A random mix of items here, nothing very major.

The following changes since commit d0dff238a87fa81393ed72754d4dc8b09e50b08b:

Merge remote-tracking branch 'remotes/juanquintela/tags/migration/20170206' into staging (2017-02-07 15:29:26 +0000)

are available in the git repository at:

git://git.linaro.org/people/pmaydell/qemu-arm.git tags/pull-target-arm-20170207

for you to fetch changes up to 7727b832886fafbdec7299eb7773dc9071bf4cdd:

stellaris: Use the 'unimplemented' device for parts we don't implement (2017-02-07 18:30:00 +0000)

target-arm:

* new "unimplemented" device for stubbing out devices in a

system model so accesses can be logged

* stellaris: document the SoC memory map

* arm: create instruction syndromes for AArch32 data aborts

* arm: Correctly handle watchpoints for BE32 CPUs

* Fix Thumb-1 BE32 execution and disassembly

* arm: Add cfgend parameter for ARM CPU selection

* sd: sdhci: check data length during dma_memory_read

* aspeed: add a watchdog controller

* integratorcp: adding vmstate for save/restore

Cédric Le Goater (2):

wdt: Add Aspeed watchdog device model

aspeed: add a watchdog controller

Julian Brown (4):

hw/arm/integratorcp: Support specifying features via -cpu

target/arm: Add cfgend parameter for ARM CPU selection.

Fix Thumb-1 BE32 execution and disassembly.

arm: Correctly handle watchpoints for BE32 CPUs

Pavel Dovgalyuk (1):

integratorcp: adding vmstate for save/restore

target/arm: Abstract out pbit/wbit tests in ARM ldr/str decode

target/arm: A32, T32: Create Instruction Syndromes for Data Aborts

stellaris: Document memory map and which SoC devices are unimplemented

hw/misc: New "unimplemented" sysbus device

stellaris: Use the 'unimplemented' device for parts we don't implement

Prasad J Pandit (1):

sd: sdhci: check data length during dma_memory_read

hw/misc/Makefile.objs | 2 +

hw/watchdog/Makefile.objs | 1 +

include/disas/bfd.h | 7 ++

include/hw/arm/aspeed_soc.h | 2 +

include/hw/misc/unimp.h | 39 +++++++

include/hw/watchdog/wdt_aspeed.h | 32 ++++++

include/qom/cpu.h | 3 +

target/arm/arm_ldst.h | 10 +-

target/arm/cpu.h | 7 ++

target/arm/internals.h | 5 +

target/arm/translate.h | 14 +++

disas.c | 1 +

exec.c | 1 +

hw/arm/aspeed_soc.c | 13 +++

hw/arm/integratorcp.c | 78 +++++++++++++-

hw/arm/stellaris.c | 48 +++++++++

hw/misc/unimp.c | 107 +++++++++++++++++++

hw/sd/sdhci.c | 2 +-

hw/watchdog/wdt_aspeed.c | 225 +++++++++++++++++++++++++++++++++++++++

qom/cpu.c | 6 ++

target/arm/cpu.c | 39 +++++++

target/arm/op_helper.c | 22 ++++

target/arm/translate-a64.c | 14 ---

target/arm/translate.c | 193 ++++++++++++++++++++++++---------

24 files changed, 801 insertions(+), 70 deletions(-)

create mode 100644 include/hw/misc/unimp.h

create mode 100644 include/hw/watchdog/wdt_aspeed.h

create mode 100644 hw/misc/unimp.c

create mode 100644 hw/watchdog/wdt_aspeed.c

From: Julian Brown <julian@codesourcery.com>

In BE32 mode, sub-word size watchpoints can fail to trigger because the

address of the access is adjusted in the opcode helpers before being

compared with the watchpoint registers. This patch reverses the address

adjustment before performing the comparison with the help of a new CPUClass

hook.

This version of the patch augments and tidies up comments a little.

Signed-off-by: Julian Brown <julian@codesourcery.com>

Message-id: caaf64ffc72f6ae183015337b7afdbd4b8989cb6.1484929304.git.julian@codesourcery.com

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

include/qom/cpu.h | 3 +++

target/arm/internals.h | 5 +++++

exec.c | 1 +

qom/cpu.c | 6 ++++++

target/arm/cpu.c | 3 +++

target/arm/op_helper.c | 22 ++++++++++++++++++++++

6 files changed, 40 insertions(+)

diff --git a/include/qom/cpu.h b/include/qom/cpu.h

--- a/include/qom/cpu.h

+++ b/include/qom/cpu.h

@@ -XXX,XX +XXX,XX @@ struct TranslationBlock;

* @cpu_exec_exit: Callback for cpu_exec cleanup.

* @cpu_exec_interrupt: Callback for processing interrupts in cpu_exec.

* @disas_set_info: Setup architecture specific components of disassembly info

+ * @adjust_watchpoint_address: Perform a target-specific adjustment to an

+ * address before attempting to match it against watchpoints.

*

* Represents a CPU family or model.

*/

@@ -XXX,XX +XXX,XX @@ typedef struct CPUClass {

bool (*cpu_exec_interrupt)(CPUState *cpu, int interrupt_request);

void (*disas_set_info)(CPUState *cpu, disassemble_info *info);

+ vaddr (*adjust_watchpoint_address)(CPUState *cpu, vaddr addr, int len);

} CPUClass;

#ifdef HOST_WORDS_BIGENDIAN

diff --git a/target/arm/internals.h b/target/arm/internals.h

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/internals.h

+++ b/target/arm/internals.h

@@ -XXX,XX +XXX,XX @@ void hw_breakpoint_update_all(ARMCPU *cpu);

/* Callback function for checking if a watchpoint should trigger. */

bool arm_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp);

+/* Adjust addresses (in BE32 mode) before testing against watchpoint

+ * addresses.

+ */

+vaddr arm_adjust_watchpoint_address(CPUState *cs, vaddr addr, int len);

+

/* Callback function for when a watchpoint or breakpoint triggers. */

void arm_debug_excp_handler(CPUState *cs);

diff --git a/exec.c b/exec.c

index XXXXXXX..XXXXXXX 100644

--- a/exec.c

+++ b/exec.c

@@ -XXX,XX +XXX,XX @@ static void check_watchpoint(int offset, int len, MemTxAttrs attrs, int flags)

return;

}

vaddr = (cpu->mem_io_vaddr & TARGET_PAGE_MASK) + offset;

+ vaddr = cc->adjust_watchpoint_address(cpu, vaddr, len);

QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {

if (cpu_watchpoint_address_matches(wp, vaddr, len)

&& (wp->flags & flags)) {

diff --git a/qom/cpu.c b/qom/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/qom/cpu.c

+++ b/qom/cpu.c

@@ -XXX,XX +XXX,XX @@ static int64_t cpu_common_get_arch_id(CPUState *cpu)

return cpu->cpu_index;

}

+static vaddr cpu_adjust_watchpoint_address(CPUState *cpu, vaddr addr, int len)

+{

+ return addr;

+}

+

static void cpu_class_init(ObjectClass *klass, void *data)

{

DeviceClass *dc = DEVICE_CLASS(klass);

@@ -XXX,XX +XXX,XX @@ static void cpu_class_init(ObjectClass *klass, void *data)

k->cpu_exec_enter = cpu_common_noop;

k->cpu_exec_exit = cpu_common_noop;

k->cpu_exec_interrupt = cpu_common_exec_interrupt;

+ k->adjust_watchpoint_address = cpu_adjust_watchpoint_address;

set_bit(DEVICE_CATEGORY_CPU, dc->categories);

dc->realize = cpu_common_realizefn;

dc->unrealize = cpu_common_unrealizefn;

diff --git a/target/arm/cpu.c b/target/arm/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/cpu.c

+++ b/target/arm/cpu.c

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_class_init(ObjectClass *oc, void *data)

cc->gdb_stop_before_watchpoint = true;

cc->debug_excp_handler = arm_debug_excp_handler;

cc->debug_check_watchpoint = arm_debug_check_watchpoint;

+#if !defined(CONFIG_USER_ONLY)

+ cc->adjust_watchpoint_address = arm_adjust_watchpoint_address;

+#endif

cc->disas_set_info = arm_disas_set_info;

}

diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/op_helper.c

+++ b/target/arm/op_helper.c

@@ -XXX,XX +XXX,XX @@ bool arm_debug_check_watchpoint(CPUState *cs, CPUWatchpoint *wp)

return check_watchpoints(cpu);

}

+vaddr arm_adjust_watchpoint_address(CPUState *cs, vaddr addr, int len)

+{

+ ARMCPU *cpu = ARM_CPU(cs);

+ CPUARMState *env = &cpu->env;

+

+ /* In BE32 system mode, target memory is stored byteswapped (on a

+ * little-endian host system), and by the time we reach here (via an

+ * opcode helper) the addresses of subword accesses have been adjusted

+ * to account for that, which means that watchpoints will not match.

+ * Undo the adjustment here.

+ */

+ if (arm_sctlr_b(env)) {

+ if (len == 1) {

+ addr ^= 3;

+ } else if (len == 2) {

+ addr ^= 2;

+ }

+ }

+

+ return addr;

+}

+

void arm_debug_excp_handler(CPUState *cs)

{

/* Called by core code when a watchpoint or breakpoint fires;

2.7.4

From: Julian Brown <julian@codesourcery.com>

Add a new "cfgend" property which selects whether the CPU resets into

big-endian mode or not. This setting affects whether we reset with

SCTLR_B (ARMv6 and earlier) or SCTLR_EE (ARMv7 and later) set.

Signed-off-by: Julian Brown <julian@codesourcery.com>

Message-id: 11420d1c49636c1790e60578ee996e51f0f0b835.1484929304.git.julian@codesourcery.com

[PMM: use error_report_err() rather than error_report();

move the integratorcp changes to their own patch;

drop an unnecessary extra #include;

rephrase commit message accordingly;

move setting of reset_sctlr above registration of cpregs

so it actually has an effect]

target/arm/cpu.h | 7 +++++++

target/arm/cpu.c | 13 +++++++++++++

2 files changed, 20 insertions(+)

diff --git a/target/arm/cpu.h b/target/arm/cpu.h

--- a/target/arm/cpu.h

+++ b/target/arm/cpu.h

@@ -XXX,XX +XXX,XX @@ struct ARMCPU {

int gic_vpribits; /* number of virtual priority bits */

int gic_vprebits; /* number of virtual preemption bits */

+ /* Whether the cfgend input is high (i.e. this CPU should reset into

+ * big-endian mode). This setting isn't used directly: instead it modifies

+ * the reset_sctlr value to have SCTLR_B or SCTLR_EE set, depending on the

+ * architecture version.

+ */

+ bool cfgend;

+

ARMELChangeHook *el_change_hook;

void *el_change_hook_opaque;

};

diff --git a/target/arm/cpu.c b/target/arm/cpu.c

--- a/target/arm/cpu.c

+++ b/target/arm/cpu.c

@@ -XXX,XX +XXX,XX @@ static Property arm_cpu_has_el2_property =

static Property arm_cpu_has_el3_property =

DEFINE_PROP_BOOL("has_el3", ARMCPU, has_el3, true);

+static Property arm_cpu_cfgend_property =

+ DEFINE_PROP_BOOL("cfgend", ARMCPU, cfgend, false);

+

/* use property name "pmu" to match other archs and virt tools */

static Property arm_cpu_has_pmu_property =

DEFINE_PROP_BOOL("pmu", ARMCPU, has_pmu, true);

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_post_init(Object *obj)

}

static void arm_cpu_finalizefn(Object *obj)

@@ -XXX,XX +XXX,XX @@ static void arm_cpu_realizefn(DeviceState *dev, Error **errp)

cpu->reset_sctlr |= (1 << 13);

+ if (cpu->cfgend) {

+ if (arm_feature(&cpu->env, ARM_FEATURE_V7)) {

+ cpu->reset_sctlr |= SCTLR_EE;

+ } else {

+ cpu->reset_sctlr |= SCTLR_B;

+ }

+ }

+

if (!cpu->has_el3) {

/* If the has_el3 CPU property is disabled then we need to disable the

* feature.

2.7.4

Use the 'unimplemented' dummy device to cover regions of the

SoC device memory map which we don't have proper device

implementations for yet.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 1484247815-15279-4-git-send-email-peter.maydell@linaro.org

hw/arm/stellaris.c | 14 ++++++++++++++

1 file changed, 14 insertions(+)

diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c

--- a/hw/arm/stellaris.c

+++ b/hw/arm/stellaris.c

#include "exec/address-spaces.h"

#include "sysemu/sysemu.h"

#include "hw/char/pl011.h"

+#include "hw/misc/unimp.h"

#define GPIO_A 0

#define GPIO_B 1

@@ -XXX,XX +XXX,XX @@ static void stellaris_init(const char *kernel_filename, const char *cpu_model,

}

}

}

+

+ /* Add dummy regions for the devices we don't implement yet,

+ * so guest accesses don't cause unlogged crashes.

+ */

+ create_unimplemented_device("wdtimer", 0x40000000, 0x1000);

+ create_unimplemented_device("i2c-0", 0x40002000, 0x1000);

+ create_unimplemented_device("i2c-2", 0x40021000, 0x1000);

+ create_unimplemented_device("PWM", 0x40028000, 0x1000);

+ create_unimplemented_device("QEI-0", 0x4002c000, 0x1000);

+ create_unimplemented_device("QEI-1", 0x4002d000, 0x1000);

+ create_unimplemented_device("analogue-comparator", 0x4003c000, 0x1000);

+ create_unimplemented_device("hibernation", 0x400fc000, 0x1000);

+ create_unimplemented_device("flash-control", 0x400fd000, 0x1000);

}

/* FIXME: Figure out how to generate these from stellaris_boards. */

2.7.4

Add a comment documenting the memory map of the SoC devices and which

are not implemented.

Message-id: 1484247815-15279-2-git-send-email-peter.maydell@linaro.org

hw/arm/stellaris.c | 34 ++++++++++++++++++++++++++++++++++

1 file changed, 34 insertions(+)

diff --git a/hw/arm/stellaris.c b/hw/arm/stellaris.c

--- a/hw/arm/stellaris.c

+++ b/hw/arm/stellaris.c

@@ -XXX,XX +XXX,XX @@ static void stellaris_init(const char *kernel_filename, const char *cpu_model,

0x40024000, 0x40025000, 0x40026000};

static const int gpio_irq[7] = {0, 1, 2, 3, 4, 30, 31};

+ /* Memory map of SoC devices, from

+ * Stellaris LM3S6965 Microcontroller Data Sheet (rev I)

+ * http://www.ti.com/lit/ds/symlink/lm3s6965.pdf

+ *

+ * 40000000 wdtimer (unimplemented)

+ * 40002000 i2c (unimplemented)

+ * 40004000 GPIO

+ * 40005000 GPIO

+ * 40006000 GPIO

+ * 40007000 GPIO

+ * 40008000 SSI

+ * 4000c000 UART

+ * 4000d000 UART

+ * 4000e000 UART

+ * 40020000 i2c

+ * 40021000 i2c (unimplemented)

+ * 40024000 GPIO

+ * 40025000 GPIO

+ * 40026000 GPIO

+ * 40028000 PWM (unimplemented)

+ * 4002c000 QEI (unimplemented)

+ * 4002d000 QEI (unimplemented)

+ * 40030000 gptimer

+ * 40031000 gptimer

+ * 40032000 gptimer

+ * 40033000 gptimer

+ * 40038000 ADC

+ * 4003c000 analogue comparator (unimplemented)

+ * 40048000 ethernet

+ * 400fc000 hibernation module (unimplemented)

+ * 400fd000 flash memory control (unimplemented)

+ * 400fe000 system control

+ */

+

DeviceState *gpio_dev[7], *nvic;

qemu_irq gpio_in[7][8];

qemu_irq gpio_out[7][8];

2.7.4

From: Julian Brown <julian@codesourcery.com>

Thumb-1 code has some issues in BE32 mode (as currently implemented). In

short, since bytes are swapped within words at load time for BE32

executables, this also swaps pairs of adjacent Thumb-1 instructions.

This patch un-swaps those pairs of instructions again, both for execution,

and for disassembly. (The previous version of the patch always read four

bytes in arm_read_memory_func and then extracted the proper two bytes,

in a probably misguided attempt to match the behaviour of actual hardware

as described by e.g. the ARM9TDMI TRM, section 3.3 "Endian effects for

instruction fetches". It's less complicated to just read the correct

two bytes though.)

Signed-off-by: Julian Brown <julian@codesourcery.com>

Message-id: ca20462a044848000370318a8bd41dd0a4ed273f.1484929304.git.julian@codesourcery.com

include/disas/bfd.h | 7 +++++++

target/arm/arm_ldst.h | 10 +++++++++-

disas.c | 1 +

target/arm/cpu.c | 23 +++++++++++++++++++++++

4 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/include/disas/bfd.h b/include/disas/bfd.h

--- a/include/disas/bfd.h

+++ b/include/disas/bfd.h

@@ -XXX,XX +XXX,XX @@ typedef struct disassemble_info {

The bottom 16 bits are for the internal use of the disassembler. */

unsigned long flags;

#define INSN_HAS_RELOC    0x80000000

+#define INSN_ARM_BE32    0x00010000

PTR private_data;

/* Function used to get bytes to disassemble. MEMADDR is the

@@ -XXX,XX +XXX,XX @@ typedef struct disassemble_info {

(bfd_vma memaddr, bfd_byte *myaddr, int length,

     struct disassemble_info *info);

+ /* A place to stash the real read_memory_func if read_memory_func wants to

+ do some funky address arithmetic or similar (e.g. for ARM BE32 mode). */

+ int (*read_memory_inner_func)

+ (bfd_vma memaddr, bfd_byte *myaddr, int length,

+ struct disassemble_info *info);

+

/* Function which should be called if we get an error that we can't

recover from. STATUS is the errno value from read_memory_func and

MEMADDR is the address that we were trying to read. INFO is a

diff --git a/target/arm/arm_ldst.h b/target/arm/arm_ldst.h

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/arm_ldst.h

+++ b/target/arm/arm_ldst.h

@@ -XXX,XX +XXX,XX @@ static inline uint32_t arm_ldl_code(CPUARMState *env, target_ulong addr,

static inline uint16_t arm_lduw_code(CPUARMState *env, target_ulong addr,

bool sctlr_b)

{

- uint16_t insn = cpu_lduw_code(env, addr);

+ uint16_t insn;

+#ifndef CONFIG_USER_ONLY

+ /* In big-endian (BE32) mode, adjacent Thumb instructions have been swapped

+ within each word. Undo that now. */

+ if (sctlr_b) {

+ addr ^= 2;

+ }

+#endif

+ insn = cpu_lduw_code(env, addr);

if (bswap_code(sctlr_b)) {

return bswap16(insn);

}

diff --git a/disas.c b/disas.c

index XXXXXXX..XXXXXXX 100644

--- a/disas.c

+++ b/disas.c

@@ -XXX,XX +XXX,XX @@ void target_disas(FILE *out, CPUState *cpu, target_ulong code,

s.cpu = cpu;

s.info.read_memory_func = target_read_memory;

+ s.info.read_memory_inner_func = NULL;

s.info.buffer_vma = code;

s.info.buffer_length = size;

s.info.print_address_func = generic_print_address;

diff --git a/target/arm/cpu.c b/target/arm/cpu.c

index XXXXXXX..XXXXXXX 100644

--- a/target/arm/cpu.c

+++ b/target/arm/cpu.c

@@ -XXX,XX +XXX,XX @@ print_insn_thumb1(bfd_vma pc, disassemble_info *info)

return print_insn_arm(pc | 1, info);

}

+static int arm_read_memory_func(bfd_vma memaddr, bfd_byte *b,

+ int length, struct disassemble_info *info)

+{

+ assert(info->read_memory_inner_func);

+ assert((info->flags & INSN_ARM_BE32) == 0 || length == 2 || length == 4);

+

+ if ((info->flags & INSN_ARM_BE32) != 0 && length == 2) {

+ assert(info->endian == BFD_ENDIAN_LITTLE);

+ return info->read_memory_inner_func(memaddr ^ 2, (bfd_byte *)b, 2,

+ info);

+ } else {

+ return info->read_memory_inner_func(memaddr, b, length, info);

+ }

+}

+

static void arm_disas_set_info(CPUState *cpu, disassemble_info *info)

{

ARMCPU *ac = ARM_CPU(cpu);

@@ -XXX,XX +XXX,XX @@ static void arm_disas_set_info(CPUState *cpu, disassemble_info *info)

info->endian = BFD_ENDIAN_BIG;

#endif

}

+ if (info->read_memory_inner_func == NULL) {

+ info->read_memory_inner_func = info->read_memory_func;

+ info->read_memory_func = arm_read_memory_func;

+ }

+ info->flags &= ~INSN_ARM_BE32;

+ if (arm_sctlr_b(env)) {

+ info->flags |= INSN_ARM_BE32;

+ }

}

static void arm_cpu_initfn(Object *obj)

2.7.4

From: Julian Brown <julian@codesourcery.com>

Since the integratorcp board creates the CPU object directly

rather than via cpu_arm_init(), we have to call the CPU

class parse_features() method ourselves if we want to

support the user passing features via the -cpu command

line argument as well as just the cpu name. Do so.

Signed-off-by: Julian Brown <julian@codesourcery.com>

[PMM: split out into its own patch]

hw/arm/integratorcp.c | 19 +++++++++++++++++--

1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/hw/arm/integratorcp.c b/hw/arm/integratorcp.c

--- a/hw/arm/integratorcp.c

+++ b/hw/arm/integratorcp.c

@@ -XXX,XX +XXX,XX @@ static void integratorcp_init(MachineState *machine)

const char *kernel_filename = machine->kernel_filename;

const char *kernel_cmdline = machine->kernel_cmdline;

const char *initrd_filename = machine->initrd_filename;

+ char **cpustr;

ObjectClass *cpu_oc;

+ CPUClass *cc;

Object *cpuobj;

ARMCPU *cpu;

+ const char *typename;

MemoryRegion *address_space_mem = get_system_memory();

MemoryRegion *ram = g_new(MemoryRegion, 1);

MemoryRegion *ram_alias = g_new(MemoryRegion, 1);

qemu_irq pic[32];

DeviceState *dev, *sic, *icp;

int i;

+ Error *err = NULL;

if (!cpu_model) {

cpu_model = "arm926";

- cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, cpu_model);

+ cpustr = g_strsplit(cpu_model, ",", 2);

+

+ cpu_oc = cpu_class_by_name(TYPE_ARM_CPU, cpustr[0]);

if (!cpu_oc) {

fprintf(stderr, "Unable to find CPU definition\n");

exit(1);

}

+ typename = object_class_get_name(cpu_oc);

+

+ cc = CPU_CLASS(cpu_oc);

+ cc->parse_features(typename, cpustr[1], &err);

+ g_strfreev(cpustr);

+ if (err) {

+ error_report_err(err);

+ exit(1);

+ }

- cpuobj = object_new(object_class_get_name(cpu_oc));

+ cpuobj = object_new(typename);

/* By default ARM1176 CPUs have EL3 enabled. This board does not

* currently support EL3 so the CPU EL3 property is disabled before

2.7.4

Create a new "unimplemented" sysbus device, which simply accepts

all read and write accesses, and implements them as read-as-zero,

write-ignored, with logging of the access as LOG_UNIMP.

This is useful for stubbing out bits of an SoC or board model

which haven't been written yet.

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

Message-id: 1484247815-15279-3-git-send-email-peter.maydell@linaro.org

hw/misc/Makefile.objs | 2 +

include/hw/misc/unimp.h | 39 ++++++++++++++++++

hw/misc/unimp.c | 107 ++++++++++++++++++++++++++++++++++++++++++++++++

3 files changed, 148 insertions(+)

create mode 100644 include/hw/misc/unimp.h

create mode 100644 hw/misc/unimp.c

diff --git a/hw/misc/Makefile.objs b/hw/misc/Makefile.objs

index XXXXXXX..XXXXXXX 100644

--- a/hw/misc/Makefile.objs

+++ b/hw/misc/Makefile.objs

@@ -XXX,XX +XXX,XX @@ common-obj-$(CONFIG_SGA) += sga.o

common-obj-$(CONFIG_ISA_TESTDEV) += pc-testdev.o

common-obj-$(CONFIG_PCI_TESTDEV) += pci-testdev.o

+common-obj-y += unimp.o

+

obj-$(CONFIG_VMPORT) += vmport.o

# ARM devices

diff --git a/include/hw/misc/unimp.h b/include/hw/misc/unimp.h

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/include/hw/misc/unimp.h

@@ -XXX,XX +XXX,XX @@

+/*

+ * "Unimplemented" device

+ *

+ * Copyright Linaro Limited, 2017

+ * Written by Peter Maydell

+ */

+

+#ifndef HW_MISC_UNIMP_H

+#define HW_MISC_UNIMP_H

+

+#define TYPE_UNIMPLEMENTED_DEVICE "unimplemented-device"

+

+/**

+ * create_unimplemented_device: create and map a dummy device

+ * @name: name of the device for debug logging

+ * @base: base address of the device's MMIO region

+ * @size: size of the device's MMIO region

+ *

+ * This utility function creates and maps an instance of unimplemented-device,

+ * which is a dummy device which simply logs all guest accesses to

+ * it via the qemu_log LOG_UNIMP debug log.

+ * The device is mapped at priority -1000, which means that you can

+ * use it to cover a large region and then map other devices on top of it

+ * if necessary.

+ */

+static inline void create_unimplemented_device(const char *name,

+ hwaddr base,

+ hwaddr size)

+ DeviceState *dev = qdev_create(NULL, TYPE_UNIMPLEMENTED_DEVICE);

+

+ qdev_prop_set_string(dev, "name", name);

+ qdev_prop_set_uint64(dev, "size", size);

+ qdev_init_nofail(dev);

+

+ sysbus_mmio_map_overlap(SYS_BUS_DEVICE(dev), 0, base, -1000);

+}

+

+#endif

diff --git a/hw/misc/unimp.c b/hw/misc/unimp.c

new file mode 100644

index XXXXXXX..XXXXXXX

--- /dev/null

+++ b/hw/misc/unimp.c

@@ -XXX,XX +XXX,XX @@

+/* "Unimplemented" device

+ *

+ * This is a dummy device which accepts and logs all accesses.

+ * It's useful for stubbing out regions of an SoC or board

+ * map which correspond to devices that have not yet been

+ * implemented. This is often sufficient to placate initial

+ * guest device driver probing such that the system will

+ * come up.

+ *

+ * Copyright Linaro Limited, 2017

+ * Written by Peter Maydell

+ */

+

+#include "qemu/osdep.h"

+#include "hw/hw.h"

+#include "hw/sysbus.h"

+#include "hw/misc/unimp.h"

+#include "qemu/log.h"

+#include "qapi/error.h"

+

+#define UNIMPLEMENTED_DEVICE(obj) \

+ OBJECT_CHECK(UnimplementedDeviceState, (obj), TYPE_UNIMPLEMENTED_DEVICE)

+

+typedef struct {

+ SysBusDevice parent_obj;

+ MemoryRegion iomem;

+ char *name;

+ uint64_t size;

+} UnimplementedDeviceState;

+

+static uint64_t unimp_read(void *opaque, hwaddr offset, unsigned size)

+{

+ UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(opaque);

+

+ qemu_log_mask(LOG_UNIMP, "%s: unimplemented device read "

+ "(size %d, offset 0x%" HWADDR_PRIx ")\n",

+ s->name, size, offset);

+

+static void unimp_write(void *opaque, hwaddr offset,

+ uint64_t value, unsigned size)

+{

+ UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(opaque);

+

+ qemu_log_mask(LOG_UNIMP, "%s: unimplemented device write "

+ "(size %d, value 0x%" PRIx64

+ ", offset 0x%" HWADDR_PRIx ")\n",

+ s->name, size, value, offset);

+}

+

+static const MemoryRegionOps unimp_ops = {

+ .read = unimp_read,

+ .write = unimp_write,

+ .impl.min_access_size = 1,

+ .impl.max_access_size = 8,

+ .valid.min_access_size = 1,

+ .valid.max_access_size = 8,

+ .endianness = DEVICE_NATIVE_ENDIAN,

+};

+

+static void unimp_realize(DeviceState *dev, Error **errp)

+{

+ UnimplementedDeviceState *s = UNIMPLEMENTED_DEVICE(dev);

+

+ if (s->size == 0) {

+ error_setg(errp, "property 'size' not specified or zero");

+ return;

+ }

+

+ if (s->name == NULL) {

+ error_setg(errp, "property 'name' not specified");

+ return;

+ }

+

+ memory_region_init_io(&s->iomem, OBJECT(s), &unimp_ops, s,

+ s->name, s->size);

+ sysbus_init_mmio(SYS_BUS_DEVICE(s), &s->iomem);

+}

+

+static Property unimp_properties[] = {

+ DEFINE_PROP_UINT64("size", UnimplementedDeviceState, size, 0),

+ DEFINE_PROP_STRING("name", UnimplementedDeviceState, name),

+ DEFINE_PROP_END_OF_LIST(),

+};

+

+static void unimp_class_init(ObjectClass *klass, void *data)

+{

+ DeviceClass *dc = DEVICE_CLASS(klass);

+

+ dc->realize = unimp_realize;

+ dc->props = unimp_properties;

+}

+

+static const TypeInfo unimp_info = {

+ .name = TYPE_UNIMPLEMENTED_DEVICE,

+ .parent = TYPE_SYS_BUS_DEVICE,

+ .instance_size = sizeof(UnimplementedDeviceState),

+ .class_init = unimp_class_init,

+};

+

+static void unimp_register_types(void)

+{

+ type_register_static(&unimp_info);

+}

+

+type_init(unimp_register_types)

2.7.4

Add support for generating the ISS (Instruction Specific Syndrome)

for Data Abort exceptions taken from AArch32. These syndromes are

used by hypervisors for example to trap and emulate memory accesses.

This is the equivalent for AArch32 guests of the work done for AArch64

guests in commit aaa1f954d4cab243.

Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com>

target/arm/translate.h | 14 ++++

target/arm/translate-a64.c | 14 ----

target/arm/translate.c | 184 +++++++++++++++++++++++++++++++++------------

3 files changed, 149 insertions(+), 63 deletions(-)

diff --git a/target/arm/translate.h b/target/arm/translate.h

--- a/target/arm/translate.h

+++ b/target/arm/translate.h

@@ -XXX,XX +XXX,XX @@ static inline int default_exception_el(DisasContext *s)

? 3 : MAX(1, s->current_el);