From 59afd43daedabe672c289326a5f268f737d35252 Mon Sep 17 00:00:00 2001 From: Max Filippov Date: Tue, 28 Apr 2020 15:59:08 -0700 Subject: [PATCH 1/4] target/xtensa: work around missing SR definitions Xtensa configuration overlays for recent releases may have special registers for which [rwx]sr opcodes are defined, but they are not listed as SR in xtensa_sysreg_name and associated functions. As a result generic translate_[rwx]sr* functions generate access to uninitialized cpu_SR causing segfault at runtime. Don't try to access cpu_SR for such registers, ignore writes and return 0 for reads. Cc: qemu-stable@nongnu.org Signed-off-by: Max Filippov --- target/xtensa/translate.c | 48 +++++++++++++++++++++++++++------------ 1 file changed, 34 insertions(+), 14 deletions(-) diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c index e0beaf7abb..546d2fa2fa 100644 --- a/target/xtensa/translate.c +++ b/target/xtensa/translate.c @@ -2191,7 +2191,11 @@ static void translate_rsil(DisasContext *dc, const OpcodeArg arg[], static void translate_rsr(DisasContext *dc, const OpcodeArg arg[], const uint32_t par[]) { - tcg_gen_mov_i32(arg[0].out, cpu_SR[par[0]]); + if (sr_name[par[0]]) { + tcg_gen_mov_i32(arg[0].out, cpu_SR[par[0]]); + } else { + tcg_gen_movi_i32(arg[0].out, 0); + } } static void translate_rsr_ccount(DisasContext *dc, const OpcodeArg arg[], @@ -2563,13 +2567,17 @@ static void translate_wrmsk_expstate(DisasContext *dc, const OpcodeArg arg[], static void translate_wsr(DisasContext *dc, const OpcodeArg arg[], const uint32_t par[]) { - tcg_gen_mov_i32(cpu_SR[par[0]], arg[0].in); + if (sr_name[par[0]]) { + tcg_gen_mov_i32(cpu_SR[par[0]], arg[0].in); + } } static void translate_wsr_mask(DisasContext *dc, const OpcodeArg arg[], const uint32_t par[]) { - tcg_gen_andi_i32(cpu_SR[par[0]], arg[0].in, par[2]); + if (sr_name[par[0]]) { + tcg_gen_andi_i32(cpu_SR[par[0]], arg[0].in, par[2]); + } } static void translate_wsr_acchi(DisasContext *dc, const OpcodeArg arg[], @@ -2775,23 +2783,31 @@ static void translate_xor(DisasContext *dc, const OpcodeArg arg[], static void translate_xsr(DisasContext *dc, const OpcodeArg arg[], const uint32_t par[]) { - TCGv_i32 tmp = tcg_temp_new_i32(); + if (sr_name[par[0]]) { + TCGv_i32 tmp = tcg_temp_new_i32(); - tcg_gen_mov_i32(tmp, arg[0].in); - tcg_gen_mov_i32(arg[0].out, cpu_SR[par[0]]); - tcg_gen_mov_i32(cpu_SR[par[0]], tmp); - tcg_temp_free(tmp); + tcg_gen_mov_i32(tmp, arg[0].in); + tcg_gen_mov_i32(arg[0].out, cpu_SR[par[0]]); + tcg_gen_mov_i32(cpu_SR[par[0]], tmp); + tcg_temp_free(tmp); + } else { + tcg_gen_movi_i32(arg[0].out, 0); + } } static void translate_xsr_mask(DisasContext *dc, const OpcodeArg arg[], const uint32_t par[]) { - TCGv_i32 tmp = tcg_temp_new_i32(); + if (sr_name[par[0]]) { + TCGv_i32 tmp = tcg_temp_new_i32(); - tcg_gen_mov_i32(tmp, arg[0].in); - tcg_gen_mov_i32(arg[0].out, cpu_SR[par[0]]); - tcg_gen_andi_i32(cpu_SR[par[0]], tmp, par[2]); - tcg_temp_free(tmp); + tcg_gen_mov_i32(tmp, arg[0].in); + tcg_gen_mov_i32(arg[0].out, cpu_SR[par[0]]); + tcg_gen_andi_i32(cpu_SR[par[0]], tmp, par[2]); + tcg_temp_free(tmp); + } else { + tcg_gen_movi_i32(arg[0].out, 0); + } } static void translate_xsr_ccount(DisasContext *dc, const OpcodeArg arg[], @@ -2819,7 +2835,11 @@ static void translate_xsr_ccount(DisasContext *dc, const OpcodeArg arg[], { \ TCGv_i32 tmp = tcg_temp_new_i32(); \ \ - tcg_gen_mov_i32(tmp, cpu_SR[par[0]]); \ + if (sr_name[par[0]]) { \ + tcg_gen_mov_i32(tmp, cpu_SR[par[0]]); \ + } else { \ + tcg_gen_movi_i32(tmp, 0); \ + } \ translate_wsr_##name(dc, arg, par); \ tcg_gen_mov_i32(arg[0].out, tmp); \ tcg_temp_free(tmp); \ From 2cc2278edf0403720397a33b0747e0aba9e6d420 Mon Sep 17 00:00:00 2001 From: Max Filippov Date: Mon, 4 May 2020 04:30:45 -0700 Subject: [PATCH 2/4] target/xtensa: fetch HW version from configuration overlay Xtensa architecture has features which behavior depends on hardware version. Provide hardware version information to translators: add XtensaConfig::hw_version and use XCHAL_HW_VERSION from configuration overlay to initialize it. Signed-off-by: Max Filippov --- target/xtensa/cpu.h | 1 + target/xtensa/overlay_tool.h | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/target/xtensa/cpu.h b/target/xtensa/cpu.h index 7a46dccbe1..32749378bf 100644 --- a/target/xtensa/cpu.h +++ b/target/xtensa/cpu.h @@ -464,6 +464,7 @@ struct XtensaConfig { XtensaMemory sysrom; XtensaMemory sysram; + unsigned hw_version; uint32_t configid[2]; void *isa_internal; diff --git a/target/xtensa/overlay_tool.h b/target/xtensa/overlay_tool.h index cab532095c..a994e69b6e 100644 --- a/target/xtensa/overlay_tool.h +++ b/target/xtensa/overlay_tool.h @@ -60,8 +60,9 @@ #define XCHAL_RESET_VECTOR1_VADDR XCHAL_RESET_VECTOR_VADDR #endif -#ifndef XCHAL_HW_MIN_VERSION -#define XCHAL_HW_MIN_VERSION 0 +#ifndef XCHAL_HW_VERSION +#define XCHAL_HW_VERSION (XCHAL_HW_VERSION_MAJOR * 100 \ + + XCHAL_HW_VERSION_MINOR) #endif #ifndef XCHAL_LOOP_BUFFER_SIZE @@ -100,7 +101,7 @@ XCHAL_OPTION(XCHAL_HAVE_FP, XTENSA_OPTION_FP_COPROCESSOR) | \ XCHAL_OPTION(XCHAL_HAVE_RELEASE_SYNC, XTENSA_OPTION_MP_SYNCHRO) | \ XCHAL_OPTION(XCHAL_HAVE_S32C1I, XTENSA_OPTION_CONDITIONAL_STORE) | \ - XCHAL_OPTION(((XCHAL_HAVE_S32C1I && XCHAL_HW_MIN_VERSION >= 230000) || \ + XCHAL_OPTION(((XCHAL_HAVE_S32C1I && XCHAL_HW_VERSION >= 230000) || \ XCHAL_HAVE_EXCLUSIVE), XTENSA_OPTION_ATOMCTL) | \ XCHAL_OPTION(XCHAL_HAVE_DEPBITS, XTENSA_OPTION_DEPBITS) | \ /* Interrupts and exceptions */ \ @@ -498,6 +499,7 @@ } #define CONFIG_SECTION \ + .hw_version = XCHAL_HW_VERSION, \ .configid = { \ XCHAL_HW_CONFIGID0, \ XCHAL_HW_CONFIGID1, \ From 62ed68e33db89584355ca4c63cd5b21dd98df636 Mon Sep 17 00:00:00 2001 From: Max Filippov Date: Mon, 4 May 2020 05:15:14 -0700 Subject: [PATCH 3/4] target/xtensa: fix simcall for newer hardware After Xtensa release RE.2 simcall opcode has become nop for the hardware instead of illegal instruction. Signed-off-by: Max Filippov --- target/xtensa/translate.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c index 546d2fa2fa..4bc15252c8 100644 --- a/target/xtensa/translate.c +++ b/target/xtensa/translate.c @@ -2367,9 +2367,10 @@ static bool test_ill_simcall(DisasContext *dc, const OpcodeArg arg[], #ifdef CONFIG_USER_ONLY bool ill = true; #else - bool ill = !semihosting_enabled(); + /* Between RE.2 and RE.3 simcall opcode's become nop for the hardware. */ + bool ill = dc->config->hw_version <= 250002 && !semihosting_enabled(); #endif - if (ill) { + if (ill || !semihosting_enabled()) { qemu_log_mask(LOG_GUEST_ERROR, "SIMCALL but semihosting is disabled\n"); } return ill; @@ -2379,7 +2380,9 @@ static void translate_simcall(DisasContext *dc, const OpcodeArg arg[], const uint32_t par[]) { #ifndef CONFIG_USER_ONLY - gen_helper_simcall(cpu_env); + if (semihosting_enabled()) { + gen_helper_simcall(cpu_env); + } #endif } From 8a3a81478dcc592518069125a6ad271fe5511b95 Mon Sep 17 00:00:00 2001 From: Max Filippov Date: Sun, 21 Jun 2020 22:26:50 -0700 Subject: [PATCH 4/4] target/xtensa: drop gen_io_end call Since commit ba3e7926691e ("icount: clean up cpu_can_io at the entry to the block") it has been unnecessary for target code to call gen_io_end() after an IO instruction in icount mode; it is sufficient to call gen_io_start() before it and to force the end of the TB. Remaining call in xtensa target translator is for the opcodes that may change IRQ state. All of them end current TB, so gen_io_end is not needed. Drop gen_io_end call from the xtensa target translator. Signed-off-by: Max Filippov Reviewed-by: Peter Maydell --- target/xtensa/translate.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c index 4bc15252c8..6346b2eef0 100644 --- a/target/xtensa/translate.c +++ b/target/xtensa/translate.c @@ -595,9 +595,6 @@ static int gen_postprocess(DisasContext *dc, int slot) gen_io_start(); } gen_helper_check_interrupts(cpu_env); - if (tb_cflags(dc->base.tb) & CF_USE_ICOUNT) { - gen_io_end(); - } } #endif if (op_flags & XTENSA_OP_SYNC_REGISTER_WINDOW) {