qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [PATCH for-8.1] target/arm: Special case M-profile in debug_helper.c code
@ 2023-07-21 14:32 Peter Maydell
  2023-07-22 14:06 ` Richard Henderson
  0 siblings, 1 reply; 2+ messages in thread
From: Peter Maydell @ 2023-07-21 14:32 UTC (permalink / raw)
  To: qemu-arm, qemu-devel

A lot of the code called from helper_exception_bkpt_insn() is written
assuming A-profile, but we will also call this helper on M-profile
CPUs when they execute a BKPT insn.  This used to work by accident,
but recent changes mean that we will hit an assert when some of this
code calls down into lower level functions that end up calling
arm_security_space_below_el3(), arm_el_is_aa64(), and other functions
that now explicitly assert that the guest CPU is not M-profile.

Handle M-profile directly to avoid the assertions:
 * in arm_debug_target_el(), M-profile debug exceptions always
   go to EL1
 * in arm_debug_exception_fsr(), M-profile always uses the short
   format FSR (compare commit d7fe699be54b2, though in this case
   the code in arm_v7m_cpu_do_interrupt() does not need to
   look at the FSR value at all)

Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1775
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
Not sure exactly when this assert() got in (probably in the
semi-recent refactorings for realm support), but it won't hurt
to backport the fix even if the older QEMU doesn't assert().
---
 target/arm/debug_helper.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c
index 8362462a07e..abe72e35ae6 100644
--- a/target/arm/debug_helper.c
+++ b/target/arm/debug_helper.c
@@ -21,6 +21,10 @@ static int arm_debug_target_el(CPUARMState *env)
     bool secure = arm_is_secure(env);
     bool route_to_el2 = false;
 
+    if (arm_feature(env, ARM_FEATURE_M)) {
+        return 1;
+    }
+
     if (arm_is_el2_enabled(env)) {
         route_to_el2 = env->cp15.hcr_el2 & HCR_TGE ||
                        env->cp15.mdcr_el2 & MDCR_TDE;
@@ -434,18 +438,20 @@ static uint32_t arm_debug_exception_fsr(CPUARMState *env)
 {
     ARMMMUFaultInfo fi = { .type = ARMFault_Debug };
     int target_el = arm_debug_target_el(env);
-    bool using_lpae = false;
+    bool using_lpae;
 
-    if (target_el == 2 || arm_el_is_aa64(env, target_el)) {
+    if (arm_feature(env, ARM_FEATURE_M)) {
+        using_lpae = false;
+    } else if (target_el == 2 || arm_el_is_aa64(env, target_el)) {
         using_lpae = true;
     } else if (arm_feature(env, ARM_FEATURE_PMSA) &&
                arm_feature(env, ARM_FEATURE_V8)) {
         using_lpae = true;
+    } else if (arm_feature(env, ARM_FEATURE_LPAE) &&
+               (env->cp15.tcr_el[target_el] & TTBCR_EAE)) {
+        using_lpae = true;
     } else {
-        if (arm_feature(env, ARM_FEATURE_LPAE) &&
-            (env->cp15.tcr_el[target_el] & TTBCR_EAE)) {
-            using_lpae = true;
-        }
+        using_lpae = false;
     }
 
     if (using_lpae) {
-- 
2.34.1



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH for-8.1] target/arm: Special case M-profile in debug_helper.c code
  2023-07-21 14:32 [PATCH for-8.1] target/arm: Special case M-profile in debug_helper.c code Peter Maydell
@ 2023-07-22 14:06 ` Richard Henderson
  0 siblings, 0 replies; 2+ messages in thread
From: Richard Henderson @ 2023-07-22 14:06 UTC (permalink / raw)
  To: Peter Maydell, qemu-arm, qemu-devel

On 7/21/23 15:32, Peter Maydell wrote:
> A lot of the code called from helper_exception_bkpt_insn() is written
> assuming A-profile, but we will also call this helper on M-profile
> CPUs when they execute a BKPT insn.  This used to work by accident,
> but recent changes mean that we will hit an assert when some of this
> code calls down into lower level functions that end up calling
> arm_security_space_below_el3(), arm_el_is_aa64(), and other functions
> that now explicitly assert that the guest CPU is not M-profile.
> 
> Handle M-profile directly to avoid the assertions:
>   * in arm_debug_target_el(), M-profile debug exceptions always
>     go to EL1
>   * in arm_debug_exception_fsr(), M-profile always uses the short
>     format FSR (compare commit d7fe699be54b2, though in this case
>     the code in arm_v7m_cpu_do_interrupt() does not need to
>     look at the FSR value at all)
> 
> Cc:qemu-stable@nongnu.org
> Resolves:https://gitlab.com/qemu-project/qemu/-/issues/1775
> Signed-off-by: Peter Maydell<peter.maydell@linaro.org>
> ---
> Not sure exactly when this assert() got in (probably in the
> semi-recent refactorings for realm support), but it won't hurt
> to backport the fix even if the older QEMU doesn't assert().
> ---

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

r~


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-07-22 14:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-21 14:32 [PATCH for-8.1] target/arm: Special case M-profile in debug_helper.c code Peter Maydell
2023-07-22 14:06 ` Richard Henderson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).