It is no longer used, so tidy up everything reached by it.
This includes the gen_opc_* arrays, the search_pc parameter
and the inline gen_intermediate_code_internal functions.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
We can now restore state without retranslation.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
The gen_opc_* arrays are already redundant with the data stored in
the insn_start arguments. Transition restore_state_to_opc to use
data from the latter.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Adjust all translators to respect it.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
This symbol no longer exists.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
As it's only caller, this tidies things a bit.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Since jump_pc[1] is always npc + 4, we can infer after incrementing
that jump_pc[1] == pc + 4. Because of that, we can encode the branch
destination into a single word, and store that in npc.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Unify three copies of this code from different
branch types. Fix the case when npc == DYNAMIC_PC,
i.e. a branch within a delay slot.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
We always pass pc2 == dc->npc and r_cond == cpu_cond,
and always set is_br afterward. Infer all of that.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
This perhaps isn't ideal in terms of (ab)using the "pc" field
to encode both pc and ppc + delay branch state, as one has to
be aware of this when examining opcode dumps.
But it preserves existing logic, which will be good for bisection,
and it certainly does save storage space.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
With an eye toward having this data replace the gen_opc_* arrays
that each target collects in order to enable restore_state_from_tb.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Reduce the boilerplate required for each target. At the same time,
move the test for breakpoint after calling tcg_gen_insn_start.
Note that arm and aarch64 do not use cpu_breakpoint_test, but still
move the inline test down after tcg_gen_insn_start.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
This does tidy the icount test common to all targets.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
While we're at it, emit the opcode adjacent to where we currently
record data for search_pc. This puts gen_io_start et al on the
"correct" side of the marker.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
With an eye toward making it mandatory.
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <rth@twiddle.net>
EX_CONTEXT_0_0 is used for jumping address, and EX_CONTEXT_0_1 is for
INTERRUPT_CRITICAL_SECTION, which should only be 0 or 1 in user mode, or
it will cause target SIGILL (and the patch doesn't support system mode).
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
For some cases, they are for TILEGX_EXCP_OPCODE_UNKNOWN, not for
TILEGX_EXCP_OPCODE_UNIMPLEMENTED.
Also for some cases, they are for TILEGX_EXCP_OPCODE_UNIMPLEMENTED, not
for TILEGX_EXCP_OPCODE_UNKNOWN.
When analyzing issues, the correct printing information is necessary,
e.g. grep UIMP in gcc testsuite output log for finding qemu tilegx
umimplementation issues, grep UNKNOWN for finding unknown instructions.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443956491-26850-3-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443956491-26850-2-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
It is just according to v1sh* instructions implementation.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443956491-26850-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
These are mapped onto some of the normal load instructions, when the
destination is the zero register. Other load insns do fault even
when targeting the zero register.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443562720-3008-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Notice raise and bpt, decoding the constants embedded in the
nop addil instruction in the x0 slot.
[rth: Generalize TILEGX_EXCP_OPCODE_ILL to TILEGX_EXCP_SIGNAL.
Drop validation of signal values.]
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443243635-4886-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
[rth: Remove the spreg[EX1] handling, as it's irrelevant to user-mode.]
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443312618-13641-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
They content several new macro members, also contents TARGET_N*.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443240605-2924-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
According to the related document, bpt can be only in x1 pipe.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1443224574-2718-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Message-Id: <1442874414-3578-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
[rth: Implement everything inline; handle v1addi and v2addi as well.]
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1442873918-3394-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
v2sh* are implemented with helper functions; v4sh* are implmeneted
with inline code.
Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
Message-Id: <1442872055-2836-1-git-send-email-gang.chen.5i5j@gmail.com>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Using the V1 macro when we want to replicate a byte across
the 8 elements of the word. Using deposit and extract for
manipulating specific elements.
Signed-off-by: Richard Henderson <rth@twiddle.net>
pc_dimm_realize() validates the NUMA node to which memory hotplug is
being performed only in case of NUMA configuration. Include a check to
fail for invalid nodes in case of non-NUMA configuration too.
Signed-off-by: Bharata B Rao <bharata@linux.vnet.ibm.com>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Some fixes all over the place:
- ccw bios and gcc 5.1 (avoid floating point ops)
- properly print vector registers
- sclp and sclp-event-facility no longer hang on object_unref(object_new(T))
- better name for io_subsystem_reset
One feature
- the gdb server now exposes several virtualization specific register
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iQIcBAABAgAGBQJWE6BoAAoJEBF7vIC1phx89zUP/RohjexrA9GZ93mKlP8SdmUO
FP4MmsaInv7PTIfZeUnG1sa0n9CbodwiPypnzlvOedbibQagnZwI+pnpa/W/SxJQ
M6Wh+vamUFEfXcNC4/6zOJJvKUQUBYMDVgbUuDxTgCne4V9yCgVzs8NPWBIfFCVC
3bzUxinzG+mTD6eQLNNrpTa7KSuKhNS1g0hsIId92XAr7iQ3H2SSDCr9w+HOR3eN
Gqr3JdCOVOwqNcrsyfpJK3NYaooqcSbAlIpfNoGaxrc3DldEjBTfr20LLHKoPhcM
ibEAOUi1dtdBlZofo8/OBvHeeR0MPHmCjV9CTxymmgABPWhpIIxEG16vgy8ijZ5R
QcA6D4QlALvE+kDwXGtHfEOZ0rHMHmzD9RUtzLL5ALG4UWM06qrwqtMeHUuAxInU
lRPaEV9J+1fXzQzH708DjRAncOOdTCVUv0SfoYa3VR4wo0ZMx6W/K/FXc/h4q4Jm
6CztpK03HSly+gCkd6gcdZ908Se3OcaB0DTScVvUdVKCUdvM53Uo7L5jI9wk399a
xj/+W4XO9lkLEFnZKAKopS4ea7cgV8oIqUuMpCuZnCiOQCCKpZgrUgJAxvaLomnv
4he7fbiScmMEhUGVI0AvMmbMYCbGd4gVoHm5/kMvslV5w5o898uIVlTrvNf3Z6Fv
9jZSLDLVoHeU+ESOjJy+
=STtO
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/borntraeger/tags/s390x-20151006' into staging
s390: fixes
Some fixes all over the place:
- ccw bios and gcc 5.1 (avoid floating point ops)
- properly print vector registers
- sclp and sclp-event-facility no longer hang on object_unref(object_new(T))
- better name for io_subsystem_reset
One feature
- the gdb server now exposes several virtualization specific register
# gpg: Signature made Tue 06 Oct 2015 11:20:24 BST using RSA key ID B5A61C7C
# gpg: Good signature from "Christian Borntraeger (IBM) <borntraeger@de.ibm.com>"
* remotes/borntraeger/tags/s390x-20151006:
s390x: rename io_subsystem_reset -> subsystem_reset
s390x/info registers: print vector registers properly
s390x: set missing parent for hotplug and quiesce events
s390x/gdb: expose virtualization specific registers
pc-bios/s390-ccw: avoid floating point operations
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABCAAGBQJWEp+WAAoJECgHk2+YTcWmTWQQAL3PXCXh5tY6LKlr3OfeSxns
cFyuMeeq3K7NGVM0BNJjfaHTl/NRKyGseDaVUaa6kosdunN2QyMaIQP7RyvpMrNk
V7RI2ivax22NHWo52cdBvsRhHOSx1AR/Qqc6YV+lVD8Awz5OsV0oLApG7c862b6q
5FVDeopQ8Mm7zkun/PUuQqaJax+mdtrSb90wr1Ehsm8D3hJiWs8dA6UFTxLB8ve6
fGrtDgs7MIs+fbZ1yS1ulDGuNdBtBHL2T0h4elU3o4CN3z9ChxEp/sYzGkEC+cyB
o+JPk4sr5CnUKqVgDfIHxE88Ycaulz2AmObT/IUhf+QLkwcJ72uohV6n/NPr0zJ4
B4hIah9nkPQ4TTUhInt93Ftq2FkmmAm1or/+SkCKIkIYfvakW0S6KnbMZvfMS8Hu
acJb4W+4c78CBI9EbCtHs7lezTTH2dYSUBKA09gIi+pM93G22lh2Sl8J4ZvfSF2a
qlL7J4KiogBbLhuaakPuyOIS77afkCSkA9NFTkn294THr3tqFaXaHzAY0+AwW4W1
dH8Y4w5LH+pXyLp5jVzvEmopX4DDOaYPlvwGB6y0vhMCi28hkroXMrU76wT5w9+y
yo6RFJseHi7SbJCGgie9kehBFv8q3Si1XomiPxGlPWCUnOVe8nf3DPUvWYwn3VJw
VRkkcp+RzEOlPsWK3Aj7
=pr5r
-----END PGP SIGNATURE-----
Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into staging
X86 queue, 2015-10-05
# gpg: Signature made Mon 05 Oct 2015 17:04:38 BST using RSA key ID 984DC5A6
# gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>"
* remotes/ehabkost/tags/x86-pull-request:
icc_bus: drop the unused files
cpu/apic: drop icc bus/bridge
x86: use new method to correct reset sequence
apic: move APIC's MMIO region mapping into APIC
Correctly re-init EFER state during INIT IPI
target-i386: add ABM to Haswell* and Broadwell* CPU models
target-i386: get/put MSR_TSC_AUX across reset and migration
target-i386: Make check_hw_breakpoints static
target-i386: Move breakpoint related functions to new file
target-i386: Convert kvm_default_*features to property/value pairs
vl: Add another sanity check to smp_parse() function
cpu: Introduce X86CPUTopoInfo structure for argument simplification
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
vhost-user depends on vhost-net. We should probably fix that.
For now, let's disable the test otherwise.
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
At present the memory listener used by vfio to keep host IOMMU mappings
in sync with the guest memory image assumes that if a guest IOMMU
appears, then it has no existing mappings.
This may not be true if a VFIO device is hotplugged onto a guest bus
which didn't previously include a VFIO device, and which has existing
guest IOMMU mappings.
Therefore, use the memory_region_register_iommu_notifier_replay()
function in order to fix this case, replaying existing guest IOMMU
mappings, bringing the host IOMMU into sync with the guest IOMMU.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
When we have guest visible IOMMUs, we allow notifiers to be registered
which will be informed of all changes to IOMMU mappings. This is used by
vfio to keep the host IOMMU mappings in sync with guest IOMMU mappings.
However, unlike with a memory region listener, an iommu notifier won't be
told about any mappings which already exist in the (guest) IOMMU at the
time it is registered. This can cause problems if hotplugging a VFIO
device onto a guest bus which had existing guest IOMMU mappings, but didn't
previously have an VFIO devices (and hence no host IOMMU mappings).
This adds a memory_region_iommu_replay() function to handle this case. It
replays any existing mappings in an IOMMU memory region to a specified
notifier. Because the IOMMU memory region doesn't internally remember the
granularity of the guest IOMMU it has a small hack where the caller must
specify a granularity at which to replay mappings.
If there are finer mappings in the guest IOMMU these will be reported in
the iotlb structures passed to the notifier which it must handle (probably
causing it to flag an error). This isn't new - the VFIO iommu notifier
must already handle notifications about guest IOMMU mappings too short
for it to represent in the host IOMMU.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Depending on the host IOMMU type we determine and record the available page
sizes for IOMMU translation. We'll need this for other validation in
future patches.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
The current vfio core code assumes that the host IOMMU is capable of
mapping any IOVA the guest wants to use to where we need. However, real
IOMMUs generally only support translating a certain range of IOVAs (the
"DMA window") not a full 64-bit address space.
The common x86 IOMMUs support a wide enough range that guests are very
unlikely to go beyond it in practice, however the IOMMU used on IBM Power
machines - in the default configuration - supports only a much more limited
IOVA range, usually 0..2GiB.
If the guest attempts to set up an IOVA range that the host IOMMU can't
map, qemu won't report an error until it actually attempts to map a bad
IOVA. If guest RAM is being mapped directly into the IOMMU (i.e. no guest
visible IOMMU) then this will show up very quickly. If there is a guest
visible IOMMU, however, the problem might not show up until much later when
the guest actually attempt to DMA with an IOVA the host can't handle.
This patch adds a test so that we will detect earlier if the guest is
attempting to use IOVA ranges that the host IOMMU won't be able to deal
with.
For now, we assume that "Type1" (x86) IOMMUs can support any IOVA, this is
incorrect, but no worse than what we have already. We can't do better for
now because the Type1 kernel interface doesn't tell us what IOVA range the
IOMMU actually supports.
For the Power "sPAPR TCE" IOMMU, however, we can retrieve the supported
IOVA range and validate guest IOVA ranges against it, and this patch does
so.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
If a DMA mapping operation fails in vfio_listener_region_add() it
checks to see if we've already completed initial setup of the
container. If so it reports an error so the setup code can fail
gracefully, otherwise throws a hw_error().
There are other potential failure cases in vfio_listener_region_add()
which could benefit from the same logic, so move it to its own
fail: block. Later patches can use this to extend other failure cases
to fail as gracefully as possible under the circumstances.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
