QEMU Morello

.clang-format

@@ -1,16 +1,19 @@
 BasedOnStyle: LLVM
+ColumnLimit: 80
 IndentWidth: 4
 UseTab: Never
 BreakBeforeBraces: Linux
+AlignConsecutiveMacros: Consecutive
 AllowShortIfStatementsOnASingleLine: Never
 AllowShortCaseLabelsOnASingleLine: false
 AllowShortBlocksOnASingleLine: Empty
 AllowShortFunctionsOnASingleLine: Empty
 AllowShortLoopsOnASingleLine: false
-IndentCaseLabels: false
-ColumnLimit: 80
-SortIncludes: false
 AllowShortLambdasOnASingleLine: Inline
 AlwaysBreakBeforeMultilineStrings: false
 BreakStringLiterals: true
+IndentCaseLabels: false
+IndentCaseBlocks: true
+Cpp11BracedListStyle: false
 PointerAlignment: Right
+SortIncludes: false

accel/tcg/cpu-exec.c

@@ -219,7 +219,7 @@ static void cpu_exec_nocache(CPUState *cpu, int max_cycles,
                              TranslationBlock *orig_tb, bool ignore_icount)
 {
     TranslationBlock *tb;
-    uint32_t cflags = curr_cflags() | CF_NOCACHE;
+    uint32_t cflags = curr_cflags(cpu) | CF_NOCACHE;
     int tb_exit;
 
     if (ignore_icount) {
@@ -499,7 +499,8 @@ static inline bool cpu_handle_exception(CPUState *cpu, int *ret)
         if (replay_has_exception()
             && cpu_neg(cpu)->icount_decr.u16.low + cpu->icount_extra == 0) {
             /* try to cause an exception pending in the log */
-            cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0, curr_cflags()), true);
+            cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0, curr_cflags(cpu)),
+                             true);
         }
 #endif
         if (cpu->exception_index < 0) {
@@ -783,7 +784,7 @@ int cpu_exec(CPUState *cpu)
                have CF_INVALID set, -1 is a convenient invalid value that
                does not require tcg headers for cpu_common_reset.  */
             if (cflags == -1) {
-                cflags = curr_cflags();
+                cflags = curr_cflags(cpu);
             } else {
                 cpu->cflags_next_tb = -1;
             }

accel/tcg/cputlb.c

@@ -1239,6 +1239,9 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
     if (prot & PAGE_LC_TRAP) {
         desc->iotlb[index].tagmem_read |= TLBENTRYCAP_FLAG_TRAP;
     }
+    if (prot & PAGE_LC_TRAP_ANY) {
+        desc->iotlb[index].tagmem_read |= TLBENTRYCAP_FLAG_TRAP_ANY;
+    }
     if (prot & PAGE_SC_CLEAR) {
         desc->iotlb[index].tagmem_write |= TLBENTRYCAP_FLAG_CLEAR;
     }
@@ -1454,8 +1457,9 @@ static bool victim_tlb_hit(CPUArchState *env, size_t mmu_idx, size_t index,
 #endif
 
 #ifdef TARGET_CHERI
-        if (cap_write && (env_tlb(env)->d[mmu_idx].viotlb[vidx].tagmem_write ==
-                          TLBENTRYCAP_INVALID_WRITE)) {
+        if (cap_write && ((env_tlb(env)->d[mmu_idx].viotlb[vidx].tagmem_write &
+                           TLBENTRYCAP_INVALID_WRITE_MASK) ==
+                          TLBENTRYCAP_INVALID_WRITE_VALUE)) {
             continue;
         }
 #endif
@@ -1603,10 +1607,11 @@ probe_access_internal(CPUArchState *env, target_ulong addr, int fault_size,
 
 #ifdef TARGET_CHERI
     if (access_type == MMU_DATA_CAP_STORE &&
-        (env_tlb(env)
-             ->d[mmu_idx]
-             .iotlb[tlb_index(env, mmu_idx, addr)]
-             .tagmem_write == TLBENTRYCAP_INVALID_WRITE))
+        ((env_tlb(env)
+              ->d[mmu_idx]
+              .iotlb[tlb_index(env, mmu_idx, addr)]
+              .tagmem_write &
+          TLBENTRYCAP_INVALID_WRITE_MASK) == TLBENTRYCAP_INVALID_WRITE_VALUE))
         tag_write_invalid = true;
 #endif
 

accel/tcg/log_instr.c

@@ -407,12 +407,12 @@ static void emit_text_start(CPUArchState *env, target_ulong pc)
     cpu_log_instr_state_t *cpulog = get_cpu_log_state(env);
 
     if (cpulog->loglevel == QEMU_LOG_INSTR_LOGLEVEL_USER) {
-        qemu_log("[%u:%u] Requested user-mode only instruction logging @ "
-                 TARGET_FMT_lx " \n", env_cpu(env)->cpu_index,
-                 cpu_get_asid(env), pc);
+        qemu_log("[%u:%u] Requested user-mode only instruction logging "
+                 "@ " TARGET_FMT_lx " \n",
+                 env_cpu(env)->cpu_index, cpu_get_asid(env, pc), pc);
     } else {
         qemu_log("[%u:%u] Requested instruction logging @ " TARGET_FMT_lx " \n",
-                 env_cpu(env)->cpu_index, cpu_get_asid(env), pc);
+                 env_cpu(env)->cpu_index, cpu_get_asid(env, pc), pc);
     }
 }
 
@@ -424,12 +424,12 @@ static void emit_text_stop(CPUArchState *env, target_ulong pc)
     cpu_log_instr_state_t *cpulog = get_cpu_log_state(env);
 
     if (cpulog->loglevel == QEMU_LOG_INSTR_LOGLEVEL_USER) {
-        qemu_log("[%u:%u] Disabled user-mode only instruction logging @ "
-                 TARGET_FMT_lx " \n", env_cpu(env)->cpu_index,
-                 cpu_get_asid(env), pc);
+        qemu_log("[%u:%u] Disabled user-mode only instruction logging "
+                 "@ " TARGET_FMT_lx " \n",
+                 env_cpu(env)->cpu_index, cpu_get_asid(env, pc), pc);
     } else {
         qemu_log("[%u:%u] Disabled instruction logging @ " TARGET_FMT_lx " \n",
-                 env_cpu(env)->cpu_index, cpu_get_asid(env), pc);
+                 env_cpu(env)->cpu_index, cpu_get_asid(env, pc), pc);
     }
 }
 
@@ -646,8 +646,6 @@ static void do_cpu_loglevel_switch(CPUState *cpu, run_on_cpu_data data)
     qemu_log_instr_loglevel_t next_level = data.host_int;
     bool next_level_active;
 
-    log_assert(qemu_loglevel_mask(CPU_LOG_INSTR));
-
     /* Decide whether we have to pause/resume logging */
     switch (next_level) {
     case QEMU_LOG_INSTR_LOGLEVEL_NONE:
@@ -679,7 +677,10 @@ static void do_cpu_loglevel_switch(CPUState *cpu, run_on_cpu_data data)
     /* Check if this was a no-op */
     if (next_level == prev_level && prev_level_active == next_level_active)
         return;
-    tb_flush(cpu);
+
+    /* Flushing all translations makes things incredibly slow. Instead,
+     * we put whether tracing is currently enabled into cflags */
+
     /* Emit start/stop events */
     if (prev_level_active) {
         if (cpulog->starting) {
@@ -739,18 +740,26 @@ static void do_global_loglevel_switch(CPUState *cpu, run_on_cpu_data data)
  * the current TB is finished. If we clear the global flag immediately
  * we will end up emitting stale instructions.
  */
-void qemu_log_instr_global_switch(bool request_stop)
+int qemu_log_instr_global_switch(int log_flags)
 {
     CPUState *cpu;
     qemu_log_instr_loglevel_t level;
 
-    level = (request_stop) ? QEMU_LOG_INSTR_LOGLEVEL_NONE :
-        QEMU_LOG_INSTR_LOGLEVEL_ALL;
+    if (log_flags & CPU_LOG_INSTR_U) {
+        level = QEMU_LOG_INSTR_LOGLEVEL_USER;
+        log_flags |= CPU_LOG_INSTR;
+    } else if (log_flags & CPU_LOG_INSTR) {
+        level = QEMU_LOG_INSTR_LOGLEVEL_ALL;
+    } else {
+        level = QEMU_LOG_INSTR_LOGLEVEL_NONE;
+    }
 
     CPU_FOREACH(cpu) {
         async_safe_run_on_cpu(cpu, do_global_loglevel_switch,
             RUN_ON_CPU_HOST_INT(level));
     }
+
+    return log_flags;
 }
 
 /*
@@ -817,7 +826,10 @@ void qemu_log_instr_init(CPUState *cpu)
     }
 
     /* If we are starting with instruction logging enabled, switch it on now */
-    if (qemu_loglevel_mask(CPU_LOG_INSTR))
+    if (qemu_loglevel_mask(CPU_LOG_INSTR_U))
+        do_cpu_loglevel_switch(
+            cpu, RUN_ON_CPU_HOST_INT(QEMU_LOG_INSTR_LOGLEVEL_USER));
+    else if (qemu_loglevel_mask(CPU_LOG_INSTR))
         do_cpu_loglevel_switch(cpu,
             RUN_ON_CPU_HOST_INT(QEMU_LOG_INSTR_LOGLEVEL_ALL));
 }
@@ -941,7 +953,8 @@ void qemu_log_instr_reg(CPUArchState *env, const char *reg_name, target_ulong va
 void helper_qemu_log_instr_reg(CPUArchState *env, const void *reg_name,
                                target_ulong value)
 {
-    qemu_log_instr_reg(env, (const char *)reg_name, value);
+    if (qemu_log_instr_check_enabled(env))
+        qemu_log_instr_reg(env, (const char *)reg_name, value);
 }
 
 #ifdef TARGET_CHERI

accel/tcg/tcg-runtime.c

@@ -158,7 +158,7 @@ const void *HELPER(lookup_tb_ptr)(CPUArchState *env)
     uint32_t flags;
 
     tb = tb_lookup__cpu_state(cpu, &pc, &cs_base, &cs_top, &cheri_flags, &flags,
-                              curr_cflags());
+                              curr_cflags(cpu));
     if (tb == NULL) {
         return tcg_code_gen_epilogue;
     }

accel/tcg/tcg-runtime.h

@@ -148,10 +148,17 @@ GEN_ATOMIC_HELPERS(xchg)
 // of DDC and raise an exception otherwise. Tag+usealed+load/store perms must
 // have been checked before.
 DEF_HELPER_3(ddc_check_bounds, void, env, tl, tl)
+#ifdef TARGET_AARCH64
+DEF_HELPER_3(ddc_check_bounds_store, void, env, tl, tl)
+#endif
 /* Same but relative to PCC */
 DEF_HELPER_3(pcc_check_bounds, void, env, tl, tl)
 /* Clear tags due to a store. Only call this after the store succeeded. */
 DEF_HELPER_3(cheri_invalidate_tags, void, env, cap_checked_ptr, memop_idx)
+/* Clear tags due to a store, last argument is whether the store succeeded. */
+DEF_HELPER_4(cheri_invalidate_tags_condition, void, env, cap_checked_ptr,
+             memop_idx, i32)
+
 #endif
 
 DEF_HELPER_FLAGS_3(gvec_mov, TCG_CALL_NO_RWG, void, ptr, ptr, i32)

accel/tcg/translate-all.c

@@ -2194,7 +2194,7 @@ tb_invalidate_phys_page_range__locked(struct page_collection *pages,
     if (current_tb_modified) {
         page_collection_unlock(pages);
         /* Force execution of one insn next time.  */
-        cpu->cflags_next_tb = 1 | curr_cflags();
+        cpu->cflags_next_tb = 1 | curr_cflags(cpu);
         mmap_unlock();
         cpu_loop_exit_noexc(cpu);
     }
@@ -2366,7 +2366,7 @@ static bool tb_invalidate_phys_page(tb_page_addr_t addr, uintptr_t pc)
 #ifdef TARGET_HAS_PRECISE_SMC
     if (current_tb_modified) {
         /* Force execution of one insn next time.  */
-        cpu->cflags_next_tb = 1 | curr_cflags();
+        cpu->cflags_next_tb = 1 | curr_cflags(cpu);
         return true;
     }
 #endif
@@ -2454,7 +2454,7 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr)
 #endif
 
     /* Generate a new TB executing the I/O insn.  */
-    cpu->cflags_next_tb = curr_cflags() | CF_LAST_IO | n;
+    cpu->cflags_next_tb = curr_cflags(cpu) | CF_LAST_IO | n;
 
     if (tb_cflags(tb) & CF_NOCACHE) {
         if (tb->orig_tb) {

accel/tcg/translator.c

@@ -44,12 +44,13 @@ static void qemu_log_gen_printf_reset(DisasContextBase *base)
 }
 
 /* Should only be called in a place it cannot be skipped by a branch! */
-static void qemu_log_gen_printf_flush(DisasContextBase *base, bool force_flush)
+static void qemu_log_gen_printf_flush(DisasContextBase *base, bool flush_early,
+                                      bool force_flush)
 {
 #ifdef CONFIG_TCG_LOG_INSTR
-    if ((base->printf_used_ptr != 0) &&
-        (force_flush ||
-         (base->printf_used_ptr >= (QEMU_LOG_PRINTF_FLUSH_BARRIER)))) {
+    if (force_flush || ((base->printf_used_ptr != 0) &&
+                        (flush_early || (base->printf_used_ptr >=
+                                         (QEMU_LOG_PRINTF_FLUSH_BARRIER))))) {
         gen_helper_qemu_log_printf_dump(cpu_env);
         qemu_log_gen_printf_reset(base);
     }
@@ -86,6 +87,7 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
     cheri_debug_assert(db->pcc_top ==
                        cap_get_top(cheri_get_recent_pcc(cpu->env_ptr)));
     db->cheri_flags = tb->cheri_flags;
+    disas_capreg_reset_all(db);
     // TODO: verify cheri_flags are correct?
 #endif
     ops->init_disas_context(db, cpu);
@@ -141,7 +143,7 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
              * TODO: As long as the string stays around, we could delay this
              * till the end of a BB.
              */
-            qemu_log_gen_printf_flush(db, true);
+            qemu_log_gen_printf_flush(db, true, db->num_insns == 1);
             gen_helper_qemu_log_instr_commit(cpu_env);
         }
 #endif
@@ -209,7 +211,7 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
 #ifdef CONFIG_TCG_LOG_INSTR
     /* Commit previous instruction */
     if (unlikely(log_instr_enabled)) {
-        qemu_log_gen_printf_flush(db, true);
+        qemu_log_gen_printf_flush(db, true, db->num_insns == 1);
     }
 #endif
 

default-configs/devices/morello-softmmu.mak

@@ -0,0 +1,4 @@
+# Default configuration for morello-softmmu
+
+include aarch64-softmmu.mak
+CONFIG_MORELLO=y

default-configs/targets/morello-softmmu.mak

@@ -0,0 +1,11 @@
+# Default configuration for morello-softmmu
+
+INCLUDE_WORKAROUND=aarch64-softmmu.mak
+#
+# CHERI-specific settings:
+#
+# Same as aarch64-softmmu.mak but with the extra aarch64-cheri.xml
+TARGET_XML_FILES= gdb-xml/aarch64-core.xml gdb-xml/aarch64-fpu.xml gdb-xml/arm-core.xml gdb-xml/arm-vfp.xml gdb-xml/arm-vfp3.xml gdb-xml/arm-neon.xml gdb-xml/arm-m-profile.xml gdb-xml/aarch64-cheri.xml
+TARGET_CHERI=y
+TARGET_MORELLO=y
+TARGET_SUPPORTS_MTTCG=n

disas/arm-a64.cc

@@ -22,12 +22,14 @@ extern "C" {
 #include "disas/dis-asm.h"
 }
 
-#include "vixl/a64/disasm-a64.h"
+#include "vixl/aarch64/disasm-aarch64.h"
 
-using namespace vixl;
+using namespace vixl::aarch64;
+
+class QEMUDisassembler;
 
 static Decoder *vixl_decoder = NULL;
-static Disassembler *vixl_disasm = NULL;
+static QEMUDisassembler *vixl_disasm = NULL;
 
 /* We don't use libvixl's PrintDisassembler because its output
  * is a little unhelpful (trailing newlines, for example).
@@ -49,8 +51,8 @@ class QEMUDisassembler : public Disassembler {
 
 protected:
     virtual void ProcessOutput(const Instruction *instr) {
-        printf_(stream_, "%08" PRIx32 "      %s",
-                instr->InstructionBits(), GetOutput());
+        printf_(stream_, "%08" PRIx32 "      %s", instr->GetInstructionBits(),
+                GetOutput());
     }
 
 private:
@@ -91,13 +93,13 @@ int print_insn_arm_a64(uint64_t addr, disassemble_info *info)
         vixl_init();
     }
 
-    ((QEMUDisassembler *)vixl_disasm)->SetPrintf(info->fprintf_func);
-    ((QEMUDisassembler *)vixl_disasm)->SetStream(info->stream);
+    vixl_disasm->SetPrintf(info->fprintf_func);
+    vixl_disasm->SetStream(info->stream);
 
     instrval = bytes[0] | bytes[1] << 8 | bytes[2] << 16 | bytes[3] << 24;
     instr = reinterpret_cast<const Instruction *>(&instrval);
     vixl_disasm->MapCodeAddress(addr, instr);
-    vixl_decoder->Decode(instr);
-
+    vixl_decoder->Decode(instr,
+                         info->flags & ARM_DIS_FLAG_C64 ? ISA::C64 : ISA::A64);
     return INSN_SIZE;
 }

disas/libvixl/.clang-format

@@ -0,0 +1,2 @@
+DisableFormat: true
+SortIncludes: false

disas/libvixl/meson.build

@@ -1,7 +1,9 @@
 libvixl_ss.add(files(
-  'vixl/a64/decoder-a64.cc',
-  'vixl/a64/disasm-a64.cc',
-  'vixl/a64/instructions-a64.cc',
-  'vixl/compiler-intrinsics.cc',
-  'vixl/utils.cc',
+  'vixl/aarch64/cpu-features-auditor-aarch64.cc',
+  'vixl/aarch64/decoder-aarch64.cc',
+  'vixl/aarch64/disasm-aarch64.cc',
+  'vixl/aarch64/instructions-aarch64.cc',
+  'vixl/compiler-intrinsics-vixl.cc',
+  'vixl/cpu-features.cc',
+  'vixl/utils-vixl.cc',
 ))