I check MIPS microMIPS manual [1], and found the major opcode might
be wrong. I add a comment to explicitly indicate what manual I am refering
to, and according that manual I remove microMIPS32 major opcodes 0x1f.
As for others, like 0x16, 0x17, 0x36 and 0x37, they are for higher-order
MIPS ISA level or new revision of this microMIPS architecture. Quote
from Johnson, they are belong MIPS64 [2].
[1] http://www.mips.com/products/architectures/micromips/#specifications
MIPS Architecture for Programmers Volume II-B:
The microMIPS32 Instruction Set (Revision 3.05)
MD00582-2B-microMIPS-AFP-03.05.pdf
[2] http://www.mips.com/products/architectures/mips64/
MIPS Architecture For Programmers
Volume II-A: The MIPS64 Instruction Set
MD00087-2B-MIPS64BIS-AFP-03.51.pdf
Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw>
Reviewed-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Current QEMU MIPS POOL32AXF encoding comes from microMIPS32
and microMIPS32 DSP. Add comment here to help reading.
Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw>
Reviewed-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
While reading microMIPS decoding, I found a possible wrong opcode
encoding. According to [1] page 166, the bits 13..12 for MULTU is
0x01 rather than 0x00. Please review, thanks.
[1] MIPS Architecture for Programmers VolumeIV-e: The MIPS DSP
Application-Specific Extension to the microMIPS32 Architecture
Signed-off-by: Chen Wei-Ren <chenwj@iis.sinica.edu.tw>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The call to gen_logic_imm for OPC_LUI passes -1 for rs. This
causes the MIPS_DEBUG statement to seg fault due to the deference
of regnames[rs]. This patch fixes that.
Signed-off-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
(aurel32: replaced static string formating by a static string)
Pass around CPUArchState instead of using global cpu_single_env.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Richard Henderson <rth@twiddle.net>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
Fix build on a 32 bit host:
CC mips-softmmu/target-mips/dsp_helper.o
/src/qemu/target-mips/dsp_helper.c: In function 'helper_dextr_rs_w':
/src/qemu/target-mips/dsp_helper.c:3556: error: integer constant is too large for 'long' type
/src/qemu/target-mips/dsp_helper.c: In function 'helper_extr_s_h':
/src/qemu/target-mips/dsp_helper.c:3656: error: integer constant is too large for 'long' type
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
If the guest uses a TLBWI instruction for upgrading permissions, we
don't need to flush the extra TLBs. This improve boot time performance
by about 10%.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the deposit op instead of and hardcoded bit field insertion. It
allows the host to emit the corresponding instruction if available.
At the same time remove the (lsb > msb) test. The MIPS64R2 instruction
set manual says "Because of the instruction format, lsb can never be
greater than msb, so there is no UNPREDICATABLE case for this
instruction."
(Bug reported as LP:1071149.)
Cc: Никита Канунников <n.kanunnikov@sbtcom.ru>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The result of a division by 0, or a division of INT_MIN by -1 in the
signed case, is unpredictable. Just replace 0 by 1 in that case so that
it doesn't trigger a floating point exception on the host.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Avoid the branches in movn/movz implementation and replace them with
movcond. Also update a wrong command.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Store conditional operations only need local temps in user mode. Fix
the code to use temp local only in user mode, this spares two memory
stores in system mode.
At the same time remove a wrong a wrong copied & pasted comment,
store operations don't have a register destination.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Load/store from helpers should be avoided as they are quite
inefficient. Rewrite unaligned loads instructions using TCG and
aligned loads. The number of actual loads operations to implement
an unaligned load instruction is reduced from up to 8 to 1.
Note: As we can't rely on shift by 32 or 64 undefined behaviour,
the code loads already shift by one constants.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
load/store microMIPS helpers are reinventing the wheel. Call do_lw,
do_ll, do_sw and do_sl instead of using a macro calling the cpu_*
load/store functions.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Load/store operations use macros for historical reasons. Now that there
is no point in keeping them, replace them by direct calls to qemu_ld/st.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Rework *raise_exception*() functions so that they can be called from
other helpers, passing the return address as an argument.
Use do_raise_exception() function in update_fcr31() to correctly restore
the CPU state after an FPU exception.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
softfloat already has a few constants defined, use them instead of
redefining them in target-mips.
Rename FLOAT_SNAN32 and FLOAT_SNAN64 to FP_TO_INT32_OVERFLOW and
FP_TO_INT64_OVERFLOW as even if they have the same value, they are
technically different (and defined differently in the MIPS ISA).
Remove the unused constants.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Instead of accessing the flags from the floating point control
register after updating it, read the softfloat flags.
This is just code cleanup and should not change the behaviour.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
For each FPU instruction that can trigger an FPU exception, to call
call update_fcr31() after.
Remove the manual NaN assignment in case of float to float operation, as
softfloat is already taking care of that. However for float to int
operation, the value has to be changed to the MIPS one. In the cvtpw_ps
case, the two registers have to be handled separately to guarantee
a correct final value in both registers.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Instead of clearing the softfloat exception flags before each floating
point instruction, reset them to 0 in update_fcr31() when an exception
is detected.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the new softfloat floatXX_muladd() functions to implement the madd,
msub, nmadd and nmsub instructions. At the same time replace the name of
the helpers by the name of the instruction, as the only reason for the
previous names was to keep the macros simple.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When the CPU state after a possible retranslation is going to be handled
through code retranslation, we don't need to save the CPU state before.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When the CPU state is restored through retranslation after an exception,
btarget should also be restored.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
All switch() decoding instruction have a default entry, so it is possible
to have unused enum entries. Remove conditional definitions of MIPS64
opcode enums, as it only makes the code less readable.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add internal functions using by MIPS ASE DSP instructions.
Signed-off-by: Jia Liu <proljc@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
For target-mips also change the return type to bool.
Make include paths for cpu-qom.h consistent for alpha and unicore32.
Signed-off-by: Andreas Färber <afaerber@suse.de>
[AF: Updated new target-openrisc function accordingly]
Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)
With normal FP, this doesn't have much affect on the generated code,
because most of the FP operations are not CONST/PURE, and so we spill
registers in about the same frequency as the explicit load/stores.
But with Loongson multimedia instructions, which are all integral and
whose helpers are in fact CONST+PURE, this greatly improves the code.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Rename helper flags to the new ones. This is purely a mechanical change,
it's possible to use better flags by looking at the helpers.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
target_phys_addr_t is unwieldly, violates the C standard (_t suffixes are
reserved) and its purpose doesn't match the name (most target_phys_addr_t
addresses are not target specific). Replace it with a finger-friendly,
standards conformant hwaddr.
Outstanding patchsets can be fixed up with the command
git rebase -i --exec 'find -name "*.[ch]"
| xargs s/target_phys_addr_t/hwaddr/g' origin
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Needed for changing mips_vpe_sleep() argument type to MIPSCPU.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Needed for moving halted field to CPUState.
The variable name "c" is retained for MIPSCPU to leave "cpu" for CPUState.
Also change return type to bool while at it.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Needed for changing mips_vpe_is_wfi() argument type to MIPSCPU.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Free the variable name "other_cpu" for later use for MIPSCPU.
Fix off-by-one indentation while at it.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
For all targets that currently call tcg_gen_debug_insn_start,
add CPU_LOG_TB_OP_OPT to the condition that gates it.
This is useful for comparing optimization dumps, when the
pre-optimization dump is merely noise.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Implements all of the COP2 instructions except for the S<cond>
family of comparisons. The documentation is unclear for those.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
this will prevent some of the compilation errors with debugging
enabled from creeping back in.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The macro uses the DisasContext. Pass it around as needed.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Used by MIPS_DEBUG, when enabled.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add an explicit CPUState parameter instead of relying on AREG0
and switch to AREG0 free mode.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
This change updates the CPU reset sequence to use a common piece of code
that figures out CPU state flags, fixing the problem with MIPS_HFLAG_COP1X
not being set where applicable that causes floating-point MADD family
instructions (and other instructions from the MIPS IV FP subset) to trap.
As compute_hflags is now shared between op_helper.c and translate.c, the
function is now moved to a common header. There are no changes to this
function.
The problem was seen with the 24Kf MIPS32r2 processor in user emulation.
The new approach prevents system and user emulation from diverging -- all
the hflags state is initialized in one place now.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The microMIPS SWP and SDP instructions do not modify GPRs. So their
behavior is well defined when RD equals BASE. The MIPS Architecture
Verification Programs (AVPs) check that they work as expected. This
is required for AVPs to pass.
Signed-off-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The MIPS Architecture Verification Programs (AVPs) check privileged
instructions for the required privilege level. These changes are needed
to pass the AVP suite.
Signed-off-by: Eric Johnson <ericj@mips.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The kernel will emulate this instruction if it's not supported
natively. This insn is used for TLS, among other things, and
so is required by modern glibc.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Cc: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The FS input to CVT.PS.S is the high half and FT is the low half.
tcg_gen_concat_i32_i64 takes the low half first, so the operands
were in the wrong order.
Signed-off-by: Richard Sandiford <rdsandiford@googlemail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Read the second input operand of RECIP2.S and RECIP2.PS from FT rather
than FD. RECIP2.D is already correct.
Signed-off-by: Richard Sandiford <rdsandiford@googlemail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Commits b5dc7732e1 and
be24bb4f30 optimized the code
and removed the correct setting of t0. Fix this.
gcc-4.7 detected this bug because parameter arg1 was unused
but set in set_HIT0_LO and set_HI_LOT0.
Cc: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
While running in the usermode emulator all of the required*
MIPS32r2 RDHWR hardware registers should be accessible (the
Linux kernel enables access to these same registers). Note
that these registers are still enabled when the MIPS ISA is
not release 2. This is OK since the Linux kernel emulates
access to them when they are not available in hardware.
* There is also the ULR register which is only recommended
for full release 2 compliance. Incidentally, accessing
this register in the current implementation works fine
without flipping its access bit.
Signed-off-by: Meador Inge <meadori@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This change addresses a problem where QEMU incorrectly traps on
floating-point MADD group instructions with SIGILL, at least while
emulating MIPS32r2 processors. These instructions use the COP1X major
opcode and include ones like:
madd.d $f2,$f4,$f2,$f6
Here's Nathan's original analysis of the problem:
"QEMU essentially does:
d = find_cpu (cpu_string) // get CPU definition
fpu_init (env, d) // initialize fpu state (init FCR0, basically)
cpu_reset (env)
...and the cpu_reset call clears all interesting state that fpu_init
setup, then proceeds to reinitialize all the CP0 registers...but not
FCR0."
I have verified this change with system emulation running the GDB test
suite for the mips-sde-elf target (o32, big endian, 24Kf CPU emulated),
there were 55 progressions and no regressions.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
In commit 1bba0dc932 cpu_reset()
was renamed to cpu_state_reset(), to allow introducing a new cpu_reset()
that would operate on QOM objects.
All callers have been updated except for one in target-mips, so drop all
implementations except for the one in target-mips and move the
declaration there until MIPSCPU reset can be fully QOM'ified.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> (for mb + cris)
Acked-by: Alexander Graf <agraf@suse.de> (for ppc)
Acked-by: Blue Swirl <blauwirbel@gmail.com>
Commit 0f71a7095d (target-mips: QOM'ify
CPU) hooked up cpu_state_reset() to CPUClass::reset(). Dropping the
introduction of subclasses for 1.1, due to mips_def_t the reset code
could not be QOM'ified yet, i.e. cpu_state_reset() will not forward to
CPUClass::reset().
Update cpu_mips_init() with cpu_reset() nontheless, indirectly calling
cpu_state_reset(), so that generic code can be converted to call
cpu_reset().
Signed-off-by: Andreas Färber <afaerber@suse.de>
There's some dodgy application of De Morgan's law in the emulation
of the MIPS BC1ANY[24]F instructions: they end up branching only
if all CCs are false, rather than if one CC is.
Tested on mips64-linux-gnu, where it fixes the GCC MIPS3D tests.
Signed-off-by: Richard Sandiford <rdsandiford@googlemail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* 'qom-cpu-rest.v1' of git://github.com/afaerber/qemu-cpu:
Makefile: Simplify compilation of target-*/cpu.c
target-mips: Start QOM'ifying CPU init
target-mips: QOM'ify CPU
target-m68k: Add QOM CPU subclasses
target-m68k: Start QOM'ifying CPU init
target-m68k: QOM'ify CPU reset
target-m68k: QOM'ify CPU
target-sh4: Start QOM'ifying CPU init
target-sh4: QOM'ify CPU reset
target-sh4: QOM'ify CPU
MAINTAINERS: Downgrade target-mips and target-sh4 to Odd Fixes
MAINTAINERS: Downgrade target-m68k to Odd Fixes
Move code not dependent on mips_def_t from cpu_mips_init() into a
QOM initfn, as a start.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Embed CPUMIPSState as first member of QOM MIPSCPU.
Let CPUClass::reset() call cpu_state_reset() for now.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Richard Henderson <rth@twiddle.net>
osdep.h is included via qemu-common.h.
Prepares for use of [u]int_fast*_t types in softfloat code.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Cc: Ben Taylor <bentaylor.solx86@gmail.com>
Cc: Aurélien Jarno <aurelien@aurel32.net>
Cc: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Bernhard Walle <bernhard@bwalle.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Use uintptr_t instead of void * or unsigned long in
several op related functions, env->mem_io_pc and
GETPC() macro.
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The official spelling is QEMU.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
[blauwirbel@gmail.com: fixed comment style in hw/sun4m.c]
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The official spelling is QEMU.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
helper_raise_exception_err does not return, nor do helper_raise_exception
and do_unaligned_access.
Cc: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Scripted conversion:
for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do
sed -i "s/CPUState/CPUArchState/g" $file
done
All occurrences of CPUArchState are expected to be replaced by QOM CPUState,
once all targets are QOM'ified and common fields have been extracted.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
sed -i "s/CPUState/CPUMIPSState/g" target-mips/*.[hc]
sed -i "s/#define CPUMIPSState/#define CPUState/" target-mips/cpu.h
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Frees the identifier cpu_reset for QOM CPUs (manual rename).
Don't hide the parameter type behind explicit casts, use static
functions with strongly typed argument to indirect.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
* it's -> its (fixed for all files)
* dont -> don't (only fixed in a line which was touched by the previous fix)
* distrub -> disturb (fixed in the same line)
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
accidently->accidentally
annother->another
choosen->chosen
consideres->considers
decriptor->descriptor
developement->development
paramter->parameter
preceed->precede
preceeding->preceding
priviledge->privilege
propogation->propagation
substraction->subtraction
throught->through
upto->up to
usefull->useful
Fix also grammar in posix-aio-compat.c
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Cc: Richard Henderson <rth@twiddle.net>
Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Alexander Graf <agraf@suse.de>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Dong Xu Wang <wdongxu@linux.vnet.ibm.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
1. The pending need to pass the Status IM gating.
2. The priority is from seven (highest prio) down to zero.
QEMU was doing the opposite.
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
