Commit Graph

5847 Commits

Author SHA1 Message Date
Richard Henderson
36cbb7a8e7 target/arm: Split out gen_gvec_ool_zzzp
Model after gen_gvec_fn_zzz et al.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-9-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:48 +01:00
Richard Henderson
d4bc623254 target/arm: Use tcg_gen_gvec_bitsel for trans_SEL_pppp
The gvec operation was added after the initial implementation
of the SEL instruction and was missed in the conversion.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-8-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:48 +01:00
Richard Henderson
dd81a8d7cf target/arm: Clean up 4-operand predicate expansion
Move the check for !S into do_pppp_flags, which allows to merge in
do_vecop4_p.  Split out gen_gvec_fn_ppp without sve_access_check,
to mirror gen_gvec_fn_zzz.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:48 +01:00
Richard Henderson
d0b2df5a01 target/arm: Merge do_vector2_p into do_mov_p
This is the only user of the function.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-6-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:48 +01:00
Richard Henderson
8a40fe5f1b target/arm: Rearrange {sve,fp}_check_access assert
We want to ensure that access is checked by the time we ask
for a specific fp/vector register.  We want to ensure that
we do not emit two lots of code to raise an exception.

But sometimes it's difficult to cleanly organize the code
such that we never pass through sve_check_access exactly once.
Allow multiple calls so long as the result is true, that is,
no exception to be raised.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-5-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:47 +01:00
Richard Henderson
28c4da31be target/arm: Split out gen_gvec_fn_zzz, do_zzz_fn
Model gen_gvec_fn_zzz on gen_gvec_fn3 in translate-a64.c, but
indicating which kind of register and in which order.

Model do_zzz_fn on the other do_foo functions that take an
argument set and verify sve enabled.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-4-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:47 +01:00
Richard Henderson
f7d79c41fa target/arm: Split out gen_gvec_fn_zz
Model the new function on gen_gvec_fn2 in translate-a64.c, but
indicating which kind of register and in which order.  Since there
is only one user of do_vector2_z, fold it into do_mov_z.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200815013145.539409-3-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:47 +01:00
Richard Henderson
9a4670be7f target/arm: Fill in the WnR syndrome bit in mte_check_fail
According to AArch64.TagCheckFault, none of the other ISS values are
provided, so we do not need to go so far as merge_syn_data_abort.
But we were missing the WnR bit.

Tested-by: Andrey Konovalov <andreyknvl@google.com>
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200813200816.3037186-3-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:45 +01:00
Richard Henderson
dbf8c32178 target/arm: Pass the entire mte descriptor to mte_check_fail
We need more information than just the mmu_idx in order
to create the proper exception syndrome.  Only change the
function signature so far.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200813200816.3037186-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:44 +01:00
Philippe Mathieu-Daudé
0e5aac18bc target/arm: Clarify HCR_EL2 ARMCPRegInfo type
In commit ce4afed839 ("target/arm: Implement AArch32 HCR and HCR2")
the HCR_EL2 register has been changed from type NO_RAW (no underlying
state and does not support raw access for state saving/loading) to
type CONST (TCG can assume the value to be constant), removing the
read/write accessors.
We forgot to remove the previous type ARM_CP_NO_RAW. This is not
really a problem since the field is overwritten. However it makes
code review confuse, so remove it.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200812111223.7787-1-f4bug@amsat.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-28 10:02:44 +01:00
Eduardo Habkost
3932885af6 hvf: Move HVFState typedef to hvf.h
Move typedef closer to the type check macros, to make it easier
to convert the code to OBJECT_DEFINE_TYPE() in the future.

Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Tested-By: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200825192110.3528606-20-ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-08-27 14:04:54 -04:00
Alistair Francis
e39a8320b0 target/riscv: Support the Virtual Instruction fault
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 4c744dce9b0b057cbb5cc0f4d4ac75cda682a8af.1597259519.git.alistair.francis@wdc.com
Message-Id: <4c744dce9b0b057cbb5cc0f4d4ac75cda682a8af.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
57cb2083e6 target/riscv: Return the exception from invalid CSR accesses
When performing a CSR access let's return a negative exception value on
an error instead of -1. This will allow us to specify the exception in
future patches.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: a487dad60c9b8fe7a2b992c5e0dcc2504a9000a7.1597259519.git.alistair.francis@wdc.com
Message-Id: <a487dad60c9b8fe7a2b992c5e0dcc2504a9000a7.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
83028098f4 target/riscv: Support the v0.6 Hypervisor extension CRSs
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 644b6c114b1a81adbee0ab8c9c66a8672059ec96.1597259519.git.alistair.francis@wdc.com
Message-Id: <644b6c114b1a81adbee0ab8c9c66a8672059ec96.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
30f663b16f target/riscv: Only support little endian guests
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 93e5d4f13eca0d2a588e407187f33c6437aeaaf9.1597259519.git.alistair.francis@wdc.com
Message-Id: <93e5d4f13eca0d2a588e407187f33c6437aeaaf9.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
f8dc878efc target/riscv: Only support a single VSXL length
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: f3f4fd2ec22a07cc1d750e96895d6813f131de4d.1597259519.git.alistair.francis@wdc.com
Message-Id: <f3f4fd2ec22a07cc1d750e96895d6813f131de4d.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
543ba53157 target/riscv: Update the CSRs to the v0.6 Hyp extension
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 4f227b30cb1816795296c0994f1123fab143666a.1597259519.git.alistair.francis@wdc.com
Message-Id: <4f227b30cb1816795296c0994f1123fab143666a.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
f2d5850f71 target/riscv: Update the Hypervisor trap return/entry
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: e7e4e801234f2934306e734f65860f601a5745bd.1597259519.git.alistair.francis@wdc.com
Message-Id: <e7e4e801234f2934306e734f65860f601a5745bd.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
84b1c04bba target/riscv: Fix the interrupt cause code
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 85b7fdba8abd87adb83275cdc3043ce35a1ed5c3.1597259519.git.alistair.francis@wdc.com
Message-Id: <85b7fdba8abd87adb83275cdc3043ce35a1ed5c3.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
9034e90ad9 target/riscv: Convert MSTATUS MTL to GVA
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 9308432988946de550a68524ed76e4b8683f10e2.1597259519.git.alistair.francis@wdc.com
Message-Id: <9308432988946de550a68524ed76e4b8683f10e2.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
e2eb5ca8f6 target/riscv: Don't allow guest to write to htinst
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: ca5359fec6b2aff851eef3b3bc4b53cb5d4ad194.1597259519.git.alistair.francis@wdc.com
Message-Id: <ca5359fec6b2aff851eef3b3bc4b53cb5d4ad194.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:36 -07:00
Alistair Francis
29b3361b14 target/riscv: Do two-stage lookups on hlv/hlvx/hsv instructions
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 024ad8a594fb2feaf0950fbfad1508cfa82ce7f0.1597259519.git.alistair.francis@wdc.com
Message-Id: <024ad8a594fb2feaf0950fbfad1508cfa82ce7f0.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Alistair Francis
8c5362acb5 target/riscv: Allow generating hlv/hlvx/hsv instructions
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 477c864312280ea55a98dc84cb01d826751b6c14.1597259519.git.alistair.francis@wdc.com
Message-Id: <477c864312280ea55a98dc84cb01d826751b6c14.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Alistair Francis
5a894dd770 target/riscv: Allow setting a two-stage lookup in the virt status
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 08cdefb171b1bdb0c9e3151c509aaadefc3dcd3e.1597259519.git.alistair.francis@wdc.com
Message-Id: <08cdefb171b1bdb0c9e3151c509aaadefc3dcd3e.1597259519.git.alistair.francis@wdc.com>
2020-08-25 09:11:35 -07:00
Peter Maydell
44423107e7 target/xtensa updates for 5.2:
- add NMI support;
 - add DFPU option implementation;
 - update FPU tests to support both FPU2000 and DFPU;
 - add example cores with FPU2000 and DFPU.
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCgAxFiEEK2eFS5jlMn3N6xfYUfnMkfg/oEQFAl9AKgETHGpjbXZia2Jj
 QGdtYWlsLmNvbQAKCRBR+cyR+D+gRHjID/wJbhb8AyiCSXNbUZWRr8tOVqYjLm3I
 RJjiXC1rxHcUIod6OQjUyrr8exzaR9zQazI1oBJtOCFtlQeBgfC3r6T74QnLMb7F
 0dhQ1CseiTl0kecJqcDfhl8Y4FtUshMeu91+jwlff68mS1BFYdZVWDstmB1HeDfN
 xkxOD0I4/Ppkpu82UhCKJ9WhTtuBa0/krtgOaUQNWBXEmFtMGJb4mrZT+Ph2Tw25
 9+LNPluyJ6ZrTDjDOMBsOReXqpz/I+1JbyOZ1Z0i8LzqOFfpGixN17BxSBc/j59V
 sb+xrZjKb/V1jJWJX31feQhwHPK2OHzmTUfx3JzUDh+Y8TNG8s7XtsA2BYX0vV8F
 Zm9107KbKOvF7wJ52g+cXp2EbFquje4/q6QoH7mQ9iXgXoXeTTUwXHxfIXzmIgqP
 Raj2evTWK0r1P/jzGaBFKqBoQ7ixGIJELQHJaTckYDK71oICSPYzp9A/iNr1a7Sh
 xvgU9KhAt3cWDRAa6apup5bk/mwHlr71Ue4w0pk3WG46Zry1Qiti/nSD8v7gTKTs
 oNGbYiZgQXAIw9V2m/UZgN3BEQI7Y4vr889LCySEhhYkVWFvhHIVjYYZFJ8KVtGs
 LH5Nlm904Ix3piU7I41pISe8DeD7VhW1QpSD5BIpBMnsftXun9y/bF8sR67PV36J
 xSht7off0nw7/g==
 =8N7r
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/xtensa/tags/20200821-xtensa' into staging

target/xtensa updates for 5.2:

- add NMI support;
- add DFPU option implementation;
- update FPU tests to support both FPU2000 and DFPU;
- add example cores with FPU2000 and DFPU.

# gpg: Signature made Fri 21 Aug 2020 21:09:37 BST
# gpg:                using RSA key 2B67854B98E5327DCDEB17D851F9CC91F83FA044
# gpg:                issuer "jcmvbkbc@gmail.com"
# gpg: Good signature from "Max Filippov <filippov@cadence.com>" [unknown]
# gpg:                 aka "Max Filippov <max.filippov@cogentembedded.com>" [full]
# gpg:                 aka "Max Filippov <jcmvbkbc@gmail.com>" [full]
# Primary key fingerprint: 2B67 854B 98E5 327D CDEB  17D8 51F9 CC91 F83F A044

* remotes/xtensa/tags/20200821-xtensa: (24 commits)
  target/xtensa: import DSP3400 core
  target/xtensa: import de233_fpu core
  tests/tcg/xtensa: add DFP0 arithmetic tests
  tests/tcg/xtensa: test double precision load/store
  tests/tcg/xtensa: add fp0 div and sqrt tests
  tests/tcg/xtensa: update test_lsc for DFPU
  tests/tcg/xtensa: update test_fp1 for DFPU
  tests/tcg/xtensa: update test_fp0_conv for DFPU
  tests/tcg/xtensa: expand madd tests
  tests/tcg/xtensa: update test_fp0_arith for DFPU
  tests/tcg/xtensa: fix test execution on ISS
  target/xtensa: implement FPU division and square root
  target/xtensa: add DFPU registers and opcodes
  target/xtensa: add DFPU option
  target/xtensa: don't access BR regfile directly
  target/xtensa: move FSR/FCR register accessors
  target/xtensa: rename FPU2000 translators and helpers
  target/xtensa: support copying registers up to 64 bits wide
  target/xtensa: add geometry to xtensa_get_regfile_by_name
  softfloat: add xtensa specialization for pickNaNMulAdd
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-24 19:55:23 +01:00
Peter Maydell
df82aa7fe1 For upstream.
-----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEErET+3BT38evtv0FRKcWWeA9ryoMFAl9DjiYACgkQKcWWeA9r
 yoMrawf/dMnTnm+O60zaXvEiaYg5i5/qUo/yasudM8jfU+Ts1rpDrBKr8eEG1Laf
 aHfeoBgLIpzQmtDfaK0jNDFM1HwkBcgQMQXAgv69WDeKfxrj04qTIUa9pxdIi9Sc
 0Gm+wCWtO3xhR9bLyV41kHx4obpMy/mdPcMtGwe6Ij3o1xzNcpZQDIj1S1MlTavh
 uEapALr8bbn7R6PgspqxLEKENHT79PVWG4te8YjSAf51rjMVsMaVrNW9NyEvb54X
 82htm9jbC6ZOcKz6MsuPLAInRnH+XIkEQXYioANbvvx14O9D4oLaLyFJHTZ+uwVh
 stMXybzOB//jEweLZVhFVib3bjvoeg==
 =KXDR
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/edgar/tags/edgar/xilinx-next-2020-08-24.for-upstream' into staging

For upstream.

# gpg: Signature made Mon 24 Aug 2020 10:53:42 BST
# gpg:                using RSA key AC44FEDC14F7F1EBEDBF415129C596780F6BCA83
# gpg: Good signature from "Edgar E. Iglesias (Xilinx key) <edgar.iglesias@xilinx.com>" [unknown]
# gpg:                 aka "Edgar E. Iglesias <edgar.iglesias@gmail.com>" [full]
# Primary key fingerprint: AC44 FEDC 14F7 F1EB EDBF  4151 29C5 9678 0F6B CA83

* remotes/edgar/tags/edgar/xilinx-next-2020-08-24.for-upstream:
  microblaze: petalogix-s3adsp1800: Add device-tree source
  microblaze: petalogix-ml605: Add device-tree source
  target/microblaze: mbar: Trap sleeps from user-space
  configure: microblaze: Enable mttcg
  target/microblaze: swx: Use atomic_cmpxchg
  target/microblaze: mbar: Add support for data-access barriers
  target/microblaze: mbar: Move LOG_DIS to before sleep
  target/microblaze: mbar: Transfer dc->rd to mbar_imm

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-24 14:54:17 +01:00
Peter Maydell
07d914cb94 target-arm queue:
* hw/cpu/a9mpcore: Verify the machine use Cortex-A9 cores
  * hw/arm/smmuv3: Implement SMMUv3.2 range-invalidation
  * docs/system/arm: Document the Xilinx Versal Virt board
  * target/arm: Make M-profile NOCP take precedence over UNDEF
  * target/arm: Use correct FPST for VCMLA, VCADD on fp16
  * target/arm: Various cleanups preparing for fp16 support
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl9DjKIZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3q/4D/wKOkDqzAztjudA9Iftaab3
 fdSbMmyjBzbe7XIGFpp5jq5qIcST8mh/0uxXP8w/QCnj15PAYgnleJsssCLfGZ9D
 gRld/aLMLpk+R0kreUF1vsBZct7/joN0McokQe/1PP5zxm99Psu8rfT0r2qZcZ6U
 vm5PHh4VdIfCwIvnLb+5iB8l6Yw4h2nS1295tCK1+cjVeUi/oglJ4iYaicboStvv
 oOhyViixcT1qmBXIitrQwisEwrwyhJW0jQYj5nhD0RBjZgMixm92vjciR1wtYIBZ
 QVzNvH354++zawnltcXG6ZO7Lyg+DSPZ5S13+KFqFqRJ+ZMj6a6/uZ3IRo3HGdeY
 ZcO1dBN8xTptsYnTQch1r09xcIL7VAKOL+SrIR1P0udZO64laaLaHtfCyRsExdb4
 aoPBfURwtw84aTiEoVuBDQp/v53XvDd700NgSFtrQBbxBR/WT+Jax+jXOWwsDzYr
 O/0DD7vl5NJ8Xpv5ezYG0oRU7jG+qZ9ziJzJKbzw+3XYyr6QsSbSN05Op+J/2Dj7
 tuRZgjDf8uQysbfioW4w3UlfpzIE/UUpV1mjVKjrw1HJ4Nsk2arpROtvl7Wcfm21
 JK1daHqXrGGb1nCyBUFJvXwlGnbSheiSAfrCnm1/Umqy6CWa0v4SMN58FqEcVYtL
 H3F9PGd4HrRu4SQwEba70Q==
 =cuKX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200824' into staging

target-arm queue:
 * hw/cpu/a9mpcore: Verify the machine use Cortex-A9 cores
 * hw/arm/smmuv3: Implement SMMUv3.2 range-invalidation
 * docs/system/arm: Document the Xilinx Versal Virt board
 * target/arm: Make M-profile NOCP take precedence over UNDEF
 * target/arm: Use correct FPST for VCMLA, VCADD on fp16
 * target/arm: Various cleanups preparing for fp16 support

# gpg: Signature made Mon 24 Aug 2020 10:47:14 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20200824: (27 commits)
  target/arm: Use correct FPST for VCMLA, VCADD on fp16
  target/arm: Implement FPST_STD_F16 fpstatus
  target/arm: Make A32/T32 use new fpstatus_ptr() API
  target/arm: Replace A64 get_fpstatus_ptr() with generic fpstatus_ptr()
  target/arm: Delete unused ARM_FEATURE_CRC
  target/arm/translate.c: Delete/amend incorrect comments
  target/arm: Delete unused VFP_DREG macros
  target/arm: Remove ARCH macro
  target/arm: Convert T32 coprocessor insns to decodetree
  target/arm: Do M-profile NOCP checks early and via decodetree
  target/arm: Tidy up disas_arm_insn()
  target/arm: Convert A32 coprocessor insns to decodetree
  target/arm: Separate decode from handling of coproc insns
  target/arm: Pull handling of XScale insns out of disas_coproc_insn()
  docs/system/arm: Document the Xilinx Versal Virt board
  hw/arm/smmuv3: Advertise SMMUv3.2 range invalidation
  hw/arm/smmuv3: Support HAD and advertise SMMUv3.1 support
  hw/arm/smmuv3: Let AIDR advertise SMMUv3.0 support
  hw/arm/smmuv3: Fix IIDR offset
  hw/arm/smmuv3: Get prepared for range invalidation
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-24 12:13:09 +01:00
Peter Maydell
b34aa5129e target/arm: Use correct FPST for VCMLA, VCADD on fp16
When we implemented the VCMLA and VCADD insns we put in the
code to handle fp16, but left it using the standard fp status
flags. Correct them to use FPST_STD_F16 for fp16 operations.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200806104453.30393-5-peter.maydell@linaro.org
2020-08-24 10:15:12 +01:00
Peter Maydell
aaae563bc7 target/arm: Implement FPST_STD_F16 fpstatus
Architecturally, Neon FP16 operations use the "standard FPSCR" like
all other Neon operations.  However, this is defined in the Arm ARM
pseudocode as "a fixed value, except that FZ16 (and AHP) follow the
FPSCR bits". In QEMU, the softfloat float_status doesn't include
separate flush-to-zero for FP16 operations, so we must keep separate
fp_status for "Neon non-FP16" and "Neon fp16" operations, in the
same way we do already for the non-Neon "fp_status" vs "fp_status_f16".

Add the extra float_status field to the CPU state structure,
ensure it is correctly initialized and updated on FPSCR writes,
and make fpstatus_ptr(FPST_STD_F16) return a pointer to it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200806104453.30393-4-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
a84d1d1316 target/arm: Make A32/T32 use new fpstatus_ptr() API
Make A32/T32 code use the new fpstatus_ptr() API:
 get_fpstatus_ptr(0) -> fpstatus_ptr(FPST_FPCR)
 get_fpstatus_ptr(1) -> fpstatus_ptr(FPST_STD)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200806104453.30393-3-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
cdfb22bb73 target/arm: Replace A64 get_fpstatus_ptr() with generic fpstatus_ptr()
We currently have two versions of get_fpstatus_ptr(), which both take
an effectively boolean argument:
 * the one for A64 takes "bool is_f16" to distinguish fp16 from other ops
 * the one for A32/T32 takes "int neon" to distinguish Neon from other ops

This is confusing, and to implement ARMv8.2-FP16 the A32/T32 one will
need to make a four-way distinction between "non-Neon, FP16",
"non-Neon, single/double", "Neon, FP16" and "Neon, single/double".
The A64 version will then be a strict subset of the A32/T32 version.

To clean this all up, we want to go to a single implementation which
takes an enum argument with values FPST_FPCR, FPST_STD,
FPST_FPCR_F16, and FPST_STD_F16.  We rename the function to
fpstatus_ptr() so that unconverted code gets a compilation error
rather than silently passing the wrong thing to the new function.

This commit implements that new API, and converts A64 to use it:
 get_fpstatus_ptr(false) -> fpstatus_ptr(FPST_FPCR)
 get_fpstatus_ptr(true) -> fpstatus_ptr(FPST_FPCR_F16)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200806104453.30393-2-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
cf6303d262 target/arm: Delete unused ARM_FEATURE_CRC
In commit 962fcbf2ef we converted the uses of the
ARM_FEATURE_CRC bit to use the aa32_crc32 isar_feature test
instead. However we forgot to remove the now-unused definition
of the feature name in the enum. Delete it now.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200805210848.6688-1-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
8b4c9a50dc target/arm/translate.c: Delete/amend incorrect comments
In arm_tr_init_disas_context() we have a FIXME comment that suggests
"cpu_M0 can probably be the same as cpu_V0".  This isn't in fact
possible: cpu_V0 is used as a temporary inside gen_iwmmxt_shift(),
and that function is called in various places where cpu_M0 contains a
live value (i.e.  between gen_op_iwmmxt_movq_M0_wRn() and
gen_op_iwmmxt_movq_wRn_M0() calls).  Remove the comment.

We also have a comment on the declarations of cpu_V0/V1/M0 which
claims they're "for efficiency".  This isn't true with modern TCG, so
replace this comment with one which notes that they're only used with
the iwmmxt decode.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803132815.3861-1-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
e60527c5d5 target/arm: Delete unused VFP_DREG macros
As part of the Neon decodetree conversion we removed all
the uses of the VFP_DREG macros, but forgot to remove the
macro definitions. Do so now.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-id: 20200803124848.18295-1-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
ce51c7f522 target/arm: Remove ARCH macro
The ARCH() macro was used a lot in the legacy decoder, but
there are now just two uses of it left. Since a macro which
expands out to a goto is liable to be confusing when reading
code, replace the last two uses with a simple open-coded
qeuivalent.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-8-peter.maydell@linaro.org
2020-08-24 10:15:11 +01:00
Peter Maydell
4c498dcfd8 target/arm: Convert T32 coprocessor insns to decodetree
Convert the T32 coprocessor instructions to decodetree.
As with the A32 conversion, this corrects an underdecoding
where we did not check that MRRC/MCRR [24:21] were 0b0010
and so treated some kinds of LDC/STC and MRRC/MCRR rather
than UNDEFing them.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-7-peter.maydell@linaro.org
2020-08-24 10:15:08 +01:00
Peter Maydell
a3494d4671 target/arm: Do M-profile NOCP checks early and via decodetree
For M-profile CPUs, the architecture specifies that the NOCP
exception when a coprocessor is not present or disabled should cover
the entire wide range of coprocessor-space encodings, and should take
precedence over UNDEF exceptions.  (This is the opposite of
A-profile, where checking for a disabled FPU has to happen last.)

Implement this with decodetree patterns that cover the specified
ranges of the encoding space.  There are a few instructions (VLLDM,
VLSTM, and in v8.1 also VSCCLRM) which are in copro-space but must
not be NOCP'd: these must be handled also in the new m-nocp.decode so
they take precedence.

This is a minor behaviour change: for unallocated insn patterns in
the VFP area (cp=10,11) we will now NOCP rather than UNDEF when the
FPU is disabled.

As well as giving us the correct architectural behaviour for v8.1M
and the recommended behaviour for v8.0M, this refactoring also
removes the old NOCP handling from the remains of the 'legacy
decoder' in disas_thumb2_insn(), paving the way for cleaning that up.

Since we don't currently have a v8.1M feature bit or any v8.1M CPUs,
the minor changes to this logic that we'll need for v8.1M are marked
up with TODO comments.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-6-peter.maydell@linaro.org
2020-08-24 10:05:12 +01:00
Peter Maydell
8198c071bc target/arm: Tidy up disas_arm_insn()
The only thing left in the "legacy decoder" is the handling
of disas_xscale_insn(), and we can simplify the code.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-5-peter.maydell@linaro.org
2020-08-24 10:02:07 +01:00
Peter Maydell
cd8be50e58 target/arm: Convert A32 coprocessor insns to decodetree
Convert the A32 coprocessor instructions to decodetree.

Note that this corrects an underdecoding: for the 64-bit access case
(MRRC/MCRR) we did not check that bits [24:21] were 0b0010, so we
would incorrectly treat LDC/STC as MRRC/MCRR rather than UNDEFing
them.

The decodetree versions of these insns assume the coprocessor
is in the range 0..7 or 14..15. This is architecturally sensible
(as per the comments) and OK in practice for QEMU because the only
uses of the ARMCPRegInfo infrastructure we have that aren't
for coprocessors 14 or 15 are the pxa2xx use of coprocessor 6.
We add an assertion to the define_one_arm_cp_reg_with_opaque()
function to catch any accidental future attempts to use it to
define coprocessor registers for invalid coprocessors.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-4-peter.maydell@linaro.org
2020-08-24 10:02:07 +01:00
Peter Maydell
19c23a9baa target/arm: Separate decode from handling of coproc insns
As a prelude to making coproc insns use decodetree, split out the
part of disas_coproc_insn() which does instruction decoding from the
part which does the actual work, and make do_coproc_insn() handle the
UNDEF-on-bad-permissions and similar cases itself rather than
returning 1 to eventually percolate up to a callsite that calls
unallocated_encoding() for it.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-3-peter.maydell@linaro.org
2020-08-24 10:02:06 +01:00
Peter Maydell
7b4f933db8 target/arm: Pull handling of XScale insns out of disas_coproc_insn()
At the moment we check for XScale/iwMMXt insns inside
disas_coproc_insn(): for CPUs with ARM_FEATURE_XSCALE all copro insns
with cp 0 or 1 are handled specially.  This works, but is an odd
place for this check, because disas_coproc_insn() is called from both
the Arm and Thumb decoders but the XScale case never applies for
Thumb (all the XScale CPUs were ARMv5, which has only Thumb1, not
Thumb2 with the 32-bit coprocessor insn encodings).  It also makes it
awkward to convert the real copro access insns to decodetree.

Move the identification of XScale out to its own function
which is only called from disas_arm_insn().

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200803111849.13368-2-peter.maydell@linaro.org
2020-08-24 10:02:06 +01:00
Edgar E. Iglesias
b4919e7dd3 target/microblaze: mbar: Trap sleeps from user-space
Trap mbar-sleeps from user-space.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reported-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2020-08-24 10:47:27 +02:00
Edgar E. Iglesias
071cdc67db target/microblaze: swx: Use atomic_cmpxchg
Use atomic_cmpxchg to implement the atomic cmpxchg sequence.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2020-08-24 10:47:27 +02:00
Edgar E. Iglesias
3f17274491 target/microblaze: mbar: Add support for data-access barriers
Add support for data-access barriers.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2020-08-24 10:47:27 +02:00
Edgar E. Iglesias
6f3c458baf target/microblaze: mbar: Move LOG_DIS to before sleep
Move LOG_DIS log to before sleeping handling so that it logs
for sleep instructions aswell.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2020-08-24 10:47:27 +02:00
Edgar E. Iglesias
badcbf9d30 target/microblaze: mbar: Transfer dc->rd to mbar_imm
Transfer dc->rd to mbar_imm to improve the readability when
comparing to the specs.

No functional change.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2020-08-24 10:47:27 +02:00
Peter Maydell
dd8014e4e9 ppc patch queue 2020-08-18
Here's my first pull request for qemu-5.2, which has quite a few
 accumulated things.  Highlights are:
 
  * Preliminary support for POWER10 (Power ISA 3.1) instruction emulation
  * Add documentation on the (very confusing) pseries NUMA configuration
  * Fix some bugs handling edge cases with XICS, XIVE and kernel_irqchip
  * Fix icount for a number of POWER registers
  * Many cleanups to error handling in XIVE code
  * Validate size of -prom-env data
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEdfRlhq5hpmzETofcbDjKyiDZs5IFAl87VpwACgkQbDjKyiDZ
 s5LjIxAAs8YAQe3uDRz1Wb9GftoMmEHdq7JQoO0FbXDQIVXzpTAXmFLSBtCWKl6p
 O1MEIy/o48b5ORXJqSDSA5LgxbHxYfHdIPEY5Tbn/TGvTvKyCukx9n11milUG8In
 JxRrOTQBnQAAHkLoyuZyrWKOauC0N1scNrnX9Geuid13GcmqHg1d2alXAUu8jEeC
 HSiVmtMqqyyqTx2xA4vfhaGuuwTthnKNfbGdg9ksVqBsCW+etn6ZKGImt8hBe3qO
 5iqbQZvFbkpzgbjkhDzUDM6tmUAFN55y/Y+y7I8Tz4/IX7d3WbdqpplwrXXVWkpq
 2gcBBjQ/9a1hPTBRVN9jn4CvHfhILBfeHIElUiLpSTQZQQALymTnnI2pLCgKoEFX
 LcchXbjiX+pZ2OJnAijpwBcknjgT2U/ZNyiqHJfSQ6jzlYx1YtUf4xGUsgloSiK8
 9QDK8o2k0Cm8Be+lPMBMmTctoi8bq+8SN5UUF710WQL235J58o9+z1vuGO2HVk3x
 flBtv/+B890wcCDpGU80DPs/LSzR0xTTbA5JsWft2fvO569mda0MoWkJH5w6jvSc
 ZLYqljCzFCVW+tKiGHzaBalJaMwn0+QMDTsxzP3yTt5LmmEeRXpBELgvrW64IobD
 xBeryH3nG4SwxFSJq+4ATfvUzjy/Eo58lTTl6c53Ji8/D3aFwsA=
 =L9Wi
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgibson/tags/ppc-for-5.2-20200818' into staging

ppc patch queue 2020-08-18

Here's my first pull request for qemu-5.2, which has quite a few
accumulated things.  Highlights are:

 * Preliminary support for POWER10 (Power ISA 3.1) instruction emulation
 * Add documentation on the (very confusing) pseries NUMA configuration
 * Fix some bugs handling edge cases with XICS, XIVE and kernel_irqchip
 * Fix icount for a number of POWER registers
 * Many cleanups to error handling in XIVE code
 * Validate size of -prom-env data

# gpg: Signature made Tue 18 Aug 2020 05:18:36 BST
# gpg:                using RSA key 75F46586AE61A66CC44E87DC6C38CACA20D9B392
# gpg: Good signature from "David Gibson <david@gibson.dropbear.id.au>" [full]
# gpg:                 aka "David Gibson (Red Hat) <dgibson@redhat.com>" [full]
# gpg:                 aka "David Gibson (ozlabs.org) <dgibson@ozlabs.org>" [full]
# gpg:                 aka "David Gibson (kernel.org) <dwg@kernel.org>" [unknown]
# Primary key fingerprint: 75F4 6586 AE61 A66C C44E  87DC 6C38 CACA 20D9 B392

* remotes/dgibson/tags/ppc-for-5.2-20200818: (40 commits)
  spapr/xive: Use xive_source_esb_len()
  nvram: Exit QEMU if NVRAM cannot contain all -prom-env data
  spapr/xive: Simplify error handling of kvmppc_xive_cpu_synchronize_state()
  ppc/xive: Simplify error handling in xive_tctx_realize()
  spapr/xive: Simplify error handling in kvmppc_xive_connect()
  ppc/xive: Fix error handling in vmstate_xive_tctx_*() callbacks
  spapr/xive: Fix error handling in kvmppc_xive_post_load()
  spapr/kvm: Fix error handling in kvmppc_xive_pre_save()
  spapr/xive: Rework error handling of kvmppc_xive_set_source_config()
  spapr/xive: Rework error handling in kvmppc_xive_get_queues()
  spapr/xive: Rework error handling of kvmppc_xive_[gs]et_queue_config()
  spapr/xive: Rework error handling of kvmppc_xive_cpu_[gs]et_state()
  spapr/xive: Rework error handling of kvmppc_xive_mmap()
  spapr/xive: Rework error handling of kvmppc_xive_source_reset()
  spapr/xive: Rework error handling of kvmppc_xive_cpu_connect()
  spapr: Simplify error handling in spapr_phb_realize()
  spapr/xive: Convert KVM device fd checks to assert()
  ppc/xive: Introduce dedicated kvm_irqchip_in_kernel() wrappers
  ppc/xive: Rework setup of XiveSource::esb_mmio
  target/ppc: Integrate icount to purr, vtb, and tbu40
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-24 09:35:21 +01:00
Peter Maydell
152be6de91 The first RISC-V PR for the 5.2 window.
This includes:
  - NaNBox fixes
  - Vector extension improvements
  - a L2 cache controller
  - PMP fixes
  - Upgrade to OpenSBI v0.8 and the generic platform
  - Fixes for the Ibex PLIC
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAl9Ar0oACgkQIeENKd+X
 cFSxZQgAohfo4YEv8i74anCsArSMacyRcZj7gPb3CyHaJcKXgBjSvyWtAbtMVX6n
 sVXLPE1u7jSgLqEYDqZHgqnTY5CRIkEF1F8h8l+Sz9W7InDLfYchbkNHTQ2FYaXj
 MnGBCHlkoOXawWKmubQIpVSrb3qMw3lzO+sglAwyut+eqao4uGBf8C4aBDRBs9Ks
 FLq4cKajAnzH7LjkQuj4YH2N3bj2WsBm1yt/B8NaYHBYwoyV/NJGfK/3yjBnqfGb
 mZWLXncNiikoVR1cJXTz+mTfRs7UMtsSUkdBSsyMUTDPBqfQrR7ABxxu0SzKd3+N
 xF9DS9qPk9aQlsAvqNP4N14rnS1I+g==
 =RJ3z
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20200821-1' into staging

The first RISC-V PR for the 5.2 window.

This includes:
 - NaNBox fixes
 - Vector extension improvements
 - a L2 cache controller
 - PMP fixes
 - Upgrade to OpenSBI v0.8 and the generic platform
 - Fixes for the Ibex PLIC

# gpg: Signature made Sat 22 Aug 2020 06:38:18 BST
# gpg:                using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8  CE8F 21E1 0D29 DF97 7054

* remotes/alistair/tags/pull-riscv-to-apply-20200821-1:
  hw/intc: ibex_plic: Honour source priorities
  hw/intc: ibex_plic: Don't allow repeat interrupts on claimed lines
  hw/intc: ibex_plic: Update the pending irqs
  target/riscv: Change the TLB page size depends on PMP entries.
  target/riscv: Fix the translation of physical address
  gitlab-ci/opensbi: Update GitLab CI to build generic platform
  hw/riscv: spike: Change the default bios to use generic platform image
  hw/riscv: Use pre-built bios image of generic platform for virt & sifive_u
  roms/Makefile: Build the generic platform for RISC-V OpenSBI firmware
  roms/opensbi: Upgrade from v0.7 to v0.8
  configure: Create symbolic links for pc-bios/*.elf files
  riscv: Fix bug in setting pmpcfg CSR for RISCV64
  hw/riscv: sifive_u: Add a dummy L2 cache controller device
  target/riscv: check before allocating TCG temps
  target/riscv: Clean up fmv.w.x
  target/riscv: Check nanboxed inputs in trans_rvf.inc.c
  target/riscv: Check nanboxed inputs to fp helpers
  target/riscv: Generate nanboxed results from trans_rvf.inc.c
  target/riscv: Generalize gen_nanbox_fpr to gen_nanbox_s
  target/riscv: Generate nanboxed results from fp helpers

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-23 11:38:52 +01:00
Zong Li
af3fc195e3 target/riscv: Change the TLB page size depends on PMP entries.
The minimum granularity of PMP is 4 bytes, it is small than 4KB page
size, therefore, the pmp checking would be ignored if its range doesn't
start from the alignment of one page. This patch detects the pmp entries
and sets the small page size to TLB if there is a PMP entry which cover
the page size.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <6b0bf48662ef26ab4c15381a08e78a74ebd7ca79.1595924470.git.zong.li@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Zong Li
9ef82119b1 target/riscv: Fix the translation of physical address
The real physical address should add the 12 bits page offset. It also
causes the PMP wrong checking due to the minimum granularity of PMP is
4 byte, but we always get the physical address which is 4KB alignment,
that means, we always use the start address of the page to check PMP for
all addresses which in the same page.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <370a983d0f9e8a9a927b9bb8af5e7bc84b1bf9b1.1595924470.git.zong.li@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Hou Weiying
fdd33b86b2 riscv: Fix bug in setting pmpcfg CSR for RISCV64
First, sizeof(target_ulong) equals to 4 on riscv32, so this change
does not change the function on riscv32. Second, sizeof(target_ulong)
equals to 8 on riscv64, and 'reg_index * 8 + i' is not a legal
pmp_index (we will explain later), which should be 'reg_index * 4 + i'.

If the parameter reg_index equals to 2 (means that we will change the
value of pmpcfg2, or the second pmpcfg on riscv64), then
pmpcfg_csr_write(env, 2, val) will map write tasks to
pmp_write_cfg(env, 2 * 8 + [0...7], val). However, no cfg csr is indexed
by value 16 or 23 on riscv64, so we consider it as a bug.

We are looking for constant (e.g., define a new constant named
RISCV_WORD_SIZE) in QEMU to help others understand code better,
but none was found. A possible good explanation of this literal is it is
the minimum word length on riscv is 4 bytes (32 bit).

Signed-off-by: Hongzheng-Li <Ethan.Lee.QNL@gmail.com>
Signed-off-by: Hou Weiying <weiying_hou@outlook.com>
Signed-off-by: Myriad-Dreamin <camiyoru@gmail.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <SG2PR02MB263420036254AC8841F66CE393460@SG2PR02MB2634.apcprd02.prod.outlook.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
LIU Zhiwei
ec80f87459 target/riscv: check before allocating TCG temps
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200626205917.4545-5-zhiwei_liu@c-sky.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200724002807.441147-8-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
LIU Zhiwei
6e0229e638 target/riscv: Clean up fmv.w.x
Use tcg_gen_extu_tl_i64 to avoid the ifdef.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200626205917.4545-7-zhiwei_liu@c-sky.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200724002807.441147-7-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Richard Henderson
ffe70e4dfc target/riscv: Check nanboxed inputs in trans_rvf.inc.c
If a 32-bit input is not properly nanboxed, then the input is replaced
with the default qnan.  The only inline expansion is for the sign-changing
set of instructions: FSGNJ.S, FSGNJX.S, FSGNJN.S.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Message-Id: <20200724002807.441147-6-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Richard Henderson
00e925c560 target/riscv: Check nanboxed inputs to fp helpers
If a 32-bit input is not properly nanboxed, then the input is
replaced with the default qnan.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Message-Id: <20200724002807.441147-5-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Richard Henderson
40eaa47361 target/riscv: Generate nanboxed results from trans_rvf.inc.c
Make sure that all results from inline single-precision scalar
operations are properly nan-boxed to 64-bits.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Message-Id: <20200724002807.441147-4-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Richard Henderson
d36a86d01e target/riscv: Generalize gen_nanbox_fpr to gen_nanbox_s
Do not depend on the RVD extension, take input and output via
TCGv_i64 instead of fpu regno.  Move the function to translate.c
so that it can be used in multiple trans_*.inc.c files.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Message-Id: <20200724002807.441147-3-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Richard Henderson
9921e3d330 target/riscv: Generate nanboxed results from fp helpers
Make sure that all results from single-precision scalar helpers
are properly nan-boxed to 64-bits.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Message-Id: <20200724002807.441147-2-richard.henderson@linaro.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-08-21 22:37:55 -07:00
Max Filippov
c621b4142b target/xtensa: import DSP3400 core
DSP3400 is a DSP core with FPU2000 option.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:56:45 -07:00
Max Filippov
79bc0fb5f1 target/xtensa: import de233_fpu core
de233_fpu is a variant of 233L core with double precision FPU.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:53:48 -07:00
Max Filippov
f8c6137016 target/xtensa: implement FPU division and square root
This does not implement all opcodes related to div/sqrt as specified in
the xtensa ISA, partly because the official specification is not
complete and partly because precise implementation is unnecessarily
complex. Instead instructions specific to the div/sqrt sequences are
implemented differently, most of them as nops, but the results of
div/sqrt sequences is preserved.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
cfa9f05181 target/xtensa: add DFPU registers and opcodes
DFPU may be configured with 32-bit or with 64-bit registers. Xtensa ISA
does not specify how single-precision values are stored in 64-bit
registers. Existing implementations store them in the low half of the
registers.
Add value extraction and write back to single-precision opcodes.
Add new double precision opcodes. Add 64-bit register file.
Add 64-bit values dumping to the xtensa_cpu_dump_state.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
de6b55cbda target/xtensa: add DFPU option
Double precision floating point unit is a FPU implementation different
from the FPU2000 in the following ways:
- it may be configured with only single or with both single and double
  precision operations support;
- it may be configured with division and square root opcodes;
- FSR register accumulates inValid, division by Zero, Overflow,
  Underflow and Inexact result flags of operations;
- QNaNs and SNaNs are handled properly;
- NaN propagation rules are different.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
5dbb4c96d5 target/xtensa: don't access BR regfile directly
BR registers used in FPU comparison opcodes are available as opcode
arguments for translators. Use them. This simplifies comparison helpers
interface and makes them usable in FLIX bundles.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
ff35a7d1a1 target/xtensa: move FSR/FCR register accessors
Move FSR/FCR register accessors from core opcodes to FPU2000 opcodes as
they are FPU2000-specific.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
5680f20756 target/xtensa: rename FPU2000 translators and helpers
Add _s suffix to all FPU2000 opcode translators and helpers that also
have double-precision variant to unify naming and allow adding DFPU
implementations. Add _fpu2k_ to the names of helpers that will have
different implementation for the DFPU .

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
ed07f685ad target/xtensa: support copying registers up to 64 bits wide
FLIX dependency breaking code assumes that all registers are 32 bit
wide. This may not always be correct.
Extract actual register width from the associated register file and use
it to create temporaries of correct width and generate correct data
movement instructions.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
ee659da21a target/xtensa: add geometry to xtensa_get_regfile_by_name
Register file name may not uniquely identify a register file in the set
of configurations. E.g. floating point registers may have different size
in different configurations. Use register file geometry as additional
identifier.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:15 -07:00
Max Filippov
a7d479ee51 target/xtensa: implement NMI support
When NMI is configured it is taken regardless of INTENABLE SR contents,
PS.INTLEVEL or PS.EXCM. It is cleared automatically once it's taken.

Add nmi_level to XtensaConfig, puth there NMI level from the overlay or
XCHAL_NUM_INTLEVELS + 1 when NMI is not configured. Add NMI mask to
INTENABLE SR and limit CINTLEVEL to nmi_level - 1 when determining
pending IRQ level in check_interrupt(). Always take and clear pending
interrupt at nmi_level in the handle_interrupt().

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:14 -07:00
Max Filippov
91dc2b2d12 target/xtensa: make opcode properties more dynamic
There's XtensaOpcodeOps::test_ill that is used to check whether opcode
generates illegal opcode exception or not. The illegal opcode exception
is not special and so this callback can be generalized to provide any
XTENSA_OP_* flags that are not completely static.
Introduce XtensaOpcodeOps::test_exceptions and convert all test_ill
users to test_exceptions.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
2020-08-21 12:48:14 -07:00
Paolo Bonzini
73173177ac target/s390x: fix meson.build issue
files() is needed to avoid

../meson.build:977:2: ERROR: File tcg-stub.c does not exist.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 11:55:13 -04:00
Paolo Bonzini
64ed6f92ff meson: link emulators without Makefile.target
The binaries move to the root directory, e.g. qemu-system-i386 or
qemu-arm.  This requires changes to qtests, CI, etc.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 06:30:40 -04:00
Paolo Bonzini
abff1abfe8 meson: target
Similar to hw_arch, each architecture defines two sourceset which are placed in
dictionaries target_arch and target_softmmu_arch.  These are then picked up
from there when building the per-emulator static_library.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 06:30:35 -04:00
Marc-André Lureau
d3b1848096 meson: convert target/s390x/gen-features.h
Needed by linux-user/s390x/cpu_loop.c; this removes the only use of HOST_CC.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 06:30:17 -04:00
Paolo Bonzini
0979ed017f meson: rename .inc.h files to .h.inc
Make it consistent with '.c.inc' and '.rst.inc'.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 06:18:35 -04:00
Paolo Bonzini
139c1837db meson: rename included C source files to .c.inc
With Makefiles that have automatically generated dependencies, you
generated includes are set as dependencies of the Makefile, so that they
are built before everything else and they are available when first
building the .c files.

Alternatively you can use a fine-grained dependency, e.g.

        target/arm/translate.o: target/arm/decode-neon-shared.inc.c

With Meson you have only one choice and it is a third option, namely
"build at the beginning of the corresponding target"; the way you
express it is to list the includes in the sources of that target.

The problem is that Meson decides if something is a source vs. a
generated include by looking at the extension: '.c', '.cc', '.m', '.C'
are sources, while everything else is considered an include---including
'.inc.c'.

Use '.c.inc' to avoid this, as it is consistent with our other convention
of using '.rst.inc' for included reStructuredText files.  The editorconfig
file is adjusted.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 06:18:30 -04:00
Paolo Bonzini
243af0225a trace: switch position of headers to what Meson requires
Meson doesn't enjoy the same flexibility we have with Make in choosing
the include path.  In particular the tracing headers are using
$(build_root)/$(<D).

In order to keep the include directives unchanged,
the simplest solution is to generate headers with patterns like
"trace/trace-audio.h" and place forwarding headers in the source tree
such that for example "audio/trace.h" includes "trace/trace-audio.h".

This patch is too ugly to be applied to the Makefiles now.  It's only
a way to separate the changes to the tracing header files from the
Meson rewrite of the tracing logic.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-08-21 06:18:24 -04:00
Gustavo Romero
a72c71b77d target/ppc: Integrate icount to purr, vtb, and tbu40
Currently if option '-icount auto' is passed to the QEMU TCG to enable
counting instructions the VM crashes with the following error report when
Linux runs on it:

qemu-system-ppc64: Bad icount read

This happens because read/write access to the SPRs PURR, VTB, and TBU40
is not integrated to the icount framework.

This commit fixes that issue by making the read/write access of these
SPRs aware of icount framework, adding the proper gen_io_start() calls
before calling the helpers to load/store these SPRs in TCG and ensuring
that the associated TBs end immediately after, accordingly to what's in
docs/devel/tcg-icount.rst.

Signed-off-by: Gustavo Romero <gromero@linux.ibm.com>
Message-Id: <20200811153235.4527-1-gromero@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-13 10:03:01 +10:00
Matthieu Bucchianeri
8dcdb535d7 target/ppc: Fix SPE unavailable exception triggering
When emulating certain floating point instructions or vector instructions on
PowerPC machines, QEMU did not properly generate the SPE/Embedded Floating-
Point Unavailable interrupt. See the buglink further below for references to
the relevant NXP documentation.

This patch fixes the behavior of some evfs* instructions that were
incorrectly emitting the interrupt.

More importantly, this patch fixes the behavior of several efd* and ev*
instructions that were not generating the interrupt. Triggering the
interrupt for these instructions fixes lazy FPU/vector context switching on
some operating systems like Linux.

Without this patch, the result of some double-precision arithmetic could be
corrupted due to the lack of proper saving and restoring of the upper
32-bit part of the general-purpose registers.

Buglink: https://bugs.launchpad.net/qemu/+bug/1888918
Buglink: https://bugs.launchpad.net/qemu/+bug/1611394
Signed-off-by: Matthieu Bucchianeri <matthieu.bucchianeri@leostella.com>
Message-Id: <20200727175553.32276-1-matthieu.bucchianeri@leostella.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
c4b8b49d68 target/ppc: add vmulh{su}d instructions
vmulhsd: Vector Multiply High Signed Doubleword
vmulhud: Vector Multiply High Unsigned Doubleword

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200724045845.89976-5-ljp@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
f3e0d864ab target/ppc: add vmulh{su}w instructions
vmulhsw: Vector Multiply High Signed Word
vmulhuw: Vector Multiply High Unsigned Word

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200724045845.89976-4-ljp@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
adcced8784 target/ppc: add vmulld instruction
vmulld: Vector Multiply Low Doubleword.

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-6-ljp@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
a285ffa680 target/ppc: convert vmuluwm to tcg_gen_gvec_mul
Convert the original implementation of vmuluwm to the more generic
tcg_gen_gvec_mul.

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-5-ljp@linux.ibm.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
9d69cfa2fa target/ppc: add byte-reverse br[dwh] instructions
POWER ISA 3.1 introduces following byte-reverse instructions:
brd: Byte-Reverse Doubleword X-form
brw: Byte-Reverse Word X-form
brh: Byte-Reverse Halfword X-form

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-4-ljp@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
9495edb08d target/ppc: Enable Power ISA 3.1
This patch enables the Power ISA 3.1 in QEMU.

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-3-ljp@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Lijun Pan
ca7a2fdaa1 target/ppc: Introduce Power ISA 3.1 flag
This flag will be used for Power10 instructions.

Signed-off-by: Lijun Pan <ljp@linux.ibm.com>
Message-Id: <20200701234344.91843-2-ljp@linux.ibm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Matthieu Bucchianeri
6d592c557e target/ppc: Fix TCG leak with the evmwsmiaa instruction
Fix double-call to tcg_temp_new_i64(), where a temp is allocated both at
declaration time and further down the implementation of gen_evmwsmiaa().

Note that gen_evmwsmia() and gen_evmwsmiaa() are still not implemented
correctly, as they invoke gen_evmwsmi() which may return early, but the
return is not propagated. This will be fixed in my patch for bug #1888918.

Signed-off-by: Matthieu Bucchianeri <matthieu.bucchianeri@leostella.com>
Message-Id: <20200727172114.31415-1-matthieu.bucchianeri@leostella.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-08-12 13:16:27 +10:00
Peter Maydell
a65dabf71a target/arm: Fix Rt/Rt2 in ESR_ELx for copro traps from AArch32 to 64
When a coprocessor instruction in an  AArch32 guest traps to AArch32
Hyp mode, the syndrome register (HSR) includes Rt and Rt2 fields
which are simply copies of the Rt and Rt2 fields from the trapped
instruction.  However, if the instruction is trapped from AArch32 to
an AArch64 higher exception level, the Rt and Rt2 fields in the
syndrome register (ESR_ELx) must be the AArch64 view of the register.
This makes a difference if the AArch32 guest was in a mode other than
User or System and it was using r13 or r14, or if it was in FIQ mode
and using r8-r14.

We don't know at translate time which AArch32 CPU mode we are in, so
we leave the values we generate in our prototype syndrome register
value at translate time as the raw Rt/Rt2 from the instruction, and
instead correct them to the AArch64 view when we find we need to take
an exception from AArch32 to AArch64 with one of these syndrome
values.

Fixes: https://bugs.launchpad.net/qemu/+bug/1879587
Reported-by: Julien Freche <julien@bedrocksystems.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 20200804193903.31240-1-peter.maydell@linaro.org
2020-08-05 17:31:51 +01:00
Thomas Huth
35c7f5254b target/riscv/vector_helper: Fix build on 32-bit big endian hosts
The code currently fails to compile on 32-bit big endian hosts:

 target/riscv/vector_helper.c: In function 'vext_clear':
 target/riscv/vector_helper.c:154:16: error: cast to pointer from integer
 of different size [-Werror=int-to-pointer-cast]
         memset((void *)((uintptr_t)tail & ~(7ULL)), 0, part1);
                ^
 target/riscv/vector_helper.c:155:16: error: cast to pointer from integer
 of different size [-Werror=int-to-pointer-cast]
         memset((void *)(((uintptr_t)tail + 8) & ~(7ULL)), 0, part2);
                ^
 cc1: all warnings being treated as errors

We should not use "long long" (i.e. 64-bit) values here to avoid the
problem. Switch to our QEMU_ALIGN_PTR_DOWN/UP macros instead.

Fixes: 751538d5da ("add vector stride load and store instructions")
Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20200804170055.2851-3-thuth@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2020-08-05 10:43:45 +02:00
Peter Collingbourne
d250bb19ce target/arm: Fix decode of LDRA[AB] instructions
These instructions use zero as the discriminator, not SP.

Signed-off-by: Peter Collingbourne <pcc@google.com>
Message-id: 20200804002849.30268-1-pcc@google.com
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-04 16:40:19 +01:00
Kaige Li
88a90e3de6 target/arm: Avoid maybe-uninitialized warning with gcc 4.9
GCC version 4.9.4 isn't clever enough to figure out that all
execution paths in disas_ldst() that use 'fn' will have initialized
it first, and so it warns:

/home/LiKaige/qemu/target/arm/translate-a64.c: In function ‘disas_ldst’:
/home/LiKaige/qemu/target/arm/translate-a64.c:3392:5: error: ‘fn’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
     fn(cpu_reg(s, rt), clean_addr, tcg_rs, get_mem_index(s),
     ^
/home/LiKaige/qemu/target/arm/translate-a64.c:3318:22: note: ‘fn’ was declared here
     AtomicThreeOpFn *fn;
                      ^

Make it happy by initializing the variable to NULL.

Signed-off-by: Kaige Li <likaige@loongson.cn>
Message-id: 1596110248-7366-2-git-send-email-likaige@loongson.cn
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: Clean up commit message and note which gcc version this was]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-03 17:55:04 +01:00
Richard Henderson
8796fe40dd target/arm: Fix AddPAC error indication
The definition of top_bit used in this function is one higher
than that used in the Arm ARM psuedo-code, which put the error
indication at top_bit - 1 at the wrong place, which meant that
it wasn't visible to Auth.

Fixing the definition of top_bit requires more changes, because
its most common use is for the count of bits in top_bit:bot_bit,
which would then need to be computed as top_bit - bot_bit + 1.

For now, prefer the minimal fix to the error indication alone.

Fixes: 63ff0ca94c
Reported-by: Derrick McKee <derrick.mckee@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200728195706.11087-1-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
[PMM: added comment about the divergence from the pseudocode]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-08-03 17:55:03 +01:00
Peter Maydell
3461487523 target-arm queue:
* ACPI: Assert that we don't run out of the preallocated memory
  * hw/misc/aspeed_sdmc: Fix incorrect memory size
  * target/arm: Always pass cacheattr in S1_ptw_translate
  * docs/system/arm/virt: Document 'mte' machine option
  * hw/arm/boot: Fix PAUTH, MTE for EL3 direct kernel boot
  * target/arm: Improve IMPDEF algorithm for IRG
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl8e8E4ZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3gw8D/9FeK7g1aFnqpAw5Ynar2Wa
 0nBv2p1QPMXkGecR9FlPxvLKRO6AF1twQha+9tz+nNFTmYkfJ+VGcuk6P9NJMj5M
 pYzF/hbvI7Q8sK88bNmtrkvQYL/EoSHAJSFRxPDErA9pLU1I72sTqP7m2ZLLX6P7
 LA0hys0U2lEHVwyCJ+u7uSnyr6vMpaNoq69PRYJScbk5NRY3EQ2cDCwn9DCBAZN1
 hpT/kBzJTFikf8JcxcAo6fVAgV5Uhqw6HcXu9iohDm3OFswpX4xJnV3xBzc4821A
 DmNSIYOANYNqSdQ2Q8XSKY2YBeVfay2GeQ44Xiv4nG37XdOMWf1Nlvnnz1co4JLf
 jiuYzjOmAC3Ix0D3nWi0foI3l51vOZzgPpMvY8vyXmjzs+ter8o3BKrHMcj2JM2c
 ODRUJNJ8NU1HtOL1rm+jW+tQcdiJ/fQjQ0OD42GxGOVnPJ39R8KaShIyL5q5f/Nt
 X0a5O8BcOkre5IwiasSI7HpOK6E+vofZXPPElz4tqtPuE/k/E6EuU4/dI8pygVZL
 jvBcM7qWnzqAVPC4C2RTFvQVI3PPQRaFwEwKtNu8CEMiu47DvIOtM4U0WyYIr3uN
 nsCmPEjcfNV3yq0z77w+102Ay0QQVCxaSiekCoCVF8eKjlRghGQnpBddBQL8VrNQ
 meeBVABBOVtmD8Fjq7yhHA==
 =s8n/
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200727' into staging

target-arm queue:
 * ACPI: Assert that we don't run out of the preallocated memory
 * hw/misc/aspeed_sdmc: Fix incorrect memory size
 * target/arm: Always pass cacheattr in S1_ptw_translate
 * docs/system/arm/virt: Document 'mte' machine option
 * hw/arm/boot: Fix PAUTH, MTE for EL3 direct kernel boot
 * target/arm: Improve IMPDEF algorithm for IRG

# gpg: Signature made Mon 27 Jul 2020 16:18:38 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20200727:
  target/arm: Improve IMPDEF algorithm for IRG
  hw/arm/boot: Fix MTE for EL3 direct kernel boot
  hw/arm/boot: Fix PAUTH for EL3 direct kernel boot
  docs/system/arm/virt: Document 'mte' machine option
  target/arm: Always pass cacheattr in S1_ptw_translate
  hw/misc/aspeed_sdmc: Fix incorrect memory size
  ACPI: Assert that we don't run out of the preallocated memory

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-28 18:43:48 +01:00
Richard Henderson
d4f6dda182 target/arm: Improve IMPDEF algorithm for IRG
When GCR_EL1.RRND==1, the choosing of the random value is IMPDEF,
and the kernel is not expected to have set RGSR_EL1.  Force a
non-zero value into SEED, so that we do not continually return
the same tag.

Reported-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200724163853.504655-4-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-27 16:12:11 +01:00
Richard Henderson
a6d6f37aed target/arm: Always pass cacheattr in S1_ptw_translate
When we changed the interface of get_phys_addr_lpae to require
the cacheattr parameter, this spot was missed.  The compiler is
unable to detect the use of NULL vs the nonnull attribute here.

Fixes: 7e98e21c09
Reported-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Jan Kiszka <jan.kiskza@siemens.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-27 16:12:10 +01:00
Peter Maydell
cb320a07e6 Various fixes for rc2:
- get shippable working again
   - semihosting bug fixes
   - tweak tb-size handling for low memory machines
   - i386 compound literal float fix
   - linux-user MAP_FIXED->MAP_NOREPLACE on fallback
   - docker binfmt_misc fixes
   - linux-user nanosleep fix
   - tests/vm drain console fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEZoWumedRZ7yvyN81+9DbCVqeKkQFAl8elCsACgkQ+9DbCVqe
 KkS8Sgf+KM+1J2cuCTb6r+/Rxwvo1JWIufhLArK8ZQfsdGVZpyfXAeG3b6wYbf9S
 YiSvFeGaeyCn5h4IrUgwOZ974rOdxsvm3hfQXDjnUj1RhlwJUgtJp3HZR0gFtrFj
 nVAZH4onvg4UFZcgWkXp1MIc1Uca8MulX7g8VdgO1Jy+ngLVIxT+DCsupXrvCkoC
 A5yppEQZ6TQhN/NEEumE4JlELf+XQZbSNT5TJp22TOJ2s/ujo/Qgq0Kj3CA+gwUa
 02hSG3NLORpZ1n0n+a2vPERfiG0fPc7XwTPQcWOvne/t5XUU3bRrYPyqckDcs03q
 LKEZkNmaIWyv7gM4DmqGzJUQgKIqnw==
 =KvQo
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/stsquad/tags/pull-fixes-for-rc2-270720-1' into staging

Various fixes for rc2:

  - get shippable working again
  - semihosting bug fixes
  - tweak tb-size handling for low memory machines
  - i386 compound literal float fix
  - linux-user MAP_FIXED->MAP_NOREPLACE on fallback
  - docker binfmt_misc fixes
  - linux-user nanosleep fix
  - tests/vm drain console fixes

# gpg: Signature made Mon 27 Jul 2020 09:45:31 BST
# gpg:                using RSA key 6685AE99E75167BCAFC8DF35FBD0DB095A9E2A44
# gpg: Good signature from "Alex Bennée (Master Work Key) <alex.bennee@linaro.org>" [full]
# Primary key fingerprint: 6685 AE99 E751 67BC AFC8  DF35 FBD0 DB09 5A9E 2A44

* remotes/stsquad/tags/pull-fixes-for-rc2-270720-1:
  tests/vm: add shutdown timeout in basevm.py
  python/qemu: Change ConsoleSocket to optionally drain socket.
  python/qemu: Cleanup changes to ConsoleSocket
  linux-user, ppc: fix clock_nanosleep() for linux-user-ppc
  linux-user: fix clock_nanosleep()
  tests/docker: add support for DEB_KEYRING
  tests/docker: fix binfmt_misc image building
  tests/docker: fix update command due to python3 str/bytes distinction
  linux-user: don't use MAP_FIXED in pgd_find_hole_fallback
  target/i386: floatx80: avoid compound literals in static initializers
  accel/tcg: better handle memory constrained systems
  util/oslib-win32: add qemu_get_host_physmem implementation
  util: add qemu_get_host_physmem utility function
  semihosting: don't send the trailing '\0'
  semihosting: defer connect_chardevs a little more to use serialx
  shippable: add one more qemu to registry url

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-27 15:55:56 +01:00
Laszlo Ersek
163b3d1af2 target/i386: floatx80: avoid compound literals in static initializers
Quoting ISO C99 6.7.8p4, "All the expressions in an initializer for an
object that has static storage duration shall be constant expressions or
string literals".

The compound literal produced by the make_floatx80() macro is not such a
constant expression, per 6.6p7-9. (An implementation may accept it,
according to 6.6p10, but is not required to.)

Therefore using "floatx80_zero" and make_floatx80() for initializing
"f2xm1_table" and "fpatan_table" is not portable. And gcc-4.8 in RHEL-7.6
actually chokes on them:

> target/i386/fpu_helper.c:871:5: error: initializer element is not constant
>      { make_floatx80(0xbfff, 0x8000000000000000ULL),
>      ^

We've had the make_floatx80_init() macro for this purpose since commit
3bf7e40ab9 ("softfloat: fix for C99", 2012-03-17), so let's use that
macro again.

Fixes: eca30647fc ("target/i386: reimplement f2xm1 using floatx80 operations")
Fixes: ff57bb7b63 ("target/i386: reimplement fpatan using floatx80 operations")
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Joseph Myers <joseph@codesourcery.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Link: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg06566.html
Link: https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg04714.html
Message-Id: <20200716144251.23004-1-lersek@redhat.com>
Message-Id: <20200724064509.331-8-alex.bennee@linaro.org>
2020-07-27 09:40:16 +01:00
Laurent Vivier
aef92d87c5 pseries: fix kvmppc_set_fwnmi()
QEMU issues the ioctl(KVM_CAP_PPC_FWNMI) on the first vCPU.

If the first vCPU is currently running, the vCPU mutex is held
and the ioctl() cannot be done and waits until the mutex is released.
This never happens and the VM is stuck.

To avoid this deadlock, issue the ioctl on the same vCPU doing the
RTAS call.

The problem can be reproduced by booting a guest with several vCPUs
(the probability to have the problem is (n - 1) / n,  n = # of CPUs),
and then by triggering a kernel crash with "echo c >/proc/sysrq-trigger".

On the reboot, the kernel hangs after:

...
[    0.000000] -----------------------------------------------------
[    0.000000] ppc64_pft_size    = 0x0
[    0.000000] phys_mem_size     = 0x48000000
[    0.000000] dcache_bsize      = 0x80
[    0.000000] icache_bsize      = 0x80
[    0.000000] cpu_features      = 0x0001c06f8f4f91a7
[    0.000000]   possible        = 0x0003fbffcf5fb1a7
[    0.000000]   always          = 0x00000003800081a1
[    0.000000] cpu_user_features = 0xdc0065c2 0xaee00000
[    0.000000] mmu_features      = 0x3c006041
[    0.000000] firmware_features = 0x00000085455a445f
[    0.000000] physical_start    = 0x8000000
[    0.000000] -----------------------------------------------------
[    0.000000] numa:   NODE_DATA [mem 0x47f33c80-0x47f3ffff]

Fixes: ec010c0066 ("ppc/spapr: KVM FWNMI should not be enabled until guest requests it")
Cc: npiggin@gmail.com
Signed-off-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20200724083533.281700-1-lvivier@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-07-27 11:09:25 +10:00
Peter Maydell
194f8ca825 Fix some cputlb commentary
Fix an hppa temporary leak
 Fix an i386 translation issue with loop insns
 -----BEGIN PGP SIGNATURE-----
 
 iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAl8cV+8dHHJpY2hhcmQu
 aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV9DpAf/ZBA/GOE+O5pGXtuR
 6zc2TG/1SILJWRtkQ1e6OSvpoCEw6XoTMWA3vp6GF6wCaeBRFOcbYfABFvQJSP4M
 aFEVdfQqWk67WGqyPuvJKScC4jPZpfw5xB29DRQta2XYF2wdtdDf4rjlz/SK5Np7
 xzCtZrRV4RnQAFmupMSKhgWWmDDTn2pNBBUpDkiXMX7L/qgHA43OFW0Bm6ncBl3L
 IramXEZrwHD+hMtjQXAVBgULOR3DS6xJVgzRRl2ecCTYkwWLxjFEpTAdqaXFORpO
 AbvietkpeUOoo+K0qV+kQGWu5Q4rZq7ScHOIqLd4j2nrdlKZiE02rSW+MYVCR43R
 8EC2/g==
 =b+tT
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/rth/tags/pull-tcg-20200725' into staging

Fix some cputlb commentary
Fix an hppa temporary leak
Fix an i386 translation issue with loop insns

# gpg: Signature made Sat 25 Jul 2020 17:03:59 BST
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A  05C0 64DF 38E8 AF7E 215F

* remotes/rth/tags/pull-tcg-20200725:
  target/i386: Save cc_op before loop insns
  target/hppa: Free some temps in do_sub
  tcg: update comments for save_iotlb_data in cputlb

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-26 17:17:58 +01:00
Richard Henderson
3cb3a7720b target/i386: Save cc_op before loop insns
We forgot to update cc_op before these branch insns,
which lead to losing track of the current eflags.

Buglink: https://bugs.launchpad.net/qemu/+bug/1888165
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200720154028.477457-1-richard.henderson@linaro.org>
2020-07-24 14:29:35 -07:00
Richard Henderson
79826f99fe target/hppa: Free some temps in do_sub
Two temps allocated but not freed.  Do enough subtractions
within a single TB and one can run out of temps entirely.

Fixes: b2167459ae ("target-hppa: Implement basic arithmetic")
Buglink: https://bugs.launchpad.net/qemu/+bug/1880287
Tested-by: Sven Schnelle <svens@stackframe.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200720174039.517902-1-richard.henderson@linaro.org>
2020-07-24 14:28:33 -07:00
Peter Maydell
e68808a797 Error reporting patches patches for 2020-07-24
-----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEENUvIs9frKmtoZ05fOHC0AOuRhlMFAl8a3DASHGFybWJydUBy
 ZWRoYXQuY29tAAoJEDhwtADrkYZT3McQALCwXRL6k4QEZpJooo7F4kmhBV2/gcbN
 iwPacfq1f3Dk0kJOOX26dLbq5ZIBBSan9ynVvMePf2a24Q2rfW7CwGyc8VlD/F1Y
 OU4knHmhDPpyX52Dw7UEEOhTJiRpXDLbLrkmUkEwp2Z71m5KU0m1YV6i9BOrOlQz
 bZU/hjCg53lDfDsA5XEZt1/YmRoCqKNco8gLScrjAzcZsos5FWzH0D1APeABQunq
 w4ivHcxGLGLbf7jvIcUnbdZAeG2rCsD9bY0gYmIuuc33rPMEgboqoUnSv3hdT2WS
 tL3gehBCX1Y7nXYFR81RuLYhi/HzFYGCPkNu4JrLdX+8oe3zDZiyFwocuWVtV7zl
 i06zd68Q0byirUWRjLKfCxcYOvt5pflWth40tGJ5QJautCThAEFNnus1yepuXojN
 Waawjk+lyigOTnTAAuTpeJV/zUx+1cVqp5Ou7H3xkT5xo9YfCRrt6OPI9ArwAxqy
 TBMyXbNgocdpryMEKICMq2up1gzbFqjJxlSlJbcpsUulO+icPqxXzSxgcRctNoGB
 Xy1p1/wNF5QCTwFufMGKVeepsfjvRNN8sacgQl1Feew0av2NuoCm0U4uqZIofcX8
 d+x8/VTzR03vjpgvxNjoVfgAtgf+HLVQ2VM6RSU6fxLP1LBqibIUPaYRhj5PFGE2
 esLOl5xKEFRm
 =IXo+
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-error-2020-07-24' into staging

Error reporting patches patches for 2020-07-24

# gpg: Signature made Fri 24 Jul 2020 14:03:44 BST
# gpg:                using RSA key 354BC8B3D7EB2A6B68674E5F3870B400EB918653
# gpg:                issuer "armbru@redhat.com"
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-error-2020-07-24:
  qapi/error: Check format string argument in error_*prepend()
  sd/milkymist-memcard: Fix format string
  error: Strip trailing '\n' from error string arguments (again)
  coccinelle/err-bad-newline: Fix for Python 3, and add patterns

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-24 16:24:42 +01:00
Markus Armbruster
ff5b5d5b6d error: Strip trailing '\n' from error string arguments (again)
Tracked down with scripts/coccinelle/err-bad-newline.cocci.

Cc: Peter Xu <peterx@redhat.com>
Cc: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20200722084048.1726105-3-armbru@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Peter Xu <peterx@redhat.com>
2020-07-24 12:56:44 +02:00
Peter Maydell
7adfbea8fd x86 bug fix for -rc2
A fix from Vitaly Kuznetsov for a CPU reset bug
 reported by Jan Kiszka.
 -----BEGIN PGP SIGNATURE-----
 
 iQJIBAABCAAyFiEEWjIv1avE09usz9GqKAeTb5hNxaYFAl8Z4LAUHGVoYWJrb3N0
 QHJlZGhhdC5jb20ACgkQKAeTb5hNxaYYFQ/+N2mcdYcGtzkbf8x3zZ096wf0caIl
 bEKcr5bwcfOV+ruXpS7MfNvH89GKBa6qd6TjnsSN7QuWiWkSZGD4/T5Q9ITayRj8
 vrqPFpiqP1LJzsP1amwBrPqIFWAO6BxQUT6fg3rm79zA3bu7utKp2lhPcDah+4RZ
 zWYAMzlCftpI6bZvUlOa2dGNaQwFp+IVXQD5UxeTsRCV9dP5HYxDzFC0JMMUnyxQ
 AGyuX9Sgbv347YW7OfH1uU2W6vc8B9GpLIFjz3y21jVxUcRdr7epAzW+/tauvyJr
 q+wVrqYZIT2C4XwFNPygiUfp+ZBvAcZeT4psmoPhWBazw7i8CHSi4wDN9j5EBPe3
 Nx4K+y2Y5cfBei7lce0wswr9ye5ZsVMIqmEQ/HBxVevwbW+SGkr973qeuauPWVVS
 GWaGDxN8LaoltK974hiz38X2LKzOhjc0OuLPLRuSNnc4cvTg5AT9aWMbP82F0ouZ
 TkShaubeXZmFdHSzMwDUABUbH7WjdLtO3OzCn7Uadx5wf2QmEkBIbpWIy4LfRTnT
 oMn7snHpZ31v6enbdYr+flaXe6fbXyJDPVPI7IuhpNqO/fN6kgn6EVhk1AD9DMFC
 SgWbMNrJkV/3aGvWrwzahrxBI2AaEizfZb0e/Mqt0ohQhwUrCPxtZI0L1aUYuh1f
 qFZerMSTJV8gu5I=
 =FCDW
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ehabkost/tags/x86-next-for-5.1-pull-request' into staging

x86 bug fix for -rc2

A fix from Vitaly Kuznetsov for a CPU reset bug
reported by Jan Kiszka.

# gpg: Signature made Thu 23 Jul 2020 20:10:40 BST
# gpg:                using RSA key 5A322FD5ABC4D3DBACCFD1AA2807936F984DC5A6
# gpg:                issuer "ehabkost@redhat.com"
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" [full]
# Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF  D1AA 2807 936F 984D C5A6

* remotes/ehabkost/tags/x86-next-for-5.1-pull-request:
  KVM: fix CPU reset wrt HF2_GIF_MASK

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-24 10:52:20 +01:00
Vitaly Kuznetsov
0baa4b445e KVM: fix CPU reset wrt HF2_GIF_MASK
HF2_GIF_MASK is set in env->hflags2 unconditionally on CPU reset
(see x86_cpu_reset()) but when calling KVM_SET_NESTED_STATE,
KVM_STATE_NESTED_GIF_SET is only valid for nSVM as e.g. nVMX code
looks like

if (kvm_state->hdr.vmx.vmxon_pa == -1ull) {
    if (kvm_state->flags & ~KVM_STATE_NESTED_EVMCS)
        return -EINVAL;
}

Also, when adjusting the environment after KVM_GET_NESTED_STATE we
need not reset HF2_GIF_MASK on VMX as e.g. x86_cpu_pending_interrupt()
expects it to be set.

Alternatively, we could've made env->hflags2 SVM-only.

Reported-by: Jan Kiszka <jan.kiszka@siemens.com>
Fixes: b16c0e20c7 ("KVM: add support for AMD nested live migration")
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
Message-Id: <20200723142701.2521161-1-vkuznets@redhat.com>
Tested-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-23 15:03:54 -04:00
Zong Li
8ba26b0b2b target/riscv: Fix the range of pmpcfg of CSR funcion table
The range of Physical Memory Protection should be from CSR_PMPCFG0
to CSR_PMPCFG3, not to CSR_PMPADDR9.

Signed-off-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Bin Meng <bin.meng@windriver.com>
Message-Id: <eae49e9252c9596e4f3bdb471772f79235141a87.1595335112.git.zong.li@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-22 09:41:36 -07:00
LIU Zhiwei
3e09396e36 target/riscv: fix vector index load/store constraints
Although not explicitly specified that the the destination
vector register groups cannot overlap the source vector register group,
it is still necessary.

And this constraint has been added to the v0.8 spec.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200721133742.2298-2-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-22 09:39:46 -07:00
LIU Zhiwei
eabfeb0cb9 target/riscv: Quiet Coverity complains about vamo*
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200721133742.2298-1-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-22 09:39:46 -07:00
Richard Henderson
6f4e1405b9 hw/arm/virt: Enable MTE via a machine property
Control this cpu feature via a machine property, much as we do
with secure=on, since both require specialized support in the
machine setup to be functional.

Default MTE to off, since this feature implies extra overhead.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20200713213341.590275-2-richard.henderson@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-20 11:35:15 +01:00
Roman Bolshakov
818b9f111d i386: hvf: Explicitly set CR4 guest/host mask
Removal of register reset omitted initialization of CR4 guest/host mask.
x86_64 guests aren't booting without it.

Fixes: 5009ef22c6 ("i386: hvf: Don't duplicate register reset")
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200714090726.41082-1-r.bolshakov@yadro.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 14:15:13 -04:00
Chenyi Qiang
644e3c5d81 target/i386: add the missing vmx features for Skylake-Server and Cascadelake-Server CPU models
Add the missing vmx features in Skylake-Server and Cascadelake-Server
CPU models based on the output of Paolo's script.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20200714084148.26690-4-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:05:03 -04:00
Chenyi Qiang
e0013791b9 target/i386: fix model number and add missing features for Icelake-Server CPU model
Add the missing features(sha_ni, avx512ifma, rdpid, fsrm,
vmx-rdseed-exit, vmx-pml, vmx-eptp-switching) and change the model
number to 106 in the Icelake-Server-v4 CPU model.

Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20200714084148.26690-3-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:05:03 -04:00
Chenyi Qiang
5cb287d2bd target/i386: add fast short REP MOV support
For CPUs support fast short REP MOV[CPUID.(EAX=7,ECX=0):EDX(bit4)], e.g
Icelake and Tigerlake, expose it to the guest VM.

Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Chenyi Qiang <chenyi.qiang@intel.com>
Message-Id: <20200714084148.26690-2-chenyi.qiang@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:05:03 -04:00
Xiaoyao Li
f9f08e7cae i386/cpu: Don't add unavailable_features to env->user_features
Features unavailable due to absent of their dependent features should
not be added to env->user_features. env->user_features only contains the
feature explicity specified with -feature/+feature by user.

Fixes: 99e24dbdaa ("target/i386: introduce generic feature dependency mechanism")
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-Id: <20200713174436.41070-3-xiaoyao.li@intel.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:04:42 -04:00
Xiaoyao Li
1f43671a0d i368/cpu: Clear env->user_features after loading versioned CPU model
Features defined in versioned CPU model are recorded in env->user_features
since they are updated as property. It's unwated because they are not
user specified.

Simply clear env->user_features as a fix. It won't clear user specified
features because user specified features are filled to
env->user_features later in x86_cpu_expand_features().

Cc: Chenyi Qiang <chenyi.qiang@intel.com>
Suggested-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Message-Id: <20200713174436.41070-2-xiaoyao.li@intel.com>
[ehabkost: fix coding style]
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2020-07-16 11:04:42 -04:00
Peter Maydell
f1d5948669 MIPS patches for 5.1
- A pair of fixes,
 - Add Huacai Chen as MIPS KVM maintainer,
 - Add Jiaxun Yang as designated MIPS TCG reviewer.
 
 CI jobs results:
 . https://travis-ci.org/github/philmd/qemu/builds/708079271
 . https://gitlab.com/philmd/qemu/-/pipelines/166528104
 . https://cirrus-ci.com/build/6483996878045184
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAl8ODr4ACgkQ4+MsLN6t
 wN4XxhAAnH9aPdBx9oZit3Yq0ZggJKQ5xgoDJMKtknYzSfjRipPgPp7A7sf5I0as
 0/2l6AQhvq8iyU4hlAl7EITRqJUp2Z9/B0T0vgSydlLuDNFjHJ/1bY7UKAhAmaUE
 lLJLuC3tEK8a4pJqeYN8kxY2Z+P7VdYFog72xo0tiDO9KXKisLzQX0KlhUskBV8o
 Ead47EKIQ1m3jyorRXwNmf/XzBmHWVriDdT3BGVf+TWrqZh9E5e6X8zFAXXQc2as
 X+o0EnZVOtj8S1JSoxcOR5Wg3pjmwQ+RlxKqrv9bNmrkOrpU+iNZJQtS4ZZp8oe/
 dwYHZozInIT2ccHyZ5pQ1LTNfkCPQB9HAx6SZeb0KVMluSbFYwu45AhX8g58jyjI
 UyKMCnbFvP5WByPlp8BglWkdeFvSVvDxcGIc6S8SSaXpgtq4BkSp0yVw/ICGaE2W
 UsZiOqFR7mmrm0FJlKYX2ttGb7ATrRJ8to+kmH865aXTPKVlsCM34FloOFb9Yw9L
 V0RTc95oeexImfBe/mxe0qHtyZLfoKc9u8DHx2glr6ooUcidUeiZUnPzidCFdAfm
 qq6lj5tG3jHiQamclSTdow0p4+ttJn5ytkf0Qaepznpu9xVNvPDh8hGnSM/9Aryr
 tTLClX8ZpqxwMTepmFt4Q2SUEqTCNQ+CfQ9Jjq/fQTneUn0k058=
 =Mncy
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd-gitlab/tags/mips-next-20200714' into staging

MIPS patches for 5.1

- A pair of fixes,
- Add Huacai Chen as MIPS KVM maintainer,
- Add Jiaxun Yang as designated MIPS TCG reviewer.

CI jobs results:
. https://travis-ci.org/github/philmd/qemu/builds/708079271
. https://gitlab.com/philmd/qemu/-/pipelines/166528104
. https://cirrus-ci.com/build/6483996878045184

# gpg: Signature made Tue 14 Jul 2020 20:59:58 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd-gitlab/tags/mips-next-20200714:
  MAINTAINERS: Adjust MIPS maintainership (add Huacai Chen & Jiaxun Yang)
  target/mips: Fix ADD.S FPU instruction
  target/mips: Remove identical if/else branches

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-15 13:54:09 +01:00
Alex Richardson
dda97e385b target/mips: Fix ADD.S FPU instruction
After merging latest QEMU upstream into our CHERI fork,
I noticed that some of the FPU tests in our MIPS baremetal
testsuite [*] started failing.
It turns out commit 1ace099f2a accidentally changed add.s
into a subtract.

[*] https://github.com/CTSRD-CHERI/cheritest

Fixes: 1ace099f2a ("target/mips: fpu: Demacro ADD.<D|S|PS>")
Signed-off-by: Alex Richardson <Alexander.Richardson@cl.cam.ac.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200703161515.25966-1-Alexander.Richardson@cl.cam.ac.uk>
Signed-off-by: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-14 21:49:33 +02:00
Aleksandar Markovic
9788e8c9b6 target/mips: Remove identical if/else branches
Remove the segment:

      if (other_tc == other->current_tc) {
          tccause = other->CP0_Cause;
      } else {
          tccause = other->CP0_Cause;
      }

Original contributor can't remember what was his intention.

Fixes: 5a25ce9487 ("mips: Hook in more reg accesses via mttr/mftr")
Buglink: https://bugs.launchpad.net/qemu/+bug/1885718
Signed-off-by: Aleksandar Markovic <aleksandar.qemu.devel@gmail.com>
Message-Id: <20200701182559.28841-2-aleksandar.qemu.devel@gmail.com>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-14 21:49:33 +02:00
Peter Maydell
aeb07b5f6e This is a colection of bug fixes and small imrprovements for RISC-V.
This includes some vector extensions fixes, a PMP bug fix, OpenTitan
 UART bug fix and support for OpenSBI dynamic firmware.
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEE9sSsRtSTSGjTuM6PIeENKd+XcFQFAl8M/HgACgkQIeENKd+X
 cFTFDAf7BiC0iVDUNEdK91MU3eLBf3C+VcVXeFQ1U4WtQutajhC681jWtk4gemRW
 QnZ0HWuOkvvKrdrPqV18c6gKYg+qcgpQ/JMCtl2bFk41nfVLS2Amlza6ycooQAhK
 dMrwFDm0yRGy3gjsZwNaduQKaKWJqtZJc142yELtfgfJvNsHJirYKMt1YXMC/pJO
 62Z5kACbSVsUDAr02ZZnFw9PX09FQh75LZpfRC9haMpyqkyffARmsu6rAtZJpk1G
 XhXhJNq9j3IpBP0nt9BV7KNVW5KrbKnGwEnK+I5UZfEYmGrz4RFb+UWq/rqMF2ui
 fbe9tY2bJRwcnS+EbF0s97M6wEweSw==
 =T+nM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/alistair/tags/pull-riscv-to-apply-20200713' into staging

This is a colection of bug fixes and small imrprovements for RISC-V.

This includes some vector extensions fixes, a PMP bug fix, OpenTitan
UART bug fix and support for OpenSBI dynamic firmware.

# gpg: Signature made Tue 14 Jul 2020 01:29:44 BST
# gpg:                using RSA key F6C4AC46D4934868D3B8CE8F21E10D29DF977054
# gpg: Good signature from "Alistair Francis <alistair@alistair23.me>" [full]
# Primary key fingerprint: F6C4 AC46 D493 4868 D3B8  CE8F 21E1 0D29 DF97 7054

* remotes/alistair/tags/pull-riscv-to-apply-20200713:
  target/riscv: Fix pmp NA4 implementation
  tcg/riscv: Remove superfluous breaks
  hw/char: Convert the Ibex UART to use the registerfields API
  hw/char: Convert the Ibex UART to use the qdev Clock model
  target/riscv: fix vill bit index in vtype register
  target/riscv: fix return value of do_opivx_widen()
  target/riscv: correct the gvec IR called in gen_vec_rsub16_i64()
  target/riscv: fix rsub gvec tcg_assert_listed_vecop assertion
  hw/riscv: Modify MROM size to end at 0x10000
  RISC-V: Support 64 bit start address
  riscv: Add opensbi firmware dynamic support
  RISC-V: Copy the fdt in dram instead of ROM
  riscv: Unify Qemu's reset vector code path
  hw/riscv: virt: Sort the SoC memmap table entries
  MAINTAINERS: Add an entry for OpenSBI firmware

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-14 17:58:00 +01:00
Peter Maydell
1a53dfee92 NBD patches for 2020-07-13
- fix off-by-one truncation in corner-case name display
 - use fcntl correctly
 - iotest cleanups that enable testing an upcoming fix for NBD close
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCAAdFiEEccLMIrHEYCkn0vOqp6FrSiUnQ2oFAl8Ma5cACgkQp6FrSiUn
 Q2pnlQf/SK5NsWoUUuo9ufAoSRHEWcYr5yGffqMQGB3n0qTMi+8mTIRov09MvIuN
 uKX5nsGlFlYeVYFIo6+wr0LAl1IZClmbzKUW/NeiBP7fc6TMdmEXFyBq6iFMFHjm
 F5h11jCMd3E0jN51KVBpiL6dtBvdGiJWdMYr55N6knu0+465505YCeldcs4eLJct
 fc9VxWIhN8apuAYuli2gn4eZQju46OsWhCvQDqZo5EvTLBTXN5qvkU531FkceJkZ
 lnHf9JRyJ2Z5QcgRWklZaORWHDIOgrnIsAisgEC2pn6pt3fAhEjP1JzKsdBKWBT8
 7YzApIHYqixqTyEnIO4aKADnfwysYw==
 =6kLs
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2020-07-13' into staging

NBD patches for 2020-07-13

- fix off-by-one truncation in corner-case name display
- use fcntl correctly
- iotest cleanups that enable testing an upcoming fix for NBD close

# gpg: Signature made Mon 13 Jul 2020 15:11:35 BST
# gpg:                using RSA key 71C2CC22B1C4602927D2F3AAA7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2020-07-13:
  iotests.py: filter_testfiles(): filter SOCK_DIR too
  iotests.py: QemuIoInteractive: print output on failure
  iotests: QemuIoInteractive: use qemu_io_args_no_fmt
  hax: Fix setting of FD_CLOEXEC
  nbd: Avoid off-by-one in long export name truncation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-14 13:52:10 +01:00
Alexandre Mergnat
cfad709bce target/riscv: Fix pmp NA4 implementation
The end address calculation for NA4 mode is wrong because the address
used isn't shifted.

It doesn't watch 4 bytes but a huge range because the end address
calculation is wrong.

The solution is to use the shifted address calculated for start address
variable.

Modifications are tested on Zephyr OS userspace test suite which works
for other RISC-V boards (E31 and E34 core).

Signed-off-by: Alexandre Mergnat <amergnat@baylibre.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-id: 20200706084550.24117-1-amergnat@baylibre.com
Message-Id: <20200706084550.24117-1-amergnat@baylibre.com>
[ Changes by AF:
 - Improve the commit title and message
]
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-13 17:25:37 -07:00
Frank Chang
fbcbafa2c1 target/riscv: fix vill bit index in vtype register
vill bit is at vtype[XLEN-1].

Signed-off-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200710104920.13550-5-frank.chang@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-13 17:25:37 -07:00
Frank Chang
a69f97c111 target/riscv: fix return value of do_opivx_widen()
do_opivx_widen() should return false if check function returns false.

Signed-off-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200710104920.13550-4-frank.chang@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-13 17:25:37 -07:00
Frank Chang
1989205c4e target/riscv: correct the gvec IR called in gen_vec_rsub16_i64()
Signed-off-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200710104920.13550-3-frank.chang@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-13 17:25:37 -07:00
Frank Chang
7acafcfa84 target/riscv: fix rsub gvec tcg_assert_listed_vecop assertion
gvec should provide vecop_list to avoid:
"tcg_tcg_assert_listed_vecop: code should not be reached bug" assertion.

Signed-off-by: Frank Chang <frank.chang@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200710104920.13550-2-frank.chang@sifive.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-13 17:25:37 -07:00
Eric Blake
8cf58a49f8 hax: Fix setting of FD_CLOEXEC
Blindly setting FD_CLOEXEC without a read-modify-write will
inadvertently clear any other intentionally-set bits, such as a
proposed new bit for designating a fd that must behave in 32-bit mode.
Use our wrapper function instead of an incorrect hand-rolled version.

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200420175309.75894-2-eblake@redhat.com>
Reviewed-by: Colin Xu <colin.xu@intel.com>
2020-07-13 09:01:01 -05:00
Wentong Wu
77b3f2af57 target/nios2: Use gen_io_start around wrctl instruction
wrctl instruction on nios2 target will cause checking cpu
interrupt but tcg_handle_interrupt() will call cpu_abort()
if the CPU gets an interrupt while it's not in 'can do IO'
state, so add gen_io_start around wrctl instruction. Also
at the same time, end the onging TB with DISAS_UPDATE.

Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Message-id: 20200710233433.19729-3-wentong.wu@intel.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-13 14:36:11 +01:00
Wentong Wu
c769453571 target/nios2: in line the semantics of DISAS_UPDATE with other targets
In line the semantics of DISAS_UPDATE on nios2 target with other targets
which is to explicitly write the PC back into the cpu state before doing
a tcg_gen_exit_tb().

Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Message-id: 20200710233433.19729-2-wentong.wu@intel.com
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-13 14:36:10 +01:00
Wentong Wu
42928f2c9c target/nios2: add DISAS_NORETURN case for nothing more to generate
Add DISAS_NORETURN case for nothing more to generate because at runtime
execution will never return from some helper call. And at the same time
replace DISAS_UPDATE in t_gen_helper_raise_exception and gen_exception
with the newly added DISAS_NORETURN.

Signed-off-by: Wentong Wu <wentong.wu@intel.com>
Message-id: 20200710233433.19729-1-wentong.wu@intel.com
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-13 14:36:10 +01:00
Aaron Lindsay
887c0f1544 target/arm: Don't do raw writes for PMINTENCLR
Raw writes to this register when in KVM mode can cause interrupts to be
raised (even when the PMU is disabled). Because the underlying state is
already aliased to PMINTENSET (which already provides raw write
functions), we can safely disable raw accesses to PMINTENCLR entirely.

Signed-off-by: Aaron Lindsay <aaron@os.amperecomputing.com>
Message-id: 20200707152616.1917154-1-aaron@os.amperecomputing.com
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-13 14:36:08 +01:00
Richard Henderson
cdecb3fc1e target/arm: Fix mtedesc for do_mem_zpz
The mtedesc that was constructed was not actually passed in.
Found by Coverity (CID 1429996).

Fixes: d28d12f008
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200706202345.193676-1-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-13 14:36:07 +01:00
Peter Maydell
d34498309c 8bit AVR port from Michael Rolnik.
Michael started to work on the AVR port few years ago [*] and kept
 improving the code over various series.
 
 List of people who help him (in chronological order):
 - Richard Henderson
 - Sarah Harris and Edward Robbins
 - Philippe Mathieu-Daudé and Aleksandar Markovic
 - Pavel Dovgalyuk
 - Thomas Huth
 
 [*] The oldest contribution I could find on the list is from 2016:
 https://lists.nongnu.org/archive/html/qemu-devel/2016-06/msg02985.html
 
 Tests included:
 
 $ avocado --show=app run -t arch:avr tests/acceptance/
 Fetching asset from tests/acceptance/machine_avr6.py:AVR6Machine.test_freertos
  (1/1) tests/acceptance/machine_avr6.py:AVR6Machine.test_freertos: PASS (2.13 s)
 RESULTS    : PASS 1 | ERROR 0 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0
 JOB TIME   : 2.35 s
 
 $ make check-qtest-avr
   TEST    check-qtest-avr: tests/qtest/boot-serial-test
   TEST    check-qtest-avr: tests/qtest/cdrom-test
   TEST    check-qtest-avr: tests/qtest/device-introspect-test
   TEST    check-qtest-avr: tests/qtest/machine-none-test
   TEST    check-qtest-avr: tests/qtest/qmp-test
   TEST    check-qtest-avr: tests/qtest/qmp-cmd-test
   TEST    check-qtest-avr: tests/qtest/qom-test
   TEST    check-qtest-avr: tests/qtest/test-hmp
   TEST    check-qtest-avr: tests/qtest/qos-test
 
 CI results:
 . https://cirrus-ci.com/build/5697049146425344
 . https://gitlab.com/philmd/qemu/-/pipelines/165328058
 . https://travis-ci.org/github/philmd/qemu/builds/705817933
 . https://app.shippable.com/github/philmd/qemu/runs/822/summary/console
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAl8JgE8ACgkQ4+MsLN6t
 wN5KMhAA1IivMK9uD9x8vOK3H1fSIju6ufJz7mlynDXG/LV0dhms1t8n/AlPE/Gk
 TLhBUBwwdsejVDrTu6GGukoybsKLyULdt8MIK5z6bd++TwY3MlUkdOJeteviBUuP
 0hcagNR/Dyg1WLAq/VH4KGHfzisprfDM7sXTvjE3raKBSpqIwO5tfUn4kVm/LWB9
 sQNsVbtyKqnM3UW+QYGAN3eGAOM2SWx8pUZqV+UrDDEDoFJIiip7jxoN1t7PJaQp
 O6t2/omLzbOMrpwqmNAIfrsMjovRylrd8nDGlX/OF5SrEbwXi3qvdJBtEOdBPasp
 owXbu2Uwo4VUu5x7kzAiTlflBBSOmDpILbYVn5jGLKMZmOjLTPVbrzMKGZqx5GXD
 gWmmX2aD8ejl2XGmKM+gC1smQJ6/aMTILoYXq97hIKi8pMH7AB2a8Tmzseiqx/E/
 Lz1DrrnIW5vwFQAPnhdJCU1GF3B9VUcHG3w0sjvgGKDfpe8tLEgkmISi7CUbbA9/
 rJs2P24haqfdFXWLQU2sO1ygTR1vLNy5/ZbU1nyrAPpjWnGeX6GXVaWGQo83BaDd
 rIfnx0upNYFdaO5Vi4cbHUFGe1fVuR3C/l1xiDbmnzx3yMgys3036Equ2h3fSPqO
 4k79bee9ByAUl1YE0X8T4gasCRS6RaSWXZYz7lfdc9h5hGny8LM=
 =gFE5
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd-gitlab/tags/avr-port-20200711' into staging

8bit AVR port from Michael Rolnik.

Michael started to work on the AVR port few years ago [*] and kept
improving the code over various series.

List of people who help him (in chronological order):
- Richard Henderson
- Sarah Harris and Edward Robbins
- Philippe Mathieu-Daudé and Aleksandar Markovic
- Pavel Dovgalyuk
- Thomas Huth

[*] The oldest contribution I could find on the list is from 2016:
https://lists.nongnu.org/archive/html/qemu-devel/2016-06/msg02985.html

Tests included:

$ avocado --show=app run -t arch:avr tests/acceptance/
Fetching asset from tests/acceptance/machine_avr6.py:AVR6Machine.test_freertos
 (1/1) tests/acceptance/machine_avr6.py:AVR6Machine.test_freertos: PASS (2.13 s)
RESULTS    : PASS 1 | ERROR 0 | FAIL 0 | SKIP 0 | WARN 0 | INTERRUPT 0 | CANCEL 0
JOB TIME   : 2.35 s

$ make check-qtest-avr
  TEST    check-qtest-avr: tests/qtest/boot-serial-test
  TEST    check-qtest-avr: tests/qtest/cdrom-test
  TEST    check-qtest-avr: tests/qtest/device-introspect-test
  TEST    check-qtest-avr: tests/qtest/machine-none-test
  TEST    check-qtest-avr: tests/qtest/qmp-test
  TEST    check-qtest-avr: tests/qtest/qmp-cmd-test
  TEST    check-qtest-avr: tests/qtest/qom-test
  TEST    check-qtest-avr: tests/qtest/test-hmp
  TEST    check-qtest-avr: tests/qtest/qos-test

CI results:
. https://cirrus-ci.com/build/5697049146425344
. https://gitlab.com/philmd/qemu/-/pipelines/165328058
. https://travis-ci.org/github/philmd/qemu/builds/705817933
. https://app.shippable.com/github/philmd/qemu/runs/822/summary/console

# gpg: Signature made Sat 11 Jul 2020 10:03:11 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd-gitlab/tags/avr-port-20200711: (32 commits)
  target/avr/disas: Fix store instructions display order
  target/avr/cpu: Fix $PC displayed address
  target/avr/cpu: Drop tlb_flush() in avr_cpu_reset()
  target/avr: Add section into QEMU documentation
  tests/acceptance: Test the Arduino MEGA2560 board
  tests/boot-serial: Test some Arduino boards (AVR based)
  hw/avr: Add limited support for some Arduino boards
  hw/avr: Add some ATmega microcontrollers
  hw/avr: Add support for loading ELF/raw binaries
  hw/misc: avr: Add limited support for power reduction device
  hw/timer: avr: Add limited support for 16-bit timer peripheral
  hw/char: avr: Add limited support for USART peripheral
  tests/machine-none: Add AVR support
  target/avr: Register AVR support with the rest of QEMU
  target/avr: Add support for disassembling via option '-d in_asm'
  target/avr: Initialize TCG register variables
  target/avr: Add instruction translation - CPU main translation function
  target/avr: Add instruction translation - MCU Control Instructions
  target/avr: Add instruction translation - Bit and Bit-test Instructions
  target/avr: Add instruction translation - Data Transfer Instructions
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-11 19:27:59 +01:00
Philippe Mathieu-Daudé
19b293472f target/avr/disas: Fix store instructions display order
While LOAD instructions use the target register as first
argument, STORE instructions use it as second argument:

  LD Rd, X        // Rd <- (X)

  ST Y, Rd        // (Y) <- Rr

Reported-by: Joaquin de Andres <me@xcancerberox.com.ar>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200707070021.10031-4-f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Philippe Mathieu-Daudé
2e34e622c2 target/avr/cpu: Fix $PC displayed address
$PC is 16-bit wide. Other registers display addresses on a byte
granularity.
To have a coherent ouput, display $PC using byte granularity too.

Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200707070021.10031-3-f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Philippe Mathieu-Daudé
a291bc851d target/avr/cpu: Drop tlb_flush() in avr_cpu_reset()
Since commit 1f5c00cfdb tlb_flush() is called from cpu_common_reset().

Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20200707070021.10031-2-f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
42f3ff0013 target/avr: Register AVR support with the rest of QEMU
Add AVR related definitions into QEMU, make AVR support buildable.

[AM: Remove word 'Atmel' from filenames and all elements of code]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <amarkovic@wavecomp.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-23-huth@tuxfamily.org>
[PMD: Fixed @avr tag in qapi/machine.json]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
9d8caa67a2 target/avr: Add support for disassembling via option '-d in_asm'
Provide function disassembles executed instruction when '-d in_asm' is
provided.

Example:

$ qemu-system-avr -bios free-rtos/Demo/AVR_ATMega2560_GCC/demo.elf -d in_asm
    ...
    IN:
    0x0000014a:  CALL      0x3808

    IN: main
    0x00003808:  CALL      0x4b4

    IN: vParTestInitialise
    0x000004b4:  LDI       r24, 255
    0x000004b6:  STS       r24, 0
    0x000004b8:  MULS      r16, r20
    0x000004ba:  OUT       $1, r24
    0x000004bc:  LDS       r24, 0
    0x000004be:  MULS      r16, r20
    0x000004c0:  OUT       $2, r24
    0x000004c2:  RET
    ...

Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Suggested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
[rth: Fix spacing and const mnemonic arrays]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-19-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
a107fdb072 target/avr: Initialize TCG register variables
Initialize TCG register variables.

Co-developed-by: Richard Henderson <richard.henderson@linaro.org>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-18-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
9baade8d3b target/avr: Add instruction translation - CPU main translation function
Add the core of translation mechanism.

Co-developed-by: Richard Henderson <richard.henderson@linaro.org>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-17-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
46188cabae target/avr: Add instruction translation - MCU Control Instructions
This includes:
    - BREAK
    - NOP
    - SLEEP
    - WDR

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-16-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
5718cef05a target/avr: Add instruction translation - Bit and Bit-test Instructions
This includes:
    - LSR, ROR
    - ASR
    - SWAP
    - SBI, CBI
    - BST, BLD
    - BSET, BCLR

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-15-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
9732b024f7 target/avr: Add instruction translation - Data Transfer Instructions
This includes:
    - MOV, MOVW
    - LDI, LDS LDX LDY LDZ
    - LDDY, LDDZ
    - STS, STX STY STZ
    - STDY, STDZ
    - LPM, LPMX
    - ELPM, ELPMX
    - SPM, SPMX
    - IN, OUT
    - PUSH, POP
    - XCH
    - LAS, LAC LAT

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-14-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
9d316c75ab target/avr: Add instruction translation - Branch Instructions
This includes:
    - RJMP, IJMP, EIJMP, JMP
    - RCALL, ICALL, EICALL, CALL
    - RET, RETI
    - CPSE, CP, CPC, CPI
    - SBRC, SBRS, SBIC, SBIS
    - BRBC, BRBS

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-13-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
865f3bb9e1 target/avr: Add instruction translation - Arithmetic and Logic Instructions
This includes:
- ADD, ADC, ADIW
- SBIW, SUB, SUBI, SBC, SBCI
- AND, ANDI
- OR, ORI, EOR
- COM, NEG
- INC, DEC
- MUL, MULS, MULSU
- FMUL, FMULS, FMULSU
- DES

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-12-huth@tuxfamily.org>
[PMD: Added qemu_log_mask(LOG_UNIMP) in trans_DES()]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
e03feba007 target/avr: Add instruction translation - Register definitions
Start implementation of instructions by adding register definitions.

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-11-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Michael Rolnik
84a71e9a44 target/avr: Add instruction helpers
Add helpers for instructions that need to interact with QEMU. Also,
add stubs for unimplemented instructions. Instructions SPM and WDR
are left unimplemented because they require emulation of complex
peripherals. The implementation of instruction SLEEP is very limited
due to the lack of peripherals to generate wake interrupts. Memory
access instructions are implemented here because some address ranges
actually refer to CPU registers.

Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-10-huth@tuxfamily.org>
[PMD: Replace cpu_physical_memory() API by address_space_ldst()
      API to fix running on big-endian host,
      reported and suggested by Peter Maydell]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-11 11:02:05 +02:00
Jan Kiszka
6e083c0de4 apic: Report current_count via 'info lapic'
This is helpful when debugging stuck guest timers.

As we need apic_get_current_count for that, and it is really not
emulation specific, move it to apic_common.c and export it. Fix its
style at this chance as well.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <e00e2896-ca5b-a929-de7a-8e5762f0c1c2@siemens.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 19:26:55 -04:00
Cathy Zhang
b3c7344e33 target/i386: Enable TSX Suspend Load Address Tracking feature
This instruction aims to give a way to choose which memory accesses
do not need to be tracked in the TSX read set, which is defined as
CPUID.(EAX=7,ECX=0):EDX[bit 16].

The release spec link is as follows:
https://software.intel.com/content/dam/develop/public/us/en/documents/\
architecture-instruction-set-extensions-programming-reference.pdf

The associated kvm patch link is as follows:
https://lore.kernel.org/patchwork/patch/1268026/

Signed-off-by: Cathy Zhang <cathy.zhang@intel.com>
Message-Id: <1593991036-12183-3-git-send-email-cathy.zhang@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 19:26:55 -04:00
Cathy Zhang
5dd13f2a5b target/i386: Add SERIALIZE cpu feature
The availability of the SERIALIZATION instruction is indicated
by the presence of the CPUID feature flag SERIALIZE, which is
defined as CPUID.(EAX=7,ECX=0):ECX[bit 14].

The release spec link is as follows:
https://software.intel.com/content/dam/develop/public/us/en/documents/\
architecture-instruction-set-extensions-programming-reference.pdf

The associated kvm patch link is as follows:
https://lore.kernel.org/patchwork/patch/1268025/

Signed-off-by: Cathy Zhang <cathy.zhang@intel.com>
Message-Id: <1593991036-12183-2-git-send-email-cathy.zhang@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 19:26:54 -04:00
Luwei Kang
cbe0dad190 target/i386: Correct the warning message of Intel PT
The CPUID level need to be set to 0x14 manually on old
machine-type if Intel PT is enabled in guest. E.g. the
CPUID[0].EAX(level)=7 and CPUID[7].EBX[25](intel-pt)=1 when the
Qemu with "-machine pc-i440fx-3.1 -cpu qemu64,+intel-pt" parameter.

This patch corrects the warning message of the previous
submission(ddc2fc9).

Signed-off-by: Luwei Kang <luwei.kang@intel.com>
Message-Id: <1593499113-4768-1-git-send-email-luwei.kang@intel.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:24 -04:00
Paolo Bonzini
1b38750c40 target/i386: sev: fail query-sev-capabilities if QEMU cannot use SEV
In some cases, such as if the kvm-amd "sev" module parameter is set
to 0, SEV will be unavailable but query-sev-capabilities will still
return all the information.  This tricks libvirt into erroneously
reporting that SEV is available.  Check the actual usability of the
feature and return the appropriate error if QEMU cannot use KVM
or KVM cannot use SEV.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:22 -04:00
Paolo Bonzini
e4f6278557 target/i386: sev: provide proper error reporting for query-sev-capabilities
The query-sev-capabilities was reporting errors through error_report;
change it to use Error** so that the cause of the failure is clearer.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:22 -04:00
Paolo Bonzini
e1e43813e7 KVM: x86: believe what KVM says about WAITPKG
Currently, QEMU is overriding KVM_GET_SUPPORTED_CPUID's answer for
the WAITPKG bit depending on the "-overcommit cpu-pm" setting.  This is a
bad idea because it does not even check if the host supports it, but it
can be done in x86_cpu_realizefn just like we do for the MONITOR bit.

This patch moves it there, while making it conditional on host
support for the related UMWAIT MSR.

Cc: qemu-stable@nongnu.org
Reported-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:22 -04:00
Paolo Bonzini
c0c8445255 target/i386: implement undocumented "smsw r32" behavior
In 32-bit mode, the higher 16 bits of the destination
register are undefined.  In practice CR0[31:0] is stored,
just like in 64-bit mode, so just remove the "if" that
currently differentiates the behavior.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reported-by: Roman Bolshakov <r.bolshakov@yadro.com>
Reviewed-by: Roman Bolshakov <r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:22 -04:00
Paolo Bonzini
6c9cce1ff3 target/i386: remove gen_io_end
Force the end of a translation block after an I/O instruction in
icount mode.  For consistency, all CF_USE_ICOUNT code is kept in
disas_insn instead of having it in gen_ins and gen_outs.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:22 -04:00
Roman Bolshakov
eae009de78 i386: hvf: Clean up synchronize functions
Make them more concise and consitent with the rest of the code in the
file and drop non-relevant TODO.

Cc: Cameron Esfahani <dirty@apple.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200630102824.77604-9-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:19 -04:00
Roman Bolshakov
5009ef22c6 i386: hvf: Don't duplicate register reset
hvf_reset_vcpu() duplicates actions performed by x86_cpu_reset(). The
difference is that hvf_reset_vcpu() stores initial values directly to
VMCS while x86_cpu_reset() stores it in CPUX86State and then
cpu_synchronize_all_post_init() or cpu_synchronize_all_post_reset()
flushes CPUX86State into VMCS. That makes hvf_reset_vcpu() a kind of
no-op.

Here's the trace of CPU state modifications during VM start:
  hvf_reset_vcpu (resets VMCS)
  cpu_synchronize_all_post_init (overwrites VMCS fields written by
                                 hvf_reset_vcpu())
  cpu_synchronize_all_states
  hvf_reset_vcpu (resets VMCS)
  cpu_synchronize_all_post_reset (overwrites VMCS fields written by
                                  hvf_reset_vcpu())

General purpose registers, system registers, segment descriptors, flags
and IP are set by hvf_put_segments() in post-init and post-reset,
therefore it's safe to remove them from hvf_reset_vcpu().

PDPTE initialization can be dropped because Intel SDM (26.3.1.6 Checks
on Guest Page-Directory-Pointer-Table Entries) doesn't require PDPTE to
be clear unless PAE is used: "A VM entry to a guest that does not use
PAE paging does not check the validity of any PDPTEs."
And if PAE is used, PDPTE's are initialized from CR3 in macvm_set_cr0().

Cc: Cameron Esfahani <dirty@apple.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200630102824.77604-8-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:19 -04:00
Roman Bolshakov
82695a1b9c i386: hvf: Move Guest LMA reset to macvm_set_cr0()
The only useful purpose of hvf_reset_vcpu() is to clear "IA-32e mode
guest" (LMA) VM-Entry control. But it can be moved to macvm_set_cr0()
which is indirectly used by post-init and post-reset to flush emulator
state. That enables clean removal of hvf_reset_vcpu().

LMA is set only if IA32_EFER.LME = 1, according to Intel SDM "9.8.5
Initializing IA-32e Mode" and "9.8.5.4 Switching Out of IA-32e Mode
Operation", otherwise the entry control can be safely cleared.

Cc: Cameron Esfahani <dirty@apple.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200630102824.77604-7-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:19 -04:00
Cameron Esfahani
a4e26fa858 i386: hvf: Make long mode enter and exit clearer
Intel SDM "9.8.5 Initializing IA-32e Mode" and "9.8.5.4 Switching Out of
IA-32e Mode Operation" define activation and deactivation of long mode
only upon a change of CR0.PG but current code invokes exit_long_mode()
unconditionally until LME is cleared.

Signed-off-by: Cameron Esfahani <dirty@apple.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200630102824.77604-6-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:18 -04:00
Roman Bolshakov
5536c98e44 i386: hvf: Add hvf_cpu_synchronize_pre_loadvm()
hvf lacks an implementation of cpu_synchronize_pre_loadvm().

Cc: Cameron Esfahani <dirty@apple.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200630102824.77604-4-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:18 -04:00
Roman Bolshakov
b8d864f643 i386: hvf: Set env->eip in macvm_set_rip()
cpu_synchronize_state() is currently no-op for hvf but BIOS will hang in
vAPIC option ROM when cpu_synchronize_state() is wired to
hvf_cpu_synchronize_state().

cpu_synchronize_state() state is called from vapic_write() during option
ROM initialization. It sets dirty flag on the cpu. macvm_set_rip() is
then invoked to advance IP after the I/O write to vAPIC port.

macvm_set_rip() only modifies VMCS, it doesn't change env->eip.
Therefore on the next iteration of vCPU loop, vcpu_dirty flag is checked
and hvf_put_registers() overwrites correct RIP in VMCS with the value of
env->eip that points to the I/O write instruction. Execution of the CPU
gets stuck on the instruction.

The issue can be avoided if eip doesn't contain stale value when dirty
flag is set on cpu.

Cc: Cameron Esfahani <dirty@apple.com>
Signed-off-by: Roman Bolshakov <r.bolshakov@yadro.com>
Message-Id: <20200630102824.77604-2-r.bolshakov@yadro.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:18 -04:00
Paolo Bonzini
b16c0e20c7 KVM: add support for AMD nested live migration
Support for nested guest live migration is part of Linux 5.8, add the
corresponding code to QEMU.  The migration format consists of a few
flags, is an opaque 4k blob.

The blob is in VMCB format (the control area represents the L1 VMCB
control fields, the save area represents the pre-vmentry state; KVM does
not use the host save area since the AMD manual allows that) but QEMU
does not really care about that.  However, the flags need to be
copied to hflags/hflags2 and back.

In addition, support for retrieving and setting the AMD nested virtualization
states allows the L1 guest to be reset while running a nested guest, but
a small bug in CPU reset needs to be fixed for that to work.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:17 -04:00
Joseph Myers
418b0f93d1 target/i386: fix IEEE SSE floating-point exception raising
The SSE instruction implementations all fail to raise the expected
IEEE floating-point exceptions because they do nothing to convert the
exception state from the softfloat machinery into the exception flags
in MXCSR.

Fix this by adding such conversions.  Unlike for x87, emulated SSE
floating-point operations might be optimized using hardware floating
point on the host, and so a different approach is taken that is
compatible with such optimizations.  The required invariant is that
all exceptions set in env->sse_status (other than "denormal operand",
for which the SSE semantics are different from those in the softfloat
code) are ones that are set in the MXCSR; the emulated MXCSR is
updated lazily when code reads MXCSR, while when code sets MXCSR, the
exceptions in env->sse_status are set accordingly.

A few instructions do not raise all the exceptions that would be
raised by the softfloat code, and those instructions are made to save
and restore the softfloat exception state accordingly.

Nothing is done about "denormal operand"; setting that (only for the
case when input denormals are *not* flushed to zero, the opposite of
the logic in the softfloat code for such an exception) will require
custom code for relevant instructions, or else architecture-specific
conditionals in the softfloat code for when to set such an exception
together with custom code for various SSE conversion and rounding
instructions that do not set that exception.

Nothing is done about trapping exceptions (for which there is minimal
and largely broken support in QEMU's emulation in the x87 case and no
support at all in the SSE case).

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2006252358000.3832@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:17 -04:00
Joseph Myers
3ddc0eca22 target/i386: set SSE FTZ in correct floating-point state
The code to set floating-point state when MXCSR changes calls
set_flush_to_zero on &env->fp_status, so affecting the x87
floating-point state rather than the SSE state.  Fix to call it for
&env->sse_status instead.

Signed-off-by: Joseph Myers <joseph@codesourcery.com>
Message-Id: <alpine.DEB.2.21.2006252357170.3832@digraph.polyomino.org.uk>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:16 -04:00
Alexander Boettcher
a2d57703b3 tcg/svm: use host cr4 during NPT page table walk
During a page table walk of TCG+SVM the code in target/i386/excp_helper.c
get_hphys() uses the cr4 register of the guest instead of the hypervisor
to check for the PSE bit. In the test case we have, the guest have not
enabled (yet) the PSE bit and so the page table walk results in a wrong
host physical address resolution and wrong content read by the guest.

Attached patch is against 4.2.1, but works also on 3.1.0. It fixes the
issue for our automated testcase, which is a 32bit hypervisor w/o PAE
support running a guest VM with tcg+svm.

The test worked beforehand up to qemu 2.12, started to fail with qemu 3.0
and later. The added TCG/SVM NPT commit seems to introduce the regression.

In case someone want to try to reproduce it, the iso is at [0], the good
case is [1] and the failing case is [2]. The used commandline is:

qemu-system-i386 -no-kvm -nographic -cpu phenom -m 512 -machine q35 -cdrom seoul-vmm-test.iso

[0] https://depot.genode.org/alex-ab/images/seoul-vmm-test.iso
[1] https://depot.genode.org/alex-ab/images/seoul-vmm-good.txt
[2] https://depot.genode.org/alex-ab/images/seoul-vmm-bad.txt

Signed-off-by: Alexander Boettcher <alexander.boettcher@genode-labs.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2020-07-10 18:02:14 -04:00
Michael Rolnik
669d27e2f5 target/avr: Add definitions of AVR core types
AVR core types are:

  - avr5
  - avr51
  - avr6

Each core type covers multiple AVR MCUs, mentioned in the comments
before definition of particular AVR core type (part of this patch).

AVR core type defines shared features that are valid for all AVR
MCUs belonging in that type.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-9-huth@tuxfamily.org>
[PMD: Only include reviewed cores: avr5/avr51/avr6]
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
25a08409ab target/avr: Introduce enumeration AVRFeature
This patch introduces enumeration "AVRFeature" that will be
used for defining various AVR core types.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-8-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
12b3540547 target/avr: CPU class: Add GDB support
This includes GDB hooks for reading from wnd wrtiting to AVR
registers, and xml register definition file as well.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
[thuth: Fixed avr_cpu_gdb_read_register() parameter]
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-7-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
3fa28dd6cf target/avr: CPU class: Add migration support
Add migration-related functions of AVR CPU class object.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-6-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
e2a2b0b918 target/avr: CPU class: Add memory management support
This patch introduces three memory-management-related functions
that will become part of AVR CPU class object.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-5-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
7ccda78ff3 target/avr: CPU class: Add interrupt handling support
This patch introduces functions avr_cpu_do_interrupt() and
avr_cpu_exec_interrupt() that are part of AVR CPU class object.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-4-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
f1c671f96c target/avr: Introduce basic CPU class object
This patch introduces AVR CPU class object and its basic elements
and functions.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
[thuth: Adjusted reset and parent_reset handling]
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-3-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Michael Rolnik
c8c0d267fd target/avr: Add basic parameters of the new platform
This includes definitions of various basic parameters needed
for integration of a new platform into QEMU.

[AM: Split a larger AVR introduction patch into logical units]
Suggested-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Co-developed-by: Michael Rolnik <mrolnik@gmail.com>
Co-developed-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Michael Rolnik <mrolnik@gmail.com>
Signed-off-by: Sarah Harris <S.E.Harris@kent.ac.uk>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Aleksandar Markovic <aleksandar.m.mail@gmail.com>
Acked-by: Igor Mammedov <imammedo@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
[thuth: Simplify MAINTAINERS right from the start]
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Message-Id: <20200705140315.260514-2-huth@tuxfamily.org>
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
2020-07-10 17:58:32 +02:00
Markus Armbruster
992861fb1e error: Eliminate error_propagate() manually
When all we do with an Error we receive into a local variable is
propagating to somewhere else, we can just as well receive it there
right away.  The previous two commits did that for sufficiently simple
cases with Coccinelle.  Do it for several more manually.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200707160613.848843-37-armbru@redhat.com>
2020-07-10 15:18:08 +02:00
Markus Armbruster
668f62ec62 error: Eliminate error_propagate() with Coccinelle, part 1
When all we do with an Error we receive into a local variable is
propagating to somewhere else, we can just as well receive it there
right away.  Convert

    if (!foo(..., &err)) {
        ...
        error_propagate(errp, err);
        ...
        return ...
    }

to

    if (!foo(..., errp)) {
        ...
        ...
        return ...
    }

where nothing else needs @err.  Coccinelle script:

    @rule1 forall@
    identifier fun, err, errp, lbl;
    expression list args, args2;
    binary operator op;
    constant c1, c2;
    symbol false;
    @@
         if (
    (
    -        fun(args, &err, args2)
    +        fun(args, errp, args2)
    |
    -        !fun(args, &err, args2)
    +        !fun(args, errp, args2)
    |
    -        fun(args, &err, args2) op c1
    +        fun(args, errp, args2) op c1
    )
            )
         {
             ... when != err
                 when != lbl:
                 when strict
    -        error_propagate(errp, err);
             ... when != err
    (
             return;
    |
             return c2;
    |
             return false;
    )
         }

    @rule2 forall@
    identifier fun, err, errp, lbl;
    expression list args, args2;
    expression var;
    binary operator op;
    constant c1, c2;
    symbol false;
    @@
    -    var = fun(args, &err, args2);
    +    var = fun(args, errp, args2);
         ... when != err
         if (
    (
             var
    |
             !var
    |
             var op c1
    )
            )
         {
             ... when != err
                 when != lbl:
                 when strict
    -        error_propagate(errp, err);
             ... when != err
    (
             return;
    |
             return c2;
    |
             return false;
    |
             return var;
    )
         }

    @depends on rule1 || rule2@
    identifier err;
    @@
    -    Error *err = NULL;
         ... when != err

Not exactly elegant, I'm afraid.

The "when != lbl:" is necessary to avoid transforming

         if (fun(args, &err)) {
             goto out
         }
         ...
     out:
         error_propagate(errp, err);

even though other paths to label out still need the error_propagate().
For an actual example, see sclp_realize().

Without the "when strict", Coccinelle transforms vfio_msix_setup(),
incorrectly.  I don't know what exactly "when strict" does, only that
it helps here.

The match of return is narrower than what I want, but I can't figure
out how to express "return where the operand doesn't use @err".  For
an example where it's too narrow, see vfio_intx_enable().

Silently fails to convert hw/arm/armsse.c, because Coccinelle gets
confused by ARMSSE being used both as typedef and function-like macro
there.  Converted manually.

Line breaks tidied up manually.  One nested declaration of @local_err
deleted manually.  Preexisting unwanted blank line dropped in
hw/riscv/sifive_e.c.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20200707160613.848843-35-armbru@redhat.com>
2020-07-10 15:18:08 +02:00
Markus Armbruster
778a2dc592 qom: Use returned bool to check for failure, Coccinelle part
The previous commit enables conversion of

    foo(..., &err);
    if (err) {
        ...
    }

to

    if (!foo(..., errp)) {
        ...
    }

for QOM functions that now return true / false on success / error.
Coccinelle script:

    @@
    identifier fun = {
        object_apply_global_props, object_initialize_child_with_props,
        object_initialize_child_with_propsv, object_property_get,
        object_property_get_bool, object_property_parse, object_property_set,
        object_property_set_bool, object_property_set_int,
        object_property_set_link, object_property_set_qobject,
        object_property_set_str, object_property_set_uint, object_set_props,
        object_set_propv, user_creatable_add_dict,
        user_creatable_complete, user_creatable_del
    };
    expression list args, args2;
    typedef Error;
    Error *err;
    @@
    -    fun(args, &err, args2);
    -    if (err)
    +    if (!fun(args, &err, args2))
         {
             ...
         }

Fails to convert hw/arm/armsse.c, because Coccinelle gets confused by
ARMSSE being used both as typedef and function-like macro there.
Convert manually.

Line breaks tidied up manually.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200707160613.848843-29-armbru@redhat.com>
2020-07-10 15:18:08 +02:00
Markus Armbruster
5325cc34a2 qom: Put name parameter before value / visitor parameter
The object_property_set_FOO() setters take property name and value in
an unusual order:

    void object_property_set_FOO(Object *obj, FOO_TYPE value,
                                 const char *name, Error **errp)

Having to pass value before name feels grating.  Swap them.

Same for object_property_set(), object_property_get(), and
object_property_parse().

Convert callers with this Coccinelle script:

    @@
    identifier fun = {
        object_property_get, object_property_parse, object_property_set_str,
        object_property_set_link, object_property_set_bool,
        object_property_set_int, object_property_set_uint, object_property_set,
        object_property_set_qobject
    };
    expression obj, v, name, errp;
    @@
    -    fun(obj, v, name, errp)
    +    fun(obj, name, v, errp)

Chokes on hw/arm/musicpal.c's lcd_refresh() with the unhelpful error
message "no position information".  Convert that one manually.

Fails to convert hw/arm/armsse.c, because Coccinelle gets confused by
ARMSSE being used both as typedef and function-like macro there.
Convert manually.

Fails to convert hw/rx/rx-gdbsim.c, because Coccinelle gets confused
by RXCPU being used both as typedef and function-like macro there.
Convert manually.  The other files using RXCPU that way don't need
conversion.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200707160613.848843-27-armbru@redhat.com>
[Straightforwad conflict with commit 2336172d9b "audio: set default
value for pcspk.iobase property" resolved]
2020-07-10 15:18:08 +02:00
Markus Armbruster
62a35aaa31 qapi: Use returned bool to check for failure, Coccinelle part
The previous commit enables conversion of

    visit_foo(..., &err);
    if (err) {
        ...
    }

to

    if (!visit_foo(..., errp)) {
        ...
    }

for visitor functions that now return true / false on success / error.
Coccinelle script:

    @@
    identifier fun =~ "check_list|input_type_enum|lv_start_struct|lv_type_bool|lv_type_int64|lv_type_str|lv_type_uint64|output_type_enum|parse_type_bool|parse_type_int64|parse_type_null|parse_type_number|parse_type_size|parse_type_str|parse_type_uint64|print_type_bool|print_type_int64|print_type_null|print_type_number|print_type_size|print_type_str|print_type_uint64|qapi_clone_start_alternate|qapi_clone_start_list|qapi_clone_start_struct|qapi_clone_type_bool|qapi_clone_type_int64|qapi_clone_type_null|qapi_clone_type_number|qapi_clone_type_str|qapi_clone_type_uint64|qapi_dealloc_start_list|qapi_dealloc_start_struct|qapi_dealloc_type_anything|qapi_dealloc_type_bool|qapi_dealloc_type_int64|qapi_dealloc_type_null|qapi_dealloc_type_number|qapi_dealloc_type_str|qapi_dealloc_type_uint64|qobject_input_check_list|qobject_input_check_struct|qobject_input_start_alternate|qobject_input_start_list|qobject_input_start_struct|qobject_input_type_any|qobject_input_type_bool|qobject_input_type_bool_keyval|qobject_input_type_int64|qobject_input_type_int64_keyval|qobject_input_type_null|qobject_input_type_number|qobject_input_type_number_keyval|qobject_input_type_size_keyval|qobject_input_type_str|qobject_input_type_str_keyval|qobject_input_type_uint64|qobject_input_type_uint64_keyval|qobject_output_start_list|qobject_output_start_struct|qobject_output_type_any|qobject_output_type_bool|qobject_output_type_int64|qobject_output_type_null|qobject_output_type_number|qobject_output_type_str|qobject_output_type_uint64|start_list|visit_check_list|visit_check_struct|visit_start_alternate|visit_start_list|visit_start_struct|visit_type_.*";
    expression list args;
    typedef Error;
    Error *err;
    @@
    -    fun(args, &err);
    -    if (err)
    +    if (!fun(args, &err))
         {
             ...
         }

A few line breaks tidied up manually.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Message-Id: <20200707160613.848843-19-armbru@redhat.com>
2020-07-10 15:18:08 +02:00
Peter Maydell
48f22ad04e m68k pull-request 20200706
disable floatx80_invalid_encoding() for m68k
 fix m68k_cpu_get_phys_page_debug()
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAl8DhA0SHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748kn8QAJkOBWOP/CgzyB/uaPE44kLVcNBLDo9Q
 umB1JHhrchwTd/QtlTjp5dty4NgQsSfCE1dsgCKhv+vP73IGZW83ziXXnSiO5Ant
 wfXvzppT93yZ01dk0a+/HvHhWeYxDOhdqZ95AZZTiVEPnT6L+dneNN4Vz1Ri5CSw
 nW8AYmPGoGLQp0rcANHwXLm40pET5VzYmvf8rrzCYpCpYy3pIeKIbGJkPqh+XCXW
 ugZgQtXoKAcHPtHa0wO57ysC1t5S1O5K772AlDss25my/McG+QySHST/xCORch42
 v4HvYlAn/MiyoRw+noz8DXGn0gr+MeZYGbn1nmimB/xjB8fvIFn+7rhGtUa0miBF
 ewA9eLOuikzCw7I5SHtSOseDkZci9DJKcIXL+jIQLfBZbFSLXrmxgG9oVOYdm+FL
 6Wq2Hpd3H4TRNvuOHeZkxUJ4+SUnEZ7P9IFl4cG2euq5qUK9GQ1oG2Msi+Au5nTq
 Nin6FYj5qKXn1vjLzUiTz4DOjpIN1HyB0EvzOrjR+eI/KmMFZY7h3EoeUwPeymrV
 QR2N+hU/l1e+VZBSBnpdgUu32162DrmLBcvGBg5Cxb4bdnEqvKINAVez4pkh+7yj
 WxXG4jOCfBeJWIJ7yLAaZRdTZ/RSs1kO6Ksnr+Y4tAFkkbXqJPCwHM6nTEt13X1d
 BIT0s1TJ+DvX
 =JAxe
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier/tags/m68k-next-pull-request' into staging

m68k pull-request 20200706

disable floatx80_invalid_encoding() for m68k
fix m68k_cpu_get_phys_page_debug()

# gpg: Signature made Mon 06 Jul 2020 21:05:33 BST
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier/tags/m68k-next-pull-request:
  softfloat,m68k: disable floatx80_invalid_encoding() for m68k
  target/m68k: consolidate physical translation offset into get_physical_address()
  target/m68k: fix physical address translation in m68k_cpu_get_phys_page_debug()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-08 21:38:47 +01:00
Peter Maydell
c8eaf81fd2 virtio,acpi: features, fixes, cleanups.
vdpa support
 virtio-mem support
 a handy script for disassembling acpi tables
 misc fixes and cleanups
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCAAtFiEEXQn9CHHI+FuUyooNKB8NuNKNVGkFAl8EY+MPHG1zdEByZWRo
 YXQuY29tAAoJECgfDbjSjVRpOMkIAMMhfbzZXlwv1xiQ/pMTtEqXDnLeic7NK6xF
 RJkAFlMM+eEXBRZLYJXhPAFjneTA813vR0xlygHn2pYhCF3ozTfLqEABfQsG0w+d
 VDSYTnFHAx2GwGGQBNYltsIs+8lAADYhlo9VG/qC5nAsNaoVBeTJLuF96un1WGDz
 vWH0Cx/AG+yhiKvlSHA/CCSXMVGVTkRfUCjGF8Yq0mVtx23OZ9blQkJRkGfHWctB
 GxQlh/b+4YLaXhy+V1+/Iu2U45KgKN7qrsyKvHBMgKd2qazowr/D8Aexh4hN/eg5
 jibmxurDHXze+VUDCySy6qLBBySNkz++qLKfPOQ0iszDHLXQzOQ=
 =H/KL
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

virtio,acpi: features, fixes, cleanups.

vdpa support
virtio-mem support
a handy script for disassembling acpi tables
misc fixes and cleanups

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Tue 07 Jul 2020 13:00:35 BST
# gpg:                using RSA key 5D09FD0871C8F85B94CA8A0D281F0DB8D28D5469
# gpg:                issuer "mst@redhat.com"
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream: (41 commits)
  vhost-vdpa: introduce vhost-vdpa net client
  vhost-vdpa: introduce vhost-vdpa backend
  vhost_net: introduce set_config & get_config
  vhost: implement vhost_force_iommu method
  vhost: introduce new VhostOps vhost_force_iommu
  vhost: implement vhost_vq_get_addr method
  vhost: introduce new VhostOps vhost_vq_get_addr
  vhost: implement vhost_dev_start method
  vhost: introduce new VhostOps vhost_dev_start
  vhost: check the existence of vhost_set_iotlb_callback
  virtio-pci: implement queue_enabled method
  virtio-bus: introduce queue_enabled method
  vhost_net: use the function qemu_get_peer
  net: introduce qemu_get_peer
  MAINTAINERS: add VT-d entry
  docs: vhost-user: add Virtio status protocol feature
  tests/acpi: remove stale allowed tables
  numa: Auto-enable NUMA when any memory devices are possible
  virtio-mem: Exclude unplugged memory during migration
  virtio-mem: Add trace events
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

# Conflicts:
#	hw/arm/virt.c
#	hw/virtio/trace-events
2020-07-07 17:37:44 +01:00
Mark Cave-Ayland
852002b566 target/m68k: consolidate physical translation offset into get_physical_address()
Since all callers to get_physical_address() now apply the same page offset to
the translation result, move the logic into get_physical_address() itself to
avoid duplication.

Suggested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200701201531.13828-3-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-07-06 21:39:57 +02:00
Mark Cave-Ayland
78318119ee target/m68k: fix physical address translation in m68k_cpu_get_phys_page_debug()
The result of the get_physical_address() function should be combined with the
offset of the original page access before being returned. Otherwise the
m68k_cpu_get_phys_page_debug() function can round to the wrong page causing
incorrect lookups in gdbstub and various "Disassembler disagrees with
translator over instruction decoding" warnings to appear at translation time.

Fixes: 88b2fef6c3 ("target/m68k: add MC68040 MMU")
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20200701201531.13828-2-mark.cave-ayland@ilande.co.uk>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2020-07-06 21:39:19 +02:00
Peter Maydell
7623b5ba01 linux-user pull request 2020-07-02
Update linux-user maintainer
 Improve strace output for some syscalls
 Display contents of ioctl() parameters
 Fix sparc64 flushw operation
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEzS913cjjpNwuT1Fz8ww4vT8vvjwFAl8ArXESHGxhdXJlbnRA
 dml2aWVyLmV1AAoJEPMMOL0/L748ETEP/iUDv43DOpCBkDGQCps32ZpfBh4RaIiI
 IonBYyductpB/N5UGNVc461IlJuby6NTv6r5eoFfbVkHOly0Ko8SEHJ1eio3krmR
 ViEr3IVF67zSNqBHDPOKPZ2c7aC0AWJ8jQshCtgdgKbFmJM5630T0HeKk7ufdFsM
 POXI08Lv8CkTHd1PpnCxGx+s7XcvPV1ZSSseDPOY3cvYMB44NHDKOdlF2ggniiCw
 1QeCUhOMSONxjtZUimI+/5qDmD21R6e0tKq5CuTnpnN8vPWCfqO3qyJNasY3EqNm
 vA2v9RFeEqScXXMovCiJlsxtDNAzbWI+TXariQA4EFUBZ+FhhZM12HyVxudnQf7a
 k2VRlOakYkidAJiqb+ZAWDGB7xEybvblmkxkT/CF2gPTMZW5SM0VnxZmWH+BulWH
 BNtEhlUT4rDxCwL+4Xw2SIL+2veGs4CduomyVHBjXhDHlHlgyxWasYz9s1DojVIP
 jzr+Foi0H6BQDKFiwhYqInPw7QRMjjNTXVc/K3ytmCOSO9Vu0pT7MDKiIBYA7cVh
 SzNsLR0UdTLv3SY9Gno4LCU5SnAJDDnCErxXckdoqmNqxyJ2NAKQRKoV6pddOxB5
 EwsITUx92g3pORdMOqLFK1Xx1oxGr4GlRnJX1qBOGZPxYKSy3anuoewy08Q8NT9M
 v+zksJc4wLd4
 =JdG0
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-5.1-pull-request' into staging

linux-user pull request 2020-07-02

Update linux-user maintainer
Improve strace output for some syscalls
Display contents of ioctl() parameters
Fix sparc64 flushw operation

# gpg: Signature made Sat 04 Jul 2020 17:25:21 BST
# gpg:                using RSA key CD2F75DDC8E3A4DC2E4F5173F30C38BD3F2FBE3C
# gpg:                issuer "laurent@vivier.eu"
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-5.1-pull-request:
  MAINTAINERS: update linux-user maintainer
  linux-user: Add strace support for printing arguments of ioctl()
  linux-user: Add thunk argument types for SIOCGSTAMP and SIOCGSTAMPNS
  linux-user: Add strace support for printing arguments of fallocate()
  linux-user: Add strace support for printing arguments of chown()/lchown()
  linux-user: Add strace support for printing arguments of lseek()
  linux-user: Add strace support for printing argument of syscalls used for extended attributes
  linux-user: Add strace support for a group of syscalls
  linux-user: Extend strace support to enable argument printing after syscall execution
  linux-user: syscall: ioctls: support DRM_IOCTL_VERSION
  linux-user/sparc64: Fix the handling of window spill trap
  target/sparc: Translate flushw opcode

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-06 11:40:10 +01:00
Peter Maydell
eb6490f544 target-arm queue:
* i.MX6UL EVK board: put PHYs in the correct places
  * hw/arm/virt: Let the virtio-iommu bypass MSIs
  * target/arm: kvm: Handle DABT with no valid ISS
  * hw/arm/virt-acpi-build: Only expose flash on older machine types
  * target/arm: Fix temp double-free in sve ldr/str
  * hw/display/bcm2835_fb.c: Initialize all fields of struct
  * hw/arm/spitz: Code cleanup to fix Coverity-detected memory leak
  * Deprecate TileGX port
 -----BEGIN PGP SIGNATURE-----
 
 iQJNBAABCAA3FiEE4aXFk81BneKOgxXPPCUl7RQ2DN4FAl7/YnEZHHBldGVyLm1h
 eWRlbGxAbGluYXJvLm9yZwAKCRA8JSXtFDYM3pmaD/9vE0vEQIz92KoE6haS9oku
 CigsqHJRp2Q4pYA5Y7omCFR7KnUnmzr6nwDcvEpdq5Pjnp8kV36gNkr1P/KHUAQ3
 p9aJ/2jqaQ/BLI/ieIU4kVGzUrF/j+8eLm1+xXGJpl/LG2Ij2NTUwYE+dazcUdRB
 GsD/c4yRFbJpj/CgPp6tE+sZPy9HrVF4R2K/dUxmbNsYYB5EcY7gxMc+zCpcexFC
 aoJWOrxlpVBwjrToLpKVxHYG+K0giAaosEocxOJ1Iz0QWVJlBWOr7d8M8Pqoeafp
 16tE4PGfEOoHvpFhCu4pidgwKfrRKosG9bm28Bf1Ps2cze9/k2ShdXPRmbcngU32
 Ed3PbJ4ZlBoxVvEPLNdcD0aOysGjPUn1wxleFFmlsDfTxfovpF4Ki1OGBFyhb8wk
 1m3pi0VyYm6W3rKxl78Hs6Dj3svV4Qdjo8eBePVOgy+KS83Cr1fZX2OSM+4/040M
 Djxh8uH6tFvpRcFEqf1inQgznT71gTGhiCw4lxZ3OFpOhIJsLSButHcky1HTRCje
 j3TP5Mcde6NvMKfxJKIU2MSi9pWuPPinkaDBzIgZjNtwG+1bj+jnDX/WJ2LPKFCH
 aTScz05EaG61TUD3rEsRl6iRRy4dpOV8jqELE8AEir65C33SXZgNuVaRNCacvSaH
 OZybCU5dKP0TkJH9hNqOKA==
 =vdip
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20200703' into staging

target-arm queue:
 * i.MX6UL EVK board: put PHYs in the correct places
 * hw/arm/virt: Let the virtio-iommu bypass MSIs
 * target/arm: kvm: Handle DABT with no valid ISS
 * hw/arm/virt-acpi-build: Only expose flash on older machine types
 * target/arm: Fix temp double-free in sve ldr/str
 * hw/display/bcm2835_fb.c: Initialize all fields of struct
 * hw/arm/spitz: Code cleanup to fix Coverity-detected memory leak
 * Deprecate TileGX port

# gpg: Signature made Fri 03 Jul 2020 17:53:05 BST
# gpg:                using RSA key E1A5C593CD419DE28E8315CF3C2525ED14360CDE
# gpg:                issuer "peter.maydell@linaro.org"
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>" [ultimate]
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>" [ultimate]
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20200703: (34 commits)
  Deprecate TileGX port
  Replace uses of FROM_SSI_SLAVE() macro with QOM casts
  hw/arm/spitz: Provide usual QOM macros for corgi-ssp and spitz-lcdtg
  hw/arm/pxa2xx_pic: Use LOG_GUEST_ERROR for bad guest register accesses
  hw/arm/spitz: Use LOG_GUEST_ERROR for bad guest register accesses
  hw/gpio/zaurus.c: Use LOG_GUEST_ERROR for bad guest register accesses
  hw/arm/spitz: Encapsulate misc GPIO handling in a device
  hw/misc/max111x: Create header file for documentation, TYPE_ macros
  hw/misc/max111x: Use GPIO lines rather than max111x_set_input()
  hw/arm/spitz: Use max111x properties to set initial values
  ssi: Add ssi_realize_and_unref()
  hw/misc/max111x: Don't use vmstate_register()
  hw/misc/max111x: provide QOM properties for setting initial values
  hw/arm/spitz: Implement inbound GPIO lines for bit5 and power signals
  hw/arm/spitz: Keep pointers to scp0, scp1 in SpitzMachineState
  hw/arm/spitz: Keep pointers to MPU and SSI devices in SpitzMachineState
  hw/arm/spitz: Create SpitzMachineClass abstract base class
  hw/arm/spitz: Detabify
  hw/display/bcm2835_fb.c: Initialize all fields of struct
  target/arm: Fix temp double-free in sve ldr/str
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-04 16:08:41 +01:00
Peter Maydell
21d0bafbfe s390 update:
- various fixes
 - cleanup in the s390x-ccw bios
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAl7/ApgSHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vcJwP/3+kYTaPZ04Lzi2b6C5c65520GU1JcrS
 FfE1PQMn8DNv2JO175Y5fGqRmvYk0uLVHMWGWDAyImtaEjcxxwD73JOkWTFymC1R
 pGpyFnkB1W5lzwu6lZk3MKMVjjN64emLWbNUK27xTFt1P5sxIrdsJBh6fzI831KN
 1Z0wzhtkxxpbNfa6vZek5IlzUKebqBLIBuZx0tMp0gZsLlUWeHgyCD3/VvSgTXNk
 Wiesk+Mk4hBnP0v7u1JLihuwAkL9gfrpdOLozPCwkQwdc/YMxNR4aoMZtUvS8NPS
 6/e1EZdcyNFrWuIr9MQM8vc+XQNTmenExHeiSuBAt1jwI280olsJKn+ToiV7BEC7
 VOTIpWaWYnV+PNOpCZNOq247z/pC+0DsYCv6Oomj+ogVd5pWauFhSXNoYp9/Ctim
 2g7PY0GGJkX8rIuYlawW+k8U1sLg/PafyAxps904Ow3ZdJBaRZ2d59dUpoEAqr3i
 cS+h/r17y+JUGknVF/YmNV6oIIoUIsP4A5wExhN3ab6SUSzW9Z0FsveOvuJizr4n
 QwQWN2C1WxHoJFuDauVMSCDLfqRGO+uMaXqtCx5PdQ46hAx9EtpwbMUUSibJcdUX
 W/tbeOje5/KXcqRjOKhkujMQjE9YUP0KOaBrt0PdBkl2z/Ex1npI5mSUb80ZuT54
 Wx+MYApzxhQC
 =Mvqj
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20200703' into staging

s390 update:
- various fixes
- cleanup in the s390x-ccw bios

# gpg: Signature made Fri 03 Jul 2020 11:04:08 BST
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [marginal]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [marginal]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [marginal]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20200703:
  s390x/pci: fix set_ind_atomic
  virtio-ccw: fix virtio_set_ind_atomic
  target/s390x: Fix SQXBR
  pc-bios/s390: Update s390-ccw bios binaries with the latest changes
  pc-bios/s390-ccw: Generate and include dependency files in the Makefile
  pc-bios: s390x: Make u32 ptr check explicit
  pc-bios: s390x: Use ebcdic2ascii table
  pc-bios: s390x: Move panic() into header and add infinite loop
  pc-bios: s390x: Use PSW masks where possible and introduce PSW_MASK_SHORT_ADDR
  pc-bios: s390x: Rename PSW_MASK_ZMODE to PSW_MASK_64
  pc-bios: s390x: Get rid of magic offsets into the lowcore
  pc-bios: s390x: Move sleep and yield to helper.h
  pc-bios: s390x: Consolidate timing functions into time.h
  pc-bios: s390x: cio.c cleanup and compile fix

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-04 10:24:07 +01:00
Richard Henderson
4b4dc9750a target/arm: Fix temp double-free in sve ldr/str
The temp that gets assigned to clean_addr has been allocated with
new_tmp_a64, which means that it will be freed at the end of the
instruction.  Freeing it earlier leads to assertion failure.

The loop creates a complication, in which we allocate a new local
temp, which does need freeing, and the final code path is shared
between the loop and non-loop.

Fix this complication by adding new_tmp_a64_local so that the new
local temp is freed at the end, and can be treated exactly like
the non-loop path.

Fixes: bba87d0a0f
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-id: 20200702175605.1987125-1-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-03 16:59:43 +01:00
Beata Michalska
1711bfa5f5 target/arm: kvm: Handle misconfigured dabt injection
Injecting external data abort through KVM might trigger
an issue on kernels that do not get updated to include the KVM fix.
For those and aarch32 guests, the injected abort gets misconfigured
to be an implementation defined exception. This leads to the guest
repeatedly re-running the faulting instruction.

Add support for handling that case.

[
  Fixed-by: 018f22f95e8a
	('KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests')
  Fixed-by: 21aecdbd7f3a
	('KVM: arm: Make inject_abt32() inject an external abort instead')
]

Signed-off-by: Beata Michalska <beata.michalska@linaro.org>
Acked-by: Andrew Jones <drjones@redhat.com>
Message-id: 20200629114110.30723-3-beata.michalska@linaro.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-03 16:59:42 +01:00
Beata Michalska
694bcaa81f target/arm: kvm: Handle DABT with no valid ISS
On ARMv7 & ARMv8 some load/store instructions might trigger a data abort
exception with no valid ISS info to be decoded. The lack of decode info
makes it at least tricky to emulate those instruction which is one of the
(many) reasons why KVM will not even try to do so.

Add support for handling those by requesting KVM to inject external
dabt into the quest.

Signed-off-by: Beata Michalska <beata.michalska@linaro.org>
Reviewed-by: Andrew Jones <drjones@redhat.com>
Message-id: 20200629114110.30723-2-beata.michalska@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2020-07-03 16:59:42 +01:00
Richard Henderson
9bf728a09b target/s390x: Fix SQXBR
The output is 128-bit, and thus requires a pair of 64-bit temps.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Buglink: https://bugs.launchpad.net/bugs/1883984
Message-Id: <20200620042140.42070-1-richard.henderson@linaro.org>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2020-07-03 11:15:59 +02:00
LIU Zhiwei
6bf91617f4 target/riscv: configure and turn on vector extension from command line
Vector extension is default off. The only way to use vector extension is
1. use cpu rv32 or rv64
2. turn on it by command line
   "-cpu rv64,x-v=true,vlen=128,elen=64,vext_spec=v0.7.1".

vlen is the vector register length, default value is 128 bit.
elen is the max operator size in bits, default value is 64 bit.
vext_spec is the vector specification version, default value is v0.7.1.
These properties can be specified with other values.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-62-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:34 -07:00
LIU Zhiwei
31bf42a26c target/riscv: vector compress instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-61-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:34 -07:00
LIU Zhiwei
e4b83d5c09 target/riscv: vector register gather instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-60-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
ec17e03688 target/riscv: vector slide instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-59-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
2843420a56 target/riscv: floating-point scalar move instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-58-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
9fc08be626 target/riscv: integer scalar move instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-57-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
90355f391d target/riscv: integer extract instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-56-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
126bec3f6f target/riscv: vector element index instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-55-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
78d90cfe85 target/riscv: vector iota instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-54-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
81fbf7daf2 target/riscv: set-X-first mask bit
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-53-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
0db67e1c0c target/riscv: vmfirst find-first-set mask bit
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-52-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
2e88f551df target/riscv: vector mask population count vmpopc
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-51-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
c21f34aebf target/riscv: vector mask-register logical instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-50-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
696b0c260a target/riscv: vector widening floating-point reduction instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-49-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
523547f19e target/riscv: vector single-width floating-point reduction instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-48-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
bba718200b target/riscv: vector wideing integer reduction instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-47-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
fe5c9ab1fc target/riscv: vector single-width integer reduction instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-46-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
878d406ec2 target/riscv: narrowing floating-point/integer type-convert instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-45-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
4514b7b123 target/riscv: widening floating-point/integer type-convert instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-44-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
9210097326 target/riscv: vector floating-point/integer type-convert instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-43-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
64ab584697 target/riscv: vector floating-point merge instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-42-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
121ddbb36f target/riscv: vector floating-point classify instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-41-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
2a68e9e568 target/riscv: vector floating-point compare instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-40-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
1d426b81f7 target/riscv: vector floating-point sign-injection instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-39-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
230b53ddd7 target/riscv: vector floating-point min/max instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-38-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
d9e4ce72a5 target/riscv: vector floating-point square-root instruction
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-37-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
0dd509594f target/riscv: vector widening floating-point fused multiply-add instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-36-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
4aa5a8fed4 target/riscv: vector single-width floating-point fused multiply-add instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-35-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
f7c7b7cd29 target/riscv: vector widening floating-point multiply
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-34-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
0e0057cbe2 target/riscv: vector single-width floating-point multiply/divide instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-33-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
eeffab2ec1 target/riscv: vector widening floating-point add/subtract instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-32-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
ce2a0343f4 target/riscv: vector single-width floating-point add/subtract instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-31-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
9ff3d28739 target/riscv: vector narrowing fixed-point clip instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-30-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
04a614062d target/riscv: vector single-width scaling shift instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-29-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
0a1eaf0036 target/riscv: vector widening saturating scaled multiply-add
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-28-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
9f0ff9e514 target/riscv: vector single-width fractional multiply with rounding and saturation
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-27-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
b7aee48192 target/riscv: vector single-width averaging add and subtract
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-26-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
eb2650e35e target/riscv: vector single-width saturating add and subtract
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-25-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
f020a7a145 target/riscv: vector integer merge and move instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-24-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
2b587b3350 target/riscv: vector widening integer multiply-add instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-23-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
54df813a33 target/riscv: vector single-width integer multiply-add instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-22-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
97b1cba399 target/riscv: vector widening integer multiply instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-21-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
85e6658cfe target/riscv: vector integer divide instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-20-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
958b85f368 target/riscv: vector single-width integer multiply instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-19-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
558fa7797c target/riscv: vector integer min/max instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-18-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
1366fc79be target/riscv: vector integer comparison instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-17-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
7689b028ca target/riscv: vector narrowing integer right shift instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-16-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
3277d955d2 target/riscv: vector single-width bit shift instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-15-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
d3842924cf target/riscv: vector bitwise logical instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-14-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
3a6f8f68ad target/riscv: vector integer add-with-carry / subtract-with-borrow instructions
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-13-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
8fcdf77630 target/riscv: vector widening integer add and subtract
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-12-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
43740e3a3b target/riscv: vector single-width integer add and subtract
Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-11-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
268fcca66b target/riscv: add vector amo operations
Vector AMOs operate as if aq and rl bits were zero on each element
with regard to ordering relative to other instructions in the same hart.
Vector AMOs provide no ordering guarantee between element operations
in the same vector AMO instruction

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-10-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
022b4ecf77 target/riscv: add fault-only-first unit stride load
The unit-stride fault-only-fault load instructions are used to
vectorize loops with data-dependent exit conditions(while loops).
These instructions execute as a regular load except that they
will only take a trap on element 0.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-9-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
f732560e35 target/riscv: add vector index load and store instructions
Vector indexed operations add the contents of each element of the
vector offset operand specified by vs2 to the base effective address
to give the effective address of each element.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-8-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:33 -07:00
LIU Zhiwei
751538d5da target/riscv: add vector stride load and store instructions
Vector strided operations access the first memory element at the base address,
and then access subsequent elements at address increments given by the byte
offset contained in the x register specified by rs2.

Vector unit-stride operations access elements stored contiguously in memory
starting from the base effective address. It can been seen as a special
case of strided operations.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20200701152549.1218-7-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:32 -07:00
LIU Zhiwei
f476f17740 target/riscv: add an internals.h header
The internals.h keeps things that are not relevant to the actual architecture,
only to the implementation, separate.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-6-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:32 -07:00
LIU Zhiwei
2b7168fc43 target/riscv: add vector configure instruction
vsetvl and vsetvli are two configure instructions for vl, vtype. TB flags
should update after configure instructions. The (ill, lmul, sew ) of vtype
and the bit of (VSTART == 0 && VL == VLMAX) will be placed within tb_flags.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-5-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:32 -07:00
LIU Zhiwei
8e3a1f1887 target/riscv: support vector extension csr
The v0.7.1 specification does not define vector status within mstatus.
A future revision will define the privileged portion of the vector status.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-4-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:32 -07:00
LIU Zhiwei
3293138327 target/riscv: implementation-defined constant parameters
vlen is the vector register length in bits.
elen is the max element size in bits.
vext_spec is the vector specification version, default value is v0.7.1.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-3-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:32 -07:00
LIU Zhiwei
ad9e5aa2ae target/riscv: add vector extension field in CPURISCVState
The 32 vector registers will be viewed as a continuous memory block.
It avoids the convension between element index and (regno, offset).
Thus elements can be directly accessed by offset from the first vector
base address.

Signed-off-by: LIU Zhiwei <zhiwei_liu@c-sky.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20200701152549.1218-2-zhiwei_liu@c-sky.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
2020-07-02 09:19:32 -07:00