Amend MXU instruction opcodes. Pool04 is actually only instruction
OPC_MXU_S16MAD. Two cases within S16MAD are recognized by 1-bit
subfield 'aptn1'.
Backports commit eab0bdb07cbed1131be2d1f541059c7b96b05e32 from qemu
Define a bit for MXU in insn_flags. This is the first non-MIPS
(third party) ASE supported in QEMU for MIPS, so it is placed in
the section "bits 56-63: vendor-specific ASEs".
Backports commit a031ac61619294ae473a78d1834e757fad8b59e5 from qemu
Define and initialize the 16 MXU registers - 15 general computational
register, and 1 control register). There is also a zero register, but
it does not have any corresponding variable.
Backports commit eb5559f67dc8dc12335dd996877bb6daaea32eb2 from qemu.
Implement emulation of nanoMIPS EVA instructions. They are all
part of P.LS.E0 instruction pool, or one of its subpools.
Backports commit d046a9ea1b8877a570a8b12a2d0125ec59fe5b22 from qemu
Opcode for ALIGN and DALIGN must be in fact ranges of opcodes, to
allow paremeter 'bp' to occupy two and three bits, respectively.
Backports commit 373ecd3823f949fd550ec49685299e287af5753e from qemu
Replace MIPS32 with MIPS, since the file covers all generations
of MIPS architectures.
Backports commit ab99e0e44bc7b0e2e52d9083a673866b18470536 from qemu
The primary purpose of this change is to support programs compiled by
GCC for the R5900 target and thereby run R5900 Linux distributions, for
example Gentoo.
GCC in version 7.3, by itself, by inspection of the GCC source code
and inspection of the generated machine code, for the R5900 target,
only emits two instructions that are specific to the R5900: the three-
operand MULT and MULTU. GCC and libc also emit certain MIPS III
instructions that are not part of the R5900 ISA. They are normally
trapped and emulated by the Linux kernel, and therefore need to be
treated accordingly by QEMU.
A program compiled by GCC is taken to mean source code compiled by GCC
under the restrictions above. One can, with the apparent limitations,
with a bit of effort obtain a fully functioning operating system such
as R5900 Gentoo. Strictly speaking, programs need not be compiled by
GCC to make use of this change.
Instructions and other facilities of the R5900 not implemented by this
change are intended to signal provisional exceptions. One such example
is the FPU that is not compliant with IEEE 754-1985 in system mode. It
is therefore provisionally disabled. In user space the FPU is trapped
and emulated by IEEE 754-1985 compliant software in the kernel, and
this is handled accordingly by QEMU. Another example is the 93
multimedia instructions specific to the R5900 that generate provisional
reserved instruction exception signals.
One of the benefits of running a Linux distribution under QEMU is that
programs can be compiled with a native compiler, where the host and
target are the same, as opposed to a cross-compiler, where they are
not the same. This is especially important in cases where the target
hardware does not have the resources to run a native compiler.
Problems with cross-compilation are often related to host and target
differences in integer sizes, pointer sizes, endianness, machine code,
ABI, etc. Sometimes cross-compilation is not even supported by the
build script for a given package. One effective way to avoid those
problems is to replace the cross-compiler with a native compiler. This
change of compilation methods does not resolve the inherent problems
with cross-compilation.
The native compiler naturally replaces the cross-compiler, because one
typically uses one or the other, and preferably the native compiler
when the circumstances admit this. The native compiler is also a good
test case for the R5900 QEMU user mode. Additionally, Gentoo is well-
known for compiling and installing its packages from sources.
This change has been tested with Gentoo compiled for R5900, including
native compilation of several packages under QEMU.
Backports commit ed4f49ba9bb56ebca6987b1083255daf6c89b5de from qemu.
The Linux kernel traps certain reserved instruction exceptions to
emulate the corresponding instructions. QEMU plays the role of the
kernel in user mode, so those traps are emulated by accepting the
instructions.
This change adds the function check_insn_opc_user_only to signal a
reserved instruction exception for flagged CPUs in QEMU system mode.
The MIPS III instructions DMULT[U], DDIV[U], LL[D] and SC[D] are not
implemented in R5900 hardware. They are trapped and emulated by the
Linux kernel and, accordingly, therefore QEMU user only instructions.
Backports commit 96631327be14c4f54cc31f873c278d9ffedd1e00 from qemu
The R5900 is taken to be MIPS III with certain modifications. From
MIPS IV it implements the instructions MOVN, MOVZ and PREF.
Backports commit 5601e6217d90ed322b4b9a6d68e8db607db91842 from qemu
The three-operand MULT and MULTU are the only R5900-specific
instructions emitted by GCC 7.3. The R5900 also implements the three-
operand MADD and MADDU instructions, but they are omitted in QEMU for
now since they are absent in programs compiled by current GCC versions.
Likewise, the R5900-specific pipeline 1 instruction variants MULT1,
MULTU1, DIV1, DIVU1, MADD1, MADDU1, MFHI1, MFLO1, MTHI1 and MTLO1
are omitted here as well.
Backports commit 21e8e8b230af38b6bd8c953fa5f31e4a5a128e1c from qemu
The R5900 implements the 64-bit MIPS III instruction set except
DMULT, DMULTU, DDIV, DDIVU, LL, SC, LLD and SCD. The MIPS IV
instructions MOVN, MOVZ and PREF are implemented. It has the
R5900-specific three-operand instructions MADD, MADDU, MULT and
MULTU as well as pipeline 1 versions MULT1, MULTU1, DIV1, DIVU1,
MADD1, MADDU1, MFHI1, MFLO1, MTHI1 and MTLO1. A set of 93 128-bit
multimedia instructions specific to the R5900 is also implemented.
The Toshiba TX System RISC TX79 Core Architecture manual:
https://wiki.qemu.org/File:C790.pdf
describes the C790 processor that is a follow-up to the R5900. There
are a few notable differences in that the R5900 FPU
- is not IEEE 754-1985 compliant,
- does not implement double format, and
- its machine code is nonstandard.
Backports commit 6f692818a7b53630702d25a709cd61282fd139ad from qemu
Since QEMU does not implement ASIDs, changes to the ASID must flush the
tlb. However, if the ASID does not change there is no reason to flush.
In testing a boot of the Ubuntu installer to the first menu, this reduces
the number of flushes by 30%, or nearly 600k instances.
Backports commit 93f379b0c43617b1361f742f261479eaed4959cb from qemu
The EL3 version of this register does not include an ASID,
and so the tlb_flush performed by vmsa_ttbr_write is not needed.
Backports commit f478847f1ee0df9397f561025ab2f687fd923571 from qemu
Instead of shifts and masks, use direct loads and stores from
the neon register file.
Backports commit 2d6ac920837f558be214ad2ddd28cad7f3b15e5c from qemu
For a sequence of loads or stores from a single register,
little-endian operations can be promoted to an 8-byte op.
This can reduce the number of operations by a factor of 8.
Backports commit e23f12b3a252352b575908ca7b94587acd004641 from qemu
Instead of shifts and masks, use direct loads and stores from the neon
register file. Mirror the iteration structure of the ARM pseudocode
more closely. Correct the parameters of the VLD2 A2 insn.
Note that this includes a bugfix for handling of the insn
"VLD2 (multiple 2-element structures)" -- we were using an
incorrect stride value.
Backports commit ac55d00709e78cd39dfa298dcaac7aecb58762e8 from qemu
Also introduces neon_element_offset to find the env offset
of a specific element within a neon register.
Backports commit 32f91fb71f4c32113ec8c2af5f74f14abe6c7162 from qemu
For a sequence of loads or stores from a single register,
little-endian operations can be promoted to an 8-byte op.
This can reduce the number of operations by a factor of 8.
Backports commit 87f9a7f0c8d5122c36743885158782c2348a6d21 from qemu
This can reduce the number of opcodes required for certain
complex forms of load-multiple (e.g. ld4.16b).
Backports commit a7d8143aed2268f147cc1abfebc848ed6282a313 from qemu
For traps of FP/SIMD instructions to AArch32 Hyp mode, the syndrome
provided in HSR has more information than is reported to AArch64.
Specifically, there are extra fields TA and coproc which indicate
whether the trapped instruction was FP or SIMD. Add this extra
information to the syndromes we construct, and mask it out when
taking the exception to AArch64.
Backports commit 4be42f4013fa1a9df47b48aae5148767bed8e80c from qemu
For the v7 version of the Arm architecture, the IL bit in
syndrome register values where the field is not valid was
defined to be UNK/SBZP. In v8 this is RES1, which is what
QEMU currently implements. Handle the desired v7 behaviour
by squashing the IL bit for the affected cases:
* EC == EC_UNCATEGORIZED
* prefetch aborts
* data aborts where ISV is 0
(The fourth case listed in the v8 Arm ARM DDI 0487C.a in
section G7.2.70, "illegal state exception", can't happen
on a v7 CPU.)
This deals with a corner case noted in a comment.
Backports commit 2ed08180db096ea5e44573529b85e09b1ed10b08 from qemu
