The setjmp() function doesn't specify whether signal masks are saved and
restored; on Linux they are not, but on BSD (including MacOSX) they are.
We want to have consistent behaviour across platforms, so we should
always use "don't save/restore signal mask" (this is also generally
going to be faster). This also works around a bug in MacOSX where the
signal-restoration on longjmp() affects the signal mask for a completely
different thread, not just the mask for the thread which did the longjmp.
The most visible effect of this was that ctrl-C was ignored on MacOSX
because the CPU thread did a longjmp which resulted in its signal mask
being applied to every thread, so that all threads had SIGINT and SIGTERM
blocked.

The POSIX-sanctioned portable way to do a jump without affecting signal
masks is to siglongjmp() to a sigjmp_buf which was created by calling
sigsetjmp() with a zero savemask parameter, so change all uses of
setjmp()/longjmp() accordingly. [Technically POSIX allows sigsetjmp(buf, 0)
to save the signal mask; however the following siglongjmp() must not
restore the signal mask, so the pair can be effectively considered as
"sigjmp/longjmp which don't touch the mask".]

For Windows we provide a trivial sigsetjmp/siglongjmp in terms of
setjmp/longjmp -- this is OK because no user will ever pass a non-zero
savemask.

The setjmp() uses in tests/tcg/test-i386.c and tests/tcg/linux-test.c
are left untouched because these are self-contained singlethreaded
test programs intended to be run under QEMU's Linux emulation, so they
have neither the portability nor the multithreading issues to deal with.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>
Reviewed-by: NRichard Henderson <rth@twiddle.net>
Tested-by: NStefan Weil <sw@weilnetz.de>
Reviewed-by: NLaszlo Ersek <lersek@redhat.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Explictly NULL it on CPU reset since it was located before breakpoints.

Change vapic_report_tpr_access() argument to CPUState. This also
resolves the use of void* for cpu.h independence.
Change vAPIC patch_instruction() argument to X86CPU.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Since it was located before breakpoints field, it needs to be reset.
Signed-off-by: NAndreas Färber <afaerber@suse.de>

It's worth to clean-up translation blocks variables and move them
into one context as was suggested by Swirl.
Also if we use this context directly inside tcg_ctx, then it
speeds up code generation a bit.
Signed-off-by: NEvgeny Voevodin <evgenyvoevodin@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>

For target-mips also change the return type to bool.

Make include paths for cpu-qom.h consistent for alpha and unicore32.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
[AF: Updated new target-openrisc function accordingly]
Acked-by: Richard Henderson <rth@twiddle.net> (for alpha)

Move the DUMP_FPU and DUMP_CCOP flags for cpu_dump_state() from being
x86-specific flags to being generic ones. This allows us to drop some
TARGET_I386 ifdefs in various places, and means that we can (potentially)
be more consistent across architectures about which monitor commands or
debug abort printouts include FPU register contents and info about
QEMU's condition-code optimisations.
Signed-off-by: NPeter Maydell <peter.maydell@linaro.org>

This reverts commit f278d494.
Signed-off-by: Nmalc <av1474@comtv.ru>

This patch provides a way to optionally suppress spurious interrupts,
as a workaround for systems described below:

Some old operating systems do not handle spurious interrupts well,
and qemu tends to generate them significantly more often than
real hardware.

Examples:
  - Microport UNIX System V/386 v 2.1 (ca 1987)
    (The main problem I'm fixing: Without this patch, it panics
    sporadically when accessing the hard disk.)
  - AT&T UNIX System V/386 Release 4.0 Version 2.1a (ca 1991)
    See screenshot in "QEMU Official OS Support List":
    http://www.claunia.com/qemu/objectManager.php?sClass=application&iId=9
    (I don't have this system to test.)
  - A report about OS/2 boot lockup from 2004 by Hampa Hug:
    http://lists.nongnu.org/archive/html/qemu-devel/2004-09/msg00367.html
    (My patch was partially inspired by his.)
    Also: http://lists.nongnu.org/archive/html/qemu-devel/2005-06/msg00243.html
    (I don't have this system to test.)
Signed-off-by: NMatthew Ogilvie <mmogilvi_qemu@miniinfo.net>
Signed-off-by: Nmalc <av1474@comtv.ru>

This patch initializes the cpuid to exactly correct value because
linux kernel will check it.
In addition, the exception types are specified in proper situations.
Then it could make exceptions generated correctly and timely.
Signed-off-by: NGuan Xuetao <gxt@mprc.pku.edu.cn>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Add OpenRISC interrupt support.
Signed-off-by: NJia Liu <proljc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Add OpenRISC target stubs, QOM cpu and basic machine.
Signed-off-by: NJia Liu <proljc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

KVM performs TPR raising asynchronously to QEMU, specifically outside
QEMU's global lock. When an interrupt is injected into the APIC and TPR
is checked to decide if this can be delivered, a stale TPR value may be
used, causing spurious interrupts in the end.

Fix this by deferring apic_update_irq to the context of the target VCPU.
We introduce a new interrupt flag for this, CPU_INTERRUPT_POLL. When it
is set, the VCPU calls apic_poll_irq before checking for further pending
interrupts. To avoid special-casing KVM, we also implement this logic
for TCG mode.
Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: NAvi Kivity <avi@redhat.com>

Add an explicit CPUX86State parameter instead of relying on AREG0.

Merge raise_exception_env() to raise_exception(), likewise with
raise_exception_err_env() and raise_exception_err().

Introduce cpu_svm_check_intercept_param() and cpu_vmexit()
as wrappers.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

There are no users left for previous exception handler returned from
cpu_set_debug_excp_handler. It should simplify code a little.
Signed-off-by: NIgor Mammedov <imammedo@redhat.com>

- The M-flag is encoded in different bits on cris v10 and cris v32.
Signed-off-by: NLars Persson <larper@axis.com>
Signed-off-by: NEdgar E. Iglesias <edgar.iglesias@gmail.com>

CPUState will be needed for all targets in the future, so place it into
the main variable declaration block.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Acked-by: NAlexander Graf <agraf@suse.de>

Allows to use cpu_reset() in place of cpu_state_reset().
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NIgor Mammedov <imammedo@redhat.com>

This change is needed for w64, but also changes the code for other hosts.
Signed-off-by: NStefan Weil <sw@weilnetz.de>

The idea behind qtest is pretty simple.  Instead of executing a CPU via TCG or
KVM, rely on an external process to send events to the device model that the CPU
would normally generate.

qtest presents itself as an accelerator.  In addition, a new option is added to
establish a qtest server (-qtest) that takes a character device.  This is what
allows the external process to send CPU events to the device model.

qtest uses a simple line based protocol to send the events.  Documentation of
that protocol is in qtest.c.

I considered reusing the monitor for this job.  Adding interrupts would be a bit
difficult.  In addition, logging would also be difficult.

qtest has extensive logging support.  All protocol commands are logged with
time stamps using a new command line option (-qtest-log).  Logging is important
since ultimately, this is a feature for debugging.
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>
Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Signed-off-by: NAnthony Liguori <aliguori@us.ibm.com>

next_tb is the numeric value of a tcg target (= QEMU host) address.

Using tcg_target_ulong instead of unsigned long shows this and makes
the code portable for hosts with an unusual size of long (w64).

The type cast '(long)(next_tb & ~3)' was not needed (casting
unsigned long to long does not change the bits, and nor does
casting long to pointer for most (= all non w64) hosts.
It is removed here.

Macro or function tcg_qemu_tb_exec is used to set next_tb.
The function also returns next_tb. Therefore tcg_qemu_tb_exec
must return a tcg_target_ulong.
Signed-off-by: NStefan Weil <sw@weilnetz.de>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Scripted conversion:
  for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do
    sed -i "s/CPUState/CPUArchState/g" $file
  done

All occurrences of CPUArchState are expected to be replaced by QOM CPUState,
once all targets are QOM'ified and common fields have been extracted.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NAnthony Liguori <aliguori@us.ibm.com>

Frees the identifier cpu_reset for QOM CPUs (manual rename).

Don't hide the parameter type behind explicit casts, use static
functions with strongly typed argument to indirect.
Signed-off-by: NAndreas Färber <afaerber@suse.de>
Reviewed-by: NAnthony Liguori <aliguori@us.ibm.com>

On ppc405ep there is a register that allows for software to reset the
core, but not the whole system. Implement this reset using a reset
interrupt.

This gets rid of a bunch of #if 0'ed code.
Reported-by: NAndreas Färber <afaerber@suse.de>
Signed-off-by: NAlexander Graf <agraf@suse.de>
Signed-off-by: NAndreas Färber <afaerber@suse.de>

Each target uses the #define macro (in target-xxx/cpu.h) to rename
cpu_exec (cpu-exec.c) to cpu_xxx_exec, then defines its own cpu_loop
which calls cpu_xxx_exec. So basically, cpu-exec.c is not only the i386
emulator main execution loop. This patch corrects the comment of this
file and does indentation cleanup.
Signed-off-by: NChen Wei-Ren (陳韋任) <chenwj@iis.sinica.edu.tw>
Signed-off-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com>

In the current emulation of the load-and-reserve (lwarx) and
store-conditional (stwcx.) instructions, the internal reservation
mechanism is taken into account, however each CPU has its own
reservation information and this information is not synchronized between
CPUs to perform proper synchronization.
The following test case with 2 CPUs shows that the semantics of the
"lwarx" and "stwcx." instructions are not preserved by the emulation.
The test case does the following :
	- CPU0: reserve a memory location
	- CPU1: reserve the same memory location
	- CPU0: perform stwcx. on the location
The last store-conditional operation succeeds while it is supposed to
fail since the reservation was supposed to be lost at the second reserve
operation.

This (one line) patch fixes this problem in a very simple manner by
removing the reservation of a CPU every time it is scheduled (in
cpu_exec()). While this is a harsh workaround, it does not affect the
guest code much because reservations are usually held for a very short
time, that is an lwarx is almost always followed by an stwcx. a few
instructions below. Therefore, in most cases, the reservation will be
taken and consumed before a CPU switch occurs. However in the rare case
where a CPU switch does occur between the lwarx and its corresponding
stwcx.  this patch solves a potential erroneous behavior of the
synchronization instructions.
Signed-off-by: NElie Richa <richa@adacore.com>
Signed-off-by: NAlexander Graf <agraf@suse.de>

- mark privileged opcodes with ring check;
- make debug exception on exception handler entry.
Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Signed-off-by: NMax Filippov <jcmvbkbc@gmail.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Avoid this warning from clang analyzer:
/src/qemu/cpu-exec.c:97:5: warning: Value stored to 'phys_page2' is never read
    phys_page2 = -1;

Adjust the scope of the variable while at it.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Recent compilers look deep into cpu_exec, find longjmp as a noreturn
function and decide to smash some stack variables as they won't be used
again. This may lead to env becoming invalid after return from setjmp,
causing crashes. Fix it by reloading env from cpu_single_env in that
case.
Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Make functions take a parameter for CPUState instead of relying
on global env. Pass CPUState pointer to TCG prologue, which moves
it to AREG0.

Thanks to Peter Maydell and Laurent Desnogues for the ARM prologue
change.

Revert the hacks to avoid AREG0 use on Sparc hosts.

Move cpu_has_work() and cpu_pc_from_tb() from exec.h to cpu.h.

Compile the file without HELPER_CFLAGS.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Before the next patch, fix coding style of the areas affected.

Change the type of the return value from cpu_has_work() and
qemu_cpu_has_work() to bool.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Now that all targets use common function signature for do_interrupt(), there is no
need for the #ifdeffery anymore.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Pass CPUState to do_interrupt(). This is needed by later patches.

It would be cleaner to move the function to helper.c, but there are
a few dependencies between do_interrupt() and other functions.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Several x86 specific functions are called from cpu-exec.c with the
assumption that global env register is valid. This will be changed
later, so make the functions use caller supplied CPUState parameter.

It would be cleaner to move the functions to helper.c, but there are
quite a lot of dependencies between do_interrupt() and other functions.

Add helpers for svm_check_intercept() and cpu_cc_compute_all() instead
of calling the helper (which uses global env, AREG0) directly.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

Make cpu_loop_exit() take a parameter for CPUState instead of relying
on global env.
Signed-off-by: NBlue Swirl <blauwirbel@gmail.com>

This was obsoleted by 6792a57b.
Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>

Interrupts are disabled in PALmode, and when the PS IL is high enough.
Signed-off-by: NRichard Henderson <rth@twiddle.net>