summaryrefslogtreecommitdiffstats
path: root/target-i386/translate.c
Commit message (Collapse)AuthorAgeFilesLines
* target-i386: Remove redundant word mask in port out instructionsJan Kiszka2011-10-011-2/+0
| | | | | | | | T0 was already masked to 16 bits when loading it. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* target-i386: Remove data type CCTableStefan Weil2011-09-211-5/+0
| | | | | | | Remove also two assert statements which were the last remaining users. Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
* target-i386: Compute all flag data inside %cl != 0 test.Richard Henderson2011-09-081-29/+43
| | | | | | | | | | | | The (x << (cl - 1)) quantity is only used if CL != 0. Move the computation of that quantity nearer its use. This avoids the creation of undefined TCG operations when the constant propagation optimization proves that CL == 0, and thus CL-1 is outside the range [0-wordsize). Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: malc <av1474@comtv.ru>
* Remove exec-all.h include directivesBlue Swirl2011-06-261-1/+0
| | | | | | Most exec-all.h include directives are now useless, remove them. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* target-i386: Make x86 mfence and lfence illegal without SSE2Martin Simmons2011-06-081-1/+1
| | | | | | | | | | | | | | | While trying to use qemu -cpu pentium3 to test for incorrect uses of certain SSE2 instructions, I found that QEMU allowed the mfence and lfence instructions to be executed even though Pentium 3 doesn't support them. According to the processor specs (and experience on a real Pentium 3), these instructions are only available with SSE2, but QEMU is checking for SSE. The check for the related sfence instruction is correct (it works with SSE). This trival patch fixes the test. Signed-off-by: Martin Simmons <martin@lispworks.com> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
* Remove unused function parameters from gen_pc_load and rename the functionStefan Weil2011-04-201-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | Function gen_pc_load was introduced in commit d2856f1ad4c259e5766847c49acbb4e390731bd4. The only reason for parameter searched_pc was a debug statement in target-i386/translate.c. Parameter puc was needed by target-sparc until commit d7da2a10402f1644128b66414ca8f86bdea9ae7c. Remove searched_pc from the debug statement and remove both parameters from the parameter list of gen_pc_load. As the function name gen_pc_load was also misleading, it is now called restore_state_to_opc. This new name was suggested by Peter Maydell, thanks. v2: Remove last parameter, too, and rename the function. v3: Fix [] typo in target-arm/translate.c. Fix wrong SHA1 object name in commit message (copy+paste error). Cc: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Weil <weil@mail.berlios.de>
* Fix conversions from pointer to tcg_target_longStefan Weil2011-04-101-1/+1
| | | | | | | | | | | | tcg_gen_exit_tb takes a parameter of type tcg_target_long, so the type casts of pointer to long should be replaced by type casts of pointer to tcg_target_long (suggested by Blue Swirl). These changes are needed for build environments where sizeof(long) != sizeof(void *), especially for w64. Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: Use deposit operation.Richard Henderson2011-01-201-28/+6
| | | | | | | | Use this for assignment to the low byte or low word of a register. Acked-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
* target-i386: use gen_update_cc_op()Jun Koi2010-07-251-32/+8
| | | | | | | | This patch simplifies target-i386/translate.c a bit by replacing some code with gen_update_cc_op() Signed-off-by: Jun Koi <junkoi2004@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* use symbol for DisasContext->is_jmpJun Koi2010-07-241-10/+10
| | | | | | | | This patch replaces constant value assigned for (DisasContext *)->is_jmp with DISAS_TB_JUMP. Signed-off-by: Jun Koi <junkoi2004@gmail.com> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
* Add more boundary checking to sse3/4 parsingAndi Kleen2010-07-021-0/+9
| | | | | | | | | | | ssse3 uses tables with only two entries per op, but it is indexed with b1 which can contain variables upto 3. This happens when ssse3 or sse4 are used with REP* prefixes. Add boundary checking for this case. Signed-off-by: Andi Kleen <ak@linux.intel.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: fix xchg rax,r8Richard Henderson2010-07-011-2/+7
| | | | | | | We were ignoring REX_B while special-casing NOP, i.e. xchg eax,eax. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: fix decoding of negative 4-byte displacementsPaolo Bonzini2010-06-041-1/+1
| | | | | | | | | Negative four byte displacements need to be sign-extended after c086b783eb7a578993d6d2ab62c4c2666800b63d. Do so. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* target-i386: Remove duplicate CPU log.Richard Henderson2010-05-051-1/+0
| | | | | | | The proper logging for -d cpu is done in generic code. Signed-off-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* x86: remove dead assignments, spotted by clang analyzerBlue Swirl2010-04-251-3/+1
| | | | | | Value stored is never read. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* remove TARGET_* defines from translate-all.cPaolo Bonzini2010-04-081-0/+2
| | | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: fix commit c22549204a6edc431e8e4358e61bd56386ff6957TeLeMan2010-03-131-0/+5
| | | | | | | | The commit c22549204a6edc431e8e4358e61bd56386ff6957 led movntps & movntdq to be translated incorrectly. Signed-off-by: TeLeMan <geleman@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: fix SIB decoding with index = 4Aurelien Jarno2010-03-101-2/+2
| | | | | | | | | | | | | | A SIB byte with an index of 4 means "no scaled index", even if the scale value is not 0. In 64-bit mode, if REX.X is used, an index of 4 selects %r12. This is correctly handled by the computation of the index variable, which includes the index bits, and also the REX.X prefix: index = ((code >> 3) & 7) | REX_X(s); Thanks to Avi Kivity, Jamie Lokier and Malc for the analysis of the problem and the initial patch. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: Fix long jumps/calls in long mode with REX.W setmalc2010-03-061-3/+1
| | | | | Signed-off-by: malc <av1474@comtv.ru> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: fix lddqu SSE instructionAurelien Jarno2010-03-061-1/+1
| | | | | | This instruction load data from memory to register and not the reverse. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* remove two dead assignments in target-i386/translate.cPaolo Bonzini2010-02-051-2/+0
| | | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* x86: translate.c: remove dead assignmentAmit Shah2010-01-131-2/+0
| | | | | | | clang-analyzer points out a redundant assignment. Signed-off-by: Amit Shah <amit.shah@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* target-i386: Fix "call im" on x86_64 when executing 32-bit codeAurelien Jarno2010-01-031-0/+2
| | | | | | | | | Similarly to what is done in 32938e127f50a40844a0fb9c5abb8691aeeccf7e for "jmp im", trunc the immediate to 32-bit when not running in 64-bit mode. Reported-by: Kevin O'Connor <kevin@koconnor.net> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: implement lzcnt emulationAndre Przywara2009-10-231-12/+25
| | | | | | | | | | | | | lzcnt is a AMD Phenom/Barcelona added instruction returning the number of leading zero bits in a word. As this is similar to the "bsr" instruction, reuse the existing code. There need to be some more changes, though, as lzcnt always returns a valid value (in opposite to bsr, which has a special case when the operand is 0). lzcnt is guarded by the ABM CPUID bit (Fn8000_0001:ECX_5). Signed-off-by: Andre Przywara <andre.przywara@amd.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: fix ARPLLaurent Desnogues2009-10-061-3/+7
| | | | | | | | The arpl implementation in target-i386/translate.c uses cpu_A0 temporary across a brcond op. This patch fixes that issue. Signed-off-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: Fix exceptions for fxsave/fxrstorKevin Wolf2009-10-041-4/+4
| | | | | | | | | | | | This patch corrects the following aspects of exception generation in fxsave/fxrstor: * Generate #GP if the operand is not aligned to a 16 byte boundary * Generate #UD if the LOCK prefix is used * For CR0.EM = 1 #NM is generated, not #UD Signed-off-by: Kevin Wolf <mail@kevin-wolf.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: add RDTSCP supportAndre Przywara2009-10-041-15/+42
| | | | | | | | | | | | | | RDTSCP reads the time stamp counter and atomically also the content of a 32-bit MSR, which can be freely set by the OS. This allows CPU local data to be queried by userspace. Linux uses this to allow a fast implementation of the getcpu() syscall, which uses the vsyscall page to avoid a context switch. AMD CPUs since K8RevF and Intel CPUs since Nehalem support this instruction. RDTSCP is guarded by the RDTSCP CPUID bit (Fn8000_0001:EDX[27]). Signed-off-by: Andre Przywara <andre.przywara@amd.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: add SSE4a instruction supportAndre Przywara2009-10-041-2/+37
| | | | | | | | | | | | | | This adds support for the AMD Phenom/Barcelona's SSE4a instructions. Those include insertq and extrq, which are doing shift and mask on XMM registers, in two versions (immediate shift/length values and stored in another XMM register). Additionally it implements movntss, movntsd, which are scalar non-temporal stores (avoiding cache trashing). These are implemented as normal stores, though. SSE4a is guarded by the SSE4A CPUID bit (Fn8000_0001:ECX[6]). Signed-off-by: Andre Przywara <andre.przywara@amd.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: add lock mov cr0 = cr8Andre Przywara2009-10-041-0/+4
| | | | | | | | | | AMD CPUs featuring a shortcut to access CR8 even from 32-bit mode. If you use the LOCK prefix with "mov CR0", it accesses CR8 instead. This behavior is guarded by the CR8_LEGACY CPUID bit (Fn8000_0001:ECX[1]). Signed-off-by: Andre Przywara <andre.przywara@amd.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* x86: use globals for CPU registersLaurent Desnogues2009-09-301-71/+125
| | | | | | Use globals for the 8 or 16 CPU registers on i386 and x86_64. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: kill a tmp registerAurelien Jarno2009-09-271-4/+3
| | | | Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* target-i386: use subfi instead of sub with a non-freed constantAurelien Jarno2009-09-271-7/+7
| | | | Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
* Fix sys-queue.h conflict for goodBlue Swirl2009-09-121-2/+2
| | | | | | | | | | | | | | | Problem: Our file sys-queue.h is a copy of the BSD file, but there are some additions and it's not entirely compatible. Because of that, there have been conflicts with system headers on BSD systems. Some hacks have been introduced in the commits 15cc9235840a22c289edbe064a9b3c19c5f49896, f40d753718c72693c5f520f0d9899f6e50395e94, 96555a96d724016e13190b28cffa3bc929ac60dc and 3990d09adf4463eca200ad964cc55643c33feb50 but the fixes were fragile. Solution: Avoid the conflict entirely by renaming the functions and the file. Revert the previous hacks. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIANJuan Quintela2009-07-271-2/+2
| | | | | Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
* Update to a hopefully more future proof FSF addressBlue Swirl2009-07-161-2/+1
| | | | Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* x86: Add support for resume flagJan Kiszka2009-05-221-1/+5
| | | | Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
* Include assert.h from qemu-common.hPaul Brook2009-05-131-1/+0
| | | | | | | Include assert.h from qemu-common.h and remove other direct uses. cpu-all.h still need to include it because of the dyngen-exec.h hacks Signed-off-by: Paul Brook <paul@codesourcery.com>
* Replace gcc variadic macro extension with C99 versionBlue Swirl2009-05-131-2/+2
| | | | Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
* Add new command line option -singlestep for tcg single stepping.aurel322009-04-051-0/+5
| | | | | | | | | | | | | | This replaces a compile time option for some targets and adds this feature to targets which did not have a compile time option. Add monitor command to enable or disable single step mode. Modify monitor command "info status" to display single step mode. Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7004 c046a42c-6fe2-441c-8c8c-71466251a162
* Immediate versions of ro[lr]malc2009-04-021-1/+83
| | | | git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6968 c046a42c-6fe2-441c-8c8c-71466251a162
* target-i386: use the new bswap* TCG opsaurel322009-03-131-13/+3
| | | | | | Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6836 c046a42c-6fe2-441c-8c8c-71466251a162
* tcg: rename bswap_i32/i64 functionsaurel322009-03-131-3/+3
| | | | | | | | Rename bswap_i32 into bswap32_i32 and bswap_i64 into bswap64_i64 Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6829 c046a42c-6fe2-441c-8c8c-71466251a162
* global s/loglevel & X/qemu_loglevel_mask(X)/ (Eduardo Habkost)aliguori2009-01-151-3/+3
| | | | | | | | | | | | These are references to 'loglevel' that aren't on a simple 'if (loglevel & X) qemu_log()' statement. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6340 c046a42c-6fe2-441c-8c8c-71466251a162
* Convert references to logfile/loglevel to use qemu_log*() macrosaliguori2009-01-151-10/+8
| | | | | | | | | | | | This is a large patch that changes all occurrences of logfile/loglevel global variables to use the new qemu_log*() macros. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6338 c046a42c-6fe2-441c-8c8c-71466251a162
* Update FSF address in GPL/LGPL boilerplateaurel322009-01-041-1/+1
| | | | | | | | | | The attached patch updates the FSF address in the GPL/LGPL boilerplate in most GPL/LGPLed files, and also in COPYING.LIB. Signed-off-by: Stuart Brady <stuart.brady@gmail.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6162 c046a42c-6fe2-441c-8c8c-71466251a162
* Fix smsw for x86_64 guest and bigendian host casemalc2008-12-131-0/+4
| | | | git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6009 c046a42c-6fe2-441c-8c8c-71466251a162
* target-i386: Fix jmp im on x86_64 when executing 32-bit codeaurel322008-12-101-0/+2
| | | | | | | | | | | | | | | When running grub-install (32-bit) on an x86_64 Linux system in qemu, it hangs on a pagefault forever, because an integer overflow occurs on the IP on "jmp im". This patch masks overflows for 32 bit IPs on a 64 bit system, just like it is done for 16 bit IPs already. Using this patch, x86_64 openSUSE installation works again. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Kevin Wolf <kwolf@suse.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5963 c046a42c-6fe2-441c-8c8c-71466251a162
* target-i386: fix CVE-2007-1322aurel322008-12-071-0/+2
| | | | | | | | | The icebp instruction can be abused to terminate the emulation, resulting in denial of service. Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5921 c046a42c-6fe2-441c-8c8c-71466251a162
* Use sys-queue.h for break/watchpoint managment (Jan Kiszka)aliguori2008-11-251-2/+2
| | | | | | | | | | | | | This switches cpu_break/watchpoint_* to TAILQ wrappers, simplifying the code and also fixing a use after release issue in cpu_break/watchpoint_remove_all. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5799 c046a42c-6fe2-441c-8c8c-71466251a162
* Refactor and enhance break/watchpoint API (Jan Kiszka)aliguori2008-11-181-3/+4
| | | | | | | | | | | | | | | | | | | | | This patch prepares the QEMU cpu_watchpoint/breakpoint API to allow the succeeding enhancements this series comes with. First of all, it overcomes MAX_BREAKPOINTS/MAX_WATCHPOINTS by switching to dynamically allocated data structures that are kept in linked lists. This also allows to return a stable reference to the related objects, required for later introduced x86 debug register support. Breakpoints and watchpoints are stored with their full information set and an additional flag field that makes them easily extensible for use beyond pure guest debugging. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com> git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5738 c046a42c-6fe2-441c-8c8c-71466251a162
OpenPOWER on IntegriCloud