Don't return addresses that aren't properly aligned for the guest,
e.g. when the guest has a larger page size than the host. Don't
return addresses that are outside the virtual address space for the
target, by paying proper attention to the h2g/g2h macros.
At the same time, place the default mapping base for 64-bit guests
(on 64-bit hosts) outside the low 4G. Consistently interpret
mmap_next_start in the guest address space.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Move userland PALcode handling into linux-user main loop so that
we can send signals from there. This also makes alpha_palcode.c
system-level only, so don't build it for userland. Add defines
for GENTRAP PALcall mapping to signals.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The existing set of IPRs is totally irrelevant to user-mode emulation.
Indeed, they most are irrelevant to implementing kernel-mode emulation,
and would only be relevant to PAL-mode emulation, which I suspect that
no one will ever attempt.
Reducing the set of processor registers reduces the size of the CPU state.
Signed-off-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
This is a reimplementation of prior versions which adds
the ability to define cpu models for contemporary processors.
The added models are likewise selected via -cpu <name>,
and are intended to displace the existing convention
of "-cpu qemu64" augmented with a series of feature flags.
A primary motivation was determination of a least common
denominator within a given processor class to simplify guest
migration. It is still possible to modify an arbitrary model
via additional feature flags however the goal here was to
make doing so unnecessary in typical usage. The other
consideration was providing models names reflective of
current processors. Both AMD and Intel have reviewed the
models in terms of balancing generality of migration vs.
excessive feature downgrade relative to released silicon.
This version of the patch replaces the prior hard wired
definitions with a configuration file approach for new
models. Existing models are thus far left as-is but may
easily be transitioned to (or may be overridden by) the
configuration file representation.
Proposed new model definitions are provided here for current
AMD and Intel processors. Each model consists of a name
used to select it on the command line (-cpu <name>), and a
model_id which corresponds to a least common denominator
commercial instance of the processor class.
A table of names/model_ids may be queried via "-cpu ?model":
:
x86 Opteron_G3 AMD Opteron 23xx (Gen 3 Class Opteron)
x86 Opteron_G2 AMD Opteron 22xx (Gen 2 Class Opteron)
x86 Opteron_G1 AMD Opteron 240 (Gen 1 Class Opteron)
x86 Nehalem Intel Core i7 9xx (Nehalem Class Core i7)
x86 Penryn Intel Core 2 Duo P9xxx (Penryn Class Core 2)
x86 Conroe Intel Celeron_4x0 (Conroe/Merom Class Core 2)
:
Also added is "-cpu ?dump" which exhaustively outputs all config
data for all defined models, and "-cpu ?cpuid" which enumerates
all qemu recognized CPUID feature flags.
The pseudo cpuid flag 'check' when added to the feature flag list
will warn when feature flags (either implicit in a cpu model or
explicit on the command line) would have otherwise been quietly
unavailable to a guest:
# qemu-system-x86_64 ... -cpu Nehalem,check
warning: host cpuid 0000_0001 lacks requested flag 'sse4.2|sse4_2' [0x00100000]
warning: host cpuid 0000_0001 lacks requested flag 'popcnt' [0x00800000]
A similar 'enforce' pseudo flag exists which in addition
to the above causes qemu to error exit if requested flags are
unavailable.
Configuration data for a cpu model resides in the target config
file which by default will be installed as:
/usr/local/etc/qemu/target-<arch>.conf
The format of this file should be self explanatory given the
definitions for the above six models and essentially mimics
the structure of the static x86_def_t x86_defs.
Encoding of cpuid flags names now allows aliases for both the
configuration file and the command line which reconciles some
Intel/AMD/Linux/Qemu naming differences.
This patch was tested relative to qemu.git.
Signed-off-by: john cooper <john.cooper@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
For what I know DCR is always 32 bits wide, so we should also use uint32_t to
pass it along the stacks.
This fixes a warning when compiling qemu-system-ppc64 with KVM enabled, making
it compile without --disable-werror
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Fix the alternate time base the same way as the default timebase. SPR_ATBL
should return a 64-bit value on 64 bit implementations.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
On PPC we have a 64-bit time base. Usually (PPC32) this is accessed using
two separate 32 bit SPR accesses to SPR_TBU and SPR_TBL.
On PPC64 the SPR_TBL register acts as 64 bit though, so we get the full
64 bits as return value. If we only take the lower ones, fine. But Linux
wants to see all 64 bits or it breaks.
This patch makes PPC64 Linux work even after TB crossed the 32-bit boundary,
which usually happened a few seconds after bootup.
Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
mmap_lock() can be called while tb_lock() is being held. To
avoid deadlock when one thread is holding mmap_lock and another
tb_lock, _always_ lock first tb_lock().
Signed-off-by: Riku Voipio <riku.voipio@nokia.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
The variable CP0_LLAddr represent the full lladdr, not the actual
register value, which is only part of this value and depends on the
CPU.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
In the very least, a change like this requires discussion on the list.
The naming convention is goofy and it causes a massive merge problem. Something
like this _must_ be presented on the list first so people can provide input
and cope with it.
This reverts commit 99a0949b72.
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
While i386, x86_64 and Sparc64/OpenBSD still worked after
df70204db5, Sparc32 and Sparc64 Linux hosts
broke.
Partially revert the commit: make the restored code conditional to
!CONFIG_USER_PIE.
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
There is a link hack in linux-user which produces an executable that
looks like PIE, but always has text relocations since all object files
isn't position-independent (compiled without -fpic/-fpie). Dynamic loader
has to do more work to load a binary with text relocations.
The best way to keep this functionality is to build a true PIE without
text relocations.
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
tl and tsptr of members sparc64 cpu state must be changed
simultaneously to keep trap state window in sync with current
trap level. Currently translation of store to tl does not change
tsptr, which leads to corrupt trap state on corresponding
trap level.
This patch removes tsptr from sparc64 cpu state and replaces
all uses with call to helper routine.
Changes v0->v1:
- reimplemented helper routine with tcg generator
- on cpu reset trap type and pstate are populated with power-on reset
values, including tl=maxtl
Signed-off-by: igor.v.kovalenko@gmail.com
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
We handle conditional stores as an exception so we can ensure that no
other thread is changing memory out from underneath us.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: malc <av1474@comtv.ru>
Re-implement GUEST_BASE support.
Offset guest ddress space by default if the guest binary contains
regions below the host mmap_min_addr.
Implement support for i386, x86-64 and arm hosts.
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Paul Brook <paul@codesourcery.com>
There's a error When doing something like that :
find / -type f -print0 | xargs -0 echo
[ done in a arm chroot with qemu-arm and linux binfmt stuff or with
find / -type f -print0 | qemu-arm -L <path> <path>/usr/bin/xargs -0
echo ]
Doing this outsite qemu is fine. The problem was the huge number of
parameters. Increasing MAX_ARG_PAGES is fixing that.
While I was at it, I've modified linux-user/main.c to report error code
of loader_exec. It helps to debug/know what's wrong.
Signed-off-by: Arnaud Patard <arnaud.patard@rtp-net.org>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
When target process is killed with signal (such signal that
should dump core) a coredump file is created. This file is
similar than coredump generated by Linux (there are few exceptions
though).
Riku Voipio: added support for rlimit
Signed-off-by: Mika Westerberg <mika.westerberg@iki.fi>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Implement setup_{,rt_}frame and do_{,rt_}sigreturn for PPC 32-bit. Use
the same TARGET_QEMU_ESIGRETURN hack as for MIPS to avoid clobbering
register state on a sigreturn.
Signed-off-by: Nathan Froyd <froydnj@codesourcery.com>
Signed-off-by: malc <av1474@comtv.ru>
Also fixes a register corruption bug in do_sigreturn. When "returning"
from sigreturn we are actually restoring the virtual cpu state from the
signal frame. This is actually surprisingly hard to observe in practice.
Typically an thread be blocked in a FUTEX_WAIT call when the signal arrives,
so the effect is a spurious syscall success and the introduction of a
subtle race condition.
On x86/arm a syscall modifies a single word sized register, so
do_sigreturn can just return that value. On MIPS a syscall clobbers
multiple registers, so we need additional smarts. My solution is to
invent a magic errno value that means "don't touch CPU state".
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7194 c046a42c-6fe2-441c-8c8c-71466251a162
Added switch -0 (zero) which can be used to pass argv[0] to
target process. The main use is for a binfmt_misc wrapper when
the "P - preserve-argv[0]" setting is used.
From: Mika Westerberg
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7115 c046a42c-6fe2-441c-8c8c-71466251a162
Allows distributors to identify their builds without needing to hack the
sources.
Signed-off-by: Paul Brook <paul@codesourcery.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7036 c046a42c-6fe2-441c-8c8c-71466251a162
This replaces a compile time option for some targets and adds
this feature to targets which did not have a compile time option.
Add monitor command to enable or disable single step mode.
Modify monitor command "info status" to display single step mode.
Signed-off-by: Stefan Weil <weil@mail.berlios.de>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@7004 c046a42c-6fe2-441c-8c8c-71466251a162
and process termination in legacy applications. Try to guess which we want
based on the presence of multiple threads.
Also implement locking when modifying the CPU list.
Signed-off-by: Paul Brook <paul@codesourcery.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6735 c046a42c-6fe2-441c-8c8c-71466251a162
Fixes qemu-arm|grep cpu - with _exit() getting output from qemu --help
is a bit random. Since no atexit() handlers are registered for user mode
emulation, just use exit() instead.
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6657 c046a42c-6fe2-441c-8c8c-71466251a162
Some applications like to test /proc/self/exe to find
out who they are. Fake the result of readlink() for
them. Use realpath() to return full path to binary
(which the links /proc/self/exe are)
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6485 c046a42c-6fe2-441c-8c8c-71466251a162
Adds support for qemu to modify target process environment
variables using -E and -U commandline switches. This replaces
eventually the -drop-ld-preload flag.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Riku Voipio <riku.voipio@iki.fi>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6484 c046a42c-6fe2-441c-8c8c-71466251a162
This is a large patch that changes all occurrences of logfile/loglevel
global variables to use the new qemu_log*() macros.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6338 c046a42c-6fe2-441c-8c8c-71466251a162
Close gdbserver in child processes, so that only one stub tries to talk
to GDB at a time. Updated from an earlier patch by Paul Brook.
Signed-off-by: Daniel Jacobowitz <dan@codesourcery.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@6095 c046a42c-6fe2-441c-8c8c-71466251a162
Built on top of previously enhanced breakpoint/watchpoint support, this
patch adds full debug register emulation for the x86 architecture.
Many corner cases were considered, and the result was successfully
tested inside a Linux guest with gdb, but I won't be surprised if one
or two scenarios still behave differently in reality.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5747 c046a42c-6fe2-441c-8c8c-71466251a162
Replace POWERPC_EXCP_DEBUG by EXCP_DEBUG as the former can not happen in
user mode emulation, while the later can happen and should be handled.
Noticed by Andrew Stubbs.
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5721 c046a42c-6fe2-441c-8c8c-71466251a162
env->*dt.base should fit target address space, so we should use
target_mmap to allocate them.
Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name>
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5666 c046a42c-6fe2-441c-8c8c-71466251a162
p in this case is uint32_t *
e1/e2 are unsigned ints initialized from arithmetics performed on
unsigned longs
The mistake was, probably, never noticed due to the absence of any
big endian linux-user host. The types e1/e2 and p begs the quesiton
why this function takes longs at all.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5036 c046a42c-6fe2-441c-8c8c-71466251a162
Always make the hypervisor timers available.
Remove all TARGET_PPC64H checks, keeping a few if (0) tests for cases
that cannot be properly handled with the current PowerPC CPU definition.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3656 c046a42c-6fe2-441c-8c8c-71466251a162
adding gprh registers to store GPR MSBs when GPRs are 32 bits.
Remove not-needed-anymore ppcemb-linux-user target.
Keep ppcemb-softmmu target, which provides 1kB pages support
and 36 bits physical address space.
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@3628 c046a42c-6fe2-441c-8c8c-71466251a162