From nobody Mon Nov 3 08:19:44 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1507557057483298.6450460740389; Mon, 9 Oct 2017 06:50:57 -0700 (PDT) Received: from localhost ([::1]:58009 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1YSK-0002an-Qw for importer@patchew.org; Mon, 09 Oct 2017 09:50:52 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43412) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e1YQN-0001Hc-Gx for qemu-devel@nongnu.org; Mon, 09 Oct 2017 09:48:52 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e1YQM-00045k-CX for qemu-devel@nongnu.org; Mon, 09 Oct 2017 09:48:51 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:37778) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1e1YQJ-0003zX-Oe; Mon, 09 Oct 2017 09:48:47 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1e1YQF-0004Zo-KS; Mon, 09 Oct 2017 14:48:43 +0100 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Mon, 9 Oct 2017 14:48:38 +0100 Message-Id: <1507556919-24992-9-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1507556919-24992-1-git-send-email-peter.maydell@linaro.org> References: <1507556919-24992-1-git-send-email-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH 8/9] target/arm: Support some Thumb insns being always unconditional X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: patches@linaro.org, Richard Henderson Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" A few Thumb instructions are always unconditional even inside an IT block (as opposed to being UNPREDICTABLE if used inside an IT block): BKPT, the v8M SG instruction, and the A profile HLT (debug halt) instruction. This means we need to suppress the jump-over-instruction-on-condfail code generation (though the IT state still advances as usual and subsequent insns in the IT block may be conditional). Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- target/arm/translate.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++= +- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/target/arm/translate.c b/target/arm/translate.c index 5838e67..9d16760 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -12115,6 +12115,52 @@ static void arm_tr_translate_insn(DisasContextBase= *dcbase, CPUState *cpu) in init_disas_context by adjusting max_insns. */ } =20 +static bool thumb_insn_is_unconditional(DisasContext *s, uint32_t insn) +{ + /* Return true if this Thumb insn is always unconditional, + * even inside an IT block. This is true of only a very few + * instructions: BKPT, HLT, and SG. + * + * A larger class of instructions are UNPREDICTABLE if used + * inside an IT block; we do not need to detect those here, because + * what we do by default (perform the cc check and update the IT + * bits state machine) is a permitted CONSTRAINED UNPREDICTABLE + * choice for those situations. + * + * insn is either a 16-bit or a 32-bit instruction; the two are + * distinguishable because for the 16-bit case the top 16 bits + * are zeroes, and that isn't a valid 32-bit encoding. + */ + if ((insn & 0xffffff00) =3D=3D 0xbe00) { + /* BKPT */ + return true; + } + + if ((insn & 0xffffffc0) =3D=3D 0xba80 && arm_dc_feature(s, ARM_FEATURE= _V8) && + !arm_dc_feature(s, ARM_FEATURE_M)) { + /* HLT: v8A only. This is unconditional even when it is going to + * UNDEF; see the v8A ARM ARM DDI0487B.a H3.3. + * For v7 cores this was a plain old undefined encoding and so + * honours its cc check. (We might be using the encoding as + * a semihosting trap, but we don't change the cc check behaviour + * on that account, because a debugger connected to a real v7A + * core and emulating semihosting traps by catching the UNDEF + * exception would also only see cases where the cc check passed. + * No guest code should be trying to do a HLT semihosting trap + * in an IT block anyway. + */ + return true; + } + + if (insn =3D=3D 0xe97fe97f && arm_dc_feature(s, ARM_FEATURE_V8) && + arm_dc_feature(s, ARM_FEATURE_M)) { + /* SG: v8M only */ + return true; + } + + return false; +} + static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cp= u) { DisasContext *dc =3D container_of(dcbase, DisasContext, base); @@ -12136,7 +12182,7 @@ static void thumb_tr_translate_insn(DisasContextBas= e *dcbase, CPUState *cpu) dc->pc +=3D 2; } =20 - if (dc->condexec_mask) { + if (dc->condexec_mask && !thumb_insn_is_unconditional(dc, insn)) { uint32_t cond =3D dc->condexec_cond; =20 if (cond !=3D 0x0e) { /* Skip conditional when condition is AL= . */ --=20 2.7.4