From patchwork Wed Aug 18 01:00:38 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 498872 Delivered-To: patch@linaro.org Received: by 2002:a02:6f15:0:0:0:0:0 with SMTP id x21csp156626jab; Tue, 17 Aug 2021 18:05:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxunpuwjyXwZQW/qMx3MnocfSgHBe832XtGnPuOsuLMYqgS2g3YK8MuIEk83DIbE9H6fCNB X-Received: by 2002:a9f:2144:: with SMTP id 62mr206837uab.26.1629248755485; Tue, 17 Aug 2021 18:05:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629248755; cv=none; d=google.com; s=arc-20160816; b=oUmHRYX2PsmdUETiC0aM5MmD+4S91UBWBZ90vbb8mNA9+Ule996gYpbb7On2IBqiWA ZlnjqlVZdd29vh9PTKEND6u7tfo+hv3hBZ9WCSBLmbEMMmBootMkrBeIP5L2P1YneSs/ FJYN1Lodn2uiJZEKI/kb8kfACk76/0r55kK4eAW+IdCRvbMRw5dJiLiUzsM6kXRcWP/z 8rhY7GSRopeCk5clRa8RQKVUImAqNBYRnDT3m2xsBA0k8l1iu45gz9T4pSx+vMd7dEpT J7AS4ryOVsS8VWfNLktucN+PlUnSopnBdhCUTegydZmwlJUKegXPqPtA7gJSEFsfNZV6 z58g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=4MnDP8HjuwI7Ozvw8OKIQCnWMBJ/JVU5d/240T32zMU=; b=Z7GpuC4Dw1JwdjVBUJ+Yg7z4uCABsVIKD7FPra94a7/heD02OvQb1gDLyvWb5wiQ+6 YSd/JzMghWVq2aOGs5rJQFLAVrKpkjFGJNhrH3pBkqI7hfd7gTf9/+PsDeePOIN8+XL7 jMUP1LNbtXLGg+3pkk3OE05zJuGdqXTgpkFWB7qYiFOgtUGK9DQNTfhjdO7We03BfONQ XqvkiiAkOndtQpt6FnBFn+hXb50wp+/5WKH5qVgb7L0BlcnXrRdiBw7HuohGYMdz4jQO ADPtZcIUdtZgrpi9ij0+DepSgnsF3EM88cUnZyu1It0XgGlDtuAEIrJpxi/IrvUK7/Xy t0pg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=M3jTGXmu; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d14si2171137vsj.270.2021.08.17.18.05.55 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 17 Aug 2021 18:05:55 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=M3jTGXmu; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:55424 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mGA1i-0002fx-PF for patch@linaro.org; Tue, 17 Aug 2021 21:05:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51096) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mG9wu-00049L-Ux for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:57 -0400 Received: from mail-pj1-x102e.google.com ([2607:f8b0:4864:20::102e]:34480) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mG9wl-0001Kx-C4 for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:56 -0400 Received: by mail-pj1-x102e.google.com with SMTP id gz13-20020a17090b0ecdb0290178c0e0ce8bso4213833pjb.1 for ; Tue, 17 Aug 2021 18:00:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=4MnDP8HjuwI7Ozvw8OKIQCnWMBJ/JVU5d/240T32zMU=; b=M3jTGXmuGe0XK8Kd+q7dwEV0cB/bME4FDl5JCMSHKQpZShWnP4PkYSSnEyIaTRUD0R MnT1ytiINHFeSaWhG0VU3JHJIf0kdGocUT8oH9iKgZP1B7zHPKjALJpYtHdgQkJ1gDGi NBFclj9LLQsIJtqDBm/QoWbCQx5lU8EGY340xwshD/sAIagIqXa1WlkcDSoYe3QNF9Ba e97NKBcam2dHjZ2vNyNu+XUKK0RTAkXBiV9I4JCOGlw9DXyHwoxQMg97h5BUHjfIv+xe BC2cSM6NVgTf+nrSV0t3gY3tAX205V9Gao8iAlwyJmQHjnKZgfjjcGnDdlzskaz/X74h aOqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=4MnDP8HjuwI7Ozvw8OKIQCnWMBJ/JVU5d/240T32zMU=; b=DOfD0XAdHeP4AtyUbWSnZjU1D1VqBtL6Ymx+QwnYcdx7VJhxSAT9TTRj3m8V2Yr1vE NW5XMuhVm96rWSywkQeSBb4GmbPE9X03t0reaDg9S7OSCwcbyGjOIaIdLktvFrAAo0kp 7J4F/wXnlOM1CZf+YQBLp2GigFyo2lzz07RQTHAe/G6ZSo9lfC3c5aX7XHCOUPy3Q3jU hJozRApp8qkRMdxay7sfgD7m82Cbqy14jbPDk9KcFay2k+hL0Eh4D529Qtt1ZGw7EzSM vd6WdX4JOocORE5i7PB1SUydSJjUAmTQcfTrE/pE9VwyHieMYWcnRYGm6JzfuMqmZL7X I1oQ== X-Gm-Message-State: AOAM533ePzb5+S5Znyw2VNiRr9s9FZgR6Yt17ytmXwu0kny5JGxejLeW nQGhOKaKUMCA/Qm1VXvk3276gdSDLvwF4w== X-Received: by 2002:a17:90b:3718:: with SMTP id mg24mr6598021pjb.158.1629248445981; Tue, 17 Aug 2021 18:00:45 -0700 (PDT) Received: from localhost.localdomain ([173.197.107.15]) by smtp.gmail.com with ESMTPSA id r13sm4567422pgl.90.2021.08.17.18.00.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Aug 2021 18:00:45 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH 1/4] target/arm: Take an exception if PSTATE.IL is set Date: Tue, 17 Aug 2021 15:00:38 -1000 Message-Id: <20210818010041.337010-2-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210818010041.337010-1-richard.henderson@linaro.org> References: <20210818010041.337010-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102e; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102e.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Peter Maydell , qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" From: Peter Maydell In v8A, the PSTATE.IL bit is set for various kinds of illegal exception return or mode-change attempts. We already set PSTATE.IL (or its AArch32 equivalent CPSR.IL) in all those cases, but we weren't implementing the part of the behaviour where attempting to execute an instruction with PSTATE.IL takes an immediate exception with an appropriate syndrome value. Add a new TB flags bit tracking PSTATE.IL/CPSR.IL, and generate code to take an exception instead of whatever the instruction would have been. PSTATE.IL and CPSR.IL change only on exception entry, attempted exception exit, and various AArch32 mode changes via cpsr_write(). These places generally already rebuild the hflags, so the only place we need an extra rebuild_hflags call is in the illegal-return codepath of the AArch64 exception_return helper. Signed-off-by: Peter Maydell Message-Id: <20210817162118.24319-1-peter.maydell@linaro.org> Reviewed-by: Richard Henderson [rth: Added missing returns.] Signed-off-by: Richard Henderson --- target/arm/cpu.h | 1 + target/arm/syndrome.h | 5 +++++ target/arm/translate.h | 2 ++ target/arm/helper-a64.c | 1 + target/arm/helper.c | 8 ++++++++ target/arm/translate-a64.c | 11 +++++++++++ target/arm/translate.c | 21 +++++++++++++++++++++ 7 files changed, 49 insertions(+) -- 2.25.1 diff --git a/target/arm/cpu.h b/target/arm/cpu.h index 9f0a5f84d5..be557bf5d8 100644 --- a/target/arm/cpu.h +++ b/target/arm/cpu.h @@ -3441,6 +3441,7 @@ FIELD(TBFLAG_ANY, FPEXC_EL, 8, 2) FIELD(TBFLAG_ANY, DEBUG_TARGET_EL, 10, 2) /* Memory operations require alignment: SCTLR_ELx.A or CCR.UNALIGN_TRP */ FIELD(TBFLAG_ANY, ALIGN_MEM, 12, 1) +FIELD(TBFLAG_ANY, PSTATE__IL, 13, 1) /* * Bit usage when in AArch32 state, both A- and M-profile. diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h index 39a31260f2..c590a109da 100644 --- a/target/arm/syndrome.h +++ b/target/arm/syndrome.h @@ -270,4 +270,9 @@ static inline uint32_t syn_wfx(int cv, int cond, int ti, bool is_16bit) (cv << 24) | (cond << 20) | ti; } +static inline uint32_t syn_illegalstate(void) +{ + return EC_ILLEGALSTATE << ARM_EL_EC_SHIFT; +} + #endif /* TARGET_ARM_SYNDROME_H */ diff --git a/target/arm/translate.h b/target/arm/translate.h index 241596c5bd..af1b6fa03c 100644 --- a/target/arm/translate.h +++ b/target/arm/translate.h @@ -98,6 +98,8 @@ typedef struct DisasContext { bool hstr_active; /* True if memory operations require alignment */ bool align_mem; + /* True if PSTATE.IL is set */ + bool pstate_il; /* * >= 0, a copy of PSTATE.BTYPE, which will be 0 without v8.5-BTI. * < 0, set by the current instruction. diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c index 26f79f9141..19445b3c94 100644 --- a/target/arm/helper-a64.c +++ b/target/arm/helper-a64.c @@ -1071,6 +1071,7 @@ illegal_return: if (!arm_singlestep_active(env)) { env->pstate &= ~PSTATE_SS; } + helper_rebuild_hflags_a64(env, cur_el); qemu_log_mask(LOG_GUEST_ERROR, "Illegal exception return at EL%d: " "resuming execution at 0x%" PRIx64 "\n", cur_el, env->pc); } diff --git a/target/arm/helper.c b/target/arm/helper.c index 155d8bf239..201ecf8c67 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -13408,6 +13408,10 @@ static CPUARMTBFlags rebuild_hflags_a32(CPUARMState *env, int fp_el, DP_TBFLAG_A32(flags, HSTR_ACTIVE, 1); } + if (env->uncached_cpsr & CPSR_IL) { + DP_TBFLAG_ANY(flags, PSTATE__IL, 1); + } + return rebuild_hflags_common_32(env, fp_el, mmu_idx, flags); } @@ -13502,6 +13506,10 @@ static CPUARMTBFlags rebuild_hflags_a64(CPUARMState *env, int el, int fp_el, } } + if (env->pstate & PSTATE_IL) { + DP_TBFLAG_ANY(flags, PSTATE__IL, 1); + } + if (cpu_isar_feature(aa64_mte, env_archcpu(env))) { /* * Set MTE_ACTIVE if any access may be Checked, and leave clear diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 422e2ac0c9..230cc8d83b 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -14662,6 +14662,16 @@ static void disas_a64_insn(CPUARMState *env, DisasContext *s) s->fp_access_checked = false; s->sve_access_checked = false; + if (s->pstate_il) { + /* + * Illegal execution state. This has priority over BTI + * exceptions, but comes after instruction abort exceptions. + */ + gen_exception_insn(s, s->pc_curr, EXCP_UDEF, + syn_illegalstate(), default_exception_el(s)); + return; + } + if (dc_isar_feature(aa64_bti, s)) { if (s->base.num_insns == 1) { /* @@ -14780,6 +14790,7 @@ static void aarch64_tr_init_disas_context(DisasContextBase *dcbase, #endif dc->fp_excp_el = EX_TBFLAG_ANY(tb_flags, FPEXC_EL); dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM); + dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL); dc->sve_excp_el = EX_TBFLAG_A64(tb_flags, SVEEXC_EL); dc->sve_len = (EX_TBFLAG_A64(tb_flags, ZCR_LEN) + 1) * 16; dc->pauth_active = EX_TBFLAG_A64(tb_flags, PAUTH_ACTIVE); diff --git a/target/arm/translate.c b/target/arm/translate.c index 80c282669f..5e0fc8a0a0 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -9045,6 +9045,16 @@ static void disas_arm_insn(DisasContext *s, unsigned int insn) return; } + if (s->pstate_il) { + /* + * Illegal execution state. This has priority over BTI + * exceptions, but comes after instruction abort exceptions. + */ + gen_exception_insn(s, s->pc_curr, EXCP_UDEF, + syn_illegalstate(), default_exception_el(s)); + return; + } + if (cond == 0xf) { /* In ARMv3 and v4 the NV condition is UNPREDICTABLE; we * choose to UNDEF. In ARMv5 and above the space is used @@ -9313,6 +9323,7 @@ static void arm_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) #endif dc->fp_excp_el = EX_TBFLAG_ANY(tb_flags, FPEXC_EL); dc->align_mem = EX_TBFLAG_ANY(tb_flags, ALIGN_MEM); + dc->pstate_il = EX_TBFLAG_ANY(tb_flags, PSTATE__IL); if (arm_feature(env, ARM_FEATURE_M)) { dc->vfp_enabled = 1; @@ -9576,6 +9587,16 @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) } dc->insn = insn; + if (dc->pstate_il) { + /* + * Illegal execution state. This has priority over BTI + * exceptions, but comes after instruction abort exceptions. + */ + gen_exception_insn(dc, dc->pc_curr, EXCP_UDEF, + syn_illegalstate(), default_exception_el(dc)); + return; + } + if (dc->eci) { /* * For M-profile continuable instructions, ECI/ICI handling From patchwork Wed Aug 18 01:00:39 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 498870 Delivered-To: patch@linaro.org Received: by 2002:a02:6f15:0:0:0:0:0 with SMTP id x21csp154435jab; Tue, 17 Aug 2021 18:03:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzjQq2Io1PbqKtleuUj94ub7AqzkmJmcyZB0nOrfkK9oIPEv7nF1tHbhyBP4DrycefXdhUD X-Received: by 2002:a1f:4352:: with SMTP id q79mr5413353vka.19.1629248585943; Tue, 17 Aug 2021 18:03:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629248585; cv=none; d=google.com; s=arc-20160816; b=lD3IblJsUHfxs9qQwQXOGJxAG1nH+W0GHetYXU4LIdw/Dqmc1XV2hXXReyB3PJg5/L +Qm0fyHqWsEd47z9z2QhHOkJumhwC2+vP3eyb77lQfipUo1KfWkc4vc63i9dgeaS6pQ1 37Z3X2Po5XqKzFRqrFq9uKJTPLiibfmVhK+8CboIgrkH5jv3irzigDsCXk7pWbMwzYP+ m/IsFqXPV38tQTNhgdo82YTPZNoXjpRxQR1KbEcXZMR0wpGyIlflGZLguiEDT4pTXbsf Ife3lcNfHtE+Ec1OIQmflxoDpwb075z2V7VGGloKUT5BOT1aYL1MNQSU3UBHzX03sZu6 Vvfg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=v1/sO6IxnnDQFwq5Pe8Zr7e++GUhOT2cEoNs8NX9PiI=; b=H7Iu6KEMUdlX383hRuaX0Ms2YdwdRD5ezCrM+hjtPVzr3/uXm6YLMuT3yrUploiEia AVFny5riSMjgP9aRqtsCViACg+qPiI2b0mhv8aC5+2ewHHcERvVO8PSRC6q0GRUl9DTZ egV7AKC0f0/ROapxxWmdVH60WW9XnVDbq/6PCjerm1y/WHkV5sF+GR3TVM5dfqniLVDV eM0kNlekKYyg6hNfN94reyUcIGlO3QemzMBEy7cLU1EZ8TDVitL8r6O2KUsv2/QxaG5s 82gdGHocbGIGdaGGqm8O429atfmqQA+3/qP6RaPYO0MJVmUSOddB9GFApwXrp40QkXmD gvfg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="QUZ+YM/G"; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d17si1792571vsf.174.2021.08.17.18.03.05 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 17 Aug 2021 18:03:05 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="QUZ+YM/G"; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:45690 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mG9yy-0004Bn-UY for patch@linaro.org; Tue, 17 Aug 2021 21:03:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51042) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mG9wr-00048f-GV for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:55 -0400 Received: from mail-pg1-x530.google.com ([2607:f8b0:4864:20::530]:33552) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mG9wn-0001Mc-Aw for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:53 -0400 Received: by mail-pg1-x530.google.com with SMTP id c17so508869pgc.0 for ; Tue, 17 Aug 2021 18:00:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=v1/sO6IxnnDQFwq5Pe8Zr7e++GUhOT2cEoNs8NX9PiI=; b=QUZ+YM/G6aNe8PPWoITq8ox4vUTf27HFjzRc6EQJ2RNlaX+kvolaR7lyWT8c2ZLS0O 7XQrGYec7gvMUJUk/eb9GlEwuFZmm5sJ6r2KWvsWePj3hmblE81qdg5CFnWPljY9Svyn LrfEvDZt0psyxwf0nKNyPRLJw7bKpvqyYQyHrm9UFMXvUu/JF4Xb3WCqT2S33oS/Sa5V +Ej1VdX/fUWNQROhqCv0KF9u1svTAz7B8XqM4dqj+EJQEih/c1gHcMiZOCd7Prr3wpqg ImdmvWYHZec375CqpIsyp16tJ3vuTL+ZE1B+HazCrpzuFc/+cq5H1rldDQfJlcg78k6+ cIvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=v1/sO6IxnnDQFwq5Pe8Zr7e++GUhOT2cEoNs8NX9PiI=; b=Uu6YJiqYYK9lKwhBgpamA1DEA1mVhYIdkXnchZaKhCd9HAfpXFgyCCNOxQgdPD3/5n kprLOsujs0uRiy+QyWeH7VVmXCo+synP9T/sJrJpD748S/ebvmzT7Mix0Zs+rsMAc3St Qf/hj0w4VYH4asLLTe2Y6cZvWJDr/5/3HxC2CBdeVOjtbxy0NvBZQQJKKf60G3E/5y3i I+PNojrWmMXhLGh3hJauhtp8OE6jHvEvwzXJE1ypwKUU8LPcNxHXfEZQinPeCnq9kfQ1 8zA4T4Iyvu+mlxua5b51aAvZl4rC25egrPj3pfGEILZzD7CR/IixNd4LowsQbIU1E74V deJQ== X-Gm-Message-State: AOAM530YP8R++CKoqnNLmL119tMoJ//3jT9YjlW/GmGw8MG4/3K3QUCj JBL2upCDwh4XKya/BNFfUQDTlUm8sjxNxg== X-Received: by 2002:a05:6a00:c81:b029:30e:21bf:4c15 with SMTP id a1-20020a056a000c81b029030e21bf4c15mr6437864pfv.70.1629248447679; Tue, 17 Aug 2021 18:00:47 -0700 (PDT) Received: from localhost.localdomain ([173.197.107.15]) by smtp.gmail.com with ESMTPSA id r13sm4567422pgl.90.2021.08.17.18.00.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Aug 2021 18:00:47 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH 2/4] target/arm: Merge disas_a64_insn into aarch64_tr_translate_insn Date: Tue, 17 Aug 2021 15:00:39 -1000 Message-Id: <20210818010041.337010-3-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210818010041.337010-1-richard.henderson@linaro.org> References: <20210818010041.337010-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::530; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x530.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" It is confusing to have different exits from translation for various conditions in separate functions. Merge disas_a64_insn into its only caller. Standardize on the "s" name for the DisasContext, as the code from disas_a64_insn had more instances. Signed-off-by: Richard Henderson --- target/arm/translate-a64.c | 224 ++++++++++++++++++------------------- 1 file changed, 109 insertions(+), 115 deletions(-) -- 2.25.1 Reviewed-by: Peter Maydell diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 230cc8d83b..333bc836b2 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -14649,113 +14649,6 @@ static bool btype_destination_ok(uint32_t insn, bool bt, int btype) return false; } -/* C3.1 A64 instruction index by encoding */ -static void disas_a64_insn(CPUARMState *env, DisasContext *s) -{ - uint32_t insn; - - s->pc_curr = s->base.pc_next; - insn = arm_ldl_code(env, s->base.pc_next, s->sctlr_b); - s->insn = insn; - s->base.pc_next += 4; - - s->fp_access_checked = false; - s->sve_access_checked = false; - - if (s->pstate_il) { - /* - * Illegal execution state. This has priority over BTI - * exceptions, but comes after instruction abort exceptions. - */ - gen_exception_insn(s, s->pc_curr, EXCP_UDEF, - syn_illegalstate(), default_exception_el(s)); - return; - } - - if (dc_isar_feature(aa64_bti, s)) { - if (s->base.num_insns == 1) { - /* - * At the first insn of the TB, compute s->guarded_page. - * We delayed computing this until successfully reading - * the first insn of the TB, above. This (mostly) ensures - * that the softmmu tlb entry has been populated, and the - * page table GP bit is available. - * - * Note that we need to compute this even if btype == 0, - * because this value is used for BR instructions later - * where ENV is not available. - */ - s->guarded_page = is_guarded_page(env, s); - - /* First insn can have btype set to non-zero. */ - tcg_debug_assert(s->btype >= 0); - - /* - * Note that the Branch Target Exception has fairly high - * priority -- below debugging exceptions but above most - * everything else. This allows us to handle this now - * instead of waiting until the insn is otherwise decoded. - */ - if (s->btype != 0 - && s->guarded_page - && !btype_destination_ok(insn, s->bt, s->btype)) { - gen_exception_insn(s, s->pc_curr, EXCP_UDEF, - syn_btitrap(s->btype), - default_exception_el(s)); - return; - } - } else { - /* Not the first insn: btype must be 0. */ - tcg_debug_assert(s->btype == 0); - } - } - - switch (extract32(insn, 25, 4)) { - case 0x0: case 0x1: case 0x3: /* UNALLOCATED */ - unallocated_encoding(s); - break; - case 0x2: - if (!dc_isar_feature(aa64_sve, s) || !disas_sve(s, insn)) { - unallocated_encoding(s); - } - break; - case 0x8: case 0x9: /* Data processing - immediate */ - disas_data_proc_imm(s, insn); - break; - case 0xa: case 0xb: /* Branch, exception generation and system insns */ - disas_b_exc_sys(s, insn); - break; - case 0x4: - case 0x6: - case 0xc: - case 0xe: /* Loads and stores */ - disas_ldst(s, insn); - break; - case 0x5: - case 0xd: /* Data processing - register */ - disas_data_proc_reg(s, insn); - break; - case 0x7: - case 0xf: /* Data processing - SIMD and floating point */ - disas_data_proc_simd_fp(s, insn); - break; - default: - assert(FALSE); /* all 15 cases should be handled above */ - break; - } - - /* if we allocated any temporaries, free them here */ - free_tmp_a64(s); - - /* - * After execution of most insns, btype is reset to 0. - * Note that we set btype == -1 when the insn sets btype. - */ - if (s->btype > 0 && s->base.is_jmp != DISAS_NORETURN) { - reset_btype(s); - } -} - static void aarch64_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cpu) { @@ -14857,10 +14750,11 @@ static void aarch64_tr_insn_start(DisasContextBase *dcbase, CPUState *cpu) static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) { - DisasContext *dc = container_of(dcbase, DisasContext, base); + DisasContext *s = container_of(dcbase, DisasContext, base); CPUARMState *env = cpu->env_ptr; + uint32_t insn; - if (dc->ss_active && !dc->pstate_ss) { + if (s->ss_active && !s->pstate_ss) { /* Singlestep state is Active-pending. * If we're in this state at the start of a TB then either * a) we just took an exception to an EL which is being debugged @@ -14871,14 +14765,114 @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) * "did not step an insn" case, and so the syndrome ISV and EX * bits should be zero. */ - assert(dc->base.num_insns == 1); - gen_swstep_exception(dc, 0, 0); - dc->base.is_jmp = DISAS_NORETURN; - } else { - disas_a64_insn(env, dc); + assert(s->base.num_insns == 1); + gen_swstep_exception(s, 0, 0); + s->base.is_jmp = DISAS_NORETURN; + return; } - translator_loop_temp_check(&dc->base); + s->pc_curr = s->base.pc_next; + insn = arm_ldl_code(env, s->base.pc_next, s->sctlr_b); + s->insn = insn; + s->base.pc_next += 4; + + s->fp_access_checked = false; + s->sve_access_checked = false; + + if (s->pstate_il) { + /* + * Illegal execution state. This has priority over BTI + * exceptions, but comes after instruction abort exceptions. + */ + gen_exception_insn(s, s->pc_curr, EXCP_UDEF, + syn_illegalstate(), default_exception_el(s)); + return; + } + + if (dc_isar_feature(aa64_bti, s)) { + if (s->base.num_insns == 1) { + /* + * At the first insn of the TB, compute s->guarded_page. + * We delayed computing this until successfully reading + * the first insn of the TB, above. This (mostly) ensures + * that the softmmu tlb entry has been populated, and the + * page table GP bit is available. + * + * Note that we need to compute this even if btype == 0, + * because this value is used for BR instructions later + * where ENV is not available. + */ + s->guarded_page = is_guarded_page(env, s); + + /* First insn can have btype set to non-zero. */ + tcg_debug_assert(s->btype >= 0); + + /* + * Note that the Branch Target Exception has fairly high + * priority -- below debugging exceptions but above most + * everything else. This allows us to handle this now + * instead of waiting until the insn is otherwise decoded. + */ + if (s->btype != 0 + && s->guarded_page + && !btype_destination_ok(insn, s->bt, s->btype)) { + gen_exception_insn(s, s->pc_curr, EXCP_UDEF, + syn_btitrap(s->btype), + default_exception_el(s)); + return; + } + } else { + /* Not the first insn: btype must be 0. */ + tcg_debug_assert(s->btype == 0); + } + } + + switch (extract32(insn, 25, 4)) { + case 0x0: case 0x1: case 0x3: /* UNALLOCATED */ + unallocated_encoding(s); + break; + case 0x2: + if (!dc_isar_feature(aa64_sve, s) || !disas_sve(s, insn)) { + unallocated_encoding(s); + } + break; + case 0x8: case 0x9: /* Data processing - immediate */ + disas_data_proc_imm(s, insn); + break; + case 0xa: case 0xb: /* Branch, exception generation and system insns */ + disas_b_exc_sys(s, insn); + break; + case 0x4: + case 0x6: + case 0xc: + case 0xe: /* Loads and stores */ + disas_ldst(s, insn); + break; + case 0x5: + case 0xd: /* Data processing - register */ + disas_data_proc_reg(s, insn); + break; + case 0x7: + case 0xf: /* Data processing - SIMD and floating point */ + disas_data_proc_simd_fp(s, insn); + break; + default: + assert(FALSE); /* all 15 cases should be handled above */ + break; + } + + /* if we allocated any temporaries, free them here */ + free_tmp_a64(s); + + /* + * After execution of most insns, btype is reset to 0. + * Note that we set btype == -1 when the insn sets btype. + */ + if (s->btype > 0 && s->base.is_jmp != DISAS_NORETURN) { + reset_btype(s); + } + + translator_loop_temp_check(&s->base); } static void aarch64_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu) From patchwork Wed Aug 18 01:00:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 498871 Delivered-To: patch@linaro.org Received: by 2002:a02:6f15:0:0:0:0:0 with SMTP id x21csp154584jab; Tue, 17 Aug 2021 18:03:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyxkEmR12ICQmwc8z/CcWwq+E3WDrZaFXhUjippDnT3VrwQZOl4hzjgJ4MHd7n6I1lHibV4 X-Received: by 2002:a05:6102:415:: with SMTP id d21mr5615898vsq.56.1629248596725; Tue, 17 Aug 2021 18:03:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629248596; cv=none; d=google.com; s=arc-20160816; b=NuiJd09ceJSG+gcXENCl7VfDGUvoU7Tj+Dn9F+/G+ITq1TNnHy6Jik4VTIQ/9SecZm KcPbMHABUDrIIi+oH+GA/B1FO8MkhbysFemzzef2Gy0Umys3ox+nveFe80F0LpJ+yl7D JPwtrOXSBsL6dlpNkl0II+y5GTOMn1ZvJDeKajPiJJgbtMdXf4RVhmrelCYGdx9BGbKr XDIusblAsZo/E7iESHO5mtwA7x/PixPc3R4T6HDdDt44UTInJzZmwzHqA9+L1+Db0BU3 lZSekpjIccEO62npEL+/viyE2CPCchczv8pa5bX6uk3jVIrU8K3ldrSlAZNj3sJdnLb5 i46Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=9JnJtkEPTQMAjak+m0xZ67Hy1xtLIgwP8K1eaZAkDt4=; b=cijTTX9FrH+A+WXBeNoGQblqaDP5JkBeW5Nv353SUCeZ7vn26g4eCq9fdo3ZbYgyBH S+k6EyCvUGcGmlcXQvXPgjRc0wELcYHn9hR0Yoz88tHmqhqPH14SZlaT8IFhGNVdOWIF NoXs2whxTrOwrpjFXn7VxOMGj/mCDJZBkZ8mfxCQVLTmlay2zNG7YbqQ4BJrGm+hyngs 0mCde5H9RKeoQKfbh31KLZkqyf0sCfsHXIuiRqq2UU3Wj5HyWdSqZwbShORfUTTXa/gO UweSaT+lfTDBMc1tidmh85txafri1DCyeynOuWe1oPT3Q2HZ8cHtSHM681knl4WkeE0T zTVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uC4PHSgA; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id h132si2282882vka.67.2021.08.17.18.03.16 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 17 Aug 2021 18:03:16 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uC4PHSgA; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:46826 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mG9z9-0004xv-VS for patch@linaro.org; Tue, 17 Aug 2021 21:03:16 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51064) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mG9wt-00048i-2J for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:55 -0400 Received: from mail-pf1-x42f.google.com ([2607:f8b0:4864:20::42f]:37450) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mG9wo-0001Ml-1r for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:54 -0400 Received: by mail-pf1-x42f.google.com with SMTP id j187so479051pfg.4 for ; Tue, 17 Aug 2021 18:00:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9JnJtkEPTQMAjak+m0xZ67Hy1xtLIgwP8K1eaZAkDt4=; b=uC4PHSgAiYGMlCUl2+nejJRDGIPp62kGaPvAELQo1q0Nn/HCBHWrZFG+KO4EGkSgfx UJRNtTCSAImICZUb2fg18/QRsS2yKlGAetb9KezYWZc8zZxlDR+aGhRcg1QSqo6CdZr/ UIsDPp3/SfT+FRUKX9WbljwxuWF5ED4hE79JXAI+Mui2VQ9UmEHy2Pbc+9BX7RW0BhgB 0is8KSSBywN7Z9WIbZ+5Xb0kIpfS14dHMr0U5F+G+EmC7ispn49VR1CieeO2oOWvMSLU EdwOBRMmzden/mxEbblSJfl4LHdIIkmQOBLP96KJOynTZ3+0/NHX40oU2AqcucqRPKVv I26Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9JnJtkEPTQMAjak+m0xZ67Hy1xtLIgwP8K1eaZAkDt4=; b=lKD7ujUgiZqZskfaCGy4rQhl/tqx1Gbum6fbinTWBim8vU2XCYfIGkrRS9RrDUl3Ds UBydlH3BaPFZtMcSuSytKXxAwD4P9AxE4NopaI9+xbC+aiT7mZOC55fBlx+MBECRUpkb 6h7OxAFEEpWno/5sKOettUouLW4NOl2mKF75xbGBGutWpivo6Yyhh///on9sHJM83vw+ ANZN7OZ1ot28yOVWPmp/WZzy013o9VK9FF41miunKqmMx/yUCY5X7UIc31tZqLLtWCwu ZYplklgism0DTpFYQtuuvS2rh1fjkxq98pwF+M22SAS3hwI2FCJ1mXSOMc6PdHCiEsCG Viwg== X-Gm-Message-State: AOAM5309c414UOvTv80GfLs76MqUdYFgquaLBpuRlk79D8K8oFezdgBY 4lTEshHyOjrn/797AvljKG16w2lHDGIQQQ== X-Received: by 2002:aa7:8754:0:b0:3e2:1de:4f92 with SMTP id g20-20020aa78754000000b003e201de4f92mr6534416pfo.16.1629248448691; Tue, 17 Aug 2021 18:00:48 -0700 (PDT) Received: from localhost.localdomain ([173.197.107.15]) by smtp.gmail.com with ESMTPSA id r13sm4567422pgl.90.2021.08.17.18.00.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Aug 2021 18:00:48 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH 3/4] target/arm: Take an exception if PC is misaligned Date: Tue, 17 Aug 2021 15:00:40 -1000 Message-Id: <20210818010041.337010-4-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210818010041.337010-1-richard.henderson@linaro.org> References: <20210818010041.337010-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::42f; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x42f.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" For A64, any input to an indirect branch can cause this. For A32, many indirect branch paths force the branch to be aligned, but BXWritePC does not. This includes the BX instruction but also other interworking changes to PC. Prior to v8, this case is UNDEFINED. With v8, this is CONSTRAINED UNDEFINED and may either raise an exception or force align the PC. We choose to raise an exception because we have the infrastructure, it makes the generated code for gen_bx simpler, and it has the possibility of catching more guest bugs. Signed-off-by: Richard Henderson --- target/arm/syndrome.h | 5 ++++ target/arm/translate-a64.c | 12 +++++++++ target/arm/translate.c | 50 +++++++++++++++++++++++++++----------- 3 files changed, 53 insertions(+), 14 deletions(-) -- 2.25.1 diff --git a/target/arm/syndrome.h b/target/arm/syndrome.h index c590a109da..569b0c1115 100644 --- a/target/arm/syndrome.h +++ b/target/arm/syndrome.h @@ -275,4 +275,9 @@ static inline uint32_t syn_illegalstate(void) return EC_ILLEGALSTATE << ARM_EL_EC_SHIFT; } +static inline uint32_t syn_pcalignment(void) +{ + return EC_PCALIGNMENT << ARM_EL_EC_SHIFT; +} + #endif /* TARGET_ARM_SYNDROME_H */ diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index 333bc836b2..c394bddac6 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -14754,6 +14754,7 @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) CPUARMState *env = cpu->env_ptr; uint32_t insn; + /* Singlestep exceptions have the highest priority. */ if (s->ss_active && !s->pstate_ss) { /* Singlestep state is Active-pending. * If we're in this state at the start of a TB then either @@ -14771,6 +14772,17 @@ static void aarch64_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) return; } + if (s->base.pc_next & 3) { + /* + * PC alignment fault. This has priority over the instruction abort + * that we would receive from a translation fault via arm_ldl_code. + */ + gen_exception_insn(s, s->base.pc_next, EXCP_UDEF, + syn_pcalignment(), default_exception_el(s)); + s->base.pc_next = QEMU_ALIGN_UP(s->base.pc_next, 4); + return; + } + s->pc_curr = s->base.pc_next; insn = arm_ldl_code(env, s->base.pc_next, s->sctlr_b); s->insn = insn; diff --git a/target/arm/translate.c b/target/arm/translate.c index 5e0fc8a0a0..00ddd4879c 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -9452,19 +9452,8 @@ static void arm_tr_insn_start(DisasContextBase *dcbase, CPUState *cpu) dc->insn_start = tcg_last_op(); } -static bool arm_pre_translate_insn(DisasContext *dc) +static bool arm_check_ss_active(DisasContext *dc) { -#ifdef CONFIG_USER_ONLY - /* Intercept jump to the magic kernel page. */ - if (dc->base.pc_next >= 0xffff0000) { - /* We always get here via a jump, so know we are not in a - conditional execution block. */ - gen_exception_internal(EXCP_KERNEL_TRAP); - dc->base.is_jmp = DISAS_NORETURN; - return true; - } -#endif - if (dc->ss_active && !dc->pstate_ss) { /* Singlestep state is Active-pending. * If we're in this state at the start of a TB then either @@ -9485,6 +9474,21 @@ static bool arm_pre_translate_insn(DisasContext *dc) return false; } +static bool arm_check_kernelpage(DisasContext *dc) +{ +#ifdef CONFIG_USER_ONLY + /* Intercept jump to the magic kernel page. */ + if (dc->base.pc_next >= 0xffff0000) { + /* We always get here via a jump, so know we are not in a + conditional execution block. */ + gen_exception_internal(EXCP_KERNEL_TRAP); + dc->base.is_jmp = DISAS_NORETURN; + return true; + } +#endif + return false; +} + static void arm_post_translate_insn(DisasContext *dc) { if (dc->condjmp && !dc->base.is_jmp) { @@ -9500,7 +9504,25 @@ static void arm_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) CPUARMState *env = cpu->env_ptr; unsigned int insn; - if (arm_pre_translate_insn(dc)) { + /* Singlestep exceptions have the highest priority. */ + if (arm_check_ss_active(dc)) { + dc->base.pc_next += 4; + return; + } + + if (dc->base.pc_next & 3) { + /* + * PC alignment fault. This has priority over the instruction abort + * that we would receive from a translation fault via arm_ldl_code + * (or the execution of the kernelpage entrypoint). + */ + gen_exception_insn(dc, dc->base.pc_next, EXCP_UDEF, + syn_pcalignment(), default_exception_el(dc)); + dc->base.pc_next = QEMU_ALIGN_UP(dc->base.pc_next, 4); + return; + } + + if (arm_check_kernelpage(dc)) { dc->base.pc_next += 4; return; } @@ -9570,7 +9592,7 @@ static void thumb_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu) uint32_t insn; bool is_16bit; - if (arm_pre_translate_insn(dc)) { + if (arm_check_ss_active(dc) || arm_check_kernelpage(dc)) { dc->base.pc_next += 2; return; } From patchwork Wed Aug 18 01:00:41 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 498873 Delivered-To: patch@linaro.org Received: by 2002:a02:6f15:0:0:0:0:0 with SMTP id x21csp156708jab; Tue, 17 Aug 2021 18:06:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxCFxaJCPZSUbuMwZiwv5hM53L2tmRtdIFtFVBm/qPj96drCzAU9J5gwjrpw7DgyAMv3bE2 X-Received: by 2002:a05:6122:da3:: with SMTP id bc35mr5464907vkb.18.1629248761103; Tue, 17 Aug 2021 18:06:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1629248761; cv=none; d=google.com; s=arc-20160816; b=pvDEnnpJQ+ieJguzdnhGsuO7x133OOyu9hgXkYfofZZ2qK7rWNahht1IWb/EIywpBb Pb/pgk0onR9F+WStDMfs1StN1FNmY2qnxPBH+1rqAU1LUweRJUQNRDMOa71cpKnY7vt1 ISK+AQXrVkCZSJB1WFWNBmH0AHCgCiYuWRaTgR+p2v6AlkX9r/GQ1aCAMfZftGLiexRa uI5nkOG8XQs1YZPpUpMprtVpIPluNKkwKyg4C8KGDzhUMtZ6s3NM2EbM0KHO/K+hudeP 2rfhLdACSIJs6lHozEnMK4ePd3F/xSfXzmCil4Mp7fbeVCfnQxEWK5X5kXvW2nlGaAlE 4tmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=3++UiM9Nvpex33sDYBqi5LO8w14qjh3qiR4geB26iKQ=; b=sNCOOQX/scafT+Gez9kS5A3i3vWKM3w5a052P1z80aXWZ/SliekJ8WyRxNnbq0i5gM S0NcxgSwo3BnM43JP6hniOt6dfzQuHPv88VETf6j3p2PWQr3+DYlke8AJC6bCVeETHIX hbdAhiPn4/k2DbXtfJVN906YG21XqvXzo4PjfknKt2oKWVw/m/vlucpHM0zV6NLqxg99 xr1yzq8//1Jf7nd8IsQcFtkohLClCNFWfaZrWgNQCtvHXMNaxgkAfouWXQwuruqc+FIz I/2hUzUICgwXOEbUHN3yX2lq7o2yaC1rPf1Ah5azieSjh/f4JmlGbUEilTWe4Te1x/z5 szeQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Hvtvifip; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id o10si1784033vsl.104.2021.08.17.18.06.01 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 17 Aug 2021 18:06:01 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Hvtvifip; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:56012 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mGA1o-00034f-Gu for patch@linaro.org; Tue, 17 Aug 2021 21:06:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:51084) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mG9wu-000491-72 for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:57 -0400 Received: from mail-pj1-x102a.google.com ([2607:f8b0:4864:20::102a]:45807) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mG9wp-0001OD-Ib for qemu-devel@nongnu.org; Tue, 17 Aug 2021 21:00:55 -0400 Received: by mail-pj1-x102a.google.com with SMTP id m24-20020a17090a7f98b0290178b1a81700so1218537pjl.4 for ; Tue, 17 Aug 2021 18:00:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=3++UiM9Nvpex33sDYBqi5LO8w14qjh3qiR4geB26iKQ=; b=HvtvifipWcMTSCAtENYbf4UhBK5dI7dfEyiX/nAFe88Q+DvjPLBFxu8vhUMWCCrYRr g+vIjImlTxeKvD9E5NHuxHXhuIf+zKyABupvCBLGLnpw75+TkXkTw2RCMgzIqLGkWvb7 cLu2s0AtS+1gSW+Rm2eJQEEfv0zHt8qHHgxexBJ1jlpUk2kmEkzMpq8E4dgwgFJhgUE0 aGVJWdMxd7y1isERpqRRfLxQ5I8/djLnRA1TtVZaseQvWqfXQOgTDqd/obGEo69UVzXc +26OzUUBKc3ClFhwRTtE3gPa8ZGLy5dHTqhJ2wDJZ93Z5S2N4TtlUF4KHDcV7NKq+3Bp Y4cg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3++UiM9Nvpex33sDYBqi5LO8w14qjh3qiR4geB26iKQ=; b=Du+R9OmAAw/J3gxzPZ+juN9S7GlGN2o1podOR/kjvsiVCjkvEDDM0BEkdgNYkB3U60 DmhD56XRZ1q8fQxw+QBtwnBfgVQgZUkslJ66yFEUwrlngDRVCJtSSkAXZuKaZ3Q8Uc3z p7eSfzJfgBtIlJN1EU0lNqW4eGxYpx/aa9G9IvO9tT+vIs9IWoViIqiFKI63D6VN7wNP KLJOV2AY9SKZ1LdbOrJSjoE2+chDTMjTSQGCF9Wf5SIZzkiGu19+63s9+SE7kBVLd/Q7 jX4XmZNGHoMWVmGy71cOuY67EY5F28mrD6zp+BhJ29rNvduBmKyfT5dghN2SSOX5PENw /FIA== X-Gm-Message-State: AOAM533PRxkPXjh7ZrqGqCAkDnUVeC+nNu0/IHyoZySaWV2VmCckWDeg X0SGKvTEQZfFQ5HsEzBGfdbYxJP45T61qg== X-Received: by 2002:a17:90b:507:: with SMTP id r7mr6408192pjz.47.1629248450220; Tue, 17 Aug 2021 18:00:50 -0700 (PDT) Received: from localhost.localdomain ([173.197.107.15]) by smtp.gmail.com with ESMTPSA id r13sm4567422pgl.90.2021.08.17.18.00.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Aug 2021 18:00:49 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH 4/4] target/arm: Suppress bp for exceptions with more priority Date: Tue, 17 Aug 2021 15:00:41 -1000 Message-Id: <20210818010041.337010-5-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210818010041.337010-1-richard.henderson@linaro.org> References: <20210818010041.337010-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::102a; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x102a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: qemu-arm@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Both single-step and pc alignment faults have priority over breakpoint exceptions. Signed-off-by: Richard Henderson --- target/arm/debug_helper.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) -- 2.25.1 Reviewed-by: Peter Maydell diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c index 2983e36dd3..32f3caec23 100644 --- a/target/arm/debug_helper.c +++ b/target/arm/debug_helper.c @@ -220,6 +220,7 @@ bool arm_debug_check_breakpoint(CPUState *cs) { ARMCPU *cpu = ARM_CPU(cs); CPUARMState *env = &cpu->env; + target_ulong pc; int n; /* @@ -231,6 +232,28 @@ bool arm_debug_check_breakpoint(CPUState *cs) return false; } + /* + * Single-step exceptions have priority over breakpoint exceptions. + * If single-step state is active-pending, suppress the bp. + */ + if (arm_singlestep_active(env) && !(env->pstate & PSTATE_SS)) { + return false; + } + + /* + * PC alignment faults have priority over breakpoint exceptions. + */ + pc = is_a64(env) ? env->pc : env->regs[15]; + if ((is_a64(env) || !env->thumb) && (pc & 3) != 0) { + return false; + } + + /* + * Instruction aborts have priority over breakpoint exceptions. + * TODO: We would need to look up the page for PC and verify that + * it is present and executable. + */ + for (n = 0; n < ARRAY_SIZE(env->cpu_breakpoint); n++) { if (bp_wp_matches(cpu, n, false)) { return true;