt or
cpu_reset_interrupt are called regardless of
the current interrupt level.

Fixes WFI doesn't return when a IPI is issued:

- https://github.com/riscv/riscv-qemu/issues/132

To test:

1) Apply RISC-V Linux CPU hotplug patch:

- http://lists.infradead.org/pipermail/linux-riscv/2018-May/000603.html

2) Enable CONFIG_CPU_HOTPLUG in linux .config

3) Try to offline and online cpus:

echo 1 > /sys/devices/system/cpu/cpu2/online
echo 0 > /sys/devices/system/cpu/cpu2/online
echo 1 > /sys/devices/system/cpu/cpu2/online

Backports commit d26f5a423438e579d3ff0ca35e44edb966a36233 from qemu
2019-03-19 23:58:31 -04:00
Kito Cheng bd3e9ebaea
RISC-V: linux-user support for RVE ABI
This change checks elf_flags for EF_RISCV_RVE and if
present uses the RVE linux syscall ABI which uses t0
for the syscall number instead of a7.

Warn and exit if a non-RVE ABI binary is run on a
cpu with the RVE extension as it is incompatible.

Backports relevant parts of 5836c3eccedb6dfab16b8f606f2de24b8938b69c
from qemu
2019-03-19 23:58:31 -04:00
Michael Clark 2e0c040062
RISC-V: Allow interrupt controllers to claim interrupts
We can't allow the supervisor to control SEIP as this would allow the
supervisor to clear a pending external interrupt which will result in
lost a interrupt in the case a PLIC is attached. The SEIP bit must be
hardware controlled when a PLIC is attached.

This logic was previously hard-coded so SEIP was always masked even
if no PLIC was attached. This patch adds riscv_cpu_claim_interrupts
so that the PLIC can register control of SEIP. In the case of models
without a PLIC (spike), the SEIP bit remains software controlled.

This interface allows for hardware control of supervisor timer and
software interrupts by other interrupt controller models.

Backports commit e3e7039cc24ecf47d81c091e8bb04552d6564ad8 from qemu
2019-03-19 23:48:12 -04:00
Alistair Francis a4f2dcde28
riscv: pmp: Log pmp access errors as guest errors
Backports commit aad5ac2311f3ad2c0be12d0eaaf4ef4398438fc2 from qemu
2019-03-19 23:45:03 -04:00
Jim Wilson 65903cf9a4
RISC-V: Add debug support for accessing CSRs.
Add a debugger field to CPURISCVState. Add riscv_csrrw_debug function
to set it. Disable mode checks when debugger field true.

Backports commit 753e3fe207db08ce0ef0405e8452c3397c9b9308 from qemu
2019-03-19 23:42:48 -04:00
Jim Wilson 30ab335bb3
RISC-V: Fixes to CSR_* register macros.
This adds some missing CSR_* register macros, and documents some as being
priv v1.9.1 specific.

Backports commit 8e73df6aa3f2f0e5c26c03a94a88406616291815 from qemu
2019-03-19 23:39:49 -04:00