aboutsummaryrefslogtreecommitdiff
path: root/target-mips
AgeCommit message (Collapse)AuthorFilesLines
2016-04-28target-mips: Fix RDHWR exception host PCJames Hogan1-8/+8
Commit b00c72180c36 ("target-mips: add PC, XNP reg numbers to RDHWR") changed the rdhwr helpers to use check_hwrena() to check the register being accessed is enabled in CP0_HWREna when used from user mode. If that check fails an EXCP_RI exception is raised at the host PC calculated with GETPC(). However check_hwrena() may not be fully inlined as the do_raise_exception() part of it is common regardless of the arguments. This causes GETPC() to calculate the address in the call in the helper instead of the generated code calling the helper. No TB will be found and the EPC reported with the resulting guest RI exception points to the beginning of the TB instead of the RDHWR instruction. We can't reliably force check_hwrena() to be inlined, and converting it to a macro would be ugly, so instead pass the host PC in as an argument, with each rdhwr helper passing GETPC(). This should avoid any dependence on compiler behaviour, and in practice seems to ensure the full inlining of check_hwrena() on x86_64. This issue causes failures when running a MIPS KVM (trap & emulate) guest in a MIPS QEMU TCG guest, as the inner guest kernel will do a RDHWR of counter, which is disabled in the outer guest's CP0_HWREna by KVM so it can emulate the inner guest's counter. The emulation fails and the RI exception is passed to the inner guest. Fixes: b00c72180c36 ("target-mips: add PC, XNP reg numbers to RDHWR") Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Yongbok Kim <yongbok.kim@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30target-mips: add MAAR, MAARI registerYongbok Kim6-3/+113
The MAAR register is a read/write register included in Release 5 of the architecture that defines the accessibility attributes of physical address regions. In particular, MAAR defines whether an instruction fetch or data load can speculatively access a memory region within the physical address bounds specified by MAAR. As QEMU doesn't do speculative access, hence this patch only provides ability to access the registers. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30target-mips: use CP0_CHECK for gen_m{f|t}hc0Yongbok Kim1-25/+21
Reuse CP0_CHECK macro for gen_m{f|t}hc0. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30target-mips: make ITC Configuration Tags accessible to the CPULeon Alrae4-12/+100
Add CP0.ErrCtl register with WST, SPR and ITC bits. In 34K and interAptiv processors these bits are used to enable CACHE instruction access to different arrays. When WST=0, SPR=0 and ITC=1 the CACHE instruction will access ITC tag values. Generally we do not model caches and we have been treating the CACHE instruction as NOP. But since CACHE can operate on ITC Tags new MIPS_HFLAG_ITC_CACHE hflag is introduced to generate the helper only when CACHE is in the ITC Access mode. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30target-mips: check CP0 enabled for CACHE instruction also in R6Leon Alrae1-0/+1
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30hw/mips: implement ITC Configuration Tags and Storage CellsLeon Alrae1-0/+1
Implement ITC as a single object consisting of two memory regions: 1) tag_io: ITC Configuration Tags (i.e. ITCAddressMap{0,1} registers) which are accessible by the CPU via CACHE instruction. Also adding MemoryRegion *itc_tag to the CPUMIPSState so that CACHE instruction will dispatch reads/writes directly. 2) storage_io: memory-mapped ITC Storage whose address space is configurable (i.e. enabled/remapped/resized) by writing to ITCAddressMap{0,1} registers. ITC Storage contains FIFO and Semaphore cells. Read-only FIFO bit in the ITC cell tag indicates the type of the cell. If the ITC Storage contains both types of cells then FIFOs are located before Semaphores. Since issuing thread can get blocked on the access to a cell (in E/F Synchronized and P/V Synchronized Views) each cell has a bitmap to track which threads are currently blocked. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30target-mips: enable CM GCR in MIPS64R6-generic CPULeon Alrae1-1/+2
Indicate that in the MIPS64R6-generic CPU the memory-mapped Global Configuration Register Space is implemented. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30hw/mips_malta: add CPS to Malta boardLeon Alrae2-0/+11
If the user specifies smp > 1 and the CPU with CM GCR support, then create Coherent Processing System (which takes care of instantiating CPUs) rather than CPUs directly and connect i8259 and cbus to the pins exposed by CPS. However, there is no GIC yet, thus CPS exposes CPU's IRQ pins so use the same pin numbers as before. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-30target-mips: add CMGCRBase registerYongbok Kim2-1/+20
Physical base address for the memory-mapped Coherency Manager Global Configuration Register space. The MIPS default location for the GCR_BASE address is 0x1FBF_8. This register only exists if Config3 CMGCR is set to one. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> [leon.alrae@imgtec.com: move CMGCR enabling to a separate patch] Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-24Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell1-0/+1
* Log filtering from Alex and Peter * Chardev fix from Marc-André * config.status tweak from David * Header file tweaks from Markus, myself and Veronia (Outreachy candidate) * get_ticks_per_sec() removal from Rutuja (Outreachy candidate) * Coverity fix from myself * PKE implementation from myself, based on rth's XSAVE support # gpg: Signature made Thu 24 Mar 2016 20:15:11 GMT using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: (28 commits) target-i386: implement PKE for TCG config.status: Pass extra parameters char: translate from QIOChannel error to errno exec: fix error handling in file_ram_alloc cputlb: modernise the debug support qemu-log: support simple pid substitution for logs target-arm: dfilter support for in_asm qemu-log: dfilter-ise exec, out_asm, op and opt_op qemu-log: new option -dfilter to limit output qemu-log: Improve the "exec" TB execution logging qemu-log: Avoid function call for disabled qemu_log_mask logging qemu-log: correct help text for -d cpu tcg: pass down TranslationBlock to tcg_code_gen util: move declarations out of qemu-common.h Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND hw: explicitly include qemu-common.h and cpu.h include/crypto: Include qapi-types.h or qemu/bswap.h instead of qemu-common.h isa: Move DMA_transfer_handler from qemu-common.h to hw/isa/isa.h Move ParallelIOArg from qemu-common.h to sysemu/char.h Move QEMU_ALIGN_*() from qemu-common.h to qemu/osdep.h ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Conflicts: scripts/clean-includes
2016-03-23target-mips: indicate presence of IEEE 754-2008 FPU in R6/R5+MSA CPUsLeon Alrae3-9/+17
MIPS Release 6 and MIPS SIMD Architecture make it mandatory to have IEEE 754-2008 FPU which is indicated by CP1 FIR.HAS2008, FCSR.ABS2008 and FCSR.NAN2008 bits set to 1. In QEMU we still keep these bits cleared as there is no 2008-NaN support. However, this now causes problems preventing from running R6 Linux with the v4.5 kernel. Kernel refuses to execute 2008-NaN ELFs on a CPU whose FPU does not support 2008-NaN encoding: (...) VFS: Mounted root (ext4 filesystem) readonly on device 8:0. devtmpfs: mounted Freeing unused kernel memory: 256K (ffffffff806f0000 - ffffffff80730000) request_module: runaway loop modprobe binfmt-464c Starting init: /sbin/init exists but couldn't execute it (error -8) request_module: runaway loop modprobe binfmt-464c Starting init: /bin/sh exists but couldn't execute it (error -8) Kernel panic - not syncing: No working init found. Try passing init= option to kernel. See Linux Documentation/init.txt for guidance. Therefore always indicate presence of 2008-NaN support in R6 as well as in R5+MSA CPUs, even though this feature is not yet supported by MIPS in QEMU. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-03-22include/qemu/osdep.h: Don't include qapi/error.hMarkus Armbruster1-0/+1
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the Error typedef. Since then, we've moved to include qemu/osdep.h everywhere. Its file comment explains: "To avoid getting into possible circular include dependencies, this file should not include any other QEMU headers, with the exceptions of config-host.h, compiler.h, os-posix.h and os-win32.h, all of which are doing a similar job to this file and are under similar constraints." qapi/error.h doesn't do a similar job, and it doesn't adhere to similar constraints: it includes qapi-types.h. That's in excess of 100KiB of crap most .c files don't actually need. Add the typedef to qemu/typedefs.h, and include that instead of qapi/error.h. Include qapi/error.h in .c files that need it and don't get it now. Include qapi-types.h in qom/object.h for uint16List. Update scripts/clean-includes accordingly. Update it further to match reality: replace config.h by config-target.h, add sysemu/os-posix.h, sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h comment quoted above similarly. This reduces the number of objects depending on qapi/error.h from "all of them" to less than a third. Unfortunately, the number depending on qapi-types.h shrinks only a little. More work is needed for that one. Signed-off-by: Markus Armbruster <armbru@redhat.com> [Fix compilation without the spice devel packages. - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-01tcg: Add type for vCPU pointersLluís Vilanova1-1/+1
Adds the 'TCGv_env' type for pointers to 'CPUArchState' objects. The tracing infrastructure later needs to differentiate between regular pointers and pointers to vCPUs. Also changes all targets to use the new 'TCGv_env' type instead of the generic 'TCGv_ptr'. As of now, the change is merely cosmetic ('TCGv_env' translates into 'TCGv_ptr'), but that could change in the future to enforce the difference. Note that a 'TCGv_env' type (for 'CPUState') is not added, since all helpers currently receive the architecture-specific pointer ('CPUArchState'). Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Acked-by: Richard Henderson <rth@twiddle.net> Message-id: 145641859552.30295.7821536833590725201.stgit@localhost Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-02-26target-mips: implement R6 multi-threadingYongbok Kim6-1/+147
MIPS Release 6 provides multi-threading features which replace pre-R6 MT Module. CP0.Config3.MT is always 0 in R6, instead there is new CP0.Config5.VP (Virtual Processor) bit which indicates presence of multi-threading support which includes CP0.GlobalNumber register and DVP/EVP instructions. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Support MSA in MIPS KVM guestsJames Hogan1-20/+109
Support the new KVM_CAP_MIPS_MSA capability, which allows MIPS SIMD Architecture (MSA) to be exposed to the KVM guest. The capability is enabled if the guest core has MSA according to its Config3 register. Various config bits are now writeable so that KVM is aware of the configuration (Config3.MSAP) and so that QEMU can save/restore the guest modifiable bits (Config5.MSAEn). The MSACSR/MSAIR registers and the MSA vector registers are now saved/restored. Since the FP registers are a subset of the vector registers, they are omitted if the guest has MSA. Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Support FPU in MIPS KVM guestsJames Hogan1-4/+117
Support the new KVM_CAP_MIPS_FPU capability, which allows the host's FPU to be exposed to the KVM guest. The capability is enabled if the guest core has an FPU according to its Config1 register. Various config bits are now writeable so that KVM is aware of the configuration (Config1.FP) and so that QEMU can save/restore the guest modifiable bits (Config5.FRE, Config5.UFR, Config5.UFE). The FCSR/FIR registers and the floating point registers are now saved/restored (depending on the FR mode bit). Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Support signed 64-bit KVM registersJames Hogan1-9/+31
Rename kvm_mips_{get,put}_one_reg64() to kvm_mips_{get,put}_one_ureg64() since they take an int64_t pointer, and add separate signed 64-bit accessors. These will be used for double precision floating point registers. Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Support unsigned KVM registersJames Hogan1-0/+22
Add KVM register access functions for the uint32_t type. This is required for FP and MSA control registers, which are represented as unsigned 32-bit integers. Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Implement Config CP0 registersJames Hogan1-0/+106
Implement saving and restoring to KVM state of the Config CP0 registers (namely Config, Config1, Config2, Config3, Config4, and Config5). These control the features available to a guest, and a few of the fields will soon be writeable by a guest so QEMU needs to know about them so as not to clobber them on migration/savevm. Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Implement PRid CP0 registerJames Hogan1-0/+11
Implement saving and restoring to KVM state of the Processor ID (PRid) CP0 register. This allows QEMU to control the PRid exposed to the guest instead of using the default set by KVM. Signed-off-by: James Hogan <james.hogan@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-26mips/kvm: Remove a couple of noisy DPRINTFsJames Hogan1-2/+0
The DPRINTFs in cpu_mips_io_interrupts_pending() and kvm_arch_pre_run() are particularly noisy during normal execution, and also not particularly helpful. Remove them so that more important debug messages can be more easily seen. Signed-off-by: James Hogan <james.hogan@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-02-23all: Clean up includesPeter Maydell1-1/+0
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com>
2016-02-19target-mips: Stop using uint_fast*_t types in r4k_tlb_t structPeter Maydell1-13/+13
The r4k_tlb_t structure uses the uint_fast*_t types. Most of these uses are in bitfields and are thus pointless, because the bitfield itself specifies the width of the type; just use 'unsigned int' instead. (On glibc uint_fast16_t is defined as either 32 or 64 bits, so we know the code is not reliant on it being exactly 16 bits.) There is also one use of uint_fast8_t, which we replace with uint8_t, because both are exactly 8 bits on glibc and this is the only place outside the softfloat code which uses an int_fast*_t type. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
2016-02-09tcg: Change tcg_global_mem_new_* to take a TCGv_ptrRichard Henderson1-12/+13
Thus, use cpu_env as the parameter, not TCG_AREG0 directly. Update all uses in the translators. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-02-03log: do not unnecessarily include qom/cpu.hPaolo Bonzini2-0/+2
Split the bits that require it to exec/log.h. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Message-id: 1452174932-28657-8-git-send-email-den@openvz.org Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-01-23mips: Clean up includesPeter Maydell11-9/+11
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-01-23target-mips: Fix ALIGN instruction when bp=0Miodrag Dinic1-1/+10
If executing ALIGN with shift count bp=0 within mips64 emulation, the result of the operation should be sign extended. Taken from the official documentation (pseudo code) : ALIGN: tmp_rt_hi = unsigned_word(GPR[rt]) << (8*bp) tmp_rs_lo = unsigned_word(GPR[rs]) >> (8*(4-bp)) tmp = tmp_rt_hi || tmp_rt_lo GPR[rd] = sign_extend.32(tmp) Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-01-23target-mips: silence NaNs for cvt.s.d and cvt.d.sAurelien Jarno1-0/+2
cvt.s.d and cvt.d.s are FP operations and thus need to convert input sNaN into corresponding qNaN. Explicitely use the floatXX_maybe_silence_nan functions for that as the floatXX_to_floatXX functions do not do that. Cc: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-01-23target-mips/cpu.h: Fix spell errorDongxue Zhang1-1/+1
CP0IntCtl_IPPC1, the last letter should be 'i', not 'one'. Signed-off-by: Dongxue Zhang <elta.era@gmail.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-01-22fpu: Replace int32 typedef with int32_tPeter Maydell1-12/+12
Replace the int32 softfloat-specific typedef with int32_t. This change was made with find hw include fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\bint32\b/int32_t/g' together with manual removal of the typedef definition, and manual undoing of some mis-hits where macro arguments were being used for token pasting rather than as a type. The uses in hw/ipmi/ should not have been using this type at all. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Acked-by: Leon Alrae <leon.alrae@imgtec.com> Acked-by: James Hogan <james.hogan@imgtec.com> Message-id: 1452603315-27030-4-git-send-email-peter.maydell@linaro.org
2016-01-22fpu: Replace uint64 typedef with uint64_tPeter Maydell1-2/+2
Replace the uint64 softfloat-specific typedef with uint64_t. This change was made with find include fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\buint64\b/uint64_t/g' together with manual removal of the typedef definition, and manual undoing of some mis-hits where macro arguments were being used for token pasting rather than as a type. Note that the target-mips/kvm.c and target-s390x/kvm.c changes are fixing code that should not have been using the uint64 type in the first place. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Acked-by: Leon Alrae <leon.alrae@imgtec.com> Acked-by: James Hogan <james.hogan@imgtec.com> Message-id: 1452603315-27030-3-git-send-email-peter.maydell@linaro.org
2016-01-22fpu: Replace int64 typedef with int64_tPeter Maydell1-6/+6
Replace the int64 softfloat-specific typedef with int64_t. This change was made with find include fpu target-* -name '*.[ch]' | xargs sed -i -e 's/\bint64\b/int64_t/g' together with manual removal of the typedef definition, and manual undoing of some mis-hits where macro arguments were being used for token pasting rather than as a type. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Acked-by: Leon Alrae <leon.alrae@imgtec.com> Message-id: 1452603315-27030-2-git-send-email-peter.maydell@linaro.org
2015-11-24target-mips: flush QEMU TLB when disabling 64-bit addressingLeon Alrae2-14/+17
CP0.Status.KX/SX/UX bits are responsible for enabling access to 64-bit Kernel/Supervisor/User Segments. If bit is cleared an access to corresponding segment should generate Address Error Exception. However, the guest may still be able to access some pages belonging to the disabled 64-bit segment because we forget to flush QEMU TLB. This patch fixes it. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-11-24target-mips: Fix exceptions while UX=0James Hogan1-0/+12
Commit 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit address wrapping") added a new hflag MIPS_HFLAG_AWRAP, which indicates that 64-bit addressing is disallowed in the current mode, so hflag users don't need to worry about the complexities of working that out, for example checking both MIPS_HFLAG_KSU and MIPS_HFLAG_UX. However when exceptions are taken outside of exception level, mips_cpu_do_interrupt() manipulates the env->hflags directly rather than using compute_hflags() to update them, and this code wasn't updated accordingly. As a result, when UX is cleared, MIPS_HFLAG_AWRAP is set, but it doesn't get cleared on entry back into kernel mode due to an exception. Kernel mode then cannot access the 64-bit segments resulting in a nested exception loop. The same applies to errors and debug exceptions. Fix by updating mips_cpu_do_interrupt() to clear the MIPS_HFLAG_WRAP flag when necessary, according to compute_hflags(). Fixes: 01f728857941 ("target-mips: Status.UX/SX/KX enable 32-bit...") Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-30target-mips: fix updating XContext on mmu exceptionYongbok Kim1-3/+4
Correct updating XContext.Region field on mmu exceptions. If Config3.CTXTC = 0 then the R field of XContext has to be updated with the value of bits 63..62 of the virtual address upon a TLB exception. Also fixed the below line which overs 80 characters. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: James Hogan <james.hogan@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-30target-mips: add SIGRIE instructionYongbok Kim1-1/+11
Add SIGRIE (Signal Reserved Instruction Exception) for both MIPS and microMIPS. The instruction allows to use the 16-bit code field for software use. This instruction is introduced by and required as of Release 6. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-30target-mips: Set Config5.XNP for R6 coresYongbok Kim1-2/+2
Set Config5.XNP for R6 cores to indicate the extended LL/SC family of instructions NOT present. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-30target-mips: add PC, XNP reg numbers to RDHWRYongbok Kim4-32/+63
Add Performance Counter (4) and XNP (5) register numbers to RDHWR. Add check_hwrena() to simplify access control checkings. Add RDHWR support to microMIPS R6. Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-29target-mips: Add enum for BREAK32Yongbok Kim1-1/+2
Add enum for BREAK32 Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-29target-mips: update writing to CP0.Status.KX/SX/UX in MIPS Release R6Leon Alrae1-1/+6
Implement the relationship between CP0.Status.KX, SX and UX. It should not be possible to set UX bit if SX is 0, the same applies for setting SX if KX is 0. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-29target-mips: implement the CPU wake-up on non-enabled interrupts in R6Leon Alrae1-3/+4
In Release 6, the behaviour of WAIT has been modified to make it a requirement that a processor that has disabled operation as a result of executing a WAIT will resume operation on arrival of an interrupt even if interrupts are not enabled. Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-29target-mips: move the test for enabled interrupts to a separate functionLeon Alrae3-16/+20
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2015-10-28target-*: Advance pc after recognizing a breakpointRichard Henderson1-2/+4
Some targets already had this within their logic, but make sure it's present for all targets. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-22disas: QOMify mips specific disas setupPeter Crosthwaite1-0/+9
Move the target_disas() mips specifics to the CPUClass::disas_set_info() hook and delete the #ifdef specific code in disas.c. Cc: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Acked-by: Leon Alrae <leon.alrae@imgtec.com> Signed-off-by: Andreas Färber <afaerber@suse.de>
2015-10-19kvm: Pass PCI device pointer to MSI routing functionsPavel Fedin1-1/+1
In-kernel ITS emulation on ARM64 will require to supply requester IDs. These IDs can now be retrieved from the device pointer using new pci_requester_id() function. This patch adds pci_dev pointer to KVM GSI routing functions and makes callers passing it. x86 architecture does not use requester IDs, but hw/i386/kvm/pci-assign.c also made passing PCI device pointer instead of NULL for consistency with the rest of the code. Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Message-Id: <ce081423ba2394a4efc30f30708fca07656bc500.1444916432.git.p.fedin@samsung.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-09qdev: Protect device-list-properties against broken devicesMarkus Armbruster1-0/+7
Several devices don't survive object_unref(object_new(T)): they crash or hang during cleanup, or they leave dangling pointers behind. This breaks at least device-list-properties, because qmp_device_list_properties() needs to create a device to find its properties. Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Example reproducer: $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } } qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. Aborted (core dumped) [Exit 134 (SIGABRT)] Unfortunately, I can't fix the problems in these devices right now. Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet to mark them: * Hang during cleanup (didn't debug, so I can't say why): "realview_pci", "versatile_pci". * Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic", "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such CPUs * Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu", "host-powerpc64-cpu", "host-embedded-powerpc-cpu", "host-powerpc-cpu" (the powerpc ones can't currently reach the assertion, because the CPUs are only registered when KVM is enabled, but the assertion is arguably in the wrong place all the same) Make qmp_device_list_properties() fail cleanly when the device is so marked. This improves device-list-properties from "crashes, hangs or leaves dangling pointers behind" to "fails". Not a complete fix, just a better-than-nothing work-around. In the above reproducer, device-list-properties now fails with "Can't list properties of device 'pxa2xx-pcmcia'". This also protects -device FOO,help, which uses the same machinery since commit ef52358 "qdev-monitor: include QOM properties in -device FOO, help output", v2.2. Example reproducer: $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help Before: qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. After: Can't list properties of device 'pxa2xx-pcmcia' Cc: "Andreas Färber" <afaerber@suse.de> Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> Cc: Alexander Graf <agraf@suse.de> Cc: Anthony Green <green@moxielogic.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Jia Liu <proljc@gmail.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Cc: Max Filippov <jcmvbkbc@gmail.com> Cc: Michael Walle <michael@walle.cc> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Richard Henderson <rth@twiddle.net> Cc: qemu-ppc@nongnu.org Cc: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1443689999-12182-10-git-send-email-armbru@redhat.com>
2015-10-07tcg: Remove gen_intermediate_code_pcRichard Henderson1-43/+5
It is no longer used, so tidy up everything reached by it. This includes the gen_opc_* arrays, the search_pc parameter and the inline gen_intermediate_code_internal functions. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-07tcg: Pass data argument to restore_state_to_opcRichard Henderson1-4/+5
The gen_opc_* arrays are already redundant with the data stored in the insn_start arguments. Transition restore_state_to_opc to use data from the latter. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-07tcg: Add TCG_MAX_INSNSRichard Henderson1-1/+6
Adjust all translators to respect it. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-07target-*: Drop cpu_gen_code defineRichard Henderson1-1/+0
This symbol no longer exists. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>