QEMU With E2K User Support
Go to file
Aurelien Jarno c69806ab82 tcg/arm: fix branch target change during code retranslation
QEMU uses code retranslation to restore the CPU state when an exception
happens. For it to work the retranslation must not modify the generated
code. This is what is currently implemented in ARM TCG.

However on CPU that don't have icache/dcache/memory synchronised like
ARM, this requirement is stronger and code retranslation must not modify
the generated code "atomically", as the cache line might be flushed
at any moment (interrupt, exception, task switching), even if not
triggered by QEMU. The probability for this to happen is very low, and
depends on cache size and associativiy, machine load, interrupts, so the
symptoms are might happen randomly.

This requirement is currently not followed in tcg/arm, for the
load/store code, which basically has the following structure:
  1) tlb access code is written
  2) conditional fast path code is written
  3) branch is written with a temporary target
  4) slow path code is written
  5) branch target is updated
The cache lines corresponding to the retranslated code is not flushed
after code retranslation as the generated code is supposed to be the
same. However if the cache line corresponding to the branch instruction
is flushed between step 3 and 5, and is not flushed again before the
code is executed again, the branch target is wrong. In the guest, the
symptoms are MMU page fault at a random addresses, which leads to
kernel page fault or segmentation faults.

The patch fixes this issue by avoiding writing the branch target until
it is known, that is by writing only the branch instruction first, and
later only the offset.

This fixes booting linux guests on ARM hosts (tested: arm, i386, mips,
mipsel, sh4, sparc).

Acked-by: Edgar E. Iglesias <edgar.iglesias@gmail.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2011-01-08 16:39:47 +01:00
audio noaudio: correctly account acquired samples 2011-01-04 03:53:47 +03:00
block Add proper -errno error return values to qcow2_open() 2010-12-17 16:15:04 +01:00
bsd-user Remove dead code for ARM semihosting commandline handling 2011-01-07 18:20:57 +02:00
darwin-user darwin-user: Use GCC_FMT_ATTR (format checking) 2010-12-04 20:51:19 +00:00
default-configs config: add ahci for pci capable machines 2010-12-17 16:11:02 +01:00
docs docs: Fix missing carets in QED specification 2010-12-17 17:05:06 +01:00
fpu softfloat: Implement floatx80_is_any_nan() and float128_is_any_nan() 2011-01-07 17:35:48 +02:00
fsdev [virtio-9p] Qemu 9p commandline options validity checks 2010-10-20 12:10:58 -05:00
gdb-xml
hw cirrus: delete GCC 4.6 warnings 2011-01-06 22:29:04 +01:00
linux-user Remove dead code for ARM semihosting commandline handling 2011-01-07 18:20:57 +02:00
net Add support for OpenBSD to QEMU's tap driver. 2010-12-21 19:44:33 +00:00
pc-bios spice: add qxl vgabios binary. 2010-12-09 14:23:24 +01:00
QMP spice: connection events. 2010-12-09 14:23:24 +01:00
roms Add new vgabios binaries to blobs list. 2010-11-16 08:39:52 -06:00
slirp slirp: Remove unused code for bad sprintf 2010-11-21 09:16:57 -06:00
sysconfigs/target
target-alpha softfloat: Rename float*_is_nan() functions to float*_is_quiet_nan() 2011-01-02 11:15:25 +01:00
target-arm target-arm: wire up the softfloat flush_input_to_zero flag 2011-01-06 22:16:59 +01:00
target-cris cris: Allow more TB chaning 2011-01-07 16:18:13 +01:00
target-i386 x86: Filter out garbage from segment flags dump 2010-12-27 22:02:52 +01:00
target-m68k softfloat: Rename float*_is_nan() functions to float*_is_quiet_nan() 2011-01-02 11:15:25 +01:00
target-microblaze microblaze: Use more TB chaining 2011-01-05 02:23:09 +01:00
target-mips softfloat: Rename float*_is_nan() functions to float*_is_quiet_nan() 2011-01-02 11:15:25 +01:00
target-ppc target-ppc: use float32_is_any_nan() 2011-01-06 16:12:14 +01:00
target-s390x s390: compile fixes 2010-12-26 00:29:49 +01:00
target-sh4 target-xxx: Use fprintf_function (format checking) 2010-10-30 08:01:59 +00:00
target-sparc target-sparc: fix udiv(cc) and sdiv(cc) 2010-12-28 18:44:51 +00:00
tcg tcg/arm: fix branch target change during code retranslation 2011-01-08 16:39:47 +01:00
tests rewrite i386 tests Makefile 2010-10-23 14:47:13 +00:00
ui vnc/spice: add set_passwd monitor command. 2010-12-09 14:23:25 +01:00
.gitignore Add a DTrace tracing backend targetted for SystemTAP compatability 2010-11-21 09:16:56 -06:00
.gitmodules
a.out.h
acl.c
acl.h
aes.c
aes.h
aio.c block: fix aio_flush segfaults for read-only protocols (e.g. curl) 2010-05-21 11:49:18 +02:00
alpha-dis.c *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
alpha.ld
arch_init.c migration: stable ram block ordering 2010-12-02 21:13:39 +02:00
arch_init.h Refactor target specific handling, compile vl.c only once 2010-03-29 19:23:52 +00:00
arm-dis.c *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
arm-semi.c Fix commandline handling for ARM semihosted executables 2011-01-07 18:20:48 +02:00
arm.ld
async.c
balloon.c trace: Trace entry point of balloon request handler 2010-09-09 16:22:45 -05:00
balloon.h move balloon handling to balloon.c 2010-04-09 18:55:56 +02:00
block_int.h qed: Add QEMU Enhanced Disk image format 2010-12-17 16:11:04 +01:00
block-migration.c block migration: do not submit multiple AIOs for same sector (v2) 2010-11-24 17:31:06 +01:00
block-migration.h
block.c block: delete a write-only variable 2011-01-06 18:25:37 +00:00
block.h block: add discard support 2010-12-17 16:11:03 +01:00
blockdev.c Introduce do_snapshot_blkdev() and monitor command to handle it. 2010-12-17 16:11:03 +01:00
blockdev.h Introduce do_snapshot_blkdev() and monitor command to handle it. 2010-12-17 16:11:03 +01:00
bswap.h Fix leul_to_cpu on big endian hosts 2010-05-31 20:55:23 +02:00
bt-host.c bt: remove dead assignments, spotted by clang analyzer 2010-04-25 18:20:28 +00:00
bt-host.h
bt-vhci.c
buffered_file.c migration: allow rate > 4g 2010-12-02 21:13:39 +02:00
buffered_file.h
cache-utils.c Remove trailing whitespace 2010-11-01 00:54:06 +03:00
cache-utils.h
Changelog
check-qdict.c check-qdict: Introduce test for the new iteration API 2010-07-01 14:27:13 -03:00
check-qfloat.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
check-qint.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
check-qjson.c Silence compiler warning in json test case 2010-10-22 10:08:37 -02:00
check-qlist.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
check-qstring.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
cmd.c qemu-io: check registered fds in command_loop() 2010-06-22 14:38:02 +02:00
cmd.h
CODING_STYLE HACKING: add C type rules 2010-09-10 18:47:31 +00:00
compatfd.c signalfd compatibility 2010-10-20 16:15:04 -05:00
compatfd.h signalfd compatibility 2010-10-20 16:15:04 -05:00
config.h
configure linux-user: Implement sync_file_range{,2} syscalls 2011-01-07 17:13:22 +02:00
console.c console: Avoid dereferencing NULL active_console 2010-10-03 06:43:10 +00:00
console.h Fix curses on big endian hosts 2011-01-04 21:58:24 +01:00
COPYING
COPYING.LIB
cpu-all.h target-xxx: Use fprintf_function (format checking) 2010-10-30 08:01:59 +00:00
cpu-common.h exec: introduce endianness swapped mmio 2010-12-11 15:24:25 +00:00
cpu-defs.h move stop/stopped CPU_COMMON fields after area zeroed by reset 2010-05-11 14:02:22 -03:00
cpu-exec.c target-mips: fix host CPU consumption when guest is idle 2010-12-27 00:58:06 +01:00
cpus.c cpus: flush all requests on each vm stop 2010-12-09 12:47:19 +02:00
cpus.h target-xxx: Use fprintf_function (format checking) 2010-10-30 08:01:59 +00:00
create_config configure: Fix evaluation of config-host.mak in create_config 2010-06-13 12:50:30 +02:00
cris-dis.c Remove special handling of system include files (no longer needed) 2010-10-22 17:11:28 +00:00
cursor_hidden.xpm cursor: add cursor functions. 2010-05-24 15:18:23 -05:00
cursor_left_ptr.xpm cursor: add cursor functions. 2010-05-24 15:18:23 -05:00
cursor.c cursor: add cursor functions. 2010-05-24 15:18:23 -05:00
cutils.c Introduce strtosz_suffix() 2010-12-17 16:10:59 +01:00
def-helper.h tcg: Optionally sign-extend 32-bit arguments for 64-bit hosts. 2010-06-16 11:29:11 +02:00
device_tree.c
device_tree.h
dis-asm.h *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
disas.c Use GCC_FMT_ATTR (format checking) 2010-10-03 06:34:51 +00:00
disas.h Remove special handling of system include files (no longer needed) 2010-10-22 17:11:28 +00:00
dma-helpers.c
dma.h
dyngen-exec.h Remove special handling of system include files (no longer needed) 2010-10-22 17:11:28 +00:00
elf.h Add more DT_* and AT_* constants to qemu's copy of elf.h. 2010-07-29 08:32:27 +02:00
envlist.c
envlist.h
exec-all.h TCG: Improve tb_phys_hash_func() 2010-12-31 22:23:38 +01:00
exec.c Use mmap() within code_gen_alloc() for OpenBSD. 2010-12-21 19:44:54 +00:00
feature_to_c.sh Use gcc warning flag -Wnested-externs 2010-09-18 07:02:16 +00:00
gdbstub.c Use gcc warning flag -Wnested-externs 2010-09-18 07:02:16 +00:00
gdbstub.h Use gcc warning flag -Wnested-externs 2010-09-18 07:02:16 +00:00
gen-icount.h Compile qemu-timer only once 2010-03-29 19:24:00 +00:00
HACKING HACKING: add rules for printf-like functions 2010-09-10 18:53:11 +00:00
hmp-commands.hx Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
host-utils.c
host-utils.h
hpet.h
hppa-dis.c tcg-hppa: Fix const errors in hppa-dis.c 2010-03-23 22:00:43 +01:00
hppa.ld
hxtool hxtool: Fix line number reporting on SQMP/EQMP errors 2010-06-11 16:35:46 -03:00
i386-dis.c i386-dis: Fix unused return value, spotted by clang 2010-04-18 14:27:44 +00:00
i386.ld
ia64-dis.c Fix %lld or %llx printf format use 2010-05-22 08:02:12 +00:00
ia64.ld
input.c un-register kbd driver in case of USB kbd unplug. 2010-06-14 15:46:28 -05:00
ioport-user.c
ioport.c Type-safe ioport callbacks 2010-11-21 09:16:57 -06:00
ioport.h Type-safe ioport callbacks 2010-11-21 09:16:57 -06:00
iorange.h Type-safe ioport callbacks 2010-11-21 09:16:57 -06:00
iov.c iov: Move from hw/ to topdir 2010-05-10 11:36:03 -05:00
iov.h iov: Move from hw/ to topdir 2010-05-10 11:36:03 -05:00
json-lexer.c remove unnecessary lookaheads 2010-06-11 15:25:14 -03:00
json-lexer.h
json-parser.c Use GCC_FMT_ATTR (format checking) 2010-10-03 06:34:51 +00:00
json-parser.h
json-streamer.c json-streamer: Don't use qdict_put_obj() 2010-06-11 15:25:14 -03:00
json-streamer.h
kvm-all.c migration: stable ram block ordering 2010-12-02 21:13:39 +02:00
kvm-stub.c MCE: Relay UCR MCE to guest 2010-10-20 16:15:04 -05:00
kvm.h MCE: Relay UCR MCE to guest 2010-10-20 16:15:04 -05:00
libfdt_env.h
LICENSE
linux-aio.c linux-aio: Fix typo in read() EINTR check 2010-04-23 16:21:57 +02:00
m68k-dis.c *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
m68k-semi.c Move qemu_gettimeofday() to OS specific files 2010-10-30 08:02:38 +00:00
m68k.ld
MAINTAINERS Use a Linux-style MAINTAINERS file 2010-11-30 14:38:55 -06:00
make_device_config.sh win32: Fix CRLF problem in make_device_config.sh 2010-12-18 18:58:25 +00:00
Makefile spice: add qxl vgabios binary. 2010-12-09 14:23:24 +01:00
Makefile.dis
Makefile.hw Clean libhw subdirs as well 2010-05-22 08:24:49 +00:00
Makefile.objs qed: Read/write support 2010-12-17 16:11:04 +01:00
Makefile.target Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
Makefile.user
microblaze-dis.c *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
migration-exec.c Factorize common migration incoming code 2010-06-22 15:15:51 -05:00
migration-fd.c Factorize common migration incoming code 2010-06-22 15:15:51 -05:00
migration-tcp.c Close socket file descriptor when qemu_accept fails 2010-07-25 17:03:51 +02:00
migration-unix.c Factorize common migration incoming code 2010-06-22 15:15:51 -05:00
migration.c migration/savevm: no need to flush requests 2010-12-09 12:47:48 +02:00
migration.h Factorize common migration incoming code 2010-06-22 15:15:51 -05:00
mips-dis.c *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
mips.ld
module.c
module.h
monitor.c Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
monitor.h spice: connection events. 2010-12-09 14:23:24 +01:00
nbd.c nbd: Haiku has _IO() in its BSD compatibility layer 2010-10-03 06:31:33 +00:00
nbd.h Merge remote branch 'kwolf/for-anthony' into staging 2010-09-08 14:26:57 -05:00
net-checksum.c
net.c net/sock: option to specify local address 2010-12-09 12:45:50 +02:00
net.h Add bootindex parameter to net/block/fd device 2010-12-11 21:32:46 +00:00
notify.c
notify.h
os-posix.c Separate qemu_pidfile() into OS specific versions 2010-10-30 08:02:39 +00:00
os-win32.c Separate qemu_pidfile() into OS specific versions 2010-10-30 08:02:39 +00:00
osdep.c Remove unncessary includes 2010-10-30 08:02:40 +00:00
osdep.h Move qemu_gettimeofday() to OS specific files 2010-10-30 08:02:38 +00:00
oslib-posix.c virtio-9p: fix build on !CONFIG_UTIMENSAT 2010-12-02 16:08:40 -08:00
oslib-win32.c Consolidate oom_check() functions 2010-10-30 08:02:39 +00:00
path.c
pci-ids.txt
pflib.c add pflib: PixelFormat conversion library. 2010-09-21 18:35:30 +02:00
pflib.h add pflib: PixelFormat conversion library. 2010-09-21 18:35:30 +02:00
poison.h move targphys.h and hw/poison.h inclusion to cpu-common.h 2010-04-09 18:55:55 +02:00
posix-aio-compat.c Move qemu_gettimeofday() to OS specific files 2010-10-30 08:02:38 +00:00
ppc64.ld
ppc-dis.c
ppc.ld
qbool.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qbool.h
qdict-test-data.txt
qdict.c QDict: Introduce qdict_get_try_bool() 2010-07-01 14:27:13 -03:00
qdict.h QDict: Introduce qdict_get_try_bool() 2010-07-01 14:27:13 -03:00
qemu_socket.h Fix OpenBSD build 2010-09-22 20:05:23 +00:00
qemu-aio.h
qemu-barrier.h Introduce proper compiler barrier 2010-07-22 05:52:08 +02:00
qemu-binfmt-conf.sh update binfmt conf 2010-12-03 15:09:39 +02:00
qemu-char.c qemu-char: Introduce Memory driver 2010-11-17 09:52:24 -02:00
qemu-char.h qemu-char: Introduce Memory driver 2010-11-17 09:52:24 -02:00
qemu-common.h Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
qemu-config.c Add bootindex for option roms. 2010-12-11 21:32:47 +00:00
qemu-config.h spice: core bits 2010-09-21 18:36:42 +02:00
qemu-doc.texi intel-hda: documentation update 2010-11-02 00:41:04 +03:00
qemu-error.c error: Move qerror_report() from qemu-error.[ch] to qerror.[ch] 2010-03-27 14:30:38 +01:00
qemu-error.h Use GCC_FMT_ATTR (format checking) 2010-10-03 06:34:51 +00:00
qemu-img-cmds.hx Copy snapshots out of QCOW2 disk 2010-10-22 14:49:35 +02:00
qemu-img.c Remove NULL checks for bdrv_new return value 2010-12-17 16:11:03 +01:00
qemu-img.texi Copy snapshots out of QCOW2 disk 2010-10-22 14:49:35 +02:00
qemu-io.c qemu-io: Fix typo in help texts 2010-12-17 16:11:03 +01:00
qemu-lock.h Remove unused spin_trylock() function 2010-12-04 21:21:28 +00:00
qemu-log.h
qemu-malloc.c Add missing tracing to qemu_mallocz() 2010-12-14 15:44:21 +01:00
qemu-nbd.c Remove NULL checks for bdrv_new return value 2010-12-17 16:11:03 +01:00
qemu-nbd.texi
qemu-objects.h Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qemu-option.c qemu-option: Fix parse_option_parameters() documentation typo 2010-12-14 15:44:21 +01:00
qemu-option.h error: New qemu_opts_loc_restore() 2010-07-06 17:05:49 +02:00
qemu-options.h Introduce OS specific cmdline argument handling and move SMB arg to os-posix.c 2010-06-12 08:49:15 +03:00
qemu-options.hx Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
qemu-os-posix.h virtio-9p: fix build on !CONFIG_UTIMENSAT 2010-12-02 16:08:40 -08:00
qemu-os-win32.h Move qemu_gettimeofday() to OS specific files 2010-10-30 08:02:38 +00:00
qemu-queue.h
qemu-sockets.c qemu-sockets: avoid strlen of NULL pointer 2010-05-18 19:49:16 +02:00
qemu-tech.texi
qemu-thread.c qemu-thread: add qemu_mutex/cond_destroy and qemu_mutex_exit 2010-07-26 17:36:14 -05:00
qemu-thread.h qemu-thread: add qemu_mutex/cond_destroy and qemu_mutex_exit 2010-07-26 17:36:14 -05:00
qemu-timer-common.c Add OpenBSD to ifdef list since it has CLOCK_MONOTONIC. 2010-12-21 19:44:42 +00:00
qemu-timer.c qemu-timer: move commonly used timer code to qemu-timer-common 2010-10-23 15:24:07 +00:00
qemu-timer.h Mov muldiv64 to qemu-common.h (Thus unbreaking gus) 2010-10-30 01:41:01 +04:00
qemu-tool.c Move qemu_gettimeofday() to OS specific files 2010-10-30 08:02:38 +00:00
qemu-x509.h
qemu.sasl
qerror.c Use GCC_FMT_ATTR (format checking) 2010-10-03 06:34:51 +00:00
qerror.h Use GCC_FMT_ATTR (format checking) 2010-10-03 06:34:51 +00:00
qfloat.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qfloat.h
qint.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qint.h Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qjson.c Add support for JSON pretty printing 2010-10-01 10:12:43 -03:00
qjson.h Merge remote branch 'qmp/for-anthony' into staging 2010-10-05 13:54:49 -05:00
qlist.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qlist.h Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qmp-commands.hx Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
qobject.h Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qstring.c Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
qstring.h Fix qtypes' licenses 2010-05-19 12:45:54 -03:00
range.h Introduce range.h 2010-09-18 05:53:14 +00:00
readline.c
readline.h
README
rules.mak rewrite i386 tests Makefile 2010-10-23 14:47:13 +00:00
rwhandler.c Make simple io mem handler endian aware 2010-12-11 15:24:25 +00:00
rwhandler.h Make simple io mem handler endian aware 2010-12-11 15:24:25 +00:00
s390-dis.c s390: Disassemble some general-instruction-extension insns. 2010-06-10 00:46:41 +02:00
s390.ld
savevm.c migration/savevm: no need to flush requests 2010-12-09 12:47:48 +02:00
sh4-dis.c *-dis: Replace fprintf_ftype by fprintf_function (format checking) 2010-12-04 20:50:30 +00:00
simpletrace.c qemu-timer: move commonly used timer code to qemu-timer-common 2010-10-23 15:24:07 +00:00
simpletrace.h trace: Use fprintf_function (format checking) 2010-11-21 09:16:57 -06:00
simpletrace.py trace: Relax trace-events parsing regex in simpletrace.py 2010-10-20 16:27:51 +00:00
softmmu_defs.h
softmmu_exec.h sparc64: handle asi referencing nucleus and secondary MMU contexts 2010-05-06 23:14:26 +03:00
softmmu_header.h sparc64: fix 32bit load sign extension 2010-06-02 20:04:52 +00:00
softmmu_template.h Split TLB addend and target_phys_addr_t 2010-04-05 00:28:53 +01:00
softmmu-semi.h
sparc64.ld
sparc-dis.c sparc64: more ultrasparc asi extensions for disassembler 2010-05-06 20:13:02 +00:00
sparc.ld
sysemu.h Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
targphys.h Split TLB addend and target_phys_addr_t 2010-04-05 00:28:53 +01:00
tcg-runtime.c
texi2pod.pl
thunk.c
thunk.h
TODO
trace-events qed: Read/write support 2010-12-17 16:11:04 +01:00
tracetool Add support for generating a systemtap tapset static probes 2010-11-21 09:16:56 -06:00
translate-all.c tcg: get rid of copy_size in TCGOpDef 2010-06-09 16:10:50 +02:00
uboot_image.h
usb-bsd.c
usb-linux.c usb-linux: Get the active configuration from sysfs rather then asking the dev 2010-11-16 14:35:00 -06:00
usb-stub.c
VERSION Update version for 0.13.x 2010-07-28 07:58:15 -05:00
version.rc mingw: add version information to the executables 2010-09-26 16:07:57 +00:00
vgafont.h
vl.c Merge branch 'spice.v23.pull' of git://anongit.freedesktop.org/spice/qemu 2010-12-27 22:59:48 +01:00
x86_64.ld

Read the documentation in qemu-doc.html.

Fabrice Bellard.