aboutsummaryrefslogtreecommitdiff
path: root/user-exec.c
AgeCommit message (Collapse)Author
2017-03-28user-exec: handle synchronous signals from QEMU gracefullyAlex Bennée
When "tcg: enable thread-per-vCPU" (commit 3725794) was merged the lifetime of current_cpu was changed. Previously a broken linux-user call might abort() which can eventually escalate into a SIGSEGV which would then crash qemu as it attempted to deref a NULL current_cpu. After commit 3725794 it would attempt to fixup state and re-start the run-loop and much hilarity (i.e. a looping lockup) would ensue from jumping into a stale jmp_env. As we can actually tell if we are in the run-loop from looking at the cpu->running flag we should catch this badness first and abort() cleanly rather than try to soldier on. There is a theoretical race between the flag being set and sigsetjmp refreshing the jump buffer but we can try really hard to not introduce crashes into that code. [LV: setgroups03 fails on powerpc LTP] Reported-by: Laurent Vivier <laurent@vivier.eu> Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2016-09-16tcg: Merge GETPC and GETRARichard Henderson
The return address argument to the softmmu template helpers was confused. In the legacy case, we wanted to indicate that there is no return address, and so passed in NULL. However, we then immediately subtracted GETPC_ADJ from NULL, resulting in a non-zero value, indicating the presence of an (invalid) return address. Push the GETPC_ADJ subtraction down to the only point it's required: immediately before use within cpu_restore_state_from_tb, after all NULL pointer checks have been completed. This makes GETPC and GETRA identical. Remove GETRA as the lesser used macro, replacing all uses with GETPC. Signed-off-by: Richard Henderson <rth@twiddle.net>
2016-06-26user-exec: Remove unused code for OSX hostsPeter Maydell
Since we dropped darwin-user support many years ago, the code in user-exec to support hosts which define __APPLE__ is unused; delete it. Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Riku Voipio <riku.voipio@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2016-06-26user-exec: Delete now-unused hppa and m68k cpu_signal_handler() codePeter Maydell
Now that configure blocks attempts to build user-mode code on hppa and m68k hosts, we can delete the cpu_signal_handler() implementations for those architectures. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Laurent Vivier <laurent@vivier.eu> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2016-06-09target-i386: Move user-mode exception actions out of user-exec.cPeter Maydell
The exception_action() function in user-exec.c is just a call to cpu_loop_exit() for every target CPU except i386. Since this function is only called if the target's handle_mmu_fault() hook has indicated an MMU fault, and that hook is only called from the handle_cpu_signal() code path, we can simply move the x86-specific setup into that hook, which allows us to remove the TARGET_I386 ifdef from user-exec.c. Of the actions that were done by the call to raise_interrupt_err(): * cpu_svm_check_intercept_param() is a no-op in user mode * check_exception() is a no-op since double faults are impossible for user-mode * assignments to cs->exception_index and env->error_code are no-ops * assigning to env->exception_next_eip is unnecessary because it is not used unless env->exception_is_int is true * cpu_loop_exit_restore() is equivalent to cpu_loop_exit() since pc is 0 which leaves just setting env_>exception_is_int as the action that needs to be added to x86_cpu_handle_mmu_fault(). Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <sergey.fedorov@linaro.org> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Riku Voipio <riku.voipio@linaro.org> Message-id: 1463494687-25947-7-git-send-email-peter.maydell@linaro.org
2016-06-09user-exec: Don't reextract sigmask from usercontext pointerPeter Maydell
Extracting the old signal mask from the usercontext pointer passed to a signal handler is a pain because it is OS and CPU dependent. Since we've already done it once and passed it to handle_cpu_signal(), there's no need to do it again in cpu_exit_tb_from_sighandler(). This then means we don't need to pass a usercontext pointer in to handle_cpu_signal() at all. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <sergey.fedorov@linaro.org> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Riku Voipio <riku.voipio@linaro.org> Message-id: 1463494687-25947-5-git-send-email-peter.maydell@linaro.org
2016-06-09cpu-exec: Rename cpu_resume_from_signal() to cpu_loop_exit_noexc()Peter Maydell
The function cpu_resume_from_signal() is now always called with a NULL puc argument, and is rather misnamed since it is never called from a signal handler. It is essentially forcing an exit to the top level cpu loop but without raising any exception, so rename it to cpu_loop_exit_noexc() and drop the useless unused argument. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <sergey.fedorov@linaro.org> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Riku Voipio <riku.voipio@linaro.org> Message-id: 1463494687-25947-4-git-send-email-peter.maydell@linaro.org
2016-06-09user-exec: Push resume-from-signal code out to handle_cpu_signal()Peter Maydell
Since the only caller of page_unprotect() which might cause it to need to call cpu_resume_from_signal() is handle_cpu_signal() in the user-mode code, push the longjump handling out to that function. Since this is the only caller of cpu_resume_from_signal() which passes a non-NULL puc argument, split the non-NULL handling into a new cpu_exit_tb_from_sighandler() function. This allows us to merge the softmmu and usermode implementations of the cpu_resume_from_signal() function, which are now identical. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Sergey Fedorov <sergey.fedorov@linaro.org> Acked-by: Eduardo Habkost <ehabkost@redhat.com> Acked-by: Riku Voipio <riku.voipio@linaro.org> Message-id: 1463494687-25947-3-git-send-email-peter.maydell@linaro.org
2016-05-19cpu: move exec-all.h inclusion out of cpu.hPaolo Bonzini
exec-all.h contains TCG-specific definitions. It is not needed outside TCG-specific files such as translate.c, exec.c or *helper.c. One generic function had snuck into include/exec/exec-all.h; move it to include/qom/cpu.h. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-04all: Clean up includesPeter Maydell
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1454089805-5470-16-git-send-email-peter.maydell@linaro.org
2015-08-19osdep.h: Remove qemu_printfPeter Maydell
qemu_printf is an ancient remnant which has been a simple #define to printf for over a decade, and is used in only a few places. Expand it out in those places and remove the #define. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
2015-06-05exec: move functions to translate-all.hPaolo Bonzini
Remove them from the sundry exec-all.h header, since they are only used by the TCG runtime in exec.c and user-exec.c. Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-03-13user-exec.c: fix build on NetBSD/sparc64 and NetBSD/armTobias Nygren
A couple of #ifdef changes necessary to use NetBSD's ucontext structs on sparc64 and arm. Signed-off-by: Tobias Nygren <tnn@NetBSD.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1425591461-17550-1-git-send-email-tnn@NetBSD.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2014-06-05softmmu: introduce cpu_ldst.hPaolo Bonzini
This will collect all load and store helpers soon. For now it is just a replacement for softmmu_exec.h, which this patch stops including directly, but we also include it where this will be necessary in order to simplify the next patch. Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-04-16tcg-aarch64: Properly detect SIGSEGV writesRichard Henderson
Since the kernel doesn't pass any info on the reason for the fault, disassemble the instruction to detect a store. Reviewed-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com> Signed-off-by: Richard Henderson <rth@twiddle.net>
2014-03-13user-exec: Change exception_action() argument to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu-exec: Change cpu_resume_from_signal() argument to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13translate-all: Change cpu_restore_state() argument to CPUStateAndreas Färber
This lets us drop some local variables in tlb_fill() functions. Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu-exec: Change cpu_loop_exit() argument to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu: Move exception_index field from CPU_COMMON to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu: Move jmp_env field from CPU_COMMON to CPUStateAndreas Färber
Signed-off-by: Andreas Färber <afaerber@suse.de>
2014-03-13cpu: Turn cpu_handle_mmu_fault() into a CPUClass hookAndreas Färber
Note that while such functions may exist both for *-user and softmmu, only *-user uses the CPUState hook, while softmmu reuses the prototype for calling it directly. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-23linux-user: fix segmentation fault passing with h2g(x) != xAlexander Graf
When forwarding a segmentation fault into the guest process, we were passing the host's address directly into the guest process's signal descriptor. That obviously confused the guest process, since it didn't know what to make of the (usually 32-bit truncated) address. Passing in h2g(address) makes the guest process a lot happier. To make the code more obvious, introduce a h2g_nocheck() macro that does the same as h2g(), but allows us to convert addresses that may be outside of guest mapped range into the guest's view of address space. This fixes java running in arm-linux-user for me. Signed-off-by: Alexander Graf <agraf@suse.de> Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
2013-07-10Merge remote-tracking branch 'afaerber/tags/qom-cpu-for-anthony' into stagingAnthony Liguori
QOM CPUState refactorings * Fix for OpenRISCCPU subclasses * Fix for gdbstub CPU selection * Move linux-user CPU functions into new header * CPUState part 10 refactoring: first_cpu, next_cpu, cpu_single_env et al. * Fix some targets to consistently inline TCG code generation * Centrally log CPU reset # gpg: Signature made Wed 10 Jul 2013 07:52:39 AM CDT using RSA key ID 3E7E013F # gpg: Can't check signature: public key not found # By Andreas Färber (41) and others # Via Andreas Färber * afaerber/tags/qom-cpu-for-anthony: (43 commits) cpu: Move reset logging to CPUState target-ppc: Change LOG_MMU_STATE() argument to CPUState target-i386: Change LOG_PCALL_STATE() argument to CPUState log: Change log_cpu_state[_mask]() argument to CPUState target-i386: Change do_smm_enter() argument to X86CPU target-i386: Change do_interrupt_all() argument to X86CPU target-xtensa: Change gen_intermediate_code_internal() arg to XtensaCPU target-unicore32: Change gen_intermediate_code_internal() signature target-sparc: Change gen_intermediate_code_internal() argument to SPARCCPU target-sh4: Change gen_intermediate_code_internal() argument to SuperHCPU target-s390x: Change gen_intermediate_code_internal() argument to S390CPU target-ppc: Change gen_intermediate_code_internal() argument to PowerPCCPU target-mips: Change gen_intermediate_code_internal() argument to MIPSCPU target-microblaze: Change gen_intermediate_code_internal() argument types target-m68k: Change gen_intermediate_code_internal() argument to M68kCPU target-lm32: Change gen_intermediate_code_internal() argument to LM32CPU target-i386: Change gen_intermediate_code_internal() argument to X86CPU target-cris: Change gen_intermediate_code_internal() argument to CRISCPU target-arm: Change gen_intermediate_code_internal() argument to ARMCPU target-alpha: Change gen_intermediate_code_internal() argument to AlphaCPU ...
2013-07-09cpu: Replace cpu_single_env with CPUState current_cpuAndreas Färber
Move it to qom/cpu.h. Signed-off-by: Andreas Färber <afaerber@suse.de>
2013-07-05user-exec.c: Set is_write correctly in the ARM cpu_signal_handler()Peter Maydell
In the ARM implementation of cpu_signal_handler(), set is_write correctly using the FSR value which the kernel passes us in the error_code field of uc_mcontext. Since the WnR bit of the FSR was only introduced in ARMv6, this means that v5 cores will continue to behave as before this patch, but they are not really supported as hosts for linux-user mode anyway since they do not have the modern behaviour for unaligned accesses. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1370352705-27590-1-git-send-email-peter.maydell@linaro.org
2013-06-12user-exec.c: aarch64 initial implementation of cpu_signal_handlerClaudio Fontana
Signed-off-by: Claudio Fontana <claudio.fontana@huawei.com> Reviewed-by: Richard Henderson <rth@twiddle.net> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 51AF4028.5030504@huawei.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-23Replace all setjmp()/longjmp() with sigsetjmp()/siglongjmp()Peter Maydell
The setjmp() function doesn't specify whether signal masks are saved and restored; on Linux they are not, but on BSD (including MacOSX) they are. We want to have consistent behaviour across platforms, so we should always use "don't save/restore signal mask" (this is also generally going to be faster). This also works around a bug in MacOSX where the signal-restoration on longjmp() affects the signal mask for a completely different thread, not just the mask for the thread which did the longjmp. The most visible effect of this was that ctrl-C was ignored on MacOSX because the CPU thread did a longjmp which resulted in its signal mask being applied to every thread, so that all threads had SIGINT and SIGTERM blocked. The POSIX-sanctioned portable way to do a jump without affecting signal masks is to siglongjmp() to a sigjmp_buf which was created by calling sigsetjmp() with a zero savemask parameter, so change all uses of setjmp()/longjmp() accordingly. [Technically POSIX allows sigsetjmp(buf, 0) to save the signal mask; however the following siglongjmp() must not restore the signal mask, so the pair can be effectively considered as "sigjmp/longjmp which don't touch the mask".] For Windows we provide a trivial sigsetjmp/siglongjmp in terms of setjmp/longjmp -- this is OK because no user will ever pass a non-zero savemask. The setjmp() uses in tests/tcg/test-i386.c and tests/tcg/linux-test.c are left untouched because these are self-contained singlethreaded test programs intended to be run under QEMU's Linux emulation, so they have neither the portability nor the multithreading issues to deal with. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Tested-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-12-19Merge remote-tracking branch 'bonzini/header-dirs' into stagingAnthony Liguori
* bonzini/header-dirs: (45 commits) janitor: move remaining public headers to include/ hw: move executable format header files to hw/ fpu: move public header file to include/fpu softmmu: move remaining include files to include/ subdirectories softmmu: move include files to include/sysemu/ misc: move include files to include/qemu/ qom: move include files to include/qom/ migration: move include files to include/migration/ monitor: move include files to include/monitor/ exec: move include files to include/exec/ block: move include files to include/block/ qapi: move include files to include/qobject/ janitor: add guards to headers qapi: make struct Visitor opaque qapi: remove qapi/qapi-types-core.h qapi: move inclusions of qemu-common.h from headers to .c files ui: move files to ui/ and include/ui/ qemu-ga: move qemu-ga files to qga/ net: reorganize headers net: move net.c to net/ ... Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-12-19build: kill libdis, move disassemblers to disas/Paolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-12-18fix build error on ARM due to wrong glibc checkJohn Spencer
the test for glibc < 2 "succeeds" wrongly for any non-glibc C library, and breaks the build on musl libc. we must first test if __GLIBC__ is defined at all, before using it unconditionally. Signed-off-by: John Spencer <maillist-qemu@barfooze.de> Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2012-12-16exec: refactor cpu_restore_stateBlue Swirl
Refactor common code around calls to cpu_restore_state(). tb_find_pc() has now no external users, make it static. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-09-15Remove unused CONFIG_TCG_PASS_AREG0 and dead codeBlue Swirl
Now that CONFIG_TCG_PASS_AREG0 is enabled for all targets, remove dead code and support for !CONFIG_TCG_PASS_AREG0 case. Remove dyngen-exec.h and all references to it. Although included by hw/spapr_hcall.c, it does not seem to use it. Remove unused HELPER_CFLAGS. Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Reviewed-by: Richard Henderson <rth@twiddle.net>
2012-08-09user: fix accidental AREG0 useBlue Swirl
Global register AREG0 was always assumed to be usable in user-exec.c, but this is incorrect for several targets. Fix with #ifdeffery and by using other variables. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-08-01Replace 'struct siginfo' with 'siginfo_t'.Richard W.M. Jones
glibc 2.16 will remove the undocumented definition of 'struct siginfo' from <bits/siginfo.h>. This change is already present in glibc 2.15.90, so qemu compilation of certain targets (eg. cris-user) breaks. This struct was always typedef'd to be the same as 'siginfo_t' which is what POSIX documents, so use that instead. Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-06-28x86: avoid AREG0 for exceptionsBlue Swirl
Add an explicit CPUX86State parameter instead of relying on AREG0. Merge raise_exception_env() to raise_exception(), likewise with raise_exception_err_env() and raise_exception_err(). Introduce cpu_svm_check_intercept_param() and cpu_vmexit() as wrappers. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-05-08user-exec.c: Don't assert on segfaults for non-valid addressesPeter Maydell
h2g() will assert if passed an address that's not a valid guest address, so handle_cpu_signal() needs to check before passing "data address which caused a segfault" to it, since for a misbehaving guest that could be anything. If the address isn't a valid guest address then we can simply skip the attempt to unprotect a guest page which was made read-only to catch self-modifying code. This assertion probably fires more readily now than it used to do because of recent changes to default to reserving guest address space. Acked-by: Alexander Graf <agraf@suse.de> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2012-04-14Use uintptr_t for various op related functionsBlue Swirl
Use uintptr_t instead of void * or unsigned long in several op related functions, env->mem_io_pc and GETPC() macro. Reviewed-by: Stefan Weil <sw@weilnetz.de> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2012-03-14Rename CPUState -> CPUArchStateAndreas Färber
Scripted conversion: for file in *.[hc] hw/*.[hc] hw/kvm/*.[hc] linux-user/*.[hc] linux-user/m68k/*.[hc] bsd-user/*.[hc] darwin-user/*.[hc] tcg/*/*.[hc] target-*/cpu.h; do sed -i "s/CPUState/CPUArchState/g" $file done All occurrences of CPUArchState are expected to be replaced by QOM CPUState, once all targets are QOM'ified and common fields have been extracted. Signed-off-by: Andreas Färber <afaerber@suse.de> Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
2011-08-07Remove unused is_softmmu parameter from cpu_handle_mmu_faultBlue Swirl
Parameter is_softmmu (and its evil mutant twin brother is_softmuu) is not used in cpu_*_handle_mmu_fault() functions, remove them and adjust callers. Acked-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-07-30exec.h cleanupBlue Swirl
Move softmmu_exec.h include directives from target-*/exec.h to target-*/op_helper.c. Move also various other stuff only used in op_helper.c there. Define global env in dyngen-exec.h. For i386, move wrappers for segment and FPU helpers from user-exec.c to op_helper.c. Implement raise_exception_err_env() to handle dynamic CPUState. Move the function declarations to cpu.h since they can be used outside of op_helper.c context. LM32, s390x, UniCore32: remove unused cpu_halted(), regs_to_env() and env_to_regs(). ARM: make raise_exception() static. Convert #include "exec.h" to #include "cpu.h" #include "dyngen-exec.h" and remove now unused target-*/exec.h. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-06-26cpu_loop_exit: avoid using AREG0Blue Swirl
Make cpu_loop_exit() take a parameter for CPUState instead of relying on global env. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2011-05-28Move user emulator stuff from cpu-exec.c to user-exec.cBlue Swirl
Simplify cpu-exec.c by refactoring. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>