haraldwolff/qemu-patch-raspberry4
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

MIPS patches queue

Browse source 
Various fixes:
 - Potential integer overflow (CID 1452921)
 - Invalid emulation of nanoMIPS BPOSGE32 opcode
 - Missing exception when DINSV opcode used with DSP disabled
 - Do not abort but emit exception for invalid BRANCH opcodes
 - TCG temporary leaks
 
 Housekeeping:
 - Remove dead code / comments
 - Restrict few files to TCG, declarations to sysemu
 - Merge MSA32 and MSA64 decodetree definitions
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE+qvnXhKRciHc/Wuy4+MsLN6twN4FAmDVoEwACgkQ4+MsLN6t
 wN5VSxAAy5yx/Fq8sdODuu5aV/JJKW2W8SZZrEI9jkzn8i85NoRTTTsQEHxuAV5f
 Luy6Dqfj8aIrr604G1yGjo9dpspPA37cJk7TkJFhhvw9FWMrM2tc1BMdRaxZcecx
 us4PWXiX9MMGIWztHjU84IcW7k1upjS4XO57vOuSL8LOzEiUg/N+beys5X8Mcwsd
 rGroRt6vaRR/d65M7yKyZsz2DDhfCst/zOmZ6Qc11bjxKx1aAX9eM2oszWOM9C8U
 tjo5h5CJHHPvUihflZwWsgN0emL390TNPnvKKrP014007Hr85l1Gr4LUwK838jbn
 MBIzu1hqlpc3thLs1QMrE5dBii9Ds5rNP5l/W2EbCIvXzXJ+fLAb3osnzEi+K/J8
 sufjbzU5xN6R1dzEp2fp1rSTYIEGh8gT05takGdzuVYmSezJ5ahENBTtGNOJ4Ov6
 SqMOXod1r5jacT5oRNQmYs4L3xcSP26AWMUCrJ2V5aYLOxcYkWAbhK0TLuH7jFxk
 ntGAdBuaXO4D0O6va/cGzLIrypvOXicoQXHhF1UxdepF4lwEKB+LE5EsqyCT+6Iw
 Why/hjk4VxQ3LzBXrVRHoXgS/6Gu3Wu4xmixyjuGmBg/t/uu+iWQBTpaZ5/qv/bv
 QgmT8H/7f1nWlgv7440RZ5D4xRsgxex9w/8SOEHCU7QaFjh/67k=
 =THJZ
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/philmd/tags/mips-20210625' into staging

MIPS patches queue

Various fixes:
- Potential integer overflow (CID 1452921)
- Invalid emulation of nanoMIPS BPOSGE32 opcode
- Missing exception when DINSV opcode used with DSP disabled
- Do not abort but emit exception for invalid BRANCH opcodes
- TCG temporary leaks

Housekeeping:
- Remove dead code / comments
- Restrict few files to TCG, declarations to sysemu
- Merge MSA32 and MSA64 decodetree definitions

# gpg: Signature made Fri 25 Jun 2021 10:22:20 BST
# gpg:                using RSA key FAABE75E12917221DCFD6BB2E3E32C2CDEADC0DE
# gpg: Good signature from "Philippe Mathieu-Daudé (F4BUG) <f4bug@amsat.org>" [full]
# Primary key fingerprint: FAAB E75E 1291 7221 DCFD  6BB2 E3E3 2C2C DEAD C0DE

* remotes/philmd/tags/mips-20210625:
  target/mips: Merge msa32/msa64 decodetree definitions
  target/mips: Remove pointless gen_msa()
  target/mips: Optimize regnames[] arrays
  target/mips: Constify host_to_mips_errno[]
  target/mips: fix emulation of nanoMIPS BPOSGE32 instruction
  target/mips: Remove microMIPS BPOSGE32 / BPOSGE64 unuseful cases
  target/mips: Remove SmartMIPS / MDMX unuseful comments
  target/mips: Restrict some system specific declarations to sysemu
  target/mips: Move translate.h to tcg/ sub directory
  target/mips: Move TCG trace events to tcg/ sub directory
  target/mips: Do not abort on invalid instruction
  target/mips: Raise exception when DINSV opcode used with DSP disabled
  target/mips: Fix more TCG temporary leaks in gen_pool32a5_nanomips_insn
  target/mips: Fix TCG temporary leaks in gen_pool32a5_nanomips_insn()
  target/mips: Fix potential integer overflow (CID 1452921)

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Peter Maydell 2021-06-28 09:44:41 +01:00
parent 5d2d18ae39 f5c6ee0c6b
commit 687f9f7834
16 changed files with 42 additions and 71 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
meson.build
View file

@ -1882,7 +1882,7 @@ if have_system or have_user
'target/hppa', 'target/hppa',
'target/i386', 'target/i386',
'target/i386/kvm', 'target/i386/kvm',
'target/mips', 'target/mips/tcg',
'target/ppc', 'target/ppc',
'target/riscv', 'target/riscv',
'target/s390x', 'target/s390x',

2
target/mips/cpu.c
View file

@ -35,7 +35,7 @@
#include "qapi/qapi-commands-machine-target.h" #include "qapi/qapi-commands-machine-target.h"
#include "fpu_helper.h" #include "fpu_helper.h"
const char regnames[32][4] = { const char regnames[32][3] = {
"r0", "at", "v0", "v1", "a0", "a1", "a2", "a3", "r0", "at", "v0", "v1", "a0", "a1", "a2", "a3",
"t0", "t1", "t2", "t3", "t4", "t5", "t6", "t7", "t0", "t1", "t2", "t3", "t4", "t5", "t6", "t7",
"s0", "s1", "s2", "s3", "s4", "s5", "s6", "s7", "s0", "s1", "s2", "s3", "s4", "s5", "s6", "s7",

10
target/mips/cpu.h
View file

@ -1152,13 +1152,13 @@ struct CPUMIPSState {
CPUMIPSMVPContext *mvp; CPUMIPSMVPContext *mvp;
#if !defined(CONFIG_USER_ONLY) #if !defined(CONFIG_USER_ONLY)
CPUMIPSTLBContext *tlb; CPUMIPSTLBContext *tlb;
void *irq[8];
struct MIPSITUState *itu;
MemoryRegion *itc_tag; /* ITC Configuration Tags */
#endif #endif
const mips_def_t *cpu_model; const mips_def_t *cpu_model;
void *irq[8];
QEMUTimer *timer; /* Internal timer */ QEMUTimer *timer; /* Internal timer */
struct MIPSITUState *itu;
MemoryRegion *itc_tag; /* ITC Configuration Tags */
target_ulong exception_base; /* ExceptionBase input to the core */ target_ulong exception_base; /* ExceptionBase input to the core */
uint64_t cp0_count_ns; /* CP0_Count clock period (in nanoseconds) */ uint64_t cp0_count_ns; /* CP0_Count clock period (in nanoseconds) */
}; };
@ -1316,12 +1316,16 @@ uint64_t cpu_mips_phys_to_kseg1(void *opaque, uint64_t addr);
bool mips_um_ksegs_enabled(void); bool mips_um_ksegs_enabled(void);
void mips_um_ksegs_enable(void); void mips_um_ksegs_enable(void);
#if !defined(CONFIG_USER_ONLY)
/* mips_int.c */ /* mips_int.c */
void cpu_mips_soft_irq(CPUMIPSState *env, int irq, int level); void cpu_mips_soft_irq(CPUMIPSState *env, int irq, int level);
/* mips_itu.c */ /* mips_itu.c */
void itc_reconfigure(struct MIPSITUState *tag); void itc_reconfigure(struct MIPSITUState *tag);
#endif /* !CONFIG_USER_ONLY */
/* helper.c */ /* helper.c */
target_ulong exception_resume_pc(CPUMIPSState *env); target_ulong exception_resume_pc(CPUMIPSState *env);

2
target/mips/internal.h
View file

@ -74,7 +74,7 @@ struct mips_def_t {
int32_t SAARP; int32_t SAARP;
}; };
extern const char regnames[32][4]; extern const char regnames[32][3];
extern const char fregnames[32][4]; extern const char fregnames[32][4];
extern const struct mips_def_t mips_defs[]; extern const struct mips_def_t mips_defs[];

3
target/mips/tcg/meson.build
View file

@ -1,8 +1,7 @@
gen = [ gen = [
decodetree.process('mips32r6.decode', extra_args: '--static-decode=decode_mips32r6'), decodetree.process('mips32r6.decode', extra_args: '--static-decode=decode_mips32r6'),
decodetree.process('mips64r6.decode', extra_args: '--static-decode=decode_mips64r6'), decodetree.process('mips64r6.decode', extra_args: '--static-decode=decode_mips64r6'),
decodetree.process('msa32.decode', extra_args: '--static-decode=decode_msa32'), decodetree.process('msa.decode', extra_args: '--decode=decode_ase_msa'),
decodetree.process('msa64.decode', extra_args: '--static-decode=decode_msa64'),
decodetree.process('tx79.decode', extra_args: '--static-decode=decode_tx79'), decodetree.process('tx79.decode', extra_args: '--static-decode=decode_tx79'),
] ]

8
target/mips/tcg/msa32.decode → target/mips/tcg/msa.decode
View file

@ -6,9 +6,10 @@
# #
# Reference: # Reference:
# MIPS Architecture for Programmers Volume IV-j # MIPS Architecture for Programmers Volume IV-j
# The MIPS32 SIMD Architecture Module, Revision 1.12 # - The MIPS32 SIMD Architecture Module, Revision 1.12
# (Document Number: MD00866-2B-MSA32-AFP-01.12) # (Document Number: MD00866-2B-MSA32-AFP-01.12)
# # - The MIPS64 SIMD Architecture Module, Revision 1.12
# (Document Number: MD00868-1D-MSA64-AFP-01.12)
&rtype rs rt rd sa &rtype rs rt rd sa
@ -19,6 +20,7 @@
@bz_df ...... ... df:2 wt:5 s16:16 &msa_bz @bz_df ...... ... df:2 wt:5 s16:16 &msa_bz
LSA 000000 ..... ..... ..... 000 .. 000101 @lsa LSA 000000 ..... ..... ..... 000 .. 000101 @lsa
DLSA 000000 ..... ..... ..... 000 .. 010101 @lsa
BZ_V 010001 01011 ..... ................ @bz BZ_V 010001 01011 ..... ................ @bz
BNZ_V 010001 01111 ..... ................ @bz BNZ_V 010001 01111 ..... ................ @bz

17
target/mips/tcg/msa64.decode
View file

@ -1,17 +0,0 @@
# MIPS SIMD Architecture Module instruction set
#
# Copyright (C) 2020 Philippe Mathieu-Daudé
#
# SPDX-License-Identifier: LGPL-2.1-or-later
#
# Reference:
# MIPS Architecture for Programmers Volume IV-j
# The MIPS64 SIMD Architecture Module, Revision 1.12
# (Document Number: MD00868-1D-MSA64-AFP-01.12)
#
&rtype rs rt rd sa !extern
@lsa ...... rs:5 rt:5 rd:5 ... sa:2 ...... &rtype
DLSA 000000 ..... ..... ..... 000 .. 010101 @lsa

23
target/mips/tcg/msa_translate.c
View file

@ -18,8 +18,7 @@
#include "internal.h" #include "internal.h"
/* Include the auto-generated decoder. */ /* Include the auto-generated decoder. */
#include "decode-msa32.c.inc" #include "decode-msa.c.inc"
#include "decode-msa64.c.inc"
#define OPC_MSA (0x1E << 26) #define OPC_MSA (0x1E << 26)
@ -255,7 +254,7 @@ enum {
OPC_BINSRI_df = (0x7 << 23) | OPC_MSA_BIT_09, OPC_BINSRI_df = (0x7 << 23) | OPC_MSA_BIT_09,
}; };
static const char * const msaregnames[] = { static const char msaregnames[][6] = {
"w0.d0", "w0.d1", "w1.d0", "w1.d1", "w0.d0", "w0.d1", "w1.d0", "w1.d1",
"w2.d0", "w2.d1", "w3.d0", "w3.d1", "w2.d0", "w2.d1", "w3.d0", "w3.d1",
"w4.d0", "w4.d1", "w5.d0", "w5.d1", "w4.d0", "w4.d1", "w5.d0", "w5.d1",
@ -2162,7 +2161,7 @@ static void gen_msa_vec(DisasContext *ctx)
} }
} }
static void gen_msa(DisasContext *ctx) static bool trans_MSA(DisasContext *ctx, arg_MSA *a)
{ {
uint32_t opcode = ctx->opcode; uint32_t opcode = ctx->opcode;
@ -2258,11 +2257,6 @@ static void gen_msa(DisasContext *ctx)
gen_reserved_instruction(ctx); gen_reserved_instruction(ctx);
break; break;
} }
}
static bool trans_MSA(DisasContext *ctx, arg_MSA *a)
{
gen_msa(ctx);
return true; return true;
} }
@ -2274,13 +2268,8 @@ static bool trans_LSA(DisasContext *ctx, arg_rtype *a)
static bool trans_DLSA(DisasContext *ctx, arg_rtype *a) static bool trans_DLSA(DisasContext *ctx, arg_rtype *a)
{ {
if (TARGET_LONG_BITS != 64) {
return false;
}
return gen_dlsa(ctx, a->rd, a->rt, a->rs, a->sa); return gen_dlsa(ctx, a->rd, a->rt, a->rs, a->sa);
} }
bool decode_ase_msa(DisasContext *ctx, uint32_t insn)
{
if (TARGET_LONG_BITS == 64 && decode_msa64(ctx, insn)) {
return true;
}
return decode_msa32(ctx, insn);
}

4
target/mips/tcg/mxu_translate.c
View file

@ -447,9 +447,9 @@ enum {
static TCGv mxu_gpr[NUMBER_OF_MXU_REGISTERS - 1]; static TCGv mxu_gpr[NUMBER_OF_MXU_REGISTERS - 1];
static TCGv mxu_CR; static TCGv mxu_CR;
static const char * const mxuregnames[] = { static const char mxuregnames[][4] = {
"XR1", "XR2", "XR3", "XR4", "XR5", "XR6", "XR7", "XR8", "XR1", "XR2", "XR3", "XR4", "XR5", "XR6", "XR7", "XR8",
"XR9", "XR10", "XR11", "XR12", "XR13", "XR14", "XR15", "MXU_CR", "XR9", "XR10", "XR11", "XR12", "XR13", "XR14", "XR15", "XCR",
}; };
void mxu_translate_init(void) void mxu_translate_init(void)

2
target/mips/tcg/sysemu/mips-semi.c
View file

@ -75,7 +75,7 @@ enum UHIOpenFlags {
}; };
/* Errno values taken from asm-mips/errno.h */ /* Errno values taken from asm-mips/errno.h */
static uint16_t host_to_mips_errno[] = { static const uint16_t host_to_mips_errno[] = {
[ENAMETOOLONG] = 78, [ENAMETOOLONG] = 78,
#ifdef EOVERFLOW #ifdef EOVERFLOW
[EOVERFLOW] = 79, [EOVERFLOW] = 79,

3
target/mips/tcg/sysemu/tlb_helper.c
View file

@ -17,6 +17,7 @@
* License along with this library; if not, see <http://www.gnu.org/licenses/>. * License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/ */
#include "qemu/osdep.h" #include "qemu/osdep.h"
#include "qemu/bitops.h"
#include "cpu.h" #include "cpu.h"
#include "internal.h" #include "internal.h"
@ -659,7 +660,7 @@ static int walk_directory(CPUMIPSState *env, uint64_t *vaddr,
w = directory_index - 1; w = directory_index - 1;
if (directory_index & 0x1) { if (directory_index & 0x1) {
/* Generate adjacent page from same PTE for odd TLB page */ /* Generate adjacent page from same PTE for odd TLB page */
lsb = (1 << w) >> 6; lsb = BIT_ULL(w) >> 6;
*pw_entrylo0 = entry & ~lsb; /* even page */ *pw_entrylo0 = entry & ~lsb; /* even page */
*pw_entrylo1 = entry | lsb; /* odd page */ *pw_entrylo1 = entry | lsb; /* odd page */
} else if (dph) { } else if (dph) {

0
target/mips/trace-events → target/mips/tcg/trace-events
View file

1
target/mips/tcg/trace.h Normal file
View file

@ -0,0 +1 @@
#include "trace/trace-target_mips_tcg.h"

35
target/mips/tcg/translate.c
View file

@ -31,7 +31,7 @@
#include "exec/helper-gen.h" #include "exec/helper-gen.h"
#include "semihosting/semihost.h" #include "semihosting/semihost.h"
#include "target/mips/trace.h" #include "trace.h"
#include "trace-tcg.h" #include "trace-tcg.h"
#include "exec/translator.h" #include "exec/translator.h"
#include "exec/log.h" #include "exec/log.h"
@ -1280,11 +1280,11 @@ TCGv_i64 fpu_f64[32];
#define DISAS_STOP DISAS_TARGET_0 #define DISAS_STOP DISAS_TARGET_0
#define DISAS_EXIT DISAS_TARGET_1 #define DISAS_EXIT DISAS_TARGET_1
static const char * const regnames_HI[] = { static const char regnames_HI[][4] = {
"HI0", "HI1", "HI2", "HI3", "HI0", "HI1", "HI2", "HI3",
}; };
static const char * const regnames_LO[] = { static const char regnames_LO[][4] = {
"LO0", "LO1", "LO2", "LO3", "LO0", "LO1", "LO2", "LO3",
}; };
@ -12151,8 +12151,8 @@ static void gen_branch(DisasContext *ctx, int insn_bytes)
tcg_gen_lookup_and_goto_ptr(); tcg_gen_lookup_and_goto_ptr();
break; break;
default: default:
fprintf(stderr, "unknown branch 0x%x\n", proc_hflags); LOG_DISAS("unknown branch 0x%x\n", proc_hflags);
abort(); gen_reserved_instruction(ctx);
} }
} }
} }
@ -14076,8 +14076,6 @@ enum {
BGEZALS = 0x13, BGEZALS = 0x13,
BC2F = 0x14, BC2F = 0x14,
BC2T = 0x15, BC2T = 0x15,
BPOSGE64 = 0x1a,
BPOSGE32 = 0x1b,
/* These overlap and are distinguished by bit16 of the instruction */ /* These overlap and are distinguished by bit16 of the instruction */
BC1F = 0x1c, BC1F = 0x1c,
BC1T = 0x1d, BC1T = 0x1d,
@ -16121,10 +16119,6 @@ static void decode_micromips32_opc(CPUMIPSState *env, DisasContext *ctx)
generate_exception_err(ctx, EXCP_CpU, 1); generate_exception_err(ctx, EXCP_CpU, 1);
} }
break; break;
case BPOSGE64:
case BPOSGE32:
/* MIPS DSP: not implemented */
/* Fall through */
default: default:
MIPS_INVAL("pool32i"); MIPS_INVAL("pool32i");
gen_reserved_instruction(ctx); gen_reserved_instruction(ctx);
@ -20182,6 +20176,8 @@ static void gen_pool32a5_nanomips_insn(DisasContext *ctx, int opc,
tcg_gen_movi_tl(tv0, rd >> 3); tcg_gen_movi_tl(tv0, rd >> 3);
tcg_gen_movi_tl(tv1, imm); tcg_gen_movi_tl(tv1, imm);
gen_helper_shilo(tv0, tv1, cpu_env); gen_helper_shilo(tv0, tv1, cpu_env);
tcg_temp_free(tv1);
tcg_temp_free(tv0);
} }
break; break;
case NM_MULEQ_S_W_PHL: case NM_MULEQ_S_W_PHL:
@ -20296,6 +20292,10 @@ static void gen_pool32a5_nanomips_insn(DisasContext *ctx, int opc,
gen_reserved_instruction(ctx); gen_reserved_instruction(ctx);
break; break;
} }
tcg_temp_free(v2_t);
tcg_temp_free(v1_t);
tcg_temp_free(t0);
} }
static int decode_nanomips_32_48_opc(CPUMIPSState *env, DisasContext *ctx) static int decode_nanomips_32_48_opc(CPUMIPSState *env, DisasContext *ctx)
@ -21137,7 +21137,7 @@ static int decode_nanomips_32_48_opc(CPUMIPSState *env, DisasContext *ctx)
extract32(ctx->opcode, 0, 1) << 13; extract32(ctx->opcode, 0, 1) << 13;
gen_compute_branch_nm(ctx, OPC_BPOSGE32, 4, -1, -2, gen_compute_branch_nm(ctx, OPC_BPOSGE32, 4, -1, -2,
imm); imm << 1);
} }
break; break;
default: default:
@ -21572,14 +21572,6 @@ static int decode_nanomips_opc(CPUMIPSState *env, DisasContext *ctx)
} }
/* SmartMIPS extension to MIPS32 */
#if defined(TARGET_MIPS64)
/* MDMX extension to MIPS64 */
#endif
/* MIPSDSP functions. */ /* MIPSDSP functions. */
static void gen_mipsdsp_ld(DisasContext *ctx, uint32_t opc, static void gen_mipsdsp_ld(DisasContext *ctx, uint32_t opc,
int rd, int base, int offset) int rd, int base, int offset)
@ -24373,10 +24365,11 @@ static void decode_opc_special3_legacy(CPUMIPSState *env, DisasContext *ctx)
{ {
TCGv t0, t1; TCGv t0, t1;
check_dsp(ctx);
if (rt == 0) { if (rt == 0) {
break; break;
} }
check_dsp(ctx);
t0 = tcg_temp_new(); t0 = tcg_temp_new();
t1 = tcg_temp_new(); t1 = tcg_temp_new();

0
target/mips/translate.h → target/mips/tcg/translate.h
View file

1
target/mips/trace.h
View file

@ -1 +0,0 @@
#include "trace/trace-target_mips.h"