aboutsummaryrefslogtreecommitdiff
path: root/target-arm
AgeCommit message (Collapse)Author
2015-12-17kvm: x86: add support for KVM_CAP_SPLIT_IRQCHIPPaolo Bonzini
This patch adds support for split IRQ chip mode. When KVM_CAP_SPLIT_IRQCHIP is enabled: 1.) The PIC, PIT, and IOAPIC are implemented in userspace while the LAPIC is implemented by KVM. 2.) The software IOAPIC delivers interrupts to the KVM LAPIC via kvm_set_irq. Interrupt delivery is configured via the MSI routing table, for which routes are reserved in target-i386/kvm.c then configured in hw/intc/ioapic.c 3.) KVM delivers IOAPIC EOIs via a new exit KVM_EXIT_IOAPIC_EOI, which is handled in target-i386/kvm.c and relayed to the software IOAPIC via ioapic_eoi_broadcast. Signed-off-by: Matt Gingell <gingell@google.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-12-17target-arm: kvm - re-inject guest debug exceptionsAlex Bennée
If we can't find details for the debug exception in our debug state then we can assume the exception is due to debugging inside the guest. To inject the exception into the guest state we re-use the TCG exception code (do_interrupt). However while guest debugging is in effect we currently can't handle the guest using single step as we will keep trapping to back to userspace. GDB makes heavy use of single-step behind the scenes which effectively means the guest's ability to debug itself is disabled while it is being debugged. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1449599553-24713-6-git-send-email-alex.bennee@linaro.org [PMM: Fixed a few typos in comments and commit message] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-17target-arm: kvm - add support for HW assisted debugAlex Bennée
This adds basic support for HW assisted debug. The ioctl interface to KVM allows us to pass an implementation defined number of break and watch point registers. When KVM_GUESTDBG_USE_HW is specified these debug registers will be installed in place on the world switch into the guest. The hardware is actually capable of more advanced matching but it is unclear if this expressiveness is available via the gdbstub protocol. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1449599553-24713-5-git-send-email-alex.bennee@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-17target-arm: kvm - support for single stepAlex Bennée
This adds support for single-step. There isn't much to do on the QEMU side as after we set-up the request for single step via the debug ioctl it is all handled within the kernel. The actual setting of the KVM_GUESTDBG_SINGLESTEP flag is already in the common code. If the kernel doesn't support guest debug the ioctl will simply error. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1449599553-24713-4-git-send-email-alex.bennee@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-17target-arm: kvm - implement software breakpointsAlex Bennée
These don't involve messing around with debug registers, just setting the breakpoint instruction in memory. GDB will not use this mechanism if it can't access the memory to write the breakpoint. All the kernel has to do is ensure the hypervisor traps the breakpoint exceptions and returns to userspace. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1449599553-24713-3-git-send-email-alex.bennee@linaro.org [PMM: Fixed typo in comment] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-17target-arm: kvm64 - introduce kvm_arm_init_debug()Alex Bennée
As we haven't always had guest debug support we need to probe for it. Additionally we don't do this in the start-up capability code so we don't fall over on old kernels. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1449599553-24713-2-git-send-email-alex.bennee@linaro.org Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-17target-arm: Fix and improve AA32 singlestep translation completion codeSergey Fedorov
The AArch32 translation completion code for singlestep enabled/active case was a way more confusing and too repetitive then it needs to be. Probably that was the cause for a bug to be introduced into it at some point. The bug was that SWI/HVC/SMC exception would be generated in condition-failed instruction code path whereas it shouldn't. This patch rewrites the code in a way similar to the non-singlestep case. In the condition-passed/unconditional instruction code path we need to: - Write the condexec bits back to the CPU state - Advance the singlestep state machine and generate a corresponding exception in case of SWI/HVC/SMC - Write the PC back to the CPU state if it hasn't already been written and generate an appropriate singlestep exception otherwise In the condition-failed instruction code path we need to: - Set a TCG label to jump to it if the condition is failed - Write the condexec bits back to the CPU state - Write the PC back to the CPU state since it hasn't been written in this case - Generate an appropriate singlestep exception Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1448474560-22475-1-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-12-17target-arm: raise exception on misaligned LDREX operandsAndrew Baumann
Qemu does not generally perform alignment checks. However, the ARM ARM requires implementation of alignment exceptions for a number of cases including LDREX, and Windows-on-ARM relies on this. This change adds plumbing to enable alignment checks on loads using MO_ALIGN, a do_unaligned_access hook to raise the exception (data abort), and uses the new aligned loads in LDREX (for all but single-byte loads). Signed-off-by: Andrew Baumann <Andrew.Baumann@microsoft.com> Message-id: 1449167808-5656-1-git-send-email-Andrew.Baumann@microsoft.com [PMM: set WnR bits in syndrome and FSR as appropriate] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-24target-arm/translate-a64.c: Correct unallocated checks for ldst_exclpull-target-arm-20151124Peter Maydell
The checks for the unallocated encodings in the ldst_excl group (exclusives and load-acquire/store-release) were not correct. This error meant that in turn we ended up with code attempting to handle the non-existent case of "non-exclusive load-acquire/store-release pair". Delete that broken and now unreachable code. Reported-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Sergey Fedorov <serge.fdrv@gmail.com>
2015-11-24target-arm: Don't mask out bits [47:40] in LPAE descriptors for v8Peter Maydell
In an LPAE format descriptor in ARMv8 the address field extends up to bit 47, not just bit 39. Correct the masking so we don't give incorrect results if the output address size is greater than 40 bits, as it can be for AArch64. (Note that we don't yet support the new-in-v8 Address Size fault which should be generated if any translation table entry or TTBR contains an address with non-zero bits above the most significant bit of the maximum output address size.) Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1448029971-9875-1-git-send-email-peter.maydell@linaro.org
2015-11-19target-arm: Update condexec before arch BP check in AA32 translationpull-target-arm-20151119Sergey Fedorov
Architectural breakpoint check could raise an exceptions, thus condexec bits should be updated before calling gen_helper_check_breakpoints(). Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1447767527-21268-3-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-19target-arm: Update condexec before CP access check in AA32 translationSergey Fedorov
Coprocessor access instructions are allowed inside IT block. gen_helper_access_check_cp_reg() can raise an exceptions thus condexec bits should be updated before. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1447767527-21268-2-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-12target-arm: Update PC before calling gen_helper_check_breakpoints()Sergey Fedorov
PC should be updated in the CPU state before calling check_breakpoints() helper. Otherwise, the helper would not see the correct PC in the CPU state if it is not at the start of a TB. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1447176222-16401-1-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-10target-arm: Clean up DISAS_UPDATE usage in AArch32 translation codepull-target-arm-20151110Sergey Fedorov
AArch32 translation code does not distinguish between DISAS_UPDATE and DISAS_JUMP. Thus, we cannot use any of them without first updating PC in CPU state. Furthermore, it is too complicated to update PC in CPU state before PC gets updated in disas context. So it is hardly possible to correctly end TB early if is is not likely to be executed before calling disas_*_insn(), e.g. just after calling breakpoint check helper. Modify DISAS_UPDATE and DISAS_JUMP usage in AArch32 translation and apply to them the same semantic as AArch64 translation does: - DISAS_UPDATE: update PC in CPU state when finishing translation - DISAS_JUMP: preserve current PC value in CPU state when finishing translation This patch fixes a bug in AArch32 breakpoint handling: when check_breakpoints helper does not generate an exception, ending the TB early with DISAS_UPDATE couldn't update PC in CPU state and execution hangs. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1447097859-586-1-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-10target-arm: Fix gdb singlestep handling in arm_debug_excp_handler()Sergey Fedorov
Do not raise a CPU exception if no CPU breakpoint has fired, since singlestep is also done by generating a debug internal exception. This fixes a bug with singlestepping in gdbstub. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1446726361-18328-1-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-11-03target-arm: Report S/NS status in the CPU debug logsPeter Maydell
If this CPU supports EL3, enhance the printing of the current CPU mode in debug logging to distinguish S from NS modes as appropriate. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1445883178-576-3-git-send-email-peter.maydell@linaro.org
2015-11-03target-arm: Bring AArch64 debug CPU display of PSTATE into line with AArch32Peter Maydell
The AArch64 debug CPU display of PSTATE as "PSTATE=200003c5 (flags --C-)" on the end of the same line as the last of the general purpose registers is unnecessarily different from the AArch32 display of PSR as "PSR=200001d3 --C- A svc32" on its own line. Update the AArch64 code to put PSTATE in its own line and in the same format, including printing the exception level (mode). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Message-id: 1445883178-576-2-git-send-email-peter.maydell@linaro.org
2015-11-03target-arm: Add and use symbolic names for register banksSoren Brinkmann
Add BANK_<cpumode> #defines to index banked registers. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-28target-*: Advance pc after recognizing a breakpointRichard Henderson
Some targets already had this within their logic, but make sure it's present for all targets. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-27target-arm: Add support for S1 + S2 MMU translationspull-target-arm-20151027-1Edgar E. Iglesias
Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-15-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Route S2 MMU faults to EL2Edgar E. Iglesias
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-14-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add S2 translation to 32bit S1 PTWsEdgar E. Iglesias
Add support for applying S2 translation to 32bit S1 page-table walks. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-13-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add S2 translation to 64bit S1 PTWsEdgar E. Iglesias
Add support for applying S2 translation to 64bit S1 page-table walks. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-12-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add ARMMMUFaultInfoEdgar E. Iglesias
Introduce ARMMMUFaultInfo to propagate MMU Fault information across the MMU translation code path. This is in preparation for adding Stage-2 translation. No functional changes. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-11-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Avoid inline for get_phys_addrEdgar E. Iglesias
Avoid inline for get_phys_addr() to prepare for future recursive use. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-10-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add support for S2 page-table protection bitsEdgar E. Iglesias
Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-9-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add computation of starting level for S2 PTWEdgar E. Iglesias
The starting level for S2 pagetable walks is computed differently from the S1 starting level. Implement the S2 variant. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-8-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: lpae: Rename granule_sz to strideEdgar E. Iglesias
Rename granule_sz to stride to better match the reference manuals. No functional change. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-7-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: lpae: Replace tsz with computed inputsizeEdgar E. Iglesias
Remove the tsz variable and introduce inputsize. This simplifies the code a little and makes it easier to compare with the reference manuals. No functional change. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-6-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add support for AArch32 S2 negative t0szEdgar E. Iglesias
Add support for AArch32 S2 negative t0sz. In preparation for using 40bit IPAs on AArch32. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-5-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: lpae: Move declaration of t0sz and t1szEdgar E. Iglesias
Move declaration of t0sz and t1sz to the top of the function avoiding a mix of code and variable declarations. No functional change. Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-4-git-send-email-edgar.iglesias@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: lpae: Make t0sz and t1sz signed integersEdgar E. Iglesias
Make t0sz and t1sz signed integers to match tsz and to make it easier to implement support for AArch32 negative t0sz. t1sz is changed for consistensy. No functional change. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-3-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add HPFAR_EL2Edgar E. Iglesias
Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Signed-off-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Message-id: 1445864527-14520-2-git-send-email-edgar.iglesias@gmail.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Add support for SPSR_(ABT|UND|IRQ|FIQ)Soren Brinkmann
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm/translate.c: Handle non-executable page-straddling Thumb insnsPeter Maydell
When the memory we're trying to translate code from is not executable we have to turn this into a guest fault. In order to report the correct PC for this fault, and to make sure it is not reported until after any other possible faults for instructions earlier in execution, we must terminate TBs at the end of a page, in case the next instruction is in a non-executable page. This is simple for T16, A32 and A64 instructions, which are always aligned to their size. However T32 instructions may be 32-bits but only 16-aligned, so they can straddle a page boundary. Correct the condition that checks whether the next instruction will touch the following page, to ensure that if we're 2 bytes before the boundary and this insn is T32 then we end the TB. Reported-by: Pavel Dovgalyuk <pavel.dovgaluk@ispras.ru> Reviewed-by: Laurent Desnogues <laurent.desnogues@gmail.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-27target-arm: Fix "no 64-bit EL2" assumption in arm_excp_unmasked()Peter Maydell
The code in arm_excp_unmasked() suppresses the ability of PSTATE.AIF to mask exceptions from a lower EL targeting EL2 or EL3 if the CPU is 64-bit. This is correct for a target of EL3, but not correct for targeting EL2. Further, we go to some effort to calculate scr and hcr values which are not used at all for the 64-bit CPU case. Rearrange the code to correctly implement the 64-bit CPU logic and keep the hcr/scr calculations in the 32-bit CPU codepath. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1444327729-4120-1-git-send-email-peter.maydell@linaro.org Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Tested-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>
2015-10-19Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into stagingPeter Maydell
* KVM page size fix for PPC * Support for Linux 4.4's new Hyper-V features * Eliminate g_slice from areas I maintain * checkpatch fix * Peter's cpu_reload_memory_map() cleanups * More changes to MAINTAINERS * Require Python 2.6 * chardev creation fixes * PCI requester id for ARM KVM * cleanups and doc fixes * Allow customization of the Hyper-V vendor id # gpg: Signature made Mon 19 Oct 2015 09:13:10 BST using RSA key ID 78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" * remotes/bonzini/tags/for-upstream: (49 commits) kvm: Allow the Hyper-V vendor ID to be specified kvm: Move x86-specific functions into target-i386/kvm.c kvm: Pass PCI device pointer to MSI routing functions hw/pci: Introduce pci_requester_id() kvm: Make KVM_CAP_SIGNAL_MSI globally available doc/rcu: fix g_free_rcu() usage example qemu-char: cleanup after completed conversion to cd->create qemu-char: convert ringbuf backend to data-driven creation qemu-char: convert vc backend to data-driven creation qemu-char: convert spice backend to data-driven creation qemu-char: convert console backend to data-driven creation qemu-char: convert stdio backend to data-driven creation qemu-char: convert testdev backend to data-driven creation qemu-char: convert braille backend to data-driven creation qemu-char: convert msmouse backend to data-driven creation qemu-char: convert mux backend to data-driven creation qemu-char: convert null backend to data-driven creation qemu-char: convert pty backend to data-driven creation qemu-char: convert UDP backend to data-driven creation qemu-char: convert socket backend to data-driven creation ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-19kvm: Pass PCI device pointer to MSI routing functionsPavel Fedin
In-kernel ITS emulation on ARM64 will require to supply requester IDs. These IDs can now be retrieved from the device pointer using new pci_requester_id() function. This patch adds pci_dev pointer to KVM GSI routing functions and makes callers passing it. x86 architecture does not use requester IDs, but hw/i386/kvm/pci-assign.c also made passing PCI device pointer instead of NULL for consistency with the rest of the code. Signed-off-by: Pavel Fedin <p.fedin@samsung.com> Message-Id: <ce081423ba2394a4efc30f30708fca07656bc500.1444916432.git.p.fedin@samsung.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-10-16target-arm: Fix CPU breakpoint handlingpull-target-arm-20151016Sergey Fedorov
A QEMU breakpoint match is not definitely an architectural breakpoint match. If an exception is generated unconditionally during translation, it is hardly possible to ignore it in the debug exception handler. Generate a call to a helper to check CPU breakpoints and raise an exception only if any breakpoint matches architecturally. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: Fix GDB breakpoint handlingSergey Fedorov
GDB breakpoints have higher priority so they have to be checked first. Should GDB breakpoint match, just return from the debug exception handler. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: implement arm_debug_target_el()Sergey Fedorov
Implement debug exception routing according to ARM ARM D2.3.1 Pseudocode description of routing debug exceptions. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: Add MDCR_EL2Sergey Fedorov
Add the MDCR_EL2 register. We don't implement any of the debug-related traps this register controls yet, so currently it simply reads back as written. Signed-off-by: Sergey Fedorov <serge.fdrv@gmail.com> Message-id: 1444383794-16767-1-git-send-email-serge.fdrv@gmail.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> [PMM: tweaked commit message; moved non-dummy definition from debug_cp_reginfo to el2_cp_reginfo.] Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: Implement AArch64 OSLAR/OSLSR_EL1 sysregsDavorin Mista
Added oslar_write function to OSLAR_EL1 sysreg, using a status variable in ARMCPUState.cp15 struct (oslsr_el1). This variable is also linked to the newly added read-only OSLSR_EL1 register. Linux reads from this register during its suspend/resume procedure. Signed-off-by: Davorin Mista <davorin.mista@aggios.com> [PMM: folded a long line and tweaked a comment] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: Avoid calling arm_el_is_aa64() function for unimplemented ELSergey Sorokin
It is incorrect to call arm_el_is_aa64() function for unimplemented EL. This patch fixes several attempts to do so. Signed-off-by: Sergey Sorokin <afarallax@yandex.ru> [PMM: Reworked several of the comments to be more verbose.] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: Break the TB after ISB to execute self-modified code correctlySergey Sorokin
If any store instruction writes the code inside the same TB after this store insn, the execution of the TB must be stopped to execute new code correctly. As described in ARMv8 manual D3.4.6 self-modifying code must do an IC invalidation to be valid, and an ISB after it. So it's enough to end the TB after ISB instruction on the code translation. Also this TB break is necessary to take any pending interrupts immediately after an ISB (as required by ARMv8 ARM D1.14.4). Signed-off-by: Sergey Sorokin <afarallax@yandex.ru> [PMM: tweaked commit message and comments slightly] Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-16target-arm: Add missing 'static' attributeStefan Weil
Signed-off-by: Stefan Weil <sw@weilnetz.de> Message-id: 1443213733-9807-1-git-send-email-sw@weilnetz.de Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2015-10-09qdev: Protect device-list-properties against broken devicesMarkus Armbruster
Several devices don't survive object_unref(object_new(T)): they crash or hang during cleanup, or they leave dangling pointers behind. This breaks at least device-list-properties, because qmp_device_list_properties() needs to create a device to find its properties. Broken in commit f4eb32b "qmp: show QOM properties in device-list-properties", v2.1. Example reproducer: $ qemu-system-aarch64 -nodefaults -display none -machine none -S -qmp stdio {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, "package": ""}, "capabilities": []}} { "execute": "qmp_capabilities" } {"return": {}} { "execute": "device-list-properties", "arguments": { "typename": "pxa2xx-pcmcia" } } qemu-system-aarch64: /home/armbru/work/qemu/memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. Aborted (core dumped) [Exit 134 (SIGABRT)] Unfortunately, I can't fix the problems in these devices right now. Instead, add DeviceClass member cannot_destroy_with_object_finalize_yet to mark them: * Hang during cleanup (didn't debug, so I can't say why): "realview_pci", "versatile_pci". * Dangling pointer in cpus: most CPUs, plus "allwinner-a10", "digic", "fsl,imx25", "fsl,imx31", "xlnx,zynqmp", because they create such CPUs * Assert kvm_enabled(): "host-x86_64-cpu", host-i386-cpu", "host-powerpc64-cpu", "host-embedded-powerpc-cpu", "host-powerpc-cpu" (the powerpc ones can't currently reach the assertion, because the CPUs are only registered when KVM is enabled, but the assertion is arguably in the wrong place all the same) Make qmp_device_list_properties() fail cleanly when the device is so marked. This improves device-list-properties from "crashes, hangs or leaves dangling pointers behind" to "fails". Not a complete fix, just a better-than-nothing work-around. In the above reproducer, device-list-properties now fails with "Can't list properties of device 'pxa2xx-pcmcia'". This also protects -device FOO,help, which uses the same machinery since commit ef52358 "qdev-monitor: include QOM properties in -device FOO, help output", v2.2. Example reproducer: $ qemu-system-aarch64 -machine none -device pxa2xx-pcmcia,help Before: qemu-system-aarch64: .../memory.c:1307: memory_region_finalize: Assertion `((&mr->subregions)->tqh_first == ((void *)0))' failed. After: Can't list properties of device 'pxa2xx-pcmcia' Cc: "Andreas Färber" <afaerber@suse.de> Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> Cc: Alexander Graf <agraf@suse.de> Cc: Anthony Green <green@moxielogic.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> Cc: Blue Swirl <blauwirbel@gmail.com> Cc: Eduardo Habkost <ehabkost@redhat.com> Cc: Guan Xuetao <gxt@mprc.pku.edu.cn> Cc: Jia Liu <proljc@gmail.com> Cc: Leon Alrae <leon.alrae@imgtec.com> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> Cc: Max Filippov <jcmvbkbc@gmail.com> Cc: Michael Walle <michael@walle.cc> Cc: Paolo Bonzini <pbonzini@redhat.com> Cc: Peter Maydell <peter.maydell@linaro.org> Cc: Richard Henderson <rth@twiddle.net> Cc: qemu-ppc@nongnu.org Cc: qemu-stable@nongnu.org Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com> Message-Id: <1443689999-12182-10-git-send-email-armbru@redhat.com>
2015-10-07tcg: Remove gen_intermediate_code_pcRichard Henderson
It is no longer used, so tidy up everything reached by it. This includes the gen_opc_* arrays, the search_pc parameter and the inline gen_intermediate_code_internal functions. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-07tcg: Pass data argument to restore_state_to_opcRichard Henderson
The gen_opc_* arrays are already redundant with the data stored in the insn_start arguments. Transition restore_state_to_opc to use data from the latter. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>
2015-10-07tcg: Add TCG_MAX_INSNSRichard Henderson
Adjust all translators to respect it. Reviewed-by: Aurelien Jarno <aurelien@aurel32.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Richard Henderson <rth@twiddle.net>