1
The following changes since commit a3cb6d5004ff638aefe686ecd540718a793bd1b1:
1
The following changes since commit 848a6caa88b9f082c89c9b41afa975761262981d:
2
2
3
Merge tag 'pull-tcg-20230525' of https://gitlab.com/rth7680/qemu into staging (2023-05-25 11:11:52 -0700)
3
Merge tag 'migration-20230602-pull-request' of https://gitlab.com/juan.quintela/qemu into staging (2023-06-02 17:33:29 -0700)
4
4
5
are available in the Git repository at:
5
are available in the Git repository at:
6
6
7
https://gitlab.com/gaosong/qemu.git tags/pull-loongarch-20230526
7
https://gitlab.com/gaosong/qemu.git tags/pull-loongarch-20230605
8
8
9
for you to fetch changes up to 65bfaaae6ac79ebc623acc0ce28cc3bd4fe8b5e5:
9
for you to fetch changes up to 8555ddc671203969b0e6eb651e538d02a9a79b3a:
10
10
11
target/loongarch: Fix the vinsgr2vr/vpickve2gr instructions cause system coredump (2023-05-26 17:21:16 +0800)
11
hw/intc/loongarch_ipi: Bring back all 4 IPI mailboxes (2023-06-05 11:08:55 +0800)
12
12
13
----------------------------------------------------------------
13
----------------------------------------------------------------
14
pull-loongarch-20230526
14
Fixes Coverity CID: 1512452, 1512453
15
Fixes: 78464f023b54 ("hw/loongarch/virt: Modify ipi as percpu device")
15
16
16
----------------------------------------------------------------
17
----------------------------------------------------------------
17
Song Gao (2):
18
Jiaxun Yang (1):
18
target/loongarch: Fix LD/ST{LE/GT} instructions get wrong CSR_ERA and CSR_BADV
19
hw/intc/loongarch_ipi: Bring back all 4 IPI mailboxes
19
target/loongarch: Fix the vinsgr2vr/vpickve2gr instructions cause system coredump
20
20
21
target/loongarch/cpu.c | 2 +-
21
hw/intc/loongarch_ipi.c | 6 +++---
22
target/loongarch/insn_trans/trans_lsx.c.inc | 39 +++++++++++++++++++----------
22
include/hw/intc/loongarch_ipi.h | 4 +++-
23
target/loongarch/op_helper.c | 6 +++--
23
2 files changed, 6 insertions(+), 4 deletions(-)
24
3 files changed, 31 insertions(+), 16 deletions(-)
diff view generated by jsdifflib
Deleted patch
1
1.helper_asrtle_d/helper_asrtgt_d need use GETPC() to get PC;
2
2 LD/ST{LE/GT} need set CSR_BADV = gpr[rj];
3
3 ASRTLE.D/ASRTGT.D also write CSR_BADV, but this value is random
4
and has no reference value.
5
1
6
Signed-off-by: Song Gao <gaosong@loongson.cn>
7
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
8
Message-Id: <20230515130042.2719712-1-gaosong@loongson.cn>
9
---
10
target/loongarch/cpu.c | 2 +-
11
target/loongarch/op_helper.c | 6 ++++--
12
2 files changed, 5 insertions(+), 3 deletions(-)
13
14
diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
15
index XXXXXXX..XXXXXXX 100644
16
--- a/target/loongarch/cpu.c
17
+++ b/target/loongarch/cpu.c
18
@@ -XXX,XX +XXX,XX @@ static void loongarch_cpu_do_interrupt(CPUState *cs)
19
case EXCCODE_IPE:
20
case EXCCODE_FPD:
21
case EXCCODE_FPE:
22
- case EXCCODE_BCE:
23
case EXCCODE_SXD:
24
env->CSR_BADV = env->pc;
25
QEMU_FALLTHROUGH;
26
+ case EXCCODE_BCE:
27
case EXCCODE_ADEM:
28
case EXCCODE_PIL:
29
case EXCCODE_PIS:
30
diff --git a/target/loongarch/op_helper.c b/target/loongarch/op_helper.c
31
index XXXXXXX..XXXXXXX 100644
32
--- a/target/loongarch/op_helper.c
33
+++ b/target/loongarch/op_helper.c
34
@@ -XXX,XX +XXX,XX @@ target_ulong helper_bitswap(target_ulong v)
35
void helper_asrtle_d(CPULoongArchState *env, target_ulong rj, target_ulong rk)
36
{
37
if (rj > rk) {
38
- do_raise_exception(env, EXCCODE_BCE, 0);
39
+ env->CSR_BADV = rj;
40
+ do_raise_exception(env, EXCCODE_BCE, GETPC());
41
}
42
}
43
44
void helper_asrtgt_d(CPULoongArchState *env, target_ulong rj, target_ulong rk)
45
{
46
if (rj <= rk) {
47
- do_raise_exception(env, EXCCODE_BCE, 0);
48
+ env->CSR_BADV = rj;
49
+ do_raise_exception(env, EXCCODE_BCE, GETPC());
50
}
51
}
52
53
--
54
2.39.1
diff view generated by jsdifflib
1
The vinsgr2vr/vpickve2gr instructions need use get_src/get_dst to get
1
From: Jiaxun Yang <jiaxun.yang@flygoat.com>
2
gpr registers value, not cpu_gpr[]. The $zero register does not
3
have cpu_gpr[0] allocated.
4
2
5
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1662
3
As per "Loongson 3A5000/3B5000 Processor Reference Manual",
4
Loongson 3A5000's IPI implementation have 4 mailboxes per
5
core.
6
6
7
However, in 78464f023b54 ("hw/loongarch/virt: Modify ipi as
8
percpu device"), the number of IPI mailboxes was reduced to
9
one, which mismatches actual hardware.
10
11
It won't affect LoongArch based system as LoongArch boot code
12
only uses the first mailbox, however MIPS based Loongson boot
13
code uses all 4 mailboxes.
14
15
Fixes Coverity CID: 1512452, 1512453
16
Fixes: 78464f023b54 ("hw/loongarch/virt: Modify ipi as percpu device")
17
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com>
18
Reviewed-by: Song Gao <gaosong@loongson.cn>
19
Message-Id: <20230521102307.87081-2-jiaxun.yang@flygoat.com>
7
Signed-off-by: Song Gao <gaosong@loongson.cn>
20
Signed-off-by: Song Gao <gaosong@loongson.cn>
8
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
9
Message-Id: <20230525120005.2223413-1-gaosong@loongson.cn>
10
---
21
---
11
target/loongarch/insn_trans/trans_lsx.c.inc | 39 ++++++++++++++-------
22
hw/intc/loongarch_ipi.c | 6 +++---
12
1 file changed, 26 insertions(+), 13 deletions(-)
23
include/hw/intc/loongarch_ipi.h | 4 +++-
24
2 files changed, 6 insertions(+), 4 deletions(-)
13
25
14
diff --git a/target/loongarch/insn_trans/trans_lsx.c.inc b/target/loongarch/insn_trans/trans_lsx.c.inc
26
diff --git a/hw/intc/loongarch_ipi.c b/hw/intc/loongarch_ipi.c
15
index XXXXXXX..XXXXXXX 100644
27
index XXXXXXX..XXXXXXX 100644
16
--- a/target/loongarch/insn_trans/trans_lsx.c.inc
28
--- a/hw/intc/loongarch_ipi.c
17
+++ b/target/loongarch/insn_trans/trans_lsx.c.inc
29
+++ b/hw/intc/loongarch_ipi.c
18
@@ -XXX,XX +XXX,XX @@ TRANS(vsetallnez_d, gen_cv, gen_helper_vsetallnez_d)
30
@@ -XXX,XX +XXX,XX @@ static void loongarch_ipi_init(Object *obj)
19
31
20
static bool trans_vinsgr2vr_b(DisasContext *ctx, arg_vr_i *a)
32
static const VMStateDescription vmstate_ipi_core = {
21
{
33
.name = "ipi-single",
22
+ TCGv src = gpr_src(ctx, a->rj, EXT_NONE);
34
- .version_id = 1,
23
CHECK_SXE;
35
- .minimum_version_id = 1,
24
- tcg_gen_st8_i64(cpu_gpr[a->rj], cpu_env,
36
+ .version_id = 2,
25
+ tcg_gen_st8_i64(src, cpu_env,
37
+ .minimum_version_id = 2,
26
offsetof(CPULoongArchState, fpr[a->vd].vreg.B(a->imm)));
38
.fields = (VMStateField[]) {
27
return true;
39
VMSTATE_UINT32(status, IPICore),
28
}
40
VMSTATE_UINT32(en, IPICore),
29
41
VMSTATE_UINT32(set, IPICore),
30
static bool trans_vinsgr2vr_h(DisasContext *ctx, arg_vr_i *a)
42
VMSTATE_UINT32(clear, IPICore),
31
{
43
- VMSTATE_UINT32_ARRAY(buf, IPICore, 2),
32
+ TCGv src = gpr_src(ctx, a->rj, EXT_NONE);
44
+ VMSTATE_UINT32_ARRAY(buf, IPICore, IPI_MBX_NUM * 2),
33
CHECK_SXE;
45
VMSTATE_END_OF_LIST()
34
- tcg_gen_st16_i64(cpu_gpr[a->rj], cpu_env,
46
}
35
+ tcg_gen_st16_i64(src, cpu_env,
47
};
36
offsetof(CPULoongArchState, fpr[a->vd].vreg.H(a->imm)));
48
diff --git a/include/hw/intc/loongarch_ipi.h b/include/hw/intc/loongarch_ipi.h
37
return true;
49
index XXXXXXX..XXXXXXX 100644
38
}
50
--- a/include/hw/intc/loongarch_ipi.h
39
51
+++ b/include/hw/intc/loongarch_ipi.h
40
static bool trans_vinsgr2vr_w(DisasContext *ctx, arg_vr_i *a)
52
@@ -XXX,XX +XXX,XX @@
41
{
53
#define MAIL_SEND_OFFSET 0
42
+ TCGv src = gpr_src(ctx, a->rj, EXT_NONE);
54
#define ANY_SEND_OFFSET (IOCSR_ANY_SEND - IOCSR_MAIL_SEND)
43
CHECK_SXE;
55
44
- tcg_gen_st32_i64(cpu_gpr[a->rj], cpu_env,
56
+#define IPI_MBX_NUM 4
45
+ tcg_gen_st32_i64(src, cpu_env,
57
+
46
offsetof(CPULoongArchState, fpr[a->vd].vreg.W(a->imm)));
58
#define TYPE_LOONGARCH_IPI "loongarch_ipi"
47
return true;
59
OBJECT_DECLARE_SIMPLE_TYPE(LoongArchIPI, LOONGARCH_IPI)
48
}
60
49
61
@@ -XXX,XX +XXX,XX @@ typedef struct IPICore {
50
static bool trans_vinsgr2vr_d(DisasContext *ctx, arg_vr_i *a)
62
uint32_t set;
51
{
63
uint32_t clear;
52
+ TCGv src = gpr_src(ctx, a->rj, EXT_NONE);
64
/* 64bit buf divide into 2 32bit buf */
53
CHECK_SXE;
65
- uint32_t buf[2];
54
- tcg_gen_st_i64(cpu_gpr[a->rj], cpu_env,
66
+ uint32_t buf[IPI_MBX_NUM * 2];
55
+ tcg_gen_st_i64(src, cpu_env,
67
qemu_irq irq;
56
offsetof(CPULoongArchState, fpr[a->vd].vreg.D(a->imm)));
68
} IPICore;
57
return true;
58
}
59
60
static bool trans_vpickve2gr_b(DisasContext *ctx, arg_rv_i *a)
61
{
62
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
63
CHECK_SXE;
64
- tcg_gen_ld8s_i64(cpu_gpr[a->rd], cpu_env,
65
+ tcg_gen_ld8s_i64(dst, cpu_env,
66
offsetof(CPULoongArchState, fpr[a->vj].vreg.B(a->imm)));
67
return true;
68
}
69
70
static bool trans_vpickve2gr_h(DisasContext *ctx, arg_rv_i *a)
71
{
72
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
73
CHECK_SXE;
74
- tcg_gen_ld16s_i64(cpu_gpr[a->rd], cpu_env,
75
+ tcg_gen_ld16s_i64(dst, cpu_env,
76
offsetof(CPULoongArchState, fpr[a->vj].vreg.H(a->imm)));
77
return true;
78
}
79
80
static bool trans_vpickve2gr_w(DisasContext *ctx, arg_rv_i *a)
81
{
82
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
83
CHECK_SXE;
84
- tcg_gen_ld32s_i64(cpu_gpr[a->rd], cpu_env,
85
+ tcg_gen_ld32s_i64(dst, cpu_env,
86
offsetof(CPULoongArchState, fpr[a->vj].vreg.W(a->imm)));
87
return true;
88
}
89
90
static bool trans_vpickve2gr_d(DisasContext *ctx, arg_rv_i *a)
91
{
92
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
93
CHECK_SXE;
94
- tcg_gen_ld_i64(cpu_gpr[a->rd], cpu_env,
95
+ tcg_gen_ld_i64(dst, cpu_env,
96
offsetof(CPULoongArchState, fpr[a->vj].vreg.D(a->imm)));
97
return true;
98
}
99
100
static bool trans_vpickve2gr_bu(DisasContext *ctx, arg_rv_i *a)
101
{
102
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
103
CHECK_SXE;
104
- tcg_gen_ld8u_i64(cpu_gpr[a->rd], cpu_env,
105
+ tcg_gen_ld8u_i64(dst, cpu_env,
106
offsetof(CPULoongArchState, fpr[a->vj].vreg.B(a->imm)));
107
return true;
108
}
109
110
static bool trans_vpickve2gr_hu(DisasContext *ctx, arg_rv_i *a)
111
{
112
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
113
CHECK_SXE;
114
- tcg_gen_ld16u_i64(cpu_gpr[a->rd], cpu_env,
115
+ tcg_gen_ld16u_i64(dst, cpu_env,
116
offsetof(CPULoongArchState, fpr[a->vj].vreg.H(a->imm)));
117
return true;
118
}
119
120
static bool trans_vpickve2gr_wu(DisasContext *ctx, arg_rv_i *a)
121
{
122
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
123
CHECK_SXE;
124
- tcg_gen_ld32u_i64(cpu_gpr[a->rd], cpu_env,
125
+ tcg_gen_ld32u_i64(dst, cpu_env,
126
offsetof(CPULoongArchState, fpr[a->vj].vreg.W(a->imm)));
127
return true;
128
}
129
130
static bool trans_vpickve2gr_du(DisasContext *ctx, arg_rv_i *a)
131
{
132
+ TCGv dst = gpr_dst(ctx, a->rd, EXT_NONE);
133
CHECK_SXE;
134
- tcg_gen_ld_i64(cpu_gpr[a->rd], cpu_env,
135
+ tcg_gen_ld_i64(dst, cpu_env,
136
offsetof(CPULoongArchState, fpr[a->vj].vreg.D(a->imm)));
137
return true;
138
}
139
140
static bool gvec_dup(DisasContext *ctx, arg_vr *a, MemOp mop)
141
{
142
+ TCGv src = gpr_src(ctx, a->rj, EXT_NONE);
143
CHECK_SXE;
144
145
tcg_gen_gvec_dup_i64(mop, vec_full_offset(a->vd),
146
- 16, ctx->vl/8, cpu_gpr[a->rj]);
147
+ 16, ctx->vl/8, src);
148
return true;
149
}
150
69
151
--
70
--
152
2.39.1
71
2.39.1
diff view generated by jsdifflib