From dff4021730b112ca00522d4c98c24a15feeef5a0 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" Date: Mon, 3 Nov 2014 18:36:17 +0000 Subject: [PATCH 1/7] mips: Remove CONFIG_VT82C686 from non-Fulong configs Fix the regression introduced with commit 47934d0aadc075b05ce2d9e8a44fa6a46edd1afa [hw: move ISA bridges and devices to hw/isa/, configure with default-configs/], by removing CONFIG_VT82C686 from configurations that previously did not enable it. That southbridge is only available on Fulong platforms (CONFIG_FULONG) that are exclusively little-endian, 64-bit MIPS. Previously vt82c686.o was pulled explicitly with obj-$(CONFIG_FULONG). Signed-off-by: Maciej W. Rozycki Reviewed-by: Leon Alrae Signed-off-by: Leon Alrae --- default-configs/mips-softmmu.mak | 1 - default-configs/mips64-softmmu.mak | 1 - default-configs/mipsel-softmmu.mak | 1 - 3 files changed, 3 deletions(-) diff --git a/default-configs/mips-softmmu.mak b/default-configs/mips-softmmu.mak index 71177efdff..2a80b04dc0 100644 --- a/default-configs/mips-softmmu.mak +++ b/default-configs/mips-softmmu.mak @@ -32,6 +32,5 @@ CONFIG_G364FB=y CONFIG_I8259=y CONFIG_JAZZ_LED=y CONFIG_MC146818RTC=y -CONFIG_VT82C686=y CONFIG_ISA_TESTDEV=y CONFIG_EMPTY_SLOT=y diff --git a/default-configs/mips64-softmmu.mak b/default-configs/mips64-softmmu.mak index 617301b753..f1f933bc44 100644 --- a/default-configs/mips64-softmmu.mak +++ b/default-configs/mips64-softmmu.mak @@ -32,6 +32,5 @@ CONFIG_G364FB=y CONFIG_I8259=y CONFIG_JAZZ_LED=y CONFIG_MC146818RTC=y -CONFIG_VT82C686=y CONFIG_ISA_TESTDEV=y CONFIG_EMPTY_SLOT=y diff --git a/default-configs/mipsel-softmmu.mak b/default-configs/mipsel-softmmu.mak index 532a9aefbd..7708185f6b 100644 --- a/default-configs/mipsel-softmmu.mak +++ b/default-configs/mipsel-softmmu.mak @@ -32,6 +32,5 @@ CONFIG_G364FB=y CONFIG_I8259=y CONFIG_JAZZ_LED=y CONFIG_MC146818RTC=y -CONFIG_VT82C686=y CONFIG_ISA_TESTDEV=y CONFIG_EMPTY_SLOT=y From 272f458dc8d860f30add3b6a3fff9ad9876aadc1 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" Date: Mon, 3 Nov 2014 19:08:51 +0000 Subject: [PATCH 2/7] mips: Respect CP0.Status.CU1 for microMIPS FP branches Make microMIPS FP branches respect CP0.Status.CU1 and trap with a Coprocessor Unusable exception if COP1 has been disabled; also trap if no FPU is present at all. Standard MIPS FP instruction encodings have a more regular structure and branches are covered with a single umbrella along other instructions. This is not the case with the microMIPS encoding, this case has to be taken care of explicitly here. Code to do so has been copied from the standard MIPS code handler for OPC_CP1, in `decode_opc'. Problems arising from this bug will generally only show up on user context switches in operating systems making use of lazy FP context switches, such as Linux. It will also more readily trigger if software FPU emulation is used, either implicitly on a non-float CPU, or forced on a hard-float CPU such as with the "nofpu" Linux kernel command line argument. The problem may have been easily missed because we have no hard-float microMIPS CPU configuration present; in fact we have no microMIPS CPU configuration of any kind present. Signed-off-by: Maciej W. Rozycki Reviewed-by: Leon Alrae Signed-off-by: Leon Alrae --- target-mips/translate.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/target-mips/translate.c b/target-mips/translate.c index 2117ce82e0..d6722e1a18 100644 --- a/target-mips/translate.c +++ b/target-mips/translate.c @@ -13613,8 +13613,13 @@ static void decode_micromips32_opc (CPUMIPSState *env, DisasContext *ctx, check_insn(ctx, ASE_MIPS3D); /* Fall through */ do_cp1branch: - gen_compute_branch1(ctx, mips32_op, - (ctx->opcode >> 18) & 0x7, imm << 1); + if (env->CP0_Config1 & (1 << CP0C1_FP)) { + check_cp1_enabled(ctx); + gen_compute_branch1(ctx, mips32_op, + (ctx->opcode >> 18) & 0x7, imm << 1); + } else { + generate_exception_err(ctx, EXCP_CpU, 1); + } break; case BPOSGE64: case BPOSGE32: From 70409e6726aa6ece565c8732f6c5cb5cd5879716 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" Date: Tue, 4 Nov 2014 15:38:05 +0000 Subject: [PATCH 3/7] mips: Add macros for CP0.Config3 and CP0.Config4 bits Define macros for CP0.Config3 and CP0.Config4 bits. These used to be exhaustive as at MIPS32r3, but more bits may have been added since. Signed-off-by: Maciej W. Rozycki Signed-off-by: Leon Alrae --- target-mips/cpu.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/target-mips/cpu.h b/target-mips/cpu.h index d21da8eb8c..c01bbdac2d 100644 --- a/target-mips/cpu.h +++ b/target-mips/cpu.h @@ -424,17 +424,25 @@ struct CPUMIPSState { #define CP0C2_SA 0 int32_t CP0_Config3; #define CP0C3_M 31 +#define CP0C3_BPG 30 +#define CP0C3_CMCGR 29 #define CP0C3_MSAP 28 #define CP0C3_BP 27 #define CP0C3_BI 26 +#define CP0C3_IPLW 21 +#define CP0C3_MMAR 18 +#define CP0C3_MCU 17 #define CP0C3_ISA_ON_EXC 16 +#define CP0C3_ISA 14 #define CP0C3_ULRI 13 #define CP0C3_RXI 12 +#define CP0C3_DSP2P 11 #define CP0C3_DSPP 10 #define CP0C3_LPA 7 #define CP0C3_VEIC 6 #define CP0C3_VInt 5 #define CP0C3_SP 4 +#define CP0C3_CDMM 3 #define CP0C3_MT 2 #define CP0C3_SM 1 #define CP0C3_TL 0 @@ -443,6 +451,11 @@ struct CPUMIPSState { #define CP0C4_M 31 #define CP0C4_IE 29 #define CP0C4_KScrExist 16 +#define CP0C4_MMUExtDef 14 +#define CP0C4_FTLBPageSize 8 +#define CP0C4_FTLBWays 4 +#define CP0C4_FTLBSets 0 +#define CP0C4_MMUSizeExt 0 uint32_t CP0_Config5; uint32_t CP0_Config5_rw_bitmask; #define CP0C5_M 31 From e30614d51780f27c53b196da793c3fb89f1f620f Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" Date: Tue, 4 Nov 2014 15:41:20 +0000 Subject: [PATCH 4/7] mips: Set the CP0.Config3.DSP and CP0.Config3.DSP2P bits Set the CP0.Config3.DSP2P bit for the 74kf processor and both that bit and the CP0.Config3.DSP bit for the artificial mips32r5-generic and mips64dspr2 processors. They have the DSPr2 ASE enabled in `insn_flags' and CPUs that implement that ASE need to have both CP0.Config3.DSP and CP0.Config3.DSP2P set or software won't detect its presence. Signed-off-by: Maciej W. Rozycki Reviewed-by: Leon Alrae [leon.alrae@imgtec.com: remove DSP flags from mips32r5-generic] Signed-off-by: Leon Alrae --- target-mips/translate_init.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/target-mips/translate_init.c b/target-mips/translate_init.c index 4dee1caf92..148b394cf0 100644 --- a/target-mips/translate_init.c +++ b/target-mips/translate_init.c @@ -333,7 +333,8 @@ static const mips_def_t mips_defs[] = (0 << CP0C1_DS) | (3 << CP0C1_DL) | (1 << CP0C1_DA) | (1 << CP0C1_CA), .CP0_Config2 = MIPS_CONFIG2, - .CP0_Config3 = MIPS_CONFIG3 | (0 << CP0C3_VInt) | (1 << CP0C3_DSPP), + .CP0_Config3 = MIPS_CONFIG3 | (1 << CP0C3_DSP2P) | (1 << CP0C3_DSPP) | + (0 << CP0C3_VInt), .CP0_LLAddr_rw_bitmask = 0, .CP0_LLAddr_shift = 4, .SYNCI_Step = 32, @@ -376,7 +377,7 @@ static const mips_def_t mips_defs[] = (0x93 << FCR0_PRID), .SEGBITS = 32, .PABITS = 32, - .insn_flags = CPU_MIPS32R5 | ASE_MIPS16 | ASE_DSP | ASE_DSPR2 | ASE_MSA, + .insn_flags = CPU_MIPS32R5 | ASE_MIPS16 | ASE_MSA, .mmu_type = MMU_TYPE_R4000, }, #if defined(TARGET_MIPS64) @@ -601,7 +602,8 @@ static const mips_def_t mips_defs[] = (2 << CP0C1_DS) | (4 << CP0C1_DL) | (3 << CP0C1_DA) | (1 << CP0C1_PC) | (1 << CP0C1_WR) | (1 << CP0C1_EP), .CP0_Config2 = MIPS_CONFIG2, - .CP0_Config3 = MIPS_CONFIG3 | (1 << CP0C3_LPA), + .CP0_Config3 = MIPS_CONFIG3 | (1U << CP0C3_M) | (1 << CP0C3_DSP2P) | + (1 << CP0C3_DSPP) | (1 << CP0C3_LPA), .CP0_LLAddr_rw_bitmask = 0, .CP0_LLAddr_shift = 0, .SYNCI_Step = 32, From 854795753c6efceda1d172851e2bae4b47a492be Mon Sep 17 00:00:00 2001 From: Leon Alrae Date: Thu, 6 Nov 2014 10:29:38 +0000 Subject: [PATCH 5/7] target-mips: fix for missing delay slot in BC1EQZ and BC1NEZ New R6 COP1 conditional branches currently don't have delay slot. Fixing this by setting MIPS_HFLAG_BDS32 flag which is required for branches having 4-byte delay slot. Signed-off-by: Leon Alrae Reviewed-by: Yongbok Kim --- target-mips/translate.c | 1 + 1 file changed, 1 insertion(+) diff --git a/target-mips/translate.c b/target-mips/translate.c index d6722e1a18..194d4fb42a 100644 --- a/target-mips/translate.c +++ b/target-mips/translate.c @@ -8104,6 +8104,7 @@ static void gen_compute_branch1_r6(DisasContext *ctx, uint32_t op, MIPS_DEBUG("%s: cond %02x target " TARGET_FMT_lx, opn, ctx->hflags, btarget); ctx->btarget = btarget; + ctx->hflags |= MIPS_HFLAG_BDS32; out: tcg_temp_free_i64(t0); From 342368aff7d61a32b5853068b92039a2b15507c5 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" Date: Thu, 6 Nov 2014 20:38:10 +0000 Subject: [PATCH 6/7] mips: Ensure PC update with MTC0 single-stepping Correct the way PC is updated when single-stepping instructions, by keeping the old PC only for the BS_EXCP (exception condition) state. Some MTC0 (and possibly other) instructions switch to the BS_STOP state to terminate the current translation block, so that the state transition of the simulated CPU resulting from the CP0 operation takes effect with the following instruction. This happens with `mtc0 ,c0_config' for example, typically used to set KSEG0 cacheability. While single-stepping this has a side-effect of not advancing the PC past the instruction just executed; subsequent single-step traps will stop at the same instruction repeatedly. Example: (gdb) stepi 0x80004d24 in _start () 5: x/i $pc => 0x80004d24 <_start+364>: mfc0 t1,c0_config (gdb) 0x80004d28 in _start () 5: x/i $pc => 0x80004d28 <_start+368>: li at,-8 (gdb) 0x80004d2c in _start () 5: x/i $pc => 0x80004d2c <_start+372>: and t1,t1,at (gdb) 0x80004d30 in _start () 5: x/i $pc => 0x80004d30 <_start+376>: ori t1,t1,0x3 (gdb) 0x80004d34 in _start () 5: x/i $pc => 0x80004d34 <_start+380>: mtc0 t1,c0_config (gdb) 0x80004d34 in _start () 5: x/i $pc => 0x80004d34 <_start+380>: mtc0 t1,c0_config (gdb) 0x80004d34 in _start () 5: x/i $pc => 0x80004d34 <_start+380>: mtc0 t1,c0_config (gdb) 0x80004d34 in _start () 5: x/i $pc => 0x80004d34 <_start+380>: mtc0 t1,c0_config (gdb) -- oops! Signed-off-by: Maciej W. Rozycki Reviewed-by: Leon Alrae Signed-off-by: Leon Alrae --- target-mips/translate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target-mips/translate.c b/target-mips/translate.c index 194d4fb42a..0bea3c44cb 100644 --- a/target-mips/translate.c +++ b/target-mips/translate.c @@ -19112,7 +19112,7 @@ gen_intermediate_code_internal(MIPSCPU *cpu, TranslationBlock *tb, gen_io_end(); } if (cs->singlestep_enabled && ctx.bstate != BS_BRANCH) { - save_cpu_state(&ctx, ctx.bstate == BS_NONE); + save_cpu_state(&ctx, ctx.bstate != BS_EXCP); gen_helper_0e0i(raise_exception, EXCP_DEBUG); } else { switch (ctx.bstate) { From cb269f273fdbdb26ddb1cba4a0fe2249418a8e77 Mon Sep 17 00:00:00 2001 From: Yongbok Kim Date: Fri, 7 Nov 2014 10:43:21 +0000 Subject: [PATCH 7/7] target-mips: fix multiple TCG registers covering same data Avoid to allocate different TCG registers for the FPU registers that are mapped on the MSA vectore registers. Signed-off-by: Yongbok Kim Reviewed-by: Richard Henderson Signed-off-by: Leon Alrae --- target-mips/translate.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/target-mips/translate.c b/target-mips/translate.c index 0bea3c44cb..f0b8e6ffe4 100644 --- a/target-mips/translate.c +++ b/target-mips/translate.c @@ -19284,15 +19284,13 @@ void mips_tcg_init(void) offsetof(CPUMIPSState, active_tc.gpr[i]), regnames[i]); - for (i = 0; i < 32; i++) { - int off = offsetof(CPUMIPSState, active_fpu.fpr[i]); - fpu_f64[i] = tcg_global_mem_new_i64(TCG_AREG0, off, fregnames[i]); - } - for (i = 0; i < 32; i++) { int off = offsetof(CPUMIPSState, active_fpu.fpr[i].wr.d[0]); msa_wr_d[i * 2] = tcg_global_mem_new_i64(TCG_AREG0, off, msaregnames[i * 2]); + /* The scalar floating-point unit (FPU) registers are mapped on + * the MSA vector registers. */ + fpu_f64[i] = msa_wr_d[i * 2]; off = offsetof(CPUMIPSState, active_fpu.fpr[i].wr.d[1]); msa_wr_d[i * 2 + 1] = tcg_global_mem_new_i64(TCG_AREG0, off, msaregnames[i * 2 + 1]);