aboutsummaryrefslogtreecommitdiff
path: root/target-ppc/translate.c
AgeCommit message (Collapse)Author
2015-03-09display cpu id dump stateTristan Gingold
Signed-off-by: Fabien Chouteau <chouteau@adacore.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-02-12tcg: Introduce tcg_op_buf_count and tcg_op_buf_fullRichard Henderson
The method by which we count the number of ops emitted is going to change. Abstract that away into some inlines. Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-02-12tcg: Move emit of INDEX_op_end into gen_tb_endRichard Henderson
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-01-10Merge remote-tracking branch 'remotes/agraf/tags/signed-ppc-for-upstream' ↵Peter Maydell
into staging Patch queue for ppc - 2015-01-07 New year's release. This time's highlights: - E500: More RAM support - pseries: New SLOF release - Migration fixes - Simplify USB spawning logic, removes support for explicit usb=off - TCG: Simple untansactional TM emulation # gpg: Signature made Wed 07 Jan 2015 15:19:37 GMT using RSA key ID 03FEDC60 # gpg: Good signature from "Alexander Graf <agraf@suse.de>" # gpg: aka "Alexander Graf <alex@csgraf.de>" * remotes/agraf/tags/signed-ppc-for-upstream: (37 commits) hw/ppc/mac_newworld: simplify usb controller creation logic hw/ppc/spapr: simplify usb controller creation logic hw/ppc/mac_newworld: QOMified mac99 machines hw/usb: simplified usb_enabled hw/machine: added machine_usb wrapper hw/ppc: modified the condition for usb controllers to be created for some ppc machines target-ppc: Cast ssize_t to size_t before printing with %zx target-ppc: Mark SR() and gen_sync_exception() as !CONFIG_USER_ONLY PPC: e500: Fix GPIO controller interrupt number target-ppc: Introduce Privileged TM Noops target-ppc: Introduce tcheck target-ppc: Introduce TM Noops target-ppc: Introduce tbegin target-ppc: Introduce TEXASRU Bit Fields target-ppc: Power8 Supports Transactional Memory target-ppc: Introduce tm_enabled Bit to CPU State target-ppc: Introduce Feature Flag for Transactional Memory target-ppc: Introduce Instruction Type for Transactional Memory pseries: Update SLOF firmware image to 20141202 PPC: Fix crash on spapr_tce_table_finalize() ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-01-07target-ppc: Mark SR() and gen_sync_exception() as !CONFIG_USER_ONLYPeter Maydell
The functions SR() and gen_sync_exception() are only used in softmmu configs; wrap them in #ifndef CONFIG_USER_ONLY to suppress clang warnings on the linux-user builds. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce Privileged TM NoopsTom Musta
Add the supervisory Transactional Memory instructions treclaim. and trechkpt. The implementation is a degenerate one that simply checks privileged state, TM availability and then sets CR[0] to 0b0000, just like the unprivileged noops. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce tcheckTom Musta
Add a degenerate implementation of the Transaction Check (tcheck) instruction. Since transaction always immediately fail, this implementation simply sets CR[BF] to 0b1000, i.e. TDOOMED = 1 and MSR[TS] == 0. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce TM NoopsTom Musta
Add degenerate implementations of the non-privileged Transactional Memory instructions tend., tabort*. and tsr. This implementation simply checks the MSR[TM] bit and then sets CR0 to 0b0000. This is a reasonable degenerate implementation since transactions are never allowed to begin and hence MSR[TS] is always 0b00. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce tbeginTom Musta
Provide a degenerate implementation of the tbegin instruction. This implementation always fails the transaction, recording the failure per Book II Section 5.3.2 of the Power ISA V2.07. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Introduce tm_enabled Bit to CPU StateTom Musta
Add a bit (tm_enabled) to CPU state that mirrors the MSR[TM] bit. This is analogous to the other "available" bits in the MSR (FP, VSX, etc.). NOTE: Since MSR[TM] occupies big-endian bit 31, the code is wrapped with a PPC64 bit check. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Eliminate set_fprf Argument From helper_compute_fprfTom Musta
The set_fprf argument to the helper_compute_fprf helper function is no longer necessary -- the helper is only invoked when FPSCR[FPRF] is going to be set. Eliminate the unnecessary argument from the function signature and its corresponding implementation. Change the return value of the helper to "void". Update the name of the local variable "ret" to "fprf", which now makes more sense. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Eliminate set_fprf Argument From gen_compute_fprfTom Musta
The set_fprf argument to the gen_compute_fprf() utility is no longer needed -- gen_compute_fprf() is now called only when FPRF is actually computed and set. Eliminate the obsolete argument. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Fully Migrate to gen_set_cr1_from_fpscrTom Musta
Eliminate the set_rc argument from the gen_compute_fprf utility and the corresponding (and incorrect) implementation. Replace it with calls to the gen_set_cr1_from_fpscr() utility. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: mffs. Should Set CR1 from FPSCR BitsTom Musta
Update the Move From FPSCR (mffs.) instruction to correctly set CR[1] from FPSCR[FX,FEX,VX,OX]. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Fix Floating Point Move Instructions That Set CR1Tom Musta
The Floating Point Move instructions (fmr., fabs., fnabs., fneg., and fcpsgn.) incorrectly copy FPSCR[FPCC] instead of [FX,FEX,VX,OX]. Furthermore, the current code does this via a call to gen_compute_fprf, which is awkward since these instructions do not actually set FPRF. Change the code to use the gen_set_cr1_from_fpscr utility. Signed-off-by: Tom Musta <tommusta@gmail.com> [agraf: whitespace fixes] Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-07target-ppc: Load/Store Vector Element Storage AlignmentTom Musta
The Load Vector Element Indexed and Store Vector Element Indexed instructions compute an effective address in the usual manner. However, they truncate that address to the natural boundary. For example, the lvewx instruction will ignore the least significant two bits of the address and thus load the aligned word of storage. Fix the generators for these instruction to properly perform this truncation. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2015-01-03gen-icount: check cflags instead of use_icount globalPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-12-23target-ppc: pass DisasContext to SPR generator functionsPaolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru> Reviewed-by: Alexander Graf <agraf@suse.de> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-11-20target-ppc: Altivec's mtvscr Decodes Wrong RegisterTom Musta
The Move to Vector Status and Control Register (mtvscr) instruction uses VRB as the source register. Fix the code generator to correctly decode the VRB field. That is, use "rB(ctx->opcode)" instead of "rD(ctx->opcode)". Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04target-ppc: Fix Altivec Round OpcodesTom Musta
Correct the opcodes for the vrfim, vrfin and vrfiz instructions. Signed-off-by: Tom Musta <tommusta@gmail.com> Reviewed-by: Thomas Huth <thuth@linux.vnet.ibm.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04ppc: do not look at the MMU index to detect PR/HV modePaolo Bonzini
The MMU index is an internal detail that should not be needed by the translator (except to generate loads and stores). Look at the MSR directly. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04target-ppc : Allow fc[tf]id[*] mnemonics for non TARGET_PPC64Pierre Mallard
This patch remove limitation for fc[tf]id[*] on 32 bits targets and add a new insn flag for signed integer 64 conversion PPC2_FP_CVT_S64 Signed-off-by: Pierre Mallard <mallard.pierre@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04ppc: compute mask from BI using right shiftPaolo Bonzini
This will match the code we use in fpu_helper.c when we flip CRF_* bit-endianness. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Tom Musta <tommusta@gmail.com> Tested-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-11-04ppc: rename gen_set_cr6_from_fpscrPaolo Bonzini
It sets CR1, not CR6 (and the spec agrees). Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Tom Musta <tommusta@gmail.com> Tested-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Implement mulldo with TCGTom Musta
Optimize mulldo by using the muls2_i64 operation rather than a helper. Eliminate the obsolete helper code. Signed-off-by: Tom Musta <tommusta@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Clean up mullwoTom Musta
Simplify the implementation of mullwo. For 64 bit CPUs, the result is the concatenation of the upper and lower parts of the muls2_i32 operation, which may be slightly better than deposit. For 32 bit CPUs, the lower part of the muls_i32 operation is moved into the target GPR. Signed-off-by: Tom Musta <tommusta@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Clean Up mullwTom Musta
Eliminate the unecessary ext32s TCG operation and make the multiplication operation explicitly 32 bit. Signed-off-by: Tom Musta <tommusta@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Optimize rlwnm MB=0 ME=31Tom Musta
Optimize the special case of rlwnm where MB=0 and ME=31. This can be implemented using a ROTL. Suggested-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Tom Musta <tommusta@gmail.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Optimize rlwinm MB=0 ME=31Tom Musta
Optimize the special case of rlwinm where MB=0 and ME=31. This can be implemented as a 32-bit ROTL. Signed-off-by: Tom Musta <tommusta@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Special Case of rlwimi Should Use DepositTom Musta
The special case of rlwimi where MB <= ME and SH = 31-ME can be implemented with a single TCG deposit operation. This replaces the less general case of SH = MB = 0 and ME = 31. Signed-off-by: Tom Musta <tommusta@gmail.com> Suggested-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Bug Fix: srawiTom Musta
For 64 bit implementations, the special case of a shift by zero should result in the sign extension of the least significant 32 bits of the source GPR (not a direct copy of the 64 bit source GPR). Example: R3 A6212433228F41DC srawi 3,3,0 R3 expected : 00000000228F41DC R3 actual : A6212433228F41DC (without this patch) Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Bug Fix: mullwTom Musta
For 64-bit implementations, the mullw result is the 64 bit product of the sign-extended least significant 32 bits of the source registers. Fix the code to properly sign extend the source operands and produce a 64 bit product. Example: R3 00000000002F37A0 R4 41C33D242F816715 mullw 3,3,4 R3 expected : 0008C3146AE0F020 R3 actual : 000000006AE0F020 (without this patch) Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Bug Fix: mullwoTom Musta
On 64-bit implementations, the mullwo result is the 64 bit product of the signed 32 bit operands. Fix the implementation to properly deposit the upper 32 bits into the target register. Example: R3 0407DED115077586 R4 53778DF3CA992E09 mullwo 3,3,4 R3 expected : FB9D02730D7735B6 R3 actual : 000000000D7735B6 (without this patch) Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Bug Fix: rlwimiTom Musta
The rlwimi specification includes the ROTL32 operation, which is defined to be a left rotation of two copies of the least significant 32 bits of the source GPR. The current implementation is incorrect on 64-bit implementations in that it rotates a single copy of the least significant 32 bits, padding with zeroes in the most significant bits. Fix the code to properly implement this ROTL32 operation. Also fix the special case of MB=31 and ME=0 to copy the entire contents of the source GPR. Examples: R3 FFFFFFFFFFFFFFF0 rlwimi 3,3,29,14,1 R3 expected : 1FFFFFFE3FFFFFFE R3 actual : 000000003FFFFFFE (without this patch) R3 ED7EB4DD824F0853 rlwimi 3,3,10,31,0 R3 expected : 3C214E09024F0853 R3 actual : 00000000024F0853 (without this patch) Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Bug Fix: rlwnmTom Musta
The rlwnm specification includes the ROTL32 operation, which is defined to be a left rotation of two copies of the least significant 32 bits of the source GPR. The current implementation is incorrect on 64-bit implementations in that it rotates a single copy of the least significant 32 bits, padding with zeroes in the most significant bits. Fix the code to properly implement this ROTL32 operation. Example: R3 = 0000000000000002 R4 = 7FFFFFFFFFFFFFFF rlwnm 3,3,4,31,16 R3 expected : 0000000100000001 R3 actual : 0000000000000001 (without this patch) Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-09-08target-ppc: Bug Fix: rlwinmTom Musta
The rlwinm specification includes the ROTL32 operation, which is defined to be a left rotation of two copies of the least significant 32 bits of the source GPR. The current implementation is incorrect on 64-bit implementations in that it rotates a single copy of the least significant 32 bits, padding with zeroes in the most significant bits. Fix the code to properly implement this ROTL32 operation. Example: R3 = F7487D82EC6F75DF rlwinm 3,3,5,12,4 R3 expected : 8DEEBBFD880EBBFD R3 actual : 00000000880EBBFD (without this fix) Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-08-12trace: [tcg] Include TCG-tracing header on all targetsLluís Vilanova
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-06-27target-ppc: Remove unused gen_qemu_ld8s()Peter Maydell
The gen_qemu_ld8s() function is unused; remove it. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-27target-ppc: Remove unused IMM and d extract helpersPeter Maydell
Remove the definition of the IMM and d extract helpers; these seem to have been added as part of the initial PPC support in 2003 but never actually used. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-27target-ppc: fixed translation of mcrxr instructionSorav Bansal
Fixed bug in gen_mcrxr() in target-ppc/translate.c: The XER[SO], XER[OV], and XER[CA] flags are stored in the least significant bit (bit 0) of their respective registers. They need to be shifted left (by their respective offsets) to generate the final XER value. The old translation code for the 'mcrxr' instruction was assuming that the flags are stored in bit 2, and was shifting them right (incorrectly) Signed-off-by: Sorav Bansal <sbansal@cse.iitd.ernet.in> Reviewed-by: Tom Musta <tommusta@gmail.com> Tested-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16target-ppc: Add POWER8's FSCR SPRAlexey Kardashevskiy
This adds an FSCR (Facility Status and Control Register) SPR. This defines names for FSCR bits. This defines new exception type - POWERPC_EXCP_FU - "facility unavailable" (FU). This registers an interrupt vector for it at 0xF60 as PowerISA defines. This adds a TCG helper_fscr_facility_check() helper to raise an exception if the facility is not enabled. It updates the interrupt cause field in FSCR. This adds a TCG translation block generation code. The helper may be used for HFSCR too as it has the same format. The helper raising FU exceptions is not used by this patch but will be in the next ones. This adds gen_update_current_nip() to update NIP in DisasContext. This helper is not used now and will be called before checking for a condition for throwing an FU exception. Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16target-ppc: Fix Temporary Variable Leak in bctarTom Musta
Fix a temporary variable leak detected in the bctar instruction: Opcode 13 10 11 (4d910460) leaked temporaries Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16PPC: e500: Merge 32 and 64 bit SPE emulationAlexander Graf
Today we have a lot of conditional code in the SPE emulation depending on whether we have 64bit GPRs or not. Unfortunately the assumption that we can just recycle the 64bit GPR implementation is wrong. Normal SPE implementations maintain the upper 32 bits on all non-SPE instructions which then only modify the low 32 bits. However all instructions we model that adhere to the normal SF based switching don't care whether they operate on 32 or 64 bit registers and just always use the full 64 bits. So let's remove that dubious SPE optimization and revert everything to the same code path the 32bit target code was taking. That way we get rid of differences between the two implementations, but will get a slight performance hit when emulating SPE instructions. This fixes SPE emulation with qemu-system-ppc64 for me. Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16PPC: SPE: Fix high-bits bitmaskAlexander Graf
The SPE emulation code wants to access the highest 32bits of a 64bit register and uses the andi TCG instruction for that. Unfortunately it masked with the wrong mask. Fix the mask to actually cover the upper 32 bits. This fixes simple multiplication tests with SPE guests for me. Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16target-ppc: Allow little-endian user mode.Doug Kwan
This allows running PPC64 little-endian in user mode if target is configured that way. In PPC64 LE user mode we set MSR.LE during initialization. Signed-off-by: Doug Kwan <dougkwan@google.com> Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16target-ppc: Fix popcntb Opcode BugTom Musta
The popcntb instruction is erroneously encoded with opcode extension (opc1,opc2) = (0x03,0x03). Bits 21-30 of popcntb are 122 = 0b00011-0b11010 and therefore this should be encoded as (opc1,opc2) = (0x1A, 0x03). Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16PPC: Add dcbtls emulationAlexander Graf
The dcbtls instruction is able to lock data inside the L1 cache. Unfortunately we don't emulate any caches, so we have to tell the guest that its locking attempt failed. However, by implementing the instruction we at least don't give the guest a program exception which it definitely does not expect. Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16PPC: Fail on leaking temporariesAlexander Graf
When QEMU gets compiled with --enable-debug-tcg we can check for temporary leakage. Implement the necessary target code for this and fail emulation when we hit a leakage. This hopefully ensures that we don't get new leaks. Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16PPC: Fix TCG chunks that don't free their tempsAlexander Graf
We want to make sure that every instruction cleans up after itself and clears every temporary it allocated. While checking whether this is already the case, I came across a few cases where it isn't. This patch fixes every translation I found that doesn't free their allocated temporaries. Signed-off-by: Alexander Graf <agraf@suse.de>
2014-06-16target-ppc: Introduce DFP Shift SignificandTom Musta
Add emulation of the PowerPC Decimal Floating Point Shift Significand Left Immediate (dscli[q][.]) and DFP Shift Significant Right Immediate (dscri[q][.]) instructions. Signed-off-by: Tom Musta <tommusta@gmail.com> Signed-off-by: Alexander Graf <agraf@suse.de>