aboutsummaryrefslogtreecommitdiff
path: root/target-arm
AgeCommit message (Collapse)Author
2016-10-25Merge remote-tracking branch 'remotes/ehabkost/tags/x86-pull-request' into ↵Peter Maydell
staging x86 and CPU queue, 2016-10-24 x2APIC support to APIC code, cpu_exec_init() refactor on all architectures, and other x86 changes. # gpg: Signature made Mon 24 Oct 2016 20:51:14 BST # gpg: using RSA key 0x2807936F984DC5A6 # gpg: Good signature from "Eduardo Habkost <ehabkost@redhat.com>" # Primary key fingerprint: 5A32 2FD5 ABC4 D3DB ACCF D1AA 2807 936F 984D C5A6 * remotes/ehabkost/tags/x86-pull-request: exec: call cpu_exec_exit() from a CPU unrealize common function exec: move cpu_exec_init() calls to realize functions exec: split cpu_exec_init() pc: q35: Bump max_cpus to 288 pc: Require IRQ remapping and EIM if there could be x2APIC CPUs pc: Add 'etc/boot-cpus' fw_cfg file for machine with more than 255 CPUs Increase MAX_CPUMASK_BITS from 255 to 288 pc: Clarify FW_CFG_MAX_CPUS usage comment pc: kvm_apic: Pass APIC ID depending on xAPIC/x2APIC mode pc: apic_common: Reset APIC ID to initial ID when switching into x2APIC mode pc: apic_common: Restore APIC ID to initial ID on reset pc: apic_common: Extend APIC ID property to 32bit pc: Leave max apic_id_limit only in legacy cpu hotplug code acpi: cphp: Force switch to modern cpu hotplug if APIC ID > 254 pc: acpi: x2APIC support for SRAT table pc: acpi: x2APIC support for MADT table and _MAT method Conflicts: target-arm/cpu.c Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-24exec: move cpu_exec_init() calls to realize functionsLaurent Vivier
Modify all CPUs to call it from XXX_cpu_realizefn() function. Remove all the cannot_destroy_with_object_finalize_yet as unsafe references have been moved to cpu_exec_realizefn(). (tested with QOM command provided by commit 4c315c27) for arm: Setting of cpu->mp_affinity is moved from arm_cpu_initfn() to arm_cpu_realizefn() as setting of cpu_index is now done in cpu_exec_realizefn(). To avoid to overwrite an user defined value, we set it to an invalid value by default, and update it in realize function only if the value is still invalid. Signed-off-by: Laurent Vivier <lvivier@redhat.com> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Reviewed-by: Igor Mammedov <imammedo@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Andrew Jones <drjones@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2016-10-24target-arm: Implement new HLT trap for semihostingPeter Maydell
Version 2.0 of the semihosting specification introduces new trap instructions for AArch32: HLT 0xF000 for A32 and HLT 0x3C for T32. Implement these (in the same way we implement the existing HLT semihosting trap for A64). The old traps via SVC and BKPT are unaffected. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1476792973-18508-1-git-send-email-peter.maydell@linaro.org
2016-10-24target-arm: Make page size a runtime settingPeter Maydell
Rather than defining TARGET_PAGE_BITS to always be 10, switch to using a value picked at runtime. This allows us to use 4K pages for modern ARM CPUs (and in particular all 64-bit CPUs) without having to drop support for the old ARMv5 CPUs which had 1K pages. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-10-17target-arm: Add trace events for the generic timersPeter Maydell
Add some useful trace events for the ARM generic timers (notably the various register writes and the resulting IRQ line state). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1476294876-12340-3-git-send-email-peter.maydell@linaro.org
2016-10-17target-arm: Implement dummy MDCCINT_EL1Peter Maydell
MDCCINT_EL1 is part of the DCC debugger communication channel between the CPU and an attached external debugger. QEMU doesn't implement this, but since Linux may try to access this register we need to provide at least a dummy implementation. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1476294876-12340-2-git-send-email-peter.maydell@linaro.org
2016-10-17Fix masking of PC lower bits when doing exception returnsPeter Maydell
In commit 9b6a3ea7a699594 store_reg() was changed to mask both bits 0 and 1 of the new PC value when in ARM mode. Unfortunately this broke the exception return code paths when doing a return from ARM mode to Thumb mode: in some of these we write a new CPSR including new Thumb mode bit via gen_helper_cpsr_write_eret(), and then use store_reg() to write the new PC. In this case if the new CPSR specified Thumb mode then masking bit 1 of the PC is incorrect (these code paths correspond to the v8 ARM ARM pseudocode function AArch32.ExceptionReturn(), which always aligns the new PC appropriately for the new instruction set state). Instead of using store_reg() in exception-return code paths, call a new store_pc_exc_ret() which stores the raw new PC value to env->regs[15], and then mask it appropriately in the subsequent helper_cpsr_write_eret() where the new env->thumb state is available. This fixes a bug introduced by 9b6a3ea7a699594 which caused crashes/hangs or otherwise bad behaviour for Linux when userspace was using Thumb. Reported-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1476113163-24578-1-git-send-email-peter.maydell@linaro.org
2016-10-17target-arm: Comments added to identify cases in a switchThomas Hanson
3 cases in a switch in disas_exc() require reference to the ARM ARM spec in order to determine what case they're handling. Signed-off-by: Thomas Hanson <thomas.hanson@linaro.org> Message-id: 1476301853-15774-5-git-send-email-thomas.hanson@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-17target-arm: Code changes to implement overwrite of tag field on PC loadThomas Hanson
For BR, BLR and RET instructions, if tagged addresses are enabled, the tag field in the address must be cleared out prior to loading the address into the PC. Depending on the current EL, it will be set to either all 0's or all 1's. Signed-off-by: Thomas Hanson <thomas.hanson@linaro.org> Message-id: 1476301853-15774-3-git-send-email-thomas.hanson@linaro.org [PMM: remove unnecessary gen_a64_set_pc_reg() wrapper, rename gen_a64_set_pc_var() to gen_a64_set_pc(), fix stray misindentation] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-17target-arm: Infrastucture changes to enable handling of tagged address ↵Thomas Hanson
loading into PC When capturing the current CPU state for the TB, extract the TBI0 and TBI1 values from the correct TCR for the current EL and then add them to the TB flags field. Then, at the start of code generation for the block, copy the TBI fields into the DisasContext structure. Signed-off-by: Thomas Hanson <thomas.hanson@linaro.org> Message-id: 1476301853-15774-2-git-send-email-thomas.hanson@linaro.org [PMM: drop useless 'extern' keyword on function prototypes; provide CONFIG_USER_ONLY trivial versions of arm_regime_tbi[01]()] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-17target-arm: kvm: use AddressSpace-specific listenerPaolo Bonzini
The only address space where the GIC devices are added is address_space_memory. There is no need to use a global MemoryListener. This removes the only user of global MemoryListeners. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> [PMM: added missing #include "exec/address-spaces.h"] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1475219846-32609-1-git-send-email-pbonzini@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-04target-arm: Correctly handle 'sub pc, pc, 1' for ARMv6Peter Maydell
In the ARM v6 architecture, 'sub pc, pc, 1' is not an interworking branch, so the computed new value is written to r15 as a normal value. The architecture says that in this case, bits [1:0] of the value written must be ignored if we are in ARM mode (or bit [0] ignored if in Thumb mode); this is a change from the ARMv4/v5 specification that behaviour is UNPREDICTABLE. Use the correct mask on the PC value when doing a non-interworking store to PC. A popular library used on RaspberryPi uses this instruction as part of a trick to determine whether it is running on ARMv6 or ARMv7, and we were mishandling the sequence. Fixes bug: https://bugs.launchpad.net/bugs/1625295 Reported-by: <stu.axon@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1474380941-4730-1-git-send-email-peter.maydell@linaro.org
2016-10-04target-arm: A64: Fix decoding of iss_sf in disas_ld_litEdgar E. Iglesias
Fix the decoding of iss_sf in disas_ld_lit. The SF (Sixty-Four) field in the ISS (Instruction Specific Syndrome) is a bit that specifies the width of the register that the instruction loads to. If cleared it specifies 32 bits. If set it specifies 64 bits. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1475230780-8669-1-git-send-email-edgar.iglesias@gmail.com [PMM: tweaked phrasing per on-list discussion] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-04target-arm: move gicv3_class_name from machine to kvm_arm.hEric Auger
Machine.c contains code related to migration. Let's move gicv3_class_name to kvm_arm.h instead. Signed-off-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1474616617-366-4-git-send-email-eric.auger@redhat.com Suggested-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-10-04hw/intc/arm_gicv3_its: Implement ITS base classPavel Fedin
This is the basic skeleton for both KVM and software-emulated ITS. Since we already prepare status structure, we also introduce complete VMState description. But, because we currently have no migratable implementations, we also set unmigratable flag. Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Signed-off-by: Eric Auger <eric.auger@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1474616617-366-3-git-send-email-eric.auger@redhat.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-09-22arm: add Cortex A7 CPU parametersAndrey Yurovsky
Add the "cortex-a7" CPU with features and registers matching the Cortex-A7 MPCore Technical Reference Manual and the Cortex-A7 Floating-Point Unit Technical Reference Manual. The A7 is very similar to the A15. Signed-off-by: Andrey Yurovsky <yurovsky@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1473185229-4597-1-git-send-email-yurovsky@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-09-16target-aarch64: Generate fences for aarch64Pranith Kumar
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Message-Id: <20160714202026.9727-14-bobby.prani@gmail.com> Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-09-16target-arm: Generate fences in ARMv7 frontendPranith Kumar
Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Message-Id: <20160714202026.9727-12-bobby.prani@gmail.com> Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-09-16tcg: Merge GETPC and GETRARichard Henderson
The return address argument to the softmmu template helpers was confused. In the legacy case, we wanted to indicate that there is no return address, and so passed in NULL. However, we then immediately subtracted GETPC_ADJ from NULL, resulting in a non-zero value, indicating the presence of an (invalid) return address. Push the GETPC_ADJ subtraction down to the only point it's required: immediately before use within cpu_restore_state_from_tb, after all NULL pointer checks have been completed. This makes GETPC and GETRA identical. Remove GETRA as the lesser used macro, replacing all uses with GETPC. Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-09-13arm: spelling fix: mismatchMichael Tokarev
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2016-09-06target-arm: Fix lpae bit in FSR on an alignment faultSergey Sorokin
If an alignment fault occurred and target EL is using AArch32, then DFSR/IFSR bit LPAE[9] must be set correctly. Signed-off-by: Sergey Sorokin <afarallax@yandex.ru> Message-id: 1471283293-169850-1-git-send-email-afarallax@yandex.ru Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-08-12target-arm: Fix warn about implicit conversionPranith Kumar
Clang warns about an implicit conversion as follows: /mnt/devops/code/qemu/target-arm/neon_helper.c:1075:1: warning: implicit conversion from 'int' to 'int8_t' (aka 'signed char') changes value from 128 to -128 [-Wconstant-conversion] NEON_VOP_ENV(qrshl_s8, neon_s8, 4) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /mnt/devops/code/qemu/target-arm/neon_helper.c:116:83: note: expanded from macro 'NEON_VOP_ENV' uint32_t HELPER(glue(neon_,name))(CPUARMState *env, uint32_t arg1, uint32_t arg2) \ ^ /mnt/devops/code/qemu/target-arm/neon_helper.c:106:5: note: expanded from macro '\ NEON_VOP_BODY' NEON_DO##n; \ ^~~~~~~~~~ <scratch space>:21:1: note: expanded from here NEON_DO4 ^~~~~~~~ /mnt/devops/code/qemu/target-arm/neon_helper.c:93:5: note: expanded from macro 'NEON_DO4' NEON_FN(vdest.v1, vsrc1.v1, vsrc2.v1); \ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /mnt/devops/code/qemu/target-arm/neon_helper.c:1054:23: note: expanded from macro 'NEON_FN' dest = (1 << (sizeof(src1) * 8 - 1)); \ ~ ~~^~~~~~~~~~~~~~~~~~~~~~~~~ Fix it by casting to appropriate type. Signed-off-by: Pranith Kumar <bobby.prani@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-07-21Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into stagingPeter Maydell
pc, pci, virtio: new features, cleanups, fixes - interrupt remapping for intel iommus - a bunch of virtio cleanups - fixes all over the place Signed-off-by: Michael S. Tsirkin <mst@redhat.com> # gpg: Signature made Thu 21 Jul 2016 18:49:30 BST # gpg: using RSA key 0x281F0DB8D28D5469 # gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" # gpg: aka "Michael S. Tsirkin <mst@redhat.com>" # Primary key fingerprint: 0270 606B 6F3C DF3D 0B17 0970 C350 3912 AFBE 8E67 # Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA 8A0D 281F 0DB8 D28D 5469 * remotes/mst/tags/for_upstream: (57 commits) intel_iommu: avoid unnamed fields virtio: Update migration docs virtio-gpu: Wrap in vmstate virtio-gpu: Use migrate_add_blocker for virgl migration blocking virtio-input: Wrap in vmstate 9pfs: Wrap in vmstate virtio-serial: Wrap in vmstate virtio-net: Wrap in vmstate virtio-balloon: Wrap in vmstate virtio-rng: Wrap in vmstate virtio-blk: Wrap in vmstate virtio-scsi: Wrap in vmstate virtio: Migration helper function and macro virtio-serial: Remove old migration version support virtio-net: Remove old migration version support virtio-scsi: Replace HandleOutput typedef Revert "mirror: Workaround for unexpected iohandler events during completion" virtio-scsi: Call virtio_add_queue_aio virtio-blk: Call virtio_add_queue_aio virtio: Introduce virtio_add_queue_aio ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-07-21kvm-irqchip: i386: add hook for add/remove virqPeter Xu
Adding two hooks to be notified when adding/removing msi routes. There are two kinds of MSI routes: - in kvm_irqchip_add_irq_route(): before assigning IRQFD. Used by vhost, vfio, etc. - in kvm_irqchip_send_msi(): when sending direct MSI message, if direct MSI not allowed, we will first create one MSI route entry in the kernel, then trigger it. This patch only hooks the first one (irqfd case). We do not need to take care for the 2nd one, since it's only used by QEMU userspace (kvm-apic) and the messages will always do in-time translation when triggered. While we need to note them down for the 1st one, so that we can notify the kernel when cache invalidation happens. Also, we do not hook IOAPIC msi routes (we have explicit notifier for IOAPIC to keep its cache updated). We only need to care about irqfd users. Signed-off-by: Peter Xu <peterx@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2016-07-19target-arm: Fix unreachable code in gicv3_class_name()Peter Maydell
Coverity complains that the exit() in gicv3_class_name() can be unreachable, because if TARGET_AARCH64 is defined then all code paths return before reaching it. Move the exit() up to the error_report() that it belongs with. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 1468260552-8400-1-git-send-email-peter.maydell@linaro.org
2016-07-14target-arm: Add missed AArch32 TLBI sytem registersSergey Sorokin
Some PL2 related TLBI system registers are missed in AArch32 implementation. The patch fixes it. Signed-off-by: Sergey Sorokin <afarallax@yandex.ru> Message-id: 1468328885-3217862-1-git-send-email-afarallax@yandex.ru Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-07-12target-*: Clean up cpu.h header guardsMarkus Armbruster
Most of them use guard symbols like CPU_$target_H, but we also have __MIPS_CPU_H__ and __TRICORE_CPU_H__. They all upset scripts/clean-header-guards.pl. The script dislikes CPU_$target_H because they don't match their file name (they should, to make guard collisions less likely). The others are reserved identifiers. Clean them all up: use guard symbol $target_CPU_H for target-$target/cpu.h. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-07-12Use #include "..." for our own headers, <...> for othersMarkus Armbruster
Tracked down with an ugly, brittle and probably buggy Perl script. Also move includes converted to <...> up so they get included before ours where that's obviously okay. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Tested-by: Eric Blake <eblake@redhat.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
2016-07-12Fix confusing argument names in some common functionsSergey Sorokin
There are functions tlb_fill(), cpu_unaligned_access() and do_unaligned_access() that are called with access type and mmu index arguments. But these arguments are named 'is_write' and 'is_user' in their declarations. The patches fix the arguments to avoid a confusion. Signed-off-by: Sergey Sorokin <afarallax@yandex.ru> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Message-id: 1465907177-1399402-1-git-send-email-afarallax@yandex.ru Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-07-07target-arm/arm-semi.c: In SYS_HEAPINFO use correct type for 'limit'Peter Maydell
In commit f5666418c4 most of the SYS_HEAPINFO implementation was fixed to use target_ulong rather than uint32_t, but the 'limit' variable was not changed. Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1467650942-28706-1-git-send-email-peter.maydell@linaro.org
2016-07-04target-arm/arm-semi.c: Fix SYS_HEAPINFO for 64-bit guestsPeter Maydell
SYS_HEAPINFO is one of the few semihosting calls which has to write values back into a parameter block in memory. When we added support for 64-bit semihosting we updated the code which reads from the parameter block to read 64-bit words but forgot to change the code that writes back into the block. Update it to treat the block as a set of words of the appropriate width for the guest. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1466783381-29506-3-git-send-email-peter.maydell@linaro.org
2016-06-29Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* serial port fixes (Paolo) * Q35 modeling improvements (Paolo, Vasily) * chardev cleanup improvements (Marc-André) * iscsi bugfix (Peter L.) * cpu_exec patch from multi-arch patches (Peter C.) * pci-assign tweak (Lin Ma) # gpg: Signature made Wed 29 Jun 2016 15:56:30 BST # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (35 commits) socket: unlink unix socket on remove socket: add listen feature char: clean up remaining chardevs when leaving vhost-user: disable chardev handlers on close vhost-user-test: fix g_cond_wait_until compat implementation vl: smp_parse: fix regression ich9: implement SCI_IRQ_SEL register ich9: implement ACPI_EN register serial: reinstate watch after migration serial: remove watch on reset char: change qemu_chr_fe_add_watch to return unsigned serial: separate serial_xmit and serial_watch_cb serial: simplify tsr_retry reset serial: make tsr_retry unsigned iscsi: fix assertion in is_sector_request_lun_aligned target-*: Don't redefine cpu_exec() pci-assign: Move "Invalid ROM" error message to pci-assign-load-rom.c vnc: generalize "VNC server running on ..." message scsi: esp: fix migration MC146818 RTC: add GPIO access to output IRQ ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-29target-*: Don't redefine cpu_exec()Peter Crosthwaite
This function needs to be converted to QOM hook and virtualised for multi-arch. This rename interferes, as cpu-qom will not have access to the renaming causing name divergence. This rename doesn't really do anything anyway so just delete it. Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Message-Id: <69bd25a8678b8b31b91cd9760c777bed1aafb44e.1437212383.git.crosthwaite.peter@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Peter Crosthwaite <crosthwaitepeter@gmail.com>
2016-06-24softfloat: Implement run-time-configurable meaning of signaling NaN bitAleksandar Markovic
This patch modifies SoftFloat library so that it can be configured in run-time in relation to the meaning of signaling NaN bit, while, at the same time, strictly preserving its behavior on all existing platforms. Background: In floating-point calculations, there is a need for denoting undefined or unrepresentable values. This is achieved by defining certain floating-point numerical values to be NaNs (which stands for "not a number"). For additional reasons, virtually all modern floating-point unit implementations use two kinds of NaNs: quiet and signaling. The binary representations of these two kinds of NaNs, as a rule, differ only in one bit (that bit is, traditionally, the first bit of mantissa). Up to 2008, standards for floating-point did not specify all details about binary representation of NaNs. More specifically, the meaning of the bit that is used for distinguishing between signaling and quiet NaNs was not strictly prescribed. (IEEE 754-2008 was the first floating-point standard that defined that meaning clearly, see [1], p. 35) As a result, different platforms took different approaches, and that presented considerable challenge for multi-platform emulators like QEMU. Mips platform represents the most complex case among QEMU-supported platforms regarding signaling NaN bit. Up to the Release 6 of Mips architecture, "1" in signaling NaN bit denoted signaling NaN, which is opposite to IEEE 754-2008 standard. From Release 6 on, Mips architecture adopted IEEE standard prescription, and "0" denotes signaling NaN. On top of that, Mips architecture for SIMD (also known as MSA, or vector instructions) also specifies signaling bit in accordance to IEEE standard. MSA unit can be implemented with both pre-Release 6 and Release 6 main processor units. QEMU uses SoftFloat library to implement various floating-point-related instructions on all platforms. The current QEMU implementation allows for defining meaning of signaling NaN bit during build time, and is implemented via preprocessor macro called SNAN_BIT_IS_ONE. On the other hand, the change in this patch enables SoftFloat library to be configured in run-time. This configuration is meant to occur during CPU initialization, at the moment when it is definitely known what desired behavior for particular CPU (or any additional FPUs) is. The change is implemented so that it is consistent with existing implementation of similar cases. This means that structure float_status is used for passing the information about desired signaling NaN bit on each invocation of SoftFloat functions. The additional field in float_status is called snan_bit_is_one, which supersedes macro SNAN_BIT_IS_ONE. IMPORTANT: This change is not meant to create any change in emulator behavior or functionality on any platform. It just provides the means for SoftFloat library to be used in a more flexible way - in other words, it will just prepare SoftFloat library for usage related to Mips platform and its specifics regarding signaling bit meaning, which is done in some of subsequent patches from this series. Further break down of changes: 1) Added field snan_bit_is_one to the structure float_status, and correspondent setter function set_snan_bit_is_one(). 2) Constants <float16|float32|float64|floatx80|float128>_default_nan (used both internally and externally) converted to functions <float16|float32|float64|floatx80|float128>_default_nan(float_status*). This is necessary since they are dependent on signaling bit meaning. At the same time, for the sake of code cleanup and simplicity, constants <floatx80|float128>_default_nan_<low|high> (used only internally within SoftFloat library) are removed, as not needed. 3) Added a float_status* argument to SoftFloat library functions XXX_is_quiet_nan(XXX a_), XXX_is_signaling_nan(XXX a_), XXX_maybe_silence_nan(XXX a_). This argument must be present in order to enable correct invocation of new version of functions XXX_default_nan(). (XXX is <float16|float32|float64|floatx80|float128> here) 4) Updated code for all platforms to reflect changes in SoftFloat library. This change is twofolds: it includes modifications of SoftFloat library functions invocations, and an addition of invocation of function set_snan_bit_is_one() during CPU initialization, with arguments that are appropriate for each particular platform. It was established that all platforms zero their main CPU data structures, so snan_bit_is_one(0) in appropriate places is not added, as it is not needed. [1] "IEEE Standard for Floating-Point Arithmetic", IEEE Computer Society, August 29, 2008. Signed-off-by: Thomas Schwinge <thomas@codesourcery.com> Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Tested-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Reviewed-by: Leon Alrae <leon.alrae@imgtec.com> Tested-by: Leon Alrae <leon.alrae@imgtec.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [leon.alrae@imgtec.com: * cherry-picked 2 chunks from patch #2 to fix compilation warnings] Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
2016-06-20exec: [tcg] Track which vCPU is performing translation and executionLluís Vilanova
Information is tracked inside the TCGContext structure, and later used by tracing events with the 'tcg' and 'vcpu' properties. The 'cpu' field is used to check tracing of translation-time events ("*_trans"). The 'tcg_env' field is used to pass it to execution-time events ("*_exec"). Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Message-id: 146549350162.18437.3033661139638458143.stgit@fimbulvetr.bsc.es Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-06-17target-arm/monitor.c: Advertise emulated GICv3 in capabilitiesPeter Maydell
Now we have an emulated GICv3 we should advertise it via the capabilities in the monitor protocol. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Tested-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 1465915112-29272-21-git-send-email-peter.maydell@linaro.org
2016-06-17target-arm/machine.c: Allow user to request GICv3 emulationPeter Maydell
Now we have an emulated GICv3, remove the restriction in gicv3_class_name() so that the user can request a GICv3 with -machine gic-version=3 even when not using KVM. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Tested-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 1465915112-29272-20-git-send-email-peter.maydell@linaro.org
2016-06-17target-arm: Add mp-affinity property for ARM CPU classPavel Fedin
This allows to override default affinity IDs on a per-machine basis, and possibility to retrieve IDs will be used by vGICv3 live migration code. Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Tested-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 1465915112-29272-6-git-send-email-peter.maydell@linaro.org
2016-06-17target-arm: Provide hook to tell GICv3 about changes of security statePeter Maydell
The GICv3 CPU interface needs to know when the CPU it is attached to makes an exception level or mode transition that changes the security state, because whether it is asserting IRQ or FIQ can change depending on these things. Provide a mechanism for letting the GICv3 device register a hook to be called on such changes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Tested-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 1465915112-29272-5-git-send-email-peter.maydell@linaro.org
2016-06-17target-arm: Define new arm_is_el3_or_mon() functionPeter Maydell
The GICv3 system registers need to know if the CPU is AArch64 in EL3 or AArch32 in Monitor mode. This happens to be the first part of the check for arm_is_secure(), so factor it out into a new arm_is_el3_or_mon() function that the GIC can also use. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Shannon Zhao <shannon.zhao@linaro.org> Tested-by: Shannon Zhao <shannon.zhao@linaro.org> Message-id: 1465915112-29272-4-git-send-email-peter.maydell@linaro.org
2016-06-16os-posix: include sys/mman.hPaolo Bonzini
qemu/osdep.h checks whether MAP_ANONYMOUS is defined, but this check is bogus without a previous inclusion of sys/mman.h. Include it in sysemu/os-posix.h and remove it from everywhere else. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-14target-arm: Don't permit ARMv8-only Neon insns on ARMv7Peter Maydell
The Neon instructions VCVTA, VCVTM, VCVTN, VCVTP, VRINTA, VRINTM, VRINTN, VRINTP, VRINTX, and VRINTZ were only introduced with ARMv8, so they need a guard to make them UNDEF if the CPU only supports ARMv7. (We got this right for all the other new-in-v8 insns, but forgot it for these Neon 2-reg-misc ops.) Reported-by: Christophe Lyon <christophe.lyon@linaro.org> Tested-by: Christophe Lyon <christophe.lyon@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1465492511-9333-1-git-send-email-peter.maydell@linaro.org
2016-06-14target-arm: Fix reset and migration of TTBCR(S)Peter Maydell
Commit 6459b94c26dd666badb3 broke reset and migration of the AArch32 TTBCR(S) register if the guest used non-LPAE page tables. This is because the AArch32 TTBCR register definition is marked as ARM_CP_ALIAS, meaning that the AArch64 variant has to handle migration and reset. Although AArch64 TCR_EL3 doesn't need to care about the mask and base_mask fields, AArch32 may do so, and so we must use the special TTBCR reset and raw write functions to ensure they are set correctly. This doesn't affect TCR_EL2, because the AArch32 equivalent of that is HTCR, which never uses the non-LPAE page table variant. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reported-by: Pranith Kumar <bobby.prani+qemu@gmail.com> Reviewed-by: Sergey Fedorov <sergey.fedorov@linaro.org> Message-id: 1465488181-31977-1-git-send-email-peter.maydell@linaro.org
2016-06-14hw/arm/virt: Add PMU node for virt machineShannon Zhao
Add a virtual PMU device for virt machine while use PPI 7 for PMU overflow interrupt number. Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-id: 1465267577-1808-3-git-send-email-zhaoshenglong@huawei.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-14target-arm: kvm64: set guest PMUv3 feature bit if supportedShannon Zhao
Check if kvm supports guest PMUv3. If so, set the corresponding feature bit for vcpu. Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-id: 1465267577-1808-2-git-send-email-zhaoshenglong@huawei.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-07virtio: move bi-endian target support to a single locationGreg Kurz
Paolo's recent cpu.h cleanups broke legacy virtio for ppc64 LE guests (and arm BE guests as well, even if I have not verified that). Especially, commit "33c11879fd42 qemu-common: push cpu.h inclusion out of qemu-common.h" has the side-effect of silently hiding the TARGET_IS_BIENDIAN macro from the virtio memory accessors, and thus fully disabling support of endian changing targets. To be sure this cannot happen again, let's gather all the bi-endian bits where they belong in include/hw/virtio/virtio-access.h. The changes in hw/virtio/vhost.c are safe because vhost_needs_vring_endian() is not called on a hot path and non bi-endian targets will return false anyway. While here, also rename TARGET_IS_BIENDIAN to be more precise: it is only for legacy virtio and bi-endian guests. Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Cédric Le Goater <clg@kaod.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-06target-arm: Fix TTBR selecting logic on AArch32 Stage 2 translationSergey Sorokin
Address size is 40-bit for the AArch32 stage 2 translation, and t0sz can be negative (from -8 to 7), so we need to adjust it to use the existing TTBR selecting logic. Signed-off-by: Sergey Sorokin <afarallax@yandex.ru> Message-id: 1464974151-1231644-1-git-send-email-afarallax@yandex.ru Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-06target-arm: Don't try to set ESR IL bit in arm_cpu_do_interrupt_aarch64()Peter Maydell
Remove some incorrect code from arm_cpu_do_interrupt_aarch64() which attempts to set the IL bit in the syndrome register based on the value of env->thumb. This is wrong in several ways: * IL doesn't indicate Thumb-vs-ARM, it indicates instruction length (which may be 16 or 32 for Thumb and is always 32 for ARM) * not every syndrome format uses IL like this -- for some IL is always set, and for some it is always clear * the code is changing esr_el[new_el] even for interrupt entry, which is not supposed to modify ESR_ELx at all Delete the code, and instead rely on the syndrome value in env->exception.syndrome having already been set up with the correct value of IL. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1463487258-27468-3-git-send-email-peter.maydell@linaro.org
2016-06-06target-arm: Set IL bit in syndromes for insn abort, watchpoint, swstepPeter Maydell
For some exception syndrome types, the IL bit should always be set. This includes the instruction abort, watchpoint and software step syndrome types; add the missing ARM_EL_IL bit to the syndrome values returned by syn_insn_abort(), syn_swstep() and syn_watchpoint(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1463487258-27468-2-git-send-email-peter.maydell@linaro.org
2016-06-06target-arm: A64: Create Instruction Syndromes for Data AbortsEdgar E. Iglesias
Add support for generating the ISS (Instruction Specific Syndrome) for Data Abort exceptions taken from AArch64. These syndromes are used by hypervisors for example to trap and emulate memory accesses. We save the decoded data out-of-band with the TBs at translation time. When exceptions hit, the extra data attached to the TB is used to recreate the state needed to encode instruction syndromes. This avoids the need to emit moves with every load/store. Based on a suggestion from Peter Maydell. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1462464601-10888-2-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>