* [Qemu-devel] [PULL 0/3] target-mips queue
@ 2015-03-18 14:37 Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 1/3] target-mips: fix CP0.BadVAddr by stopping translation on Address Error Leon Alrae
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Leon Alrae @ 2015-03-18 14:37 UTC (permalink / raw)
To: qemu-devel; +Cc: Peter Maydell, Aurelien Jarno
Hi,
This pull request contains MIPS bug fixes for 2.3.
Thanks,
Leon
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Aurelien Jarno <aurelien@aurel32.net>
The following changes since commit 5a4992834daec85c3913654903fb9f4f954e585a:
Merge remote-tracking branch 'remotes/armbru/tags/pull-cov-model-2015-03-17' into staging (2015-03-17 11:43:00 +0000)
are available in the git repository at:
git://github.com/lalrae/qemu.git tags/mips-20150318
for you to fetch changes up to 0af7a37054310384e00209e0a43efe95b7c19ef0:
target-mips: save cpu state before calling MSA load and store helpers (2015-03-18 09:58:15 +0000)
----------------------------------------------------------------
MIPS patches 2015-03-18
Changes:
* bug fixes
----------------------------------------------------------------
Leon Alrae (3):
target-mips: fix CP0.BadVAddr by stopping translation on Address Error
target-mips: fix hflags modified in delay / forbidden slot
target-mips: save cpu state before calling MSA load and store helpers
target-mips/translate.c | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Qemu-devel] [PULL 1/3] target-mips: fix CP0.BadVAddr by stopping translation on Address Error
2015-03-18 14:37 [Qemu-devel] [PULL 0/3] target-mips queue Leon Alrae
@ 2015-03-18 14:37 ` Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 2/3] target-mips: fix hflags modified in delay / forbidden slot Leon Alrae
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Leon Alrae @ 2015-03-18 14:37 UTC (permalink / raw)
To: qemu-devel
CP0.BadVAddr is supposed to capture the most recent virtual address that caused
the exception. Currently this does not work correctly for unaligned instruction
fetch as translation is not stopped and CP0.BadVAddr is updated with subsequent
addresses.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
---
target-mips/translate.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target-mips/translate.c b/target-mips/translate.c
index 9059bfd..0e2443a 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -18438,6 +18438,7 @@ static void decode_opc(CPUMIPSState *env, DisasContext *ctx)
if (ctx->pc & 0x3) {
env->CP0_BadVAddr = ctx->pc;
generate_exception_err(ctx, EXCP_AdEL, EXCP_INST_NOTAVAIL);
+ ctx->bstate = BS_STOP;
return;
}
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PULL 2/3] target-mips: fix hflags modified in delay / forbidden slot
2015-03-18 14:37 [Qemu-devel] [PULL 0/3] target-mips queue Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 1/3] target-mips: fix CP0.BadVAddr by stopping translation on Address Error Leon Alrae
@ 2015-03-18 14:37 ` Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 3/3] target-mips: save cpu state before calling MSA load and store helpers Leon Alrae
2015-03-19 14:10 ` [Qemu-devel] [PULL 0/3] target-mips queue Peter Maydell
3 siblings, 0 replies; 5+ messages in thread
From: Leon Alrae @ 2015-03-18 14:37 UTC (permalink / raw)
To: qemu-devel
All instructions which may change hflags terminate tb. However, this doesn't
work if such an instruction is placed in delay or forbidden slot.
gen_branch() clears MIPS_HFLAG_BMASK in ctx->hflags and then generates code
to overwrite hflags with ctx->hflags, consequently we loose any execution-time
hflags modifications. For example, in the following scenario hflag related to
Status.CU1 will not be updated:
/* Set Status.CU1 in delay slot */
mfc0 $24, $12, 0
lui $25, 0x2000
or $25, $25, $24
b check_Status_CU1
mtc0 $25, $12, 0
With this change we clear MIPS_HFLAG_BMASK in execution-time hflags if
instruction in delay or forbidden slot wants to terminate tb for some reason
(i.e. ctx->bstate != BS_NONE).
Also, die early and loudly if "unknown branch" is encountered as this should
never happen.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
---
target-mips/translate.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/target-mips/translate.c b/target-mips/translate.c
index 0e2443a..a91e503 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -10531,14 +10531,25 @@ static void gen_rdhwr(DisasContext *ctx, int rt, int rd)
tcg_temp_free(t0);
}
+static inline void clear_branch_hflags(DisasContext *ctx)
+{
+ ctx->hflags &= ~MIPS_HFLAG_BMASK;
+ if (ctx->bstate == BS_NONE) {
+ save_cpu_state(ctx, 0);
+ } else {
+ /* it is not safe to save ctx->hflags as hflags may be changed
+ in execution time by the instruction in delay / forbidden slot. */
+ tcg_gen_andi_i32(hflags, hflags, ~MIPS_HFLAG_BMASK);
+ }
+}
+
static void gen_branch(DisasContext *ctx, int insn_bytes)
{
if (ctx->hflags & MIPS_HFLAG_BMASK) {
int proc_hflags = ctx->hflags & MIPS_HFLAG_BMASK;
/* Branches completion */
- ctx->hflags &= ~MIPS_HFLAG_BMASK;
+ clear_branch_hflags(ctx);
ctx->bstate = BS_BRANCH;
- save_cpu_state(ctx, 0);
/* FIXME: Need to clear can_do_io. */
switch (proc_hflags & MIPS_HFLAG_BMASK_BASE) {
case MIPS_HFLAG_FBNSLOT:
@@ -10596,8 +10607,8 @@ static void gen_branch(DisasContext *ctx, int insn_bytes)
tcg_gen_exit_tb(0);
break;
default:
- MIPS_DEBUG("unknown branch");
- break;
+ fprintf(stderr, "unknown branch 0x%x\n", proc_hflags);
+ abort();
}
}
}
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PULL 3/3] target-mips: save cpu state before calling MSA load and store helpers
2015-03-18 14:37 [Qemu-devel] [PULL 0/3] target-mips queue Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 1/3] target-mips: fix CP0.BadVAddr by stopping translation on Address Error Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 2/3] target-mips: fix hflags modified in delay / forbidden slot Leon Alrae
@ 2015-03-18 14:37 ` Leon Alrae
2015-03-19 14:10 ` [Qemu-devel] [PULL 0/3] target-mips queue Peter Maydell
3 siblings, 0 replies; 5+ messages in thread
From: Leon Alrae @ 2015-03-18 14:37 UTC (permalink / raw)
To: qemu-devel
PC needs to be saved if an exception can be generated by an helper.
This fixes a problem related to resuming the execution at unexpected address
after an exception (caused by MSA load/store instruction) has been serviced.
Signed-off-by: Leon Alrae <leon.alrae@imgtec.com>
---
target-mips/translate.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/target-mips/translate.c b/target-mips/translate.c
index a91e503..fd063a2 100644
--- a/target-mips/translate.c
+++ b/target-mips/translate.c
@@ -18414,12 +18414,14 @@ static void gen_msa(CPUMIPSState *env, DisasContext *ctx)
case OPC_LD_H:
case OPC_LD_W:
case OPC_LD_D:
+ save_cpu_state(ctx, 1);
gen_helper_msa_ld_df(cpu_env, tdf, twd, trs, ts10);
break;
case OPC_ST_B:
case OPC_ST_H:
case OPC_ST_W:
case OPC_ST_D:
+ save_cpu_state(ctx, 1);
gen_helper_msa_st_df(cpu_env, tdf, twd, trs, ts10);
break;
}
--
2.1.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [Qemu-devel] [PULL 0/3] target-mips queue
2015-03-18 14:37 [Qemu-devel] [PULL 0/3] target-mips queue Leon Alrae
` (2 preceding siblings ...)
2015-03-18 14:37 ` [Qemu-devel] [PULL 3/3] target-mips: save cpu state before calling MSA load and store helpers Leon Alrae
@ 2015-03-19 14:10 ` Peter Maydell
3 siblings, 0 replies; 5+ messages in thread
From: Peter Maydell @ 2015-03-19 14:10 UTC (permalink / raw)
To: Leon Alrae; +Cc: QEMU Developers, Aurelien Jarno
On 18 March 2015 at 14:37, Leon Alrae <leon.alrae@imgtec.com> wrote:
> Hi,
>
> This pull request contains MIPS bug fixes for 2.3.
>
> Thanks,
> Leon
>
> Cc: Peter Maydell <peter.maydell@linaro.org>
> Cc: Aurelien Jarno <aurelien@aurel32.net>
>
> The following changes since commit 5a4992834daec85c3913654903fb9f4f954e585a:
>
> Merge remote-tracking branch 'remotes/armbru/tags/pull-cov-model-2015-03-17' into staging (2015-03-17 11:43:00 +0000)
>
> are available in the git repository at:
>
> git://github.com/lalrae/qemu.git tags/mips-20150318
>
> for you to fetch changes up to 0af7a37054310384e00209e0a43efe95b7c19ef0:
>
> target-mips: save cpu state before calling MSA load and store helpers (2015-03-18 09:58:15 +0000)
>
> ----------------------------------------------------------------
> MIPS patches 2015-03-18
>
> Changes:
> * bug fixes
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-03-19 14:14 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-03-18 14:37 [Qemu-devel] [PULL 0/3] target-mips queue Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 1/3] target-mips: fix CP0.BadVAddr by stopping translation on Address Error Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 2/3] target-mips: fix hflags modified in delay / forbidden slot Leon Alrae
2015-03-18 14:37 ` [Qemu-devel] [PULL 3/3] target-mips: save cpu state before calling MSA load and store helpers Leon Alrae
2015-03-19 14:10 ` [Qemu-devel] [PULL 0/3] target-mips queue Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).