Local variable CPUClass *cc needs to be reloaded after return from longjmp,
too.  (This fixes a mips-softmmu crash observed on FreeBSD when QEMU is
built with clang.)
Reported-by: NDimitry Andric <dim@FreeBSD.org>
Signed-off-by: NJuergen Lock <nox@jelal.kn-bremen.de>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Reviewed-by: NAurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Reviewed-by: NAurelien Jarno <aurelien@aurel32.net>
Signed-off-by: NRichard Henderson <rth@twiddle.net>

Prepares for changing cpu_single_step() argument to CPUState.

Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Where no extra implementation is needed, fall back to CPUClass::set_pc().

Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Since commit 878096ee (cpu: Turn
cpu_dump_{state,statistics}() into CPUState hooks) CPUArchState is no
longer needed.

Add documentation and make the functions available through qemu/log.h
outside NEED_CPU_H to allow use in qom/cpu.c. Moving them to qom/cpu.h
was not yet possible due to convoluted include paths, so that some
devices grow an implicit and unneeded dependency on qom/cpu.h for now.

Acked-by: Michael Walle <michael@walle.cc> (for lm32)
Reviewed-by: NRichard Henderson <rth@twiddle.net>
[AF: Simplified mb_cpu_do_interrupt() and do_interrupt_all() changes]
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Prepares for log_cpu_state_mask() changing argument to CPUState.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Move it to qom/cpu.h.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Signed-off-by: Nliguang <lig.fnst@cn.fujitsu.com>
Reviewed-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NRichard Henderson  <rth@twiddle.net>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

The IO thread, when it senses cpu_single_env == 0, expects exit_request
to be checked later on. A compiler scheduling constraint is not strong
enough to ensure this on modern architecture. A memory fence is needed
as well.
Signed-off-by: NOlivier Hainque <hainque@adacore.com>
Signed-off-by: NFabien Chouteau <chouteau@adacore.com>
Reviewed-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NStefan Weil <sw@weilnetz.de>

The CONFIG_DEBUG_EXEC define compiles out a single qemu_log_mask()
call, which is a pretty trivial cost even for something in the main
cpu_exec() loop.  Having this be conditionally defined means that
'-d exec' on a non-debug build will silently do nothing.  Drop the
define and the configure machinery that sets it, in favour of just
always allowing this log option to be enabled at runtime.  As a
concession to the mainloopiness, we use qemu_loglevel_mask()+qemu_log()
rather than qemu_log_mask() to avoid the function call overhead.

Note that DEBUG_DISAS is always defined, so removing the
'|| defined(CONFIG_DEBUG_EXEC)' from those conditionals makes
no behavioural change for that logging.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Acked-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: NStefan Hajnoczi <stefanha@redhat.com>

We can compute the value in cpu_dump_state anyway, and gratuitous
modifications to eflags creates heisenbugs.

Cc: Blue Swirl <blauwirbel@gmail.com>
Signed-off-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Signed-off-by: NAnthony Green <green@moxielogic.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

This removes a global per-target function and thus takes us one step
closer to compiling multiple targets into one executable.

It will also allow to override the interrupt handling for certain CPU
families.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Both fields are used in VMState, thus need to be moved together.
Explicitly zero them on reset since they were located before
breakpoints.

Pass PowerPCCPU to kvmppc_handle_halt().
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Fix some of the nasty TCG race conditions and crashes by implementing
cpu_exit() as setting a flag which is checked at the start of each TB.
This avoids crashes if a thread or signal handler calls cpu_exit()
while the execution thread is itself modifying the TB graph (which
may happen in system emulation mode as well as in linux-user mode
with a multithreaded guest binary).

This fixes the crashes seen in LP:668799; however there are another
class of crashes described in LP:1098729 which stem from the fact
that in linux-user with a multithreaded guest all threads will
use and modify the same global TCG date structures (including the
generated code buffer) without any kind of locking. This means that
multithreaded guest binaries are still in the "unsupported"
category.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

If tcg_qemu_tb_exec() returns a value whose low bits don't indicate a
link to an indexed next TB, this means that the TB execution never
started (eg because the instruction counter hit zero).  In this case the
guest PC has to be reset to the address of the start of the TB.
Refactor the cpu-exec code to make all tcg_qemu_tb_exec() calls pass
through a wrapper function which does this restoration if necessary.

Note that the apparent change in cpu_exec_nocache() from calling
cpu_pc_from_tb() with the old TB to calling it with the TB returned by
do_tcg_qemu_tb_exec() is safe, because in the nocache case we can
guarantee that the TB we try to execute is not linked to any others,
so the only possible returned TB is the one we started at. That is,
we should arguably previously have included in cpu_exec_nocache() an
assert(next_tb & ~TB_EXIT_MASK) == tb), since the API requires restore
from next_tb but we were using tb.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Document tcg_qemu_tb_exec(). In particular, its return value is a
combination of a pointer to the next translation block and some
extra information in the low two bits. Provide some #defines for
the values passed in these bits to improve code clarity.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

The setjmp() function doesn't specify whether signal masks are saved and
restored; on Linux they are not, but on BSD (including MacOSX) they are.
We want to have consistent behaviour across platforms, so we should
always use "don't save/restore signal mask" (this is also generally
going to be faster). This also works around a bug in MacOSX where the
signal-restoration on longjmp() affects the signal mask for a completely
different thread, not just the mask for the thread which did the longjmp.
The most visible effect of this was that ctrl-C was ignored on MacOSX
because the CPU thread did a longjmp which resulted in its signal mask
being applied to every thread, so that all threads had SIGINT and SIGTERM
blocked.

The POSIX-sanctioned portable way to do a jump without affecting signal
masks is to siglongjmp() to a sigjmp_buf which was created by calling
sigsetjmp() with a zero savemask parameter, so change all uses of
setjmp()/longjmp() accordingly. [Technically POSIX allows sigsetjmp(buf, 0)
to save the signal mask; however the following siglongjmp() must not
restore the signal mask, so the pair can be effectively considered as
"sigjmp/longjmp which don't touch the mask".]

For Windows we provide a trivial sigsetjmp/siglongjmp in terms of
setjmp/longjmp -- this is OK because no user will ever pass a non-zero
savemask.

The setjmp() uses in tests/tcg/test-i386.c and tests/tcg/linux-test.c
are left untouched because these are self-contained singlethreaded
test programs intended to be run under QEMU's Linux emulation, so they
have neither the portability nor the multithreading issues to deal with.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Tested-by: NStefan Weil <sw@weilnetz.de>
Reviewed-by: NLaszlo Ersek <lersek@redhat.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Explictly NULL it on CPU reset since it was located before breakpoints.

Change vapic_report_tpr_access() argument to CPUState. This also
resolves the use of void* for cpu.h independence.
Change vAPIC patch_instruction() argument to X86CPU.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Since it was located before breakpoints field, it needs to be reset.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

It's worth to clean-up translation blocks variables and move them
into one context as was suggested by Swirl.
Also if we use this context directly inside tcg_ctx, then it
speeds up code generation a bit.
Signed-off-by: NEvgeny Voevodin <evgenyvoevodin@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

For target-mips also change the return type to bool.

Make include paths for cpu-qom.h consistent for alpha and unicore32.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
[AF: Updated new target-openrisc function accordingly]
Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)

Move the DUMP_FPU and DUMP_CCOP flags for cpu_dump_state() from being
x86-specific flags to being generic ones. This allows us to drop some
TARGET_I386 ifdefs in various places, and means that we can (potentially)
be more consistent across architectures about which monitor commands or
debug abort printouts include FPU register contents and info about
QEMU's condition-code optimisations.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

This reverts commit f278d494.
Signed-off-by: Nmalc <av1474@comtv.ru>

This patch provides a way to optionally suppress spurious interrupts,
as a workaround for systems described below:

Some old operating systems do not handle spurious interrupts well,
and qemu tends to generate them significantly more often than
real hardware.

Examples:
  - Microport UNIX System V/386 v 2.1 (ca 1987)
    (The main problem I'm fixing: Without this patch, it panics
    sporadically when accessing the hard disk.)
  - AT&T UNIX System V/386 Release 4.0 Version 2.1a (ca 1991)
    See screenshot in "QEMU Official OS Support List":
    http://www.claunia.com/qemu/objectManager.php?sClass=application&iId=9
    (I don't have this system to test.)
  - A report about OS/2 boot lockup from 2004 by Hampa Hug:
    http://lists.nongnu.org/archive/html/qemu-devel/2004-09/msg00367.html
    (My patch was partially inspired by his.)
    Also: http://lists.nongnu.org/archive/html/qemu-devel/2005-06/msg00243.html
    (I don't have this system to test.)
Signed-off-by: NMatthew Ogilvie <mmogilvi_qemu@miniinfo.net>
Signed-off-by: Nmalc <av1474@comtv.ru>

This patch initializes the cpuid to exactly correct value because
linux kernel will check it.
In addition, the exception types are specified in proper situations.
Then it could make exceptions generated correctly and timely.
Signed-off-by: NGuan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Add OpenRISC interrupt support.
Signed-off-by: NJia Liu <proljc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Add OpenRISC target stubs, QOM cpu and basic machine.
Signed-off-by: NJia Liu <proljc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

KVM performs TPR raising asynchronously to QEMU, specifically outside
QEMU's global lock. When an interrupt is injected into the APIC and TPR
is checked to decide if this can be delivered, a stale TPR value may be
used, causing spurious interrupts in the end.

Fix this by deferring apic_update_irq to the context of the target VCPU.
We introduce a new interrupt flag for this, CPU_INTERRUPT_POLL. When it
is set, the VCPU calls apic_poll_irq before checking for further pending
interrupts. To avoid special-casing KVM, we also implement this logic
for TCG mode.
Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: NAvi Kivity <avi@redhat.com>

Add an explicit CPUX86State parameter instead of relying on AREG0.

Merge raise_exception_env() to raise_exception(), likewise with
raise_exception_err_env() and raise_exception_err().

Introduce cpu_svm_check_intercept_param() and cpu_vmexit()
as wrappers.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

There are no users left for previous exception handler returned from
cpu_set_debug_excp_handler. It should simplify code a little.
Signed-off-by: NIgor Mammedov <imammedo@redhat.com>

- The M-flag is encoded in different bits on cris v10 and cris v32.
Signed-off-by: NLars Persson <larper@axis.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

CPUState will be needed for all targets in the future, so place it into
the main variable declaration block.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Acked-by: NAlexander Graf <agraf@suse.de>

Allows to use cpu_reset() in place of cpu_state_reset().
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NIgor Mammedov <imammedo@redhat.com>

This change is needed for w64, but also changes the code for other hosts.
Signed-off-by: NStefan Weil <sw@weilnetz.de>

The idea behind qtest is pretty simple.  Instead of executing a CPU via TCG or
KVM, rely on an external process to send events to the device model that the CPU
would normally generate.

qtest presents itself as an accelerator.  In addition, a new option is added to
establish a qtest server (-qtest) that takes a character device.  This is what
allows the external process to send CPU events to the device model.

qtest uses a simple line based protocol to send the events.  Documentation of
that protocol is in qtest.c.

I considered reusing the monitor for this job.  Adding interrupts would be a bit
difficult.  In addition, logging would also be difficult.

qtest has extensive logging support.  All protocol commands are logged with
time stamps using a new command line option (-qtest-log).  Logging is important
since ultimately, this is a feature for debugging.
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>