* [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2)
@ 2018-01-08 23:10 Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill() Laurent Vivier
` (5 more replies)
0 siblings, 6 replies; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier
This series introduces the MC68040 MMU.
But first of all, we need to modify the prototype
of tlb_fill() and handle_mmu_fault handler to pass
the size of the access. MC68040 stores this value
in the exception stack frame.
Following patches add:
- MMU page table and fault handlers,
- Transparent Translation Registers
- instruction "moves" to move data
between user and kernel space
- instructions pflush/ptest, to flush TLB and
convert virtual address to physical address
- "info tlb" HMP command
I have tested it doesn't break QEMU linux-user mode
emulation and coldfire softmmu machine.
With the help of these patches I'm able to start
a debian etch-m68k, but the following patches
are still missing in master:
- m68k softfloat series
- Quadra 800 machine emulation series
(VIA emulation, Nubus emulation,
ESCC control/data address bit selector,
video card emulation, ESP Pseudo-DMA,
SWIM floppy controller, Apple Sound Chip
emulation, and some big-endian fixes for
dp8393x)
Laurent Vivier (6):
accel/tcg: add size paremeter in tlb_fill()
target/m68k: add MC68040 MMU
target/m68k: add Transparent Translation
target/m68k: add moves
target/m68k: add pflush/ptest
target/m68k: add HMP command "info tlb"
accel/tcg/cputlb.c | 13 +-
accel/tcg/softmmu_template.h | 14 +-
accel/tcg/user-exec.c | 2 +-
hmp-commands-info.hx | 2 +-
include/exec/exec-all.h | 6 +-
include/qom/cpu.h | 2 +-
target/alpha/cpu.h | 2 +-
target/alpha/helper.c | 4 +-
target/alpha/mem_helper.c | 6 +-
target/arm/cpu.c | 4 +-
target/arm/op_helper.c | 4 +-
target/cris/cpu.h | 2 +-
target/cris/helper.c | 4 +-
target/cris/op_helper.c | 6 +-
target/hppa/cpu.h | 3 +-
target/hppa/helper.c | 2 +-
target/hppa/op_helper.c | 2 +-
target/i386/cpu.h | 2 +-
target/i386/excp_helper.c | 4 +-
target/i386/mem_helper.c | 6 +-
target/lm32/cpu.h | 2 +-
target/lm32/helper.c | 2 +-
target/lm32/op_helper.c | 6 +-
target/m68k/cpu.c | 4 +-
target/m68k/cpu.h | 129 +++++++-
target/m68k/helper.c | 673 +++++++++++++++++++++++++++++++++++++++++-
target/m68k/helper.h | 4 +
target/m68k/monitor.c | 22 ++
target/m68k/op_helper.c | 102 ++++++-
target/m68k/qregs.def | 2 +
target/m68k/translate.c | 112 +++++++
target/microblaze/cpu.h | 2 +-
target/microblaze/helper.c | 4 +-
target/microblaze/op_helper.c | 6 +-
target/mips/helper.c | 2 +-
target/mips/internal.h | 2 +-
target/mips/op_helper.c | 10 +-
target/moxie/cpu.h | 2 +-
target/moxie/helper.c | 10 +-
target/nios2/cpu.h | 2 +-
target/nios2/helper.c | 6 +-
target/nios2/mmu.c | 6 +-
target/openrisc/cpu.h | 2 +-
target/openrisc/mmu.c | 8 +-
target/openrisc/mmu_helper.c | 6 +-
target/ppc/cpu.h | 2 +-
target/ppc/mmu_helper.c | 4 +-
target/ppc/user_only_helper.c | 2 +-
target/s390x/excp_helper.c | 4 +-
target/s390x/internal.h | 2 +-
target/s390x/mem_helper.c | 8 +-
target/sh4/cpu.h | 2 +-
target/sh4/helper.c | 4 +-
target/sh4/op_helper.c | 6 +-
target/sparc/cpu.h | 2 +-
target/sparc/ldst_helper.c | 6 +-
target/sparc/mmu_helper.c | 6 +-
target/tilegx/cpu.c | 4 +-
target/tricore/op_helper.c | 4 +-
target/unicore32/cpu.h | 2 +-
target/unicore32/helper.c | 2 +-
target/unicore32/op_helper.c | 6 +-
target/unicore32/softmmu.c | 2 +-
target/xtensa/op_helper.c | 4 +-
64 files changed, 1156 insertions(+), 132 deletions(-)
--
2.14.3
^ permalink raw reply [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill()
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
@ 2018-01-08 23:10 ` Laurent Vivier
2018-01-10 8:43 ` [Qemu-devel] [qemu-s390x] " David Hildenbrand
2018-01-08 23:10 ` [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU Laurent Vivier
` (4 subsequent siblings)
5 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel
Cc: Laurent Vivier, Richard Henderson, Paolo Bonzini, Peter Maydell,
Edgar E . Iglesias, Eduardo Habkost, Michael Walle,
Aurelien Jarno, Anthony Green, Chris Wulff, Stafford Horne,
Alexander Graf, Artyom Tarasenko, Bastian Koppelmann,
Guan Xuetao, Max Filippov, qemu-arm, qemu-ppc, qemu-s390x
The MC68040 MMU provides the size of the access that
triggers the page fault.
This size is set in the Special Status Word which
is written in the stack frame of the access fault
exception.
So we need the size in m68k_cpu_unassigned_access() and
m68k_cpu_handle_mmu_fault().
To be able to do that, this patch modifies the prototype of
handle_mmu_fault handler, tlb_fill() and probe_write().
do_unassigned_access() already includes a size parameter.
This patch also updates handle_mmu_fault handlers and
tlb_fill() of all targets (only parameter, no code change).
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
CC: Richard Henderson <richard.henderson@linaro.org>
CC: Paolo Bonzini <pbonzini@redhat.com>
CC: Peter Maydell <peter.maydell@linaro.org>
CC: Edgar E. Iglesias <edgar.iglesias@gmail.com>
CC: Eduardo Habkost <ehabkost@redhat.com>
CC: Michael Walle <michael@walle.cc>
CC: Aurelien Jarno <aurelien@aurel32.net>
CC: Anthony Green <green@moxielogic.com>
CC: Chris Wulff <crwulff@gmail.com>
CC: Stafford Horne <shorne@gmail.com>
CC: Alexander Graf <agraf@suse.de>
CC: Artyom Tarasenko <atar4qemu@gmail.com>
CC: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
CC: Guan Xuetao <gxt@mprc.pku.edu.cn>
CC: Max Filippov <jcmvbkbc@gmail.com>
CC: qemu-arm@nongnu.org
CC: qemu-ppc@nongnu.org
CC: qemu-s390x@nongnu.org
accel/tcg/cputlb.c | 13 ++++++++-----
accel/tcg/softmmu_template.h | 14 ++++++++------
accel/tcg/user-exec.c | 2 +-
include/exec/exec-all.h | 6 +++---
include/qom/cpu.h | 2 +-
target/alpha/cpu.h | 2 +-
target/alpha/helper.c | 4 ++--
target/alpha/mem_helper.c | 6 +++---
target/arm/cpu.c | 4 ++--
target/arm/op_helper.c | 4 ++--
target/cris/cpu.h | 2 +-
target/cris/helper.c | 4 ++--
target/cris/op_helper.c | 6 +++---
target/hppa/cpu.h | 3 ++-
target/hppa/helper.c | 2 +-
target/hppa/op_helper.c | 2 +-
target/i386/cpu.h | 2 +-
target/i386/excp_helper.c | 4 ++--
target/i386/mem_helper.c | 6 +++---
target/lm32/cpu.h | 2 +-
target/lm32/helper.c | 2 +-
target/lm32/op_helper.c | 6 +++---
target/m68k/cpu.h | 2 +-
target/m68k/helper.c | 4 ++--
target/m68k/op_helper.c | 6 +++---
target/microblaze/cpu.h | 2 +-
target/microblaze/helper.c | 4 ++--
target/microblaze/op_helper.c | 6 +++---
target/mips/helper.c | 2 +-
target/mips/internal.h | 2 +-
target/mips/op_helper.c | 10 +++++-----
target/moxie/cpu.h | 2 +-
target/moxie/helper.c | 10 +++++-----
target/nios2/cpu.h | 2 +-
target/nios2/helper.c | 6 ++++--
target/nios2/mmu.c | 6 +++---
target/openrisc/cpu.h | 2 +-
target/openrisc/mmu.c | 8 ++++----
target/openrisc/mmu_helper.c | 6 +++---
target/ppc/cpu.h | 2 +-
target/ppc/mmu_helper.c | 4 ++--
target/ppc/user_only_helper.c | 2 +-
target/s390x/excp_helper.c | 4 ++--
target/s390x/internal.h | 2 +-
target/s390x/mem_helper.c | 8 ++++----
target/sh4/cpu.h | 2 +-
target/sh4/helper.c | 4 ++--
target/sh4/op_helper.c | 6 +++---
target/sparc/cpu.h | 2 +-
target/sparc/ldst_helper.c | 6 +++---
target/sparc/mmu_helper.c | 6 +++---
target/tilegx/cpu.c | 4 ++--
target/tricore/op_helper.c | 4 ++--
target/unicore32/cpu.h | 2 +-
target/unicore32/helper.c | 2 +-
target/unicore32/op_helper.c | 6 +++---
target/unicore32/softmmu.c | 2 +-
target/xtensa/op_helper.c | 4 ++--
58 files changed, 129 insertions(+), 121 deletions(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 8fd84209df..0ab9942a5f 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -880,7 +880,7 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr)
if (unlikely(env->tlb_table[mmu_idx][index].addr_code !=
(addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK)))) {
if (!VICTIM_TLB_HIT(addr_read, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, MMU_INST_FETCH, mmu_idx, 0);
+ tlb_fill(ENV_GET_CPU(env), addr, 1, MMU_INST_FETCH, mmu_idx, 0);
}
}
iotlbentry = &env->iotlb[mmu_idx][index];
@@ -928,7 +928,7 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr)
* Otherwise the function will return, and there will be a valid
* entry in the TLB for this access.
*/
-void probe_write(CPUArchState *env, target_ulong addr, int mmu_idx,
+void probe_write(CPUArchState *env, target_ulong addr, int size, int mmu_idx,
uintptr_t retaddr)
{
int index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
@@ -938,7 +938,8 @@ void probe_write(CPUArchState *env, target_ulong addr, int mmu_idx,
!= (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK))) {
/* TLB entry is for a different page */
if (!VICTIM_TLB_HIT(addr_write, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, MMU_DATA_STORE, mmu_idx, retaddr);
+ tlb_fill(ENV_GET_CPU(env), addr, size, MMU_DATA_STORE,
+ mmu_idx, retaddr);
}
}
}
@@ -981,7 +982,8 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
if ((addr & TARGET_PAGE_MASK)
!= (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK))) {
if (!VICTIM_TLB_HIT(addr_write, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, MMU_DATA_STORE, mmu_idx, retaddr);
+ tlb_fill(ENV_GET_CPU(env), addr, 1 << s_bits, MMU_DATA_STORE,
+ mmu_idx, retaddr);
}
tlb_addr = tlbe->addr_write & ~TLB_INVALID_MASK;
}
@@ -995,7 +997,8 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
/* Let the guest notice RMW on a write-only page. */
if (unlikely(tlbe->addr_read != (tlb_addr & ~TLB_NOTDIRTY))) {
- tlb_fill(ENV_GET_CPU(env), addr, MMU_DATA_LOAD, mmu_idx, retaddr);
+ tlb_fill(ENV_GET_CPU(env), addr, 1 << s_bits, MMU_DATA_LOAD,
+ mmu_idx, retaddr);
/* Since we don't support reads and writes to different addresses,
and we do have the proper page loaded for write, this shouldn't
ever return. But just in case, handle via stop-the-world. */
diff --git a/accel/tcg/softmmu_template.h b/accel/tcg/softmmu_template.h
index 3fc5144316..239ea6692b 100644
--- a/accel/tcg/softmmu_template.h
+++ b/accel/tcg/softmmu_template.h
@@ -124,7 +124,7 @@ WORD_TYPE helper_le_ld_name(CPUArchState *env, target_ulong addr,
if ((addr & TARGET_PAGE_MASK)
!= (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK))) {
if (!VICTIM_TLB_HIT(ADDR_READ, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, READ_ACCESS_TYPE,
+ tlb_fill(ENV_GET_CPU(env), addr, DATA_SIZE, READ_ACCESS_TYPE,
mmu_idx, retaddr);
}
tlb_addr = env->tlb_table[mmu_idx][index].ADDR_READ;
@@ -191,7 +191,7 @@ WORD_TYPE helper_be_ld_name(CPUArchState *env, target_ulong addr,
if ((addr & TARGET_PAGE_MASK)
!= (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK))) {
if (!VICTIM_TLB_HIT(ADDR_READ, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, READ_ACCESS_TYPE,
+ tlb_fill(ENV_GET_CPU(env), addr, DATA_SIZE, READ_ACCESS_TYPE,
mmu_idx, retaddr);
}
tlb_addr = env->tlb_table[mmu_idx][index].ADDR_READ;
@@ -283,7 +283,8 @@ void helper_le_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
if ((addr & TARGET_PAGE_MASK)
!= (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK))) {
if (!VICTIM_TLB_HIT(addr_write, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, MMU_DATA_STORE, mmu_idx, retaddr);
+ tlb_fill(ENV_GET_CPU(env), addr, DATA_SIZE, MMU_DATA_STORE,
+ mmu_idx, retaddr);
}
tlb_addr = env->tlb_table[mmu_idx][index].addr_write & ~TLB_INVALID_MASK;
}
@@ -316,7 +317,7 @@ void helper_le_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
tlb_addr2 = env->tlb_table[mmu_idx][index2].addr_write;
if (page2 != (tlb_addr2 & (TARGET_PAGE_MASK | TLB_INVALID_MASK))
&& !VICTIM_TLB_HIT(addr_write, page2)) {
- tlb_fill(ENV_GET_CPU(env), page2, MMU_DATA_STORE,
+ tlb_fill(ENV_GET_CPU(env), page2, DATA_SIZE, MMU_DATA_STORE,
mmu_idx, retaddr);
}
@@ -359,7 +360,8 @@ void helper_be_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
if ((addr & TARGET_PAGE_MASK)
!= (tlb_addr & (TARGET_PAGE_MASK | TLB_INVALID_MASK))) {
if (!VICTIM_TLB_HIT(addr_write, addr)) {
- tlb_fill(ENV_GET_CPU(env), addr, MMU_DATA_STORE, mmu_idx, retaddr);
+ tlb_fill(ENV_GET_CPU(env), addr, DATA_SIZE, MMU_DATA_STORE,
+ mmu_idx, retaddr);
}
tlb_addr = env->tlb_table[mmu_idx][index].addr_write & ~TLB_INVALID_MASK;
}
@@ -392,7 +394,7 @@ void helper_be_st_name(CPUArchState *env, target_ulong addr, DATA_TYPE val,
tlb_addr2 = env->tlb_table[mmu_idx][index2].addr_write;
if (page2 != (tlb_addr2 & (TARGET_PAGE_MASK | TLB_INVALID_MASK))
&& !VICTIM_TLB_HIT(addr_write, page2)) {
- tlb_fill(ENV_GET_CPU(env), page2, MMU_DATA_STORE,
+ tlb_fill(ENV_GET_CPU(env), page2, DATA_SIZE, MMU_DATA_STORE,
mmu_idx, retaddr);
}
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index f42285ea1c..2548f4d394 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -137,7 +137,7 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
cc = CPU_GET_CLASS(cpu);
/* see if it is an MMU fault */
g_assert(cc->handle_mmu_fault);
- ret = cc->handle_mmu_fault(cpu, address, is_write, MMU_USER_IDX);
+ ret = cc->handle_mmu_fault(cpu, address, 1, is_write, MMU_USER_IDX);
if (ret == 0) {
/* The MMU fault was handled without causing real CPU fault.
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index b37f7d8d92..e5afd2e6d3 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -253,7 +253,7 @@ void tlb_set_page(CPUState *cpu, target_ulong vaddr,
hwaddr paddr, int prot,
int mmu_idx, target_ulong size);
void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr);
-void probe_write(CPUArchState *env, target_ulong addr, int mmu_idx,
+void probe_write(CPUArchState *env, target_ulong addr, int size, int mmu_idx,
uintptr_t retaddr);
#else
static inline void tlb_flush_page(CPUState *cpu, target_ulong addr)
@@ -436,8 +436,8 @@ void tb_lock_reset(void);
struct MemoryRegion *iotlb_to_region(CPUState *cpu,
hwaddr index, MemTxAttrs attrs);
-void tlb_fill(CPUState *cpu, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr);
+void tlb_fill(CPUState *cpu, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr);
#endif
diff --git a/include/qom/cpu.h b/include/qom/cpu.h
index 93bd546879..aff88fa16f 100644
--- a/include/qom/cpu.h
+++ b/include/qom/cpu.h
@@ -174,7 +174,7 @@ typedef struct CPUClass {
Error **errp);
void (*set_pc)(CPUState *cpu, vaddr value);
void (*synchronize_from_tb)(CPUState *cpu, struct TranslationBlock *tb);
- int (*handle_mmu_fault)(CPUState *cpu, vaddr address, int rw,
+ int (*handle_mmu_fault)(CPUState *cpu, vaddr address, int size, int rw,
int mmu_index);
hwaddr (*get_phys_page_debug)(CPUState *cpu, vaddr addr);
hwaddr (*get_phys_page_attrs_debug)(CPUState *cpu, vaddr addr,
diff --git a/target/alpha/cpu.h b/target/alpha/cpu.h
index 0a9ad35f06..09720c2f3b 100644
--- a/target/alpha/cpu.h
+++ b/target/alpha/cpu.h
@@ -479,7 +479,7 @@ void alpha_cpu_list(FILE *f, fprintf_function cpu_fprintf);
is returned if the signal was handled by the virtual CPU. */
int cpu_alpha_signal_handler(int host_signum, void *pinfo,
void *puc);
-int alpha_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int alpha_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
void QEMU_NORETURN dynamic_excp(CPUAlphaState *, uintptr_t, int, int);
void QEMU_NORETURN arith_excp(CPUAlphaState *, uintptr_t, int, uint64_t);
diff --git a/target/alpha/helper.c b/target/alpha/helper.c
index 36407f77f5..bbf72cadfb 100644
--- a/target/alpha/helper.c
+++ b/target/alpha/helper.c
@@ -103,7 +103,7 @@ void cpu_alpha_store_gr(CPUAlphaState *env, unsigned reg, uint64_t val)
}
#if defined(CONFIG_USER_ONLY)
-int alpha_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int alpha_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int rw, int mmu_idx)
{
AlphaCPU *cpu = ALPHA_CPU(cs);
@@ -247,7 +247,7 @@ hwaddr alpha_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
return (fail >= 0 ? -1 : phys);
}
-int alpha_cpu_handle_mmu_fault(CPUState *cs, vaddr addr, int rw,
+int alpha_cpu_handle_mmu_fault(CPUState *cs, vaddr addr, int size, int rw,
int mmu_idx)
{
AlphaCPU *cpu = ALPHA_CPU(cs);
diff --git a/target/alpha/mem_helper.c b/target/alpha/mem_helper.c
index 430eea470b..e19ab91ec9 100644
--- a/target/alpha/mem_helper.c
+++ b/target/alpha/mem_helper.c
@@ -69,12 +69,12 @@ void alpha_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
/* XXX: fix it to restore all registers */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = alpha_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = alpha_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret != 0)) {
/* Exception index and error code are already set */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index cc1856c32b..9da6ea505c 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -1689,8 +1689,8 @@ static Property arm_cpu_properties[] = {
};
#ifdef CONFIG_USER_ONLY
-static int arm_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
- int mmu_idx)
+static int arm_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
+ int rw, int mmu_idx)
{
ARMCPU *cpu = ARM_CPU(cs);
CPUARMState *env = &cpu->env;
diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index b36206343d..e8da1b8590 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -172,8 +172,8 @@ static void deliver_fault(ARMCPU *cpu, vaddr addr, MMUAccessType access_type,
* NULL, it means that the function was called in C code (i.e. not
* from generated code or from helper.c)
*/
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
bool ret;
ARMMMUFaultInfo fi = {};
diff --git a/target/cris/cpu.h b/target/cris/cpu.h
index b64fa3542c..764b35cbae 100644
--- a/target/cris/cpu.h
+++ b/target/cris/cpu.h
@@ -283,7 +283,7 @@ static inline int cpu_mmu_index (CPUCRISState *env, bool ifetch)
return !!(env->pregs[PR_CCS] & U_FLAG);
}
-int cris_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int cris_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
/* Support function regs. */
diff --git a/target/cris/helper.c b/target/cris/helper.c
index af78cca8b9..d2ec349191 100644
--- a/target/cris/helper.c
+++ b/target/cris/helper.c
@@ -53,7 +53,7 @@ void crisv10_cpu_do_interrupt(CPUState *cs)
cris_cpu_do_interrupt(cs);
}
-int cris_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int cris_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
CRISCPU *cpu = CRIS_CPU(cs);
@@ -76,7 +76,7 @@ static void cris_shift_ccs(CPUCRISState *env)
env->pregs[PR_CCS] = ccs;
}
-int cris_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int cris_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
CRISCPU *cpu = CRIS_CPU(cs);
diff --git a/target/cris/op_helper.c b/target/cris/op_helper.c
index e92505c907..becd831b6b 100644
--- a/target/cris/op_helper.c
+++ b/target/cris/op_helper.c
@@ -41,8 +41,8 @@
/* Try to fill the TLB and return an exception if error. If retaddr is
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
CRISCPU *cpu = CRIS_CPU(cs);
CPUCRISState *env = &cpu->env;
@@ -50,7 +50,7 @@ void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
D_LOG("%s pc=%x tpc=%x ra=%p\n", __func__,
env->pc, env->pregs[PR_EDA], (void *)retaddr);
- ret = cris_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = cris_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
if (retaddr) {
/* now we have a real cpu fault */
diff --git a/target/hppa/cpu.h b/target/hppa/cpu.h
index 8d14077763..1a35eae1fa 100644
--- a/target/hppa/cpu.h
+++ b/target/hppa/cpu.h
@@ -132,7 +132,8 @@ void cpu_hppa_loaded_fr0(CPUHPPAState *env);
#define cpu_signal_handler cpu_hppa_signal_handler
int cpu_hppa_signal_handler(int host_signum, void *pinfo, void *puc);
-int hppa_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw, int midx);
+int hppa_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size,
+ int rw, int midx);
int hppa_cpu_gdb_read_register(CPUState *cpu, uint8_t *buf, int reg);
int hppa_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
void hppa_cpu_do_interrupt(CPUState *cpu);
diff --git a/target/hppa/helper.c b/target/hppa/helper.c
index ba04a9a52b..23f7af7018 100644
--- a/target/hppa/helper.c
+++ b/target/hppa/helper.c
@@ -65,7 +65,7 @@ void cpu_hppa_put_psw(CPUHPPAState *env, target_ulong psw)
env->psw_cb = cb;
}
-int hppa_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int hppa_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int rw, int mmu_idx)
{
HPPACPU *cpu = HPPA_CPU(cs);
diff --git a/target/hppa/op_helper.c b/target/hppa/op_helper.c
index 3104404e8d..106a2fd448 100644
--- a/target/hppa/op_helper.c
+++ b/target/hppa/op_helper.c
@@ -139,7 +139,7 @@ static void do_stby_e(CPUHPPAState *env, target_ulong addr, target_ulong val,
/* Nothing is stored, but protection is checked and the
cacheline is marked dirty. */
#ifndef CONFIG_USER_ONLY
- probe_write(env, addr, cpu_mmu_index(env, 0), ra);
+ probe_write(env, addr, 1, cpu_mmu_index(env, 0), ra);
#endif
break;
}
diff --git a/target/i386/cpu.h b/target/i386/cpu.h
index 62c4742703..ac4fa2127c 100644
--- a/target/i386/cpu.h
+++ b/target/i386/cpu.h
@@ -1497,7 +1497,7 @@ void host_cpuid(uint32_t function, uint32_t count,
void host_vendor_fms(char *vendor, int *family, int *model, int *stepping);
/* helper.c */
-int x86_cpu_handle_mmu_fault(CPUState *cpu, vaddr addr,
+int x86_cpu_handle_mmu_fault(CPUState *cpu, vaddr addr, int size,
int is_write, int mmu_idx);
void x86_cpu_set_a20(X86CPU *cpu, int a20_state);
diff --git a/target/i386/excp_helper.c b/target/i386/excp_helper.c
index cef44495ab..cb4d1b7d33 100644
--- a/target/i386/excp_helper.c
+++ b/target/i386/excp_helper.c
@@ -138,7 +138,7 @@ void raise_exception_ra(CPUX86State *env, int exception_index, uintptr_t retaddr
}
#if defined(CONFIG_USER_ONLY)
-int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr,
+int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr, int size,
int is_write, int mmu_idx)
{
X86CPU *cpu = X86_CPU(cs);
@@ -162,7 +162,7 @@ int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr,
* 0 = nothing more to do
* 1 = generate PF fault
*/
-int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr,
+int x86_cpu_handle_mmu_fault(CPUState *cs, vaddr addr, int size,
int is_write1, int mmu_idx)
{
X86CPU *cpu = X86_CPU(cs);
diff --git a/target/i386/mem_helper.c b/target/i386/mem_helper.c
index 70f67668ab..a8ae694a9c 100644
--- a/target/i386/mem_helper.c
+++ b/target/i386/mem_helper.c
@@ -199,12 +199,12 @@ void helper_boundl(CPUX86State *env, target_ulong a0, int v)
* from generated code or from helper.c)
*/
/* XXX: fix it to restore all registers */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = x86_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = x86_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (ret) {
X86CPU *cpu = X86_CPU(cs);
CPUX86State *env = &cpu->env;
diff --git a/target/lm32/cpu.h b/target/lm32/cpu.h
index 2279594f40..ce0a2f24c4 100644
--- a/target/lm32/cpu.h
+++ b/target/lm32/cpu.h
@@ -263,7 +263,7 @@ bool lm32_cpu_do_semihosting(CPUState *cs);
#define cpu_list lm32_cpu_list
#define cpu_signal_handler cpu_lm32_signal_handler
-int lm32_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int lm32_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
#include "exec/cpu-all.h"
diff --git a/target/lm32/helper.c b/target/lm32/helper.c
index 929cc36c14..a039a993ff 100644
--- a/target/lm32/helper.c
+++ b/target/lm32/helper.c
@@ -25,7 +25,7 @@
#include "exec/semihost.h"
#include "exec/log.h"
-int lm32_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int lm32_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
LM32CPU *cpu = LM32_CPU(cs);
diff --git a/target/lm32/op_helper.c b/target/lm32/op_helper.c
index 30f670eee8..577f8306e3 100644
--- a/target/lm32/op_helper.c
+++ b/target/lm32/op_helper.c
@@ -144,12 +144,12 @@ uint32_t HELPER(rcsr_jrx)(CPULM32State *env)
* NULL, it means that the function was called in C code (i.e. not
* from generated code or from helper.c)
*/
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = lm32_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = lm32_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
/* now we have a real cpu fault */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index 2985b039e1..c60564a047 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -418,7 +418,7 @@ static inline int cpu_mmu_index (CPUM68KState *env, bool ifetch)
return (env->sr & SR_S) == 0 ? 1 : 0;
}
-int m68k_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int m68k_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
#include "exec/cpu-all.h"
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index a999389e9a..ef0ec5dadf 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -308,7 +308,7 @@ void m68k_switch_sp(CPUM68KState *env)
#if defined(CONFIG_USER_ONLY)
-int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
M68kCPU *cpu = M68K_CPU(cs);
@@ -328,7 +328,7 @@ hwaddr m68k_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
return addr;
}
-int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
int prot;
diff --git a/target/m68k/op_helper.c b/target/m68k/op_helper.c
index c61ca9392f..67697d4e6d 100644
--- a/target/m68k/op_helper.c
+++ b/target/m68k/op_helper.c
@@ -39,12 +39,12 @@ static inline void do_interrupt_m68k_hardirq(CPUM68KState *env)
/* Try to fill the TLB and return an exception if error. If retaddr is
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = m68k_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = m68k_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
/* now we have a real cpu fault */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/microblaze/cpu.h b/target/microblaze/cpu.h
index 52b6b6aec7..f3e7405a62 100644
--- a/target/microblaze/cpu.h
+++ b/target/microblaze/cpu.h
@@ -367,7 +367,7 @@ static inline int cpu_mmu_index (CPUMBState *env, bool ifetch)
return MMU_KERNEL_IDX;
}
-int mb_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int mb_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
#include "exec/cpu-all.h"
diff --git a/target/microblaze/helper.c b/target/microblaze/helper.c
index da394d1dfc..fac6ee9263 100644
--- a/target/microblaze/helper.c
+++ b/target/microblaze/helper.c
@@ -38,7 +38,7 @@ void mb_cpu_do_interrupt(CPUState *cs)
env->regs[14] = env->sregs[SR_PC];
}
-int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
cs->exception_index = 0xaa;
@@ -48,7 +48,7 @@ int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
#else /* !CONFIG_USER_ONLY */
-int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int mb_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
diff --git a/target/microblaze/op_helper.c b/target/microblaze/op_helper.c
index 4cf51568df..869072a2d1 100644
--- a/target/microblaze/op_helper.c
+++ b/target/microblaze/op_helper.c
@@ -33,12 +33,12 @@
* NULL, it means that the function was called in C code (i.e. not
* from generated code or from helper.c)
*/
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = mb_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = mb_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
/* now we have a real cpu fault */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/mips/helper.c b/target/mips/helper.c
index ea076261af..8cf91ce339 100644
--- a/target/mips/helper.c
+++ b/target/mips/helper.c
@@ -535,7 +535,7 @@ hwaddr mips_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
}
#endif
-int mips_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int mips_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
MIPSCPU *cpu = MIPS_CPU(cs);
diff --git a/target/mips/internal.h b/target/mips/internal.h
index 45ded3484c..e41051f8e6 100644
--- a/target/mips/internal.h
+++ b/target/mips/internal.h
@@ -202,7 +202,7 @@ void cpu_mips_start_count(CPUMIPSState *env);
void cpu_mips_stop_count(CPUMIPSState *env);
/* helper.c */
-int mips_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int mips_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
/* op_helper.c */
diff --git a/target/mips/op_helper.c b/target/mips/op_helper.c
index e537a8bfd8..293574d53e 100644
--- a/target/mips/op_helper.c
+++ b/target/mips/op_helper.c
@@ -2451,12 +2451,12 @@ void mips_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
do_raise_exception_err(env, excp, error_code, retaddr);
}
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = mips_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = mips_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (ret) {
MIPSCPU *cpu = MIPS_CPU(cs);
CPUMIPSState *env = &cpu->env;
@@ -4190,10 +4190,10 @@ static inline void ensure_writable_pages(CPUMIPSState *env,
target_ulong page_addr;
if (unlikely(MSA_PAGESPAN(addr))) {
/* first page */
- probe_write(env, addr, mmu_idx, retaddr);
+ probe_write(env, addr, 1, mmu_idx, retaddr);
/* second page */
page_addr = (addr & TARGET_PAGE_MASK) + TARGET_PAGE_SIZE;
- probe_write(env, page_addr, mmu_idx, retaddr);
+ probe_write(env, page_addr, 1, mmu_idx, retaddr);
}
#endif
}
diff --git a/target/moxie/cpu.h b/target/moxie/cpu.h
index d37e6a5572..a01f480821 100644
--- a/target/moxie/cpu.h
+++ b/target/moxie/cpu.h
@@ -142,7 +142,7 @@ static inline void cpu_get_tb_cpu_state(CPUMoxieState *env, target_ulong *pc,
*flags = 0;
}
-int moxie_cpu_handle_mmu_fault(CPUState *cpu, vaddr address,
+int moxie_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size,
int rw, int mmu_idx);
#endif /* MOXIE_CPU_H */
diff --git a/target/moxie/helper.c b/target/moxie/helper.c
index 6890ffd71c..b8e86560da 100644
--- a/target/moxie/helper.c
+++ b/target/moxie/helper.c
@@ -29,12 +29,12 @@
/* Try to fill the TLB and return an exception if error. If retaddr is
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = moxie_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = moxie_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
cpu_loop_exit_restore(cs, retaddr);
}
@@ -94,7 +94,7 @@ void moxie_cpu_do_interrupt(CPUState *cs)
cs->exception_index = -1;
}
-int moxie_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int moxie_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int rw, int mmu_idx)
{
MoxieCPU *cpu = MOXIE_CPU(cs);
@@ -107,7 +107,7 @@ int moxie_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
#else /* !CONFIG_USER_ONLY */
-int moxie_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int moxie_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int rw, int mmu_idx)
{
MoxieCPU *cpu = MOXIE_CPU(cs);
diff --git a/target/nios2/cpu.h b/target/nios2/cpu.h
index 88823a6d4d..204b39add7 100644
--- a/target/nios2/cpu.h
+++ b/target/nios2/cpu.h
@@ -252,7 +252,7 @@ static inline int cpu_mmu_index(CPUNios2State *env, bool ifetch)
MMU_SUPERVISOR_IDX;
}
-int nios2_cpu_handle_mmu_fault(CPUState *env, vaddr address,
+int nios2_cpu_handle_mmu_fault(CPUState *env, vaddr address, int size,
int rw, int mmu_idx);
static inline int cpu_interrupts_enabled(CPUNios2State *env)
diff --git a/target/nios2/helper.c b/target/nios2/helper.c
index 9f741a8f19..a169c91eaa 100644
--- a/target/nios2/helper.c
+++ b/target/nios2/helper.c
@@ -37,7 +37,8 @@ void nios2_cpu_do_interrupt(CPUState *cs)
env->regs[R_EA] = env->regs[R_PC] + 4;
}
-int nios2_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw, int mmu_idx)
+int nios2_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
+ int rw, int mmu_idx)
{
cs->exception_index = 0xaa;
/* Page 0x1000 is kuser helper */
@@ -232,7 +233,8 @@ static int cpu_nios2_handle_virtual_page(
return 1;
}
-int nios2_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw, int mmu_idx)
+int nios2_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
+ int rw, int mmu_idx)
{
Nios2CPU *cpu = NIOS2_CPU(cs);
CPUNios2State *env = &cpu->env;
diff --git a/target/nios2/mmu.c b/target/nios2/mmu.c
index 0cd8647510..69b71cba4a 100644
--- a/target/nios2/mmu.c
+++ b/target/nios2/mmu.c
@@ -35,12 +35,12 @@
#define MMU_LOG(x)
#endif
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = nios2_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = nios2_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
/* now we have a real cpu fault */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/openrisc/cpu.h b/target/openrisc/cpu.h
index cc22dc8871..fb46cc9986 100644
--- a/target/openrisc/cpu.h
+++ b/target/openrisc/cpu.h
@@ -356,7 +356,7 @@ hwaddr openrisc_cpu_get_phys_page_debug(CPUState *cpu, vaddr addr);
int openrisc_cpu_gdb_read_register(CPUState *cpu, uint8_t *buf, int reg);
int openrisc_cpu_gdb_write_register(CPUState *cpu, uint8_t *buf, int reg);
void openrisc_translate_init(void);
-int openrisc_cpu_handle_mmu_fault(CPUState *cpu, vaddr address,
+int openrisc_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size,
int rw, int mmu_idx);
int cpu_openrisc_signal_handler(int host_signum, void *pinfo, void *puc);
diff --git a/target/openrisc/mmu.c b/target/openrisc/mmu.c
index ce2a29dd1a..2bd782f89b 100644
--- a/target/openrisc/mmu.c
+++ b/target/openrisc/mmu.c
@@ -178,8 +178,8 @@ static void cpu_openrisc_raise_mmu_exception(OpenRISCCPU *cpu,
}
#ifndef CONFIG_USER_ONLY
-int openrisc_cpu_handle_mmu_fault(CPUState *cs,
- vaddr address, int rw, int mmu_idx)
+int openrisc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
+ int rw, int mmu_idx)
{
OpenRISCCPU *cpu = OPENRISC_CPU(cs);
int ret = 0;
@@ -202,8 +202,8 @@ int openrisc_cpu_handle_mmu_fault(CPUState *cs,
return ret;
}
#else
-int openrisc_cpu_handle_mmu_fault(CPUState *cs,
- vaddr address, int rw, int mmu_idx)
+int openrisc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
+ int rw, int mmu_idx)
{
OpenRISCCPU *cpu = OPENRISC_CPU(cs);
int ret = 0;
diff --git a/target/openrisc/mmu_helper.c b/target/openrisc/mmu_helper.c
index a3e182c42d..97e1d17b5a 100644
--- a/target/openrisc/mmu_helper.c
+++ b/target/openrisc/mmu_helper.c
@@ -25,12 +25,12 @@
#ifndef CONFIG_USER_ONLY
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = openrisc_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = openrisc_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (ret) {
/* Raise Exception. */
diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h
index 370b05e76e..3e06e1706b 100644
--- a/target/ppc/cpu.h
+++ b/target/ppc/cpu.h
@@ -1291,7 +1291,7 @@ void ppc_translate_init(void);
int cpu_ppc_signal_handler (int host_signum, void *pinfo,
void *puc);
#if defined(CONFIG_USER_ONLY)
-int ppc_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int ppc_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
#endif
diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 2a1f9902c9..6c822bc533 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2903,8 +2903,8 @@ void helper_check_tlb_flush_global(CPUPPCState *env)
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
/* XXX: fix it to restore all registers */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
PowerPCCPU *cpu = POWERPC_CPU(cs);
PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cs);
diff --git a/target/ppc/user_only_helper.c b/target/ppc/user_only_helper.c
index 6aff34713f..2f1477f102 100644
--- a/target/ppc/user_only_helper.c
+++ b/target/ppc/user_only_helper.c
@@ -21,7 +21,7 @@
#include "qemu/osdep.h"
#include "cpu.h"
-int ppc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int ppc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
PowerPCCPU *cpu = POWERPC_CPU(cs);
diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c
index f4697a884d..e8f7a40c2b 100644
--- a/target/s390x/excp_helper.c
+++ b/target/s390x/excp_helper.c
@@ -55,7 +55,7 @@ void s390_cpu_do_interrupt(CPUState *cs)
cs->exception_index = -1;
}
-int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int rw, int mmu_idx)
{
S390CPU *cpu = S390_CPU(cs);
@@ -83,7 +83,7 @@ static inline uint64_t cpu_mmu_idx_to_asc(int mmu_idx)
}
}
-int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr,
+int s390_cpu_handle_mmu_fault(CPUState *cs, vaddr orig_vaddr, int size,
int rw, int mmu_idx)
{
S390CPU *cpu = S390_CPU(cs);
diff --git a/target/s390x/internal.h b/target/s390x/internal.h
index 1a88e4beb4..fea165ffe4 100644
--- a/target/s390x/internal.h
+++ b/target/s390x/internal.h
@@ -323,7 +323,7 @@ ObjectClass *s390_cpu_class_by_name(const char *name);
void s390x_cpu_debug_excp_handler(CPUState *cs);
void s390_cpu_do_interrupt(CPUState *cpu);
bool s390_cpu_exec_interrupt(CPUState *cpu, int int_req);
-int s390_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int s390_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
void s390x_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
MMUAccessType access_type,
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index 2625d843b3..692aa2bc98 100644
--- a/target/s390x/mem_helper.c
+++ b/target/s390x/mem_helper.c
@@ -39,10 +39,10 @@
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
/* XXX: fix it to restore all registers */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
- int ret = s390_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ int ret = s390_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret != 0)) {
cpu_loop_exit_restore(cs, retaddr);
}
@@ -1440,7 +1440,7 @@ static uint32_t do_csst(CPUS390XState *env, uint32_t r3, uint64_t a1,
/* Sanity check writability of the store address. */
#ifndef CONFIG_USER_ONLY
- probe_write(env, a2, mem_idx, ra);
+ probe_write(env, a2, 1, mem_idx, ra);
#endif
/* Note that the compare-and-swap is atomic, and the store is atomic, but
diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h
index a2c26e0597..52a4568dd5 100644
--- a/target/sh4/cpu.h
+++ b/target/sh4/cpu.h
@@ -246,7 +246,7 @@ void superh_cpu_do_unaligned_access(CPUState *cpu, vaddr addr,
void sh4_translate_init(void);
int cpu_sh4_signal_handler(int host_signum, void *pinfo,
void *puc);
-int superh_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int superh_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
void sh4_cpu_list(FILE *f, fprintf_function cpu_fprintf);
diff --git a/target/sh4/helper.c b/target/sh4/helper.c
index 680b583e53..2ff0cf4060 100644
--- a/target/sh4/helper.c
+++ b/target/sh4/helper.c
@@ -34,7 +34,7 @@ void superh_cpu_do_interrupt(CPUState *cs)
cs->exception_index = -1;
}
-int superh_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int superh_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
SuperHCPU *cpu = SUPERH_CPU(cs);
@@ -458,7 +458,7 @@ static int get_physical_address(CPUSH4State * env, target_ulong * physical,
return get_mmu_address(env, physical, prot, address, rw, access_type);
}
-int superh_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int superh_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
SuperHCPU *cpu = SUPERH_CPU(cs);
diff --git a/target/sh4/op_helper.c b/target/sh4/op_helper.c
index d798f239cf..4b8bbf63b4 100644
--- a/target/sh4/op_helper.c
+++ b/target/sh4/op_helper.c
@@ -40,12 +40,12 @@ void superh_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
cpu_loop_exit_restore(cs, retaddr);
}
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = superh_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = superh_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (ret) {
/* now we have a real cpu fault */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/sparc/cpu.h b/target/sparc/cpu.h
index 9fde547fac..3eaffb354e 100644
--- a/target/sparc/cpu.h
+++ b/target/sparc/cpu.h
@@ -582,7 +582,7 @@ void cpu_raise_exception_ra(CPUSPARCState *, int, uintptr_t) QEMU_NORETURN;
void cpu_sparc_set_id(CPUSPARCState *env, unsigned int cpu);
void sparc_cpu_list(FILE *f, fprintf_function cpu_fprintf);
/* mmu_helper.c */
-int sparc_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int sparc_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
target_ulong mmu_probe(CPUSPARCState *env, target_ulong address, int mmulev);
void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUSPARCState *env);
diff --git a/target/sparc/ldst_helper.c b/target/sparc/ldst_helper.c
index fb489cb5fd..5bc090213c 100644
--- a/target/sparc/ldst_helper.c
+++ b/target/sparc/ldst_helper.c
@@ -1929,12 +1929,12 @@ void QEMU_NORETURN sparc_cpu_do_unaligned_access(CPUState *cs, vaddr addr,
NULL, it means that the function was called in C code (i.e. not
from generated code or from helper.c) */
/* XXX: fix it to restore all registers */
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = sparc_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = sparc_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (ret) {
cpu_loop_exit_restore(cs, retaddr);
}
diff --git a/target/sparc/mmu_helper.c b/target/sparc/mmu_helper.c
index d5b6c1e48c..a0426ade43 100644
--- a/target/sparc/mmu_helper.c
+++ b/target/sparc/mmu_helper.c
@@ -27,7 +27,7 @@
#if defined(CONFIG_USER_ONLY)
-int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
SPARCCPU *cpu = SPARC_CPU(cs);
@@ -208,7 +208,7 @@ static int get_physical_address(CPUSPARCState *env, hwaddr *physical,
}
/* Perform address translation */
-int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
SPARCCPU *cpu = SPARC_CPU(cs);
@@ -713,7 +713,7 @@ static int get_physical_address(CPUSPARCState *env, hwaddr *physical,
}
/* Perform address translation */
-int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
+int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
SPARCCPU *cpu = SPARC_CPU(cs);
diff --git a/target/tilegx/cpu.c b/target/tilegx/cpu.c
index 2ef8ea7daa..c140b461ac 100644
--- a/target/tilegx/cpu.c
+++ b/target/tilegx/cpu.c
@@ -112,8 +112,8 @@ static void tilegx_cpu_do_interrupt(CPUState *cs)
cs->exception_index = -1;
}
-static int tilegx_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int rw,
- int mmu_idx)
+static int tilegx_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
+ int rw, int mmu_idx)
{
TileGXCPU *cpu = TILEGX_CPU(cs);
diff --git a/target/tricore/op_helper.c b/target/tricore/op_helper.c
index 40ed229486..098f217c2a 100644
--- a/target/tricore/op_helper.c
+++ b/target/tricore/op_helper.c
@@ -2806,8 +2806,8 @@ static inline void QEMU_NORETURN do_raise_exception_err(CPUTriCoreState *env,
cpu_loop_exit_restore(cs, pc);
}
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
ret = cpu_tricore_handle_mmu_fault(cs, addr, access_type, mmu_idx);
diff --git a/target/unicore32/cpu.h b/target/unicore32/cpu.h
index 3dc6fbc6c7..a3cc71416d 100644
--- a/target/unicore32/cpu.h
+++ b/target/unicore32/cpu.h
@@ -181,7 +181,7 @@ static inline void cpu_get_tb_cpu_state(CPUUniCore32State *env, target_ulong *pc
}
}
-int uc32_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int rw,
+int uc32_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
void uc32_translate_init(void);
void switch_mode(CPUUniCore32State *, int);
diff --git a/target/unicore32/helper.c b/target/unicore32/helper.c
index 3393d2c020..a5ff2ddb74 100644
--- a/target/unicore32/helper.c
+++ b/target/unicore32/helper.c
@@ -230,7 +230,7 @@ void uc32_cpu_do_interrupt(CPUState *cs)
cpu_abort(cs, "NO interrupt in user mode\n");
}
-int uc32_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int uc32_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int access_type, int mmu_idx)
{
cpu_abort(cs, "NO mmu fault in user mode\n");
diff --git a/target/unicore32/op_helper.c b/target/unicore32/op_helper.c
index 8788642a7f..e0a15882d3 100644
--- a/target/unicore32/op_helper.c
+++ b/target/unicore32/op_helper.c
@@ -244,12 +244,12 @@ uint32_t HELPER(ror_cc)(CPUUniCore32State *env, uint32_t x, uint32_t i)
}
#ifndef CONFIG_USER_ONLY
-void tlb_fill(CPUState *cs, target_ulong addr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong addr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
int ret;
- ret = uc32_cpu_handle_mmu_fault(cs, addr, access_type, mmu_idx);
+ ret = uc32_cpu_handle_mmu_fault(cs, addr, size, access_type, mmu_idx);
if (unlikely(ret)) {
/* now we have a real cpu fault */
cpu_loop_exit_restore(cs, retaddr);
diff --git a/target/unicore32/softmmu.c b/target/unicore32/softmmu.c
index d8d76968f3..00c7e0d028 100644
--- a/target/unicore32/softmmu.c
+++ b/target/unicore32/softmmu.c
@@ -215,7 +215,7 @@ do_fault:
return code;
}
-int uc32_cpu_handle_mmu_fault(CPUState *cs, vaddr address,
+int uc32_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
int access_type, int mmu_idx)
{
UniCore32CPU *cpu = UNICORE32_CPU(cs);
diff --git a/target/xtensa/op_helper.c b/target/xtensa/op_helper.c
index 3d990c0caa..0bc3ce6d8f 100644
--- a/target/xtensa/op_helper.c
+++ b/target/xtensa/op_helper.c
@@ -50,8 +50,8 @@ void xtensa_cpu_do_unaligned_access(CPUState *cs,
}
}
-void tlb_fill(CPUState *cs, target_ulong vaddr, MMUAccessType access_type,
- int mmu_idx, uintptr_t retaddr)
+void tlb_fill(CPUState *cs, target_ulong vaddr, int size,
+ MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
XtensaCPU *cpu = XTENSA_CPU(cs);
CPUXtensaState *env = &cpu->env;
--
2.14.3
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill() Laurent Vivier
@ 2018-01-08 23:10 ` Laurent Vivier
2018-01-10 20:12 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 3/6] target/m68k: add Transparent Translation Laurent Vivier
` (3 subsequent siblings)
5 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier
Only add MC68040 MMU page table processing and related
registers (Special Status Word, Translation Control Register,
User Root Pointer and Supervisor Root Pointer).
Transparent Translation Registers, DFC/SFC and pflush/ptest
will be added later.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
target/m68k/cpu.c | 4 +-
target/m68k/cpu.h | 103 +++++++++++++++++++++++
target/m68k/helper.c | 220 ++++++++++++++++++++++++++++++++++++++++++++++--
target/m68k/monitor.c | 2 +
target/m68k/op_helper.c | 95 ++++++++++++++++++++-
target/m68k/translate.c | 2 +
6 files changed, 416 insertions(+), 10 deletions(-)
diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
index 03126ba543..98919b358b 100644
--- a/target/m68k/cpu.c
+++ b/target/m68k/cpu.c
@@ -269,9 +269,9 @@ static void m68k_cpu_class_init(ObjectClass *c, void *data)
cc->set_pc = m68k_cpu_set_pc;
cc->gdb_read_register = m68k_cpu_gdb_read_register;
cc->gdb_write_register = m68k_cpu_gdb_write_register;
-#ifdef CONFIG_USER_ONLY
cc->handle_mmu_fault = m68k_cpu_handle_mmu_fault;
-#else
+#if defined(CONFIG_SOFTMMU)
+ cc->do_unassigned_access = m68k_cpu_unassigned_access;
cc->get_phys_page_debug = m68k_cpu_get_phys_page_debug;
#endif
cc->disas_set_info = m68k_cpu_disas_set_info;
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index c60564a047..c3c4493bd0 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -116,6 +116,11 @@ typedef struct CPUM68KState {
/* MMU status. */
struct {
uint32_t ar;
+ uint32_t ssw;
+ /* 68040 */
+ uint16_t tcr;
+ uint32_t urp;
+ uint32_t srp;
} mmu;
/* Control registers. */
@@ -226,6 +231,90 @@ typedef enum {
#define M68K_USP 1
#define M68K_ISP 2
+/* bits for 68040 special status word */
+#define M68K_CP_040 0x8000
+#define M68K_CU_040 0x4000
+#define M68K_CT_040 0x2000
+#define M68K_CM_040 0x1000
+#define M68K_MA_040 0x0800
+#define M68K_ATC_040 0x0400
+#define M68K_LK_040 0x0200
+#define M68K_RW_040 0x0100
+#define M68K_SIZ_040 0x0060
+#define M68K_TT_040 0x0018
+#define M68K_TM_040 0x0007
+
+#define M68K_TM_040_DATA 0x0001
+#define M68K_TM_040_CODE 0x0002
+#define M68K_TM_040_SUPER 0x0004
+
+/* bits for 68040 write back status word */
+#define M68K_WBV_040 0x80
+#define M68K_WBSIZ_040 0x60
+#define M68K_WBBYT_040 0x20
+#define M68K_WBWRD_040 0x40
+#define M68K_WBLNG_040 0x00
+#define M68K_WBTT_040 0x18
+#define M68K_WBTM_040 0x07
+
+/* bus access size codes */
+#define M68K_BA_SIZE_MASK 0x60
+#define M68K_BA_SIZE_BYTE 0x20
+#define M68K_BA_SIZE_WORD 0x40
+#define M68K_BA_SIZE_LONG 0x00
+#define M68K_BA_SIZE_LINE 0x60
+
+/* bus access transfer type codes */
+#define M68K_BA_TT_MOVE16 0x08
+
+/* bits for 68040 MMU status register (mmusr) */
+#define M68K_MMU_B_040 0x0800
+#define M68K_MMU_G_040 0x0400
+#define M68K_MMU_U1_040 0x0200
+#define M68K_MMU_U0_040 0x0100
+#define M68K_MMU_S_040 0x0080
+#define M68K_MMU_CM_040 0x0060
+#define M68K_MMU_M_040 0x0010
+#define M68K_MMU_WP_040 0x0004
+#define M68K_MMU_T_040 0x0002
+#define M68K_MMU_R_040 0x0001
+
+#define M68K_MMU_SR_MASK_040 (M68K_MMU_G_040 | M68K_MMU_U1_040 | \
+ M68K_MMU_U0_040 | M68K_MMU_S_040 | \
+ M68K_MMU_CM_040 | M68K_MMU_M_040 | \
+ M68K_MMU_WP_040)
+
+/* bits for 68040 MMU Translation Control Register */
+#define M68K_TCR_ENABLED 0x8000
+#define M68K_TCR_PAGE_8K 0x4000
+
+/* bits for 68040 MMU Table Descriptor / Page Descriptor / TTR */
+#define M68K_DESC_WRITEPROT 0x00000004
+#define M68K_DESC_USED 0x00000008
+#define M68K_DESC_MODIFIED 0x00000010
+#define M68K_DESC_CACHEMODE 0x00000060
+#define M68K_DESC_CM_WRTHRU 0x00000000
+#define M68K_DESC_CM_COPYBK 0x00000020
+#define M68K_DESC_CM_SERIAL 0x00000040
+#define M68K_DESC_CM_NCACHE 0x00000060
+#define M68K_DESC_SUPERONLY 0x00000080
+#define M68K_DESC_USERATTR 0x00000300
+#define M68K_DESC_USERATTR_SHIFT 8
+#define M68K_DESC_GLOBAL 0x00000400
+#define M68K_DESC_URESERVED 0x00000800
+
+#define M68K_POINTER_BASE(entry) (entry & ~0x1ff)
+#define M68K_ROOT_INDEX(addr) ((address >> 23) & 0x1fc)
+#define M68K_POINTER_INDEX(addr) ((address >> 16) & 0x1fc)
+#define M68K_4K_PAGE_BASE(entry) (next & ~0xff)
+#define M68K_4K_PAGE_INDEX(addr) ((address >> 10) & 0xfc)
+#define M68K_8K_PAGE_BASE(entry) (next & ~0x7f)
+#define M68K_8K_PAGE_INDEX(addr) ((address >> 11) & 0x7c)
+#define M68K_UDT_VALID(entry) (entry & 2)
+#define M68K_PDT_VALID(entry) (entry & 3)
+#define M68K_PDT_INDIRECT(entry) ((entry & 3) == 2)
+#define M68K_INDIRECT_POINTER(addr) (addr & ~3)
+
/* m68k Control Registers */
/* ColdFire */
@@ -398,6 +487,16 @@ void register_m68k_insns (CPUM68KState *env);
#define TARGET_PAGE_BITS 10
#endif
+enum {
+ /* 1 bit to define user level / supervisor access */
+ ACCESS_SUPER = 0x01,
+ /* 1 bit to indicate direction */
+ ACCESS_STORE = 0x02,
+ /* Type of instruction that generated the access */
+ ACCESS_CODE = 0x10, /* Code fetch access */
+ ACCESS_INT = 0x20, /* Integer load/store access */
+};
+
#define TARGET_PHYS_ADDR_SPACE_BITS 32
#define TARGET_VIRT_ADDR_SPACE_BITS 32
@@ -412,6 +511,7 @@ void register_m68k_insns (CPUM68KState *env);
/* MMU modes definitions */
#define MMU_MODE0_SUFFIX _kernel
#define MMU_MODE1_SUFFIX _user
+#define MMU_KERNEL_IDX 0
#define MMU_USER_IDX 1
static inline int cpu_mmu_index (CPUM68KState *env, bool ifetch)
{
@@ -420,6 +520,9 @@ static inline int cpu_mmu_index (CPUM68KState *env, bool ifetch)
int m68k_cpu_handle_mmu_fault(CPUState *cpu, vaddr address, int size, int rw,
int mmu_idx);
+void m68k_cpu_unassigned_access(CPUState *cs, hwaddr addr,
+ bool is_write, bool is_exec, int is_asi,
+ unsigned size);
#include "exec/cpu-all.h"
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index ef0ec5dadf..c25c99c0fb 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -212,6 +212,15 @@ void HELPER(m68k_movec_to)(CPUM68KState *env, uint32_t reg, uint32_t val)
m68k_switch_sp(env);
return;
/* MC680[34]0 */
+ case M68K_CR_TC:
+ env->mmu.tcr = val;
+ return;
+ case M68K_CR_SRP:
+ env->mmu.srp = val;
+ return;
+ case M68K_CR_URP:
+ env->mmu.urp = val;
+ return;
case M68K_CR_USP:
env->sp[M68K_USP] = val;
return;
@@ -238,12 +247,19 @@ uint32_t HELPER(m68k_movec_from)(CPUM68KState *env, uint32_t reg)
case M68K_CR_CACR:
return env->cacr;
/* MC680[34]0 */
+ case M68K_CR_TC:
+ return env->mmu.tcr;
+ case M68K_CR_SRP:
+ return env->mmu.srp;
case M68K_CR_USP:
return env->sp[M68K_USP];
case M68K_CR_MSP:
return env->sp[M68K_SSP];
case M68K_CR_ISP:
return env->sp[M68K_ISP];
+ /* MC68040/MC68LC040 */
+ case M68K_CR_URP:
+ return env->mmu.urp;
}
cpu_abort(CPU(cpu), "Unimplemented control register read 0x%x\n",
reg);
@@ -320,23 +336,213 @@ int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
#else
-/* MMU */
+/* MMU: 68040 only */
+
+static int get_physical_address(CPUM68KState *env, hwaddr *physical,
+ int *prot, target_ulong address,
+ int access_type, target_ulong *page_size)
+{
+ M68kCPU *cpu = m68k_env_get_cpu(env);
+ CPUState *cs = CPU(cpu);
+ uint32_t page_offset;
+ uint32_t entry;
+ uint32_t next;
+
+ /* Page Table Root Pointer */
+ *prot = PAGE_READ | PAGE_WRITE;
+ if (access_type & ACCESS_CODE) {
+ *prot |= PAGE_EXEC;
+ }
+ if (access_type & ACCESS_SUPER) {
+ next = env->mmu.srp;
+ } else {
+ next = env->mmu.urp;
+ }
+
+ /* Root Index */
+ entry = M68K_POINTER_BASE(next) | M68K_ROOT_INDEX(address);
+
+ next = ldl_phys(cs->as, entry);
+ if (!M68K_UDT_VALID(next)) {
+ return -1;
+ }
+ if (!(next & M68K_DESC_USED)) {
+ stl_phys(cs->as, entry, next | M68K_DESC_USED);
+ }
+ if (next & M68K_DESC_WRITEPROT) {
+ *prot &= ~PAGE_WRITE;
+ if (access_type & ACCESS_STORE) {
+ return -1;
+ }
+ }
+
+ /* Pointer Index */
+ entry = M68K_POINTER_BASE(next) | M68K_POINTER_INDEX(address);
+
+ next = ldl_phys(cs->as, entry);
+ if (!M68K_UDT_VALID(next)) {
+ return -1;
+ }
+ if (!(next & M68K_DESC_USED)) {
+ stl_phys(cs->as, entry, next | M68K_DESC_USED);
+ }
+ if (next & M68K_DESC_WRITEPROT) {
+ *prot &= ~PAGE_WRITE;
+ if (access_type & ACCESS_STORE) {
+ return -1;
+ }
+ }
+
+ /* Page Index */
+ if (env->mmu.tcr & M68K_TCR_PAGE_8K) {
+ entry = M68K_8K_PAGE_BASE(next) | M68K_8K_PAGE_INDEX(address);
+ } else {
+ entry = M68K_4K_PAGE_BASE(next) | M68K_4K_PAGE_INDEX(address);
+ }
+
+ next = ldl_phys(cs->as, entry);
+
+ if (!M68K_PDT_VALID(next)) {
+ return -1;
+ }
+ if (M68K_PDT_INDIRECT(next)) {
+ next = ldl_phys(cs->as, M68K_INDIRECT_POINTER(next));
+ }
+ if (access_type & ACCESS_STORE) {
+ if (next & M68K_DESC_WRITEPROT) {
+ if ((next & M68K_DESC_USED) == 0) {
+ stl_phys(cs->as, entry, next | M68K_DESC_USED);
+ }
+ } else if ((next & (M68K_DESC_MODIFIED | M68K_DESC_USED)) !=
+ (M68K_DESC_MODIFIED | M68K_DESC_USED)) {
+ stl_phys(cs->as, entry,
+ next | (M68K_DESC_MODIFIED | M68K_DESC_USED));
+ }
+ } else {
+ if ((next & M68K_DESC_USED) == 0) {
+ stl_phys(cs->as, entry, next | M68K_DESC_USED);
+ }
+ }
+
+ if (env->mmu.tcr & M68K_TCR_PAGE_8K) {
+ *page_size = 8192;
+ page_offset = address & 0x1fff;
+ *physical = (next & ~0x1fff) + page_offset;
+ } else {
+ *page_size = 4096;
+ page_offset = address & 0x0fff;
+ *physical = (next & ~0x0fff) + page_offset;
+ }
+
+ if (next & M68K_DESC_WRITEPROT) {
+ *prot &= ~PAGE_WRITE;
+ if (access_type & ACCESS_STORE) {
+ return -1;
+ }
+ }
+ if (next & M68K_DESC_SUPERONLY) {
+ if ((access_type & ACCESS_SUPER) == 0) {
+ return -1;
+ }
+ }
+
+ return 0;
+}
-/* TODO: This will need fixing once the MMU is implemented. */
hwaddr m68k_cpu_get_phys_page_debug(CPUState *cs, vaddr addr)
{
- return addr;
+ M68kCPU *cpu = M68K_CPU(cs);
+ CPUM68KState *env = &cpu->env;
+ hwaddr phys_addr;
+ int prot;
+ int access_type;
+ target_ulong page_size;
+
+ if ((env->mmu.tcr & M68K_TCR_ENABLED) == 0) {
+ /* MMU disabled */
+ return addr;
+ }
+
+ access_type = ACCESS_INT;
+ if (env->sr & SR_S) {
+ access_type |= ACCESS_SUPER;
+ }
+ if (get_physical_address(env, &phys_addr, &prot,
+ addr, access_type, &page_size) != 0) {
+ return -1;
+ }
+ return phys_addr;
}
int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
int mmu_idx)
{
+ M68kCPU *cpu = M68K_CPU(cs);
+ CPUM68KState *env = &cpu->env;
+ hwaddr physical;
int prot;
+ int access_type;
+ int ret;
+ target_ulong page_size;
+
+ if ((env->mmu.tcr & M68K_TCR_ENABLED) == 0) {
+ /* MMU disabled */
+ tlb_set_page(cs, address & TARGET_PAGE_MASK,
+ address & TARGET_PAGE_MASK,
+ PAGE_READ | PAGE_WRITE | PAGE_EXEC,
+ mmu_idx, TARGET_PAGE_SIZE);
+ return 0;
+ }
+
+ if (rw == 2) {
+ access_type = ACCESS_CODE;
+ rw = 0;
+ } else {
+ access_type = ACCESS_INT;
+ if (rw) {
+ access_type |= ACCESS_STORE;
+ }
+ }
- address &= TARGET_PAGE_MASK;
- prot = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
- tlb_set_page(cs, address, address, prot, mmu_idx, TARGET_PAGE_SIZE);
- return 0;
+ if (mmu_idx != MMU_USER_IDX) {
+ access_type |= ACCESS_SUPER;
+ }
+
+ ret = get_physical_address(&cpu->env, &physical, &prot,
+ address, access_type, &page_size);
+ if (ret == 0) {
+ tlb_set_page(cs, address & TARGET_PAGE_MASK,
+ physical & TARGET_PAGE_MASK,
+ prot, mmu_idx, page_size);
+ return 0;
+ }
+ /* page fault */
+ env->mmu.ssw = M68K_ATC_040;
+ switch (size) {
+ case 1:
+ env->mmu.ssw |= M68K_BA_SIZE_BYTE;
+ break;
+ case 2:
+ env->mmu.ssw |= M68K_BA_SIZE_WORD;
+ break;
+ case 4:
+ env->mmu.ssw |= M68K_BA_SIZE_LONG;
+ break;
+ }
+ if (access_type & ACCESS_SUPER) {
+ env->mmu.ssw |= M68K_TM_040_SUPER;
+ }
+ if (access_type & ACCESS_CODE) {
+ env->mmu.ssw |= M68K_TM_040_CODE;
+ } else {
+ env->mmu.ssw |= M68K_TM_040_DATA;
+ }
+ if (!(access_type & ACCESS_STORE)) {
+ env->mmu.ssw |= M68K_RW_040;
+ }
+ env->mmu.ar = address;
+ cs->exception_index = EXCP_ACCESS;
+ return 1;
}
/* Notify CPU of a pending interrupt. Prioritization and vectoring should
diff --git a/target/m68k/monitor.c b/target/m68k/monitor.c
index 52781e85f0..2b83e3bc0d 100644
--- a/target/m68k/monitor.c
+++ b/target/m68k/monitor.c
@@ -31,6 +31,8 @@ static const MonitorDef monitor_defs[] = {
{ "ssp", offsetof(CPUM68KState, sp[0]) },
{ "usp", offsetof(CPUM68KState, sp[1]) },
{ "isp", offsetof(CPUM68KState, sp[2]) },
+ { "urp", offsetof(CPUM68KState, mmu.urp) },
+ { "srp", offsetof(CPUM68KState, mmu.srp) },
{ NULL },
};
diff --git a/target/m68k/op_helper.c b/target/m68k/op_helper.c
index 67697d4e6d..83ac1e669e 100644
--- a/target/m68k/op_helper.c
+++ b/target/m68k/op_helper.c
@@ -360,7 +360,50 @@ static void m68k_interrupt_all(CPUM68KState *env, int is_hw)
sp = env->aregs[7];
sp &= ~1;
- if (cs->exception_index == EXCP_ADDRESS) {
+ if (cs->exception_index == EXCP_ACCESS) {
+ static int mmu_fault;
+ if (mmu_fault) {
+ cpu_abort(cs, "DOUBLE MMU FAULT\n");
+ }
+ mmu_fault = 1;
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* push data 3 */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* push data 2 */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* push data 1 */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* write back 1 / push data 0 */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* write back 1 address */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* write back 2 data */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* write back 2 address */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, 0); /* write back 3 data */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, env->mmu.ar); /* write back 3 address */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, env->mmu.ar); /* fault address */
+ sp -= 2;
+ cpu_stw_kernel(env, sp, 0); /* write back 1 status */
+ sp -= 2;
+ cpu_stw_kernel(env, sp, 0); /* write back 2 status */
+ sp -= 2;
+ cpu_stw_kernel(env, sp, 0); /* write back 3 status */
+ sp -= 2;
+ cpu_stw_kernel(env, sp, env->mmu.ssw); /* special status word */
+ sp -= 4;
+ cpu_stl_kernel(env, sp, env->mmu.ar); /* effective address */
+ do_stack_frame(env, &sp, 7, oldsr, 0, retaddr);
+ mmu_fault = 0;
+ if (qemu_loglevel_mask(CPU_LOG_INT)) {
+ qemu_log(" "
+ "ssw: %08x ea: %08x\n",
+ env->mmu.ssw, env->mmu.ar);
+ }
+ } else if (cs->exception_index == EXCP_ADDRESS) {
do_stack_frame(env, &sp, 2, oldsr, 0, retaddr);
} else if (cs->exception_index == EXCP_ILLEGAL ||
cs->exception_index == EXCP_DIV0 ||
@@ -408,6 +451,56 @@ static inline void do_interrupt_m68k_hardirq(CPUM68KState *env)
{
do_interrupt_all(env, 1);
}
+
+void m68k_cpu_unassigned_access(CPUState *cs, hwaddr addr, bool is_write,
+ bool is_exec, int is_asi, unsigned size)
+{
+ M68kCPU *cpu = M68K_CPU(cs);
+ CPUM68KState *env = &cpu->env;
+#ifdef DEBUG_UNASSIGNED
+ qemu_log_mask(CPU_LOG_INT, "Unassigned " TARGET_FMT_plx " wr=%d exe=%d\n",
+ addr, is_write, is_exec);
+#endif
+ if (env == NULL) {
+ /* when called from gdb, env is NULL */
+ return;
+ }
+
+ if (m68k_feature(env, M68K_FEATURE_M68040)) {
+ env->mmu.ssw |= M68K_ATC_040;
+ /* FIXME: manage MMU table access error */
+ env->mmu.ssw &= ~M68K_TM_040;
+ if (env->sr & SR_S) { /* SUPERVISOR */
+ env->mmu.ssw |= M68K_TM_040_SUPER;
+ }
+ if (is_exec) { /* instruction or data */
+ env->mmu.ssw |= M68K_TM_040_CODE;
+ } else {
+ env->mmu.ssw |= M68K_TM_040_DATA;
+ }
+ env->mmu.ssw &= ~M68K_BA_SIZE_MASK;
+ switch (size) {
+ case 1:
+ env->mmu.ssw |= M68K_BA_SIZE_BYTE;
+ break;
+ case 2:
+ env->mmu.ssw |= M68K_BA_SIZE_WORD;
+ break;
+ case 4:
+ env->mmu.ssw |= M68K_BA_SIZE_LONG;
+ break;
+ }
+
+ if (!is_write) {
+ env->mmu.ssw |= M68K_RW_040;
+ }
+
+ env->mmu.ar = addr;
+
+ cs->exception_index = EXCP_ACCESS;
+ cpu_loop_exit(cs);
+ }
+}
#endif
bool m68k_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index f0e86a73d4..5acee66208 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -5981,6 +5981,8 @@ void m68k_cpu_dump_state(CPUState *cs, FILE *f, fprintf_function cpu_fprintf,
env->current_sp == M68K_USP ? "->" : " ", env->sp[M68K_USP],
env->current_sp == M68K_ISP ? "->" : " ", env->sp[M68K_ISP]);
cpu_fprintf(f, "VBR = 0x%08x\n", env->vbr);
+ cpu_fprintf(f, "SSW %08x TCR %08x URP %08x SRP %08x\n",
+ env->mmu.ssw, env->mmu.tcr, env->mmu.urp, env->mmu.srp);
#endif
}
--
2.14.3
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 3/6] target/m68k: add Transparent Translation
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill() Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU Laurent Vivier
@ 2018-01-08 23:10 ` Laurent Vivier
2018-01-10 21:08 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 4/6] target/m68k: add moves Laurent Vivier
` (2 subsequent siblings)
5 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier
Add ittr0, ittr1, dttr0, dttr1 and manage Transparent Translations
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
target/m68k/cpu.h | 18 +++++++++++
target/m68k/helper.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++++
target/m68k/monitor.c | 4 +++
target/m68k/translate.c | 3 ++
4 files changed, 104 insertions(+)
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index c3c4493bd0..60e669c3b4 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -76,6 +76,14 @@
#define EXCP_RTE 0x100
#define EXCP_HALT_INSN 0x101
+#define M68K_DTTR0 0
+#define M68K_DTTR1 1
+#define M68K_ITTR0 2
+#define M68K_ITTR1 3
+
+#define M68K_MAX_TTR 2
+#define TTR(type, index) ttr[((type & ACCESS_CODE) == ACCESS_CODE) * 2 + index]
+
#define NB_MMU_MODES 2
#define TARGET_INSN_START_EXTRA_WORDS 1
@@ -121,6 +129,7 @@ typedef struct CPUM68KState {
uint16_t tcr;
uint32_t urp;
uint32_t srp;
+ uint32_t ttr[4];
} mmu;
/* Control registers. */
@@ -315,6 +324,15 @@ typedef enum {
#define M68K_PDT_INDIRECT(entry) ((entry & 3) == 2)
#define M68K_INDIRECT_POINTER(addr) (addr & ~3)
+/* bits for 68040 MMU Transparent Translation Registers */
+#define M68K_TTR_ADDR_BASE 0xff000000
+#define M68K_TTR_ADDR_MASK 0x00ff0000
+#define M68K_TTR_ADDR_MASK_SHIFT 8
+#define M68K_TTR_ENABLED 0x00008000
+#define M68K_TTR_SFIELD 0x00006000
+#define M68K_TTR_SFIELD_USER 0x0000
+#define M68K_TTR_SFIELD_SUPER 0x2000
+
/* m68k Control Registers */
/* ColdFire */
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index c25c99c0fb..c5b436d382 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -230,6 +230,19 @@ void HELPER(m68k_movec_to)(CPUM68KState *env, uint32_t reg, uint32_t val)
case M68K_CR_ISP:
env->sp[M68K_ISP] = val;
return;
+ /* MC68040/MC68LC040 */
+ case M68K_CR_ITT0:
+ env->mmu.ttr[M68K_ITTR0] = val;
+ return;
+ case M68K_CR_ITT1:
+ env->mmu.ttr[M68K_ITTR1] = val;
+ return;
+ case M68K_CR_DTT0:
+ env->mmu.ttr[M68K_DTTR0] = val;
+ return;
+ case M68K_CR_DTT1:
+ env->mmu.ttr[M68K_DTTR1] = val;
+ return;
}
cpu_abort(CPU(cpu), "Unimplemented control register write 0x%x = 0x%x\n",
reg, val);
@@ -260,6 +273,14 @@ uint32_t HELPER(m68k_movec_from)(CPUM68KState *env, uint32_t reg)
/* MC68040/MC68LC040 */
case M68K_CR_URP:
return env->mmu.urp;
+ case M68K_CR_ITT0:
+ return env->mmu.ttr[M68K_ITTR0];
+ case M68K_CR_ITT1:
+ return env->mmu.ttr[M68K_ITTR1];
+ case M68K_CR_DTT0:
+ return env->mmu.ttr[M68K_DTTR0];
+ case M68K_CR_DTT1:
+ return env->mmu.ttr[M68K_DTTR1];
}
cpu_abort(CPU(cpu), "Unimplemented control register read 0x%x\n",
reg);
@@ -338,6 +359,53 @@ int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
/* MMU: 68040 only */
+static int check_TTR(uint32_t ttr, int *prot, target_ulong addr,
+ int access_type)
+{
+ uint32_t base, mask;
+
+ /* check if transparent translation is enabled */
+ if ((ttr & M68K_TTR_ENABLED) == 0) {
+ return 0;
+ }
+
+ /* check mode access */
+ switch (ttr & M68K_TTR_SFIELD) {
+ case M68K_TTR_SFIELD_USER:
+ /* match only if user */
+ if ((access_type & ACCESS_SUPER) != 0) {
+ return 0;
+ }
+ break;
+ case M68K_TTR_SFIELD_SUPER:
+ /* match only if supervisor */
+ if ((access_type & ACCESS_SUPER) == 0) {
+ return 0;
+ }
+ break;
+ default:
+ /* all other values disable mode matching (FC2) */
+ break;
+ }
+
+ /* check address matching */
+
+ base = ttr & M68K_TTR_ADDR_BASE;
+ mask = (ttr & M68K_TTR_ADDR_MASK) ^ M68K_TTR_ADDR_MASK;
+ mask <<= M68K_TTR_ADDR_MASK_SHIFT;
+
+ if ((addr & mask) != (base & mask)) {
+ return 0;
+ }
+
+ *prot = PAGE_READ | PAGE_EXEC;
+ if ((ttr & M68K_DESC_WRITEPROT) == 0) {
+ *prot |= PAGE_WRITE;
+ }
+
+ return 1;
+}
+
static int get_physical_address(CPUM68KState *env, hwaddr *physical,
int *prot, target_ulong address,
int access_type, target_ulong *page_size)
@@ -347,6 +415,17 @@ static int get_physical_address(CPUM68KState *env, hwaddr *physical,
uint32_t page_offset;
uint32_t entry;
uint32_t next;
+ int i;
+
+ /* Transparent Translation (physical = logical) */
+ for (i = 0; i < M68K_MAX_TTR; i++) {
+ if (check_TTR(env->mmu.TTR(access_type, i),
+ prot, address, access_type)) {
+ *physical = address;
+ *page_size = TARGET_PAGE_SIZE;
+ return 0;
+ }
+ }
/* Page Table Root Pointer */
*prot = PAGE_READ | PAGE_WRITE;
diff --git a/target/m68k/monitor.c b/target/m68k/monitor.c
index 2b83e3bc0d..a20af6b09c 100644
--- a/target/m68k/monitor.c
+++ b/target/m68k/monitor.c
@@ -33,6 +33,10 @@ static const MonitorDef monitor_defs[] = {
{ "isp", offsetof(CPUM68KState, sp[2]) },
{ "urp", offsetof(CPUM68KState, mmu.urp) },
{ "srp", offsetof(CPUM68KState, mmu.srp) },
+ { "dttr0", offsetof(CPUM68KState, mmu.ttr[M68K_DTTR0]) },
+ { "dttr1", offsetof(CPUM68KState, mmu.ttr[M68K_DTTR1]) },
+ { "ittr0", offsetof(CPUM68KState, mmu.ttr[M68K_ITTR0]) },
+ { "ittr1", offsetof(CPUM68KState, mmu.ttr[M68K_ITTR1]) },
{ NULL },
};
diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index 5acee66208..af70825480 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -5983,6 +5983,9 @@ void m68k_cpu_dump_state(CPUState *cs, FILE *f, fprintf_function cpu_fprintf,
cpu_fprintf(f, "VBR = 0x%08x\n", env->vbr);
cpu_fprintf(f, "SSW %08x TCR %08x URP %08x SRP %08x\n",
env->mmu.ssw, env->mmu.tcr, env->mmu.urp, env->mmu.srp);
+ cpu_fprintf(f, "DTTR0/1: %08x/%08x ITTR0/1: %08x/%08x\n",
+ env->mmu.ttr[M68K_DTTR0], env->mmu.ttr[M68K_DTTR1],
+ env->mmu.ttr[M68K_ITTR0], env->mmu.ttr[M68K_ITTR1]);
#endif
}
--
2.14.3
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 4/6] target/m68k: add moves
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
` (2 preceding siblings ...)
2018-01-08 23:10 ` [Qemu-devel] [PATCH 3/6] target/m68k: add Transparent Translation Laurent Vivier
@ 2018-01-08 23:10 ` Laurent Vivier
2018-01-10 21:22 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 5/6] target/m68k: add pflush/ptest Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 6/6] target/m68k: add HMP command "info tlb" Laurent Vivier
5 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier
and introduce SFC and DFC control registers.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
target/m68k/cpu.h | 2 ++
target/m68k/helper.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++++
target/m68k/helper.h | 2 ++
target/m68k/monitor.c | 2 ++
target/m68k/op_helper.c | 4 +--
target/m68k/qregs.def | 2 ++
target/m68k/translate.c | 74 ++++++++++++++++++++++++++++++++++++++++++++
7 files changed, 166 insertions(+), 2 deletions(-)
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index 60e669c3b4..4877be93ec 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -137,6 +137,8 @@ typedef struct CPUM68KState {
uint32_t mbar;
uint32_t rambar0;
uint32_t cacr;
+ uint32_t sfc;
+ uint32_t dfc;
int pending_vector;
int pending_level;
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index c5b436d382..090f50fa05 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -21,6 +21,7 @@
#include "qemu/osdep.h"
#include "cpu.h"
#include "exec/exec-all.h"
+#include "exec/cpu_ldst.h"
#include "exec/gdbstub.h"
#include "exec/helper-proto.h"
@@ -203,6 +204,12 @@ void HELPER(m68k_movec_to)(CPUM68KState *env, uint32_t reg, uint32_t val)
switch (reg) {
/* MC680[1234]0 */
+ case M68K_CR_SFC:
+ env->sfc = val & 7;
+ return;
+ case M68K_CR_DFC:
+ env->dfc = val & 7;
+ return;
case M68K_CR_VBR:
env->vbr = val;
return;
@@ -254,6 +261,10 @@ uint32_t HELPER(m68k_movec_from)(CPUM68KState *env, uint32_t reg)
switch (reg) {
/* MC680[1234]0 */
+ case M68K_CR_SFC:
+ return env->sfc;
+ case M68K_CR_DFC:
+ return env->dfc;
case M68K_CR_VBR:
return env->vbr;
/* MC680[234]0 */
@@ -1066,6 +1077,77 @@ void HELPER(set_mac_extu)(CPUM68KState *env, uint32_t val, uint32_t acc)
}
#if defined(CONFIG_SOFTMMU)
+void HELPER(moves_store)(CPUM68KState *env, uint32_t val,
+ uint32_t addr, uint32_t size)
+{
+ if (env->dfc & 4) { /* kernel */
+ switch (size) {
+ case OS_BYTE:
+ cpu_stb_kernel_ra(env, addr, val, GETPC());
+ break;
+ case OS_WORD:
+ cpu_stw_kernel_ra(env, addr, val, GETPC());
+ break;
+ case OS_LONG:
+ cpu_stl_kernel_ra(env, addr, val, GETPC());
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ } else { /* user */
+ switch (size) {
+ case OS_BYTE:
+ cpu_stb_user_ra(env, addr, val, GETPC());
+ break;
+ case OS_WORD:
+ cpu_stw_user_ra(env, addr, val, GETPC());
+ break;
+ case OS_LONG:
+ cpu_stl_user_ra(env, addr, val, GETPC());
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ }
+}
+
+uint32_t HELPER(moves_load)(CPUM68KState *env, uint32_t addr, uint32_t size)
+{
+ uint32_t val;
+
+ if (env->sfc & 4) { /* kernel */
+ switch (size) {
+ case OS_BYTE:
+ val = cpu_ldub_kernel_ra(env, addr, GETPC());
+ break;
+ case OS_WORD:
+ val = cpu_lduw_kernel_ra(env, addr, GETPC());
+ break;
+ case OS_LONG:
+ val = cpu_ldl_kernel_ra(env, addr, GETPC());
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ } else { /* user */
+ switch (size) {
+ case OS_BYTE:
+ val = cpu_ldub_user_ra(env, addr, GETPC());
+ break;
+ case OS_WORD:
+ val = cpu_lduw_user_ra(env, addr, GETPC());
+ break;
+ case OS_LONG:
+ val = cpu_ldl_user_ra(env, addr, GETPC());
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ }
+
+ return val;
+}
+
void HELPER(reset)(CPUM68KState *env)
{
/* FIXME: reset all except CPU */
diff --git a/target/m68k/helper.h b/target/m68k/helper.h
index 57f210aa14..620c6d5686 100644
--- a/target/m68k/helper.h
+++ b/target/m68k/helper.h
@@ -101,5 +101,7 @@ DEF_HELPER_3(chk, void, env, s32, s32)
DEF_HELPER_4(chk2, void, env, s32, s32, s32)
#if defined(CONFIG_SOFTMMU)
+DEF_HELPER_FLAGS_4(moves_store, TCG_CALL_NO_WG, void, env, i32, i32, i32)
+DEF_HELPER_FLAGS_3(moves_load, TCG_CALL_NO_WG, i32, env, i32, i32)
DEF_HELPER_FLAGS_1(reset, TCG_CALL_NO_RWG, void, env)
#endif
diff --git a/target/m68k/monitor.c b/target/m68k/monitor.c
index a20af6b09c..c31feb4b02 100644
--- a/target/m68k/monitor.c
+++ b/target/m68k/monitor.c
@@ -31,6 +31,8 @@ static const MonitorDef monitor_defs[] = {
{ "ssp", offsetof(CPUM68KState, sp[0]) },
{ "usp", offsetof(CPUM68KState, sp[1]) },
{ "isp", offsetof(CPUM68KState, sp[2]) },
+ { "sfc", offsetof(CPUM68KState, sfc) },
+ { "dfc", offsetof(CPUM68KState, dfc) },
{ "urp", offsetof(CPUM68KState, mmu.urp) },
{ "srp", offsetof(CPUM68KState, mmu.srp) },
{ "dttr0", offsetof(CPUM68KState, mmu.ttr[M68K_DTTR0]) },
diff --git a/target/m68k/op_helper.c b/target/m68k/op_helper.c
index 83ac1e669e..6bf16695ac 100644
--- a/target/m68k/op_helper.c
+++ b/target/m68k/op_helper.c
@@ -400,8 +400,8 @@ static void m68k_interrupt_all(CPUM68KState *env, int is_hw)
mmu_fault = 0;
if (qemu_loglevel_mask(CPU_LOG_INT)) {
qemu_log(" "
- "ssw: %08x ea: %08x\n",
- env->mmu.ssw, env->mmu.ar);
+ "ssw: %08x ea: %08x sfc: %d dfc: %d\n",
+ env->mmu.ssw, env->mmu.ar, env->sfc, env->dfc);
}
} else if (cs->exception_index == EXCP_ADDRESS) {
do_stack_frame(env, &sp, 2, oldsr, 0, retaddr);
diff --git a/target/m68k/qregs.def b/target/m68k/qregs.def
index 1aadc622db..efe2bf90ee 100644
--- a/target/m68k/qregs.def
+++ b/target/m68k/qregs.def
@@ -1,5 +1,7 @@
DEFO32(PC, pc)
DEFO32(SR, sr)
+DEFO32(DFC, dfc)
+DEFO32(SFC, sfc)
DEFO32(CC_OP, cc_op)
DEFO32(CC_X, cc_x)
DEFO32(CC_C, cc_c)
diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index af70825480..7cb0e12ee7 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -48,6 +48,8 @@ static char cpu_reg_names[2 * 8 * 3 + 5 * 4];
static TCGv cpu_dregs[8];
static TCGv cpu_aregs[8];
static TCGv_i64 cpu_macc[4];
+static TCGv QEMU_DFC;
+static TCGv QEMU_SFC;
#define REG(insn, pos) (((insn) >> (pos)) & 7)
#define DREG(insn, pos) cpu_dregs[REG(insn, pos)]
@@ -103,6 +105,10 @@ void m68k_tcg_init(void)
p += 5;
}
+ QEMU_DFC = tcg_global_mem_new(cpu_env, offsetof(CPUM68KState, dfc),
+ "DFC");
+ QEMU_SFC = tcg_global_mem_new(cpu_env, offsetof(CPUM68KState, sfc),
+ "SFC");
NULL_QREG = tcg_global_mem_new(cpu_env, -4, "NULL");
store_dummy = tcg_global_mem_new(cpu_env, -8, "NULL");
}
@@ -4449,6 +4455,70 @@ DISAS_INSN(move_from_sr)
}
#if defined(CONFIG_SOFTMMU)
+DISAS_INSN(moves)
+{
+ int opsize;
+ uint16_t ext;
+ TCGv reg;
+ TCGv addr;
+ TCGv size;
+ int extend;
+
+ if (IS_USER(s)) {
+ gen_exception(s, s->insn_pc, EXCP_PRIVILEGE);
+ return;
+ }
+
+ ext = read_im16(env, s);
+
+ opsize = insn_opsize(insn);
+
+ if (ext & 0x8000) {
+ /* address register */
+ reg = AREG(ext, 12);
+ extend = 1;
+ } else {
+ /* data register */
+ reg = DREG(ext, 12);
+ extend = 0;
+ }
+
+ addr = gen_lea(env, s, insn, opsize);
+ if (IS_NULL_QREG(addr)) {
+ gen_addr_fault(s);
+ return;
+ }
+
+ size = tcg_const_i32(opsize);
+ if (ext & 0x0800) {
+ /* from reg to ea */
+ gen_helper_moves_store(cpu_env, reg, addr, size);
+ } else {
+ /* from ea to reg */
+ TCGv tmp = tcg_temp_new();
+ gen_helper_moves_load(tmp, cpu_env, addr, size);
+ if (extend) {
+ gen_ext(reg, tmp, opsize, 1);
+ } else {
+ gen_partset_reg(opsize, reg, tmp);
+ }
+ tcg_temp_free(tmp);
+ }
+ tcg_temp_free(size);
+
+ switch (extract32(insn, 3, 3)) {
+ case 3: /* Indirect postincrement. */
+ tcg_gen_addi_i32(AREG(insn, 0), addr,
+ REG(insn, 0) == 7 && opsize == OS_BYTE
+ ? 2
+ : opsize_bytes(opsize));
+ break;
+ case 4: /* Indirect predecrememnt. */
+ tcg_gen_mov_i32(AREG(insn, 0), addr);
+ break;
+ }
+}
+
DISAS_INSN(move_to_sr)
{
if (IS_USER(s)) {
@@ -5601,6 +5671,9 @@ void register_m68k_insns (CPUM68KState *env)
BASE(bitop_im, 08c0, ffc0);
INSN(arith_im, 0a80, fff8, CF_ISA_A);
INSN(arith_im, 0a00, ff00, M68000);
+#if defined(CONFIG_SOFTMMU)
+ INSN(moves, 0e00, ff00, M68000);
+#endif
INSN(cas, 0ac0, ffc0, CAS);
INSN(cas, 0cc0, ffc0, CAS);
INSN(cas, 0ec0, ffc0, CAS);
@@ -5981,6 +6054,7 @@ void m68k_cpu_dump_state(CPUState *cs, FILE *f, fprintf_function cpu_fprintf,
env->current_sp == M68K_USP ? "->" : " ", env->sp[M68K_USP],
env->current_sp == M68K_ISP ? "->" : " ", env->sp[M68K_ISP]);
cpu_fprintf(f, "VBR = 0x%08x\n", env->vbr);
+ cpu_fprintf(f, "SFC = %x DFC %x\n", env->sfc, env->dfc);
cpu_fprintf(f, "SSW %08x TCR %08x URP %08x SRP %08x\n",
env->mmu.ssw, env->mmu.tcr, env->mmu.urp, env->mmu.srp);
cpu_fprintf(f, "DTTR0/1: %08x/%08x ITTR0/1: %08x/%08x\n",
--
2.14.3
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 5/6] target/m68k: add pflush/ptest
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
` (3 preceding siblings ...)
2018-01-08 23:10 ` [Qemu-devel] [PATCH 4/6] target/m68k: add moves Laurent Vivier
@ 2018-01-08 23:10 ` Laurent Vivier
2018-01-10 21:25 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 6/6] target/m68k: add HMP command "info tlb" Laurent Vivier
5 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
target/m68k/cpu.h | 3 +++
target/m68k/helper.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++
target/m68k/helper.h | 2 ++
target/m68k/monitor.c | 1 +
target/m68k/op_helper.c | 1 +
target/m68k/translate.c | 33 +++++++++++++++++++++++
6 files changed, 112 insertions(+)
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index 4877be93ec..2f5a716139 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -130,6 +130,7 @@ typedef struct CPUM68KState {
uint32_t urp;
uint32_t srp;
uint32_t ttr[4];
+ uint32_t mmusr;
} mmu;
/* Control registers. */
@@ -512,6 +513,8 @@ enum {
ACCESS_SUPER = 0x01,
/* 1 bit to indicate direction */
ACCESS_STORE = 0x02,
+ /* PTEST instruction */
+ ACCESS_PTEST = 0x04,
/* Type of instruction that generated the access */
ACCESS_CODE = 0x10, /* Code fetch access */
ACCESS_INT = 0x20, /* Integer load/store access */
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index 090f50fa05..ef9ef6f55c 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -222,6 +222,9 @@ void HELPER(m68k_movec_to)(CPUM68KState *env, uint32_t reg, uint32_t val)
case M68K_CR_TC:
env->mmu.tcr = val;
return;
+ case M68K_CR_MMUSR:
+ env->mmu.mmusr = val;
+ return;
case M68K_CR_SRP:
env->mmu.srp = val;
return;
@@ -273,6 +276,8 @@ uint32_t HELPER(m68k_movec_from)(CPUM68KState *env, uint32_t reg)
/* MC680[34]0 */
case M68K_CR_TC:
return env->mmu.tcr;
+ case M68K_CR_MMUSR:
+ return env->mmu.mmusr;
case M68K_CR_SRP:
return env->mmu.srp;
case M68K_CR_USP:
@@ -432,6 +437,10 @@ static int get_physical_address(CPUM68KState *env, hwaddr *physical,
for (i = 0; i < M68K_MAX_TTR; i++) {
if (check_TTR(env->mmu.TTR(access_type, i),
prot, address, access_type)) {
+ if (access_type & ACCESS_PTEST) {
+ /* Transparent Translation Register bit */
+ env->mmu.mmusr = M68K_MMU_T_040 | M68K_MMU_R_040;
+ }
*physical = address;
*page_size = TARGET_PAGE_SIZE;
return 0;
@@ -460,6 +469,9 @@ static int get_physical_address(CPUM68KState *env, hwaddr *physical,
stl_phys(cs->as, entry, next | M68K_DESC_USED);
}
if (next & M68K_DESC_WRITEPROT) {
+ if (access_type & ACCESS_PTEST) {
+ env->mmu.mmusr |= M68K_MMU_WP_040;
+ }
*prot &= ~PAGE_WRITE;
if (access_type & ACCESS_STORE) {
return -1;
@@ -477,6 +489,9 @@ static int get_physical_address(CPUM68KState *env, hwaddr *physical,
stl_phys(cs->as, entry, next | M68K_DESC_USED);
}
if (next & M68K_DESC_WRITEPROT) {
+ if (access_type & ACCESS_PTEST) {
+ env->mmu.mmusr |= M68K_MMU_WP_040;
+ }
*prot &= ~PAGE_WRITE;
if (access_type & ACCESS_STORE) {
return -1;
@@ -524,6 +539,12 @@ static int get_physical_address(CPUM68KState *env, hwaddr *physical,
*physical = (next & ~0x0fff) + page_offset;
}
+ if (access_type & ACCESS_PTEST) {
+ env->mmu.mmusr |= next & M68K_MMU_SR_MASK_040;
+ env->mmu.mmusr |= *physical & 0xfffff000;
+ env->mmu.mmusr |= M68K_MMU_R_040;
+ }
+
if (next & M68K_DESC_WRITEPROT) {
*prot &= ~PAGE_WRITE;
if (access_type & ACCESS_STORE) {
@@ -1148,6 +1169,57 @@ uint32_t HELPER(moves_load)(CPUM68KState *env, uint32_t addr, uint32_t size)
return val;
}
+void HELPER(ptest)(CPUM68KState *env, uint32_t addr, uint32_t is_read)
+{
+ M68kCPU *cpu = m68k_env_get_cpu(env);
+ CPUState *cs = CPU(cpu);
+ hwaddr physical;
+ int access_type;
+ int prot;
+ int ret;
+ target_ulong page_size;
+
+ access_type = ACCESS_PTEST;
+ if (env->dfc & 4) {
+ access_type |= ACCESS_SUPER;
+ }
+ if ((env->dfc & 3) == 2) {
+ access_type |= ACCESS_CODE;
+ }
+ if (!is_read) {
+ access_type |= ACCESS_STORE;
+ }
+
+ env->mmu.mmusr = 0;
+ env->mmu.ssw = 0;
+ ret = get_physical_address(env, &physical, &prot, addr,
+ access_type, &page_size);
+ if (ret == 0) {
+ tlb_set_page(cs, addr & TARGET_PAGE_MASK,
+ physical & TARGET_PAGE_MASK,
+ prot, access_type & ACCESS_SUPER ?
+ MMU_KERNEL_IDX : MMU_USER_IDX, page_size);
+ }
+}
+
+void HELPER(pflush)(CPUM68KState *env, uint32_t addr, uint32_t opmode)
+{
+ M68kCPU *cpu = m68k_env_get_cpu(env);
+
+ switch (opmode) {
+ case 0: /* Flush page entry if not global */
+ case 1: /* Flush page entry */
+ tlb_flush_page(CPU(cpu), addr);
+ break;
+ case 2: /* Flush all except global entries */
+ tlb_flush(CPU(cpu));
+ break;
+ case 3: /* Flush all entries */
+ tlb_flush(CPU(cpu));
+ break;
+ }
+}
+
void HELPER(reset)(CPUM68KState *env)
{
/* FIXME: reset all except CPU */
diff --git a/target/m68k/helper.h b/target/m68k/helper.h
index 620c6d5686..48bfc2acf9 100644
--- a/target/m68k/helper.h
+++ b/target/m68k/helper.h
@@ -103,5 +103,7 @@ DEF_HELPER_4(chk2, void, env, s32, s32, s32)
#if defined(CONFIG_SOFTMMU)
DEF_HELPER_FLAGS_4(moves_store, TCG_CALL_NO_WG, void, env, i32, i32, i32)
DEF_HELPER_FLAGS_3(moves_load, TCG_CALL_NO_WG, i32, env, i32, i32)
+DEF_HELPER_3(ptest, void, env, i32, i32)
+DEF_HELPER_3(pflush, void, env, i32, i32)
DEF_HELPER_FLAGS_1(reset, TCG_CALL_NO_RWG, void, env)
#endif
diff --git a/target/m68k/monitor.c b/target/m68k/monitor.c
index c31feb4b02..486213cd8b 100644
--- a/target/m68k/monitor.c
+++ b/target/m68k/monitor.c
@@ -39,6 +39,7 @@ static const MonitorDef monitor_defs[] = {
{ "dttr1", offsetof(CPUM68KState, mmu.ttr[M68K_DTTR1]) },
{ "ittr0", offsetof(CPUM68KState, mmu.ttr[M68K_ITTR0]) },
{ "ittr1", offsetof(CPUM68KState, mmu.ttr[M68K_ITTR1]) },
+ { "mmusr", offsetof(CPUM68KState, mmu.mmusr) },
{ NULL },
};
diff --git a/target/m68k/op_helper.c b/target/m68k/op_helper.c
index 6bf16695ac..28a72845ea 100644
--- a/target/m68k/op_helper.c
+++ b/target/m68k/op_helper.c
@@ -467,6 +467,7 @@ void m68k_cpu_unassigned_access(CPUState *cs, hwaddr addr, bool is_write,
}
if (m68k_feature(env, M68K_FEATURE_M68040)) {
+ env->mmu.mmusr = 0;
env->mmu.ssw |= M68K_ATC_040;
/* FIXME: manage MMU table access error */
env->mmu.ssw &= ~M68K_TM_040;
diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index 7cb0e12ee7..df1bb247fb 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -4666,6 +4666,35 @@ DISAS_INSN(cinv)
/* Invalidate cache line. Implement as no-op. */
}
+#if defined(CONFIG_SOFTMMU)
+DISAS_INSN(pflush)
+{
+ TCGv opmode;
+
+ if (IS_USER(s)) {
+ gen_exception(s, s->insn_pc, EXCP_PRIVILEGE);
+ return;
+ }
+
+ opmode = tcg_const_i32((insn >> 3) & 3);
+ gen_helper_pflush(cpu_env, AREG(insn, 0), opmode);
+ tcg_temp_free(opmode);
+}
+
+DISAS_INSN(ptest)
+{
+ TCGv is_read;
+
+ if (IS_USER(s)) {
+ gen_exception(s, s->insn_pc, EXCP_PRIVILEGE);
+ return;
+ }
+ is_read = tcg_const_i32((insn >> 5) & 1);
+ gen_helper_ptest(cpu_env, AREG(insn, 0), is_read);
+ tcg_temp_free(is_read);
+}
+#endif
+
DISAS_INSN(wddata)
{
gen_exception(s, s->insn_pc, EXCP_PRIVILEGE);
@@ -5857,6 +5886,8 @@ void register_m68k_insns (CPUM68KState *env)
INSN(cpushl, f428, ff38, CF_ISA_A);
INSN(cpush, f420, ff20, M68040);
INSN(cinv, f400, ff20, M68040);
+ INSN(pflush, f500, ffe0, M68040);
+ INSN(ptest, f548, ffd8, M68040);
INSN(wddata, fb00, ff00, CF_ISA_A);
INSN(wdebug, fbc0, ffc0, CF_ISA_A);
#endif
@@ -6060,6 +6091,8 @@ void m68k_cpu_dump_state(CPUState *cs, FILE *f, fprintf_function cpu_fprintf,
cpu_fprintf(f, "DTTR0/1: %08x/%08x ITTR0/1: %08x/%08x\n",
env->mmu.ttr[M68K_DTTR0], env->mmu.ttr[M68K_DTTR1],
env->mmu.ttr[M68K_ITTR0], env->mmu.ttr[M68K_ITTR1]);
+ cpu_fprintf(f, "MMUSR %08x, fault at %08x\n",
+ env->mmu.mmusr, env->mmu.ar);
#endif
}
--
2.14.3
^ permalink raw reply related [flat|nested] 16+ messages in thread
* [Qemu-devel] [PATCH 6/6] target/m68k: add HMP command "info tlb"
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
` (4 preceding siblings ...)
2018-01-08 23:10 ` [Qemu-devel] [PATCH 5/6] target/m68k: add pflush/ptest Laurent Vivier
@ 2018-01-08 23:10 ` Laurent Vivier
2018-01-10 21:27 ` Richard Henderson
5 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-08 23:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier, Dr . David Alan Gilbert
Dump MMU state and address mappings.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
---
CC: Dr. David Alan Gilbert <dgilbert@redhat.com>
hmp-commands-info.hx | 2 +-
target/m68k/cpu.h | 1 +
target/m68k/helper.c | 216 ++++++++++++++++++++++++++++++++++++++++++++++++++
target/m68k/monitor.c | 13 +++
4 files changed, 231 insertions(+), 1 deletion(-)
diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
index 54c3e5eac6..ad590a4ffb 100644
--- a/hmp-commands-info.hx
+++ b/hmp-commands-info.hx
@@ -216,7 +216,7 @@ Show PCI information.
ETEXI
#if defined(TARGET_I386) || defined(TARGET_SH4) || defined(TARGET_SPARC) || \
- defined(TARGET_PPC) || defined(TARGET_XTENSA)
+ defined(TARGET_PPC) || defined(TARGET_XTENSA) || defined(TARGET_M68K)
{
.name = "tlb",
.args_type = "",
diff --git a/target/m68k/cpu.h b/target/m68k/cpu.h
index 2f5a716139..e9c6e19af4 100644
--- a/target/m68k/cpu.h
+++ b/target/m68k/cpu.h
@@ -558,4 +558,5 @@ static inline void cpu_get_tb_cpu_state(CPUM68KState *env, target_ulong *pc,
| ((env->macsr >> 4) & 0xf); /* Bits 0-3 */
}
+void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUM68KState *env);
#endif
diff --git a/target/m68k/helper.c b/target/m68k/helper.c
index ef9ef6f55c..7ea30e9a3e 100644
--- a/target/m68k/helper.c
+++ b/target/m68k/helper.c
@@ -375,6 +375,222 @@ int m68k_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size, int rw,
/* MMU: 68040 only */
+static void print_address_zone(FILE *f, fprintf_function cpu_fprintf,
+ uint32_t logical, uint32_t physical,
+ uint32_t size, int attr)
+{
+ cpu_fprintf(f, "%08x - %08x -> %08x - %08x %c ",
+ logical, logical + size - 1,
+ physical, physical + size - 1,
+ attr & 4 ? 'W' : '-');
+ size >>= 10;
+ if (size < 1024) {
+ cpu_fprintf(f, "(%d KiB)\n", size);
+ } else {
+ size >>= 10;
+ if (size < 1024) {
+ cpu_fprintf(f, "(%d MiB)\n", size);
+ } else {
+ size >>= 10;
+ cpu_fprintf(f, "(%d GiB)\n", size);
+ }
+ }
+}
+
+static void dump_address_map(FILE *f, fprintf_function cpu_fprintf,
+ CPUM68KState *env, uint32_t root_pointer)
+{
+ int i, j, k;
+ int tic_size, tic_shift;
+ uint32_t tib_mask;
+ uint32_t tia, tib, tic;
+ uint32_t logical = 0xffffffff, physical = 0xffffffff;
+ uint32_t first_logical = 0xffffffff, first_physical = 0xffffffff;
+ uint32_t last_logical, last_physical;
+ int32_t size;
+ int last_attr = -1, attr = -1;
+ M68kCPU *cpu = m68k_env_get_cpu(env);
+ CPUState *cs = CPU(cpu);
+
+ if (env->mmu.tcr & M68K_TCR_PAGE_8K) {
+ /* 8k page */
+ tic_size = 32;
+ tic_shift = 13;
+ tib_mask = 0xffffff80;
+ } else {
+ /* 4k page */
+ tic_size = 64;
+ tic_shift = 12;
+ tib_mask = 0xffffff00;
+ }
+ for (i = 0; i < 128; i++) {
+ tia = ldl_phys(cs->as, M68K_POINTER_BASE(root_pointer) + i * 4);
+ if (!M68K_UDT_VALID(tia)) {
+ continue;
+ }
+ for (j = 0; j < 128; j++) {
+ tib = ldl_phys(cs->as, M68K_POINTER_BASE(tia) + j * 4);
+ if (!M68K_UDT_VALID(tia)) {
+ continue;
+ }
+ for (k = 0; k < tic_size; k++) {
+ tic = ldl_phys(cs->as, (tib & tib_mask) + k * 4);
+ if (!M68K_PDT_VALID(tia)) {
+ continue;
+ }
+ if (M68K_PDT_INDIRECT(tic)) {
+ tic = ldl_phys(cs->as, M68K_INDIRECT_POINTER(tic));
+ }
+
+ last_logical = logical;
+ logical = (i << 25) | (j << 18) | (k << tic_shift);
+
+ last_physical = physical;
+ physical = tic & ~((1 << tic_shift) - 1);
+
+ last_attr = attr;
+ attr = tic & ((1 << tic_shift) - 1);
+
+ if ((logical != (last_logical + (1 << tic_shift))) ||
+ (physical != (last_physical + (1 << tic_shift))) ||
+ (attr & 4) != (last_attr & 4)) {
+
+ if (first_logical != 0xffffffff) {
+ size = last_logical + (1 << tic_shift) -
+ first_logical;
+ print_address_zone(f, cpu_fprintf, first_logical,
+ first_physical, size, last_attr);
+ }
+ first_logical = logical;
+ first_physical = physical;
+ }
+ }
+ }
+ }
+ if (first_logical != logical || (attr & 4) != (last_attr & 4)) {
+ size = logical + (1 << tic_shift) - first_logical;
+ print_address_zone(f, cpu_fprintf, first_logical, first_physical, size,
+ last_attr);
+ }
+}
+
+#define DUMP_CACHEFLAGS(a) \
+ switch (a & M68K_DESC_CACHEMODE) { \
+ case M68K_DESC_CM_WRTHRU: /* cachable, write-through */ \
+ cpu_fprintf(f, "T"); \
+ break; \
+ case M68K_DESC_CM_COPYBK: /* cachable, copyback */ \
+ cpu_fprintf(f, "C"); \
+ break; \
+ case M68K_DESC_CM_SERIAL: /* noncachable, serialized */ \
+ cpu_fprintf(f, "S"); \
+ break; \
+ case M68K_DESC_CM_NCACHE: /* noncachable */ \
+ cpu_fprintf(f, "N"); \
+ break; \
+ }
+
+static void dump_ttr(FILE *f, fprintf_function cpu_fprintf, uint32_t ttr)
+{
+ if ((ttr & M68K_TTR_ENABLED) == 0) {
+ cpu_fprintf(f, "disabled\n");
+ return;
+ }
+ cpu_fprintf(f, "Base: 0x%08x Mask: 0x%08x Control: ",
+ ttr & M68K_TTR_ADDR_BASE,
+ (ttr & M68K_TTR_ADDR_MASK) << M68K_TTR_ADDR_MASK_SHIFT);
+ switch (ttr & M68K_TTR_SFIELD) {
+ case M68K_TTR_SFIELD_USER:
+ cpu_fprintf(f, "U");
+ break;
+ case M68K_TTR_SFIELD_SUPER:
+ cpu_fprintf(f, "S");
+ break;
+ default:
+ cpu_fprintf(f, "*");
+ break;
+ }
+ DUMP_CACHEFLAGS(ttr);
+ if (ttr & M68K_DESC_WRITEPROT) {
+ cpu_fprintf(f, "R");
+ } else {
+ cpu_fprintf(f, "W");
+ }
+ cpu_fprintf(f, " U: %d\n", (ttr & M68K_DESC_USERATTR) >>
+ M68K_DESC_USERATTR_SHIFT);
+}
+
+void dump_mmu(FILE *f, fprintf_function cpu_fprintf, CPUM68KState *env)
+{
+ if ((env->mmu.tcr & M68K_TCR_ENABLED) == 0) {
+ cpu_fprintf(f, "Translation disabled\n");
+ return;
+ }
+ cpu_fprintf(f, "Page Size: ");
+ if (env->mmu.tcr & M68K_TCR_PAGE_8K) {
+ cpu_fprintf(f, "8kB\n");
+ } else {
+ cpu_fprintf(f, "4kB\n");
+ }
+
+ cpu_fprintf(f, "MMUSR: ");
+ if (env->mmu.mmusr & M68K_MMU_B_040) {
+ cpu_fprintf(f, "BUS ERROR\n");
+ } else {
+ cpu_fprintf(f, "Phy=%08x Flags: ", env->mmu.mmusr & 0xfffff000);
+ /* flags found on the page descriptor */
+ if (env->mmu.mmusr & M68K_MMU_G_040) {
+ cpu_fprintf(f, "G"); /* Global */
+ } else {
+ cpu_fprintf(f, ".");
+ }
+ if (env->mmu.mmusr & M68K_MMU_S_040) {
+ cpu_fprintf(f, "S"); /* Supervisor */
+ } else {
+ cpu_fprintf(f, ".");
+ }
+ if (env->mmu.mmusr & M68K_MMU_M_040) {
+ cpu_fprintf(f, "M"); /* Modified */
+ } else {
+ cpu_fprintf(f, ".");
+ }
+ if (env->mmu.mmusr & M68K_MMU_WP_040) {
+ cpu_fprintf(f, "W"); /* Write protect */
+ } else {
+ cpu_fprintf(f, ".");
+ }
+ if (env->mmu.mmusr & M68K_MMU_T_040) {
+ cpu_fprintf(f, "T"); /* Transparent */
+ } else {
+ cpu_fprintf(f, ".");
+ }
+ if (env->mmu.mmusr & M68K_MMU_R_040) {
+ cpu_fprintf(f, "R"); /* Resident */
+ } else {
+ cpu_fprintf(f, ".");
+ }
+ cpu_fprintf(f, " Cache: ");
+ DUMP_CACHEFLAGS(env->mmu.mmusr);
+ cpu_fprintf(f, " U: %d\n", (env->mmu.mmusr >> 8) & 3);
+ cpu_fprintf(f, "\n");
+ }
+
+ cpu_fprintf(f, "ITTR0: ");
+ dump_ttr(f, cpu_fprintf, env->mmu.ttr[M68K_ITTR0]);
+ cpu_fprintf(f, "ITTR1: ");
+ dump_ttr(f, cpu_fprintf, env->mmu.ttr[M68K_ITTR1]);
+ cpu_fprintf(f, "DTTR0: ");
+ dump_ttr(f, cpu_fprintf, env->mmu.ttr[M68K_DTTR0]);
+ cpu_fprintf(f, "DTTR1: ");
+ dump_ttr(f, cpu_fprintf, env->mmu.ttr[M68K_DTTR1]);
+
+ cpu_fprintf(f, "SRP: 0x%08x\n", env->mmu.srp);
+ dump_address_map(f, cpu_fprintf, env, env->mmu.srp);
+
+ cpu_fprintf(f, "URP: 0x%08x\n", env->mmu.urp);
+ dump_address_map(f, cpu_fprintf, env, env->mmu.urp);
+}
+
static int check_TTR(uint32_t ttr, int *prot, target_ulong addr,
int access_type)
{
diff --git a/target/m68k/monitor.c b/target/m68k/monitor.c
index 486213cd8b..db582a34ac 100644
--- a/target/m68k/monitor.c
+++ b/target/m68k/monitor.c
@@ -8,6 +8,19 @@
#include "qemu/osdep.h"
#include "cpu.h"
#include "monitor/hmp-target.h"
+#include "monitor/monitor.h"
+
+void hmp_info_tlb(Monitor *mon, const QDict *qdict)
+{
+ CPUArchState *env1 = mon_get_cpu_env();
+
+ if (!env1) {
+ monitor_printf(mon, "No CPU available\n");
+ return;
+ }
+
+ dump_mmu((FILE *)mon, (fprintf_function)monitor_printf, env1);
+}
static const MonitorDef monitor_defs[] = {
{ "d0", offsetof(CPUM68KState, dregs[0]) },
--
2.14.3
^ permalink raw reply related [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [qemu-s390x] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill()
2018-01-08 23:10 ` [Qemu-devel] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill() Laurent Vivier
@ 2018-01-10 8:43 ` David Hildenbrand
2018-01-10 13:42 ` Laurent Vivier
0 siblings, 1 reply; 16+ messages in thread
From: David Hildenbrand @ 2018-01-10 8:43 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
Cc: Peter Maydell, Eduardo Habkost, qemu-s390x, Bastian Koppelmann,
Anthony Green, Chris Wulff, Richard Henderson, Alexander Graf,
Max Filippov, Michael Walle, qemu-arm, qemu-ppc,
Artyom Tarasenko, Paolo Bonzini, Edgar E . Iglesias,
Stafford Horne, Guan Xuetao, Aurelien Jarno
On 09.01.2018 00:10, Laurent Vivier wrote:
> The MC68040 MMU provides the size of the access that
> triggers the page fault.
>
> This size is set in the Special Status Word which
> is written in the stack frame of the access fault
> exception.
>
> So we need the size in m68k_cpu_unassigned_access() and
> m68k_cpu_handle_mmu_fault().
>
> To be able to do that, this patch modifies the prototype of
> handle_mmu_fault handler, tlb_fill() and probe_write().
> do_unassigned_access() already includes a size parameter.
>
> This patch also updates handle_mmu_fault handlers and
> tlb_fill() of all targets (only parameter, no code change).
>
There are a couple of places where you use "1" (when no other size is
available). e.g. in get_page_addr_code().
Wonder if that's the right thing to do - are there any architectures
that e.g. always fetch at least 2 bytes in these conditions?
Apart from that, looks sane to me (for other architectures :) )
--
Thanks,
David / dhildenb
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [qemu-s390x] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill()
2018-01-10 8:43 ` [Qemu-devel] [qemu-s390x] " David Hildenbrand
@ 2018-01-10 13:42 ` Laurent Vivier
2018-01-10 18:47 ` Richard Henderson
0 siblings, 1 reply; 16+ messages in thread
From: Laurent Vivier @ 2018-01-10 13:42 UTC (permalink / raw)
To: David Hildenbrand, qemu-devel
Cc: Peter Maydell, Eduardo Habkost, qemu-s390x, Bastian Koppelmann,
Anthony Green, Chris Wulff, Richard Henderson, Alexander Graf,
Max Filippov, Michael Walle, qemu-arm, qemu-ppc,
Artyom Tarasenko, Paolo Bonzini, Edgar E . Iglesias,
Stafford Horne, Guan Xuetao, Aurelien Jarno
Le 10/01/2018 à 09:43, David Hildenbrand a écrit :
> On 09.01.2018 00:10, Laurent Vivier wrote:
>> The MC68040 MMU provides the size of the access that
>> triggers the page fault.
>>
>> This size is set in the Special Status Word which
>> is written in the stack frame of the access fault
>> exception.
>>
>> So we need the size in m68k_cpu_unassigned_access() and
>> m68k_cpu_handle_mmu_fault().
>>
>> To be able to do that, this patch modifies the prototype of
>> handle_mmu_fault handler, tlb_fill() and probe_write().
>> do_unassigned_access() already includes a size parameter.
>>
>> This patch also updates handle_mmu_fault handlers and
>> tlb_fill() of all targets (only parameter, no code change).
>>
>
> There are a couple of places where you use "1" (when no other size is
> available). e.g. in get_page_addr_code().
>
> Wonder if that's the right thing to do - are there any architectures
> that e.g. always fetch at least 2 bytes in these conditions?
>
It's a good question.
"1" is passed to probe_write() and tlb_fill() and handle_mmu_fault().
probe_write() calls tlb_fill(), and tlb_fill() calls machine
handle_mmu_fault handler.
As no existing handle_mmu_fault takes care of the access size, I think
passing 1 and ignoring it doesn't change the existing behavior.
probe_write() is used to check if a page is writable, and none of the
callers is guessing the write can cross a page boundary, so 1 is the
good value in this case.
get_page_addr_code() is the only user of tlb_fill() with 1. and callers
of get_page_addr_code() never guess the code address can run across a
page boundary. Some of them calls get_page_addr_code() a second time to
check this case. So I think using 1 is good solution, but perhaps the
code could be improved by adding the size parameter to get_page_addr_code().
My purpose was not to change the functions behavior, only to add the new
parameter. So using "1" when the size is not obvious is a good solution
to me.
Thank you for your comment!
Laurent
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [qemu-s390x] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill()
2018-01-10 13:42 ` Laurent Vivier
@ 2018-01-10 18:47 ` Richard Henderson
0 siblings, 0 replies; 16+ messages in thread
From: Richard Henderson @ 2018-01-10 18:47 UTC (permalink / raw)
To: Laurent Vivier, David Hildenbrand, qemu-devel
Cc: Peter Maydell, Eduardo Habkost, qemu-s390x, Bastian Koppelmann,
Anthony Green, Chris Wulff, Alexander Graf, Max Filippov,
Michael Walle, qemu-arm, qemu-ppc, Artyom Tarasenko,
Paolo Bonzini, Edgar E . Iglesias, Stafford Horne, Guan Xuetao,
Aurelien Jarno
On 01/10/2018 05:42 AM, Laurent Vivier wrote:
> Le 10/01/2018 à 09:43, David Hildenbrand a écrit :
>> On 09.01.2018 00:10, Laurent Vivier wrote:
>>> The MC68040 MMU provides the size of the access that
>>> triggers the page fault.
>>>
>>> This size is set in the Special Status Word which
>>> is written in the stack frame of the access fault
>>> exception.
>>>
>>> So we need the size in m68k_cpu_unassigned_access() and
>>> m68k_cpu_handle_mmu_fault().
>>>
>>> To be able to do that, this patch modifies the prototype of
>>> handle_mmu_fault handler, tlb_fill() and probe_write().
>>> do_unassigned_access() already includes a size parameter.
>>>
>>> This patch also updates handle_mmu_fault handlers and
>>> tlb_fill() of all targets (only parameter, no code change).
>>>
>>
>> There are a couple of places where you use "1" (when no other size is
>> available). e.g. in get_page_addr_code().
>>
>> Wonder if that's the right thing to do - are there any architectures
>> that e.g. always fetch at least 2 bytes in these conditions?
>>
>
> It's a good question.
>
> "1" is passed to probe_write() and tlb_fill() and handle_mmu_fault().
> probe_write() calls tlb_fill(), and tlb_fill() calls machine
> handle_mmu_fault handler.
>
> As no existing handle_mmu_fault takes care of the access size, I think
> passing 1 and ignoring it doesn't change the existing behavior.
>
> probe_write() is used to check if a page is writable, and none of the
> callers is guessing the write can cross a page boundary, so 1 is the
> good value in this case.
>
> get_page_addr_code() is the only user of tlb_fill() with 1. and callers
> of get_page_addr_code() never guess the code address can run across a
> page boundary. Some of them calls get_page_addr_code() a second time to
> check this case. So I think using 1 is good solution, but perhaps the
> code could be improved by adding the size parameter to get_page_addr_code().
>
> My purpose was not to change the functions behavior, only to add the new
> parameter. So using "1" when the size is not obvious is a good solution
> to me.
I guess I don't really have a problem with "1".
I do wonder if "0" might be a better value for "I don't know", because it is
not mistakable with a real access of 1 byte.
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU
2018-01-08 23:10 ` [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU Laurent Vivier
@ 2018-01-10 20:12 ` Richard Henderson
2018-01-12 18:46 ` Laurent Vivier
0 siblings, 1 reply; 16+ messages in thread
From: Richard Henderson @ 2018-01-10 20:12 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 01/08/2018 03:10 PM, Laurent Vivier wrote:
> +static int get_physical_address(CPUM68KState *env, hwaddr *physical,
> + int *prot, target_ulong address,
> + int access_type, target_ulong *page_size)
> +{
> + M68kCPU *cpu = m68k_env_get_cpu(env);
> + CPUState *cs = CPU(cpu);
> + uint32_t page_offset;
> + uint32_t entry;
> + uint32_t next;
> +
> + /* Page Table Root Pointer */
> + *prot = PAGE_READ | PAGE_WRITE;
> + if (access_type & ACCESS_CODE) {
> + *prot |= PAGE_EXEC;
> + }
> + if (access_type & ACCESS_SUPER) {
> + next = env->mmu.srp;
> + } else {
> + next = env->mmu.urp;
> + }
> +
> + /* Root Index */
> + entry = M68K_POINTER_BASE(next) | M68K_ROOT_INDEX(address);
> +
> + next = ldl_phys(cs->as, entry);
> + if (!M68K_UDT_VALID(next)) {
> + return -1;
> + }
> + if (!(next & M68K_DESC_USED)) {
> + stl_phys(cs->as, entry, next | M68K_DESC_USED);
> + }
You may want to add ACCESS_DEBUG or some such so that probes from gdb and the
monitor interface do not alter the cpu state.
> + if (env->mmu.tcr & M68K_TCR_PAGE_8K) {
> + *page_size = 8192;
> + page_offset = address & 0x1fff;
> + *physical = (next & ~0x1fff) + page_offset;
> + } else {
> + *page_size = 4096;
> + page_offset = address & 0x0fff;
> + *physical = (next & ~0x0fff) + page_offset;
> + }
So...
> + if (ret == 0) {
> + tlb_set_page(cs, address & TARGET_PAGE_MASK,
> + physical & TARGET_PAGE_MASK,
> + prot, mmu_idx, page_size);
... this is going to go through the tlb_add_large_page path every time, since
both 4K and 8K are larger than the default 1K page size.
Using the large page path by default means that any single-page tlb flush will
quickly devolve to flushing the entire tlb.
Also, using page_size and TARGET_PAGE_MASK looks wrong. I think you would have
needed address & -page_size.
That said, you may want to compare the performance of passing page_size vs
TARGET_PAGE_SIZE to tlb_set_page.
> +++ b/target/m68k/op_helper.c
> @@ -360,7 +360,50 @@ static void m68k_interrupt_all(CPUM68KState *env, int is_hw)
> sp = env->aregs[7];
>
> sp &= ~1;
> - if (cs->exception_index == EXCP_ADDRESS) {
> + if (cs->exception_index == EXCP_ACCESS) {
> + static int mmu_fault;
> + if (mmu_fault) {
> + cpu_abort(cs, "DOUBLE MMU FAULT\n");
> + }
> + mmu_fault = 1;
This variable shouldn't be static -- it should be in CPUM68KState or M68kCPU.
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 3/6] target/m68k: add Transparent Translation
2018-01-08 23:10 ` [Qemu-devel] [PATCH 3/6] target/m68k: add Transparent Translation Laurent Vivier
@ 2018-01-10 21:08 ` Richard Henderson
0 siblings, 0 replies; 16+ messages in thread
From: Richard Henderson @ 2018-01-10 21:08 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 01/08/2018 03:10 PM, Laurent Vivier wrote:
> Add ittr0, ittr1, dttr0, dttr1 and manage Transparent Translations
>
> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
> ---
> target/m68k/cpu.h | 18 +++++++++++
> target/m68k/helper.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++++
> target/m68k/monitor.c | 4 +++
> target/m68k/translate.c | 3 ++
> 4 files changed, 104 insertions(+)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 4/6] target/m68k: add moves
2018-01-08 23:10 ` [Qemu-devel] [PATCH 4/6] target/m68k: add moves Laurent Vivier
@ 2018-01-10 21:22 ` Richard Henderson
0 siblings, 0 replies; 16+ messages in thread
From: Richard Henderson @ 2018-01-10 21:22 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 01/08/2018 03:10 PM, Laurent Vivier wrote:
> and introduce SFC and DFC control registers.
>
> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
The patch is correct, so
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
However...
> +void HELPER(moves_store)(CPUM68KState *env, uint32_t val,
> + uint32_t addr, uint32_t size)
> +{
> + if (env->dfc & 4) { /* kernel */
> + switch (size) {
> + case OS_BYTE:
> + cpu_stb_kernel_ra(env, addr, val, GETPC());
I assume that the kernel makes frequent use of moves for user access?
You might consider copying bit 2 of SFC and DFC into TB->FLAGS, if supervisor
mode. At which point you can issue the qemu_ld/st opcodes inline to the
correct mmu_idx.
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 5/6] target/m68k: add pflush/ptest
2018-01-08 23:10 ` [Qemu-devel] [PATCH 5/6] target/m68k: add pflush/ptest Laurent Vivier
@ 2018-01-10 21:25 ` Richard Henderson
0 siblings, 0 replies; 16+ messages in thread
From: Richard Henderson @ 2018-01-10 21:25 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel
On 01/08/2018 03:10 PM, Laurent Vivier wrote:
> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
> ---
> target/m68k/cpu.h | 3 +++
> target/m68k/helper.c | 72 +++++++++++++++++++++++++++++++++++++++++++++++++
> target/m68k/helper.h | 2 ++
> target/m68k/monitor.c | 1 +
> target/m68k/op_helper.c | 1 +
> target/m68k/translate.c | 33 +++++++++++++++++++++++
> 6 files changed, 112 insertions(+)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 6/6] target/m68k: add HMP command "info tlb"
2018-01-08 23:10 ` [Qemu-devel] [PATCH 6/6] target/m68k: add HMP command "info tlb" Laurent Vivier
@ 2018-01-10 21:27 ` Richard Henderson
0 siblings, 0 replies; 16+ messages in thread
From: Richard Henderson @ 2018-01-10 21:27 UTC (permalink / raw)
To: Laurent Vivier, qemu-devel; +Cc: Dr . David Alan Gilbert
On 01/08/2018 03:10 PM, Laurent Vivier wrote:
> Dump MMU state and address mappings.
>
> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU
2018-01-10 20:12 ` Richard Henderson
@ 2018-01-12 18:46 ` Laurent Vivier
0 siblings, 0 replies; 16+ messages in thread
From: Laurent Vivier @ 2018-01-12 18:46 UTC (permalink / raw)
To: Richard Henderson, qemu-devel
Le 10/01/2018 à 21:12, Richard Henderson a écrit :
> On 01/08/2018 03:10 PM, Laurent Vivier wrote:
>> +static int get_physical_address(CPUM68KState *env, hwaddr *physical,
>> + int *prot, target_ulong address,
>> + int access_type, target_ulong *page_size)
...
>> + if (env->mmu.tcr & M68K_TCR_PAGE_8K) {
>> + *page_size = 8192;
>> + page_offset = address & 0x1fff;
>> + *physical = (next & ~0x1fff) + page_offset;
>> + } else {
>> + *page_size = 4096;
>> + page_offset = address & 0x0fff;
>> + *physical = (next & ~0x0fff) + page_offset;
>> + }
>
> So...
>
>> + if (ret == 0) {
>> + tlb_set_page(cs, address & TARGET_PAGE_MASK,
>> + physical & TARGET_PAGE_MASK,
>> + prot, mmu_idx, page_size);
>
> ... this is going to go through the tlb_add_large_page path every time, since
> both 4K and 8K are larger than the default 1K page size.
>
> Using the large page path by default means that any single-page tlb flush will
> quickly devolve to flushing the entire tlb.
>
> Also, using page_size and TARGET_PAGE_MASK looks wrong. I think you would have
> needed address & -page_size.
>
> That said, you may want to compare the performance of passing page_size vs
> TARGET_PAGE_SIZE to tlb_set_page.
I've found several examples using TARGET_PAGE_MASK and page_size [1], so
I think we can use the mix of them, but I'm going to update
TARGET_PAGE_BITS to 12 to avoid to go through the tlb_add_large_page()
function (kernel uses 13 for coldfire or SUN3, and 12 for others).
Thanks,
Laurent
[1]
target/sparc/mmu_helper.c
211 int sparc_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int
size, int rw,
212 int mmu_idx)
213 {
...
221 address &= TARGET_PAGE_MASK;
222 error_code = get_physical_address(env, &paddr, &prot,
&access_index,
223 address, rw, mmu_idx,
&page_size);
224 vaddr = address;
225 if (error_code == 0) {
...
229 tlb_set_page(cs, vaddr, paddr, prot, mmu_idx, page_size);
230 return 0;
231 }
or
target/unicore32/softmmu.c
218 int uc32_cpu_handle_mmu_fault(CPUState *cs, vaddr address, int size,
219 int access_type, int mmu_idx)
...
255 if (ret == 0) {
256 /* Map a single page. */
257 phys_addr &= TARGET_PAGE_MASK;
258 address &= TARGET_PAGE_MASK;
259 tlb_set_page(cs, address, phys_addr, prot, mmu_idx,
page_size);
260 return 0;
261 }
or
target/xtensa/op_helper.c
53 void tlb_fill(CPUState *cs, target_ulong vaddr, int size,
54 MMUAccessType access_type, int mmu_idx, uintptr_t
retaddr)
...
68 tlb_set_page(cs,
69 vaddr & TARGET_PAGE_MASK,
70 paddr & TARGET_PAGE_MASK,
71 access, mmu_idx, page_size);
or
target/ppc/mmu-hash64.c
694 int ppc_hash64_handle_mmu_fault(PowerPCCPU *cpu, vaddr eaddr,
695 int rwx, int mmu_idx)
...
866 tlb_set_page(cs, eaddr & TARGET_PAGE_MASK, raddr &
TARGET_PAGE_MASK,
867 prot, mmu_idx, 1ULL << apshift);
^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2018-01-12 18:46 UTC | newest]
Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-08 23:10 [Qemu-devel] [PATCH 0/6] target/m68k: supervisor mode (part 2) Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 1/6] accel/tcg: add size paremeter in tlb_fill() Laurent Vivier
2018-01-10 8:43 ` [Qemu-devel] [qemu-s390x] " David Hildenbrand
2018-01-10 13:42 ` Laurent Vivier
2018-01-10 18:47 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 2/6] target/m68k: add MC68040 MMU Laurent Vivier
2018-01-10 20:12 ` Richard Henderson
2018-01-12 18:46 ` Laurent Vivier
2018-01-08 23:10 ` [Qemu-devel] [PATCH 3/6] target/m68k: add Transparent Translation Laurent Vivier
2018-01-10 21:08 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 4/6] target/m68k: add moves Laurent Vivier
2018-01-10 21:22 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 5/6] target/m68k: add pflush/ptest Laurent Vivier
2018-01-10 21:25 ` Richard Henderson
2018-01-08 23:10 ` [Qemu-devel] [PATCH 6/6] target/m68k: add HMP command "info tlb" Laurent Vivier
2018-01-10 21:27 ` Richard Henderson
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.