diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2023-07-25 10:56:51 +0100 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2023-07-25 10:56:51 +0100 |
| commit | 5d78893f39caf94c8587141e2219b57a7d63dd5c (patch) | |
| tree | 4e29c6c8e9048088826d1574a4c105a9a2feb119 | |
| parent | f9540bb1b2d35d2b0f7e831208c5f44854896cd0 (diff) | |
| download | qemu-5d78893f39caf94c8587141e2219b57a7d63dd5c.zip qemu-5d78893f39caf94c8587141e2219b57a7d63dd5c.tar.gz qemu-5d78893f39caf94c8587141e2219b57a7d63dd5c.tar.bz2 | |
target/arm: Special case M-profile in debug_helper.c code
A lot of the code called from helper_exception_bkpt_insn() is written
assuming A-profile, but we will also call this helper on M-profile
CPUs when they execute a BKPT insn. This used to work by accident,
but recent changes mean that we will hit an assert when some of this
code calls down into lower level functions that end up calling
arm_security_space_below_el3(), arm_el_is_aa64(), and other functions
that now explicitly assert that the guest CPU is not M-profile.
Handle M-profile directly to avoid the assertions:
* in arm_debug_target_el(), M-profile debug exceptions always
go to EL1
* in arm_debug_exception_fsr(), M-profile always uses the short
format FSR (compare commit d7fe699be54b2, though in this case
the code in arm_v7m_cpu_do_interrupt() does not need to
look at the FSR value at all)
Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1775
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20230721143239.1753066-1-peter.maydell@linaro.org
| -rw-r--r-- | target/arm/debug_helper.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c index 8362462..abe72e3 100644 --- a/target/arm/debug_helper.c +++ b/target/arm/debug_helper.c @@ -21,6 +21,10 @@ static int arm_debug_target_el(CPUARMState *env) bool secure = arm_is_secure(env); bool route_to_el2 = false; + if (arm_feature(env, ARM_FEATURE_M)) { + return 1; + } + if (arm_is_el2_enabled(env)) { route_to_el2 = env->cp15.hcr_el2 & HCR_TGE || env->cp15.mdcr_el2 & MDCR_TDE; @@ -434,18 +438,20 @@ static uint32_t arm_debug_exception_fsr(CPUARMState *env) { ARMMMUFaultInfo fi = { .type = ARMFault_Debug }; int target_el = arm_debug_target_el(env); - bool using_lpae = false; + bool using_lpae; - if (target_el == 2 || arm_el_is_aa64(env, target_el)) { + if (arm_feature(env, ARM_FEATURE_M)) { + using_lpae = false; + } else if (target_el == 2 || arm_el_is_aa64(env, target_el)) { using_lpae = true; } else if (arm_feature(env, ARM_FEATURE_PMSA) && arm_feature(env, ARM_FEATURE_V8)) { using_lpae = true; + } else if (arm_feature(env, ARM_FEATURE_LPAE) && + (env->cp15.tcr_el[target_el] & TTBCR_EAE)) { + using_lpae = true; } else { - if (arm_feature(env, ARM_FEATURE_LPAE) && - (env->cp15.tcr_el[target_el] & TTBCR_EAE)) { - using_lpae = true; - } + using_lpae = false; } if (using_lpae) { |