This patch adds the Store Quadword Conditionl (stqcx.) instruction
which is introduced in Power ISA 2.07.
Signed-off-by: NTom Musta <tommusta@gmail.com>
[agraf: fix compile error when !TARGET_PPC64]
Signed-off-by: NAlexander Graf <agraf@suse.de>

Exception with break instruction has not been correctly propagated as
SIGTRAP. This resolves crash issues with examples that use break
instruction on MIPS.
Signed-off-by: NPetar Jovanovic <petar.jovanovic@imgtec.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Signed-off-by: NJanne Grunau <j@jannau.net>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

This implement exclusive loads/stores for aarch64 along the lines of
arm32 and ppc implementations. The exclusive load remembers the address
and loaded value. The exclusive store throws an an exception which uses
those values to check for equality in a proper exclusive region.

This is not actually the architecture mandated semantics (for either
AArch32 or AArch64) but it is close enough for typical guest code
sequences to work correctly, and saves us from having to monitor all
guest stores. It's fairly easy to come up with test cases where we
don't behave like hardware - we don't for example model cache line
behaviour. However in the common patterns this works, and the existing
32 bit ARM exclusive access implementation has the same limitations.

AArch64 also implements new acquire/release loads/stores (which may be
either exclusive or non-exclusive). These imposes extra ordering
constraints on memory operations (ie they act as if they have an implicit
barrier built into them). As TCG is single-threaded all our barriers
are no-ops, so these just behave like normal loads and stores.
Signed-off-by: NMichael Matz <matz@suse.de>
Signed-off-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

In preparation for adding support for A64 load/store exclusive instructions,
widen the fields in the CPU state struct that deal with address and data values
for exclusives from 32 to 64 bits. Although in practice AArch64 and AArch32
exclusive accesses will be generally separate there are some odd theoretical
corner cases (eg you should be able to do the exclusive load in AArch32, take
an exception to AArch64 and successfully do the store exclusive there), and it's
also easier to reason about.

The changes in semantics for the variables are:
 exclusive_addr  -> extended to 64 bits; -1ULL for "monitor lost",
   otherwise always < 2^32 for AArch32
 exclusive_val   -> extended to 64 bits. 64 bit exclusives in AArch32 now
   use the high half of exclusive_val instead of a separate exclusive_high
 exclusive_high  -> is no longer used in AArch32; extended to 64 bits as
   it will be needed for AArch64's pair-of-64-bit-values exclusives.
 exclusive_test  -> extended to 64 bits, as it is an address. Since this is
   a linux-user-only field, in arm-linux-user it will always have the top
   32 bits zero.
 exclusive_info  -> stays 32 bits, as it is neither data nor address, but
   simply holds register indexes etc. AArch64 will be able to fit all its
   information into 32 bits as well.

Note that the refactoring of gen_store_exclusive() coincidentally fixes
a minor bug where ldrexd would incorrectly update the first CPU register
even if the load for the second register faulted.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

This implement exclusive loads/stores for aarch64 along the lines of
arm32 and ppc implementations. The exclusive load remembers the address
and loaded value. The exclusive store throws an an exception which uses
those values to check for equality in a proper exclusive region.

This is not actually the architecture mandated semantics (for either
AArch32 or AArch64) but it is close enough for typical guest code
sequences to work correctly, and saves us from having to monitor all
guest stores. It's fairly easy to come up with test cases where we
don't behave like hardware - we don't for example model cache line
behaviour. However in the common patterns this works, and the existing
32 bit ARM exclusive access implementation has the same limitations.

AArch64 also implements new acquire/release loads/stores (which may be
either exclusive or non-exclusive). These imposes extra ordering
constraints on memory operations (ie they act as if they have an implicit
barrier built into them). As TCG is single-threaded all our barriers
are no-ops, so these just behave like normal loads and stores.
Signed-off-by: NMichael Matz <matz@suse.de>
Signed-off-by: NAlex Bennée <alex.bennee@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

In preparation for adding support for A64 load/store exclusive instructions,
widen the fields in the CPU state struct that deal with address and data values
for exclusives from 32 to 64 bits. Although in practice AArch64 and AArch32
exclusive accesses will be generally separate there are some odd theoretical
corner cases (eg you should be able to do the exclusive load in AArch32, take
an exception to AArch64 and successfully do the store exclusive there), and it's
also easier to reason about.

The changes in semantics for the variables are:
 exclusive_addr  -> extended to 64 bits; -1ULL for "monitor lost",
   otherwise always < 2^32 for AArch32
 exclusive_val   -> extended to 64 bits. 64 bit exclusives in AArch32 now
   use the high half of exclusive_val instead of a separate exclusive_high
 exclusive_high  -> is no longer used in AArch32; extended to 64 bits as
   it will be needed for AArch64's pair-of-64-bit-values exclusives.
 exclusive_test  -> extended to 64 bits, as it is an address. Since this is
   a linux-user-only field, in arm-linux-user it will always have the top
   32 bits zero.
 exclusive_info  -> stays 32 bits, as it is neither data nor address, but
   simply holds register indexes etc. AArch64 will be able to fit all its
   information into 32 bits as well.

Note that the refactoring of gen_store_exclusive() coincidentally fixes
a minor bug where ldrexd would incorrectly update the first CPU register
even if the load for the second register faulted.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

The common pattern for system registers in a 64-bit capable ARM
CPU is that when in AArch32 the cp15 register is a view of the
bottom 32 bits of the 64-bit AArch64 system register; writes in
AArch32 leave the top half unchanged. The most natural way to
model this is to have the state field in the CPU struct be a
64 bit value, and simply have the AArch32 TCG code operate on
a pointer to its lower half.

For aarch64-linux-user the only registers we need to share like
this are the thread-local-storage ones. Widen their fields to
64 bits and provide the 64 bit reginfo struct to make them
visible in AArch64 state. Note that minor cleanup of the AArch64
system register encoding space means We can share the TPIDR_EL1
reginfo but need split encodings for TPIDR_EL0 and TPIDRRO_EL0.

Since we're touching almost every line in QEMU that uses the
c13_tls* fields in this patch anyway, we take the opportunity
to rename them in line with the standard ARM architectural names
for these registers.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

The common pattern for system registers in a 64-bit capable ARM
CPU is that when in AArch32 the cp15 register is a view of the
bottom 32 bits of the 64-bit AArch64 system register; writes in
AArch32 leave the top half unchanged. The most natural way to
model this is to have the state field in the CPU struct be a
64 bit value, and simply have the AArch32 TCG code operate on
a pointer to its lower half.

For aarch64-linux-user the only registers we need to share like
this are the thread-local-storage ones. Widen their fields to
64 bits and provide the 64 bit reginfo struct to make them
visible in AArch64 state. Note that minor cleanup of the AArch64
system register encoding space means We can share the TPIDR_EL1
reginfo but need split encodings for TPIDR_EL0 and TPIDRRO_EL0.

Since we're touching almost every line in QEMU that uses the
c13_tls* fields in this patch anyway, we take the opportunity
to rename them in line with the standard ARM architectural names
for these registers.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

With this we no longer pass down envp, and thus all systems can have
the same void prototype.  So also eliminate a useless thunk.
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Abstract away dependence on a system implementation of getauxval.
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Since this is only read in cpu_copy() and linux-user has a global
cpu_model, drop the field from generic code.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

It is only used there and is deemed very fragile if not incorrect in its
current memcpy() form. Moving it into linux-user will allow to move
parts into target_cpu.h headers and only copy what the ABI mandates.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

microMIPS instructions that cause breakpoint exceptions come in
16-bit and 32-bit variants.  When handling exceptions caused by
such instructions, the instruction type needs to be taken into
account when extracting the break code.

The code has also been restructured for better clarity.
Signed-off-by: NKwok Cheung Yeung <kcy@codesourcery.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

The binfmt_misc module can calculate the credentials and security
token according to the binary instead of to the interpreter if the
'C' flag is enabled.

To be able to execute non-readable binaries, this flag implies 'O'
flag. When 'O' flag is enabled, bintfmt_misc opens the file for
reading and pass the file descriptor to the interpreter.

References:
linux/Documentation/binfmt_misc.txt          ['O' and 'C' description]
linux/fs/binfmt_misc.c linux/fs/binfmt_elf.c [ AT_EXECFD usage ]
Signed-off-by: NLaurent Vivier <laurent@vivier.eu>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

The name field of MIPS_SYS isn't actually used; it's just documentation.
But adjust the umount entries to match mips/syscall_nr.h anyway.
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

This patch adds support for AArch64 in all the small corners of
linux-user (primarily in image loading and startup code).
Signed-off-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NJohn Rigby <john.rigby@linaro.org>
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-22-git-send-email-peter.maydell@linaro.org
Message-id: 1368505980-17151-11-git-send-email-john.rigby@linaro.org
[PMM:
 * removed some unnecessary #defines from syscall.h
 * catch attempts to use a 32 bit only cpu with aarch64-linux-user
 * termios stuff moved into its own patch
 * we specify our minimum uname version here now
]
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

For newer target architectures, glibc can be picky about the kernel
version: for example, it will not run on an aarch64 system unless
the kernel reports itself as at least 3.8.0. Accommodate this by
enhancing the existing support for faking the kernel version so
that each target can optionally specify a minimum version: if
the user doesn't force a specific fake version then we will override
with the minimum required version only if the real host kernel
version is insufficient.

Use this facility to let aarch64 report a minimum of 3.8.0.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-21-git-send-email-peter.maydell@linaro.org

Add the main linux-user cpu loop for AArch64. Since AArch64
has a different system call interface, doesn't need to worry
about FPA emulation and may in the future keep the prefetch/data
abort information in different system registers, it's simplest
just to use a completely separate loop from the 32 bit ARM
target, rather than peppering it with ifdefs.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Message-id: 1378235544-22290-14-git-send-email-peter.maydell@linaro.org

Introduce CPU_FOREACH(), CPU_FOREACH_SAFE() and CPU_NEXT() shorthand
macros.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

sys_mremap missed 5th argument (new_address), which caused examples that
remap to a specific address to fail.
sys_splice missed 5th and 6th argument which caused different examples to
fail.
This change has an effect on MIPS target only.
Signed-off-by: NPetar Jovanovic <petar.jovanovic@imgtec.com>
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>

sys_mremap missed 5th argument (new_address), which caused examples that
remap to a specific address to fail.
sys_splice missed 5th and 6th argument which caused different examples to
fail.
This change has an effect on MIPS target only.
Signed-off-by: NPetar Jovanovic <petar.jovanovic@imgtec.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>

This fixes a mismerge in 874ec3c5.
Acked-by: NRiku Voipio <riku.voipio@iki.fi>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Decode trap instructions during the handling of an EXCP_BREAK or EXCP_TRAP
according to the current ISA mode.
Signed-off-by: NKwok Cheung Yeung <kcy@codesourcery.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Prepares for changing GDBState::c_cpu to CPUState.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Some CPUs reset as part of cpu_init(), some others were reset
afterwards, some not at all. While some targets didn't implement a
cpu_[state_]reset() function, QOM cpu_reset() is always available.
There's nothing wrong with resetting twice on startup, so drop
the #ifdef.
Suggested-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Now all linux-user targets support building with NPTL, we can make it
mandatory. This is a good idea because:
 * NPTL is no longer new and experimental; it is completely standard
 * in practice, linux-user without NPTL is nearly useless for
   binaries built against non-ancient glibc
 * it allows us to delete the rather untested code for handling
   the non-NPTL configuration

Note that this patch leaves the CONFIG_USE_NPTL ifdefs in the
bsd-user codebase alone. This makes no change for bsd-user, since
our configure test for NPTL had a "#include <linux/futex.h>"
which means bsd-user would never have been compiled with
CONFIG_USE_NPTL defined, and it still is not.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

sys_futex has 6 arguments, and all of these need to be copied. Fix incorrect
declaration in the mips_syscall_args array.

This change fixes the cases where the 5th and 6th arguments have non-zero
value and have importance. An example is a Linux implementation of
pthread_cond_wait() function.
Signed-off-by: NPetar Jovanovic <petar.jovanovic@imgtec.com>
Reviewed-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NMichael Tokarev <mjt@tls.msk.ru>

Since commit 878096ee (cpu: Turn
cpu_dump_{state,statistics}() into CPUState hooks) CPUArchState is no
longer needed.

Add documentation and make the functions available through qemu/log.h
outside NEED_CPU_H to allow use in qom/cpu.c. Moving them to qom/cpu.h
was not yet possible due to convoluted include paths, so that some
devices grow an implicit and unneeded dependency on qom/cpu.h for now.

Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Reviewed-by: NRichard Henderson <rth@twiddle.net>
[AF: Simplified mb_cpu_do_interrupt() and do_interrupt_all() changes]
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: NAndreas Färber <afaerber@suse.de>

Move next_cpu from CPU_COMMON to CPUState.
Move first_cpu variable to qom/cpu.h.

gdbstub needs to use CPUState::env_ptr for now.
cpu_copy() no longer needs to save and restore cpu_next.
Acked-by: NPaolo Bonzini <pbonzini@redhat.com>
[AF: Rebased, simplified cpu_copy()]
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Make cpustats monitor command available unconditionally.

Prepares for changing kvm_handle_internal_error() and kvm_cpu_exec()
arguments to CPUState.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

It no longer depends on CPUArchState, so move it to qom/cpu.c.

Prepares for changing GDBState::c_cpu to CPUState.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Everything else needs to match the executable name, which is
TARGET_NAME.

Before:
    $ sh4eb-linux-user/qemu-sh4eb --help
    usage: qemu-sh4 [options] program [arguments...]
    Linux CPU emulator (compiled for sh4 emulation)

After:
    $ sh4eb-linux-user/qemu-sh4eb --help
    usage: qemu-sh4eb [options] program [arguments...]
    Linux CPU emulator (compiled for sh4eb emulation)
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Message-id: 1370349928-20419-5-git-send-email-pbonzini@redhat.com
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

This replaces the feature-bit fields on both X86CPU and x86_def_t
structs with an array.

With this, we will be able to simplify code that simply does the same
operation on all feature words (e.g. kvm_check_features_against_host(),
filter_features_for_kvm(), add_flagname_to_bitmaps(), CPU feature-bit
property lookup/registration, and the proposed "feature-words" property)

The following field replacements were made on X86CPU and x86_def_t:

  (cpuid_)features         -> features[FEAT_1_EDX]
  (cpuid_)ext_features     -> features[FEAT_1_ECX]
  (cpuid_)ext2_features    -> features[FEAT_8000_0001_EDX]
  (cpuid_)ext3_features    -> features[FEAT_8000_0001_ECX]
  (cpuid_)ext4_features    -> features[FEAT_C000_0001_EDX]
  (cpuid_)kvm_features     -> features[FEAT_KVM]
  (cpuid_)svm_features     -> features[FEAT_SVM]
  (cpuid_)7_0_ebx_features -> features[FEAT_7_0_EBX]
Signed-off-by: NEduardo Habkost <ehabkost@redhat.com>
Reviewed-by: NIgor Mammedov <imammedo@redhat.com>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

The linux-user usage message attempts to line up the columns in
its table by calculating the maximum width of any item in them.
However for the 'Argument' column it was only accounting for the
length of the option switch (eg "-d"), not the additional example
text (eg "item[,...]"). This currently has no adverse effects
because the widest item in the column happens to be the argumentless
"-singlestep" option, but improving the "-d" option help to read
"-d item[,...]" exceeds that limit.

Fix this by correctly calculating maxarglen as the width of the
first column text including a possible option argument, and
adjusting its uses to match.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Signed-off-by: NRiku Voipio <riku.voipio@linaro.org>

Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>

GCC and GAS are capable of generating traps or breaks to check for
division by zero.  Additionally, GAS is capable of generating traps
or breaks to check for overflow on certain division and multiplication
operations.  The Linux kernel translates these traps and breaks into
signals.  This patch implements the corresponding feature in QEMU.
Signed-off-by: NMeador Inge <meadori@codesourcery.com>
Signed-off-by: NAurelien Jarno <aurelien@aurel32.net>

Switch the default for qemu_log logging output from "/tmp/qemu.log"
to stderr. This is an incompatible change in some sense, but logging
is mostly used for debugging purposes so it shouldn't affect production
use. The previous behaviour can be obtained by adding "-D /tmp/qemu.log"
to the command line.

This change requires us to:
 * update all the documentation/help text (we take the opportunity
   to smooth out minor inconsistencies between the phrasing in
   linux-user/bsd-user/system help messages)
 * make linux-user and bsd-user defer to qemu-log for the default
   logging destination rather than overriding it themselves
 * ensure that all logfile closing is done via qemu_log_close()
   and that that function doesn't close stderr
as well as the obvious change to the behaviour of do_qemu_set_log()
when no logfile name has been specified.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NStefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: NMarkus Armbruster <armbru@redhat.com>
Message-id: 1361901160-28729-1-git-send-email-peter.maydell@linaro.org
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>