Some analysis greatly benefits, or depends on, information about
certain types of dicontinuities such as interrupts. For example, we may
need to handle the execution of a new translation block differently if
it is not the result of normal program flow but of an interrupt.
Even with the existing interfaces, it is more or less possible to
discern these situations, e.g. as done by the cflow plugin. However,
this process poses a considerable overhead to the core analysis one may
intend to perform.
These changes introduce a generic and easy-to-use interface for plugin
authors in the form of a callback for discontinuities. Patch 1 defines
an enumeration of some trap-related discontinuities including somewhat
narrow definitions of the discontinuity evetns and a callback type.
Patch 2 defines the callback registration function. Patch 3 adds some
hooks for triggering the callbacks. Patch 4 adds an example plugin
showcasing the new API. Patches 5 through 20 call the hooks for a
selection of architectures, mapping architecture specific events to the
three categories defined in patch 1. Patch 21 supplies a test plugin
asserting some behavior of the plugin API w.r.t. the PCs reported by the
new API. Finally, patches 22 and 23 add new tests for riscv which serve
as test-cases for the test plugin.
Sidenote: I'm likely doing something wrong for one architecture or
the other. These patches are untested for most of them. I did skip some
architectures. Those will be added in the next patch series.
Until now, I also did not collect any Signed-off-by or Reviewed-by
lines as the series was in an RFC state and most patches were still in
flux for one reason or another.
Since v3 (RFC):
- Switched to shifting 1 notation for qemu_plugin_discon_type values
(as requested by Pierrick Bouvier)
- Added missing documentation of function parameters of function
pointer type qemu_plugin_vcpu_discon_cb_t
- Added missing documentation of function parameters of
qemu_plugin_register_vcpu_discon_cb
- Eliminated "to" argument from hooks called from target specific
code, i.e. qemu_plugin_vcpu_interrupt_cb and friends, determine "to"
address using CPUClass::get_pc
- Replaced comment declaring switch-case unreachable with
g_assert_not_reached()
- Call qemu_plugin_register_vcpu_discon_cb with QEMU_PLUGIN_DISCON_ALL
rather than QEMU_PLUGIN_DISCON_TRAPS in "traps" example plugin
- Take max_vcpus from qemu_info_t in "traps" example plugin, don't
determine it based on VCPU activation
- Added a description of the "traps" example plugin (as requested by
Pierrick Bouvier)
- Added section for the "traps" example plugin in documentation's
"Emulation" chapter
- Fixed messed-up switch-case in alpha_cpu_do_interrupt
- Added hooks for PA-RISC, x86, loongarch, Motorola 68000, MicroBlaze,
OpenRISC, Power PC, Renesas Xtreme, IBM System/390 and xtensa
targets.
- Made "discon" test plugin check PCs in vcpu_discon callback (as
requested by Pierrick Bouvier)
- Added parameter to "discon" test plugin for controlling which
address bits are compared to cope with TBs being used under
different virtual addresses
- Added parameter to "discon" test plugin for printing a full
instruction trace for debugging purposes
- Made "discon" test plugin abort by default on address mismatches
- Added test-cases for RISC-V
Since v2 (tcg-plugins: add hooks for interrupts, exceptions and traps):
- Switched from traps as core concept to more generic discontinuities
- Switched from semihosting to hostcall as term for emulated traps
- Added enumeration of events and dedicated callback type
- Make callback receive event type as well as origin and target PC
(as requested by Pierrick Bouvier)
- Combined registration functions for different traps into a single
one for all types of discontinuities (as requested by Pierrick
Bouvier)
- Migrated records in example plugin from fully pre-allocated to a
scoreboard (as suggested by Pierrick Bouvier)
- Handle PSCI calls as hostcall (as pointed out by Peter Maydell)
- Added hooks for ARM Cortex M arches (as pointed out by Peter
Maydell)
- Added hooks for Alpha targets
- Added hooks for MIPS targets
- Added a plugin for testing some of the interface behaviour
Since v1:
- Split the one callback into multiple callbacks
- Added a target-agnostic definition of the relevant event(s)
- Call hooks from architecture-code rather than accel/tcg/cpu-exec.c
- Added a plugin showcasing API usage
Julian Ganz (23):
plugins: add types for callbacks related to certain discontinuities
plugins: add API for registering discontinuity callbacks
plugins: add hooks for new discontinuity related callbacks
contrib/plugins: add plugin showcasing new dicontinuity related API
target/alpha: call plugin trap callbacks
target/arm: call plugin trap callbacks
target/avr: call plugin trap callbacks
target/hppa: call plugin trap callbacks
target/i386: call plugin trap callbacks
target/loongarch: call plugin trap callbacks
target/m68k: call plugin trap callbacks
target/microblaze: call plugin trap callbacks
target/mips: call plugin trap callbacks
target/openrisc: call plugin trap callbacks
target/ppc: call plugin trap callbacks
target/riscv: call plugin trap callbacks
target/rx: call plugin trap callbacks
target/s390x: call plugin trap callbacks
target/sparc: call plugin trap callbacks
target/xtensa: call plugin trap callbacks
tests: add plugin asserting correctness of discon event's to_pc
tests: add test for double-traps on rv64
tests: add test with interrupted memory accesses on rv64
contrib/plugins/meson.build | 3 +-
contrib/plugins/traps.c | 100 ++++++++++
docs/about/emulation.rst | 8 +
include/qemu/plugin-event.h | 3 +
include/qemu/plugin.h | 13 ++
include/qemu/qemu-plugin.h | 60 ++++++
plugins/core.c | 68 +++++++
target/alpha/helper.c | 13 ++
target/arm/helper.c | 24 +++
target/arm/tcg/m_helper.c | 18 ++
target/avr/helper.c | 3 +
target/hppa/int_helper.c | 44 +++++
target/i386/tcg/excp_helper.c | 3 +
target/i386/tcg/seg_helper.c | 4 +
target/loongarch/cpu.c | 4 +
target/m68k/op_helper.c | 24 +++
target/microblaze/helper.c | 8 +
target/mips/tcg/system/tlb_helper.c | 11 ++
target/openrisc/interrupt.c | 13 ++
target/ppc/excp_helper.c | 42 +++++
target/riscv/cpu_helper.c | 9 +
target/rx/helper.c | 12 ++
target/s390x/tcg/excp_helper.c | 8 +
target/sparc/int32_helper.c | 7 +
target/sparc/int64_helper.c | 10 +
target/xtensa/exc_helper.c | 6 +
tests/tcg/plugins/discons.c | 219 ++++++++++++++++++++++
tests/tcg/plugins/meson.build | 2 +-
tests/tcg/riscv64/Makefile.softmmu-target | 12 ++
tests/tcg/riscv64/doubletrap.S | 73 ++++++++
tests/tcg/riscv64/interruptedmemory.S | 67 +++++++
31 files changed, 889 insertions(+), 2 deletions(-)
create mode 100644 contrib/plugins/traps.c
create mode 100644 tests/tcg/plugins/discons.c
create mode 100644 tests/tcg/riscv64/doubletrap.S
create mode 100644 tests/tcg/riscv64/interruptedmemory.S
--
2.49.0
