2021-02-08 06:46:15 +01:00
|
|
|
/*
|
Hexagon (iclass): update J4_hintjumpr slot constraints
The Hexagon PRM says that "The assembler automatically encodes
instructions in the packet in the proper order. In the binary encoding
of a packet, the instructions must be ordered from Slot 3 down to
Slot 0."
Prior to the architecture version v73, the slot constraints from
instruction "hintjr" only allowed it to be executed at slot 2.
With that in mind, consider the packet:
{
hintjr(r0)
nop
nop
if (!p0) memd(r1+#0) = r1:0
}
To satisfy the ordering rule quoted from the PRM, the assembler would,
thus, move one of the nops to the first position, so that it can be
assigned to slot 3 and the subsequent hintjr to slot 2.
However, since v73, hintjr can be executed at either slot 2 or 3. So
there is no need to reorder that packet and the assembler will encode it
as is. When QEMU tries to execute it, however, we end up hitting a
"misaliged store" exception because both the store and the hintjr will
be assigned to store 0, and some functions like `slot_is_predicated()`
expect the decode machinery to assign only one instruction per slot. In
particular, the mentioned function will traverse the packet until it
finds the first instruction at the desired slot which, for slot 0, will
be hintjr. Since hintjr is not predicated, the result is that we try to
execute the store regardless of the predicate. And because the predicate
is false, we had not previously loaded hex_store_addr[0] or
hex_store_width[0]. As a result, the store will decide de width based on
trash memory, causing it to be misaligned.
Update the slot constraints for hintjr so that QEMU can properly handle
such encodings.
Note: to avoid similar-but-not-identical issues in the future, we should
look for multiple instructions at the same slot during decoding time and
throw an invalid packet exception. That will be done in the subsequent
commit.
Signed-off-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com>
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Message-Id: <0fcd8293642c6324119fbbab44741164bcbd04fb.1673616964.git.quic_mathbern@quicinc.com>
2023-05-11 18:36:01 +02:00
|
|
|
* Copyright(c) 2019-2023 Qualcomm Innovation Center, Inc. All Rights Reserved.
|
2021-02-08 06:46:15 +01:00
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "qemu/osdep.h"
|
|
|
|
|
#include "iclass.h"
|
|
|
|
|
|
|
|
|
|
static const SlotMask iclass_info[] = {
|
|
|
|
|
|
|
|
|
|
#define DEF_PP_ICLASS32(TYPE, SLOTS, UNITS) \
|
|
|
|
|
[ICLASS_FROM_TYPE(TYPE)] = SLOTS_##SLOTS,
|
|
|
|
|
#define DEF_EE_ICLASS32(TYPE, SLOTS, UNITS) \
|
|
|
|
|
[ICLASS_FROM_TYPE(TYPE)] = SLOTS_##SLOTS,
|
|
|
|
|
#include "imported/iclass.def"
|
|
|
|
|
#undef DEF_PP_ICLASS32
|
|
|
|
|
#undef DEF_EE_ICLASS32
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
SlotMask find_iclass_slots(Opcode opcode, int itype)
|
|
|
|
|
{
|
|
|
|
|
/* There are some exceptions to what the iclass dictates */
|
|
|
|
|
if (GET_ATTRIB(opcode, A_ICOP)) {
|
|
|
|
|
return SLOTS_2;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT0ONLY)) {
|
|
|
|
|
return SLOTS_0;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT1ONLY)) {
|
|
|
|
|
return SLOTS_1;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT2ONLY)) {
|
|
|
|
|
return SLOTS_2;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_RESTRICT_SLOT3ONLY)) {
|
|
|
|
|
return SLOTS_3;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_COF) &&
|
|
|
|
|
GET_ATTRIB(opcode, A_INDIRECT) &&
|
|
|
|
|
!GET_ATTRIB(opcode, A_MEMLIKE) &&
|
|
|
|
|
!GET_ATTRIB(opcode, A_MEMLIKE_PACKET_RULES)) {
|
|
|
|
|
return SLOTS_2;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_RESTRICT_NOSLOT1)) {
|
|
|
|
|
return SLOTS_0;
|
|
|
|
|
} else if ((opcode == J2_trap0) ||
|
|
|
|
|
(opcode == Y2_isync) ||
|
Hexagon (iclass): update J4_hintjumpr slot constraints
The Hexagon PRM says that "The assembler automatically encodes
instructions in the packet in the proper order. In the binary encoding
of a packet, the instructions must be ordered from Slot 3 down to
Slot 0."
Prior to the architecture version v73, the slot constraints from
instruction "hintjr" only allowed it to be executed at slot 2.
With that in mind, consider the packet:
{
hintjr(r0)
nop
nop
if (!p0) memd(r1+#0) = r1:0
}
To satisfy the ordering rule quoted from the PRM, the assembler would,
thus, move one of the nops to the first position, so that it can be
assigned to slot 3 and the subsequent hintjr to slot 2.
However, since v73, hintjr can be executed at either slot 2 or 3. So
there is no need to reorder that packet and the assembler will encode it
as is. When QEMU tries to execute it, however, we end up hitting a
"misaliged store" exception because both the store and the hintjr will
be assigned to store 0, and some functions like `slot_is_predicated()`
expect the decode machinery to assign only one instruction per slot. In
particular, the mentioned function will traverse the packet until it
finds the first instruction at the desired slot which, for slot 0, will
be hintjr. Since hintjr is not predicated, the result is that we try to
execute the store regardless of the predicate. And because the predicate
is false, we had not previously loaded hex_store_addr[0] or
hex_store_width[0]. As a result, the store will decide de width based on
trash memory, causing it to be misaligned.
Update the slot constraints for hintjr so that QEMU can properly handle
such encodings.
Note: to avoid similar-but-not-identical issues in the future, we should
look for multiple instructions at the same slot during decoding time and
throw an invalid packet exception. That will be done in the subsequent
commit.
Signed-off-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com>
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Message-Id: <0fcd8293642c6324119fbbab44741164bcbd04fb.1673616964.git.quic_mathbern@quicinc.com>
2023-05-11 18:36:01 +02:00
|
|
|
(opcode == J2_pause)) {
|
2021-02-08 06:46:15 +01:00
|
|
|
return SLOTS_2;
|
Hexagon (iclass): update J4_hintjumpr slot constraints
The Hexagon PRM says that "The assembler automatically encodes
instructions in the packet in the proper order. In the binary encoding
of a packet, the instructions must be ordered from Slot 3 down to
Slot 0."
Prior to the architecture version v73, the slot constraints from
instruction "hintjr" only allowed it to be executed at slot 2.
With that in mind, consider the packet:
{
hintjr(r0)
nop
nop
if (!p0) memd(r1+#0) = r1:0
}
To satisfy the ordering rule quoted from the PRM, the assembler would,
thus, move one of the nops to the first position, so that it can be
assigned to slot 3 and the subsequent hintjr to slot 2.
However, since v73, hintjr can be executed at either slot 2 or 3. So
there is no need to reorder that packet and the assembler will encode it
as is. When QEMU tries to execute it, however, we end up hitting a
"misaliged store" exception because both the store and the hintjr will
be assigned to store 0, and some functions like `slot_is_predicated()`
expect the decode machinery to assign only one instruction per slot. In
particular, the mentioned function will traverse the packet until it
finds the first instruction at the desired slot which, for slot 0, will
be hintjr. Since hintjr is not predicated, the result is that we try to
execute the store regardless of the predicate. And because the predicate
is false, we had not previously loaded hex_store_addr[0] or
hex_store_width[0]. As a result, the store will decide de width based on
trash memory, causing it to be misaligned.
Update the slot constraints for hintjr so that QEMU can properly handle
such encodings.
Note: to avoid similar-but-not-identical issues in the future, we should
look for multiple instructions at the same slot during decoding time and
throw an invalid packet exception. That will be done in the subsequent
commit.
Signed-off-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com>
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Message-Id: <0fcd8293642c6324119fbbab44741164bcbd04fb.1673616964.git.quic_mathbern@quicinc.com>
2023-05-11 18:36:01 +02:00
|
|
|
} else if (opcode == J4_hintjumpr) {
|
|
|
|
|
return SLOTS_23;
|
2021-02-08 06:46:15 +01:00
|
|
|
} else if (GET_ATTRIB(opcode, A_CRSLOT23)) {
|
|
|
|
|
return SLOTS_23;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_RESTRICT_PREFERSLOT0)) {
|
|
|
|
|
return SLOTS_0;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_SUBINSN)) {
|
|
|
|
|
return SLOTS_01;
|
|
|
|
|
} else if (GET_ATTRIB(opcode, A_CALL)) {
|
|
|
|
|
return SLOTS_23;
|
|
|
|
|
} else if ((opcode == J4_jumpseti) || (opcode == J4_jumpsetr)) {
|
|
|
|
|
return SLOTS_23;
|
|
|
|
|
} else {
|
|
|
|
|
return iclass_info[itype];
|
|
|
|
|
}
|
|
|
|
|
}
|
