[Qemu-devel] [PATCH v2 00/10] target-ppc: emulate Power ISA 2.05 instructions

[Qemu-devel] [PATCH v2 00/10] target-ppc: emulate Power ISA 2.05 instructions

[Aurelien Jarno]

qemu-system-ppc64 -M pseries clamis to emulate a POWER7 CPU,
corresponding to an ISA 2.06 compliant CPU, while QEMU emulates
something like an ISA 2.04 CPU.

Given that glibc and GCC start to use some instructions like cmpb and
fcpsgn, this starts to be problematic.

This patches series improves the PPC emulation by bringing it to an
ISA 2.05 CPU (if we except DFP and VSX), at least from the
non-privledged point of view.

Changes v1 -> v2:
- Use (1ULL << 63) instead of (1LL << 63) to access the bit sign
- Improve description of load/store doubleword pair instructions

Aurelien Jarno (10):
  target-ppc: optimize fabs, fnabs, fneg
  disas: Disassemble all ppc insns for the guest
  target-ppc: add instruction flags for Book I 2.05
  target-ppc: emulate cmpb instruction
  target-ppc: emulate prtyw and prtyd instructions
  target-ppc: emulate fcpsgn instruction
  target-ppc: emulate lfiwax instruction
  target-ppc: emulate load doubleword pair instructions
  target-ppc: emulate store doubleword pair instructions
  target-ppc: add support for extended mtfsf/mtfsfi forms

 disas.c                     |    1 +
 target-ppc/cpu.h            |    4 +-
 target-ppc/fpu_helper.c     |   48 ++------
 target-ppc/helper.h         |    4 +-
 target-ppc/int_helper.c     |   15 +++
 target-ppc/translate.c      |  260 +++++++++++++++++++++++++++++++++++++++----
 target-ppc/translate_init.c |    2 +-
 7 files changed, 268 insertions(+), 66 deletions(-)

-- 
1.7.10.4

[Qemu-devel] [PATCH v2 01/10] target-ppc: optimize fabs, fnabs, fneg

[Aurelien Jarno]

fabs, fnabs and fneg are just flipping the bit sign of an FP register,
this can be implemented in TCG instead of using softfloat.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/fpu_helper.c |   31 -------------------------------
 target-ppc/helper.h     |    3 ---
 target-ppc/translate.c  |   40 ++++++++++++++++++++++++++++++++++------
 3 files changed, 34 insertions(+), 40 deletions(-)

diff --git a/target-ppc/fpu_helper.c b/target-ppc/fpu_helper.c
index 9e779ea..2f0db4e 100644
--- a/target-ppc/fpu_helper.c
+++ b/target-ppc/fpu_helper.c
@@ -595,37 +595,6 @@ uint64_t helper_fdiv(CPUPPCState *env, uint64_t arg1, uint64_t arg2)
     return farg1.ll;
 }
 
-/* fabs */
-uint64_t helper_fabs(CPUPPCState *env, uint64_t arg)
-{
-    CPU_DoubleU farg;
-
-    farg.ll = arg;
-    farg.d = float64_abs(farg.d);
-    return farg.ll;
-}
-
-/* fnabs */
-uint64_t helper_fnabs(CPUPPCState *env, uint64_t arg)
-{
-    CPU_DoubleU farg;
-
-    farg.ll = arg;
-    farg.d = float64_abs(farg.d);
-    farg.d = float64_chs(farg.d);
-    return farg.ll;
-}
-
-/* fneg */
-uint64_t helper_fneg(CPUPPCState *env, uint64_t arg)
-{
-    CPU_DoubleU farg;
-
-    farg.ll = arg;
-    farg.d = float64_chs(farg.d);
-    return farg.ll;
-}
-
 /* fctiw - fctiw. */
 uint64_t helper_fctiw(CPUPPCState *env, uint64_t arg)
 {
diff --git a/target-ppc/helper.h b/target-ppc/helper.h
index d33ee66..07397b2 100644
--- a/target-ppc/helper.h
+++ b/target-ppc/helper.h
@@ -80,9 +80,6 @@ DEF_HELPER_4(fmadd, i64, env, i64, i64, i64)
 DEF_HELPER_4(fmsub, i64, env, i64, i64, i64)
 DEF_HELPER_4(fnmadd, i64, env, i64, i64, i64)
 DEF_HELPER_4(fnmsub, i64, env, i64, i64, i64)
-DEF_HELPER_2(fabs, i64, env, i64)
-DEF_HELPER_2(fnabs, i64, env, i64)
-DEF_HELPER_2(fneg, i64, env, i64)
 DEF_HELPER_2(fsqrt, i64, env, i64)
 DEF_HELPER_2(fre, i64, env, i64)
 DEF_HELPER_2(fres, i64, env, i64)
diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 5e741d1..2ceb02f 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -2161,7 +2161,16 @@ static void gen_fcmpu(DisasContext *ctx)
 /***                         Floating-point move                           ***/
 /* fabs */
 /* XXX: beware that fabs never checks for NaNs nor update FPSCR */
-GEN_FLOAT_B(abs, 0x08, 0x08, 0, PPC_FLOAT);
+static void gen_fabs(DisasContext *ctx)
+{
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    tcg_gen_andi_i64(cpu_fpr[rD(ctx->opcode)], cpu_fpr[rB(ctx->opcode)],
+                     ~(1ULL << 63));
+    gen_compute_fprf(cpu_fpr[rD(ctx->opcode)], 0, Rc(ctx->opcode) != 0);
+}
 
 /* fmr  - fmr. */
 /* XXX: beware that fmr never checks for NaNs nor update FPSCR */
@@ -2177,10 +2186,29 @@ static void gen_fmr(DisasContext *ctx)
 
 /* fnabs */
 /* XXX: beware that fnabs never checks for NaNs nor update FPSCR */
-GEN_FLOAT_B(nabs, 0x08, 0x04, 0, PPC_FLOAT);
+static void gen_fnabs(DisasContext *ctx)
+{
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    tcg_gen_ori_i64(cpu_fpr[rD(ctx->opcode)], cpu_fpr[rB(ctx->opcode)],
+                    1ULL << 63);
+    gen_compute_fprf(cpu_fpr[rD(ctx->opcode)], 0, Rc(ctx->opcode) != 0);
+}
+
 /* fneg */
 /* XXX: beware that fneg never checks for NaNs nor update FPSCR */
-GEN_FLOAT_B(neg, 0x08, 0x01, 0, PPC_FLOAT);
+static void gen_fneg(DisasContext *ctx)
+{
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    tcg_gen_xori_i64(cpu_fpr[rD(ctx->opcode)], cpu_fpr[rB(ctx->opcode)],
+                     1ULL << 63);
+    gen_compute_fprf(cpu_fpr[rD(ctx->opcode)], 0, Rc(ctx->opcode) != 0);
+}
 
 /***                  Floating-Point status & ctrl register                ***/
 
@@ -8476,7 +8504,10 @@ GEN_HANDLER(fsqrt, 0x3F, 0x16, 0xFF, 0x001F07C0, PPC_FLOAT_FSQRT),
 GEN_HANDLER(fsqrts, 0x3B, 0x16, 0xFF, 0x001F07C0, PPC_FLOAT_FSQRT),
 GEN_HANDLER(fcmpo, 0x3F, 0x00, 0x01, 0x00600001, PPC_FLOAT),
 GEN_HANDLER(fcmpu, 0x3F, 0x00, 0x00, 0x00600001, PPC_FLOAT),
+GEN_HANDLER(fabs, 0x3F, 0x08, 0x08, 0x001F0000, PPC_FLOAT),
 GEN_HANDLER(fmr, 0x3F, 0x08, 0x02, 0x001F0000, PPC_FLOAT),
+GEN_HANDLER(fnabs, 0x3F, 0x08, 0x04, 0x001F0000, PPC_FLOAT),
+GEN_HANDLER(fneg, 0x3F, 0x08, 0x01, 0x001F0000, PPC_FLOAT),
 GEN_HANDLER(mcrfs, 0x3F, 0x00, 0x02, 0x0063F801, PPC_FLOAT),
 GEN_HANDLER(mffs, 0x3F, 0x07, 0x12, 0x001FF800, PPC_FLOAT),
 GEN_HANDLER(mtfsb0, 0x3F, 0x06, 0x02, 0x001FF800, PPC_FLOAT),
@@ -8833,9 +8864,6 @@ GEN_FLOAT_B(rin, 0x08, 0x0C, 1, PPC_FLOAT_EXT),
 GEN_FLOAT_B(riz, 0x08, 0x0D, 1, PPC_FLOAT_EXT),
 GEN_FLOAT_B(rip, 0x08, 0x0E, 1, PPC_FLOAT_EXT),
 GEN_FLOAT_B(rim, 0x08, 0x0F, 1, PPC_FLOAT_EXT),
-GEN_FLOAT_B(abs, 0x08, 0x08, 0, PPC_FLOAT),
-GEN_FLOAT_B(nabs, 0x08, 0x04, 0, PPC_FLOAT),
-GEN_FLOAT_B(neg, 0x08, 0x01, 0, PPC_FLOAT),
 
 #undef GEN_LD
 #undef GEN_LDU
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 02/10] disas: Disassemble all ppc insns for the guest

[Aurelien Jarno]

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 disas.c |    1 +
 1 file changed, 1 insertion(+)

diff --git a/disas.c b/disas.c
index 67103e0..e51127e 100644
--- a/disas.c
+++ b/disas.c
@@ -227,6 +227,7 @@ void target_disas(FILE *out, CPUArchState *env, target_ulong code,
         s.info.mach = bfd_mach_ppc;
 #endif
     }
+    s.info.disassembler_options = (char *)"any";
     print_insn = print_insn_ppc;
 #elif defined(TARGET_M68K)
     print_insn = print_insn_m68k;
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 03/10] target-ppc: add instruction flags for Book I 2.05

[Aurelien Jarno]

.. and enable it on POWER7 CPU.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/cpu.h            |    4 +++-
 target-ppc/translate_init.c |    2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/target-ppc/cpu.h b/target-ppc/cpu.h
index 42c36e2..8b0b651 100644
--- a/target-ppc/cpu.h
+++ b/target-ppc/cpu.h
@@ -1870,8 +1870,10 @@ enum {
     PPC2_PRCNTL        = 0x0000000000000008ULL,
     /* Byte-reversed, indexed, double-word load and store                    */
     PPC2_DBRX          = 0x0000000000000010ULL,
+    /* Book I 2.05 PowerPC specification                                     */
+    PPC2_ISA205        = 0x0000000000000020ULL,
 
-#define PPC_TCG_INSNS2 (PPC2_BOOKE206 | PPC2_PRCNTL | PPC2_DBRX)
+#define PPC_TCG_INSNS2 (PPC2_BOOKE206 | PPC2_PRCNTL | PPC2_DBRX | PPC2_ISA205)
 };
 
 /*****************************************************************************/
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 781170f..14f6599 100644
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -7014,7 +7014,7 @@ POWERPC_FAMILY(POWER7)(ObjectClass *oc, void *data)
                        PPC_64B | PPC_ALTIVEC |
                        PPC_SEGMENT_64B | PPC_SLBI |
                        PPC_POPCNTB | PPC_POPCNTWD;
-    pcc->insns_flags2 = PPC2_VSX | PPC2_DFP | PPC2_DBRX;
+    pcc->insns_flags2 = PPC2_VSX | PPC2_DFP | PPC2_DBRX | PPC2_ISA205;
     pcc->msr_mask = 0x800000000204FF36ULL;
     pcc->mmu_model = POWERPC_MMU_2_06;
 #if defined(CONFIG_SOFTMMU)
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 04/10] target-ppc: emulate cmpb instruction

[Aurelien Jarno]

Needed for Power ISA version 2.05 compliance.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/helper.h     |    1 +
 target-ppc/int_helper.c |   15 +++++++++++++++
 target-ppc/translate.c  |    8 ++++++++
 3 files changed, 24 insertions(+)

diff --git a/target-ppc/helper.h b/target-ppc/helper.h
index 07397b2..56814b5 100644
--- a/target-ppc/helper.h
+++ b/target-ppc/helper.h
@@ -36,6 +36,7 @@ DEF_HELPER_3(mulldo, i64, env, i64, i64)
 DEF_HELPER_FLAGS_1(cntlzw, TCG_CALL_NO_RWG_SE, tl, tl)
 DEF_HELPER_FLAGS_1(popcntb, TCG_CALL_NO_RWG_SE, tl, tl)
 DEF_HELPER_FLAGS_1(popcntw, TCG_CALL_NO_RWG_SE, tl, tl)
+DEF_HELPER_FLAGS_2(cmpb, TCG_CALL_NO_RWG_SE, tl, tl, tl)
 DEF_HELPER_3(sraw, tl, env, tl, tl)
 #if defined(TARGET_PPC64)
 DEF_HELPER_FLAGS_1(cntlzd, TCG_CALL_NO_RWG_SE, tl, tl)
diff --git a/target-ppc/int_helper.c b/target-ppc/int_helper.c
index 54eca9b..e50bdd2 100644
--- a/target-ppc/int_helper.c
+++ b/target-ppc/int_helper.c
@@ -53,6 +53,21 @@ target_ulong helper_cntlzd(target_ulong t)
 }
 #endif
 
+target_ulong helper_cmpb(target_ulong rs, target_ulong rb)
+{
+    target_ulong mask = 0xff;
+    target_ulong ra = 0;
+    int i;
+
+    for (i = 0; i < sizeof(target_ulong); i++) {
+        if ((rs & mask) == (rb & mask)) {
+            ra |= mask;
+        }
+        mask <<= 8;
+    }
+    return ra;
+}
+
 /* shift right arithmetic helper */
 target_ulong helper_sraw(CPUPPCState *env, target_ulong value,
                          target_ulong shift)
diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 2ceb02f..6bee6db 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -739,6 +739,13 @@ static void gen_isel(DisasContext *ctx)
     tcg_temp_free_i32(t0);
 }
 
+/* cmpb: PowerPC 2.05 specification */
+static void gen_cmpb(DisasContext *ctx)
+{
+    gen_helper_cmpb(cpu_gpr[rA(ctx->opcode)], cpu_gpr[rS(ctx->opcode)],
+                    cpu_gpr[rB(ctx->opcode)]);
+}
+
 /***                           Integer arithmetic                          ***/
 
 static inline void gen_op_arith_compute_ov(DisasContext *ctx, TCGv arg0,
@@ -8454,6 +8461,7 @@ GEN_HANDLER(cmp, 0x1F, 0x00, 0x00, 0x00400000, PPC_INTEGER),
 GEN_HANDLER(cmpi, 0x0B, 0xFF, 0xFF, 0x00400000, PPC_INTEGER),
 GEN_HANDLER(cmpl, 0x1F, 0x00, 0x01, 0x00400000, PPC_INTEGER),
 GEN_HANDLER(cmpli, 0x0A, 0xFF, 0xFF, 0x00400000, PPC_INTEGER),
+GEN_HANDLER_E(cmpb, 0x1F, 0x1C, 0x0F, 0x00000001, PPC_NONE, PPC2_ISA205),
 GEN_HANDLER(isel, 0x1F, 0x0F, 0xFF, 0x00000001, PPC_ISEL),
 GEN_HANDLER(addi, 0x0E, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
 GEN_HANDLER(addic, 0x0C, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 05/10] target-ppc: emulate prtyw and prtyd instructions

[Aurelien Jarno]

Needed for Power ISA version 2.05 compliance.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/translate.c |   38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 6bee6db..977f9ef 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -1458,6 +1458,42 @@ static void gen_popcntd(DisasContext *ctx)
 }
 #endif
 
+/* prtyw: PowerPC 2.05 specification */
+static void gen_prtyw(DisasContext *ctx)
+{
+    TCGv ra = cpu_gpr[rA(ctx->opcode)];
+    TCGv rs = cpu_gpr[rS(ctx->opcode)];
+    TCGv t0 = tcg_temp_new();
+    tcg_gen_shri_tl(t0, rs, 16);
+    tcg_gen_xor_tl(ra, rs, t0);
+    tcg_gen_shri_tl(t0, ra, 8);
+    tcg_gen_xor_tl(ra, ra, t0);
+#if defined(TARGET_PPC64)
+    tcg_gen_andi_tl(ra, ra, 0x100000001);
+#else
+    tcg_gen_andi_tl(ra, ra, 1);
+#endif
+    tcg_temp_free(t0);
+}
+
+#if defined(TARGET_PPC64)
+/* prtyd: PowerPC 2.05 specification */
+static void gen_prtyd(DisasContext *ctx)
+{
+    TCGv ra = cpu_gpr[rA(ctx->opcode)];
+    TCGv rs = cpu_gpr[rS(ctx->opcode)];
+    TCGv t0 = tcg_temp_new();
+    tcg_gen_shri_tl(t0, rs, 32);
+    tcg_gen_xor_tl(ra, rs, t0);
+    tcg_gen_shri_tl(t0, ra, 16);
+    tcg_gen_xor_tl(ra, ra, t0);
+    tcg_gen_shri_tl(t0, ra, 8);
+    tcg_gen_xor_tl(ra, ra, t0);
+    tcg_gen_andi_tl(ra, ra, 1);
+    tcg_temp_free(t0);
+}
+#endif
+
 #if defined(TARGET_PPC64)
 /* extsw & extsw. */
 GEN_LOGICAL1(extsw, tcg_gen_ext32s_tl, 0x1E, PPC_64B);
@@ -8489,9 +8525,11 @@ GEN_HANDLER(xori, 0x1A, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
 GEN_HANDLER(xoris, 0x1B, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
 GEN_HANDLER(popcntb, 0x1F, 0x03, 0x03, 0x0000F801, PPC_POPCNTB),
 GEN_HANDLER(popcntw, 0x1F, 0x1A, 0x0b, 0x0000F801, PPC_POPCNTWD),
+GEN_HANDLER_E(prtyw, 0x1F, 0x1A, 0x04, 0x0000F801, PPC_NONE, PPC2_ISA205),
 #if defined(TARGET_PPC64)
 GEN_HANDLER(popcntd, 0x1F, 0x1A, 0x0F, 0x0000F801, PPC_POPCNTWD),
 GEN_HANDLER(cntlzd, 0x1F, 0x1A, 0x01, 0x00000000, PPC_64B),
+GEN_HANDLER_E(prtyd, 0x1F, 0x1A, 0x05, 0x0000F801, PPC_NONE, PPC2_ISA205),
 #endif
 GEN_HANDLER(rlwimi, 0x14, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
 GEN_HANDLER(rlwinm, 0x15, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH v2 05/10] target-ppc: emulate prtyw and prtyd instructions

[Alexander Graf]

On 20.04.2013, at 20:56, Aurelien Jarno wrote:

> Needed for Power ISA version 2.05 compliance.
> 
> Reviewed-by: Richard Henderson <rth@twiddle.net>
> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
> ---
> target-ppc/translate.c |   38 ++++++++++++++++++++++++++++++++++++++
> 1 file changed, 38 insertions(+)
> 
> diff --git a/target-ppc/translate.c b/target-ppc/translate.c
> index 6bee6db..977f9ef 100644
> --- a/target-ppc/translate.c
> +++ b/target-ppc/translate.c
> @@ -1458,6 +1458,42 @@ static void gen_popcntd(DisasContext *ctx)
> }
> #endif
> 
> +/* prtyw: PowerPC 2.05 specification */
> +static void gen_prtyw(DisasContext *ctx)
> +{
> +    TCGv ra = cpu_gpr[rA(ctx->opcode)];
> +    TCGv rs = cpu_gpr[rS(ctx->opcode)];
> +    TCGv t0 = tcg_temp_new();
> +    tcg_gen_shri_tl(t0, rs, 16);
> +    tcg_gen_xor_tl(ra, rs, t0);
> +    tcg_gen_shri_tl(t0, ra, 8);
> +    tcg_gen_xor_tl(ra, ra, t0);
> +#if defined(TARGET_PPC64)
> +    tcg_gen_andi_tl(ra, ra, 0x100000001);

This will break on 32-bit host systems. Let me fix it to ULL for you :). In fact, any reason for the #ifdef here? We could just always pass 0x100000001ULL and have the target_ulong cast take the upper 32bit away, no?


Alex

> +#else
> +    tcg_gen_andi_tl(ra, ra, 1);
> +#endif
> +    tcg_temp_free(t0);
> +}
> +
> +#if defined(TARGET_PPC64)
> +/* prtyd: PowerPC 2.05 specification */
> +static void gen_prtyd(DisasContext *ctx)
> +{
> +    TCGv ra = cpu_gpr[rA(ctx->opcode)];
> +    TCGv rs = cpu_gpr[rS(ctx->opcode)];
> +    TCGv t0 = tcg_temp_new();
> +    tcg_gen_shri_tl(t0, rs, 32);
> +    tcg_gen_xor_tl(ra, rs, t0);
> +    tcg_gen_shri_tl(t0, ra, 16);
> +    tcg_gen_xor_tl(ra, ra, t0);
> +    tcg_gen_shri_tl(t0, ra, 8);
> +    tcg_gen_xor_tl(ra, ra, t0);
> +    tcg_gen_andi_tl(ra, ra, 1);
> +    tcg_temp_free(t0);
> +}
> +#endif
> +
> #if defined(TARGET_PPC64)
> /* extsw & extsw. */
> GEN_LOGICAL1(extsw, tcg_gen_ext32s_tl, 0x1E, PPC_64B);
> @@ -8489,9 +8525,11 @@ GEN_HANDLER(xori, 0x1A, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
> GEN_HANDLER(xoris, 0x1B, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
> GEN_HANDLER(popcntb, 0x1F, 0x03, 0x03, 0x0000F801, PPC_POPCNTB),
> GEN_HANDLER(popcntw, 0x1F, 0x1A, 0x0b, 0x0000F801, PPC_POPCNTWD),
> +GEN_HANDLER_E(prtyw, 0x1F, 0x1A, 0x04, 0x0000F801, PPC_NONE, PPC2_ISA205),
> #if defined(TARGET_PPC64)
> GEN_HANDLER(popcntd, 0x1F, 0x1A, 0x0F, 0x0000F801, PPC_POPCNTWD),
> GEN_HANDLER(cntlzd, 0x1F, 0x1A, 0x01, 0x00000000, PPC_64B),
> +GEN_HANDLER_E(prtyd, 0x1F, 0x1A, 0x05, 0x0000F801, PPC_NONE, PPC2_ISA205),
> #endif
> GEN_HANDLER(rlwimi, 0x14, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
> GEN_HANDLER(rlwinm, 0x15, 0xFF, 0xFF, 0x00000000, PPC_INTEGER),
> -- 
> 1.7.10.4
> 

Re: [Qemu-devel] [PATCH v2 05/10] target-ppc: emulate prtyw and prtyd instructions

[Aurelien Jarno]

On Fri, Apr 26, 2013 at 09:50:31AM +0200, Alexander Graf wrote:
> 
> On 20.04.2013, at 20:56, Aurelien Jarno wrote:
> 
> > Needed for Power ISA version 2.05 compliance.
> > 
> > Reviewed-by: Richard Henderson <rth@twiddle.net>
> > Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
> > ---
> > target-ppc/translate.c |   38 ++++++++++++++++++++++++++++++++++++++
> > 1 file changed, 38 insertions(+)
> > 
> > diff --git a/target-ppc/translate.c b/target-ppc/translate.c
> > index 6bee6db..977f9ef 100644
> > --- a/target-ppc/translate.c
> > +++ b/target-ppc/translate.c
> > @@ -1458,6 +1458,42 @@ static void gen_popcntd(DisasContext *ctx)
> > }
> > #endif
> > 
> > +/* prtyw: PowerPC 2.05 specification */
> > +static void gen_prtyw(DisasContext *ctx)
> > +{
> > +    TCGv ra = cpu_gpr[rA(ctx->opcode)];
> > +    TCGv rs = cpu_gpr[rS(ctx->opcode)];
> > +    TCGv t0 = tcg_temp_new();
> > +    tcg_gen_shri_tl(t0, rs, 16);
> > +    tcg_gen_xor_tl(ra, rs, t0);
> > +    tcg_gen_shri_tl(t0, ra, 8);
> > +    tcg_gen_xor_tl(ra, ra, t0);
> > +#if defined(TARGET_PPC64)
> > +    tcg_gen_andi_tl(ra, ra, 0x100000001);
> 
> This will break on 32-bit host systems. Let me fix it to ULL for you :). In fact, any reason for the #ifdef here? We could just always pass 0x100000001ULL and have the target_ulong cast take the upper 32bit away, no?

Good catch. The #ifdef version matches the instruction definition in the
manual, but for QEMU I agree a version using a cast with target_ulong
looks better. Should I send a new patch?

Aurélien

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

Re: [Qemu-devel] [PATCH v2 05/10] target-ppc: emulate prtyw and prtyd instructions

[Alexander Graf]

On 26.04.2013, at 11:38, Aurelien Jarno wrote:

> On Fri, Apr 26, 2013 at 09:50:31AM +0200, Alexander Graf wrote:
>> 
>> On 20.04.2013, at 20:56, Aurelien Jarno wrote:
>> 
>>> Needed for Power ISA version 2.05 compliance.
>>> 
>>> Reviewed-by: Richard Henderson <rth@twiddle.net>
>>> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
>>> ---
>>> target-ppc/translate.c |   38 ++++++++++++++++++++++++++++++++++++++
>>> 1 file changed, 38 insertions(+)
>>> 
>>> diff --git a/target-ppc/translate.c b/target-ppc/translate.c
>>> index 6bee6db..977f9ef 100644
>>> --- a/target-ppc/translate.c
>>> +++ b/target-ppc/translate.c
>>> @@ -1458,6 +1458,42 @@ static void gen_popcntd(DisasContext *ctx)
>>> }
>>> #endif
>>> 
>>> +/* prtyw: PowerPC 2.05 specification */
>>> +static void gen_prtyw(DisasContext *ctx)
>>> +{
>>> +    TCGv ra = cpu_gpr[rA(ctx->opcode)];
>>> +    TCGv rs = cpu_gpr[rS(ctx->opcode)];
>>> +    TCGv t0 = tcg_temp_new();
>>> +    tcg_gen_shri_tl(t0, rs, 16);
>>> +    tcg_gen_xor_tl(ra, rs, t0);
>>> +    tcg_gen_shri_tl(t0, ra, 8);
>>> +    tcg_gen_xor_tl(ra, ra, t0);
>>> +#if defined(TARGET_PPC64)
>>> +    tcg_gen_andi_tl(ra, ra, 0x100000001);
>> 
>> This will break on 32-bit host systems. Let me fix it to ULL for you :). In fact, any reason for the #ifdef here? We could just always pass 0x100000001ULL and have the target_ulong cast take the upper 32bit away, no?
> 
> Good catch. The #ifdef version matches the instruction definition in the
> manual, but for QEMU I agree a version using a cast with target_ulong
> looks better. Should I send a new patch?

I already fixed it up while applying the patch, thanks :)


Alex

Re: [Qemu-devel] [PATCH v2 05/10] target-ppc: emulate prtyw and prtyd instructions

[Aurelien Jarno]

On Fri, Apr 26, 2013 at 11:53:49AM +0200, Alexander Graf wrote:
> 
> On 26.04.2013, at 11:38, Aurelien Jarno wrote:
> 
> > On Fri, Apr 26, 2013 at 09:50:31AM +0200, Alexander Graf wrote:
> >> 
> >> On 20.04.2013, at 20:56, Aurelien Jarno wrote:
> >> 
> >>> Needed for Power ISA version 2.05 compliance.
> >>> 
> >>> Reviewed-by: Richard Henderson <rth@twiddle.net>
> >>> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
> >>> ---
> >>> target-ppc/translate.c |   38 ++++++++++++++++++++++++++++++++++++++
> >>> 1 file changed, 38 insertions(+)
> >>> 
> >>> diff --git a/target-ppc/translate.c b/target-ppc/translate.c
> >>> index 6bee6db..977f9ef 100644
> >>> --- a/target-ppc/translate.c
> >>> +++ b/target-ppc/translate.c
> >>> @@ -1458,6 +1458,42 @@ static void gen_popcntd(DisasContext *ctx)
> >>> }
> >>> #endif
> >>> 
> >>> +/* prtyw: PowerPC 2.05 specification */
> >>> +static void gen_prtyw(DisasContext *ctx)
> >>> +{
> >>> +    TCGv ra = cpu_gpr[rA(ctx->opcode)];
> >>> +    TCGv rs = cpu_gpr[rS(ctx->opcode)];
> >>> +    TCGv t0 = tcg_temp_new();
> >>> +    tcg_gen_shri_tl(t0, rs, 16);
> >>> +    tcg_gen_xor_tl(ra, rs, t0);
> >>> +    tcg_gen_shri_tl(t0, ra, 8);
> >>> +    tcg_gen_xor_tl(ra, ra, t0);
> >>> +#if defined(TARGET_PPC64)
> >>> +    tcg_gen_andi_tl(ra, ra, 0x100000001);
> >> 
> >> This will break on 32-bit host systems. Let me fix it to ULL for you :). In fact, any reason for the #ifdef here? We could just always pass 0x100000001ULL and have the target_ulong cast take the upper 32bit away, no?
> > 
> > Good catch. The #ifdef version matches the instruction definition in the
> > manual, but for QEMU I agree a version using a cast with target_ulong
> > looks better. Should I send a new patch?
> 
> I already fixed it up while applying the patch, thanks :)

Ok, thanks.
-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

[Qemu-devel] [PATCH v2 06/10] target-ppc: emulate fcpsgn instruction

[Aurelien Jarno]

Needed for Power ISA version 2.05 compliance.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/translate.c |   14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 977f9ef..4b1896f 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -2253,6 +2253,19 @@ static void gen_fneg(DisasContext *ctx)
     gen_compute_fprf(cpu_fpr[rD(ctx->opcode)], 0, Rc(ctx->opcode) != 0);
 }
 
+/* fcpsgn: PowerPC 2.05 specification */
+/* XXX: beware that fcpsgn never checks for NaNs nor update FPSCR */
+static void gen_fcpsgn(DisasContext *ctx)
+{
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    tcg_gen_deposit_i64(cpu_fpr[rD(ctx->opcode)], cpu_fpr[rA(ctx->opcode)],
+                        cpu_fpr[rB(ctx->opcode)], 0, 63);
+    gen_compute_fprf(cpu_fpr[rD(ctx->opcode)], 0, Rc(ctx->opcode) != 0);
+}
+
 /***                  Floating-Point status & ctrl register                ***/
 
 /* mcrfs */
@@ -8554,6 +8567,7 @@ GEN_HANDLER(fabs, 0x3F, 0x08, 0x08, 0x001F0000, PPC_FLOAT),
 GEN_HANDLER(fmr, 0x3F, 0x08, 0x02, 0x001F0000, PPC_FLOAT),
 GEN_HANDLER(fnabs, 0x3F, 0x08, 0x04, 0x001F0000, PPC_FLOAT),
 GEN_HANDLER(fneg, 0x3F, 0x08, 0x01, 0x001F0000, PPC_FLOAT),
+GEN_HANDLER_E(fcpsgn, 0x3F, 0x08, 0x00, 0x00000000, PPC_NONE, PPC2_ISA205),
 GEN_HANDLER(mcrfs, 0x3F, 0x00, 0x02, 0x0063F801, PPC_FLOAT),
 GEN_HANDLER(mffs, 0x3F, 0x07, 0x12, 0x001FF800, PPC_FLOAT),
 GEN_HANDLER(mtfsb0, 0x3F, 0x06, 0x02, 0x001FF800, PPC_FLOAT),
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 07/10] target-ppc: emulate lfiwax instruction

[Aurelien Jarno]

Needed for Power ISA version 2.05 compliance.

Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/translate.c |   18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 4b1896f..8298e1f 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -2526,7 +2526,6 @@ static inline void gen_qemu_ld32u(DisasContext *ctx, TCGv arg1, TCGv arg2)
     }
 }
 
-#if defined(TARGET_PPC64)
 static inline void gen_qemu_ld32s(DisasContext *ctx, TCGv arg1, TCGv arg2)
 {
     if (unlikely(ctx->le_mode)) {
@@ -2536,7 +2535,6 @@ static inline void gen_qemu_ld32s(DisasContext *ctx, TCGv arg1, TCGv arg2)
     } else
         tcg_gen_qemu_ld32s(arg1, arg2, ctx->mem_idx);
 }
-#endif
 
 static inline void gen_qemu_ld64(DisasContext *ctx, TCGv_i64 arg1, TCGv arg2)
 {
@@ -3295,6 +3293,21 @@ GEN_LDFS(lfd, ld64, 0x12, PPC_FLOAT);
  /* lfs lfsu lfsux lfsx */
 GEN_LDFS(lfs, ld32fs, 0x10, PPC_FLOAT);
 
+/* lfiwax */
+static void gen_lfiwax(DisasContext *ctx)
+{
+    TCGv EA;
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    gen_set_access_type(ctx, ACCESS_FLOAT);
+    EA = tcg_temp_new();
+    gen_addr_reg_index(ctx, EA);
+    gen_qemu_ld32s(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+    tcg_temp_free(EA);
+}
+
 /***                         Floating-point store                          ***/
 #define GEN_STF(name, stop, opc, type)                                        \
 static void glue(gen_, name)(DisasContext *ctx)                                       \
@@ -9009,6 +9022,7 @@ GEN_LDXF(name, ldop, 0x17, op | 0x00, type)
 
 GEN_LDFS(lfd, ld64, 0x12, PPC_FLOAT)
 GEN_LDFS(lfs, ld32fs, 0x10, PPC_FLOAT)
+GEN_HANDLER_E(lfiwax, 0x1f, 0x17, 0x1a, 0x00000001, PPC_NONE, PPC2_ISA205),
 
 #undef GEN_STF
 #undef GEN_STUF
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 08/10] target-ppc: emulate load doubleword pair instructions

[Aurelien Jarno]

Needed for Power ISA version 2.05 compliance. The check for odd register
pairs is done using the invalid bits.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/translate.c |   48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 8298e1f..690fb45 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -3293,6 +3293,52 @@ GEN_LDFS(lfd, ld64, 0x12, PPC_FLOAT);
  /* lfs lfsu lfsux lfsx */
 GEN_LDFS(lfs, ld32fs, 0x10, PPC_FLOAT);
 
+/* lfdp */
+static void gen_lfdp(DisasContext *ctx)
+{
+    TCGv EA;
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    gen_set_access_type(ctx, ACCESS_FLOAT);
+    EA = tcg_temp_new();
+    gen_addr_imm_index(ctx, EA, 0);                                           \
+    if (unlikely(ctx->le_mode)) {
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+    } else {
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+    }
+    tcg_temp_free(EA);
+}
+
+/* lfdpx */
+static void gen_lfdpx(DisasContext *ctx)
+{
+    TCGv EA;
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    gen_set_access_type(ctx, ACCESS_FLOAT);
+    EA = tcg_temp_new();
+    gen_addr_reg_index(ctx, EA);
+    if (unlikely(ctx->le_mode)) {
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+    } else {
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_ld64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+    }
+    tcg_temp_free(EA);
+}
+
 /* lfiwax */
 static void gen_lfiwax(DisasContext *ctx)
 {
@@ -9023,6 +9069,8 @@ GEN_LDXF(name, ldop, 0x17, op | 0x00, type)
 GEN_LDFS(lfd, ld64, 0x12, PPC_FLOAT)
 GEN_LDFS(lfs, ld32fs, 0x10, PPC_FLOAT)
 GEN_HANDLER_E(lfiwax, 0x1f, 0x17, 0x1a, 0x00000001, PPC_NONE, PPC2_ISA205),
+GEN_HANDLER_E(lfdp, 0x39, 0xFF, 0xFF, 0x00200003, PPC_NONE, PPC2_ISA205),
+GEN_HANDLER_E(lfdpx, 0x1F, 0x17, 0x18, 0x00200001, PPC_NONE, PPC2_ISA205),
 
 #undef GEN_STF
 #undef GEN_STUF
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 09/10] target-ppc: emulate store doubleword pair instructions

[Aurelien Jarno]

Needed for Power ISA version 2.05 compliance. The check for odd register
pairs is done using the invalid bits.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/translate.c |   48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 690fb45..81c23fa 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -3447,6 +3447,52 @@ GEN_STFS(stfd, st64, 0x16, PPC_FLOAT);
 /* stfs stfsu stfsux stfsx */
 GEN_STFS(stfs, st32fs, 0x14, PPC_FLOAT);
 
+/* stfdp */
+static void gen_stfdp(DisasContext *ctx)
+{
+    TCGv EA;
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    gen_set_access_type(ctx, ACCESS_FLOAT);
+    EA = tcg_temp_new();
+    gen_addr_imm_index(ctx, EA, 0);                                           \
+    if (unlikely(ctx->le_mode)) {
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+    } else {
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+    }
+    tcg_temp_free(EA);
+}
+
+/* stfdpx */
+static void gen_stfdpx(DisasContext *ctx)
+{
+    TCGv EA;
+    if (unlikely(!ctx->fpu_enabled)) {
+        gen_exception(ctx, POWERPC_EXCP_FPU);
+        return;
+    }
+    gen_set_access_type(ctx, ACCESS_FLOAT);
+    EA = tcg_temp_new();
+    gen_addr_reg_index(ctx, EA);
+    if (unlikely(ctx->le_mode)) {
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+    } else {
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode)], EA);
+        tcg_gen_addi_tl(EA, EA, 8);
+        gen_qemu_st64(ctx, cpu_fpr[rD(ctx->opcode) + 1], EA);
+    }
+    tcg_temp_free(EA);
+}
+
 /* Optional: */
 static inline void gen_qemu_st32fiw(DisasContext *ctx, TCGv_i64 arg1, TCGv arg2)
 {
@@ -9094,6 +9140,8 @@ GEN_STXF(name, stop, 0x17, op | 0x00, type)
 GEN_STFS(stfd, st64, 0x16, PPC_FLOAT)
 GEN_STFS(stfs, st32fs, 0x14, PPC_FLOAT)
 GEN_STXF(stfiw, st32fiw, 0x17, 0x1E, PPC_FLOAT_STFIWX)
+GEN_HANDLER_E(stfdp, 0x3D, 0xFF, 0xFF, 0x00200003, PPC_NONE, PPC2_ISA205),
+GEN_HANDLER_E(stfdpx, 0x1F, 0x17, 0x1C, 0x00200001, PPC_NONE, PPC2_ISA205),
 
 #undef GEN_CRLOGIC
 #define GEN_CRLOGIC(name, tcg_op, opc)                                        \
-- 
1.7.10.4

[Qemu-devel] [PATCH v2 10/10] target-ppc: add support for extended mtfsf/mtfsfi forms

[Aurelien Jarno]

Power ISA 2.05 adds support for extended mtfsf/mtfsfi form, with a new
W field to select the upper part of the FPCSR register.

For that the helper is changed to handle 64-bit input values and mask with
up to 16 bits. The mtfsf/mtfsfi instructions do not have the W bit
marked as invalid anymore. Instead this is checked in the helper, which
therefore needs to access to the insns/insns_flags2. They are added in
the DisasContext struct. Finally change all accesses to the opcode fields
through extract helpers, prefixed with FP for consistency.

Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---
 target-ppc/fpu_helper.c |   17 +++++++----------
 target-ppc/translate.c  |   46 ++++++++++++++++++++++++++++++++++------------
 2 files changed, 41 insertions(+), 22 deletions(-)

diff --git a/target-ppc/fpu_helper.c b/target-ppc/fpu_helper.c
index 2f0db4e..e159615 100644
--- a/target-ppc/fpu_helper.c
+++ b/target-ppc/fpu_helper.c
@@ -430,20 +430,17 @@ void helper_fpscr_setbit(CPUPPCState *env, uint32_t bit)
 
 void helper_store_fpscr(CPUPPCState *env, uint64_t arg, uint32_t mask)
 {
-    /*
-     * We use only the 32 LSB of the incoming fpr
-     */
-    uint32_t prev, new;
+    target_ulong prev, new;
     int i;
 
     prev = env->fpscr;
-    new = (uint32_t)arg;
-    new &= ~0x60000000;
-    new |= prev & 0x60000000;
-    for (i = 0; i < 8; i++) {
+    new = (target_ulong)arg;
+    new &= ~0x60000000LL;
+    new |= prev & 0x60000000LL;
+    for (i = 0; i < sizeof(target_ulong) * 2; i++) {
         if (mask & (1 << i)) {
-            env->fpscr &= ~(0xF << (4 * i));
-            env->fpscr |= new & (0xF << (4 * i));
+            env->fpscr &= ~(0xFLL << (4 * i));
+            env->fpscr |= new & (0xFLL << (4 * i));
         }
     }
     /* Update VX and FEX */
diff --git a/target-ppc/translate.c b/target-ppc/translate.c
index 81c23fa..ef1bda4 100644
--- a/target-ppc/translate.c
+++ b/target-ppc/translate.c
@@ -202,6 +202,8 @@ typedef struct DisasContext {
     int spe_enabled;
     ppc_spr_t *spr_cb; /* Needed to check rights for mfspr/mtspr */
     int singlestep_enabled;
+    uint64_t insns_flags;
+    uint64_t insns_flags2;
 } DisasContext;
 
 /* True when active word size < size of target_long.  */
@@ -423,9 +425,14 @@ EXTRACT_HELPER(ME, 1, 5);
 EXTRACT_HELPER(TO, 21, 5);
 
 EXTRACT_HELPER(CRM, 12, 8);
-EXTRACT_HELPER(FM, 17, 8);
 EXTRACT_HELPER(SR, 16, 4);
+
+/* mtfsf/mtfsfi */
+EXTRACT_HELPER(FPBF, 19, 3);
 EXTRACT_HELPER(FPIMM, 12, 4);
+EXTRACT_HELPER(FPL, 21, 1);
+EXTRACT_HELPER(FPFLM, 17, 8);
+EXTRACT_HELPER(FPW, 16, 1);
 
 /***                            Jump target decoding                       ***/
 /* Displacement */
@@ -2355,19 +2362,27 @@ static void gen_mtfsb1(DisasContext *ctx)
 static void gen_mtfsf(DisasContext *ctx)
 {
     TCGv_i32 t0;
-    int L = ctx->opcode & 0x02000000;
+    int flm, l, w;
 
     if (unlikely(!ctx->fpu_enabled)) {
         gen_exception(ctx, POWERPC_EXCP_FPU);
         return;
     }
+    flm = FPFLM(ctx->opcode);
+    l = FPL(ctx->opcode);
+    w = FPW(ctx->opcode);
+    if (unlikely(w & !(ctx->insns_flags2 & PPC2_ISA205))) {
+        gen_inval_exception(ctx, POWERPC_EXCP_INVAL_INVAL);
+        return;
+    }
     /* NIP cannot be restored if the memory exception comes from an helper */
     gen_update_nip(ctx, ctx->nip - 4);
     gen_reset_fpstatus();
-    if (L)
-        t0 = tcg_const_i32(0xff);
-    else
-        t0 = tcg_const_i32(FM(ctx->opcode));
+    if (l) {
+        t0 = tcg_const_i32((ctx->insns_flags2 & PPC2_ISA205) ? 0xffff : 0xff);
+    } else {
+        t0 = tcg_const_i32(flm << (w * 8));
+    }
     gen_helper_store_fpscr(cpu_env, cpu_fpr[rB(ctx->opcode)], t0);
     tcg_temp_free_i32(t0);
     if (unlikely(Rc(ctx->opcode) != 0)) {
@@ -2381,7 +2396,7 @@ static void gen_mtfsf(DisasContext *ctx)
 /* mtfsfi */
 static void gen_mtfsfi(DisasContext *ctx)
 {
-    int bf, sh;
+    int bf, sh, w;
     TCGv_i64 t0;
     TCGv_i32 t1;
 
@@ -2389,12 +2404,17 @@ static void gen_mtfsfi(DisasContext *ctx)
         gen_exception(ctx, POWERPC_EXCP_FPU);
         return;
     }
-    bf = crbD(ctx->opcode) >> 2;
-    sh = 7 - bf;
+    w = FPW(ctx->opcode);
+    bf = FPBF(ctx->opcode);
+    if (unlikely(w & !(ctx->insns_flags2 & PPC2_ISA205))) {
+        gen_inval_exception(ctx, POWERPC_EXCP_INVAL_INVAL);
+        return;
+    }
+    sh = (8 * w) + 7 - bf;
     /* NIP cannot be restored if the memory exception comes from an helper */
     gen_update_nip(ctx, ctx->nip - 4);
     gen_reset_fpstatus();
-    t0 = tcg_const_i64(FPIMM(ctx->opcode) << (4 * sh));
+    t0 = tcg_const_i64(((uint64_t)FPIMM(ctx->opcode)) << (4 * sh));
     t1 = tcg_const_i32(1 << sh);
     gen_helper_store_fpscr(cpu_env, t0, t1);
     tcg_temp_free_i64(t0);
@@ -8677,8 +8697,8 @@ GEN_HANDLER(mcrfs, 0x3F, 0x00, 0x02, 0x0063F801, PPC_FLOAT),
 GEN_HANDLER(mffs, 0x3F, 0x07, 0x12, 0x001FF800, PPC_FLOAT),
 GEN_HANDLER(mtfsb0, 0x3F, 0x06, 0x02, 0x001FF800, PPC_FLOAT),
 GEN_HANDLER(mtfsb1, 0x3F, 0x06, 0x01, 0x001FF800, PPC_FLOAT),
-GEN_HANDLER(mtfsf, 0x3F, 0x07, 0x16, 0x00010000, PPC_FLOAT),
-GEN_HANDLER(mtfsfi, 0x3F, 0x06, 0x04, 0x006f0800, PPC_FLOAT),
+GEN_HANDLER(mtfsf, 0x3F, 0x07, 0x16, 0x00000000, PPC_FLOAT),
+GEN_HANDLER(mtfsfi, 0x3F, 0x06, 0x04, 0x006e0800, PPC_FLOAT),
 #if defined(TARGET_PPC64)
 GEN_HANDLER(ld, 0x3A, 0xFF, 0xFF, 0x00000000, PPC_64B),
 GEN_HANDLER(lq, 0x38, 0xFF, 0xFF, 0x00000000, PPC_64BX),
@@ -9716,6 +9736,8 @@ static inline void gen_intermediate_code_internal(CPUPPCState *env,
     ctx.exception = POWERPC_EXCP_NONE;
     ctx.spr_cb = env->spr_cb;
     ctx.mem_idx = env->mmu_idx;
+    ctx.insns_flags = env->insns_flags;
+    ctx.insns_flags2 = env->insns_flags2;
     ctx.access_type = -1;
     ctx.le_mode = env->hflags & (1 << MSR_LE) ? 1 : 0;
 #if defined(TARGET_PPC64)
-- 
1.7.10.4

Re: [Qemu-devel] [PATCH v2 00/10] target-ppc: emulate Power ISA 2.05 instructions

[Alexander Graf]

On 20.04.2013, at 20:56, Aurelien Jarno wrote:

> qemu-system-ppc64 -M pseries clamis to emulate a POWER7 CPU,
> corresponding to an ISA 2.06 compliant CPU, while QEMU emulates
> something like an ISA 2.04 CPU.
> 
> Given that glibc and GCC start to use some instructions like cmpb and
> fcpsgn, this starts to be problematic.
> 
> This patches series improves the PPC emulation by bringing it to an
> ISA 2.05 CPU (if we except DFP and VSX), at least from the
> non-privledged point of view.
> 
> Changes v1 -> v2:
> - Use (1ULL << 63) instead of (1LL << 63) to access the bit sign
> - Improve description of load/store doubleword pair instructions

Thanks, applied all to ppc-next.


Alex

> 
> Aurelien Jarno (10):
>  target-ppc: optimize fabs, fnabs, fneg
>  disas: Disassemble all ppc insns for the guest
>  target-ppc: add instruction flags for Book I 2.05
>  target-ppc: emulate cmpb instruction
>  target-ppc: emulate prtyw and prtyd instructions
>  target-ppc: emulate fcpsgn instruction
>  target-ppc: emulate lfiwax instruction
>  target-ppc: emulate load doubleword pair instructions
>  target-ppc: emulate store doubleword pair instructions
>  target-ppc: add support for extended mtfsf/mtfsfi forms
> 
> disas.c                     |    1 +
> target-ppc/cpu.h            |    4 +-
> target-ppc/fpu_helper.c     |   48 ++------
> target-ppc/helper.h         |    4 +-
> target-ppc/int_helper.c     |   15 +++
> target-ppc/translate.c      |  260 +++++++++++++++++++++++++++++++++++++++----
> target-ppc/translate_init.c |    2 +-
> 7 files changed, 268 insertions(+), 66 deletions(-)
> 
> -- 
> 1.7.10.4
> 

[Qemu-devel] [PATCH v2 10/10] target-ppc: add support for extended mtfsf/mtfsfi forms

[Khem Raj]

Hi

I am seeing a regression with 1.5.0 release where the following program

#include <stdio.h>
#include <math.h>

int main(int argc, char * argv[])
{
  double f = 1234.67;
  printf("floor(%f) = %f\n", f, floor(f));
  return 0;                                 
}


when compiled without any -O options which means it calls the glitch's floor() function which uses mtfsfi
results in

floor(1234.670000) = 1235.000000

where as expected result is

floor(1234.670000) = 1234.000000

Git bisect suggests indicates this patch where it started to regress

The machine emulated is mac99 which is pre ISA 2.05

Same program (statically linked) seems to work fine on real hardware, therefore it seems to me that its a Qemu problem

Let me know if you need more information.

Thanks
-Khem