Add new microMIPS32 Release 6 Major opcode instructions
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Add new microMIPS32 Release 6 POOL32I/POOL32C type instructions
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Add new microMIPS32 Release 6 branch and jump instructions.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Signal a Reserved Instruction exception for removed instruction encoding
in microMIPS Release 6.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
64-bit paired-single (PS) floating point data type is optional in the
pre-Release 6.
It has to raise RI exception when PS type is not implemented. (FIR.PS = 0)
(The PS data type is removed in the Release 6.)
Loongson-2E and Loongson-2F don't have any implementation field in
FCSR0(FIR) but do support PS data format, therefore for these cores RI will
not be signalled regardless of PS bit.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
The function will be also used for microMIPS Release 6.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Refactor those instructions in order to reuse them for microMIPS32
Release 6.
Rearrange gen_move_low32().
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Remove an unused argument from decode_micromips32_opc()
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
rt, rs were swapped
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Add UHI semihosting support for MIPS. QEMU run with "-semihosting" option
will alter the behaviour of SDBBP 1 instruction -- UHI operation will be
called instead of generating a debug exception.
Also tweak Malta's pseudo-bootloader. On CPU reset the $4 register is set
to -1 if semihosting arguments are passed to indicate that the UHI
operations should be used to obtain input arguments.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
disas does not need to access the CPU env for any reason. Change the
APIs to accept CPU pointers instead. Small change pattern needs to be
applied to all target translate.c. This brings us closer to making
disas.o a common-obj and less architecture specific in general.
Cc: Richard Henderson <rth@twiddle.net>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Jia Liu <proljc@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Acked-by: Luiz Capitulino <lcapitulino@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Implement MTHC0 and MFHC0 instructions. In MIPS32 they are used to access
upper word of extended to 64-bits CP0 registers.
In MIPS64, when CP0 destination register specified is the EntryLo0 or
EntryLo1, bits 1:0 of the GPR appear at bits 31:30 of EntryLo0 or
EntryLo1. This is to compensate for RI and XI, which were shifted to bits
63:62 by MTC0 to EntryLo0 or EntryLo1. Therefore creating separate
functions for EntryLo0 and EntryLo1.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
CP0.PageGrain.ELPA enables support for large physical addresses. This field
is encoded as follows:
0: Large physical address support is disabled.
1: Large physical address support is enabled.
If this bit is a 1, the following changes occur to coprocessor 0 registers:
- The PFNX field of the EntryLo0 and EntryLo1 registers is writable and
concatenated with the PFN field to form the full page frame number.
- Access to optional COP0 registers with PA extension, LLAddr, TagLo is
defined.
P5600 can operate in 32-bit or 40-bit Physical Address Mode. Therefore if
XPA is disabled (CP0.PageGrain.ELPA = 0) then assume 32-bit Address Mode.
In MIPS64 assume 36 as default PABITS (when CP0.PageGrain.ELPA = 0).
env->PABITS value is constant and indicates maximum PABITS available on
a core, whereas env->PAMask is calculated from env->PABITS and is also
affected by CP0.PageGrain.ELPA.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Extend EntryLo0, EntryLo1, LLAddr and TagLo from 32 to 64 bits in MIPS32.
Introduce gen_move_low32() function which moves low 32 bits from 64-bit
temp to GPR; it sign extends 32-bit value on MIPS64 and truncates on
MIPS32.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
ERETNC is identical to ERET except that an ERETNC will not clear the LLbit
that is set by execution of an LL instruction, and thus when placed between
an LL and SC sequence, will never cause the SC to fail.
Presence of ERETNC is denoted by the Config5.LLB.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
MIPS SIMD Architecture vector loads and stores require misalignment support.
MSA Memory access should work as an atomic operation. Therefore, it has to
check validity of all addresses for a vector store access if it is spanning
into two pages.
Separating helper functions for each data format as format is known in
translation.
To use mmu_idx from cpu_mmu_index() instead of calculating it from hflag.
Removing save_cpu_state() call in translation because it is able to use
cpu_restore_state() on fault as GETRA() is passed.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
[leon.alrae@imgtec.com: remove unused do_* functions]
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Release 6 requires misaligned memory access support for all ordinary memory
access instructions (for example, LW/SW, LWC1/SWC1).
However misaligned support is not provided for certain special memory accesses
such as atomics (for example, LL/SC).
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
This relatively small architectural feature adds the following:
FIR.FREP: Read-only. If FREP=1, then Config5.FRE and Config5.UFE are
available.
Config5.FRE: When enabled all single-precision FP arithmetic instructions,
LWC1/LWXC1/MTC1, SWC1/SWXC1/MFC1 cause a Reserved Instructions
exception.
Config5.UFE: Allows user to write/read Config5.FRE using CTC1/CFC1
instructions.
Enable the feature in MIPS64R6-generic CPU.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Move the "Tests" group of functions so that gen_load_fpr32() and
gen_store_fpr32() can use generate_exception().
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
PC needs to be saved if an exception can be generated by an helper.
This fixes a problem related to resuming the execution at unexpected address
after an exception (caused by MSA load/store instruction) has been serviced.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
All instructions which may change hflags terminate tb. However, this doesn't
work if such an instruction is placed in delay or forbidden slot.
gen_branch() clears MIPS_HFLAG_BMASK in ctx->hflags and then generates code
to overwrite hflags with ctx->hflags, consequently we loose any execution-time
hflags modifications. For example, in the following scenario hflag related to
Status.CU1 will not be updated:
/* Set Status.CU1 in delay slot */
mfc0 $24, $12, 0
lui $25, 0x2000
or $25, $25, $24
b check_Status_CU1
mtc0 $25, $12, 0
With this change we clear MIPS_HFLAG_BMASK in execution-time hflags if
instruction in delay or forbidden slot wants to terminate tb for some reason
(i.e. ctx->bstate != BS_NONE).
Also, die early and loudly if "unknown branch" is encountered as this should
never happen.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
CP0.BadVAddr is supposed to capture the most recent virtual address that caused
the exception. Currently this does not work correctly for unaligned instruction
fetch as translation is not stopped and CP0.BadVAddr is updated with subsequent
addresses.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
This is improved type checking for the translators -- it's no longer
possible to accidentally swap arguments to the branch functions.
Note that the code generating backends still manipulate labels as int.
With notable exceptions, the scope of the change is just a few lines
for each target, so it's not worth building extra machinery to do this
change in per-target increments.
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Cc: Michael Walle <michael@walle.cc>
Cc: Leon Alrae <leon.alrae@imgtec.com>
Cc: Anthony Green <green@moxielogic.com>
Cc: Jia Liu <proljc@gmail.com>
Cc: Alexander Graf <agraf@suse.de>
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Blue Swirl <blauwirbel@gmail.com>
Cc: Guan Xuetao <gxt@mprc.pku.edu.cn>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Max Filippov <jcmvbkbc@gmail.com>
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Using rs = -1 in gen_logic_imm() for microMIPS LUI instruction is dangerous
and may bite us when implementing microMIPS R6 because in R6 AUI and LUI
are distinguished by rs value. Therefore use 0 for safety.
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
The test is supposed to terminate TB if the end of the page is reached.
However, with current implementation it may never succeed for microMIPS or
mips16.
Reported-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Maciej W. Rozycki <macro@linux-mips.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
The method by which we count the number of ops emitted
is going to change. Abstract that away into some inlines.
Reviewed-by: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Signed-off-by: Richard Henderson <rth@twiddle.net>
Commit fecd264 added a number of fall-throughs, but neglected to
properly document them as intentional. Commit d922445 cleaned that up
for many, but not all cases. Take care of the remaining ones.
Spotted by Coverity.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Set DisasContext's ulri member to 0 or 1 as with other bool members.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Add missing calls to synchronise the SoftFloat status with the CP1.FSCR:
+ for the rounding and flush-to-zero modes upon processor reset,
+ for the flush-to-zero mode on FSCR updates through the GDB stub.
Refactor code accordingly and remove the redundant RESTORE_ROUNDING_MODE
macro.
Signed-off-by: Thomas Schwinge <thomas@codesourcery.com>
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Make sure the address space is unconditionally wrapped on 32-bit
processors, that is ones that do not implement at least the MIPS III
ISA.
Also make MIPS16 SAVE and RESTORE instructions use address calculation
rather than plain arithmetic operations for stack pointer manipulation
so that their semantics for stack accesses follows the architecture
specification. That in particular applies to user software run on
64-bit processors with the CP0.Status.UX bit clear where the address
space is wrapped to 32 bits.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Tighten ISA level checks down to MIPS II that many of our instructions
are missing. Also make sure any 64-bit instruction enables are only
applied to 64-bit processors, that is ones that implement at least the
MIPS III ISA.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Fix CP0.Config3.ISAOnExc write accesses on microMIPS processors. This
bit is mandatory for any processor that implements the microMIPS
instruction set. This bit is r/w for processors that implement both the
standard MIPS and the microMIPS instruction set. This bit is r/o and
hardwired to 1 if only the microMIPS instruction set is implemented.
There is no other bit ever writable in CP0.Config3 so defining a
corresponding `CP0_Config3_rw_bitmask' member in `CPUMIPSState' is I
think an overkill. Therefore make the ability to write the bit rely on
the presence of ASE_MICROMIPS set in the instruction flags.
The read-only case of the microMIPS instruction set being implemented
only can be added when we add support for such a configuration. We do
not currently have such support, we have no instruction flag that would
control the presence of the standard MIPS instruction set nor any
associated code in instruction decoding.
This change is needed to boot a microMIPS Linux kernel successfully,
otherwise it hangs early on as interrupts are enabled and then the
exception handler invoked loops as its first instruction is interpreted
in the wrong execution mode and triggers another exception right away.
And then over and over again.
We already check the current setting of the CP0.Config3.ISAOnExc in
`set_hflags_for_handler' to set the ISA bit correctly on the exception
handler entry so it is the ability to set it that is missing only.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Include CP0.Config2 through CP0.Config5 registers in the register dump
produced with the `info registers' monitor command. Align vertically
with the registers already output.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Fix microMIPS MOVE16 and MOVEP instructions on 64-bit processors by
using register addition operations.
This copies the approach taken with MIPS16 MOVE instructions (I8_MOV32R
and I8_MOVR32 opcodes) and follows the observation that OPC_ADDU expands
to tcg_gen_mov_tl whenever `rt' is 0 and `rs' is not, therefore copying
`rs' to `rd' verbatim. This is not the case with OPC_ADDIU where a
sign-extension from bit #31 is made, unless in the uninteresting case of
`rs' being 0, losing the upper 32 bits of the value copied for any
proper 64-bit values.
This also serves as an optimization as one op is produced in generated
code rather than two (again, unless `rs' is 0, where it doesn't change
anything).
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Correct MIPS16/microMIPS branch size calculation in PC adjustment
needed:
- to set the value of CP0.ErrorEPC at the entry to the reset exception,
- for the purpose of branch reexecution in the context of device I/O.
Follow the approach taken in `exception_resume_pc' for ordinary, Debug
and NMI exceptions.
MIPS16 and microMIPS branches can be 2 or 4 bytes in size and that has
to be reflected in calculation. Original MIPS ISA branches, which is
where this code originates from, are always 4 bytes long, just as all
original MIPS ISA instructions.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Avoid to allocate different TCG registers for the FPU registers
that are mapped on the MSA vectore registers.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Correct the way PC is updated when single-stepping instructions, by
keeping the old PC only for the BS_EXCP (exception condition) state.
Some MTC0 (and possibly other) instructions switch to the BS_STOP state
to terminate the current translation block, so that the state transition
of the simulated CPU resulting from the CP0 operation takes effect with
the following instruction. This happens with `mtc0 <reg>,c0_config' for
example, typically used to set KSEG0 cacheability.
While single-stepping this has a side-effect of not advancing the PC
past the instruction just executed; subsequent single-step traps will
stop at the same instruction repeatedly. Example:
(gdb) stepi
0x80004d24 in _start ()
5: x/i $pc
=> 0x80004d24 <_start+364>: mfc0 t1,c0_config
(gdb)
0x80004d28 in _start ()
5: x/i $pc
=> 0x80004d28 <_start+368>: li at,-8
(gdb)
0x80004d2c in _start ()
5: x/i $pc
=> 0x80004d2c <_start+372>: and t1,t1,at
(gdb)
0x80004d30 in _start ()
5: x/i $pc
=> 0x80004d30 <_start+376>: ori t1,t1,0x3
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>: mtc0 t1,c0_config
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>: mtc0 t1,c0_config
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>: mtc0 t1,c0_config
(gdb)
0x80004d34 in _start ()
5: x/i $pc
=> 0x80004d34 <_start+380>: mtc0 t1,c0_config
(gdb)
-- oops!
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
New R6 COP1 conditional branches currently don't have delay slot. Fixing this
by setting MIPS_HFLAG_BDS32 flag which is required for branches having 4-byte
delay slot.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Make microMIPS FP branches respect CP0.Status.CU1 and trap with a
Coprocessor Unusable exception if COP1 has been disabled; also trap if
no FPU is present at all.
Standard MIPS FP instruction encodings have a more regular structure and
branches are covered with a single umbrella along other instructions.
This is not the case with the microMIPS encoding, this case has to be
taken care of explicitly here. Code to do so has been copied from the
standard MIPS code handler for OPC_CP1, in `decode_opc'.
Problems arising from this bug will generally only show up on user
context switches in operating systems making use of lazy FP context
switches, such as Linux. It will also more readily trigger if software
FPU emulation is used, either implicitly on a non-float CPU, or forced
on a hard-float CPU such as with the "nofpu" Linux kernel command line
argument.
The problem may have been easily missed because we have no hard-float
microMIPS CPU configuration present; in fact we have no microMIPS CPU
configuration of any kind present.
Signed-off-by: Maciej W. Rozycki <macro@codesourcery.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
add MSA MI10 format instructions
update LSA and DLSA for MSA
add 16, 64 bit load and store
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
add MSA BIT format instructions
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
add MSA I5 format instructions
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
add MSA I8 format instructions
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
add msa_reset() and global msa register (d type only)
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
add MSA opcode enum
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
stop translation as ctc1 instruction can change hflags
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Release 6 limits the number of cases where software can cause UNDEFINED or
UNPREDICTABLE behaviour. In this case, when accessing reserved / unimplemented
CP0 register, writes are ignored and reads return 0.
In pre-R6 the behaviour is not specified, but generating RI exception is not
what the real HW does.
Additionally, remove CP0 Random register as it became reserved in Release 6.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
When conditional compact branch is encountered decode one more instruction in
current translation block - that will be forbidden slot. Instruction in
forbidden slot will be executed only if conditional compact branch is not taken.
Any control transfer instruction (CTI) which are branches, jumps, ERET,
DERET, WAIT and PAUSE will generate RI exception if executed in forbidden or
delay slot.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
SDBBP instruction Reserved Instruction control. The purpose of this field is
to restrict availability of SDBBP to kernel mode operation.
If the bit is set then SDBBP instruction can only be executed in kernel mode.
User execution of SDBBP will cause a Reserved Instruction exception.
Additionally add missing Config4 and Config5 cases for dm{f,t}c0.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
BadInstr Register (CP0 Register 8, Select 1)
The BadInstr register is a read-only register that capture the most recent
instruction which caused an exception.
BadInstrP Register (CP0 Register 8, Select 2)
The BadInstrP register contains the prior branch instruction, when the
faulting instruction is in a branch delay slot.
Using error_code to indicate whether AdEL or TLBL was triggered during
instruction fetch, in this case BadInstr is not updated as valid instruction
word is not available.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
For Standard TLB configuration (Config.MT=1):
TLBINV invalidates a set of TLB entries based on ASID. The virtual address is
ignored in the entry match. TLB entries which have their G bit set to 1 are not
modified.
TLBINVF causes all entries to be invalidated.
Single TLB entry can be marked as invalid on TLB entry write by having
EntryHi.EHINV set to 1.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
PageGrain needs rw bitmask which differs between MIPS architectures.
In pre-R6 if RIXI is supported, PageGrain.XIE and PageGrain.RIE are writeable,
whereas in R6 they are read-only 1.
On MIPS64 mtc0 instruction left shifts bits 31:30 for MIPS32 backward
compatiblity, therefore there are separate mtc0 and dmtc0 helpers.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
KScratch<n> Registers (CP0 Register 31, Selects 2 to 7)
The KScratch registers are read/write registers available for scratch pad
storage by kernel mode software. They are 32-bits in width for 32-bit
processors and 64-bits for 64-bit processors.
CP0Config4.KScrExist[2:7] bits indicate presence of CP0_KScratch1-6 registers.
For Release 6, all KScratch registers are required.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Remove the functions gen_load_ACX and gen_store_ACX, which appear to have
been unused since they were first introduced many years ago. These functions
were the only places using the cpu_ACX[] array of TCG globals, so remove
that and its accompanying regnames_ACX[] as well.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
The function check_mips64() is only used if TARGET_MIPS64 is defined;
add an ifdef guard to its definition to avoid warnings about it being
unused in other configurations.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Commit 240ce26a broke MIPS16 and microMIPS support as it didn't
care those branches and jumps don't have delay slot in
MIPS16 and microMIPS.
This patch introduces a new argument delayslot_size to the
gen_compute_branch() indicating size of delay slot {0, 2, 4}.
And the information is used to call handle_delay_slot() forcingly
when no delay slot is required.
There are some microMIPS branch and jump instructions that requires
exact size of instruction in the delay slot. For indicating
these instructions, MIPS_HFLAG_BDS_STRICT flag is introduced.
Those fictional branch opcodes defined to support MIPS16 and
microMIPS are no longer needed.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Tested-by: Jonas Gorski <jogo@openwrt.org>
Reviewed-by: Leon Alrae <leon.alrae@imgtec.com>
[leon.alrae@imgtec.com: cosmetic changes]
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Update OPC_SYNCI with BS_STOP, in order to handle the instructions which saved
in the same TB of the store instruction.
Signed-off-by: Dongxue Zhang <elta.era@gmail.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
[leon.alrae@imgtec.com: update microMIPS SYNCI as well]
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Status.FR bit must be ignored on write and read as 1 when an implementation of
Release 6 of the Architecture in which a 64-bit floating point unit is
implemented.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
In terms of encoding MIPS32R6 MIN.fmt, MAX.fmt, MINA.fmt, MAXA.fmt replaced
MIPS-3D RECIP1, RECIP2, RSQRT1, RSQRT2 instructions.
In R6 all Floating Point instructions are supposed to be IEEE-2008 compliant
i.e. FIR.HAS2008 always 1. However, QEMU softfloat for MIPS has not been
updated yet.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Yongbok Kim <yongbok.kim@imgtec.com>
Introduce MIPS32R6 Compact Branch instructions which do not have delay slot -
they have forbidden slot instead. However, current implementation does not
support forbidden slot yet.
Add also BC1EQZ and BC1NEZ instructions.
Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com>
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
In R6 the special behaviour for data references is also specified for Kernel
and Supervisor mode. Therefore MIPS_HFLAG_UX is replaced by generic
MIPS_HFLAG_AWRAP indicating enabled 32-bit address wrapping.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Also consider OPC_SPIM instruction as deleted in R6 because it is overlaping
with MIPS32R6 SDBBP.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Use "R6_" prefix in front of all new Multiply / Divide instructions for
easier differentiation between R6 and preR6.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
The encoding of PREF, CACHE, LLD and SCD instruction changed in MIPS32R6.
Additionally, the hint codes in PREF instruction greater than or
equal to 24 generate Reserved Instruction Exception.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Move DSP and Loongson instruction to *_legacy functions as they have been
removed in R6.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
For better code readability and to avoid 'if' statements for all R6 and preR6
instructions whose opcodes are the same - decode_opc_special* functions are
split into functions with _r6 and _legacy suffixes.
*_r6 functions will contain instructions which were introduced in R6.
*_legacy functions will contain instructions which were removed in R6.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Creating separate decode functions for special, special2 and special3
instructions to ease adding new R6 instructions and removing legacy
instructions.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
The encoding of LL and SC instruction has changed in MIPS32 Release 6.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: James Hogan <james.hogan@imgtec.com>
Signal Reserved Instruction Exception on instructions that do not exist in R6.
In this commit the following groups of preR6 instructions are marked as deleted:
- Floating Point Paired Single
- Floating Point Compare
- conditional moves / branches on FPU conditions
- branch likelies
- unaligned loads / stores
- traps
- legacy accumulator instructions
- COP1X
- MIPS-3D
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
The EBase CP0 register is initialised to 0x80000000, however with KVM
the guest's KSEG0 is at 0x40000000. The incorrect value doesn't get
passed to KVM yet as KVM doesn't implement the EBase register, however
we should set it correctly now so as not to break migration/loadvm to a
future version of QEMU that does support EBase.
Cc: Aurelien Jarno <aurelien@aurel32.net>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: James Hogan <james.hogan@imgtec.com>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
In order to avoid access to the CPUMIPSState structure in the
translator, keep a copy of CP0_Config1 into DisasContext. The whole
register is read-only so it can be copied as a single value.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* remotes/kvm/uq/master:
hw/mips: malta: Don't boot from flash with KVM T&E
MAINTAINERS: Add entry for MIPS KVM
target-mips: Enable KVM support in build system
hw/mips: malta: Add KVM support
hw/mips: In KVM mode, inject IRQ2 (I/O) interrupts via ioctls
target-mips: Call kvm_mips_reset_vcpu() from mips_cpu_reset()
target-mips: kvm: Add main KVM support for MIPS
kvm: Allow arch to set sigmask length
target-mips: get_physical_address: Add KVM awareness
target-mips: get_physical_address: Add defines for segment bases
hw/mips: Add API to convert KVM guest KSEG0 <-> GPA
hw/mips/cputimer: Don't start periodic timer in KVM mode
target-mips: Reset CPU timer consistently
KVM: Fix GSI number space limit
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
From MIPS documentation (Volume III):
UserLocal Register (CP0 Register 4, Select 2)
Compliance Level: Recommended.
The UserLocal register is a read-write register that is not interpreted by
the hardware and conditionally readable via the RDHWR instruction.
This register only exists if the Config3-ULRI register field is set.
Privileged software may write this register with arbitrary information and
make it accessible to unprivileged software via register 29 (ULR) of the
RDHWR instruction. To do so, bit 29 of the HWREna register must be set to a
1 to enable unprivileged access to the register.
Signed-off-by: Petar Jovanovic <petar.jovanovic@imgtec.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Yongbok Kim
Leon Alrae
Peter Crosthwaite
Richard Henderson
Markus Armbruster
Paolo Bonzini
Maciej W. Rozycki
Peter Maydell
Dongxue Zhang
Lluís Vilanova
James Hogan
Aurelien Jarno
Petar Jovanovic