This prevents guest from proceeding with uninitialised garbage returned
from unimplemented simcalls.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* 'x86cpu_qom_tcg_v2' of git://github.com/imammedo/qemu:
target-i386: move tcg initialization into x86_cpu_initfn()
cleanup cpu_set_debug_excp_handler
target-xtensa: drop usage of prev_debug_excp_handler
target-i386: drop usage of prev_debug_excp_handler
This makes usable default for -cpu option both for qemu-system-xtensa
and qemu-system-xtensaeb fixing the following error:
$ qemu-system-xtensaeb -M sim
Unable to find CPU definition
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Tested-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Quote from ISA, 2.1:
For most Xtensa instructions, bit numbering is irrelevant; only the BBC
and BBS instructions assign bit numbers to values on which the processor
operates. The BBC/BBS instructions use big-endian bit ordering (0 is the
most-significant bit) on a big-endian processor configuration.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Chains of exception handlers are currently unused feature. Dropping it
to be consistent with target-i386 but it may simplify qom-ifying CPU
in future like for target-i386.
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Add env parameter to every helper function that needs it, update
'configure' script.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Mark exception generating functions 'noreturn' and pure constant
functions as such.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Peter Portante <peter.portante@redhat.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Taken conditional branches fail to update CCOUNT register because
accumulated ccount_delta is reset during translation of non-taken
branch. To fix it only update CCOUNT once per conditional branch
instruction translation.
This fixes guest linux freeze on LTP waitpid06 test.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Hardware pagetable walking may not be nested. Stop guessing and pass
explicit flag to the get_physical_addr_mmu function that controls page
table lookup.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is to avoid interference of internal QEMU helpers
(cpu_get_phys_page_debug, tb_invalidate_virtual_addr) with guest-visible
TLB state.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
According to ISA, 4.4.2.6, EXCVADDR may be changed by any TLB miss, even
if the miss is handled entirely by processor hardware.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Both old and new mappings need flushing because their VPN may be
different in MMU case.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
In commit 1bba0dc932 cpu_reset()
was renamed to cpu_state_reset(), to allow introducing a new cpu_reset()
that would operate on QOM objects.
All callers have been updated except for one in target-mips, so drop all
implementations except for the one in target-mips and move the
declaration there until MIPSCPU reset can be fully QOM'ified.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> (for mb + cris)
Acked-by: Alexander Graf <agraf@suse.de> (for ppc)
Acked-by: Blue Swirl <blauwirbel@gmail.com>
Make the include paths for cpu-qom.h consistent to allow using XtensaCPU
in cpu.h.
Turn cpu_init macro into a static inline function returning
CPUXtensaState for backwards compatibility.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Max Filippov <jcmvbkbc@gmail.com>
Translation of LOOP instructions used to call LEND SR write handler to
update LEND and invalidate relevant TBs. Now that LEND SR write handler
ends TB, LOOPNEZ and LOOPGTZ generate wrong code (same as for simple
LOOP). Fix it by calling wsr_lend helper directly.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is Diamond 233L Standard Core Rev.C (LE), implemented through
linux/gdb overlay.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Instruction breakpoint/zero overhead loop handling code is built into
TBs pointed to by IBREAKA/LEND SRs. When these or related SRs get
changed TBs at virtual addresses corresponding to their old and their
new values must be invalidated.
Virtual address range is passed to the tb_invalidate_phys_page_range,
which is incorrect in system emulation mode.
To fix it use guest TLB/MMU to translate virtual address to physical
address.
However the guest may not have virtual-to-physical mapping at the moment
of IBREAKA/LEND change, thus this fix is not 100% accurate.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Use uintptr_t instead of void * or unsigned long in
several op related functions, env->mem_io_pc and
GETPC() macro.
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Move XtensaConfig-independent code from cpu_xtensa_init() into a
QOM initfn, as a start.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Move code from cpu_state_reset() into QOM xtensa_cpu_reset().
To avoid moving reset_mmu() and dependencies, make it non-static.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Embed CPUXtensaState as first member of XtensaCPU.
Let CPUClass::reset() call cpu_state_reset() for now.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Provides a file naming scheme consistent with other targets.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Scripted conversion:
for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do
sed -i "s/CPUState/CPUArchState/g" $file
done
All occurrences of CPUArchState are expected to be replaced by QOM CPUState,
once all targets are QOM'ified and common fields have been extracted.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
sed -i "s/CPUState/CPUXtensaState/g" target-xtensa/*.[hc]
sed -i "s/#define CPUXtensaState/#define CPUState/" target-xtensa/cpu.h
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Frees the identifier cpu_reset for QOM CPUs (manual rename).
Don't hide the parameter type behind explicit casts, use static
functions with strongly typed argument to indirect.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
* 'upstream' of git://qemu.weilnetz.de/qemu:
Move definition of HOST_LONG_BITS to qemu-common.h
target-xtensa: Clean includes
target-unicore32: Clean includes
target-sh4: Clean includes
target-s390x: Clean includes
target-ppc: Clean includes
target-mips: Clean includes
target-microblaze: Clean includes
target-m68k: Clean includes
target-lm32: Clean includes
target-i386: Clean includes
target-cris: Clean includes
target-arm: Clean includes
target-alpha: Clean includes
Remove macro HOST_LONG_SIZE
Fill debug configuration from overlay definitions in the DEBUG_SECTION.
Add DEBUG_SECTION to DC232B and FSF cores.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Add DBREAKA/DBREAKC SRs and implement DBREAK breakpoints as debug
watchpoints.
This implementation is not fully compliant to ISA: when a breakpoint is
set to an unmapped/inaccessible memory address it generates TLB/memory
protection exception instead of debug exception.
See ISA, 4.7.7.3, 4.7.7.6 for more details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
ICOUNT SR gets incremented on every instruction completion provided that
CINTLEVEL at the beginning of the instruction execution is lower than
ICOUNTLEVEL.
When ICOUNT would increment to 0 a debug exception is raised if
CINTLEVEL is lower than DEBUGLEVEL.
See ISA, 4.7.7.5 for more details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Add IBREAKA/IBREAKENABLE SRs and implement debug exception, BREAK and
BREAK.N instructions and IBREAK breakpoints.
IBREAK breakpoint address is considered constant for TB lifetime.
On IBREAKA/IBREAKENABLE change corresponding TBs are invalidated.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
DEBUGCAUSE SR holds information about the most recent debug exception.
See ISA, 4.7.7 for more details.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
TLB_TEMPLATE macro specifies TLB geometry in the core configuration.
Make TLB_TEMPLATE available for region protection core variants,
defining 1 way ITLB and DTLB with 8 entries each.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
- ITLB/DTLB ways 5 and 6 have 4 and 8 entries respectively;
- ITLB/DTLB way 6 attr field is set to 3 on reset.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This includes opcodes from disabled features and those marked reserved in the ISA.
Also end TB on opcodes that definitely generate an exception: illegal
instructions, syscall and privileged instructions.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
This is FSF big endian core implemented through linux overlay.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
This is Diamond 232L Standard Core Rev.B (LE), implemented through
linux/gdb overlay.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Introduce overlay_tool.h that defines core configuration blocks from
data available in the linux architecture variant overlay.
Overlay data is automatically generated in the core configuration
process by Tensilica tools and can be directly converted to qemu xtensa
core description by overlay_tool.h
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Xtensa cores may have different mapping of external interrupt pins to
internal IRQ numers. Implement API to acquire core IRQ by its external
interrupt number.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>