Commit graph

4428 commits

Author SHA1 Message Date
Peter Maydell 978cd9c524
target/arm: Make sure M-profile FPSCR RES0 bits are not settable
Enforce that for M-profile various FPSCR bits which are RES0 there
but have defined meanings on A-profile are never settable. This
ensures that M-profile code can't enable the A-profile behaviour
(notably vector length/stride handling) by accident.

Backports commit 5bcf8ed9401e62c73158ba110864ee1375558bf7 from qemu
2019-04-30 10:12:17 -04:00
Shahab Vahedi 7f59d62f4a
cputlb: Fix io_readx() to respect the access_type
This change adapts io_readx() to its input access_type. Currently
io_readx() treats any memory access as a read, although it has an
input argument "MMUAccessType access_type". This results in:

1) Calling the tlb_fill() only with MMU_DATA_LOAD
2) Considering only entry->addr_read as the tlb_addr

Buglink: https://bugs.launchpad.net/qemu/+bug/1825359

Backports commit ef5dae6805cce7b59d129d801bdc5db71bcbd60d from qemu
2019-04-30 10:11:11 -04:00
Richard Henderson 5847d833b2
tcg/arm: Restrict constant pool displacement to 12 bits
This will not necessarily restrict the size of the TB, since for v7
the majority of constant pool usage is for calls from the out-of-line
ldst code, which is already at the end of the TB. But this does
allow us to save one insn per reference on the off-chance.

Backports commit b4b82d7e9caff7ccca5c621817b5a4b8e95eb9b1 from qemu
2019-04-30 10:10:21 -04:00
Richard Henderson 187e80c9a5
tcg/ppc: Allow the constant pool to overflow at 32k
There is no point in coding for a 2GB offset when the max TB size
is already limited to 64k. If we further restrict to 32k then we
can eliminate the extra ADDIS instruction.

Backports commit a7cdaf710f2aaaf0be855a338dd67463d4bb99e2 from qemu
2019-04-30 10:08:18 -04:00
Richard Henderson 6145e3fdd7
tcg: Restart TB generation after out-of-line ldst overflow
This is part c of relocation overflow handling.

Backports commit aeee05f53a5d67304a521d2644dc0a607e3c8b28 from qemu
2019-04-30 10:06:53 -04:00
Richard Henderson 196631e0a4
tcg: Restart TB generation after constant pool overflow
This is part b of relocation overflow handling.

Backports commit 1768987b73fa7e23e58b7844abe5882490ff8e42 from qemu
2019-04-30 10:00:52 -04:00
Richard Henderson 45315fd8ef
tcg: Restart TB generation after relocation overflow
If the TB generates too much code, such that backend relocations
overflow, try again with a smaller TB. In support of this, move
relocation processing from a random place within tcg_out_op, in
the handling of branch opcodes, to a new function at the end of
tcg_gen_code.

This is not a complete solution, as there are additional relocs
generated for out-of-line ldst handling and constant pools.

Backports commit 7ecd02a06f8f4c0bbf872ecc15e37035b7e1df5f from qemu
2019-04-30 09:58:45 -04:00
Richard Henderson 434b3ab9ec
tcg: Restart after TB code generation overflow
If a TB generates too much code, try again with fewer insns.

Fixes: https://bugs.launchpad.net/bugs/1824853

Backports commit 6e6c4efed995d9eca6ae0cfdb2252df830262f50 from qemu
2019-04-30 09:52:57 -04:00
Richard Henderson bca82cde84
tcg: Hoist max_insns computation to tb_gen_code
In order to handle TB's that translate to too much code, we
need to place the control of the length of the translation
in the hands of the code gen master loop.

Backports commit 8b86d6d25807e13a63ab6ea879f976b9f18cc45a from qemu
2019-04-30 09:49:57 -04:00
Richard Henderson 2479bbd3b2
tcg/aarch64: Support INDEX_op_extract2_{i32,i64}
Backports commit 464c2969d5d7a0a5d38d2aa5d930986df876d3fb from qemu
2019-04-30 09:40:40 -04:00
Richard Henderson cbc5f919c2
tcg/arm: Support INDEX_op_extract2_i32
Backports commit 3b832d67a993968868f4087a9720a5c911e23f7a from qemu
2019-04-30 09:39:30 -04:00
Richard Henderson 0f20a26b36
tcg/i386: Support INDEX_op_extract2_{i32,i64}
Backports commit c6fb8c0cf704c4a1a48c3e99e995ad4c58150dab from qemu
2019-04-30 09:37:39 -04:00
Richard Henderson da39922c60
tcg: Use extract2 in tcg_gen_deposit_{i32,i64}
Backports commit b0a6056719b4a409a5699d11bbfdf79301417221 from qemu
2019-04-30 09:35:49 -04:00
Richard Henderson 948635602c
tcg: Use deposit and extract2 in tcg_gen_shifti_i64
Backports commit 02616bad6f0788652deaca9a48d0dfa7716ff87a from qemu
2019-04-30 09:33:44 -04:00
Richard Henderson 269fa0daba
tcg: Add INDEX_op_extract2_{i32,i64}
This will let backends implement the double-word shift operation.

Backports commit fce1296f135669eca85dc42154a2a352c818ad76 from qemu
2019-04-30 09:29:05 -04:00
David Hildenbrand 458942d94e
tcg: Implement tcg_gen_extract2_{i32,i64}
Will be helpful for s390x. Input 128 bit and output 64 bit only,
which is sufficient for now.

Backports commit 2089fcc9e7b4174d1c351eaa7d277c02188a6dd2 from qemu
2019-04-30 09:20:45 -04:00
Stanislav Lanci 64f51949a7
Pass through cache information for TOPOEXT CPUs
Backports commit a4e0b436f44a4bb47ed4a75b0c05d2547cf12b1c from qemu
2019-04-30 09:15:25 -04:00
Pu Wen 4bbf02a5f6
i386: Add new Hygon 'Dhyana' CPU model
Add a new base CPU model called 'Dhyana' to model processors from Hygon
Dhyana(family 18h), which derived from AMD EPYC(family 17h).

The following features bits have been removed compare to AMD EPYC:
aes, pclmulqdq, sha_ni

The Hygon Dhyana support to KVM in Linux is already accepted upstream[1].
So add Hygon Dhyana support to Qemu is necessary to create Hygon's own
CPU model.

Reference:
[1] https://git.kernel.org/tip/fec98069fb72fb656304a3e52265e0c2fc9adf87

Backports commit 8d031cec366f26669807eb43f61eb335973b7053 from qemu
2019-04-30 09:13:55 -04:00
Lioncash f6911ea73d
target/arm: Handle AArch32 CRC instructions 2019-04-27 10:50:25 -04:00
Lioncash c3df12e534
target/arm/translate: Synchronize with Qemu 2019-04-27 10:13:01 -04:00
Lioncash 9dfe2b527b
cpu-exec: Synchronize with qemu 2019-04-26 16:07:51 -04:00
Lioncash 5daabe55a4
cputlb: Synchronize with qemu
Synchronizes the code with Qemu to reduce a few differences.
2019-04-26 15:48:45 -04:00
Lioncash ef9e607e1c
qemu: Update bitmap.c/.h
Keeps it up to date with Qemu.
2019-04-26 13:05:55 -04:00
Lioncash f0c271ca2f
tcg: Correct special-cased brcond handling 2019-04-26 10:25:46 -04:00
Lioncash 4a64ebf95e
tcg: Synchronize with qemu 2019-04-26 09:32:20 -04:00
Lioncash 3996153514
tcg: Synchronize with qemu 2019-04-26 08:48:32 -04:00
Lioncash 006a13026a
tcg: Remove inconsistent g_strdup usage
The ts's name was allocated with strdup, but ts2's was being done with
g_strdup. Makes them consistent with upstream Qemu.
2019-04-26 08:48:32 -04:00
Lioncash 6d80445fe1
unicorn_arm: Treat registers as unsigned values in casts
It isn't particularly advisable to treat these as signed values, given
the registers themselves have no notion of signedness associated with
them.
2019-04-26 08:48:31 -04:00
Lioncash f419015aa3
unicorn_arm: Don't steamroll CPSR bits defined as RAZ/SBZP
Prevents bits from being set that should always read as zero according
to the ARM architecture reference manual.
2019-04-26 08:47:50 -04:00
Peter Maydell 8b2a0554cf
Open 4.1 development tree
Backports commit 85947dafad13ef8aea02eef2b058ee7aee47ab3e from qemu
2019-04-24 11:59:00 -04:00
Peter Maydell b62ab65eca
Update version for v4.0.0 release
Backports commit 131b9a05705636086699df15d4a6d328bb2585e8 from qemu
2019-04-24 11:58:36 -04:00
Lioncash 70836028eb
exec/helper-*: Synchronize with qemu 2019-04-22 08:22:49 -04:00
Lioncash 0379335677
cpu_ldst: Remove unused macros 2019-04-22 08:17:20 -04:00
Peter Maydell ff9c67b8f0
cpu_ldst.h: Don't define helpers if MMU_MODE*_SUFFIX not defined
Not all targets define a full set of suffix strings for the
NB_MMU_MODES that they have. In this situation, don't define any
helper functions for that mode, rather than defining helper functions
with no suffix at all. The MMU mode is still functional; it is merely
not directly accessible via cpu_ld*_MODE from target helper functions.

Also add an "NB_MMU_MODES >= 2" check to the definition of the mode 1
helpers -- some targets only define one MMU mode.

Backports commit de5ee4a888667ca0a198f0743d70075d70564117 from qemu
2019-04-22 07:44:32 -04:00
Lioncash e75b32ca4b
cpu_ldst.h, cpu-all.h, bswap.h: Update documentation on ld/st accessors
Add documentation of what the cpu_*_* accessors look like.
Correct some minor errors in the existing documentation of the
direct _p accessor family. Remove the near-duplicate comment
on the _p accessors from cpu-all.h and replace it with a reference
to the comment in bswap.h.

Backports commit db5fd8d709fd57f4d4f11edfca9f421f657f4508 from qemu
2019-04-22 07:39:13 -04:00
Peter Maydell 84eafc0cf6
cpu_ldst_template.h: Drop unused cpu_ldfq/stfq/ldfl/stfl accessors
The cpu_ldfq/stfq/ldfl/stfl accessors for loading and storing
float32 and float64 are completely unused, so delete them.
(The union they use for converting from the float32/float64
type to uint32_t or uint64_t is the wrong way to do it anyway:
they should be using make_float* and float*_val.)

Backports commit 82f11917c99e3c7fa3d6aa98572ecc98c7324c2f from qemu
2019-04-22 07:21:03 -04:00
Peter Maydell 32650e7816
cpu_ldst.h: Drop unused _raw macros, saddr() and laddr()
The _raw macros and their helpers saddr() and laddr() are now
totally unused -- delete them.

Backports commit 800e2ecc896beb6b79e7333c762da163b6a9135a from qemu
2019-04-22 07:19:20 -04:00
Peter Maydell f1a1f3c642
cpu_ldst_template.h: Use ld*_p directly rather than via ld*_raw macros
The ld*_raw and st*_raw macros are now only used within the code
produced by cpu_ldst_template.h, and only in three places.
Expand these out to just call the ld_p and st_p functions directly.

Note that in all the callsites the address argument is a uintptr_t,
so we can drop that part of the double-cast used in the saddr() and
laddr() macros.

Backports commit 355392329e4a843580e53cb027ed85e0cbebb640 from qemu
2019-04-22 07:11:50 -04:00
Peter Maydell 1a880ef99b
cpu_ldst.h: Use inline functions for usermode cpu_ld/st accessors
Use inline functions rather than macros for cpu_ld/st accessors
for the *-user configurations, as we already do for softmmu.
This has a two advantages:
* we can actually typecheck our arguments
* we don't need to leak the _raw macros everywhere

Since the _kernel functions were only used by target-i386/seg_helper.c,
put the definitions for them in that file too. (It already has the
similar template include code to define them for the softmmu case,
so it makes sense to have it deal with defining them for user-only.)

Backports commit 9220fe54c679d145232a28df6255e166ebf91bab from qemu
2019-04-22 07:08:39 -04:00
Peter Maydell 4fe3b4f95c
cpu_ldst.h: Remove unused very short ld*/st* defines
The very short ld*/st* defines are now not used anywhere; delete them.

Backports commit 177ea79f65c90b3bc84d59565b7519e47ea02f63 from qemu
2019-04-22 06:57:28 -04:00
Peter Maydell 36cd9f0df0
cpu_ldst.h: Drop unused ld/st*_kernel defines
The ld*_kernel and st*_kernel defines are not used anywhere;
delete them.

Backports commit 5a0826f7d2f9bea6e02157985b103d0a4c458aaa from qemu
2019-04-22 06:54:26 -04:00
Lioncash 830756a725
gen-icount: Use tcg_ctx where applicable in commented out code
If this is ever used in the future, it'll already be able to be used.
2019-04-22 06:17:10 -04:00
Lioncash d844d7cc9d
exec: Backport tb_cflags accessor 2019-04-22 06:12:59 -04:00
Lioncash 9f0e469142
gen-icount: Synchronize with qemu 2019-04-22 05:53:46 -04:00
Lioncash 96c52ea053
tcg: Synchronize with qemu 2019-04-22 02:03:01 -04:00
Lioncash 14f1cb03e9
target/arm/unicorn_arm: Get rid of magic constants where applicable 2019-04-19 20:23:41 -04:00
Lioncash 8ebb8f9fec
memory: Extract memory region freeing code to a common function
Makes deallocation behavior consistent and also fixes a memory leak
where the name of the region would be neglected to be freed.
2019-04-19 18:44:28 -04:00
Lioncash 7de690e87c
memory: Use a uint64_t instead of target_ulong for representing the incremented address
Prevents an infinite loop case if mapping near the upper boundary of an
address space on 32-bit emulated targets. i.e. mapping at 0xFFFFF000
with a size of 4096 won't overflow back to zero.

While we're at it, also tidy up the unicorn-specific functions.
2019-04-19 18:32:28 -04:00
Lioncash 5968b3d96f
target/arm: Synchronize with qemu 2019-04-19 15:31:18 -04:00
Lioncash ccf16bc572
softmmu_template: Fix invalid argument to tlb_fill in helper_be_st_name
This should be passing in the page2 value like in the little-endian
handler.
2019-04-18 08:43:14 -04:00
Lioncash bf6dfeb175
target/arm/translate: Synchronize with qemu
Backports a few other missing pieces from mainline qemu.
2019-04-18 06:22:36 -04:00
Lioncash 5b062dacf2
target/arm: Simplify and correct thumb instruction tracing
This wasn't subtracting the size of the instruction off the PC like how
the ARM mode tracing was performing the tracing. This simplifies it and
makes the behavior identical.
2019-04-18 06:00:15 -04:00
Lioncash 5d6ddec7fb
target/arm/translate: Subtract PC value properly for thumb tracecode calls 2019-04-18 05:44:48 -04:00
Lioncash b9d1002609
tcg-op: Make sure to free temporaries within gen_uc_tracecode()
After the helper is generated, these are no longer needed and can be
reclaimed.
2019-04-18 05:40:48 -04:00
Lioncash e579832dcb
tcg: Synchronize with qemu 2019-04-18 04:57:19 -04:00
Lioncash 3521e72580
target/arm: Sychronize with qemu
Synchronizes with bits and pieces that were missed due to merging
incorrectly (sorry :<)
2019-04-18 04:49:11 -04:00
Peter Maydell 753b6601c5
Update version for v4.0.0-rc4 release
Backports commit eeba63fc7fface36f438bcbc0d3b02e7dcb59983 from qemu
2019-04-16 22:39:02 -04:00
Lukas Dresel 4b94a8cc44
support for YMM registers ymm8-ymm15 (#1079)
Backports 55d8d073bd80935e807289ae2ff6161145a2afb6 from qemu
2019-04-16 06:35:41 -04:00
Lioncash 5de5b69344
target/i386: Fix compilation of the x86 target
Thanks to @rk700 for reporting it.
2019-04-16 06:29:06 -04:00
Lioncash ddcf400955
arm: Always enable access to coprocessors initially
Allows non-AArch64 environments to always access coprocessors initially.
Removes the need to do avoidable register management when testing
floating-point code.
2019-04-13 19:49:43 -04:00
Peter Maydell 5bcb1e13ab
Update version for v4.0.0-rc3 release
Backports commit 532cc6da74ec25b5ba6893b5757c977d54582949 from qemu
2019-04-10 15:00:31 -04:00
Peter Maydell 3ff38c2402
include/qemu/bswap.h: Use __builtin_memcpy() in accessor functions
In the accessor functions ld*_he_p() and st*_he_p() we use memcpy()
to perform a load or store to a pointer which might not be aligned
for the size of the type. We rely on the compiler to optimize this
memcpy() into an efficient load or store instruction where possible.
This is required for good performance, but at the moment it is also
required for correct operation, because some users of these functions
require that the access is atomic if the pointer is aligned, which
will only be the case if the compiler has optimized out the memcpy().
(The particular example where we discovered this is the virtio
vring_avail_idx() which calls virtio_lduw_phys_cached() which
eventually ends up calling lduw_he_p().)

Unfortunately some compile environments, such as the fortify-source
setup used in Alpine Linux, define memcpy() to a wrapper function
in a way that inhibits this compiler optimization.

The correct long-term fix here is to add a set of functions for
doing atomic accesses into AddressSpaces (and to other relevant
families of accessor functions like the virtio_*_phys_cached()
ones), and make sure that callsites which want atomic behaviour
use the correct functions.

In the meantime, switch to using __builtin_memcpy() in the
bswap.h accessor functions. This will make us robust against things
like this fortify library in the short term. In the longer term
it will mean that we don't end up with these functions being really
badly-performing even if the semantics of the out-of-line memcpy()
are correct.
2019-04-10 14:57:52 -04:00
Peter Maydell 6b413ffa97
target/i386: Generate #UD for LOCK on a register increment
Fix a TCG crash due to attempting an atomic increment
operation without having set up the address first.
This is a similar case to that dealt with in commit
e84fcd7f662a0d8198703, and we fix it in the same way.

Fixes: https://bugs.launchpad.net/qemu/+bug/1807675

Backports commit 8cb2ca3d7479748587313f0b34034a3f8aa08c92 from qemu
2019-04-09 09:28:46 -04:00
Peter Maydell 1a50ee5826
Update version for v4.0.0-rc2 release
Backports commit 061b51e9195670e9d190cdec46fabcb3c77763fb from qemu
2019-04-03 10:02:46 -04:00
Paolo Bonzini b4dd8afa14
config-all-devices.mak: rebuild on reconfigure
This ensures that softmmu directories are culled after a
"./configure --target-list=x86_64-linux-user".

Backports commit b7c11e574977a0addfbbdb89377c6f52affe64ec from qemu
2019-03-29 19:31:32 -04:00
Singh, Brijesh 54b9701799
memory: Fix the memory region type assignment order
Currently, a callback registered through the RAMBlock notifier
is not able to get the memory region type (i.e callback is not
able to use memory_region_is_ram_device function). This is
because mr->ram assignment happens _after_ the memory is allocated
whereas the callback is executed during allocation.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1667249

Backports commit 2ddb89b00f947f785c9ca6742f28f954e3b75e62 from qemu
2019-03-29 19:28:41 -04:00
Peter Maydell d57c77afcf
Update version for v4.0.0-rc1 release
Backports commit 49fc899f8d673dd9e73f3db0d9e9ea60b77c331b from qemu
2019-03-26 20:44:04 -04:00
Richard Henderson f5cb1a5865
target/arm: Set SIMDMISC and FPMISC for 32-bit -cpu max
Fixes: https://bugs.launchpad.net/bugs/1821430

Backports commit c8877d0f2f662bf01346a03bc9fd279954b4132d from qemu
2019-03-26 20:41:01 -04:00
Kito Cheng 5a7ad783e9
target/riscv: Fix wrong expanding for c.fswsp
base register is no rs1 not rs2 for fsw.

Backports commit 620455350a8da7cc62ae82cb69dd5c556f744136 from qemu
2019-03-26 20:39:34 -04:00
Palmer Dabbelt fc662c281a
target/riscv: Zero extend the inputs of divuw and remuw
While running the GCC test suite against 4.0.0-rc0, Kito found a
regression introduced by the decodetree conversion that caused divuw and
remuw to sign-extend their inputs. The ISA manual says they are
supposed to be zero extended:

DIVW and DIVUW instructions are only valid for RV64, and divide the
lower 32 bits of rs1 by the lower 32 bits of rs2, treating them as
signed and unsigned integers respectively, placing the 32-bit
quotient in rd, sign-extended to 64 bits. REMW and REMUW
instructions are only valid for RV64, and provide the corresponding
signed and unsigned remainder operations respectively. Both REMW
and REMUW always sign-extend the 32-bit result to 64 bits, including
on a divide by zero.

Here's Kito's reduced test case from the GCC test suite

unsigned calc_mp(unsigned mod)
{
unsigned a,b,c;
c=-1;
a=c/mod;
b=0-a*mod;
if (b > mod) { a += 1; b-=mod; }
return b;
}

int main(int argc, char *argv[])
{
unsigned x = 1234;
unsigned y = calc_mp(x);

if ((sizeof (y) == 4 && y != 680)
|| (sizeof (y) == 2 && y != 134))
abort ();
exit (0);
}

I haven't done any other testing on this, but it does fix the test case.

Backports commit f17e02cd3731bdfe2942d1d0b2a92f26da02408c from qemu
2019-03-26 20:38:17 -04:00
Andrew Jones 8719b3edb3
target/arm: make pmccntr_op_start/finish static
These functions are not used outside helper.c

Backports commit f2b2f53f6429b5abd7cd86bd65747f5f13e195eb from qemu
2019-03-26 20:35:34 -04:00
Andrew Jones 6482182ba5
target/arm: cortex-a7 and cortex-a15 have pmus
cortex-a7 and cortex-a15 have pmus (PMUv2) and they advertise
them in ID_DFR0. Let's allow them to function. This also enables
the pmu cpu property to work with these cpu types, i.e. we can
now do '-cpu cortex-a15,pmu=off' to remove the pmu.

Backports commit a46118fc16537a593119e5b316052a98514046bb from qemu
2019-03-26 20:34:11 -04:00
Andrew Jones 3c50e72c40
target/arm: fix crash on pmu register access
Fix a QEMU NULL derefence that occurs when the guest attempts to
enable PMU counters with a non-v8 cpu model or a v8 cpu model
which has not configured a PMU.

Backports commit cbbb3041fe2f57a475cef5d6b0ef836118aad106 from qemu
2019-03-26 20:32:49 -04:00
Richard Henderson 2427ace0c0
target/arm: Fix non-parallel expansion of CASP
The second word has been loaded from the unincremented
address since the first commit.

Backports commit a036f5302c13634f3d375615b2949fd1fa1657b6 from qemu
2019-03-26 20:31:01 -04:00
Eduardo Habkost df51e8bbb3
i386: Disable OSPKE on CPU model definitions
Currently, the Cascadelake-Server, Icelake-Client, and
Icelake-Server are always generating the following warning:

qemu-system-x86_64: warning: \
host doesn't support requested feature: CPUID.07H:ECX [bit 4]

This happens because OSPKE was never returned by
GET_SUPPORTED_CPUID or x86_cpu_get_supported_feature_word().
OSPKE is a runtime flag automatically set by the KVM module or by
TCG code, was always cleared by x86_cpu_filter_features(), and
was not supposed to appear on the CPU model table.

Remove the OSPKE flag from the CPU model table entries, to avoid
the bogus warning and avoid returning invalid feature data on
query-cpu-* QMP commands. As OSPKE was always cleared by
x86_cpu_filter_features(), this won't have any guest-visible
impact.

Include a test case that should detect the problem if we introduce
a similar bug again.

Fixes: c7a88b52f62b ("i386: Add new model of Cascadelake-Server")
Fixes: 8a11c62da914 ("i386: Add new CPU model Icelake-{Server,Client}")

Backports commit bb4928c7cafe50ab2137a0034e350ef1bfa044d9 from qemu
2019-03-22 09:46:44 -04:00
Eduardo Habkost a71df717c9
i386: Make arch_capabilities migratable
Now that kvm_arch_get_supported_cpuid() will only return
arch_capabilities if QEMU is able to initialize the MSR properly,
we know that the feature is safely migratable.

Backports commit 014018e19b3c54dd1bf5072bc912ceffea40abe8 from qemu
2019-03-22 09:45:43 -04:00
Peter Maydell db02d0b733
Update version for v4.0.0-rc0 release
Backports commit 62a172e6a77d9072bb1a18f295ce0fcf4b90a4f2 from qemu
2019-03-19 23:58:31 -04:00
Alistair Francis a9cc62cb23
target/riscv: Remove unused struct
Backports commit 6b745d4fada5c73db44f596a62e29a5dbe3fc53f from qemu
2019-03-19 23:58:31 -04:00
Michael Clark b247ee234d
RISC-V: Update load reservation comment in do_interrupt
Backports commit d9360e96885dbd69ce4aa925d1701c7a10cf54ae from qemu
2019-03-19 23:58:31 -04:00
Michael Clark d3dbcb6dfc
RISC-V: Add support for vectored interrupts
If vectored interrupts are enabled (bits[1:0]
of mtvec/stvec == 1) then use the following
logic for trap entry address calculation:

pc = mtvec + cause * 4

In addition to adding support for vectored interrupts
this patch simplifies the interrupt delivery logic
by making sync/async cause decoding and encoding
steps distinct.

The cause code and the sign bit indicating sync/async
is split at the beginning of the function and fixed
cause is renamed to cause. The MSB setting for async
traps is delayed until setting mcause/scause to allow
redundant variables to be eliminated. Some variables
are renamed for conciseness and moved so that decls
are at the start of the block.

Backports commit acbbb94e5730c9808830938e869d243014e2923a from qemu
2019-03-19 23:58:31 -04:00
Michael Clark 8ffa68e757
RISC-V: Change local interrupts from edge to level
This effectively changes riscv_cpu_update_mip
from edge to level. i.e. cpu_interrupt or
cpu_reset_interrupt are called regardless of
the current interrupt level.

Fixes WFI doesn't return when a IPI is issued:

- https://github.com/riscv/riscv-qemu/issues/132

To test:

1) Apply RISC-V Linux CPU hotplug patch:

- http://lists.infradead.org/pipermail/linux-riscv/2018-May/000603.html

2) Enable CONFIG_CPU_HOTPLUG in linux .config

3) Try to offline and online cpus:

echo 1 > /sys/devices/system/cpu/cpu2/online
echo 0 > /sys/devices/system/cpu/cpu2/online
echo 1 > /sys/devices/system/cpu/cpu2/online

Backports commit d26f5a423438e579d3ff0ca35e44edb966a36233 from qemu
2019-03-19 23:58:31 -04:00
Kito Cheng bd3e9ebaea
RISC-V: linux-user support for RVE ABI
This change checks elf_flags for EF_RISCV_RVE and if
present uses the RVE linux syscall ABI which uses t0
for the syscall number instead of a7.

Warn and exit if a non-RVE ABI binary is run on a
cpu with the RVE extension as it is incompatible.

Backports relevant parts of 5836c3eccedb6dfab16b8f606f2de24b8938b69c
from qemu
2019-03-19 23:58:31 -04:00
Michael Clark 2e0c040062
RISC-V: Allow interrupt controllers to claim interrupts
We can't allow the supervisor to control SEIP as this would allow the
supervisor to clear a pending external interrupt which will result in
lost a interrupt in the case a PLIC is attached. The SEIP bit must be
hardware controlled when a PLIC is attached.

This logic was previously hard-coded so SEIP was always masked even
if no PLIC was attached. This patch adds riscv_cpu_claim_interrupts
so that the PLIC can register control of SEIP. In the case of models
without a PLIC (spike), the SEIP bit remains software controlled.

This interface allows for hardware control of supervisor timer and
software interrupts by other interrupt controller models.

Backports commit e3e7039cc24ecf47d81c091e8bb04552d6564ad8 from qemu
2019-03-19 23:48:12 -04:00
Alistair Francis a4f2dcde28
riscv: pmp: Log pmp access errors as guest errors
Backports commit aad5ac2311f3ad2c0be12d0eaaf4ef4398438fc2 from qemu
2019-03-19 23:45:03 -04:00
Jim Wilson 65903cf9a4
RISC-V: Add debug support for accessing CSRs.
Add a debugger field to CPURISCVState. Add riscv_csrrw_debug function
to set it. Disable mode checks when debugger field true.

Backports commit 753e3fe207db08ce0ef0405e8452c3397c9b9308 from qemu
2019-03-19 23:42:48 -04:00
Jim Wilson 30ab335bb3
RISC-V: Fixes to CSR_* register macros.
This adds some missing CSR_* register macros, and documents some as being
priv v1.9.1 specific.

Backports commit 8e73df6aa3f2f0e5c26c03a94a88406616291815 from qemu
2019-03-19 23:39:49 -04:00
Bastian Koppelmann c0f036578c
target/riscv: Fix manually parsed 16 bit insn
during the refactor to decodetree we removed the manual decoding that is
necessary for c.jal/c.addiw and removed the translation of c.flw/c.ld
and c.fsw/c.sd. This reintroduces the manual parsing and the
omited implementation.

Backports commit f330433b3633647b047cfa418c2ca4d18fda69c7 from qemu
2019-03-19 05:44:58 -04:00
Amir Charif 2392d8b8ab
target/arm: Check access permission to ADDVL/ADDPL/RDVL
These instructions do not trap when SVE is disabled in EL0,
causing them to be executed with wrong size information.

Backports commit 5de56742a3c91de3d646326bec43a989bba83ca4 from qemu
2019-03-19 05:42:59 -04:00
Dongjiu Geng 4dc3d59fd3
target/arm: change arch timer registers access permission
Some generic arch timer registers are Config-RW in the EL0,
which means the EL0 exception level can have write permission
if it is appropriately configured.

When VM access registers, QEMU firstly checks whether they have RW
permission, then check whether it is appropriately configured.
If they are defined to read only in EL0, even though they have been
appropriately configured, they still do not have write permission.
So need to add the write permission according to ARMV8 spec when
define it.

Backports commit daf1dc5f82cefe2a57f184d5053e8b274ad2ba9a from qemu
2019-03-19 05:40:44 -04:00
Bastian Koppelmann e96282eb28
target/riscv: Remove decode_RV32_64G()
decodetree handles all instructions now so the fallback is not necessary
anymore.

Backports commit 25e6ca30c668783cd72ff97080ff44e141b99f9b from qemu
2019-03-19 05:37:42 -04:00
Bastian Koppelmann a371684da9
target/riscv: Remove gen_system()
with all 16 bit insns moved to decodetree no path is falling back to
gen_system(), so we can remove it.

Backports commit 8f7bc273868939f0821e07fb23792db63d45bffb from qemu
2019-03-19 05:36:48 -04:00
Bastian Koppelmann 1765e6a090
target/riscv: Rename trans_arith to gen_arith
Backports commit 8dc9e8a8b04c4308cf275aa6480d289dcd3cf9b3 from qemu
2019-03-19 05:35:44 -04:00
Bastian Koppelmann 28daad082b
target/riscv: Remove manual decoding of RV32/64M insn
Backports commit 1288701682d81b93f62e01cd87001dc90b30b881 from qemu
2019-03-19 05:34:32 -04:00
Bastian Koppelmann b9eda7c464
target/riscv: Remove shift and slt insn manual decoding
Backports commit 34446e845829f55eaa9a07a915950af0b2710b47 from qemu
2019-03-19 05:23:47 -04:00
Bastian Koppelmann 177726afb8
target/riscv: make ADD/SUB/OR/XOR/AND insn use arg lists
manual decoding in gen_arith() is not necessary with decodetree. For now
the function is called trans_arith as the original gen_arith still
exists. The former will be renamed to gen_arith as soon as the old
gen_arith can be removed.

Backports commit f2ab1728675772cd475a33f4df3d2f68a22c188f from qemu
2019-03-19 05:17:54 -04:00
Bastian Koppelmann cb7c94fbc4
target/riscv: Move gen_arith_imm() decoding into trans_* functions
gen_arith_imm() does a lot of decoding manually, which was hard to read
in case of the shift instructions and is not necessary anymore with
decodetree.

Backports commit 7a50d3e2ae7f13b24fe55990ea0b8ddcbbb43130 from qemu
2019-03-19 05:14:21 -04:00
Bastian Koppelmann 6190837e2f
target/riscv: Remove manual decoding from gen_store()
With decodetree we don't need to convert RISC-V opcodes into to MemOps
as the old gen_store() did.

Backports commit bce8a342a1f0919479d18ec812b100136daa746b from qemu
2019-03-19 05:05:14 -04:00
Bastian Koppelmann f91f286ed2
target/riscv: Remove manual decoding from gen_load()
With decodetree we don't need to convert RISC-V opcodes into to MemOps
as the old gen_load() did.

Backports commit 98898b20e9cca462843c22ad952c216ffd57d654 from qemu
2019-03-19 05:02:25 -04:00
Bastian Koppelmann 6f89816f5d
target/riscv: Remove manual decoding from gen_branch()
We now utilizes argument-sets of decodetree such that no manual
decoding is necessary.

Backports commit 090cc2c898a04e42350eabf1bcf7d245471603f9 from qemu
2019-03-19 04:59:08 -04:00
Bastian Koppelmann 3fe4cf353c
target/riscv: Remove gen_jalr()
trans_jalr() is the only caller, so move the code into trans_jalr().

Backports commit 9e92c57d834cd50ab088d75510c3c720878eef13 from qemu
2019-03-19 04:55:52 -04:00