xref: /openbmc/qemu/target/riscv/cpu.c (revision 33fe584f)
1 /*
2  * QEMU RISC-V CPU
3  *
4  * Copyright (c) 2016-2017 Sagar Karandikar, sagark@eecs.berkeley.edu
5  * Copyright (c) 2017-2018 SiFive, Inc.
6  *
7  * This program is free software; you can redistribute it and/or modify it
8  * under the terms and conditions of the GNU General Public License,
9  * version 2 or later, as published by the Free Software Foundation.
10  *
11  * This program is distributed in the hope it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
14  * more details.
15  *
16  * You should have received a copy of the GNU General Public License along with
17  * this program.  If not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/qemu-print.h"
22 #include "qemu/ctype.h"
23 #include "qemu/log.h"
24 #include "cpu.h"
25 #include "internals.h"
26 #include "exec/exec-all.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "hw/qdev-properties.h"
30 #include "migration/vmstate.h"
31 #include "fpu/softfloat-helpers.h"
32 #include "sysemu/kvm.h"
33 #include "kvm_riscv.h"
34 
35 /* RISC-V CPU definitions */
36 
37 static const char riscv_exts[26] = "IEMAFDQCLBJTPVNSUHKORWXYZG";
38 
39 const char * const riscv_int_regnames[] = {
40   "x0/zero", "x1/ra",  "x2/sp",  "x3/gp",  "x4/tp",  "x5/t0",   "x6/t1",
41   "x7/t2",   "x8/s0",  "x9/s1",  "x10/a0", "x11/a1", "x12/a2",  "x13/a3",
42   "x14/a4",  "x15/a5", "x16/a6", "x17/a7", "x18/s2", "x19/s3",  "x20/s4",
43   "x21/s5",  "x22/s6", "x23/s7", "x24/s8", "x25/s9", "x26/s10", "x27/s11",
44   "x28/t3",  "x29/t4", "x30/t5", "x31/t6"
45 };
46 
47 const char * const riscv_int_regnamesh[] = {
48   "x0h/zeroh", "x1h/rah",  "x2h/sph",   "x3h/gph",   "x4h/tph",  "x5h/t0h",
49   "x6h/t1h",   "x7h/t2h",  "x8h/s0h",   "x9h/s1h",   "x10h/a0h", "x11h/a1h",
50   "x12h/a2h",  "x13h/a3h", "x14h/a4h",  "x15h/a5h",  "x16h/a6h", "x17h/a7h",
51   "x18h/s2h",  "x19h/s3h", "x20h/s4h",  "x21h/s5h",  "x22h/s6h", "x23h/s7h",
52   "x24h/s8h",  "x25h/s9h", "x26h/s10h", "x27h/s11h", "x28h/t3h", "x29h/t4h",
53   "x30h/t5h",  "x31h/t6h"
54 };
55 
56 const char * const riscv_fpr_regnames[] = {
57   "f0/ft0",   "f1/ft1",  "f2/ft2",   "f3/ft3",   "f4/ft4",  "f5/ft5",
58   "f6/ft6",   "f7/ft7",  "f8/fs0",   "f9/fs1",   "f10/fa0", "f11/fa1",
59   "f12/fa2",  "f13/fa3", "f14/fa4",  "f15/fa5",  "f16/fa6", "f17/fa7",
60   "f18/fs2",  "f19/fs3", "f20/fs4",  "f21/fs5",  "f22/fs6", "f23/fs7",
61   "f24/fs8",  "f25/fs9", "f26/fs10", "f27/fs11", "f28/ft8", "f29/ft9",
62   "f30/ft10", "f31/ft11"
63 };
64 
65 static const char * const riscv_excp_names[] = {
66     "misaligned_fetch",
67     "fault_fetch",
68     "illegal_instruction",
69     "breakpoint",
70     "misaligned_load",
71     "fault_load",
72     "misaligned_store",
73     "fault_store",
74     "user_ecall",
75     "supervisor_ecall",
76     "hypervisor_ecall",
77     "machine_ecall",
78     "exec_page_fault",
79     "load_page_fault",
80     "reserved",
81     "store_page_fault",
82     "reserved",
83     "reserved",
84     "reserved",
85     "reserved",
86     "guest_exec_page_fault",
87     "guest_load_page_fault",
88     "reserved",
89     "guest_store_page_fault",
90 };
91 
92 static const char * const riscv_intr_names[] = {
93     "u_software",
94     "s_software",
95     "vs_software",
96     "m_software",
97     "u_timer",
98     "s_timer",
99     "vs_timer",
100     "m_timer",
101     "u_external",
102     "s_external",
103     "vs_external",
104     "m_external",
105     "reserved",
106     "reserved",
107     "reserved",
108     "reserved"
109 };
110 
111 const char *riscv_cpu_get_trap_name(target_ulong cause, bool async)
112 {
113     if (async) {
114         return (cause < ARRAY_SIZE(riscv_intr_names)) ?
115                riscv_intr_names[cause] : "(unknown)";
116     } else {
117         return (cause < ARRAY_SIZE(riscv_excp_names)) ?
118                riscv_excp_names[cause] : "(unknown)";
119     }
120 }
121 
122 static void set_misa(CPURISCVState *env, RISCVMXL mxl, uint32_t ext)
123 {
124     env->misa_mxl_max = env->misa_mxl = mxl;
125     env->misa_ext_mask = env->misa_ext = ext;
126 }
127 
128 static void set_priv_version(CPURISCVState *env, int priv_ver)
129 {
130     env->priv_ver = priv_ver;
131 }
132 
133 static void set_vext_version(CPURISCVState *env, int vext_ver)
134 {
135     env->vext_ver = vext_ver;
136 }
137 
138 static void set_resetvec(CPURISCVState *env, target_ulong resetvec)
139 {
140 #ifndef CONFIG_USER_ONLY
141     env->resetvec = resetvec;
142 #endif
143 }
144 
145 static void riscv_any_cpu_init(Object *obj)
146 {
147     CPURISCVState *env = &RISCV_CPU(obj)->env;
148 #if defined(TARGET_RISCV32)
149     set_misa(env, MXL_RV32, RVI | RVM | RVA | RVF | RVD | RVC | RVU);
150 #elif defined(TARGET_RISCV64)
151     set_misa(env, MXL_RV64, RVI | RVM | RVA | RVF | RVD | RVC | RVU);
152 #endif
153     set_priv_version(env, PRIV_VERSION_1_12_0);
154 }
155 
156 #if defined(TARGET_RISCV64)
157 static void rv64_base_cpu_init(Object *obj)
158 {
159     CPURISCVState *env = &RISCV_CPU(obj)->env;
160     /* We set this in the realise function */
161     set_misa(env, MXL_RV64, 0);
162 }
163 
164 static void rv64_sifive_u_cpu_init(Object *obj)
165 {
166     CPURISCVState *env = &RISCV_CPU(obj)->env;
167     set_misa(env, MXL_RV64, RVI | RVM | RVA | RVF | RVD | RVC | RVS | RVU);
168     set_priv_version(env, PRIV_VERSION_1_10_0);
169 }
170 
171 static void rv64_sifive_e_cpu_init(Object *obj)
172 {
173     CPURISCVState *env = &RISCV_CPU(obj)->env;
174     set_misa(env, MXL_RV64, RVI | RVM | RVA | RVC | RVU);
175     set_priv_version(env, PRIV_VERSION_1_10_0);
176     qdev_prop_set_bit(DEVICE(obj), "mmu", false);
177 }
178 
179 static void rv128_base_cpu_init(Object *obj)
180 {
181     if (qemu_tcg_mttcg_enabled()) {
182         /* Missing 128-bit aligned atomics */
183         error_report("128-bit RISC-V currently does not work with Multi "
184                      "Threaded TCG. Please use: -accel tcg,thread=single");
185         exit(EXIT_FAILURE);
186     }
187     CPURISCVState *env = &RISCV_CPU(obj)->env;
188     /* We set this in the realise function */
189     set_misa(env, MXL_RV128, 0);
190 }
191 #else
192 static void rv32_base_cpu_init(Object *obj)
193 {
194     CPURISCVState *env = &RISCV_CPU(obj)->env;
195     /* We set this in the realise function */
196     set_misa(env, MXL_RV32, 0);
197 }
198 
199 static void rv32_sifive_u_cpu_init(Object *obj)
200 {
201     CPURISCVState *env = &RISCV_CPU(obj)->env;
202     set_misa(env, MXL_RV32, RVI | RVM | RVA | RVF | RVD | RVC | RVS | RVU);
203     set_priv_version(env, PRIV_VERSION_1_10_0);
204 }
205 
206 static void rv32_sifive_e_cpu_init(Object *obj)
207 {
208     CPURISCVState *env = &RISCV_CPU(obj)->env;
209     set_misa(env, MXL_RV32, RVI | RVM | RVA | RVC | RVU);
210     set_priv_version(env, PRIV_VERSION_1_10_0);
211     qdev_prop_set_bit(DEVICE(obj), "mmu", false);
212 }
213 
214 static void rv32_ibex_cpu_init(Object *obj)
215 {
216     CPURISCVState *env = &RISCV_CPU(obj)->env;
217     set_misa(env, MXL_RV32, RVI | RVM | RVC | RVU);
218     set_priv_version(env, PRIV_VERSION_1_10_0);
219     qdev_prop_set_bit(DEVICE(obj), "mmu", false);
220     qdev_prop_set_bit(DEVICE(obj), "x-epmp", true);
221 }
222 
223 static void rv32_imafcu_nommu_cpu_init(Object *obj)
224 {
225     CPURISCVState *env = &RISCV_CPU(obj)->env;
226     set_misa(env, MXL_RV32, RVI | RVM | RVA | RVF | RVC | RVU);
227     set_priv_version(env, PRIV_VERSION_1_10_0);
228     set_resetvec(env, DEFAULT_RSTVEC);
229     qdev_prop_set_bit(DEVICE(obj), "mmu", false);
230 }
231 #endif
232 
233 #if defined(CONFIG_KVM)
234 static void riscv_host_cpu_init(Object *obj)
235 {
236     CPURISCVState *env = &RISCV_CPU(obj)->env;
237 #if defined(TARGET_RISCV32)
238     set_misa(env, MXL_RV32, 0);
239 #elif defined(TARGET_RISCV64)
240     set_misa(env, MXL_RV64, 0);
241 #endif
242 }
243 #endif
244 
245 static ObjectClass *riscv_cpu_class_by_name(const char *cpu_model)
246 {
247     ObjectClass *oc;
248     char *typename;
249     char **cpuname;
250 
251     cpuname = g_strsplit(cpu_model, ",", 1);
252     typename = g_strdup_printf(RISCV_CPU_TYPE_NAME("%s"), cpuname[0]);
253     oc = object_class_by_name(typename);
254     g_strfreev(cpuname);
255     g_free(typename);
256     if (!oc || !object_class_dynamic_cast(oc, TYPE_RISCV_CPU) ||
257         object_class_is_abstract(oc)) {
258         return NULL;
259     }
260     return oc;
261 }
262 
263 static void riscv_cpu_dump_state(CPUState *cs, FILE *f, int flags)
264 {
265     RISCVCPU *cpu = RISCV_CPU(cs);
266     CPURISCVState *env = &cpu->env;
267     int i;
268 
269 #if !defined(CONFIG_USER_ONLY)
270     if (riscv_has_ext(env, RVH)) {
271         qemu_fprintf(f, " %s %d\n", "V      =  ", riscv_cpu_virt_enabled(env));
272     }
273 #endif
274     qemu_fprintf(f, " %s " TARGET_FMT_lx "\n", "pc      ", env->pc);
275 #ifndef CONFIG_USER_ONLY
276     {
277         static const int dump_csrs[] = {
278             CSR_MHARTID,
279             CSR_MSTATUS,
280             CSR_MSTATUSH,
281             CSR_HSTATUS,
282             CSR_VSSTATUS,
283             CSR_MIP,
284             CSR_MIE,
285             CSR_MIDELEG,
286             CSR_HIDELEG,
287             CSR_MEDELEG,
288             CSR_HEDELEG,
289             CSR_MTVEC,
290             CSR_STVEC,
291             CSR_VSTVEC,
292             CSR_MEPC,
293             CSR_SEPC,
294             CSR_VSEPC,
295             CSR_MCAUSE,
296             CSR_SCAUSE,
297             CSR_VSCAUSE,
298             CSR_MTVAL,
299             CSR_STVAL,
300             CSR_HTVAL,
301             CSR_MTVAL2,
302             CSR_MSCRATCH,
303             CSR_SSCRATCH,
304             CSR_SATP,
305             CSR_MMTE,
306             CSR_UPMBASE,
307             CSR_UPMMASK,
308             CSR_SPMBASE,
309             CSR_SPMMASK,
310             CSR_MPMBASE,
311             CSR_MPMMASK,
312         };
313 
314         for (int i = 0; i < ARRAY_SIZE(dump_csrs); ++i) {
315             int csrno = dump_csrs[i];
316             target_ulong val = 0;
317             RISCVException res = riscv_csrrw_debug(env, csrno, &val, 0, 0);
318 
319             /*
320              * Rely on the smode, hmode, etc, predicates within csr.c
321              * to do the filtering of the registers that are present.
322              */
323             if (res == RISCV_EXCP_NONE) {
324                 qemu_fprintf(f, " %-8s " TARGET_FMT_lx "\n",
325                              csr_ops[csrno].name, val);
326             }
327         }
328     }
329 #endif
330 
331     for (i = 0; i < 32; i++) {
332         qemu_fprintf(f, " %-8s " TARGET_FMT_lx,
333                      riscv_int_regnames[i], env->gpr[i]);
334         if ((i & 3) == 3) {
335             qemu_fprintf(f, "\n");
336         }
337     }
338     if (flags & CPU_DUMP_FPU) {
339         for (i = 0; i < 32; i++) {
340             qemu_fprintf(f, " %-8s %016" PRIx64,
341                          riscv_fpr_regnames[i], env->fpr[i]);
342             if ((i & 3) == 3) {
343                 qemu_fprintf(f, "\n");
344             }
345         }
346     }
347 }
348 
349 static void riscv_cpu_set_pc(CPUState *cs, vaddr value)
350 {
351     RISCVCPU *cpu = RISCV_CPU(cs);
352     CPURISCVState *env = &cpu->env;
353 
354     if (env->xl == MXL_RV32) {
355         env->pc = (int32_t)value;
356     } else {
357         env->pc = value;
358     }
359 }
360 
361 static void riscv_cpu_synchronize_from_tb(CPUState *cs,
362                                           const TranslationBlock *tb)
363 {
364     RISCVCPU *cpu = RISCV_CPU(cs);
365     CPURISCVState *env = &cpu->env;
366     RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL);
367 
368     if (xl == MXL_RV32) {
369         env->pc = (int32_t)tb->pc;
370     } else {
371         env->pc = tb->pc;
372     }
373 }
374 
375 static bool riscv_cpu_has_work(CPUState *cs)
376 {
377 #ifndef CONFIG_USER_ONLY
378     RISCVCPU *cpu = RISCV_CPU(cs);
379     CPURISCVState *env = &cpu->env;
380     /*
381      * Definition of the WFI instruction requires it to ignore the privilege
382      * mode and delegation registers, but respect individual enables
383      */
384     return (env->mip & env->mie) != 0;
385 #else
386     return true;
387 #endif
388 }
389 
390 void restore_state_to_opc(CPURISCVState *env, TranslationBlock *tb,
391                           target_ulong *data)
392 {
393     RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL);
394     if (xl == MXL_RV32) {
395         env->pc = (int32_t)data[0];
396     } else {
397         env->pc = data[0];
398     }
399 }
400 
401 static void riscv_cpu_reset(DeviceState *dev)
402 {
403 #ifndef CONFIG_USER_ONLY
404     uint8_t iprio;
405     int i, irq, rdzero;
406 #endif
407     CPUState *cs = CPU(dev);
408     RISCVCPU *cpu = RISCV_CPU(cs);
409     RISCVCPUClass *mcc = RISCV_CPU_GET_CLASS(cpu);
410     CPURISCVState *env = &cpu->env;
411 
412     mcc->parent_reset(dev);
413 #ifndef CONFIG_USER_ONLY
414     env->misa_mxl = env->misa_mxl_max;
415     env->priv = PRV_M;
416     env->mstatus &= ~(MSTATUS_MIE | MSTATUS_MPRV);
417     if (env->misa_mxl > MXL_RV32) {
418         /*
419          * The reset status of SXL/UXL is undefined, but mstatus is WARL
420          * and we must ensure that the value after init is valid for read.
421          */
422         env->mstatus = set_field(env->mstatus, MSTATUS64_SXL, env->misa_mxl);
423         env->mstatus = set_field(env->mstatus, MSTATUS64_UXL, env->misa_mxl);
424         if (riscv_has_ext(env, RVH)) {
425             env->vsstatus = set_field(env->vsstatus,
426                                       MSTATUS64_SXL, env->misa_mxl);
427             env->vsstatus = set_field(env->vsstatus,
428                                       MSTATUS64_UXL, env->misa_mxl);
429             env->mstatus_hs = set_field(env->mstatus_hs,
430                                         MSTATUS64_SXL, env->misa_mxl);
431             env->mstatus_hs = set_field(env->mstatus_hs,
432                                         MSTATUS64_UXL, env->misa_mxl);
433         }
434     }
435     env->mcause = 0;
436     env->miclaim = MIP_SGEIP;
437     env->pc = env->resetvec;
438     env->two_stage_lookup = false;
439 
440     /* Initialized default priorities of local interrupts. */
441     for (i = 0; i < ARRAY_SIZE(env->miprio); i++) {
442         iprio = riscv_cpu_default_priority(i);
443         env->miprio[i] = (i == IRQ_M_EXT) ? 0 : iprio;
444         env->siprio[i] = (i == IRQ_S_EXT) ? 0 : iprio;
445         env->hviprio[i] = 0;
446     }
447     i = 0;
448     while (!riscv_cpu_hviprio_index2irq(i, &irq, &rdzero)) {
449         if (!rdzero) {
450             env->hviprio[irq] = env->miprio[irq];
451         }
452         i++;
453     }
454     /* mmte is supposed to have pm.current hardwired to 1 */
455     env->mmte |= (PM_EXT_INITIAL | MMTE_M_PM_CURRENT);
456 #endif
457     env->xl = riscv_cpu_mxl(env);
458     riscv_cpu_update_mask(env);
459     cs->exception_index = RISCV_EXCP_NONE;
460     env->load_res = -1;
461     set_default_nan_mode(1, &env->fp_status);
462 
463 #ifndef CONFIG_USER_ONLY
464     if (kvm_enabled()) {
465         kvm_riscv_reset_vcpu(cpu);
466     }
467 #endif
468 }
469 
470 static void riscv_cpu_disas_set_info(CPUState *s, disassemble_info *info)
471 {
472     RISCVCPU *cpu = RISCV_CPU(s);
473 
474     switch (riscv_cpu_mxl(&cpu->env)) {
475     case MXL_RV32:
476         info->print_insn = print_insn_riscv32;
477         break;
478     case MXL_RV64:
479         info->print_insn = print_insn_riscv64;
480         break;
481     case MXL_RV128:
482         info->print_insn = print_insn_riscv128;
483         break;
484     default:
485         g_assert_not_reached();
486     }
487 }
488 
489 static void riscv_cpu_realize(DeviceState *dev, Error **errp)
490 {
491     CPUState *cs = CPU(dev);
492     RISCVCPU *cpu = RISCV_CPU(dev);
493     CPURISCVState *env = &cpu->env;
494     RISCVCPUClass *mcc = RISCV_CPU_GET_CLASS(dev);
495     CPUClass *cc = CPU_CLASS(mcc);
496     int priv_version = 0;
497     Error *local_err = NULL;
498 
499     cpu_exec_realizefn(cs, &local_err);
500     if (local_err != NULL) {
501         error_propagate(errp, local_err);
502         return;
503     }
504 
505     if (cpu->cfg.priv_spec) {
506         if (!g_strcmp0(cpu->cfg.priv_spec, "v1.12.0")) {
507             priv_version = PRIV_VERSION_1_12_0;
508         } else if (!g_strcmp0(cpu->cfg.priv_spec, "v1.11.0")) {
509             priv_version = PRIV_VERSION_1_11_0;
510         } else if (!g_strcmp0(cpu->cfg.priv_spec, "v1.10.0")) {
511             priv_version = PRIV_VERSION_1_10_0;
512         } else {
513             error_setg(errp,
514                        "Unsupported privilege spec version '%s'",
515                        cpu->cfg.priv_spec);
516             return;
517         }
518     }
519 
520     if (priv_version) {
521         set_priv_version(env, priv_version);
522     } else if (!env->priv_ver) {
523         set_priv_version(env, PRIV_VERSION_1_12_0);
524     }
525 
526     if (cpu->cfg.mmu) {
527         riscv_set_feature(env, RISCV_FEATURE_MMU);
528     }
529 
530     if (cpu->cfg.pmp) {
531         riscv_set_feature(env, RISCV_FEATURE_PMP);
532 
533         /*
534          * Enhanced PMP should only be available
535          * on harts with PMP support
536          */
537         if (cpu->cfg.epmp) {
538             riscv_set_feature(env, RISCV_FEATURE_EPMP);
539         }
540     }
541 
542     if (cpu->cfg.aia) {
543         riscv_set_feature(env, RISCV_FEATURE_AIA);
544     }
545 
546     set_resetvec(env, cpu->cfg.resetvec);
547 
548     /* Validate that MISA_MXL is set properly. */
549     switch (env->misa_mxl_max) {
550 #ifdef TARGET_RISCV64
551     case MXL_RV64:
552     case MXL_RV128:
553         cc->gdb_core_xml_file = "riscv-64bit-cpu.xml";
554         break;
555 #endif
556     case MXL_RV32:
557         cc->gdb_core_xml_file = "riscv-32bit-cpu.xml";
558         break;
559     default:
560         g_assert_not_reached();
561     }
562     assert(env->misa_mxl_max == env->misa_mxl);
563 
564     /* If only MISA_EXT is unset for misa, then set it from properties */
565     if (env->misa_ext == 0) {
566         uint32_t ext = 0;
567 
568         /* Do some ISA extension error checking */
569         if (cpu->cfg.ext_i && cpu->cfg.ext_e) {
570             error_setg(errp,
571                        "I and E extensions are incompatible");
572             return;
573         }
574 
575         if (!cpu->cfg.ext_i && !cpu->cfg.ext_e) {
576             error_setg(errp,
577                        "Either I or E extension must be set");
578             return;
579         }
580 
581         if (cpu->cfg.ext_g && !(cpu->cfg.ext_i & cpu->cfg.ext_m &
582                                 cpu->cfg.ext_a & cpu->cfg.ext_f &
583                                 cpu->cfg.ext_d)) {
584             warn_report("Setting G will also set IMAFD");
585             cpu->cfg.ext_i = true;
586             cpu->cfg.ext_m = true;
587             cpu->cfg.ext_a = true;
588             cpu->cfg.ext_f = true;
589             cpu->cfg.ext_d = true;
590         }
591 
592         if (cpu->cfg.ext_zdinx || cpu->cfg.ext_zhinx ||
593             cpu->cfg.ext_zhinxmin) {
594             cpu->cfg.ext_zfinx = true;
595         }
596 
597         /* Set the ISA extensions, checks should have happened above */
598         if (cpu->cfg.ext_i) {
599             ext |= RVI;
600         }
601         if (cpu->cfg.ext_e) {
602             ext |= RVE;
603         }
604         if (cpu->cfg.ext_m) {
605             ext |= RVM;
606         }
607         if (cpu->cfg.ext_a) {
608             ext |= RVA;
609         }
610         if (cpu->cfg.ext_f) {
611             ext |= RVF;
612         }
613         if (cpu->cfg.ext_d) {
614             ext |= RVD;
615         }
616         if (cpu->cfg.ext_c) {
617             ext |= RVC;
618         }
619         if (cpu->cfg.ext_s) {
620             ext |= RVS;
621         }
622         if (cpu->cfg.ext_u) {
623             ext |= RVU;
624         }
625         if (cpu->cfg.ext_h) {
626             ext |= RVH;
627         }
628         if (cpu->cfg.ext_v) {
629             int vext_version = VEXT_VERSION_1_00_0;
630             ext |= RVV;
631             if (!is_power_of_2(cpu->cfg.vlen)) {
632                 error_setg(errp,
633                         "Vector extension VLEN must be power of 2");
634                 return;
635             }
636             if (cpu->cfg.vlen > RV_VLEN_MAX || cpu->cfg.vlen < 128) {
637                 error_setg(errp,
638                         "Vector extension implementation only supports VLEN "
639                         "in the range [128, %d]", RV_VLEN_MAX);
640                 return;
641             }
642             if (!is_power_of_2(cpu->cfg.elen)) {
643                 error_setg(errp,
644                         "Vector extension ELEN must be power of 2");
645                 return;
646             }
647             if (cpu->cfg.elen > 64 || cpu->cfg.vlen < 8) {
648                 error_setg(errp,
649                         "Vector extension implementation only supports ELEN "
650                         "in the range [8, 64]");
651                 return;
652             }
653             if (cpu->cfg.vext_spec) {
654                 if (!g_strcmp0(cpu->cfg.vext_spec, "v1.0")) {
655                     vext_version = VEXT_VERSION_1_00_0;
656                 } else {
657                     error_setg(errp,
658                            "Unsupported vector spec version '%s'",
659                            cpu->cfg.vext_spec);
660                     return;
661                 }
662             } else {
663                 qemu_log("vector version is not specified, "
664                          "use the default value v1.0\n");
665             }
666             set_vext_version(env, vext_version);
667         }
668         if ((cpu->cfg.ext_zve32f || cpu->cfg.ext_zve64f) && !cpu->cfg.ext_f) {
669             error_setg(errp, "Zve32f/Zve64f extension depends upon RVF.");
670             return;
671         }
672         if (cpu->cfg.ext_j) {
673             ext |= RVJ;
674         }
675         if (cpu->cfg.ext_zfinx && ((ext & (RVF | RVD)) || cpu->cfg.ext_zfh ||
676                                    cpu->cfg.ext_zfhmin)) {
677             error_setg(errp,
678                     "'Zfinx' cannot be supported together with 'F', 'D', 'Zfh',"
679                     " 'Zfhmin'");
680             return;
681         }
682 
683         set_misa(env, env->misa_mxl, ext);
684     }
685 
686     riscv_cpu_register_gdb_regs_for_features(cs);
687 
688     qemu_init_vcpu(cs);
689     cpu_reset(cs);
690 
691     mcc->parent_realize(dev, errp);
692 }
693 
694 #ifndef CONFIG_USER_ONLY
695 static void riscv_cpu_set_irq(void *opaque, int irq, int level)
696 {
697     RISCVCPU *cpu = RISCV_CPU(opaque);
698     CPURISCVState *env = &cpu->env;
699 
700     if (irq < IRQ_LOCAL_MAX) {
701         switch (irq) {
702         case IRQ_U_SOFT:
703         case IRQ_S_SOFT:
704         case IRQ_VS_SOFT:
705         case IRQ_M_SOFT:
706         case IRQ_U_TIMER:
707         case IRQ_S_TIMER:
708         case IRQ_VS_TIMER:
709         case IRQ_M_TIMER:
710         case IRQ_U_EXT:
711         case IRQ_VS_EXT:
712         case IRQ_M_EXT:
713             if (kvm_enabled()) {
714                 kvm_riscv_set_irq(cpu, irq, level);
715             } else {
716                 riscv_cpu_update_mip(cpu, 1 << irq, BOOL_TO_MASK(level));
717             }
718              break;
719         case IRQ_S_EXT:
720             if (kvm_enabled()) {
721                 kvm_riscv_set_irq(cpu, irq, level);
722             } else {
723                 env->external_seip = level;
724                 riscv_cpu_update_mip(cpu, 1 << irq,
725                                      BOOL_TO_MASK(level | env->software_seip));
726             }
727             break;
728         default:
729             g_assert_not_reached();
730         }
731     } else if (irq < (IRQ_LOCAL_MAX + IRQ_LOCAL_GUEST_MAX)) {
732         /* Require H-extension for handling guest local interrupts */
733         if (!riscv_has_ext(env, RVH)) {
734             g_assert_not_reached();
735         }
736 
737         /* Compute bit position in HGEIP CSR */
738         irq = irq - IRQ_LOCAL_MAX + 1;
739         if (env->geilen < irq) {
740             g_assert_not_reached();
741         }
742 
743         /* Update HGEIP CSR */
744         env->hgeip &= ~((target_ulong)1 << irq);
745         if (level) {
746             env->hgeip |= (target_ulong)1 << irq;
747         }
748 
749         /* Update mip.SGEIP bit */
750         riscv_cpu_update_mip(cpu, MIP_SGEIP,
751                              BOOL_TO_MASK(!!(env->hgeie & env->hgeip)));
752     } else {
753         g_assert_not_reached();
754     }
755 }
756 #endif /* CONFIG_USER_ONLY */
757 
758 static void riscv_cpu_init(Object *obj)
759 {
760     RISCVCPU *cpu = RISCV_CPU(obj);
761 
762     cpu_set_cpustate_pointers(cpu);
763 
764 #ifndef CONFIG_USER_ONLY
765     qdev_init_gpio_in(DEVICE(cpu), riscv_cpu_set_irq,
766                       IRQ_LOCAL_MAX + IRQ_LOCAL_GUEST_MAX);
767 #endif /* CONFIG_USER_ONLY */
768 }
769 
770 static Property riscv_cpu_properties[] = {
771     /* Defaults for standard extensions */
772     DEFINE_PROP_BOOL("i", RISCVCPU, cfg.ext_i, true),
773     DEFINE_PROP_BOOL("e", RISCVCPU, cfg.ext_e, false),
774     DEFINE_PROP_BOOL("g", RISCVCPU, cfg.ext_g, true),
775     DEFINE_PROP_BOOL("m", RISCVCPU, cfg.ext_m, true),
776     DEFINE_PROP_BOOL("a", RISCVCPU, cfg.ext_a, true),
777     DEFINE_PROP_BOOL("f", RISCVCPU, cfg.ext_f, true),
778     DEFINE_PROP_BOOL("d", RISCVCPU, cfg.ext_d, true),
779     DEFINE_PROP_BOOL("c", RISCVCPU, cfg.ext_c, true),
780     DEFINE_PROP_BOOL("s", RISCVCPU, cfg.ext_s, true),
781     DEFINE_PROP_BOOL("u", RISCVCPU, cfg.ext_u, true),
782     DEFINE_PROP_BOOL("v", RISCVCPU, cfg.ext_v, false),
783     DEFINE_PROP_BOOL("h", RISCVCPU, cfg.ext_h, true),
784     DEFINE_PROP_BOOL("Counters", RISCVCPU, cfg.ext_counters, true),
785     DEFINE_PROP_BOOL("Zifencei", RISCVCPU, cfg.ext_ifencei, true),
786     DEFINE_PROP_BOOL("Zicsr", RISCVCPU, cfg.ext_icsr, true),
787     DEFINE_PROP_BOOL("Zfh", RISCVCPU, cfg.ext_zfh, false),
788     DEFINE_PROP_BOOL("Zfhmin", RISCVCPU, cfg.ext_zfhmin, false),
789     DEFINE_PROP_BOOL("Zve32f", RISCVCPU, cfg.ext_zve32f, false),
790     DEFINE_PROP_BOOL("Zve64f", RISCVCPU, cfg.ext_zve64f, false),
791     DEFINE_PROP_BOOL("mmu", RISCVCPU, cfg.mmu, true),
792     DEFINE_PROP_BOOL("pmp", RISCVCPU, cfg.pmp, true),
793 
794     DEFINE_PROP_STRING("priv_spec", RISCVCPU, cfg.priv_spec),
795     DEFINE_PROP_STRING("vext_spec", RISCVCPU, cfg.vext_spec),
796     DEFINE_PROP_UINT16("vlen", RISCVCPU, cfg.vlen, 128),
797     DEFINE_PROP_UINT16("elen", RISCVCPU, cfg.elen, 64),
798 
799     DEFINE_PROP_BOOL("svinval", RISCVCPU, cfg.ext_svinval, false),
800     DEFINE_PROP_BOOL("svnapot", RISCVCPU, cfg.ext_svnapot, false),
801     DEFINE_PROP_BOOL("svpbmt", RISCVCPU, cfg.ext_svpbmt, false),
802 
803     DEFINE_PROP_BOOL("zba", RISCVCPU, cfg.ext_zba, true),
804     DEFINE_PROP_BOOL("zbb", RISCVCPU, cfg.ext_zbb, true),
805     DEFINE_PROP_BOOL("zbc", RISCVCPU, cfg.ext_zbc, true),
806     DEFINE_PROP_BOOL("zbs", RISCVCPU, cfg.ext_zbs, true),
807 
808     DEFINE_PROP_BOOL("zdinx", RISCVCPU, cfg.ext_zdinx, false),
809     DEFINE_PROP_BOOL("zfinx", RISCVCPU, cfg.ext_zfinx, false),
810     DEFINE_PROP_BOOL("zhinx", RISCVCPU, cfg.ext_zhinx, false),
811     DEFINE_PROP_BOOL("zhinxmin", RISCVCPU, cfg.ext_zhinxmin, false),
812 
813     /* Vendor-specific custom extensions */
814     DEFINE_PROP_BOOL("xventanacondops", RISCVCPU, cfg.ext_XVentanaCondOps, false),
815 
816     /* These are experimental so mark with 'x-' */
817     DEFINE_PROP_BOOL("x-j", RISCVCPU, cfg.ext_j, false),
818     /* ePMP 0.9.3 */
819     DEFINE_PROP_BOOL("x-epmp", RISCVCPU, cfg.epmp, false),
820     DEFINE_PROP_BOOL("x-aia", RISCVCPU, cfg.aia, false),
821 
822     DEFINE_PROP_UINT64("resetvec", RISCVCPU, cfg.resetvec, DEFAULT_RSTVEC),
823     DEFINE_PROP_END_OF_LIST(),
824 };
825 
826 static gchar *riscv_gdb_arch_name(CPUState *cs)
827 {
828     RISCVCPU *cpu = RISCV_CPU(cs);
829     CPURISCVState *env = &cpu->env;
830 
831     switch (riscv_cpu_mxl(env)) {
832     case MXL_RV32:
833         return g_strdup("riscv:rv32");
834     case MXL_RV64:
835     case MXL_RV128:
836         return g_strdup("riscv:rv64");
837     default:
838         g_assert_not_reached();
839     }
840 }
841 
842 static const char *riscv_gdb_get_dynamic_xml(CPUState *cs, const char *xmlname)
843 {
844     RISCVCPU *cpu = RISCV_CPU(cs);
845 
846     if (strcmp(xmlname, "riscv-csr.xml") == 0) {
847         return cpu->dyn_csr_xml;
848     } else if (strcmp(xmlname, "riscv-vector.xml") == 0) {
849         return cpu->dyn_vreg_xml;
850     }
851 
852     return NULL;
853 }
854 
855 #ifndef CONFIG_USER_ONLY
856 #include "hw/core/sysemu-cpu-ops.h"
857 
858 static const struct SysemuCPUOps riscv_sysemu_ops = {
859     .get_phys_page_debug = riscv_cpu_get_phys_page_debug,
860     .write_elf64_note = riscv_cpu_write_elf64_note,
861     .write_elf32_note = riscv_cpu_write_elf32_note,
862     .legacy_vmsd = &vmstate_riscv_cpu,
863 };
864 #endif
865 
866 #include "hw/core/tcg-cpu-ops.h"
867 
868 static const struct TCGCPUOps riscv_tcg_ops = {
869     .initialize = riscv_translate_init,
870     .synchronize_from_tb = riscv_cpu_synchronize_from_tb,
871 
872 #ifndef CONFIG_USER_ONLY
873     .tlb_fill = riscv_cpu_tlb_fill,
874     .cpu_exec_interrupt = riscv_cpu_exec_interrupt,
875     .do_interrupt = riscv_cpu_do_interrupt,
876     .do_transaction_failed = riscv_cpu_do_transaction_failed,
877     .do_unaligned_access = riscv_cpu_do_unaligned_access,
878 #endif /* !CONFIG_USER_ONLY */
879 };
880 
881 static void riscv_cpu_class_init(ObjectClass *c, void *data)
882 {
883     RISCVCPUClass *mcc = RISCV_CPU_CLASS(c);
884     CPUClass *cc = CPU_CLASS(c);
885     DeviceClass *dc = DEVICE_CLASS(c);
886 
887     device_class_set_parent_realize(dc, riscv_cpu_realize,
888                                     &mcc->parent_realize);
889 
890     device_class_set_parent_reset(dc, riscv_cpu_reset, &mcc->parent_reset);
891 
892     cc->class_by_name = riscv_cpu_class_by_name;
893     cc->has_work = riscv_cpu_has_work;
894     cc->dump_state = riscv_cpu_dump_state;
895     cc->set_pc = riscv_cpu_set_pc;
896     cc->gdb_read_register = riscv_cpu_gdb_read_register;
897     cc->gdb_write_register = riscv_cpu_gdb_write_register;
898     cc->gdb_num_core_regs = 33;
899     cc->gdb_stop_before_watchpoint = true;
900     cc->disas_set_info = riscv_cpu_disas_set_info;
901 #ifndef CONFIG_USER_ONLY
902     cc->sysemu_ops = &riscv_sysemu_ops;
903 #endif
904     cc->gdb_arch_name = riscv_gdb_arch_name;
905     cc->gdb_get_dynamic_xml = riscv_gdb_get_dynamic_xml;
906     cc->tcg_ops = &riscv_tcg_ops;
907 
908     device_class_set_props(dc, riscv_cpu_properties);
909 }
910 
911 char *riscv_isa_string(RISCVCPU *cpu)
912 {
913     int i;
914     const size_t maxlen = sizeof("rv128") + sizeof(riscv_exts) + 1;
915     char *isa_str = g_new(char, maxlen);
916     char *p = isa_str + snprintf(isa_str, maxlen, "rv%d", TARGET_LONG_BITS);
917     for (i = 0; i < sizeof(riscv_exts); i++) {
918         if (cpu->env.misa_ext & RV(riscv_exts[i])) {
919             *p++ = qemu_tolower(riscv_exts[i]);
920         }
921     }
922     *p = '\0';
923     return isa_str;
924 }
925 
926 static gint riscv_cpu_list_compare(gconstpointer a, gconstpointer b)
927 {
928     ObjectClass *class_a = (ObjectClass *)a;
929     ObjectClass *class_b = (ObjectClass *)b;
930     const char *name_a, *name_b;
931 
932     name_a = object_class_get_name(class_a);
933     name_b = object_class_get_name(class_b);
934     return strcmp(name_a, name_b);
935 }
936 
937 static void riscv_cpu_list_entry(gpointer data, gpointer user_data)
938 {
939     const char *typename = object_class_get_name(OBJECT_CLASS(data));
940     int len = strlen(typename) - strlen(RISCV_CPU_TYPE_SUFFIX);
941 
942     qemu_printf("%.*s\n", len, typename);
943 }
944 
945 void riscv_cpu_list(void)
946 {
947     GSList *list;
948 
949     list = object_class_get_list(TYPE_RISCV_CPU, false);
950     list = g_slist_sort(list, riscv_cpu_list_compare);
951     g_slist_foreach(list, riscv_cpu_list_entry, NULL);
952     g_slist_free(list);
953 }
954 
955 #define DEFINE_CPU(type_name, initfn)      \
956     {                                      \
957         .name = type_name,                 \
958         .parent = TYPE_RISCV_CPU,          \
959         .instance_init = initfn            \
960     }
961 
962 static const TypeInfo riscv_cpu_type_infos[] = {
963     {
964         .name = TYPE_RISCV_CPU,
965         .parent = TYPE_CPU,
966         .instance_size = sizeof(RISCVCPU),
967         .instance_align = __alignof__(RISCVCPU),
968         .instance_init = riscv_cpu_init,
969         .abstract = true,
970         .class_size = sizeof(RISCVCPUClass),
971         .class_init = riscv_cpu_class_init,
972     },
973     DEFINE_CPU(TYPE_RISCV_CPU_ANY,              riscv_any_cpu_init),
974 #if defined(CONFIG_KVM)
975     DEFINE_CPU(TYPE_RISCV_CPU_HOST,             riscv_host_cpu_init),
976 #endif
977 #if defined(TARGET_RISCV32)
978     DEFINE_CPU(TYPE_RISCV_CPU_BASE32,           rv32_base_cpu_init),
979     DEFINE_CPU(TYPE_RISCV_CPU_IBEX,             rv32_ibex_cpu_init),
980     DEFINE_CPU(TYPE_RISCV_CPU_SIFIVE_E31,       rv32_sifive_e_cpu_init),
981     DEFINE_CPU(TYPE_RISCV_CPU_SIFIVE_E34,       rv32_imafcu_nommu_cpu_init),
982     DEFINE_CPU(TYPE_RISCV_CPU_SIFIVE_U34,       rv32_sifive_u_cpu_init),
983 #elif defined(TARGET_RISCV64)
984     DEFINE_CPU(TYPE_RISCV_CPU_BASE64,           rv64_base_cpu_init),
985     DEFINE_CPU(TYPE_RISCV_CPU_SIFIVE_E51,       rv64_sifive_e_cpu_init),
986     DEFINE_CPU(TYPE_RISCV_CPU_SIFIVE_U54,       rv64_sifive_u_cpu_init),
987     DEFINE_CPU(TYPE_RISCV_CPU_SHAKTI_C,         rv64_sifive_u_cpu_init),
988     DEFINE_CPU(TYPE_RISCV_CPU_BASE128,          rv128_base_cpu_init),
989 #endif
990 };
991 
992 DEFINE_TYPES(riscv_cpu_type_infos)
993