This patch adds emulation for the "Data-processing (3 source)"
family of instructions, namely MADD, MSUB, SMADDL, SMSUBL, SMULH,
UMADDL, UMSUBL, UMULH.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds emulation for the mov wide instructions
(MOVN, MOVZ, MOVK).
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement the non-carry forms of addition and subtraction
(immediate, extended register and shifted register).
This includes the code to calculate NZCV if the instruction
calls for setting the flags.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This adds support for the pre/post-index ld/st forms with immediate
offsets as well as the un-scaled immediate form (which are all
variations on the same 9-bit immediate instruction form).
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This adds support for the load/store forms using a register offset.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This adds support for the forms of ld/st with a 12 bit
unsigned immediate offset.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch support the basic load and store pair instructions and
includes the generic helper functions:
* do_gpr_st()
* do_fp_st()
* do_gpr_ld()
* do_fp_ld()
* read_cpu_reg_sp()
* gen_check_sp_alignment()
The last function gen_check_sp_alignment() is a NULL op currently but
put in place to make it easy to add SP alignment checking later.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds support for C3.4.4 Logical (immediate),
which include AND, ANDS, ORR, EOR.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted to new decoder, function renaming,
removed a TCG temp variable]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
[PMM: cleaned up some unnecessary code in logic_imm_decode_wmask
and added clarifying commentary on what it's actually doing.
Dropped an ext32u that's not needed if we've just done an AND.]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
this patch adds support for the CLS instruction.
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This adds support for C5.6.149 REV, C5.6.151 REV32, C5.6.150 REV16.
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This adds support for the C5.6.147 RBIT instruction.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted to new decoder, use bswap64,
make RBIT part standalone from the rest of the patch,
splitting REV into a separate patch]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds support for decoding 1-src data processing insns,
and the first user, C5.6.40 CLZ (count leading zeroes).
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds support for decoding 2-src data processing insns,
and the first users, UDIV and SDIV.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted to new decoder adding the 2-src decoding level,
always zero-extend result in 32bit mode]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds emulation support for the EXTR instruction.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted for new decoder, removed a few temporaries,
fixed the 32bit bug, added checks for more
unallocated cases]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Add support for the instructions described in
"C3.4.6 PC-rel. addressing" (ADR and ADRP).
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted to new decoder structure]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add support for the instructions described in "C3.5.10 Logical
(shifted register)".
We store the flags in the same locations as the 32 bit decoder.
This is slightly awkward when calculating 64 bit results, but seems
a better tradeoff than having to rework the whole 32 bit decoder
and also make 32 bit result calculation in A64 awkward.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: some refactoring to avoid hidden allocation of temps,
rework flags, use enums for shift types,
renaming of functions]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
[PMM: Use TCG's andc/orc/eqv ops rather than manually inverting]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds support for the instruction group "C3.5.6
Conditional select": CSEL, CSINC, CSINV, CSNEG.
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
[PMM: Improved code generated in the nomatch case as per RTH suggestions]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds emulation for the compare and branch insns,
CBZ and CBNZ.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted to new decoder,
compare with immediate 0,
introduce read_cpu_reg to get the 0 extension on (!sf)]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds emulation for the test and branch insns,
TBZ and TBNZ.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio:
adapted for new decoder
always compare with 0
remove a TCG temporary
]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
This patch adds emulation for the conditional branch (b.cond) instruction.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: adapted to new decoder structure,
reused arm infrastructure for checking the flags]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement BR, BLR and RET. This is all of the 'unconditional
branch (register)' instruction category except for ERET
and DPRS (which are system mode only).
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: reimplemented on top of new decoder structure]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Implement the B and BL instructions (PC relative branches and calls).
For convenience in managing TCG temporaries which might be generated
if a source register is the zero-register XZR, we provide a simple
mechanism for creating a new temp which is automatically freed at the
end of decode of the instruction.
Signed-off-by: Alexander Graf <agraf@suse.de>
[claudio: renamed functions, adapted to new decoder layout]
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Decode the various kinds of system instructions:
hints (HINT), which include NOP, YIELD, WFE, WFI, SEV, SEL
sync instructions, which include CLREX, DSB, DMB, ISB
msr_i, which move immediate to processor state field
sys, which include all SYS and SYSL instructions
msr, which move from a gp register to a system register
mrs, which move from a system register to a gp register
Provide implementations where they are trivial nops.
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Provide a skeleton for a64 instruction decoding in translate-a64.c,
by dividing instructions into the classes defined by the
ARM Architecture Reference Manual(DDI0487A_a) section C3.
Signed-off-by: Claudio Fontana <claudio.fontana@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
We will need helpers that only make sense with AArch64. Add
helper-a64.{c,h} files as stubs that we can fill with these
helpers in the following patches.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Register the aarch64-fpu XML and implement the necessary
read/write handlers so we can support reading and writing
of FP registers in the gdb stub.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The information which AArch32 holds in the FPSCR is split for
AArch64 into two logically distinct registers, FPSR and FPCR.
Since they are carefully arranged to use non-overlapping bits,
we leave the underlying state in the same place, and provide
accessor functions which just update the appropriate bits
via vfp_get_fpscr() and vfp_set_fpscr().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
When executing translation blocks we need to be able to recover
our program counter. Add a method to set it for AArch64 CPUs.
This covers user-mode, but for system mode emulation we will
need to check if the CPU is in an AArch32 execution state.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The A32/T32 gen_intermediate_code_internal() is complicated because it
has to deal with:
* conditionally executed instructions
* Thumb IT blocks
* kernel helper page
* M profile exception-exit special casing
None of these apply to A64, so putting the "this is A64 so
call the A64 decoder" check in the middle of the A32/T32
loop is confusing and means the A64 decoder's handling of
things like conditional jump and singlestepping has to take
account of the conditional-execution jumps the main loop
might emit.
Refactor the code to give A64 its own gen_intermediate_code_internal
function instead.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Add the bare minimum set of functions needed for control of an
AArch64 KVM vcpu:
* CPU initialization
* minimal get/put register functions which only handle the
basic state of the CPU
Signed-off-by: Mian M. Hamayun <m.hamayun@virtualopensystems.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1385645602-18662-4-git-send-email-peter.maydell@linaro.org
[PMM: significantly overhauled; most notably:
* code lives in kvm64.c rather than using #ifdefs
* support '-cpu host' rather than implicitly using whatever the
host's CPU is regardless of what the user requests
* fix bug attempting to get/set nonexistent X[31]
* fix bug writing 64 bit kernel pstate into uint32_t env field
]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
The env->pstate field is a little odd since it doesn't strictly
speaking represent an architectural register. However it's convenient
for QEMU to use it to hold the various PSTATE architectural bits
in the same format the architecture specifies for SPSR registers
(since this is the same format the kernel uses for signal handlers
and the KVM register). Add some structure to how we deal with it:
* document what env->pstate is
* add some #defines for various bits in it
* add helpers for reading/writing it taking account of caching
of NZCV, and use them where appropriate
* reset it on startup
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1385645602-18662-3-git-send-email-peter.maydell@linaro.org
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Split ARM KVM support code which is 32 bit specific out into its
own file, which we only compile on 32 bit hosts. This will give
us a place to add the 64 bit support code without adding lots of
ifdefs to kvm.c.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1385645602-18662-2-git-send-email-peter.maydell@linaro.org
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
If hivecs are being used on reset, the CPU should come out of reset at
the hivecs reset vector (0xFFFF0000)
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 3afc69c4f58f60aa2bbee7b91574a4eb414b1c23.1387160489.git.peter.crosthwaite@xilinx.com
[ PC Changes:
* Fixed Grammar error in commit message
* Elaborated commit message.
]
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add an ARM CPU property for the reset value of hivecs as it is a
board/SoC configurable setting.
The existence of the property is conditional on the ARM CPU not being M
class.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: b04216c6bda4bd163f44a55bba552d0e8267481f.1387160489.git.peter.crosthwaite@xilinx.com
[ PC Changes:
* Elaborated commit message
* refactored to use qdev_property_add_static
]
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The reset value of the CP15 CBAR is a vendor (machine) configurable
property. If ARM_FEATURE_CBAR is set, add it as a property at
post_init time.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 2f1eec3f912135deea6252360e03645003d12e0a.1387160489.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Some processors (notably A9 within Highbank) define and use the
CP15 configuration base address (CBAR). This is vendor specific
so its best implemented as a CPU property (otherwise we would need
vendor specific child classes for every ARM implementation).
This patch prepares support for converting CBAR reset value to
a CPU property by moving the CP registration out of the CPU
init fn, as registration will need to happen at realize time
to pick up any property updates. The easiest way to do this
is via definition of a new ARM_FEATURE to flag the existence
of the register.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 9f697ef1e2ee60a3b9ef971a7f3bc3fa6752a9b7.1387160489.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The cp15.c15 space is implementation defined. Currently there is a
dummy placeholder register RAZing it. Allow overriding of this RAZ
so implementations of specific registers can take precedence.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: ed1bacec56dae00cb398c798f8240e8e685f949c.1387160489.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds support for the AESE/AESD/AESMC/AESIMC instructions that
are available on some v8 implementations of Aarch32.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Message-id: 1386266078-6976-1-git-send-email-ard.biesheuvel@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Current implementation is not accurate according to ARMv7-AR reference
manual. See "B4.1.153 TTBCR, Translation Table Base Control Register,
VMSA | TTBCR format when using the Long-descriptor translation table
format". When LPAE feature is supported, EAE, bit[31] selects
translation descriptor format and, therefore, TTBCR format.
Signed-off-by: Sergey Fedorov <s.fedorov@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1386657709-23399-1-git-send-email-s.fedorov@samsung.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Retain the existing gen_aa32_* inlines, to aid compilation for A64.
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Message-id: 1386628626-21627-1-git-send-email-rth@twiddle.net
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds support for the ARMv8 Advanced SIMD VMAXNM and VMINNM
instructions.
Signed-off-by: Will Newton <will.newton@linaro.org>
Message-id: 1386158099-9239-7-git-send-email-will.newton@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds support for the ARMv8 floating point VMAXNM and VMINNM
instructions.
Signed-off-by: Will Newton <will.newton@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1386158099-9239-6-git-send-email-will.newton@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds support for the VSEL floating point selection instruction
which was added in ARMv8.
Signed-off-by: Will Newton <will.newton@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1386158099-9239-3-git-send-email-will.newton@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Floating point is an extension to the instruction set rather than
a coprocessor, so call it directly from the ARM and Thumb decode
functions.
Signed-off-by: Will Newton <will.newton@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1386158099-9239-2-git-send-email-will.newton@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement '-cpu host' for ARM when we're using KVM, broadly
in line with other KVM-supporting architectures.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1385140638-10444-11-git-send-email-peter.maydell@linaro.org
Instead of assuming that a KVM target CPU must always be a
Cortex-A15 and hardcoding this in kvm_arch_init_vcpu(),
store the KVM_ARM_TARGET_* value in the ARMCPU class,
and use that.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1385140638-10444-10-git-send-email-peter.maydell@linaro.org
New ARM boards are generally expected to boot their secondary CPUs
via the PSCI interface, rather than ad-hoc "loop around in holding
pen code" as hw/arm/boot.c implements. In particular this is
necessary for mach-virt kernels. For KVM we achieve this by creating
the VCPUs with a feature flag marking them as starting in PSCI
powered-down state; the guest kernel will then make a PSCI call
(implemented in the host kernel) to start the secondaries at
an address of its choosing once it has got the primary CPU up.
Implement this setting of the feature flag, controlled by a
qdev property for ARMCPU, which board code can set if it is a
PSCI system.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1385140638-10444-7-git-send-email-peter.maydell@linaro.org
Linux requires device tree CPU nodes to include a 'compatible'
string describing the CPU. Add a field in the ARMCPU struct for
this so that boards which construct a device tree can insert
the correct CPU nodes.
Note that there is currently no officially specified 'compatible'
string for the TI925T, Cortex-M3 or SA1110 CPUs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1385140638-10444-6-git-send-email-peter.maydell@linaro.org
Provide versions of the KVM PSCI constants to non-KVM code;
this will allow us to avoid an ifdef in boards which set up
a PSCI node in the device tree.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1385140638-10444-5-git-send-email-peter.maydell@linaro.org
There are a number of places where it would be convenient for ARM
code to have working definitions of KVM constants even in code
which is compiled with CONFIG_KVM not set. In this situation we
can't simply include the kernel KVM headers (which might conflict
with host header definitions or not even compile on the compiler
we're using) so we have to redefine equivalent constants.
Provide a mechanism for doing this and checking that the values
match, and use it for the constants we're currently exposing
via an ad-hoc mechanism.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Christoffer Dall <christoffer.dall@linaro.org>
Message-id: 1385140638-10444-2-git-send-email-peter.maydell@linaro.org
The compare_u64 function was not sorting the KVM cpreg_list in the
right way due to the wrong returned value. Since we are comparing
two 64bit values we can't simply return their difference if the
returned type is int.
Signed-off-by: Alvise Rigo <a.rigo@virtualopensystems.com>
Message-id: 1381513125-26802-2-git-send-email-a.rigo@virtualopensystems.com
[PMM: fixed coding style, indent and commit message formatting]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Both KVM and TCG populate the cpreg_list with 64 bit register IDs,
but in the TCG side the cpreg_list is sorted using the 32 bit ID
version while in the kvm side the 64 bit ID version is used. This
patch makes the sorting of the cpreg_list consistent between KVM and
TCG.
Signed-off-by: Alvise Rigo <a.rigo@virtualopensystems.com>
Message-id: 1381513125-26802-1-git-send-email-a.rigo@virtualopensystems.com
[PMM: fixed indent, coding style and commit message formatting]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Added Vector Base Address remapping on ARM v7.
Signed-off-by: Nathan Rossi <nathan.rossi@xilinx.com>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
[PMM: removed spurious mask of value with 1<<31]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
# By Peter Maydell (3) and Ákos Kovács (2)
# Via Paolo Bonzini
* bonzini/configure:
ui/Makefile.objs: delete unnecessary cocoa.o dependency
default-configs/: CONFIG_GDBSTUB_XML removed
Makefile.target: CONFIG_NO_* variables removed
rules.mak: New string testing functions
rules.mak: New logical functions for handling y/n values
CONFIG_NO_* variables replaced with the lnot logical function
Signed-off-by: Ákos Kovács <akoskovacs@gmx.com>
[PMM: fixed a few CONFIG_NO_* uses that were missed]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
# By Richard Henderson
# Via Richard Henderson
* rth/tcg-pull:
exec: Add both big- and little-endian memory helpers
tcg: Add qemu_ld_st_i32/64
tcg: Add TCGMemOp
configure: Remove CONFIG_QEMU_LDST_OPTIMIZATION
tcg: Add tcg-be-ldst.h
tcg: Add tcg-be-null.h
exec: Delete is_tcg_gen_code and GETRA_EXT
tcg-aarch64: Update to helper_ret_*_mmu routines
tcg: Merge tcg_register_helper into tcg_context_init
tcg: Add tcg-runtime.c helpers to all_helpers
tcg: Put target helper data into an array.
tcg: Remove stray semi-colons from target-*/helper.h
tcg: Move helper registration into tcg_context_init
target-m68k: Rename helpers.h to helper.h
tcg: Use a GHashTable for tcg_find_helper
tcg: Delete tcg_helper_get_name declaration
tcg-hppa: Remove tcg backend
Message-id: 1381440525-6666-1-git-send-email-rth@twiddle.net
Signed-off-by: Anthony Liguori <aliguori@amazon.com>
* Fix for X86CPU model field of qemu32/qemu64 CPU models
* Bug fix for longjmp on FreeBSD
* Removal of unused function
* Confinement of clone syscall infrastructure to linux-user
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iQIcBAABAgAGBQJSVTKzAAoJEPou0S0+fgE/7tYP/i5dgm6q7jSnhJcwzgHlCHDE
c0BTwnvFjdBdkuAARYb/soo0m9QWfsW/dgC4bG3rO5j3o84PLstMjiZSQch0pqM1
YhA0hYSiFjHrMcRk9FOwIECPIe+QcHZ79iNML+9G4K13D7qg36aJWISbVOWy24Dp
kj5D0wBBDNw032Oh/3z3EAK4U+vLc/+i4s8XjfwtbuBCCn7GMCE3mRnEqnf8ZX3o
H3Il3h/o+I3XQSzIJKXXyJZ5ZVXTtlj0z/0ShQXe8o8u1hINXE2Nf9lB6WG/6sh0
Y43d0uU/e9fWDer25j9yis9KfDNErgYyxlBMUA2X1+Rny5P0twjnnBr5GTAeKgSq
Kcux8Ov7W8cbVoM/px03rnynF9rbFbgmGlx82L+QsNMKWhjnEsfs6unpccpGhHR5
UuZX3ZPrmeHfjv0AZD/U2ya3jfrp0v+9gsTqy3QV1rCPbqPDcJ6jg8jzbPZYjEfa
/Zy0e/0O3sytSyiaAfBg3MzVPBxdzPcn0JjExJQV9BHsUlkZIVCZVMfePw1oIaf+
coyV4cT3hCe8LrSCzPZlRYP+1hIg41W4NicLbDxtS8lqgfRbcglvqw6NFdAM+NcB
z3heQ7IFstQ+pEINXQNy6bS8orv8F1VVvCtZaV+2pzB4TZzjPYuGsrqygre4QkLU
mtpN9BTfmSIjzyo6iYBv
=hQfy
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into staging
QOM CPUState refactorings / X86CPU
* Fix for X86CPU model field of qemu32/qemu64 CPU models
* Bug fix for longjmp on FreeBSD
* Removal of unused function
* Confinement of clone syscall infrastructure to linux-user
# gpg: Signature made Wed 09 Oct 2013 03:40:51 AM PDT using RSA key ID 3E7E013F
# gpg: Can't check signature: public key not found
# By Andreas Färber (2) and others
# Via Andreas Färber
* afaerber/tags/qom-cpu-for-anthony:
cpu: Drop cpu_model_str from CPU_COMMON
cpu: Move cpu_copy() into linux-user
cputlb: Remove dead function tlb_update_dirty()
cpu-exec: Also reload CPUClass *cc after longjmp return in cpu_exec()
target-i386: Set model=6 on qemu64 & qemu32 CPU models
During GEN_HELPER=1, these are actually stray top-level semi-colons
which are technically invalid ISO C, but GCC accepts as an extension.
If we added enough __extension__ markers that we could dare use
-Wpedantic, we'd see
warning: ISO C does not allow extra ‘;’ outside of a function
This will become a hard error in the next patch, wherein those ; will
appear in the middle of a data structure.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Since this is only read in cpu_copy() and linux-user has a global
cpu_model, drop the field from generic code.
Signed-off-by: Andreas Färber <afaerber@suse.de>
We want to be able to debug AArch64 guests. So let's add the respective gdb
stub functions and xml descriptions that allow us to do so.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: John Rigby <john.rigby@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-12-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-6-git-send-email-john.rigby@linaro.org
[PMM: dropped unused fp regs XML for now; moved 64 bit only functions
to new gdbstub64.c; these are hooked up in AArch64CPU, not via
ifdefs in ARMCPU]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We should translate AArch64 mode separately from AArch32 mode. In AArch64 mode,
registers look vastly different, instruction encoding is completely different,
basically the system turns into a different machine.
So let's do a simple if() in translate.c to decide whether we can handle the
current code in the legacy AArch32 code or in the new AArch64 code.
So far, the translation always complains about unallocated instructions. There
is no emulator functionality in this patch!
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: John Rigby <john.rigby@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-11-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-5-git-send-email-john.rigby@linaro.org
[PMM:
* provide no-op versions of a64 functions ifndef TARGET_AARCH64;
this lets us avoid #ifdefs in translate.c
* insert the missing call to disas_a64_insn()
* stash the insn in the DisasContext rather than reloading it in
real_unallocated_encoding()
]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This patch adds all the prerequisites for AArch64 support that didn't
fit into split up patches. It extends important bits in the core cpu
headers to also take AArch64 mode into account.
Add new ARM_TBFLAG_AARCH64_STATE translation buffer flag
indicate an ARMv8 cpu running in aarch64 mode vs aarch32 mode.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: John Rigby <john.rigby@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-10-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-4-git-send-email-john.rigby@linaro.org
[PMM:
* rearranged tbflags so AArch64? is bit 31 and if it is set then
30..0 are freely available for whatever makes most sense for that mode
* added version bump since we change VFP migration state
* added a comment about how VFP/Neon register state works
* physical address space is 48 bits, not 64
* added ARM_FEATURE_AARCH64 flag to identify 64-bit capable CPUs
]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
If we're building aarch64-linux-user then the 32 bit CPUs are
all unwanted, because they can't possibly execute the 64 bit
binaries we will be running; disable them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-9-git-send-email-peter.maydell@linaro.org
Create a new AArch64CPU class; all 64-bit capable ARM
CPUs are subclasses of this. (Currently we only support
one, the "any" CPU used by linux-user.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-8-git-send-email-peter.maydell@linaro.org
We want gen_set_pc_im() to work for both AArch64 and AArch32, but
to do this we'll need the DisasContext* so we can tell which mode
we're in, so pass it in as a parameter.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-7-git-send-email-peter.maydell@linaro.org
Correct a few places that were using uint32_t or a 32 bit
only format string to handle something that should be a target_ulong.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: John Rigby <john.rigby@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-6-git-send-email-peter.maydell@linaro.org
[PMM: split out to separate patch; added gen_goto_tb() and
gen_set_pc_im() dest params to list of things to change.]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The cpu_env tcg variable will be used by both the AArch32 and AArch64
handling code. Unstaticify it, so that both sides can make use of it.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: John Rigby <john.rigby@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-5-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-3-git-send-email-john.rigby@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We will need to share the disassembly status struct between AArch32 and
AArch64 modes. So put it into a header file that both sides can use.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: John Rigby <john.rigby@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-4-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-2-git-send-email-john.rigby@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
AArch32 code (ie traditional 32 bit world) expects to be
able to pass a vaddr in a TCGv_i32. However when QEMU is
compiled with TARGET_LONG_BITS=32 the TCG load/store
functions take a TCGv_i64. Abstract out load/store with
a 32 bit vaddr so we have a place to put the zero extension
of the vaddr and the extension/truncation of the data value.
Apart from the function definitions most of this patch is
a simple s/tcg_gen_qemu_/gen_aa32_/.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-3-git-send-email-peter.maydell@linaro.org
When the initial SP is loaded from the vector table on ARMv7M systems the two
least significant bits are ignored as the stack is always aligned at a four byte
boundary (see ARM DDI 0403C, B1.4.1 and B1.5.5). So far QEMU did not ignore
these bits leading to a stack alignment inconsitent with real hardware for
binaries that rely on this behaviour. This patch fixes this issue by masking the
two least significant bits when loading the SP.
Signed-off-by: Sebastian Ottlik <ottlik@fzi.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1378286595-27072-1-git-send-email-ottlik@fzi.de
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Avoid the undefined behaviour of "1 << 31" by using 1U to make
the shift be of an unsigned value rather than shifting into the
sign bit of a signed integer. For consistency, we make all the
CPSR_* constants unsigned, though the only one which triggers
undefined behaviour is CPSR_N.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1378391908-22137-3-git-send-email-peter.maydell@linaro.org
In the decode of ARM B and BL insns, swap the order of the
"append 2 implicit zeros to imm24" and the sign extend, and
use the new sextract32() utility function to do the latter.
This avoids a direct dependency on the undefined C behaviour
of shifting into the sign bit of an integer.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1378391908-22137-2-git-send-email-peter.maydell@linaro.org
Make the 'any' CPU for target-arm available only in linux-user mode.
The ARM target provides a CPU named "any", which turns on support for
all user-level instruction set extensions we know about. This is
intended for linux-user emulation mode, where it is the default CPU type.
It makes no sense to try to use this for system emulation, since we don't
initialize it with any system-level information like feature register
values or implementation specific cp15 registers. (Unsurprisingly, some
boards won't boot at all, though you might get lucky in some cases where
the guest doesn't happen to prod things that aren't there.)
Prevent users from making this command line error by removing the
CPU definition from the softmmu build.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1378213995-12945-1-git-send-email-peter.maydell@linaro.org
# By Stefan Weil (6) and others
# Via Michael Tokarev
* mjt/trivial-patches:
aio / timers: use g_usleep() not sleep()
adlib: sort offsets in portio registration
qmp: fix integer usage in examples
tci: Remove function tcg_out64 (fix broken build)
target-arm: Report unimplemented opcodes (LOG_UNIMP)
pflash_cfi02.c: fix debug macro
configure: Remove unneeded redirections of stderr (pkg-config --exists)
configure: Remove unneeded redirections of stderr (pkg-config --cflags, --libs)
configure: Don't write .pyc files by default (python -B)
curl: qemu_bh_new() can never return NULL
slirp/arp_table.c: Avoid shifting into sign bit of signed integers
configure: disable clang -Wstring-plus-int warning
rdma: silly ipv6 bugfix
misc: Fix some typos in names and comments
slirp: Port redirection option behave differently on Linux and Windows
Message-id: 1378119695-14568-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
These unimplemented opcodes are handled like illegal opcodes, but
they are used in existing code. We should at least report when they
are executed.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This is an autogenerated patch using scripts/switch-timer-api.
Switch the entire code base to using the new timer API.
Note this patch may introduce some line length issues.
Signed-off-by: Alex Bligh <alex@alex.org.uk>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
The ARMv7 architecture specifies a 'generic timer' which is implemented
via cp15 registers. Newer kernels will prefer to use this rather than
a devboard-level timer. Implement the generic timer for TCG; for KVM
we will already use the hardware's virtualized timer for this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Message-id: 1376065080-26661-4-git-send-email-peter.maydell@linaro.org
Add an ARM_CP_IO flag which an ARMCPRegInfo definition can use to
indicate that the register's implementation does I/O and thus
its accesses need to be surrounded by gen_io_start()/gen_io_end()
in order for icount to work. Most notably, cp registers which
implement clocks or timers need this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Message-id: 1376065080-26661-3-git-send-email-peter.maydell@linaro.org
Extend the raw_read() and raw_write() helper accessors so that
they can be used for 64 bit registers as well as 32 bit registers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Message-id: 1376065080-26661-2-git-send-email-peter.maydell@linaro.org
Now that ARMCPU is a subclass of DeviceState, we can make the
CPU's inbound IRQ and FIQ lines be simply gpio lines, which
means we can remove the odd arm_pic shim.
We retain the arm_pic_init_cpu() function as a backwards
compatibility shim layer so we can convert the board models
to get the IRQ and FIQ lines directly from the ARMCPU
object one at a time.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1375977856-25046-2-git-send-email-peter.maydell@linaro.org
The 'int' loglevel for recording interrupts and exceptions
requires support in the target-specific code. Implement
it for ARM. This improves debug logging in some situations
that were otherwise pretty opaque, such as when we fault
trying to execute at an exception vector address, which
would otherwise cause an infinite loop of taking exceptions
without any indication in the debug log of what was going on.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-id: 1375700771-21665-1-git-send-email-peter.maydell@linaro.org
Commit c643bed99 moved qemu_init_vcpu() calls to common CPUState code.
This causes x86 cpu-add to fail with "KVM: setting VAPIC address failed".
The reason for the failure is that CPUClass::kvm_fd is not yet
initialized in the following call graph:
->x86_cpu_realizefn
->x86_cpu_apic_realize
->qdev_init
->device_set_realized
->device_reset (hotplugged == 1)
->apic_reset_common
->vapic_base_update
->kvm_apic_vapic_base_update
This causes attempted KVM vCPU ioctls to fail.
By contrast, in the non-hotplug case the APIC is reset much later, when
the vCPU is already initialized.
As a quick and safe solution, move the qemu_init_vcpu() call back into
the targets' realize functions.
Reported-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Acked-by: Igor Mammedov <imammedo@redhat.com> (for i386)
Tested-by: Jia Liu <proljc@gmail.com> (for openrisc)
Signed-off-by: Andreas Färber <afaerber@suse.de>
The macro g_assert_not_reached is a better self documenting replacement
for assert(0) or assert(false).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Replace the GDB_CORE_XML define in gdbstub.c with a CPUClass field.
Use first_cpu for qSupported and qXfer:features:read: for now.
Add a stub for xml_builtin.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Completes migration of target-specific code to new target-*/gdbstub.c.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Signed-off-by: Andreas Färber <afaerber@suse.de>
This avoids polluting the global namespace with a non-prefixed macro and
makes it obvious in the call sites that we return.
Semi-automatic conversion using, e.g.,
sed -i 's/GET_REGL(/return gdb_get_regl(mem_buf, /g' target-*/gdbstub.c
followed by manual tweaking for sparc's GET_REGA() and Coding Style.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Signed-off-by: Andreas Färber <afaerber@suse.de>
CPUState::gdb_num_regs replaces num_g_regs.
CPUClass::gdb_num_core_regs replaces NUM_CORE_REGS.
Allows building gdb_register_coprocessor() for xtensa, too.
As a side effect this should fix coprocessor register numbering for SMP.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Signed-off-by: Andreas Färber <afaerber@suse.de>
Change breakpoint_invalidate() argument to CPUState alongside.
Since all targets now assign a softmmu-only field, we can drop helpers
cpu_class_set_{do_unassigned_access,vmsd}() and device_class_set_vmsd().
Prepares for changing cpu_memory_rw_debug() argument to CPUState.
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Signed-off-by: Andreas Färber <afaerber@suse.de>
Callback implementations were specific to arm and m68k, so can easily
cast to ARMCPU and M68kCPU respectively.
Prepares for changing GDBState::c_cpu to CPUState.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Prepares for changing cpu_single_step() argument to CPUState.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Signed-off-by: Andreas Färber <afaerber@suse.de>
Where no extra implementation is needed, fall back to CPUClass::set_pc().
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Signed-off-by: Andreas Färber <afaerber@suse.de>
This moves setting the Program Counter from gdbstub into target code.
Use vaddr type as upper-bound replacement for target_ulong.
Signed-off-by: Andreas Färber <afaerber@suse.de>
g_hash_table_get_keys() was only introduced in glib 2.14, and we're
still targeting a minimum version of 2.12. Rewrite the offending
code (introduced in commit 721fae1) to use g_hash_table_foreach()
to build the list of keys.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Tested-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 1372678819-8633-1-git-send-email-peter.maydell@linaro.org
LPAE CPUs have more potentially valid bits in the TTBCR, and so the
simple masking out of invalid bits is no longer sufficient to obtain
the base address width field of the register, which is what we use to
precalculate c2_mask and c2_base_mask. Explicitly extract the
relevant register field rather than simply shifting by the register
value.
This bug would have had no ill effects in practice, since if the
EAE bit (TTBCR bit 31) is set then we don't use the precalculated
masks, and if EAE is zero then bits 30..3 are all UNK/SBZP, so
well-behaved guests won't set them. However the shift is undefined
behaviour, so we should avoid it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-id: 1372347527-4428-1-git-send-email-peter.maydell@linaro.org
Allow for defining const opaque data in ARM CP register definitions by
setting .opaque = foo. If non null opaque is passed into
define_one_arm_cp_reg_with_opaque then that opaque will take
precedence, otherwise if null opaque is passed, the original opaque
data will be used.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: cf0a3ac3438d97464240db9f5f4ef1585cbc1d77.1373429432.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Unimplemented registers in the cp15, CRn=0, opc1=0, CRm=0 space default
to aliasing the MIDR register. Set all registers in the space to access
MIDR by default.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 6127846712b7ad2727354a4f5e1d809451f1e859.1373429432.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The if block detecting OMAP/StrongARM modifies the id_cp_reginfo
.access fields in place. So there is no need to replicate the call
to define_arm_cp_reg(). Dropped, and let the OMAP case fall through
to the normal behaviour after the in-place modification.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Message-id: 72aae9b8ebbc9a76d2b06faf8666ef8a4b34b92a.1373429432.git.peter.crosthwaite@xilinx.com
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The ARMv8 SEVL instruction is in the architectural hint space already
emulated as nop. This makes the decoding of SEVL explicit for clarity.
Signed-off-by: Mans Rullgard <mans@mansr.com>
Message-id: 1370606786-5650-3-git-send-email-mans@mansr.com
[PMM: added 'SEVL' to the TODO comment]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This adds support for the ARMv8 load acquire/store release instructions.
Since qemu does nothing special for memory barriers, these can be
emulated like their non-acquire/release counterparts.
Signed-off-by: Mans Rullgard <mans@mansr.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Mans Rullgard <mans@mansr.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
x86 was using additional CPU_DUMP_* flags, so make that configurable in
CPUClass::reset_dump_flags.
This adds reset logging for alpha, unicore32 and xtensa.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Since commit 878096eeb2 (cpu: Turn
cpu_dump_{state,statistics}() into CPUState hooks) CPUArchState is no
longer needed.
Add documentation and make the functions available through qemu/log.h
outside NEED_CPU_H to allow use in qom/cpu.c. Moving them to qom/cpu.h
was not yet possible due to convoluted include paths, so that some
devices grow an implicit and unneeded dependency on qom/cpu.h for now.
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Reviewed-by: Richard Henderson <rth@twiddle.net>
[AF: Simplified mb_cpu_do_interrupt() and do_interrupt_all() changes]
Signed-off-by: Andreas Färber <afaerber@suse.de>
Also use bool type while at it.
Prepares for moving singlestep_enabled field to CPUState.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
A transition from CPUFooState to FooCPU can be considered safe,
just like FooCPU::env access in the opposite direction.
The only benefit of the FOO_CPU() casts would be protection against
bogus CPUFooState pointers, but then surrounding code would likely
break, too.
This should slightly improve interrupt etc. performance when going from
CPUFooState to FooCPU.
For any additional CPU() casts see 3556c233d9
(qom: allow turning cast debugging off).
Reported-by: Anthony Liguori <aliguori@us.ibm.com>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
The functions cpu_clone_regs() and cpu_set_tls() are not purely CPU
related -- they are specific to the TLS ABI for a a particular OS.
Move them into the linux-user/ tree where they belong.
target-lm32 had entirely unused implementations, since it has no
linux-user target; just drop them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Add ref/unref calls at the following places:
- places where memory regions are stashed by a listener and
used outside the BQL (including in Xen or KVM).
- memory_region_find callsites
- creation of aliases and containers (only the aliased/contained
region gets a reference to avoid loops)
- around calls to del_subregion/add_subregion, where the region
could disappear after the first call
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This allows to move the call into CPUState's realizefn.
Therefore move the stub into libqemustub.a.
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Make cpustats monitor command available unconditionally.
Prepares for changing kvm_handle_internal_error() and kvm_cpu_exec()
arguments to CPUState.
Signed-off-by: Andreas Färber <afaerber@suse.de>
The v7 ARM ARM specifies that the Large Physical Address
Extension requires implementation of the Multiprocessing
Extensions, so make our LPAE feature imply V7MP rather
than specifying both in the A15 CPU initfn.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1371127899-10364-1-git-send-email-peter.maydell@linaro.org
Use the tuple list of cp registers for syncing KVM state to QEMU,
rather than only syncing a very minimal set by hand.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Since the ARM KVM API doesn't include a "reset this VCPU"
ioctl, we have to capture the initial values of every
register it knows about so that we can reset the VCPU
by feeding those values back again.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
When using KVM, use the kernel's initial state to set up the
cpreg list, and sync to and from the kernel when doing
migration.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the TCG ARM target to using an (index,value) list for migrating
coprocessors. The primary benefit of the (index,value) list is for
passing state between KVM and QEMU, but it works for TCG-to-TCG
migration as well and is a useful self-contained first step.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Mark up coprocessor register definitions to add raw access
functions or mark the register as non-migratable where necessary.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
For reading and writing register values from the kernel for KVM,
we need to provide accessor functions which are guaranteed to succeed
and don't impose access checks, mask out unwritable bits, etc.
Define new fields raw_readfn and raw_writefn for this purpose;
these only need to be provided if there is a readfn or writefn
already and it is not suitable.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Relax the "is this a valid ARMCPRegInfo type value?" check to permit
"special" cpregs to have flags other than ARM_CP_SPECIAL set. At
the moment none of the other flags are relevant for special regs,
but the migration related flag we're about to introduce can apply
here too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
# By Michael Tokarev (4) and others
# Via Michael Tokarev
* mjt/trivial-patches-next: (26 commits)
piix: fix some printf errors when debug is enabled
cputlb: fix debug logs
create qemu_openpty_raw() helper function and move it to a separate file
main-loop: do not include slirp/slirp.h, use libslirp.h instead
libcacard/vscclient: fix leakage of socket on error paths
linux-headers: Update to v3.10-rc5
KVM: PPC: Add dummy kvm_arch_init_irq_routing()
KVM: S390: Add dummy kvm_arch_init_irq_routing()
KVM: ARM: Add dummy kvm_arch_init_irq_routing()
ivshmem: add missing error exit(2)
hw/xen: Use g_free instead of free and fix potential memory leaks
target-sparc: Replace free by g_free
hw/scsi: Don't increment a boolean value
device tree: Fix cppcheck warning
Makefile: Install qemu-img and qemu-nbd man pages only if built
Unbreak -no-quit for GTK, validate SDL options
gtk: implement -full-screen
char/serial: serial_ioport_write: Factor out common code
char/serial: Use generic Fifo8
char/serial: cosmetic fixes.
...
Message-id: 1371207042-17980-1-git-send-email-mjt@msgid.tls.msk.ru
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
The common KVM code insists on calling kvm_arch_init_irq_routing()
as soon as it sees kernel header support for it (regardless of whether
QEMU supports it). Provide a dummy function to satisfy this.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
The rfe instruction has been broken since patch
5a839c0d54 because of a typo.
Signed-off-by: Peter Chubb <peter.chubb@nicta.com.au>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix these warnings from cppcheck:
hw/display/cirrus_vga.c:2603:
hw/sd/sd.c:348:
hw/timer/exynos4210_mct.c:1033:
target-arm/translate.c:9886:
target-s390x/mem_helper.c:518:
target-unicore32/translate.c:1936:
style: Consecutive return, break, continue, goto or throw statements are unnecessary.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
All the uses of the gen_{ld,st}* functions are gone now, so remove
the functions themselves.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
gen_ld64() and gen_st64() are used only in one place, so just
expand them out.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
TCGv changes size depending on the compile time value of
TARGET_LONG_BITS. This is useful for generating code for MIPS style
"instructions are the same but the register width changes" CPUs, and
also for the generic bits of QEMU which operate on "width of a
virtual address" values, but mostly in the ARM target code we were
using it purely as a shorthand for "any 32 bit value".
This needs to change in preparation for AArch64 support, since an
AArch64-capable v8 core will have 64 bit virtual addresses but still
use 32 bit values for the 32 bit instruction set.
This patch mechanically converts all the occurrences of TCGv,
tcg_temp_new(), tcg_temp_free(), tcg_temp_local_new() and
TCGV_UNUSED() to their explicitly 32 bit counterparts. This is
correct for everything except the arguments to tcg_gen_qemu_{ld,st}*,
which really do need to be TCGv and so will require a 32-to-64
conversion when building the 32 bit code for AArch64. Those changes
will be in a separate patch for easier review.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
kvm_vcpu_ioctl() returns -ETHING on error, not ETHING -- correct
an incorrect check in kvm_arch_init_vcpu(). This would not have
had any significant ill-effects -- we would just have propagated
the less useful ENOENT up to the caller rather than the more
accurate EINVAL in the unlikely case that the kernel didn't
have VFP-D32 support.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use the helper functions to save and restore the FPSCR, so that
we correctly propagate rounding mode and flushing behaviour into
the float_status fields. This also allows us to stop saving the
vector length/stride fields separately.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
A number of CPU state fields were accidentally omitted from
our migration state: some OMAP specific cp15 registers, and
some related to state for load/store exclusive insns. Add them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Port the ARM CPU save/load code to use VMState. Some state is
saved in a slightly different order to simplify things -- for
example arrays are saved one after the other rather than 'striped',
and we always save all 32 VFP registers even if the CPU happens
to only have 16.
Use one subsection for each feature. This means that we don't need to
bump the version field each time that a new feature gets introduced.
Signed-off-by: Juan Quintela <quintela@redhat.com>
[PMM: fixed conflicts, updated to use cpu_class_set_vmsd(), updated
with new/removed fields since original patch, changed to use custom
VMStateInfo for cpsr rather than presave/postload hooks, corrected
subsection names so vmload doesn't fail]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Since patch
81465888c5
target-arm: factor out handling of SRS instruction
the ARM mode SRS instruction has not worked in QEMU.
The problem is a missing return directive that was removed in the
refactoring, so after decoding the instruction, qemu would fall through
to generate an UNDEF exception for an illegal instruction.
Signed-off-by: Peter Chubb <peter.chubb@nicta.com.au>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The recent rearrangement of include files had some minor errors:
devices.h is not ARM specific and should not be in arm/
arm.h should be in arm/
Move these two headers to correct this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Many of these should be cleaned up with proper qdev-/QOM-ification.
Right now there are many catch-all headers in include/hw/ARCH depending
on cpu.h, and this makes it necessary to compile these files per-target.
However, fixing this does not belong in these patches.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Enable ARMCPUInfo to specify a custom class_init functions.
Introduce arm_v7m_class_init() and use it for "cortex-m3" model.
Instead of forwarding from arm_cpu_do_interrupt() to do_interrupt_v7m(),
override CPUClass::do_interrupt with arm_v7m_cpu_do_interrupt()
in arm_v7m_class_init().
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
This removes a global per-target function and thus takes us one step
closer to compiling multiple targets into one executable.
It will also allow to override the interrupt handling for certain CPU
families.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Move it to qom/cpu.h to avoid issues with include order.
Change pc_acpi_smi_interrupt() opaque to X86CPU.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Both fields are used in VMState, thus need to be moved together.
Explicitly zero them on reset since they were located before
breakpoints.
Pass PowerPCCPU to kvmppc_handle_halt().
Signed-off-by: Andreas Färber <afaerber@suse.de>
When using an in-kernel GIC with KVM, we need to tell the kernel where
the GIC's memory mapped registers live. Do this by registering a
MemoryListener which tracks where the board model maps the A15's
private peripherals, so we can finish the GIC initialisation
when the GIC is actually mapped.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Add support for saving and restoring VFP register state from the
kernel. This includes a check that the KVM-created CPU has full
VFP support (as the TCG Cortex-A15 model always does), since for
the moment ARM QEMU doesn't have any way to tweak optional features
on created CPUs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Add basic support for KVM on ARM architecture.
Signed-off-by: Christoffer Dall <cdall@cs.columbia.edu>
[PMM: Minor tweaks and code cleanup, switch to ONE_REG]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Drop the CPUARMState* argument from bank_number(), since we only
use it for passing to cpu_abort(). Use hw_error() instead.
This avoids propagating further interfaces using env pointers.
In the long term this function's callers need auditing to fix
problems where badly behaved guests can pass invalid bank numbers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
M profile cores do not have the RFE or SRS instructions, so
correctly UNDEF these insn patterns on those cores.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Factor out the handling of the SRS instruction rather than
duplicating it between the Thumb and ARM decoders. This in
passing fixes two bugs in the Thumb decoder's SRS handling
which didn't exist in the ARM decoder:
* (LP:1079080) storing CPSR rather than SPSR (fixed in the
ARM decoder in commit c67b6b71 in 2009)
* failing to free the 'addr' TCG temp in the writeback case
Reported-by: Cesson Vincent <vcesson@stmi.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The gen_icount_start/end functions are now somewhat misnamed since they
are useful for generic "start/end of TB" code, used for more than just
icount. Rename them to gen_tb_start/end.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Introduce ENV_OFFSET macros which can be used in non-target-specific
code that needs to generate TCG instructions which reference CPUState
fields given the cpu_env register that TCG targets set up with a
pointer to the CPUArchState struct.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
While T0+~T1+CF = T0-T1+CF-1 is true for the low 32-bits,
it does not produce the correct carry-out to bit 33. Do
exactly what the manual says.
Using the ~T1 makes the add and subtract code paths nearly
identical, so have sbc_CC use adc_CC.
Cc: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
commits 49b4c31efc and
2de68a4900 reworked the implementation of adc_CC
and sub_CC. The new implementations (on the TCG_TARGET_HAS_add2_i32 code path)
are incorrect. The new logic is:
CF:NF = 0:A +/- 0:CF
CF:NF = CF:A +/- 0:B
The lower 32 bits of the intermediate result stored in NF needs to be passes
into the second addition in place of A (s/CF:A/CF:NF):
CF:NF = 0:A +/- 0:CF
CF:NF = CF:NF +/- 0:B
This patch fixes the issue.
Cc: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Use sub2 if available, otherwise use 64-bit arithmetic.
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Use add2 if available, otherwise use 64-bit arithmetic.
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The target-specific ENV_GET_CPU() macros have allowed us to navigate
from CPUArchState to CPUState. The reverse direction was not supported.
Avoid introducing CPU_GET_ENV() macros by initializing an untyped
pointer that is initialized in derived instance_init functions.
The field may not be called "env" due to it being poisoned.
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Turn arm_cpu_realize() into a QOM realize function, no longer called
via cpu.h prototype. To maintain the semantics of cpu_init(), set
realized = true explicitly in cpu_arm_init().
Move GDB coprocessor registration, CPU reset and vCPU initialization
into the realizefn.
Signed-off-by: Andreas Färber <afaerber@suse.de>
In the initial conversion of CPU models to QOM types, model names were
mapped 1:1 to type names. As a side effect this gained us a type "any",
which is now a device.
To avoid "-device any" silliness and to pave the way for compiling
multiple targets into one executable, adopt a <name>-<arch>-cpu scheme.
This leads to names like arm926-arm-cpu but is easiest to handle.
No functional changes for -cpu arguments or -cpu ? output.
Suggested-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix a leak of a TCG temporary in code paths for VFP system register
writes for cases which UNDEF or are write-ignored.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This fixes -cpu arm-cpu asserting.
Cc: qemu-stable@nongnu.org
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Consolidate model checking into a new arm_cpu_class_by_name().
If the name matches an existing type, also check whether that type is
actually (a sub-type of) TYPE_ARM_CPU.
This fixes, e.g., -cpu tmp105 asserting.
Cc: qemu-stable <qemu-stable@nongnu.org>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Note that target-alpha accesses this field from TCG, now using a
negative offset. Therefore the field is placed last in CPUState.
Pass PowerPCCPU to [kvm]ppc_fixup_cpu() to facilitate this change.
Move common parts of mips cpu_state_reset() to mips_cpu_reset().
Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)
[AF: Rebased onto ppc CPU subclasses and openpic changes]
Signed-off-by: Andreas Färber <afaerber@suse.de>
When do_interrupt_v7m is called with EXCP_SWI, the PC already
points to the next instruction. Don't modify it here.
Signed-off-by: Alex Rozenman <Alex_Rozenman@mentor.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The type_register_static() interface is documented as:
type_register_static:
@info: The #TypeInfo of the new type.
@info and all of the strings it points to should exist for the life
time that the type is registered.
But cpu_register() uses a stack variable for the 'info' argument, so it
has to use type_register() instead of type_register_static().
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This generalizes {ARM,M68k,Alpha}CPUListState to avoid declaring it for
each target. Place it in cpu-common.h to avoid circular dependencies.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Refactor common code around calls to cpu_restore_state().
tb_find_pc() has now no external users, make it static.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Pass around CPUArchState instead of using global cpu_single_env.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Acked-by: Richard Henderson <rth@twiddle.net>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Acked-by: Guan Xuetao <gxt@mprc.pku.edu.cn>
For target-mips also change the return type to bool.
Make include paths for cpu-qom.h consistent for alpha and unicore32.
Signed-off-by: Andreas Färber <afaerber@suse.de>
[AF: Updated new target-openrisc function accordingly]
Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)
Rename helper flags to the new ones. This is purely a mechanical change,
it's possible to use better flags by looking at the helpers.
Cc: Paul Brook <paul@codesourcery.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Remove an out of date FIXME regarding the saturating arithmetic helpers:
we now do pass a pointer to CPUARMState to these helpers, and since
the AREG0 changes went in there is no difference between helper.c
and op_helper.c and therefore no point in moving the functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement abs_i32 inline (with movcond) rather than using a helper
function.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use the TCG operation to do Neon 64 bit negations rather than calling
a helper routine for it.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rework the handling of arguments to ARM semihosting calls so that we
handle a possible failure return from get_user_ual() or put_user_ual().
(This incidentally silences a lot of warnings from clang about
"expression result unused").
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
target_phys_addr_t is unwieldly, violates the C standard (_t suffixes are
reserved) and its purpose doesn't match the name (most target_phys_addr_t
addresses are not target specific). Replace it with a finger-friendly,
standards conformant hwaddr.
Outstanding patchsets can be fixed up with the command
git rebase -i --exec 'find -name "*.[ch]"
| xargs s/target_phys_addr_t/hwaddr/g' origin
Signed-off-by: Avi Kivity <avi@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Commit 33ebc29 fixed the bugs in the implementation of VQRSHL,
but forgot to remove the FIXME comment...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Instructions that both use the RRX second operand and update CS were
incorrect, as the Carry flag was updated too early. An example of such an
instruction would be:
ands r12,r13,RRX
Ands, because of the "s" flag will update the carry flag. But the RRX second
operand rotates through the C flag which should happen before the update.
Fixed the ordering of the two, the old carry is read by "r13,RRX" before being
updated.
Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com>
Reported-by: Vinesh Peringat <vineshp@xilinx.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the deposit op instead of and hardcoded bit field insertion. It
allows the host to emit the corresponding instruction if available.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Now that the movcond TCG op is available, it's possible to replace
shl and shr helpers by TCG code. The code generated by TCG is slightly
longer than the code generated by GCC for the helper but is still worth
it as this avoid all the consequences of using an helper: globals saved
back to memory, no possible optimization, call overhead, etc.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Now that the setcond TCG op is available, it's possible to replace
add_cc and sub_cc helpers by TCG code. The code generated by TCG is
actually very close to the one generated by GCC for the helper, and
this avoid all the consequences of using an helper: globals saved back
to memory, no possible optimization, call overhead, etc.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use globals for CC flags instead of loading/storing them each they are
accessed. This allows some optimizations to be performed by the TCG
optimization passes.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reinstate the display of VFP registers in cpu_dump_state(), if
the CPU has them (this code had been #if 0'd out a for a long time).
We drop the attempt ot display the values as floating point, since
this makes assumptions about the host 'float' and 'double' formats
and is not done by eg the i386 cpu_dump_state().
This display is gated on the CPU_DUMP_FPU flag, as for x86.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
For all targets that currently call tcg_gen_debug_insn_start,
add CPU_LOG_TB_OP_OPT to the condition that gates it.
This is useful for comparing optimization dumps, when the
pre-optimization dump is merely noise.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Convert code load functions and switch to AREG0 free mode.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Convert remaining helpers to AREG0 free mode: add an explicit
CPUState parameter instead of relying on AREG0.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Add an explicit CPUState parameter instead of relying on AREG0.
For easier review, convert only op helpers which don't return any value.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Report from smatch:
target-arm/helper.c:651 arm946_prbs_read(6) error:
buffer overflow 'env->cp15.c6_region' 8 <= 8
target-arm/helper.c:661 arm946_prbs_write(6) error:
buffer overflow 'env->cp15.c6_region' 8 <= 8
c7_region is an array with 8 elements, so the index must be less than 8.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix a variety of typos in comments in target-arm files.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Crosthwaite <peter.crosthwaite@petalogix.com>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Signed-off-by: Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Implement the changes to the TTBCR register required for LPAE:
* many fewer bits should be RAZ/WI
* since TTBCR changes can result in a change of ASID, we must
flush the TLB on writes to it
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the different format of the PAR when long descriptor
translation tables are in use. Note that we assume that
get_phys_addr() returns a long-descriptor format DFSR value on
failure if long descriptors are in use; this added subtlety tips
the balance and makes it worth adding a comment documenting the
API to get_phys_addr().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In the implementation of get_phys_addr(), consistently use
target_phys_addr_t to hold the physical address rather than
uint32_t.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Under LPAE, the cp15 registers PAR, TTBR0 and TTBR1 are extended
to 64 bits, with a 64 bit (MRRC/MCRR) access path to read the
full width of the register. Add the state fields for the top
half and the 64 bit access path. Actual use of the top half of
the register will come with the addition of the long-descriptor
translation table format support.
For the PAR we also need to correct the masking applied for
32 bit writes (there are no bits reserved if LPAE is implemented)
and clear the high half when doing a 32 bit result VA-to-PA
lookup.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
LPAE extends the DBGDRAR and DBGDSAR debug registers to 64 bits; we
only implement these as dummy RAZ versions; provide dummies for
the 64 bit accesses as well.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add implementations of the AMAIR0 and AMAIR1 LPAE
Auxiliary Memory Attribute Indirection Registers.
These are implementation defined and we choose to
implement them as RAZ/WI, matching the Cortex-A7
and Cortex-A15.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Extend feature flags to 64 bits, as we've just run out of space
in the 32 bit integer we were using for them.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the privileged-execute-never (PXN) translation table bit.
It is implementation-defined whether this is implemented, so we give
it its own ARM_FEATURE_ flag. LPAE requires PXN, so add also an
LPAE feature flag and the implication logic, as a placeholder
for actually implementing LPAE at a later date.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Make target_phys_addr_t 64 bits for ARM targets, and set
TARGET_PHYS_ADDR_SPACE_BITS to 40. This should have no effect for ARM
boards where physical addresses really are 32 bits (except perhaps a
slight performance hit on 32 bit hosts for system emulation) but allows
us to implement the Large Physical Address Extensions for Cortex-A15,
which mean 40 bit physical addresses.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix errors in the TCG temp handling in the 64 bit coprocessor
write path: we were reusing a 32 bit temp after it had been
freed by store_reg(), and failing to free a 64 bit temp.
This bug has no visible effect at this point because there
aren't any non-NOP 64 bit registers yet; it needs to be fixed
as a prerequisite for the 64 bit registers in LPAE support.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix a couple of cases where cp register names were copy-and-pasted.
These are harmless since we don't use the name for anything (except
debugging convenience) but could be confusing.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Igor Mitsyanko <i.mitsyanko@samsung.com>
Fix a copy-and-paste error in the register description for TTBR1
that meant it was a duplicate of TTBR0 rather than affecting the
correct bit of CPU state.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The coprocessor register rework broke cp15 based WFI instructions.
We incorrectly fall through the normal register write case, which
incorrectly adds a forced block termination. We've already done
a special version of this (DISAS_WFI), so return immediately.
Signed-off-by: Paul Brook <paul@codesourcery.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
All the uses of ARM_CPUID() to vary behaviour have now been
removed, so we can delete the ARM_CPUID_* macros now.
The one exception is the TI915T/925T, because of its odd behaviour
where the MIDR value can be changed at runtime.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Move the v6 optional block cache ops to the new cp15 framework.
This includes only providing them on the CPUs which implemented
them, rather than the previous blunderbuss approach of making
all MCRR instructions on all CPUs act as NOPs.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Remove the no-longer-used CPUARMState c0_cachetype field.
Although this was a constant register we had it in our
migration state. Drop this (with resulting version bump)
because for ARM currently we prefer cleaner migration
code and have not stabilised migration format yet.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the MPIDR to the new cp15 register scheme.
This includes giving it its own feature bit rather
than doing a CPUID value check.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert cp15 crn=9 registers (mostly cache lockdown) to the new scheme.
Note that this change makes OMAPCP cores RAZ/WI the whole c9 space. This is
a change from previous behaviour, but a return to the behaviour of commit
c3d2689d when OMAP1 support was first added -- subsequent commits have
clearly accidentally relegated the OMAPCP RAZ condition to only a subset of
the crn=9 space when adding support for other cores.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the cp15 crn=6 registers to the new scheme.
Note that this includes some minor tidyup: drop an unnecessary
underdecoding of op2 on OMAPCP cores, and only implement the
pre-v6 c6,c0,0,1 IFAR on the 1026 and not on the other ARMv5
cores, which didn't have it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the cp15 crn=7 registers to the new scheme.
Note that to do this we have to distinguish some registers
used on the ARM9 and ARM10 from some which are ARM1176
only. This is because the old code returned a value of 0
but always set the Z flag (by clearing env->ZF, since we
store the Z flag in CPUState inverted). This is inconsistent
with actual ARM CPU behaviour, which only sets flags for
reads to r15 and sets them based on the top bits of the result.
However it happened to work for the two common use cases for
cp15 crn=7 reads:
* On ARM9 and ARM10 the cache clean-and-test operations are
typically done with a destination of r15 so that you can do
a "loop: mrc ... ; bne loop" to keep cleaning until the cache
is finally clean; always setting the Z flag means this loop
terminates immediately
* on ARM1176 the Cache Dirty Status Register reads as zero
if the cache is dirty; returning 0 means this is correctly
implemented for QEMU
Since the new coprocessor register framework does the right
thing of always setting flags based on the returned result
for reads to r15, we need to split these up so that we can
return (1<<30) for the ARM9/ARM10 registers but 0 for the
ARM1176 one.
This allows us to remove the nasty hack which always sets Z.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
We RAZ/WI the entire block of crn=10 registers. Note that this
actually covers not just the implementation-defined TLB
lockdown registers but also a number of v7 VMSA memory
attribute registers which we would need to implement to
support TEX remap. We retain the previous QEMU behaviour
in this conversion, though.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the cp15 crn=13 registers (FCSEIDR, CONTEXTIDR,
and the ARM946 Trace Process Identifier Register).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the cp15 crn=2 registers (MMU page table control,
MPU cache control) to the new scheme.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the cp15 c3 register (MMU domain access control
or MPU write buffer control). NB that this is horribly
underdecoded for modern cores (should be crn=3,crm=0,
opc1=0,opc2=0) but this change preserves the existing
QEMU behaviour.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Convert the various WFI and barrier instruction special cases to use
cp_reginfo infrastructure.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add new function register_cp_regs_for_features() as a place to
register coprocessor registers dependent on feature flags.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
All the users of cpu_arm_set_cp_io have been converted, so we
can remove it and the infrastructure it used.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Initial infrastructure for data-driven registration of
coprocessor register implementations.
We still fall back to the old-style switch statements pending
complete conversion of all existing registers.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Make the 11MPCore report a valid value in its cache type register
(the previous value appears to have been incorrectly copied from
the 1136/1176). In particular, do not report that we have an
aliasing VIPT cache, because this causes Linux to attempt to use
the v6 block cache ops which the 11MPCore doesn't actually have.
(This causes no problems currently because we over-broadly provide
those ops on all cores, but prevents us correctly narrowing the
block ops down to those cores which actually implement them.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In commit 1bba0dc932 cpu_reset()
was renamed to cpu_state_reset(), to allow introducing a new cpu_reset()
that would operate on QOM objects.
All callers have been updated except for one in target-mips, so drop all
implementations except for the one in target-mips and move the
declaration there until MIPSCPU reset can be fully QOM'ified.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Acked-by: Max Filippov <jcmvbkbc@gmail.com> (for xtensa)
Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com> (for mb + cris)
Acked-by: Alexander Graf <agraf@suse.de> (for ppc)
Acked-by: Blue Swirl <blauwirbel@gmail.com>
Commit 3c30dd5a68 (target-arm: Move reset
handling to arm_cpu_reset) QOM'ified CPU reset. Complete it by replacing
cpu_state_reset() with cpu_reset().
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
The macro definition of cpu_init meant that if cpu_arm_init()
returned NULL this wouldn't result in cpu_init() itself returning
NULL. This had the effect that "-cpu foo" for some unknown CPU
name 'foo' would cause ARM targets to segfault rather than
generating a useful error message. Fix this by making cpu_init
a simple inline function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
This patch fixes a bug affecting a variety of Neon instructions, such as
VQADD.
Signed-off-by: Matt Craighead <mjcraighead@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Make the SETEND instruction respect the setting of bswap_code,
so that in BE8 mode we UNDEF for attempts to switch into
little-endian mode and nop for attempts to stay in big-endian
mode. (This is the inverse of the existing handling of SETEND
in the more common little-endian setup, which we use since
we don't implement the architecturally-mandated dynamic
endianness switching.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the A9 config_base_address cp15 register reset value to
ARMCPU. This should become a QOM property so that the Highbank
board can set it without having to pull in cpu-qom.h, but at
least this avoids the implicit dependency on reset ordering
that the previous workaround had.
Cc: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <afaerber@suse.de>
Make cpu_arm_init() return a QOM ARMCPU, so that we don't need to
obtain an ARMCPU through arm_env_get_cpu() in machine init code.
This requires to adjust the inclusion site of cpu-qom.h and in turn,
forward-looking, to homogenize its include order.
cpu_init() must still return a CPUARMState for backwards and
cross-target compatibility, so adjust the cpu_init macro.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Now that cpu_reset_model_id() has gone we can move the
reset code over to the class reset function and have cpu_state_reset
simply do a reset on the CPU QOM object.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
cpu_reset_model_id() is now empty and we can remove it.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move cache ID register reset out of cpu_reset_model_id() by
creating a field for the reset value in ARMCPU and setting it
up in the cpu specific init functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move the OMAP-specific cp15_i_{max,min} reset to cpu_state_reset;
since these registers are only accessible on CPUs with the
OMAPCP feature set there's no need to guard this reset with
either a CPUID or feature bit check.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Move feature register value setup to per-CPU init functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move the iWMMXT wCID reset to cpu_state_reset(). Since
we use the same value for all CPUs with this feature
(with the major/minor revision fields set to the QEMU
specific 'Q' value) there's no need to create an ARMCPU
field just for this.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Andreas Färber <afaerber@suse.de>
None of the machines in QEMU offer a JTAG debug interface, so this info
was unused. Further, the PXA250 ID contradicts the February 2002
Developer's Manual, which has it as 0xn9264013 with n the MIDR Revision.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Move the reset value of SCTLR to ARMCPU, initialised in
the per-cpu init functions. It can then be reset by a
simple copy, and we can drop the code from cpu_reset_model_id().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move CTR (cache type register) value to an ARMCPU field
set up by per-cpu init fns.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move the MVFR* VFP feature register values to ARMCPU,
so they are set up by the implementation-specific instance
init functions rather than in cpu_reset_model_id().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move the reset FPSID to the ARMCPU struct, and set it in the
per-implementation instance init function. At reset we then
just copy the reset value into the CPUARMState field.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Move the setting of the feature bits from cpu_reset_model_id()
to each CPU's instance init function. This requires us to move
the features field in CPUARMState so that it is not cleared
on reset.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Andreas Färber <afaerber@suse.de>
Register subclasses for each ARM CPU implementation.
Let arm_cpu_list() enumerate CPU subclasses in alphabetical order,
except for special value "any".
Replace cpu_arm_find_by_name()'s string -> CPUID lookup by storing the
CPUID (aka MIDR, Main ID Register) value in the class.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use uintptr_t instead of void * or unsigned long in
several op related functions, env->mem_io_pc and
GETPC() macro.
Reviewed-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Add support for ARM BE8 userspace binaries.
i.e. big-endian data and little-endian code.
In principle LE8 mode is also possible, but AFAIK has never actually
been implemented/used.
System emulation doesn't have any useable big-endian board models,
but should in principle work once you fix that.
Dynamic endianness switching requires messing with data accesses,
preferably with TCG cooperation, and is orthogonal to BE8 support.
Signed-off-by: Paul Brook <paul@codesourcery.com>
[PMM: various changes, mostly as per my suggestions in code review:
* rebase
* use EF_ defines rather than hardcoded constants
* make bswap_code a bool for future VMSTATE macro compatibility
* update comment in cpu.h about TB flags bit field usage
* factor out load-code-and-swap into arm_ld*_code functions and
get_user_code* macros
* fix stray trailing space at end of line
* added braces in disas.c to satisfy checkpatch
]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
This patch replaces the ARM_FEATURE_VFP3 test when reading MVFR registers
with a test for a new feature flag ARM_FEATURE_MVFR, and sets this feature
for all ARMv6K cores (ARM1156 is not a v6K core, yet supports MVFR; qemu
does not support ARM1156 at this time.)
MVFR0 and MVFR1 were introduced in ARM1136JF-S r1p0 (ARMv6K, VFPv2) and are
present in ARM1156T2F-S (non-v6K), ARM1176JZF-S, ARM11MPCore and newer cores.
Reference: ARM DDI 0211H, 0290G, 0301H, 0360E.
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0211h/Ffbefjag.html
Without this change, the linux kernel will not boot with VFP support enabled
under ARM1176 system emulation, due to the unconditional use of MVFR1 at the
end of vfp_init() in arch/arm/vfp/vfpmodule.c:
VFP support v0.3: implemetor 41 architecture 1 part 20 variant b rev 5
Internal error: Oops - undefined instruction: 0 [#1]
Signed-off-by: Andrew Towers <atowers@gmail.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Introduce only one non-abstract type TYPE_ARM_CPU and do not touch
cp15 registers to not interfere with Peter's ongoing remodelling.
Embed CPUARMState as first (additional) field of ARMCPU.
Let CPUClass::reset() call cpu_state_reset() for now.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Decode the SETEND instruction correctly in Thumb mode,
rather than accidentally treating it like CPS. We don't
support BE8 mode, but this change brings the Thumb mode
in to line with behaviour in ARM mode: 'SETEND BE' is
not supported and will provoke an UNDEF exception, but
'SETEND LE' is correctly handled as a no-op.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reported-by: Daniel Forsgren <daniel.forsgren@enea.com>
Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com>
When taking an exception for an M profile core, we must clear
the IT bits. Since the IT bits are cached in env->condexec_bits
we must clear them there: writing the bits in env->uncached_cpsr
has no effect. (Reported as LP:944645.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix a typo in handling of the ARM946 cp15 c5 c0 0 1 handling
(instruction access permission bits) that meant it would
return the data access permission bits by mistake.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Scripted conversion:
for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do
sed -i "s/CPUState/CPUArchState/g" $file
done
All occurrences of CPUArchState are expected to be replaced by QOM CPUState,
once all targets are QOM'ified and common fields have been extracted.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Scripted conversion:
sed -i "s/CPUState/CPUARMState/g" target-arm/*.[hc]
sed -i "s/#define CPUARMState/#define CPUState/" target-arm/cpu.h
Signed-off-by: Andreas Färber <afaerber@suse.de>
Acked-by: Anthony Liguori <aliguori@us.ibm.com>
Acked-by: Peter Maydell <peter.maydell@linaro.org>
Frees the identifier cpu_reset for QOM CPUs (manual rename).
Don't hide the parameter type behind explicit casts, use static
functions with strongly typed argument to indirect.
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Since target-arm has some CPUState fields for which we take the approach
of baking assumptions about them into translated code and then calling
tb_flush() when the fields change, we must also tb_flush on CPU reset,
because reset is a change of those fields.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
The correct FPSID for the Cortex-A9 (according to the TRM) is
0x41033090 for the r0p0 that we claim to model.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Add a definition of a Cortex-A15 CPU. Note that for the moment we do
not implement any of:
* Large Physical Address Extensions (LPAE)
* Virtualization Extensions
* Generic Timer
* TrustZone (this is also true of our existing Cortex-A9 model, etc)
This CPU model is sufficient to boot a Linux kernel which has been
compiled for an A15 without LPAE enabled.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add a dummy implementation of the cp15 registers for the generic
timer (found in the Cortex-A15), just sufficient for Linux to
decide that it can't use it. This requires at least CNTP_CTL and
CNTFRQ to be implemented as RAZ/WI; we RAZ/WI all of c14.
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Long term, the config_base_register will be a QDM parameter. In the
meantime, models that use it need to be able to preserve it across
cpu_reset() calls.
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
In the helper routines for VCVT float-to-int conversions, add
an explicit cast rather than relying on the softfloat int32
type being exactly 32 bits wide (which it is not guaranteed to be).
Without this, if the softfloat type was 64 bits wide we would
get zero-extension of the 32 bit value from the ARM register
rather than sign-extension, since TCG i32 values are passed as
uint32_t.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix some bugs in the implementation of the TLB invalidate
operations on ARM:
* the 'invalidate all' op was not passing flush_global=1
to tlb_flush(); this doesn't have a practical effect since
tlb_flush() currently ignores that argument, but is
semantically incorrect
* 'invalidate by address for all ASIDs' was implemented as
flushing the whole TLB, which invalidates much more than
strictly necessary. Use tlb_flush_page() instead.
We also annotate the ops with the ARM ARM official acronyms.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Rob Herring <rob.herring@calxeda.com>
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix errors in the decode of M profile CPS:
* the decode of the I (affects PRIMASK) and F (affects FAULTMASK)
bits was reversed
* the FAULTMASK system register number is 19, not 17
This fixes an issue reported as LP:913925.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add dummy register support for the cp15, CRn=c15 registers.
config_base_register and power_control_register currently
default to 0, but may have improved support after the QOM
CPU patches are finished.
Signed-off-by: Mark Langsdorf <mark.langsdorf@calxeda.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Ignore attempts to set the CPSR mode field to an invalid value.
This is UNPREDICTABLE, but we should not cpu_abort() for things
a malicious guest (or a confused user on the gdbstub interface)
can provoke.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Avoid using cpu_single_env in bank_number() -- if we were
called via the gdb stub reading or writing the CPSR then
it is NULL and we will segfault if we take the cpu_abort().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Return the correct value in the domain field in the cp15 DFSR
(C5) -- bug noticed during Xvisor development.
Signed-off-by: Jean-Christophe DUBOIS <jcd@tribudubois.net>
[Peter Maydell: reworded commit message]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Clarify some slightly misleading comments in the Thumb decoder's
handling of the memory hint space -- in particular one code path
marked as 'UNPREDICTABLE or unallocated hint' also includes some
legitimate preload instructions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
env is allocated in cpu_arm_init() with g_malloc0(), so free with g_free().
Signed-off-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix the restoring of VFP registers on vmload.
Signed-off-by: Dmitry Koshelev <karaghiozis@gmail.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
[peter.maydell: improved commit message a little]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Implement the fused multiply-accumulate instructions (VFMA, VFMS,
VFNMA, VFNMS) which are new in VFPv4.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add support for UDIV and SDIV in ARM mode. This is a new optional
feature for A profile cores (Thumb mode has had UDIV and SDIV for
M profile cores for some time).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Rename the ARM_FEATURE_DIV feature bit to _THUMB_DIV, to
make room for a new feature switch enabling DIV in the ARM
encoding. (Cores may implement either (a) no divide insns
(b) divide insns in Thumb encodings only (c) divide insns
in both ARM and Thumb encodings.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Clean up the decoding of the v6 media multiply space so that we UNDEF
on unassigned encodings rather than randomly interpreting them as
some instruction in this space.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Indeed, the result is known to be always positive.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Fix a bug in bccd9ec5f0,
target-arm/op_helper.c missed a change unlike all other targets.
This lead to a NULL pointer dereferences.
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
The command line option is called -kernel, not -kenrel.
Cc: Paul Brook <paul@codesourcery.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andreas Färber <andreas.faerber@web.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Parameter is_softmmu (and its evil mutant twin brother is_softmuu)
is not used in cpu_*_handle_mmu_fault() functions, remove them
and adjust callers.
Acked-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Move softmmu_exec.h include directives from target-*/exec.h to
target-*/op_helper.c. Move also various other stuff only used in
op_helper.c there.
Define global env in dyngen-exec.h.
For i386, move wrappers for segment and FPU helpers from user-exec.c
to op_helper.c. Implement raise_exception_err_env() to handle dynamic
CPUState. Move the function declarations to cpu.h since they can be
used outside of op_helper.c context.
LM32, s390x, UniCore32: remove unused cpu_halted(), regs_to_env() and
env_to_regs().
ARM: make raise_exception() static.
Convert
#include "exec.h"
to
#include "cpu.h"
#include "dyngen-exec.h"
and remove now unused target-*/exec.h.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Remove some stray printfs for cases which don't generally happen
(some VFP UNDEF cases, reads and writes to unknown cp14 registers);
we should simply generate an UNDEF when the instruction is executed.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
VCVTT/VCVTB with bit 8 set is UNPREDICTABLE; we choose to UNDEF.
This avoids a TCG assert later when the VCVTT/VCVTB code tries to
use a source register that wasn't ever set up.
We pull the check for the presence of the half-precision extension
up in to this common code as well.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Handle the UNDEF and UNPREDICTABLE cases for VLDM and VSTM. In
particular, we now generate an undef exception for overlarge imm8
values rather than generating 1000+ TCG ops and hitting an assertion.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
ARMv6 implemented various operations as special cases of cp15 accesses
which are true instructions in v7; this includes barriers (DMB, DSB, ISB).
Catch this special case at translate time, so that it works in linux-user
mode (which doesn't provide a functional get_cp15 helper) as well as
system mode.
Includes minor cleanup of the existing cases (single switch statement,
and doing the "OK in user mode?" test explicitly rather than hiding it in
cp15_user_ok()).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The 1136r1 is actually a v6K core (unlike the 1136r0); mark it as such,
thus enabling the TLS registers, NOP hints, CLREX, half and byte wide
exclusive load/stores, etc.
The VA-to-PA translation registers are not present on 1136r1, so
introduce a new feature flag for them, which is enabled on 1176,
11MPCore and all v7 cores.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jamie Iles <jamie@jamieiles.com>
Add support for v6K ARM1176JZF-S. This core includes the VA<->PA
translation capability and security extensions.
Signed-off-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
The VMSAv7 remapping and access permissions were introduced in ARMv6K
and not ARMv7.
Signed-off-by: Jamie Iles <jamie@jamieiles.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Correct typos of "licenced" to "licensed".
Reviewed-by: Stefan Weil <weil@mail.berlios.de>
Reviewed-by: Andreas F=E4rber <andreas.faerber@web.de>
Signed-off-by: Matthew Fernandez <matthew.fernandez@gmail.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* 'for-upstream' of git://git.linaro.org/people/pmaydell/qemu-arm:
target-arm: Fix BASEPRI, BASEPRI_MAX, and FAULTMASK access
target-arm: Minimal implementation of performance counters
Revert "Makefile.target: Allow target helpers to be in any *_helper.c file"
Revert "target-arm: Use global env in neon_helper.c helpers"
target-arm: Pass fp status pointer explicitly to neon fp helpers
target-arm: Make VFP binop helpers take pointer to fpstatus, not CPUState
target-arm: Add helper function to generate code to get fpstatus pointer
Revert "target-arm: Use global env in iwmmxt_helper.c helpers"
Conflicts:
Makefile.target
Parameter 'info' is const, so add the missing attribute.
v2:
Add 'const' to the local variable info in do_cpu_reset() and to
the boot_info field in CPUARMState (suggested by Peter Maydell).
Cc: Andrzej Zaborowski <balrogg@gmail.com>
Cc: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Move functions cpu_has_work() and cpu_pc_from_tb() from exec.h to cpu.h. This is
needed by later patches.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Before the next patch, fix coding style of the areas affected.
Change the type of the return value from cpu_has_work() and
qemu_cpu_has_work() to bool.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Correct the decode of the register numbers for BASEPRI, BASEPRI_MAX
and FAULTMASK, according to "ARMv7-M Architecture Reference Manual"
issue D section "B5.2.3 MRS" and "B5.2.3 MSR".
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Newer Linux kernels assume the existence of the performance counter
cp15 registers. Provide a minimal implementation of these registers.
We support no events. This should be compliant with the ARM ARM,
except that we don't implement the cycle counter.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This effectively reverts commit 2a3f75b42a
so that we return to passing CPUState to helpers as an explicit parameter.
(There were a number of conflicts in target-arm/translate.c which had
to be resolved by hand so it is not a pure revert.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Make the Neon helpers for various floating point operations take an
explicit pointer to the float_status they use, so they don't rely on
the global environment pointer any more. This also allows us to drop
the mul/sub/add helpers completely and just use the vfp versions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Make the VFP binop helper functions take a pointer to the fp status, not
the entire CPUState. This will allow us to use them for Neon operations too.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Add and use a helper function which returns a TCGv which is a pointer
to the fp_status for either Neon or VFP operations.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Use the correct _ptr aliases for manipulating the pointer to
the fp_status; this fixes a compilation failure on 64 bit hosts.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Remove a preprocessor #define which is never used.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
If the input to a Neon float comparison is a quiet NaN, the ARM ARM
specifies that we should raise InvalidOp if the comparison is GE or GT
but not for EQ. (Signaling NaNs raise InvalidOp regardless). This means
only EQ should use the _quiet version of the comparison function.
We implement this by cleaning up the comparison helpers to call the
appopriate versions of the softfloat simple comparison functions
(float32_le and friends) rather than the generic float32_compare functions.
This makes them simple enough that they are clearer opencoded rather
than macroised.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The Neon versions of int-float conversions must use the "standard FPSCR"
rather than the default FPSCR. Implement this by having the helper
functions take a pointer to the appropriate float_status value rather
than simply taking a pointer to the entire CPUState, and making
translate.c pass a pointer to vfp.fp_status or vfp.standard_fp_status
appropriately for whether the instruction being translated is Neon
or VFP.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
On ARM the architecture mandates that when an output denormal is flushed to
zero we must set the FPSCR UFC (underflow) bit, so map softfloat's
float_flag_output_denormal accordingly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The helpers for VRECPE.F32, VSQRTE.F32, VRECPS and VRSQRTS handle denormals
as special cases, so we must set the InputDenormal exception flag ourselves.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The functions which do the core estimation algorithms for the VRSQRTE
and VRECPE instructions should not set floating point exception flags,
so use a local fp status for doing these calculations.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct handling of NaNs for VFP VMLA, VMLS, VNMLS and VNMLA requires that
we implement the set of negations and additions specified by the ARM ARM;
plausible looking simplifications like turning (-A + B) into (B - A) or
computing (A + B) rather than (B + A) result in selecting the wrong NaN or
returning a NaN with the wrong sign bit.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The code changed here is an unused data type name (evt_flush_occurred).
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Make sure the base register isn't updated if it is in the load list
for a Thumb LDM (T1 encoding) which aborts partway through the load.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
target-arm: fix LDMIA bug on page boundary
When consecutive memory locations are on page boundary, a base register may be
loaded before page fault occurs. After page fault handling, it losts the memory
location information. To solve this problem, loading a base register has to put back.
Signed-off-by: Yuyeon Oh <yuyeon.oh@samsung.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correctly UNDEF for Neon VLD/VST "multiple structures" forms where the
align field is not valid.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Handle the UNDEF and UNPREDICTABLE cases for Neon "single element to
one lane" VLD and "single element from one lane" VST.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When we catch the special case of an input NaN in ARM float to int
helper functions, set the Invalid flag as well as returning the
correct result.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Basic implementation of DEC/Intel SA-1100/SA-1110 chips emulation.
Implemented:
- IRQs
- GPIO
- PPC
- RTC
- UARTs (no IrDA/etc.)
- OST reused from pxa25x
Everything else is TODO (esp. PM/idle/sleep!) - see the todo in the
hw/strongarm.c
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The previous patch removed the need for parameter puc.
Is is now unused, so remove it.
Cc: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Function gen_pc_load was introduced in commit
d2856f1ad4.
The only reason for parameter searched_pc was
a debug statement in target-i386/translate.c.
Parameter puc was needed by target-sparc until
commit d7da2a1040.
Remove searched_pc from the debug statement and remove both
parameters from the parameter list of gen_pc_load.
As the function name gen_pc_load was also misleading,
it is now called restore_state_to_opc. This new name
was suggested by Peter Maydell, thanks.
v2: Remove last parameter, too, and rename the function.
v3: Fix [] typo in target-arm/translate.c.
Fix wrong SHA1 object name in commit message (copy+paste error).
Cc: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
This provides a consistent naming scheme across all targets.
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
helpfull -> helpful
usefull -> useful
cotrol -> control
and a grammar fix.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
In the VABAL instruction we take the absolute difference of two
values of size x and store it in a result of size 2x. This means
we have to be careful to calculate the absolute difference using
a wide enough type that we don't accidentally overflow.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The ARM architecture mandates that we detect tininess before rounding,
so set the softfloat fp_status up appropriately.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Catch the UNPREDICTABLE case for Neon VTBL,VTBX, and UNDEF it
rather than allowing the helper function to index off the end
of the register file.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Many of the Neon "2 register misc" instruction forms require invalid
size fields to cause the instruction to UNDEF. Pull this information
out into an array; this simplifies the code and also means we can do
the check early and avoid the problem of leaking TCG temporaries in
the illegal_op case.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add missing checks for cases which must UNDEF in the Neon "2 registers and
a scalar" data processing instruction space.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add missing UNDEF checks for instructions in the Neon "3 registers of
different widths" data processing space.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
For Neon "one register and a modified immediate value" forms, the
combination op=1 cmode=1111 is unallocated and should UNDEF.
All instructions of this form also UNDEF if Q == 1 and Vd<0> == 1.
We also add a comment on the only UNPREDICTABLE in this space.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Collapse some switch cases for VSRI into those for VSHL, VSLI,
since the bodies are the same. (This is not completely obvious
for the size < 3 case, but since for VSRI we know U=1 the
GEN_NEON_INTEGER_OP() expansion is equivalent to the open-coded
VSHL/VSLI case.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correctly handle all the UNDEF cases for Neon instructions of the
"2 registers and shift" form, and make sure that we check for these
cases early enough not to leak TCG temporaries.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Since we know that the case of (pairwise && q) has been caught
earlier, we can simplify the register setup code for each pass
in the three-register-same-size Neon loop.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct the handling of UNDEF cases for the NEON "3 registers same
size" forms, by adding missing checks and rationalising some others
so they are done early enough to avoid leaking TCG temporaries.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Simplify the checks for invalid size values for the Neon "three registers
of the same size" instruction forms (and add them where they were missing)
by using a lookup table.
This includes adding symbolic constants for the op values in this space,
since we now use them in multiple places.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Currently target-arm/ assumes at least ARMv5 core. Add support for
handling also ARMv4/ARMv4T. This changes the following instructions:
BX(v4T and later)
BKPT, BLX, CDP2, CLZ, LDC2, LDRD, MCRR, MCRR2, MRRC, MCRR, MRC2, MRRC,
MRRC2, PLD QADD, QDADD, QDSUB, QSUB, STRD, SMLAxy, SMLALxy, SMLAWxy,
SMULxy, SMULWxy, STC2 (v5 and later)
All instructions that are "v5TE and later" are also bound to just v5, as
that's how it was before.
This patch doesn _not_ include disabling of cp15 access and base-updated
data abort model (that will be required to emulate chips based on a
ARM7TDMI), because:
* no ARM7TDMI chips are currently emulated (or planned)
* those features aren't strictly necessary for my purposes (SA-1 core
emulation).
All v5 models are handled as they are v5T. Internally we still have a
check if the model is a v5(T) or v5TE, but as all emulated cores are
v5TE, those two cases are simply aliased (for now).
Patch is heavily based on patch by Filip Navara <filip.navara@gmail.com>
which in turn is based on work by Ulrich Hecht <uli@suse.de> and Vincent
Sanders <vince@kyllikki.org>.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
tcg_gen_exit_tb takes a parameter of type tcg_target_long,
so the type casts of pointer to long should be replaced by
type casts of pointer to tcg_target_long (suggested by Blue Swirl).
These changes are needed for build environments where
sizeof(long) != sizeof(void *), especially for w64.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Make the Neon helper routines use the correct FP status from
the CPUEnv rather than using a dummy static one. This means
they will correctly handle denormals and NaNs and will set
FPSCR exception bits properly.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the global 'env' variable in the helper functions in iwmmxt_helper.c.
This means we don't need to pass env as an argument to them any more.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the global 'env' variable in the helper functions in neon_helper.c.
This means we don't need to pass env as an argument to them any more.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct the argument and return types for the float<->int conversion helper
functions so that integer arguments and return values are declared as
uint32_t/uint64_t, not float32/float64. This allows us to remove the
hand-rolled functions which were doing bitwise copies between the types
via unions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the new softfloat min/max functions to implement the Neon VMAX
and VMIN instructions. This allows us to get the right behaviour
for NaN and negative zero.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Implement ABD by taking the absolute value of the difference
of the operands (as the ARM ARM specifies) rather than by
flipping the order of the operands to the subtract based
on the results of a comparison. The latter approch gives
the wrong answers for some edge cases like negative zero.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Implementing the floating-point versions of VCLE #0 and VCLT #0 by
doing a GT comparison and inverting the result gives the wrong
result if the input is a NaN. Implement as a GT comparison with the
operands swapped instead.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix the helper functions implementing the Neon floating point comparison
ops (VCGE, VCGT, VCEQ, VACGT, VACGE) to return the right answer when
one of the values being compared is a NaN.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the softfloat make_float32 and float32_val macros to convert between
softfloat's float32 type and raw uint32_t types, rather than private
conversion functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Move the allocation and freeing of the TCG temp used for the address for
Neon load/store instructions so that we don't allocate the temporary
until we've done enough decoding to know that the instruction is not
an UNDEF pattern; this avoids leaking the TCG temp in these cases.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix several bugs in VLD of single element to all lanes:
The "single element to all lanes" form of VLD1 differs from those for
VLD2, VLD3 and VLD4 in that bit 5 indicates whether the loaded element
should be written to one or two Dregs (rather than being a register
stride). Handle this by special-casing VLD1 rather than trying to
have one loop which deals with both VLD1 and 2/3/4.
Handle VLD4.32 with 16 byte alignment specified, rather than UNDEFfing.
UNDEF for the invalid size and alignment combinations.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The preferred way to create a constant floating point value is to use
make_float32() rather than doing a runtime int32_to_float32().
Convert the code in the VRSQRTS helper to work this way.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct the handling of edge cases for the VRECPS instruction:
* this is a Neon instruction so uses the "standard FPSCR value"
* (zero, inf) is a special case which returns 2.0
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
SMUAD and SMLAD are supposed to set the Q bit if the addition of
the two 16x16 multiply products and optional accumulator overflows
considered as a signed value. However we were only doing this check
for the addition of the accumulator, not when adding the products,
with the effect that we were mishandling the edge case where
both inputs are 0x80008000.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix the signed modulo arithmetic helpers for the v6media
instructions (SADD8, SSUB8, SADD16, SSUB16, SASX, SSAX) to set
the GE bits correctly (based on the result of the add or subtract
before it is truncated to 16 bits, not after).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Decode of Thumb load/store was merging together the cases of 'bit 11==0'
(reg+reg LSL imm) and 'bit 11==1' (reg+imm). This happens to work for
valid instruction patterns but meant that we would not UNDEF for the
cases the architecture mandates that we must. Make the decode actually
look at bit 11 as well as [10..8] so that we UNDEF in the right places.
This change also removes what was a spurious unreachable 'case 8',
and correctly frees TCG temporaries on the illegal-insn codepaths.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
All implementations are now the same, and there is only one caller,
so inline the function there.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Newer ARM kernels try to probe for whether the CPU has hardware breakpoint
support. For this to work QEMU has to implement a minimal set of the cp14
debug registers. The architecture requires v7 cores to implement debug
and so there is no defined way to report its absence; however in practice
returning a zero DBGDIDR (ie with a reserved value for "debug architecture
version") should cause well-written hw debug users to do the right thing.
We also implement DBGDRAR and DBGDSAR as RAZ, indicating no memory mapped
debug components.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the new TCG temporary leak debugging facilities to
check that each ARM instruction does not leak temporaries.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This commit removes the ad-hoc resource leak checking code from
target-arm. This includes replacing all uses of new_tmp() with
tcg_temp_new_i32() and all uses of dead_tmp() with
tcg_temp_free_i32().
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Implement VA->PA translations by cp15-c7 that went through unchanged
previously.
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The code for Thumb2 ORNS (or negated and set flags) was trashing
a TCG input register which was needed later for use in calculating
flags, with the effect that the carry flag was always set with
the wrong sense. Fix this by using the TCG orc op instead of
separate not and or ops.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix two bugs in the translation of the instructions VMOV sa,sb,rx,ry and
VMOV rx,ry,sa,sb (which copy between a pair of ARM core registers and a
pair of VFP single precision registers):
* An incorrect condition meant these instruction patterns were being
treated as load/store multiple, which resulted in the generation
of bad code and a runtime segfault
* The order of the core register pair was reversed so the values would
go to the wrong registers
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
In v7 of the ARM architecture, WFI (wait for interrupt) is a first-class
instruction, but in previous versions this functionality was provided
via a cp15 coprocessor register. Add correct feature checks to the
decoding of the cp15 WFI instructions so that they behave correctly
for newer cores. In particular, the old 0,c7,c8,2 encoding used on
ARM940 has been reused for VA-to-PA translation in v6 and v7.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Now use the same algorithm as described in the ARM ARM.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Now use the same algorithm as described in the ARM ARM.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
These two constants will be used by helper functions such as recpe_f32
and rsqrte_f32.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
For Neon shifts by immediate and narrow, correctly handle the case
where the source registers and the destination registers overlap
(the second pass should use the original register contents, not the
results of the first pass).
This includes a refactoring to pull the size check outside the
loop rather than inside, since there is now very little common
code between the size == 3 and size != 3 case.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Pull the code which decodes narrowing operations as being either
signed/unsigned saturate or plain out into its own function.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correctly handle VQRSHL of unsigned values by a shift count of the
width of the data type or larger, which must be special-cased in the
qrshl_u* helper functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Handle the case of signed VQRSHL by a shift count of the width of the
data type or larger, which must be special cased in the qrshl_s*
helper functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Call the normal shift helpers instead of the rounding ones.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix value returned by signed 8 and 16 bit qrshl helpers
when the result has saturated.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix range of shift amounts which always give 0 as result.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix handling of unsigned VRSHL.s8 and .s16 right shifts by the type
width.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correctly handle VRSHL of signed values by a shift count of the
width of the data type or larger, which must be special-cased in the
rshl_s* helper functions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Handle cases where adding the rounding constant could overflow in Neon
shift instructions: VRSHR, VRSRA, VQRSHRN, VQRSHRUN, VRSHRN.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
[peter.maydell@linaro.org: fix handling of large shifts in rshl_s32,
calculate signed saturated value as other functions do.]
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Move the implementation of the Neon VUZP unzip instruction from inline
code to helper functions. (At 50+ TCG ops it was well over the
recommended limit for coding inline.) The helper implementations also
give the correct answers where the inline implementation did not.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Move the implementation of the Neon VUZP unzip instruction from inline
code to helper functions. (At 50+ TCG ops it was well over the
recommended limit for coding inline.) The helper implementations also
fix the handling of the quadword version of the instruction.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
We handle Thumb Neon data processing instructions by converting them
into the equivalent ARM encoding, as the two are very close. However
the ARM encoding should have bit 28 set, not clear. This wasn't causing
any problems because we don't actually look at that bit during decode;
however it is better to do the conversion correctly to avoid problems
later if we add checks to UNDEF on SBZ/SBO bits.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
For VQDMLSL, negation has to occur after saturation, not before.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Refactor the handling of VQDMULL so that it is dealt with in
its own if() case rather than together with the accumulating
instructions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Implement VMULL.P8 (the 32x32->64 version of the polynomial multiply
instruction).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
These two fields were added as a part of ARMv7 support patch (back in
2007), were never used by any code, so can be dropped.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
Remove a stray #include <stdio.h> from the middle of neon_helper.c:
it was harmless but pointless since we include stdio.h at the top
of the file anyway.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The Neon half-precision conversion operations (VCVT.F16.F32 and
VCVT.F32.F16) use ARM standard floating-point arithmetic, unlike
the VFP versions (VCVTB and VCVTT).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Silence the NaNs that may result from half-precision conversion,
as we do for the other conversions.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add a float16 type to softfloat, rather than using bits16 directly.
Also add the missing functions float16_is_quiet_nan(),
float16_is_signaling_nan() and float16_maybe_silence_nan(),
which are needed for the float16 conversion routines.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix bit mask used when widening the result of shift on narrow input.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The returned value when doing saturating signed 64->32 bit
conversion of a negative number was incorrect due to a missing cast.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
VQMOVUN does a signed-to-unsigned saturating conversion. This is
different from both the signed-to-signed and unsigned-to-unsigned
conversions already implemented, so we need a new set of helper
functions (neon_unarrow_sat*).
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Refine the decoding of the Thumb preload and hint space, so we
UNDEF on the patterns that are supposed to UNDEF rather than NOP.
We also move the tests for this space earlier, so we don't emit
harmless but unnecessary address generation code for preload
hints (which by their nature are likely to be in hot code paths).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct the decoding of the ARM preload and memory hint space,
by adding decoding of PLI, PLDW and the v7MP unallocated hint
space. This commit also corrects a slightly overexuberant
decoding of PLD(register) which was not checking that bit 4
was one.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The ARM cp15 register 0,c0,c0,5 is standardised in the v7 architecture
as the MPIDR. Clean up its implementation to remove A9 specific handling.
This commit includes fixing an error in the value returned for the
MPIDR on A9, where we were erroneously claiming a cluster ID of 9.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add a CPU feature flag for v7MP (the multiprocessing extensions); some
instructions exist only for v7MP and not for the base v7 architecture.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This patch fixes the errors reported by my tests in VSRA.
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct an error in the implementation of the 16 bit
forms of VQ(R)DMULH, bringing them into line with the
32 bit implementation.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix the register and part of register we get the scalar from in
the various "multiply vector by scalar" ops (VMUL by scalar
and friends).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This patch fixes corner-case saturations, when the target range is
zero. It merely removes the guard against (sh == 0), and makes:
__ssat(0x87654321, 1) return 0xffffffff and set the saturation flag
__usat(0x87654321, 0) return 0 and set the saturation flag
Signed-off-by: Christophe Lyon <christophe.lyon@st.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add support for logging the start of instructions in TCG
code debug dumps for ARM targets.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
We were not correctly restoring the IT bits when resuming execution
after taking an unexpected exception in the middle of an IT block.
Fix this by tracking them along with PC changes and restoring in
gen_pc_load().
This fixes bug https://bugs.launchpad.net/qemu/+bug/581335
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Create a new function which does the common sequence of gen_set_condexec,
gen_set_pc_im, gen_exception, set is_jmp to DISAS_JUMP.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Remove a redundant call to gen_set_condexec() in the translation of Thumb
mode SWI. (SWI and WFI generate "exceptions" which happen after the
execution of the instruction, ie when PC and IT bits have updated.
So the condexec bits at this point are not correct. However, the code
that handles finishing the translation of the TB will write the correct
value of the condexec bits later, so the only effect was that a conditional
Thumb SWI would generate slightly worse code than necessary.)
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When translating, get the user/priv state from the TB flags, not
the CPUState.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
M profile ARM cores don't have a CPSR mode field. Set the bit in the
TB flags that indicates non-user mode correctly for these cores.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When translating, the condexec bits for the TB are in the TB flags;
the CPUState condexec bits may be different.
This patch fixes https://bugs.launchpad.net/bugs/604872 where we might
segfault if we took an exception in the middle of a TB with an IT
block, because when we came to retranslate in cpu_restore_state()
the CPUState condexec bits would have advanced compared to the start
of the TB and we would generate different (wrong) code.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The Thumb/ARM state for the TB being translated should come from
the TB flags, not the CPUState.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When translating, the VFP vector length and stride for this TB are encoded
in the TB flags; the CPUState copies may be different and must not be used.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When translating code, whether the VFP unit is enabled for this TB
is stored in a bit in the TB flags. Use this rather than incorrectly
reading the FPEXC from the CPUState passed to translation.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add symbolic constants for the bitfields we use in the TB flags.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When translating the SRS instruction, handle the "store registers
to stack of current mode" case in the helper function rather than
inline. This means the generated code does not make assumptions
about the current CPU mode which might not be valid when the TB
is executed later.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
VSQRTS always uses the standard FPSCR value as it is a Neon instruction.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add support to the ARM helper routines for a second fp_status value
which should be used for operations which the ARM ARM indicates use
"ARM standard floating-point arithmetic" rather than being controlled
by the rounding/flush/NaN settings in the FPSCR.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The implementation of the ARM VRSQRTS instruction (which calculates
(3 - op1 * op2) / 2) was missing the division operation. It also
did not handle the special cases of (0,inf) and (inf,0).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix errors in the decoding of ARM VQSHL/VQSHLU immediate forms,
including using the new VQSHLU helper functions where appropriate.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add neon helper functions to implement VQSHLU, which is a
signed-to-unsigned version of VQSHL available only as an
immediate form.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Wire up the new softfloat support for flushing input denormals
to zero on ARM. The FPSCR FZ bit enables flush-to-zero for
both inputs and outputs, but the reporting of when inputs are
flushed to zero is via a separate IDC bit rather than the UFC
(underflow) bit used when output denormals are flushed to zero.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
When handling a write to the ARM FPSCR, set the softfloat cumulative
exception flags from the cumulative flags in the FPSCR, not the
exception-enable bits. Also don't apply a mask: vfp_exceptbits_to_host
will only look at the correct bits anyway.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Acked-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
SMMLA and SMMLS are broken on both in normal and thumb mode, that is
both (different) implementations are wrong. They try to avoid a 64-bit
add for the rounding, which is not trivial if you want to support both
SMMLA and SMMLS with the same code.
The code below uses the same implementation for both modes, using the
code from the ARM manual. It also fixes the thumb decoding that was a
mix between normal and thumb mode.
This fixes the issues reported in
https://bugs.launchpad.net/qemu/+bug/629298
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
UMAAL should use unsigned multiply instead of signed.
This patch fixes this issue by handling UMAAL separately from
UMULL/UMLAL/SMULL/SMLAL as these instructions are different
enough. It also explicitly list instructions in case and catch
nonexistent instruction as illegal. Also fixes a few style issues.
This fixes the issues reported in
https://bugs.launchpad.net/qemu/+bug/696015
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Where VQSHL of a signed 8/16/32 bit value saturated, the result
value was not being calculated correctly (it should be either
the minimum or maximum value for the size of the signed type).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Remove a pointless else clause in the neon_qshl_u64 helper.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
VQSHL of a signed 64 bit non-zero value by a shift count >= 64 should
saturate; return the correct value in this case.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Add a missing '-' which meant that we were misinterpreting the shift
argument for VQSHL of 64 bit signed values and treating almost every
shift value as if it were an extremely large right shift.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Correct the arguments passed when generating neon qshl_{u,s}64()
helpers so that we use the correct registers.
Signed-off-by: Juha Riihimäki <juha.riihimaki@nokia.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The translation of REVSH shifted the low byte 8 steps left before performing
an 8-bit sign extend, causing this part of the expression to alwas be 0.
Reported-by: Johan Bengtsson <teofrastius@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Use the softfloat conversion routines for conversion to 16 bit
integers, because just casting to a 16 bit type truncates the
value rather than saturating it at 16-bit MAXINT/MININT.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
VCVT of 16 bit fixed point to float should ignore the top 16 bits
of the source register. Cast to int16_t and friends rather than
int16 -- the former is guaranteed exactly 16 bits wide where the
latter is merely at least 16 bits wide (and so is usually 32 bits).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
The ARM ARM defines that if the input to a single<->double conversion
is a NaN then the output is always forced to be a quiet NaN by setting
the most significant bit of the fraction part.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
The ARM architecture mandates that converting a NaN value to
integer gives zero (if Invalid Operation FP exceptions are
not being trapped). This isn't the behaviour of the SoftFloat
library, so NaNs must be special-cased.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Fix errors in the decoding of the Neon forms of fixed-point VCVT:
* fixed-point VCVT is op 14 and 15, not 15 and 16
* the fbits immediate field was being misinterpreted
* the sense of the to_fixed bit was inverted
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Correct the decoding of source and destination registers
for the VFP forms of the VCVT instructions which convert
between floating point and integer or fixed-point.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Correct ldrexd and strexd code to always read and write the
high word of the 64-bit value from addr+4.
Also make ldrexd and strexd agree that for a 64 bit value the
address in env->exclusive_addr is that of the low word.
This fixes the issues reported in
https://bugs.launchpad.net/qemu/+bug/670883
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Refine check on bkpt so that smc and undefined instruction encodings are
handled as an undefined instruction and trap.
Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
The thumb2 decoder contained a mixup between the bit controlling
doubling and the bit controlling if the operation was an add or a sub.
Signed-off-by: Johan Bengtsson <teofrastius@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
The PKHxx instructions were not recognized by the thumb2 decoder. The
solution provided in this changeset is identical to the arm-mode
implementation.
Signed-off-by: Johan Bengtsson <teofrastius@gmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Nathan Froyd <froydnj@codesourcery.com>
Expose the vfp_get_fpscr() and vfp_set_fpscr() functions to C
code as well as generated code, so we can use them to read and
write the FPSCR when saving and restoring VFP registers across
signal handlers in linux-user mode.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>