summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAvi Kivity <avi@redhat.com>2009-07-12 18:01:47 +0300
committerAvi Kivity <avi@redhat.com>2009-07-12 18:01:47 +0300
commit18b29b17a8a6d681f1a29abba0706d0dbec51e33 (patch)
tree33a583b38a415fedf23680178381cc8a32089f22
parentMerge commit '94c5495dd16ca3311cbc95705e58d28a45899d1d' into upstream-merge (diff)
parentQEMU: MCE: Add MCE simulation to qemu/tcg (diff)
downloadqemu-kvm-18b29b17a8a6d681f1a29abba0706d0dbec51e33.tar.gz
qemu-kvm-18b29b17a8a6d681f1a29abba0706d0dbec51e33.tar.bz2
qemu-kvm-18b29b17a8a6d681f1a29abba0706d0dbec51e33.zip
Merge commit '79c4f6b08009a1d23177c2be8bd003253cf3686a' into upstream-merge
* commit '79c4f6b08009a1d23177c2be8bd003253cf3686a': QEMU: MCE: Add MCE simulation to qemu/tcg getrlimit conversion mix-up wrap path for access syscall 64-bit clean socketcall syscall pipe argument should not be signed configure: remove bogus linux-user check linux-user/syscall.c: remove warning: ‘array’ may be used uninitialized in this function linux-user: check some parameters for some socket syscalls. linux-user: increment MAX_ARG_PAGES Conflicts: qemu-monitor.hx Signed-off-by: Avi Kivity <avi@redhat.com>
-rwxr-xr-xconfigure16
-rw-r--r--cpu-all.h4
-rw-r--r--cpu-exec.c4
-rw-r--r--linux-user/main.c8
-rw-r--r--linux-user/qemu.h2
-rw-r--r--linux-user/syscall.c182
-rw-r--r--monitor.c46
-rw-r--r--qemu-monitor.hx8
-rw-r--r--target-i386/cpu.h24
-rw-r--r--target-i386/helper.c70
-rw-r--r--target-i386/machine.c29
-rw-r--r--target-i386/op_helper.c34
12 files changed, 333 insertions, 94 deletions
diff --git a/configure b/configure
index f380f958e..a1272035e 100755
--- a/configure
+++ b/configure
@@ -1345,8 +1345,7 @@ fi
# have syscall stubs for these implemented.
#
atfile=no
-if [ "$linux_user" = "yes" ] ; then
- cat > $TMPC << EOF
+cat > $TMPC << EOF
#define _ATFILE_SOURCE
#include <sys/types.h>
#include <fcntl.h>
@@ -1359,9 +1358,8 @@ main(void)
return (unlinkat(AT_FDCWD, "nonexistent_file", 0));
}
EOF
- if $cc $ARCH_CFLAGS -o $TMPE $TMPC 2> /dev/null > /dev/null ; then
- atfile=yes
- fi
+if $cc $ARCH_CFLAGS -o $TMPE $TMPC 2> /dev/null > /dev/null ; then
+ atfile=yes
fi
# Check for inotify functions when we are building linux-user
@@ -1370,8 +1368,7 @@ fi
# don't provide them even if kernel supports them.
#
inotify=no
-if [ "$linux_user" = "yes" ] ; then
- cat > $TMPC << EOF
+cat > $TMPC << EOF
#include <sys/inotify.h>
int
@@ -1381,9 +1378,8 @@ main(void)
return inotify_init();
}
EOF
- if $cc $ARCH_CFLAGS -o $TMPE $TMPC 2> /dev/null > /dev/null ; then
- inotify=yes
- fi
+if $cc $ARCH_CFLAGS -o $TMPE $TMPC 2> /dev/null > /dev/null ; then
+ inotify=yes
fi
# check if utimensat and futimens are supported
diff --git a/cpu-all.h b/cpu-all.h
index e1dfa83b7..f3a067134 100644
--- a/cpu-all.h
+++ b/cpu-all.h
@@ -770,6 +770,7 @@ extern int use_icount;
#define CPU_INTERRUPT_NMI 0x200 /* NMI pending. */
#define CPU_INTERRUPT_INIT 0x400 /* INIT pending. */
#define CPU_INTERRUPT_SIPI 0x800 /* SIPI pending. */
+#define CPU_INTERRUPT_MCE 0x1000 /* (x86 only) MCE pending. */
void cpu_interrupt(CPUState *s, int mask);
void cpu_reset_interrupt(CPUState *env, int mask);
@@ -1072,4 +1073,7 @@ extern int64_t kqemu_ret_excp_count;
extern int64_t kqemu_ret_intr_count;
#endif
+void cpu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+ uint64_t mcg_status, uint64_t addr, uint64_t misc);
+
#endif /* CPU_ALL_H */
diff --git a/cpu-exec.c b/cpu-exec.c
index ffa92f1fb..cc0ba6ebb 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -407,6 +407,10 @@ int cpu_exec(CPUState *env1)
env->hflags2 |= HF2_NMI_MASK;
do_interrupt(EXCP02_NMI, 0, 0, 0, 1);
next_tb = 0;
+ } else if (interrupt_request & CPU_INTERRUPT_MCE) {
+ env->interrupt_request &= ~CPU_INTERRUPT_MCE;
+ do_interrupt(EXCP12_MCHK, 0, 0, 0, 0);
+ next_tb = 0;
} else if ((interrupt_request & CPU_INTERRUPT_HARD) &&
(((env->hflags2 & HF2_VINTR_MASK) &&
(env->hflags2 & HF2_HIF_MASK)) ||
diff --git a/linux-user/main.c b/linux-user/main.c
index 30290a583..d49605bd4 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -2432,6 +2432,7 @@ int main(int argc, char **argv, char **envp)
envlist_t *envlist = NULL;
const char *argv0 = NULL;
int i;
+ int ret;
if (argc <= 1)
usage();
@@ -2636,9 +2637,10 @@ int main(int argc, char **argv, char **envp)
env->opaque = ts;
task_settid(ts);
- if (loader_exec(filename, target_argv, target_environ, regs,
- info, &bprm) != 0) {
- printf("Error loading %s\n", filename);
+ ret = loader_exec(filename, target_argv, target_environ, regs,
+ info, &bprm);
+ if (ret != 0) {
+ printf("Error %d while loading %s\n", ret, filename);
_exit(1);
}
diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index e04a31c69..83ad443c2 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -140,7 +140,7 @@ extern const char *qemu_uname_release;
* and envelope for the new program. 32 should suffice, this gives
* a maximum env+arg of 128kB w/4KB pages!
*/
-#define MAX_ARG_PAGES 32
+#define MAX_ARG_PAGES 33
/*
* This structure is used to hold the arguments that are
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 11564fd0b..000962328 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -953,7 +953,7 @@ static abi_long do_pipe2(int host_pipe[], int flags)
#endif
}
-static abi_long do_pipe(void *cpu_env, int pipedes, int flags)
+static abi_long do_pipe(void *cpu_env, abi_ulong pipedes, int flags)
{
int host_pipe[2];
abi_long ret;
@@ -1498,13 +1498,17 @@ static abi_long do_bind(int sockfd, abi_ulong target_addr,
socklen_t addrlen)
{
void *addr;
+ abi_long ret;
if (addrlen < 0)
return -TARGET_EINVAL;
addr = alloca(addrlen+1);
- target_to_host_sockaddr(addr, target_addr, addrlen);
+ ret = target_to_host_sockaddr(addr, target_addr, addrlen);
+ if (ret)
+ return ret;
+
return get_errno(bind(sockfd, addr, addrlen));
}
@@ -1513,13 +1517,17 @@ static abi_long do_connect(int sockfd, abi_ulong target_addr,
socklen_t addrlen)
{
void *addr;
+ abi_long ret;
if (addrlen < 0)
return -TARGET_EINVAL;
addr = alloca(addrlen);
- target_to_host_sockaddr(addr, target_addr, addrlen);
+ ret = target_to_host_sockaddr(addr, target_addr, addrlen);
+ if (ret)
+ return ret;
+
return get_errno(connect(sockfd, addr, addrlen));
}
@@ -1543,8 +1551,12 @@ static abi_long do_sendrecvmsg(int fd, abi_ulong target_msg,
if (msgp->msg_name) {
msg.msg_namelen = tswap32(msgp->msg_namelen);
msg.msg_name = alloca(msg.msg_namelen);
- target_to_host_sockaddr(msg.msg_name, tswapl(msgp->msg_name),
+ ret = target_to_host_sockaddr(msg.msg_name, tswapl(msgp->msg_name),
msg.msg_namelen);
+ if (ret) {
+ unlock_user_struct(msgp, target_msg, send ? 0 : 1);
+ return ret;
+ }
} else {
msg.msg_name = NULL;
msg.msg_namelen = 0;
@@ -1586,12 +1598,19 @@ static abi_long do_accept(int fd, abi_ulong target_addr,
void *addr;
abi_long ret;
+ if (target_addr == 0)
+ return get_errno(accept(fd, NULL, NULL));
+
+ /* linux returns EINVAL if addrlen pointer is invalid */
if (get_user_u32(addrlen, target_addrlen_addr))
- return -TARGET_EFAULT;
+ return -TARGET_EINVAL;
if (addrlen < 0)
return -TARGET_EINVAL;
+ if (!access_ok(VERIFY_WRITE, target_addr, addrlen))
+ return -TARGET_EINVAL;
+
addr = alloca(addrlen);
ret = get_errno(accept(fd, addr, &addrlen));
@@ -1617,6 +1636,9 @@ static abi_long do_getpeername(int fd, abi_ulong target_addr,
if (addrlen < 0)
return -TARGET_EINVAL;
+ if (!access_ok(VERIFY_WRITE, target_addr, addrlen))
+ return -TARGET_EFAULT;
+
addr = alloca(addrlen);
ret = get_errno(getpeername(fd, addr, &addrlen));
@@ -1636,15 +1658,15 @@ static abi_long do_getsockname(int fd, abi_ulong target_addr,
void *addr;
abi_long ret;
- if (target_addr == 0)
- return get_errno(accept(fd, NULL, NULL));
-
if (get_user_u32(addrlen, target_addrlen_addr))
return -TARGET_EFAULT;
if (addrlen < 0)
return -TARGET_EINVAL;
+ if (!access_ok(VERIFY_WRITE, target_addr, addrlen))
+ return -TARGET_EFAULT;
+
addr = alloca(addrlen);
ret = get_errno(getsockname(fd, addr, &addrlen));
@@ -1688,7 +1710,11 @@ static abi_long do_sendto(int fd, abi_ulong msg, size_t len, int flags,
return -TARGET_EFAULT;
if (target_addr) {
addr = alloca(addrlen);
- target_to_host_sockaddr(addr, target_addr, addrlen);
+ ret = target_to_host_sockaddr(addr, target_addr, addrlen);
+ if (ret) {
+ unlock_user(host_msg, msg, 0);
+ return ret;
+ }
ret = get_errno(sendto(fd, host_msg, len, flags, addr, addrlen));
} else {
ret = get_errno(send(fd, host_msg, len, flags));
@@ -1751,11 +1777,11 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
switch(num) {
case SOCKOP_socket:
{
- int domain, type, protocol;
+ abi_ulong domain, type, protocol;
- if (get_user_s32(domain, vptr)
- || get_user_s32(type, vptr + n)
- || get_user_s32(protocol, vptr + 2 * n))
+ if (get_user_ual(domain, vptr)
+ || get_user_ual(type, vptr + n)
+ || get_user_ual(protocol, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_socket(domain, type, protocol);
@@ -1763,13 +1789,13 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_bind:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong target_addr;
socklen_t addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(target_addr, vptr + n)
- || get_user_u32(addrlen, vptr + 2 * n))
+ || get_user_ual(addrlen, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_bind(sockfd, target_addr, addrlen);
@@ -1777,13 +1803,13 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_connect:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong target_addr;
socklen_t addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(target_addr, vptr + n)
- || get_user_u32(addrlen, vptr + 2 * n))
+ || get_user_ual(addrlen, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_connect(sockfd, target_addr, addrlen);
@@ -1791,10 +1817,10 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_listen:
{
- int sockfd, backlog;
+ abi_ulong sockfd, backlog;
- if (get_user_s32(sockfd, vptr)
- || get_user_s32(backlog, vptr + n))
+ if (get_user_ual(sockfd, vptr)
+ || get_user_ual(backlog, vptr + n))
return -TARGET_EFAULT;
ret = get_errno(listen(sockfd, backlog));
@@ -1802,12 +1828,12 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_accept:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong target_addr, target_addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(target_addr, vptr + n)
- || get_user_u32(target_addrlen, vptr + 2 * n))
+ || get_user_ual(target_addrlen, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_accept(sockfd, target_addr, target_addrlen);
@@ -1815,12 +1841,12 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_getsockname:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong target_addr, target_addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(target_addr, vptr + n)
- || get_user_u32(target_addrlen, vptr + 2 * n))
+ || get_user_ual(target_addrlen, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_getsockname(sockfd, target_addr, target_addrlen);
@@ -1828,12 +1854,12 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_getpeername:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong target_addr, target_addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(target_addr, vptr + n)
- || get_user_u32(target_addrlen, vptr + 2 * n))
+ || get_user_ual(target_addrlen, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_getpeername(sockfd, target_addr, target_addrlen);
@@ -1841,12 +1867,12 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_socketpair:
{
- int domain, type, protocol;
+ abi_ulong domain, type, protocol;
abi_ulong tab;
- if (get_user_s32(domain, vptr)
- || get_user_s32(type, vptr + n)
- || get_user_s32(protocol, vptr + 2 * n)
+ if (get_user_ual(domain, vptr)
+ || get_user_ual(type, vptr + n)
+ || get_user_ual(protocol, vptr + 2 * n)
|| get_user_ual(tab, vptr + 3 * n))
return -TARGET_EFAULT;
@@ -1855,15 +1881,15 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_send:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong msg;
size_t len;
- int flags;
+ abi_ulong flags;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(msg, vptr + n)
|| get_user_ual(len, vptr + 2 * n)
- || get_user_s32(flags, vptr + 3 * n))
+ || get_user_ual(flags, vptr + 3 * n))
return -TARGET_EFAULT;
ret = do_sendto(sockfd, msg, len, flags, 0, 0);
@@ -1871,15 +1897,15 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_recv:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong msg;
size_t len;
- int flags;
+ abi_ulong flags;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(msg, vptr + n)
|| get_user_ual(len, vptr + 2 * n)
- || get_user_s32(flags, vptr + 3 * n))
+ || get_user_ual(flags, vptr + 3 * n))
return -TARGET_EFAULT;
ret = do_recvfrom(sockfd, msg, len, flags, 0, 0);
@@ -1887,19 +1913,19 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_sendto:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong msg;
size_t len;
- int flags;
+ abi_ulong flags;
abi_ulong addr;
socklen_t addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(msg, vptr + n)
|| get_user_ual(len, vptr + 2 * n)
- || get_user_s32(flags, vptr + 3 * n)
+ || get_user_ual(flags, vptr + 3 * n)
|| get_user_ual(addr, vptr + 4 * n)
- || get_user_u32(addrlen, vptr + 5 * n))
+ || get_user_ual(addrlen, vptr + 5 * n))
return -TARGET_EFAULT;
ret = do_sendto(sockfd, msg, len, flags, addr, addrlen);
@@ -1907,19 +1933,19 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_recvfrom:
{
- int sockfd;
+ abi_ulong sockfd;
abi_ulong msg;
size_t len;
- int flags;
+ abi_ulong flags;
abi_ulong addr;
socklen_t addrlen;
- if (get_user_s32(sockfd, vptr)
+ if (get_user_ual(sockfd, vptr)
|| get_user_ual(msg, vptr + n)
|| get_user_ual(len, vptr + 2 * n)
- || get_user_s32(flags, vptr + 3 * n)
+ || get_user_ual(flags, vptr + 3 * n)
|| get_user_ual(addr, vptr + 4 * n)
- || get_user_u32(addrlen, vptr + 5 * n))
+ || get_user_ual(addrlen, vptr + 5 * n))
return -TARGET_EFAULT;
ret = do_recvfrom(sockfd, msg, len, flags, addr, addrlen);
@@ -1927,10 +1953,10 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_shutdown:
{
- int sockfd, how;
+ abi_ulong sockfd, how;
- if (get_user_s32(sockfd, vptr)
- || get_user_s32(how, vptr + n))
+ if (get_user_ual(sockfd, vptr)
+ || get_user_ual(how, vptr + n))
return -TARGET_EFAULT;
ret = get_errno(shutdown(sockfd, how));
@@ -1939,13 +1965,13 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
case SOCKOP_sendmsg:
case SOCKOP_recvmsg:
{
- int fd;
+ abi_ulong fd;
abi_ulong target_msg;
- int flags;
+ abi_ulong flags;
- if (get_user_s32(fd, vptr)
+ if (get_user_ual(fd, vptr)
|| get_user_ual(target_msg, vptr + n)
- || get_user_s32(flags, vptr + 2 * n))
+ || get_user_ual(flags, vptr + 2 * n))
return -TARGET_EFAULT;
ret = do_sendrecvmsg(fd, target_msg, flags,
@@ -1954,17 +1980,17 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_setsockopt:
{
- int sockfd;
- int level;
- int optname;
+ abi_ulong sockfd;
+ abi_ulong level;
+ abi_ulong optname;
abi_ulong optval;
socklen_t optlen;
- if (get_user_s32(sockfd, vptr)
- || get_user_s32(level, vptr + n)
- || get_user_s32(optname, vptr + 2 * n)
+ if (get_user_ual(sockfd, vptr)
+ || get_user_ual(level, vptr + n)
+ || get_user_ual(optname, vptr + 2 * n)
|| get_user_ual(optval, vptr + 3 * n)
- || get_user_u32(optlen, vptr + 4 * n))
+ || get_user_ual(optlen, vptr + 4 * n))
return -TARGET_EFAULT;
ret = do_setsockopt(sockfd, level, optname, optval, optlen);
@@ -1972,17 +1998,17 @@ static abi_long do_socketcall(int num, abi_ulong vptr)
break;
case SOCKOP_getsockopt:
{
- int sockfd;
- int level;
- int optname;
+ abi_ulong sockfd;
+ abi_ulong level;
+ abi_ulong optname;
abi_ulong optval;
socklen_t optlen;
- if (get_user_s32(sockfd, vptr)
- || get_user_s32(level, vptr + n)
- || get_user_s32(optname, vptr + 2 * n)
+ if (get_user_ual(sockfd, vptr)
+ || get_user_ual(level, vptr + n)
+ || get_user_ual(optname, vptr + 2 * n)
|| get_user_ual(optval, vptr + 3 * n)
- || get_user_u32(optlen, vptr + 4 * n))
+ || get_user_ual(optlen, vptr + 4 * n))
return -TARGET_EFAULT;
ret = do_getsockopt(sockfd, level, optname, optval, optlen);
@@ -2215,7 +2241,7 @@ static inline abi_long do_semctl(int semid, int semnum, int cmd,
{
union semun arg;
struct semid_ds dsarg;
- unsigned short *array;
+ unsigned short *array = NULL;
struct seminfo seminfo;
abi_long ret = -TARGET_EINVAL;
abi_long err;
@@ -4529,7 +4555,7 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
case TARGET_NR_access:
if (!(p = lock_user_string(arg1)))
goto efault;
- ret = get_errno(access(p, arg2));
+ ret = get_errno(access(path(p), arg2));
unlock_user(p, arg1, 0);
break;
#if defined(TARGET_NR_faccessat) && defined(__NR_faccessat)
@@ -5021,8 +5047,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
if (!is_error(ret)) {
if (!lock_user_struct(VERIFY_WRITE, target_rlim, arg2, 0))
goto efault;
- rlim.rlim_cur = tswapl(target_rlim->rlim_cur);
- rlim.rlim_max = tswapl(target_rlim->rlim_max);
+ target_rlim->rlim_cur = tswapl(rlim.rlim_cur);
+ target_rlim->rlim_max = tswapl(rlim.rlim_max);
unlock_user_struct(target_rlim, arg2, 1);
}
}
diff --git a/monitor.c b/monitor.c
index cfca4661a..713673605 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1701,6 +1701,28 @@ static void do_acl_remove(Monitor *mon, const char *aclname, const char *match)
}
}
+#if defined(TARGET_I386)
+static void do_inject_mce(Monitor *mon,
+ int cpu_index, int bank,
+ unsigned status_hi, unsigned status_lo,
+ unsigned mcg_status_hi, unsigned mcg_status_lo,
+ unsigned addr_hi, unsigned addr_lo,
+ unsigned misc_hi, unsigned misc_lo)
+{
+ CPUState *cenv;
+ uint64_t status = ((uint64_t)status_hi << 32) | status_lo;
+ uint64_t mcg_status = ((uint64_t)mcg_status_hi << 32) | mcg_status_lo;
+ uint64_t addr = ((uint64_t)addr_hi << 32) | addr_lo;
+ uint64_t misc = ((uint64_t)misc_hi << 32) | misc_lo;
+
+ for (cenv = first_cpu; cenv != NULL; cenv = cenv->next_cpu)
+ if (cenv->cpu_index == cpu_index && cenv->mcg_cap) {
+ cpu_inject_x86_mce(cenv, bank, status, mcg_status, addr, misc);
+ break;
+ }
+}
+#endif
+
static const mon_cmd_t mon_cmds[] = {
#include "qemu-monitor.h"
{ NULL, NULL, },
@@ -2475,6 +2497,15 @@ static void monitor_handle_command(Monitor *mon, const char *cmdline)
void *arg3, void *arg4, void *arg5);
void (*handler_7)(Monitor *mon, void *arg0, void *arg1, void *arg2,
void *arg3, void *arg4, void *arg5, void *arg6);
+ void (*handler_8)(Monitor *mon, void *arg0, void *arg1, void *arg2,
+ void *arg3, void *arg4, void *arg5, void *arg6,
+ void *arg7);
+ void (*handler_9)(Monitor *mon, void *arg0, void *arg1, void *arg2,
+ void *arg3, void *arg4, void *arg5, void *arg6,
+ void *arg7, void *arg8);
+ void (*handler_10)(Monitor *mon, void *arg0, void *arg1, void *arg2,
+ void *arg3, void *arg4, void *arg5, void *arg6,
+ void *arg7, void *arg8, void *arg9);
#ifdef DEBUG
monitor_printf(mon, "command='%s'\n", cmdline);
@@ -2763,6 +2794,21 @@ static void monitor_handle_command(Monitor *mon, const char *cmdline)
handler_7(mon, args[0], args[1], args[2], args[3], args[4], args[5],
args[6]);
break;
+ case 8:
+ handler_8 = cmd->handler;
+ handler_8(mon, args[0], args[1], args[2], args[3], args[4], args[5],
+ args[6], args[7]);
+ break;
+ case 9:
+ handler_9 = cmd->handler;
+ handler_9(mon, args[0], args[1], args[2], args[3], args[4], args[5],
+ args[6], args[7], args[8]);
+ break;
+ case 10:
+ handler_10 = cmd->handler;
+ handler_10(mon, args[0], args[1], args[2], args[3], args[4], args[5],
+ args[6], args[7], args[8], args[9]);
+ break;
default:
monitor_printf(mon, "unsupported number of arguments: %d\n", nb_args);
goto fail;
diff --git a/qemu-monitor.hx b/qemu-monitor.hx
index 17572224e..1b0a6ef62 100644
--- a/qemu-monitor.hx
+++ b/qemu-monitor.hx
@@ -615,6 +615,14 @@ Remove all matches from the access control list, and set the default
policy back to @code{deny}.
ETEXI
+#if defined(TARGET_I386)
+ { "mce", "iillll", do_inject_mce, "cpu bank status mcgstatus addr misc", "inject a MCE on the given CPU"},
+#endif
+STEXI
+@item mce @var{cpu} @var{bank} @var{status} @var{mcgstatus} @var{addr} @var{misc}
+Inject an MCE on the given CPU (x86 only).
+ETEXI
+
{ "cpu_set", "is", do_cpu_set_nr,
"cpu [online|offline]", "change cpu state" },
STEXI
diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index 4a8608e0c..6f7478a71 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -204,6 +204,7 @@
#define CR4_DE_MASK (1 << 3)
#define CR4_PSE_MASK (1 << 4)
#define CR4_PAE_MASK (1 << 5)
+#define CR4_MCE_MASK (1 << 6)
#define CR4_PGE_MASK (1 << 7)
#define CR4_PCE_MASK (1 << 8)
#define CR4_OSFXSR_SHIFT 9
@@ -250,6 +251,17 @@
#define PG_ERROR_RSVD_MASK 0x08
#define PG_ERROR_I_D_MASK 0x10
+#define MCG_CTL_P (1UL<<8) /* MCG_CAP register available */
+
+#define MCE_CAP_DEF MCG_CTL_P
+#define MCE_BANKS_DEF 10
+
+#define MCG_STATUS_MCIP (1UL<<2) /* machine check in progress */
+
+#define MCI_STATUS_VAL (1UL<<63) /* valid error */
+#define MCI_STATUS_OVER (1UL<<62) /* previous errors lost */
+#define MCI_STATUS_UC (1UL<<61) /* uncorrected error */
+
#define MSR_IA32_TSC 0x10
#define MSR_IA32_APICBASE 0x1b
#define MSR_IA32_APICBASE_BSP (1<<8)
@@ -290,6 +302,11 @@
#define MSR_MTRRdefType 0x2ff
+#define MSR_MC0_CTL 0x400
+#define MSR_MC0_STATUS 0x401
+#define MSR_MC0_ADDR 0x402
+#define MSR_MC0_MISC 0x403
+
#define MSR_EFER 0xc0000080
#define MSR_EFER_SCE (1 << 0)
@@ -678,6 +695,11 @@ typedef struct CPUX86State {
/* in order to simplify APIC support, we leave this pointer to the
user */
struct APICState *apic_state;
+
+ uint64 mcg_cap;
+ uint64 mcg_status;
+ uint64 mcg_ctl;
+ uint64 *mce_banks;
} CPUX86State;
CPUX86State *cpu_x86_init(const char *cpu_model);
@@ -842,7 +864,7 @@ static inline int cpu_get_time_fast(void)
#define cpu_signal_handler cpu_x86_signal_handler
#define cpu_list x86_cpu_list
-#define CPU_SAVE_VERSION 9
+#define CPU_SAVE_VERSION 10
/* MMU modes definitions */
#define MMU_MODE0_SUFFIX _kernel
diff --git a/target-i386/helper.c b/target-i386/helper.c
index 72ea6cf72..49cefc3e3 100644
--- a/target-i386/helper.c
+++ b/target-i386/helper.c
@@ -1498,8 +1498,77 @@ static void breakpoint_handler(CPUState *env)
if (prev_debug_excp_handler)
prev_debug_excp_handler(env);
}
+
+/* This should come from sysemu.h - if we could include it here... */
+void qemu_system_reset_request(void);
+
+void cpu_inject_x86_mce(CPUState *cenv, int bank, uint64_t status,
+ uint64_t mcg_status, uint64_t addr, uint64_t misc)
+{
+ uint64_t mcg_cap = cenv->mcg_cap;
+ unsigned bank_num = mcg_cap & 0xff;
+ uint64_t *banks = cenv->mce_banks;
+
+ if (bank >= bank_num || !(status & MCI_STATUS_VAL))
+ return;
+
+ /*
+ * if MSR_MCG_CTL is not all 1s, the uncorrected error
+ * reporting is disabled
+ */
+ if ((status & MCI_STATUS_UC) && (mcg_cap & MCG_CTL_P) &&
+ cenv->mcg_ctl != ~(uint64_t)0)
+ return;
+ banks += 4 * bank;
+ /*
+ * if MSR_MCi_CTL is not all 1s, the uncorrected error
+ * reporting is disabled for the bank
+ */
+ if ((status & MCI_STATUS_UC) && banks[0] != ~(uint64_t)0)
+ return;
+ if (status & MCI_STATUS_UC) {
+ if ((cenv->mcg_status & MCG_STATUS_MCIP) ||
+ !(cenv->cr[4] & CR4_MCE_MASK)) {
+ fprintf(stderr, "injects mce exception while previous "
+ "one is in progress!\n");
+ qemu_log_mask(CPU_LOG_RESET, "Triple fault\n");
+ qemu_system_reset_request();
+ return;
+ }
+ if (banks[1] & MCI_STATUS_VAL)
+ status |= MCI_STATUS_OVER;
+ banks[2] = addr;
+ banks[3] = misc;
+ cenv->mcg_status = mcg_status;
+ banks[1] = status;
+ cpu_interrupt(cenv, CPU_INTERRUPT_MCE);
+ } else if (!(banks[1] & MCI_STATUS_VAL)
+ || !(banks[1] & MCI_STATUS_UC)) {
+ if (banks[1] & MCI_STATUS_VAL)
+ status |= MCI_STATUS_OVER;
+ banks[2] = addr;
+ banks[3] = misc;
+ banks[1] = status;
+ } else
+ banks[1] |= MCI_STATUS_OVER;
+}
#endif /* !CONFIG_USER_ONLY */
+static void mce_init(CPUX86State *cenv)
+{
+ unsigned int bank, bank_num;
+
+ if (((cenv->cpuid_version >> 8)&0xf) >= 6
+ && (cenv->cpuid_features&(CPUID_MCE|CPUID_MCA)) == (CPUID_MCE|CPUID_MCA)) {
+ cenv->mcg_cap = MCE_CAP_DEF | MCE_BANKS_DEF;
+ cenv->mcg_ctl = ~(uint64_t)0;
+ bank_num = cenv->mcg_cap & 0xff;
+ cenv->mce_banks = qemu_mallocz(bank_num * sizeof(uint64_t) * 4);
+ for (bank = 0; bank < bank_num; bank++)
+ cenv->mce_banks[bank*4] = ~(uint64_t)0;
+ }
+}
+
static void host_cpuid(uint32_t function, uint32_t count,
uint32_t *eax, uint32_t *ebx,
uint32_t *ecx, uint32_t *edx)
@@ -1758,6 +1827,7 @@ CPUX86State *cpu_x86_init(const char *cpu_model)
cpu_x86_close(env);
return NULL;
}
+ mce_init(env);
cpu_reset(env);
#ifdef CONFIG_KQEMU
kqemu_init(env);
diff --git a/target-i386/machine.c b/target-i386/machine.c
index 10aa19b00..b716c3357 100644
--- a/target-i386/machine.c
+++ b/target-i386/machine.c
@@ -161,7 +161,20 @@ void cpu_save(QEMUFile *f, void *opaque)
qemu_put_sbe32s(f, &pending_irq);
qemu_put_be32s(f, &env->mp_state);
qemu_put_be64s(f, &env->tsc);
-}
+
+ /* MCE */
+ qemu_put_be64s(f, &env->mcg_cap);
+ if (env->mcg_cap) {
+ qemu_put_be64s(f, &env->mcg_status);
+ qemu_put_be64s(f, &env->mcg_ctl);
+ for (i = 0; i < (env->mcg_cap & 0xff); i++) {
+ qemu_put_be64s(f, &env->mce_banks[4*i]);
+ qemu_put_be64s(f, &env->mce_banks[4*i + 1]);
+ qemu_put_be64s(f, &env->mce_banks[4*i + 2]);
+ qemu_put_be64s(f, &env->mce_banks[4*i + 3]);
+ }
+ }
+ }
#ifdef USE_X86LDOUBLE
/* XXX: add that in a FPU generic layer */
@@ -352,6 +365,20 @@ int cpu_load(QEMUFile *f, void *opaque, int version_id)
qemu_get_be64s(f, &env->tsc);
}
+ if (version_id >= 10) {
+ qemu_get_be64s(f, &env->mcg_cap);
+ if (env->mcg_cap) {
+ qemu_get_be64s(f, &env->mcg_status);
+ qemu_get_be64s(f, &env->mcg_ctl);
+ for (i = 0; i < (env->mcg_cap & 0xff); i++) {
+ qemu_get_be64s(f, &env->mce_banks[4*i]);
+ qemu_get_be64s(f, &env->mce_banks[4*i + 1]);
+ qemu_get_be64s(f, &env->mce_banks[4*i + 2]);
+ qemu_get_be64s(f, &env->mce_banks[4*i + 3]);
+ }
+ }
+ }
+
/* XXX: ensure compatiblity for halted bit ? */
/* XXX: compute redundant hflags bits */
env->hflags = hflags;
diff --git a/target-i386/op_helper.c b/target-i386/op_helper.c
index bd1769c52..ed22c7a65 100644
--- a/target-i386/op_helper.c
+++ b/target-i386/op_helper.c
@@ -3133,7 +3133,23 @@ void helper_wrmsr(void)
case MSR_MTRRdefType:
env->mtrr_deftype = val;
break;
+ case MSR_MCG_STATUS:
+ env->mcg_status = val;
+ break;
+ case MSR_MCG_CTL:
+ if ((env->mcg_cap & MCG_CTL_P)
+ && (val == 0 || val == ~(uint64_t)0))
+ env->mcg_ctl = val;
+ break;
default:
+ if ((uint32_t)ECX >= MSR_MC0_CTL
+ && (uint32_t)ECX < MSR_MC0_CTL + (4 * env->mcg_cap & 0xff)) {
+ uint32_t offset = (uint32_t)ECX - MSR_MC0_CTL;
+ if ((offset & 0x3) != 0
+ || (val == 0 || val == ~(uint64_t)0))
+ env->mce_banks[offset] = val;
+ break;
+ }
/* XXX: exception ? */
break;
}
@@ -3252,7 +3268,25 @@ void helper_rdmsr(void)
/* XXX: exception ? */
val = 0;
break;
+ case MSR_MCG_CAP:
+ val = env->mcg_cap;
+ break;
+ case MSR_MCG_CTL:
+ if (env->mcg_cap & MCG_CTL_P)
+ val = env->mcg_ctl;
+ else
+ val = 0;
+ break;
+ case MSR_MCG_STATUS:
+ val = env->mcg_status;
+ break;
default:
+ if ((uint32_t)ECX >= MSR_MC0_CTL
+ && (uint32_t)ECX < MSR_MC0_CTL + (4 * env->mcg_cap & 0xff)) {
+ uint32_t offset = (uint32_t)ECX - MSR_MC0_CTL;
+ val = env->mce_banks[offset];
+ break;
+ }
/* XXX: exception ? */
val = 0;
break;