this splits the 64-bit only instructions into its own decode file such
that we generate the decoder for these instructions only for the RISC-V
64 bit target.
Backports commit 7e45a682edc32ba90d6955215f062210531b835b from qemu
for now only LUI & AUIPC are decoded and translated. If decodetree fails, we
fall back to the old decoder.
Backports commit 2a53cff418335ccb4719e9a94fde55f6ebcc895d from qemu
Previously this would result in an exception for shifting
the field mask by a negative number.
Backports commit 2decfc95583dc28add69810eaca6ada7b4b44d3a from qemu
This is interesting for bisection, where an output file is plumbed,
but does not yet have patterns.
Backports commit 82bfac1c06cadeb5c7252734dc695d951185916c from qemu
As a consequence, the 'return false' gets pushed up one level.
This will allow us to perform some other action when the
translator returns failure.
Backports commit eb6b87fac70dd62e3f1286703db20c012e7a9611 from qemu
flatview_add_to_dispatch() registers page based on the condition of
*section*, which may looks like this:
|s|PPPPPPP|s|
where s stands for subpage and P for page.
The procedure of this function could be described as:
- register first subpage
- register page
- register last subpage
This means the procedure could be simplified into these three steps
instead of a loop iteration.
This patch refactors the function into three corresponding steps and
adds some comment to clarify it.
Backports commit 494d199727ba248c96326b4e1c97f86eb11a5ec7 from qemu
Since OpenBSD 6.0 [1], W^X is enforced by default [2].
TCG requires WX access. Disable W^X if it is available.
This fixes:
\# lm32-softmmu/qemu-system-lm32
Could not allocate dynamic translator buffer
\# sysctl kern.wxabort=1
kern.wxabort: 0 -> 1
\# lm32-softmmu/qemu-system-lm32
mmap: Not supported
Abort trap (core dumped)
\# gdb -q lm32-softmmu/qemu-system-lm32 qemu-system-lm32.core
(gdb) bt
\#0 0x000017e3c156c50a in _thread_sys___syscall () at {standard input}:5
\#1 0x000017e3c15e5d7a in *_libc_mmap (addr=Variable "addr" is not available.) at /usr/src/lib/libc/sys/mmap.c:47
\#2 0x000017e17d9abc8b in alloc_code_gen_buffer () at /usr/src/qemu/accel/tcg/translate-all.c:1064
\#3 0x000017e17d9abd04 in code_gen_alloc (tb_size=0) at /usr/src/qemu/accel/tcg/translate-all.c:1112
\#4 0x000017e17d9abe81 in tcg_exec_init (tb_size=0) at /usr/src/qemu/accel/tcg/translate-all.c:1149
\#5 0x000017e17d9897e9 in tcg_init (ms=0x17e45e456800) at /usr/src/qemu/accel/tcg/tcg-all.c:66
\#6 0x000017e17d9891b8 in accel_init_machine (acc=0x17e3c3f50800, ms=0x17e45e456800) at /usr/src/qemu/accel/accel.c:63
\#7 0x000017e17d989312 in configure_accelerator (ms=0x17e45e456800, progname=0x7f7fffff07b0 "lm32-softmmu/qemu-system-lm32") at /usr/src/qemu/accel/accel.c:111
\#8 0x000017e17d9d8616 in main (argc=1, argv=0x7f7fffff06b8, envp=0x7f7fffff06c8) at vl.c:4325
[1] https://www.openbsd.org/faq/upgrade60.html
[2] https://undeadly.org/cgi?action=article&sid=20160527203200
Backports commit 7776ea6b49873ed18a2111e25ed8a6d94bd73db8 from qemu
Intel Processor Trace required CPUID[0x14] but the cpuid_level
have no change when create a kvm guest with
e.g. "-cpu qemu64,+intel-pt
Backports relevant bits of commit
f24c3a79a415042f6dc195f029a2ba7247d14cac from qemu
This ports over the RISC-V architecture from Qemu. This is currently a
very barebones transition. No code hooking or any fancy stuff.
Currently, you can feed it instructions and query the CPU state itself.
This also allows choosing whether or not RISC-V 32-bit or RISC-V 64-bit
is desirable through Unicorn's interface as well.
Extremely basic examples of executing a single instruction have been
added to the samples directory to help demonstrate how to use the basic
functionality.
These changes were mostly made in upstream unicorn for what I can guess,
was to support old versions of MSVC's compiler.
This is also a pain to maintain, since everything needs to be done
manually and can be a source of errors. It also makes it take more work
than it needs to, to backport changes from qemu.
Because of that, this change restores Qemu's organization of the
coprocessor registers.
This decoding more closely matches the ARMv8.4 Table C4-6,
Encoding table for Data Processing - Register Group.
In particular, op2 == 0 is now more than just Add/sub (with carry).
Backports commit 2fba34f70d9a81bab56e61bb99a4d6632bdfe531 from qemu
We do not need an out-of-line helper for manipulating bits in pstate.
While changing things, share the implementation of gen_ss_advance.
Backports commit 22ac3c49641f6eed93dca5b852030b4d3eacf6c4 from qemu
The EL0+UMA check is unique to DAIF. While SPSel had avoided the
check by nature of already checking EL >= 1, the other post v8.0
extensions to MSR (imm) allow EL0 and do not require UMA. Avoid
the unconditional write to pc and use raise_exception_ra to unwind.
Backports commit ff730e9666a716b669ac4a8ca7c521177d1d2b15 from qemu
Minimize the number of places that will need updating when
the virtual host extensions are added.
Backports commit 64e40755cd41fbe8cd266cf387e42ddc57a449ef from qemu
Found by inspection: Rn is the base register against which the
load began; I is the register within the mask being processed.
The exception return should of course be processed from the loaded PC.
Backports commit 9d090d17234058f55c3c439d285db78c94d7d4de from qemu
Previously we weren't even initializing the instruction table, so any
attempt at emulation would cause a segmentation fault.
This also moves the end address check after the decoding to correctly
perform exiting behavior with the new translator model.
Previously we'd be checking prior to the actual decoding if we were at
the ending address. This worked fine using the old model of the
translation process in qemu. However, this causes the wrong behavior to
occur in both ARM and Thumb/Thumb-2 modes using the newer translator
model.
Given the translator itself checks for the end address already, this
needs to be placed within arm_post_translate_insn().
This prevents the emulation process being off-by-one as well when it
comes to actually executing the instructions.
* Fixes the logic for Dylib extensions on macOS.
* Adds an uninstall task and documentation.
Backports commit 94b116877670ed9bbe38b71e3b9ad28f10cb3775 from unicorn
* update python binding samples, shellcode.py with 64bit syscall
* fix with quynh comments
* fix with more q comments
* reformatted
* reformatted and moved file
* reformatted and moved file
* delete file
* delete dead code
* deleted more dead code
* deleted more dead code / fix bugs
* fix 64bit eip intno eax
* rearrage rip
* Inconsistent print
Backports commit 8c6cbe3f3cabed57b23b721c29f937dd5baafc90 from unicorn.
