This patch implements support for the CFAR SPR on POWER7 (Come From
Address Register), which snapshots the PC value at the time of a branch or
an rfid. The latest powerpc-next kernel also catches it and can show it in
xmon or in the signal frames.
This works well enough to let recent kernels boot (which otherwise oops
on the CFAR access). It hasn't been tested enough to be confident that the
CFAR values are actually accurate, but one thing at a time.
Signed-off-by: Ben Herrenschmidt <benh@kernel.crashing.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alexander Graf <agraf@suse.de>
Until now, we've created a union over multiple different TLB types and
allocated that union. While it's a waste of memory (and cache) to allocate
TLB information for a TLB type with much information when you only need
little, it also inflicts another issue.
With the new KVM API, we can now share the TLB between KVM and qemu, but
for that to work we need to have both be in the same layout. We can't just
stretch it over to fit some internal different TLB representation.
Hence this patch moves all TLB types to their own array, allowing us to only
address and allocate exactly the boundaries required for the specific TLB
type at hand.
Signed-off-by: Alexander Graf <agraf@suse.de>
When QEMU was configured with --enable-debug-tcg,
compilation fails in spr_write_booke206_mmucsr0() and in
spr_write_booke_pid(). Similar changes are also needed
in conditional code which is normally unused.
Cc: Alexander Graf <agraf@suse.de>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
* 'ppc-next' of git://repo.or.cz/qemu/agraf:
PPC: Qdev'ify e500 pci
PPC MPC7544DS: Use new TLB helper function
PPC: Implement e500 (FSL) MMU
PPC: Add another 64 bits to instruction feature mask
PPC: Add GS MSR definition
PPC: Make MPC8544DS emulation work w/o KVM
PPC: Make MPC8544DS obey -cpu switch
Fix off-by-one error in sizing pSeries hcall table
ppc64: Fix out-of-tree builds
kvm: ppc: warn user on PAGE_SIZE mismatch
kvm: ppc: detect old headers
monitor: add PPC BookE SPRs
kvm: ppc: fixes for KVM_SET_SREGS on init
ppc64: Don't try to build sPAPR RTAS on Darwin
Place pseries vty devices at addresses more similar to existing machines
Make pSeries 'model' property more closely resemble real hardware
pseries: Increase maximum CPUs to 256
Most of the code to support e500 style MMUs is already in place, but
we're missing on some of the special TLB0-TLB1 handling code and slightly
different TLB modification.
This patch adds support for the FSL style MMU.
Signed-off-by: Alexander Graf <agraf@suse.de>
To enable quick runtime detection of instruction groups to the currently
selected CPU emulation, we have a feature mask of what exactly the respective
instruction supports.
This feature mask is 64 bits long and we just successfully exceeded those 64
bits. To add more features, we need to think of something.
The easiest solution that came to my mind was to simply add another 64 bits
that we can also match on. Since the comparison is only done on start of the
qemu process to generate an internal opcode calling table, we should be fine
on any performance penalties here.
Signed-off-by: Alexander Graf <agraf@suse.de>
This adds emulation support for the recent POWER7 cpu to qemu. It's far
from perfect - it's missing a number of POWER7 features so far, including
any support for VSX or decimal floating point instructions. However, it's
close enough to boot a kernel with the POWER7 PVR.
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
On ppc machines with hash table MMUs, the special purpose register SDR1
contains both the base address of the encoded size (hashed) page tables.
At present, we interpret the SDR1 value within the address translation
path. But because the encodings of the size for 32-bit and 64-bit are
different this makes for a confusing branch on the MMU type with a bunch
of curly shifts and masks in the middle of the translate path.
This patch cleans things up by moving the interpretation on SDR1 into the
helper function handling the write to the register. This leaves a simple
pre-sanitized base address and mask for the hash table in the CPUState
structure which is easier to work with in the translation path.
This makes the translation path more readable. It addresses the FIXME
comment currently in the mtsdr1 helper, by validating the SDR1 value during
interpretation. Finally it opens the way for emulating a pSeries-style
partition where the hash table used for translation is not mapped into
the guests's RAM.
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
The PURR (Processor Utilization Resource Register) is a register found
on recent POWER CPUs. The guts of implementing it at least enough to
get by are already present in qemu, however some of the helper
functions needed to actually wire it up are missing.
This patch adds the necessary glue, so that the PURR can be wired up
when we implement newer POWER CPU targets which include it.
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
fprintf_function uses format checking with GCC_FMT_ATTR.
Format errors were fixed in
* target-i386/helper.c
* target-mips/translate.c
* target-ppc/translate.c
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Add a powerpc 440x5 with the model ID on the Xilinx virtex5.
Connect the 440x5 to the 40x interrupt logic.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
Time base SPRs TBL/TBU should be accessible in user/priv modes for reading
as specified in POWER ISA documentation. Therefore SPRs permissions were
changed in gen_tbl function.
Signed-off-by: Dmitry Ilyevsky <ilyevsky@gmail.com>
Acked-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
No need to alias e300 core for each CPU package.
Differences between microcontrollers have to be implemented in a higher layer
than translate_init.c
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add CPU declarations of MPC8343, MPC8343E, MPC8347 and MPC8347E.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Declare HID2 register.
Use high BATs for e300 (8 instead of 4).
Fix index of high BATs registers.
Before the fix, IBAT4-7 were overwriting IBAT0-3.
Signed-off-by: François Armand <francois.armand@os4i.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
In the very least, a change like this requires discussion on the list.
The naming convention is goofy and it causes a massive merge problem. Something
like this _must_ be presented on the list first so people can provide input
and cope with it.
This reverts commit 99a0949b72.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
According to PPC440 user manual, PPC 440 supports ``mftb'' even it's a
preserved instruction:
PPC440_UM2013.pdf, p.445, table A-3
when I compile a kernel (2.6.30, bamboo_defconfig/440EP &
canyonlands/460EX), I can see ``mftb'' by using ppc-xxx-objdump
vmlinux
I have also checked the ppc 440x[456], 460S, 464, they also should support mftb.
The following patch enable mftb for all ppc 440 variants, including:
440EP, 440GP, 440x4, 440x5 and 460
Signed-off-by: Baojun Wang <wangbj@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Access to the PVR SPR is normally forbidden from userspace apps. The
Linux kernel, however, fixes up reads in the appropriate trap handler.
To permit applications that read PVR to run on QEMU, then, we need to
implement the same handling of PVR reads.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: malc <av1474@comtv.ru>
Do this so other pieces of code can make decisions based on the
capabilities of the CPU we're emulating.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: malc <av1474@comtv.ru>
According to 604eUM_book (see 8.3.3 Reset inputs p8-54), the IP bit is set
for hreset and the vector is at offset 0x100 from the exception prefix.
No difference in this area between 604 and 604e.
Signed-off-by: Tristan Gingold <gingold@adacore.com>
Altivec and SPE both have 34 registers in their register sets, not 35
with a missing register 32.
GDB would ask for register 32 of the Altivec (resp. SPE) registers and
the code would claim it had zero width. The QEMU GDB stub code would
then return an E14 to GDB, which would complain about not being sure
whether p packets were supported or not.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6769 c046a42c-6fe2-441c-8c8c-71466251a162
Real 970 CPUs have the SLB not memory backed, but inside the CPU.
This breaks bridge mode for 970 for now, but at least keeps us from
overwriting physical addresses 0x0 - 0x300, rendering our interrupt
handlers useless.
I put in a stub for bridge mode operation that could be enabled
easily, but for now it's safer to leave that off I guess (970fx doesn't
have bridge mode AFAIK).
Signed-off-by: Alexander Graf <alex@csgraf.de>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6757 c046a42c-6fe2-441c-8c8c-71466251a162
Linux tries to access some SPRs on PPC64 boot. Let's just ignore those
for the 970fx for now to make it happy.
Signed-off-by: Alexander Graf <alex@csgraf.de>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6751 c046a42c-6fe2-441c-8c8c-71466251a162
- use ctz32 instead of ffs - 1
- small optimisation of mtcrf
- add the name of both opcodes
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6669 c046a42c-6fe2-441c-8c8c-71466251a162
A real 970 CPU starts up with HIOR=0xfff00000 and triggers a reset
exception, basically ending up at IP 0xfff001000.
Later on this HIOR has to be set to 0 by the firmware in order to
enable the OS to handle interrupts on its own.
This patch maps HIOR to exec_prefix, which does the same thing
internally in qemu already.
It replaces the previous patch that changed the 970 initialization
constants, as this is the clean solution to the same problem.
Signed-off-by: Alexander Graf <alex@csgraf.de>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6656 c046a42c-6fe2-441c-8c8c-71466251a162
The e500v1 chips only have single-precision floating point; don't say we
support the double-precision floating-point instructions on such chips.
Also add an e500v1 -cpu argument for a generic e500v1.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6576 c046a42c-6fe2-441c-8c8c-71466251a162
Single-precision and double-precision floating-point instructions should
be separated into their own categories, since some chips only support
single-precision instructions.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6575 c046a42c-6fe2-441c-8c8c-71466251a162
Don't read/write SPEFSCR until we figure out what to do about exceptions.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6425 c046a42c-6fe2-441c-8c8c-71466251a162
The attached patch updates the FSF address in the GPL/LGPL boilerplate
in most GPL/LGPLed files, and also in COPYING.LIB.
Signed-off-by: Stuart Brady <stuart.brady@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6162 c046a42c-6fe2-441c-8c8c-71466251a162
Change from v1:
Avoid changing the existing coding style in certain files.
Signed-off-by: Stuart Brady <stuart.brady@gmail.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6120 c046a42c-6fe2-441c-8c8c-71466251a162
when compiling on NetBSD:
warning: array subscript has type 'char'
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5727 c046a42c-6fe2-441c-8c8c-71466251a162
Define XER bits as a single register and access them individually to
avoid defining 5 32-bit registers (TCG doesn't permit to map 8-bit
registers).
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5500 c046a42c-6fe2-441c-8c8c-71466251a162
tend more to propagate bugged definition than simplify the code.
Check and fix PowerPC 6xx implementations definitions.
Misc fixes in PowerPC CPU list.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3707 c046a42c-6fe2-441c-8c8c-71466251a162
Use it to properly initialize the clock for the PreP target.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3701 c046a42c-6fe2-441c-8c8c-71466251a162
ie MPC5xx, MPC8xx, e200, e300, e500 and e600 cores.
Make those CPUs and PowerPC 440 available for user-mode emulation,
thus providing a way of testing their implementation specific instructions.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3681 c046a42c-6fe2-441c-8c8c-71466251a162
in order to implement Freescale cores.
Fix efsadd / efssub opcodes.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3679 c046a42c-6fe2-441c-8c8c-71466251a162
Always make the hypervisor timers available.
Remove all TARGET_PPC64H checks, keeping a few if (0) tests for cases
that cannot be properly handled with the current PowerPC CPU definition.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3656 c046a42c-6fe2-441c-8c8c-71466251a162
Implement PowerPC 601 HID0 register, needed for little-endian mode support.
As a consequence, we need to merge hflags coming from MSR with other ones.
Use little-endian mode from hflags instead of MSR during code translation.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3524 c046a42c-6fe2-441c-8c8c-71466251a162
* PowerPC 601 (and probably POWER/POWER2) uses a different BAT format than
later PowerPC implementation.
* Bugfix in BATs check: must not stop after 4 BATs when more are provided.
* Enable POWER 'rac' instruction.
* Fix exception prefix for all supported PowerPC implementations.
* Fix exceptions, MMU model and bus model for PowerPC 601 & 620.
* Enable PowerPC 620 as it could mostly boot a PreP target.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3518 c046a42c-6fe2-441c-8c8c-71466251a162
Add #ifdef to avoid compiling not relevant resources:
- MMU related stuff for user-mode only targets
- PowerPC 64 only resources for PowerPC 32 targets
- embedded PowerPC extensions for non-ppcemb targets.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3343 c046a42c-6fe2-441c-8c8c-71466251a162
As a side effect, single step and branch step are available again.
Remove irrelevant MSR bits definitions.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3342 c046a42c-6fe2-441c-8c8c-71466251a162
memory segments.
Remove the PowerPC 64 "bridge" MMU model and implement segment registers
emulation using SLB entries instead.
Make SLB area size implementation dependant.
Improve TLB & SLB search debug traces.
Temporary hack to make PowerPC 970 boot from ROM instead of RAM.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3335 c046a42c-6fe2-441c-8c8c-71466251a162
* fix the tunable cache line size probe for PowerPC 970.
* initialize HID5 so cache line is 32 bytes long when running in user-mode only
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3322 c046a42c-6fe2-441c-8c8c-71466251a162
Protect PowerPC 64 only features with #ifdef (TARGET_PPC64)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3316 c046a42c-6fe2-441c-8c8c-71466251a162
Tag unused functions with unused attribute instead of using #ifdef (TODO)
to ease tests: just have to enable the implementation in the cpu_defs table.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3306 c046a42c-6fe2-441c-8c8c-71466251a162
Add comments about some unimplemented storage control dedicated SPRs.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3301 c046a42c-6fe2-441c-8c8c-71466251a162
(crash reported by Andreas Farber when using default CPU).
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3293 c046a42c-6fe2-441c-8c8c-71466251a162
Share most code with the time-base management routines.
Remove time-base write routines from user-mode emulation environments.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3277 c046a42c-6fe2-441c-8c8c-71466251a162
avoid stopping translation after most SPR updates
when a context-synchronization instruction is also needed.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3265 c046a42c-6fe2-441c-8c8c-71466251a162
* don't use exception vectors as the exception number.
Use vectors numbers as defined in the PowerPC embedded specification instead
and extend this model to cover all emulated PowerPC variants exceptions.
* add some missing exceptions definitions, from PowerPC 2.04 specification
and actual PowerPC implementations.
* add code provision for hypervisor exceptions handling.
* define exception vectors and prefix in CPUPPCState to emulate BookE exception
vectors without any hacks.
* define per CPU model valid exception vectors.
* handle all known exceptions in user-mode only emulations.
* fix hardware interrupts priorities in most cases.
* change RET_EXCP macros name into GEN_EXCP as they don't return.
* do not stop translation on most instructions that are not defined as
context-synchronizing in PowerPC specification.
* fix PowerPC 64 jump targets and link register update when in 32 bits mode.
* Fix PowerPC 464 and 464F definitions.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3261 c046a42c-6fe2-441c-8c8c-71466251a162
Use it as default for workstation targets.
Fix PowerPC 750fl and 750gl definitions.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3256 c046a42c-6fe2-441c-8c8c-71466251a162
Allow use of PowerPC 970 for debugging (softmmu would not run, for now).
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3246 c046a42c-6fe2-441c-8c8c-71466251a162
* cleanup cpu.h, removing definitions used only in translate.c/translate_init.c
* add new flags to define instructions sets more precisely
* various changes in MMU models definitions
* add definitions for PowerPC 440/460 support (insns and SPRs).
* add definitions for PowerPC 401/403 and 620 input pins model
* Fix definitions for most PowerPC 401, 403, 405, 440, 601, 602, 603 and 7x0
* Preliminary support for PowerPC 74xx (aka G4) without altivec.
* Code provision for other PowerPC support (7x5, 970, ...).
* New SPR and PVR defined, from PowerPC 2.04 specification and other sources
* Misc code bugs, error messages and styles fixes.
* Update status files for PowerPC cores support.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3244 c046a42c-6fe2-441c-8c8c-71466251a162
Check that at least instructions set and SPRs are correct for
PowerPC 401, 403, 405 and 440 cores.
Implement PowerPC 401 MMU model (real-mode only).
Improve INSNs and SPRs dump to ease parse with standard shell tools.
Add more precise status for most PowerPC cores families.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3201 c046a42c-6fe2-441c-8c8c-71466251a162
Preliminary code for -kernel option support for PowerPC 405 boards
Fix DBSR in case of PowerPC 405 chip reset
Add enums for PowerPC 405 clocks.
Fix IRQ numbers (IBM reversed bits numbering...)
Fix SPRG4-7 read access right
Fix MSR mask in CPU definitions
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@2692 c046a42c-6fe2-441c-8c8c-71466251a162
Move cpu_ppc_init, cpu_ppc_close, cpu_ppc_reset and ppc_tlb_invalidate
into helper.c as they are to be called from outside of the translated code.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@2682 c046a42c-6fe2-441c-8c8c-71466251a162
- Add status file to make regression tracking easier
- Move all micro-operations helpers definitions into a separate header:
should never be seen outside of op.c
- Update copyrights
- Add new / missing PowerPC CPU definitions
- Add definitions for PowerPC BookE
- Add support for PowerPC 6xx/7xx software driven TLBs
Allow use of PowerPC 603 as an example
- Add preliminary code for POWER, POWER2, PowerPC 403, 405, 440, 601, 602
and BookE support
- Avoid compiling priviledged only resources support for user-mode emulation
- Remove unused helpers / micro-ops / dead code
- Add instructions usage statistics dump: useful to figure which instructions
need strong optimizations.
- Micro-operation fixes:
* add missing RETURN in some micro-ops
* fix prototypes
* use softfloat routines for all floating-point operations
* fix tlbie instruction
* move some huge micro-operations into helpers
- emulation fixes:
* fix inverted opcodes for fcmpo / fcmpu
* condition register update is always to be done after the whole
instruction has completed
* add missing NIP updates when calling helpers that may generate an
exception
- optimizations and improvments:
* optimize very often used instructions (li, mr, rlwixx...)
* remove specific micro-ops for rarely used instructions
* add routines for addresses computations to avoid bugs due to multiple
different implementations
* fix TB linking: do not reset T0 at the end of every TB.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@2473 c046a42c-6fe2-441c-8c8c-71466251a162
