Re: [Qemu-devel] [PATCH 00/11] target-arm: Implement ARMv8 debug single-stepping

[Peter Maydell]

Ping for review, anybody? (Also I forgot to cc RTH first time
around, I see.)

thanks
-- PMM

On 8 August 2014 13:18, Peter Maydell <address@hidden> wrote:
> This patchset implements the ARMv8 architecturally defined software
> singlestepping. This is necessary to support running gdb or gdbserver
> inside a Linux guest, because Linux assumes the presence of this
> (mandatory) architectural feature and uses it to implement
> PTRACE_SINGLESTEP for 64-bit debuggees.
>
> The first four patches here clean up the register definitions
> for debug-related registers a bit, by moving them all into
> one place and making sure we show the same regs in both 32 and
> 64 bit.
>
> Singlestep itself has some subtle corner cases, but the basic
> principle is that we have a 3-state state machine:
>
>  1 Inactive (the usual case), either because the MDSCR_EL1 enable
>    bit is off or because we're at too high an exception level to
>    debug or because debug exceptions are currently masked
>
>  * The debug exception level arranges to single step by executing
>    an ERET to the exception level being debugged with the SS bit
>    set in the SPSR, which means we go to
>
>  2 Active-not-pending, with PSTATE.SS set. The CPU executes a
>    single instruction and then clears the PSTATE.SS bit, taking us to
>
>  3 Active-pending, with PSTATE.SS clear. We take a debug exception
>    immediately, which takes us back to Inactive.
>
> If we take an exception in state 2 (either because of insn
> execution or just an interrupt) then we go to either state 1
> or state 3 depending on whether the target exception level
> is also being debugged or not.
>
> The debug exception level must be AArch64, but the exception
> level being debugged may be either AArch32 or AArch64. (An
> AArch64 EL1 can choose to debug itself if it's feeling brave.)
>
> The required code changes are therefore:
>  1. correctly handle PSTATE.SS on exception entry and return
>  2. when generating code, handle the Active-not-pending and
>     Active-pending states by emitting code to generate the
>     debug exception after the stepped insn
>
> The "Avoid duplicate exit_tb(0)" patch is just a minor cleanup
> but it makes the changes in that function for singlestep in the
> following patch a little simpler.
>
> I have breakpoint and watchpoint support next on my todo list,
> but this is sufficient to get a functional gdb, because gdb
> defaults to software breakpoints.
>
> Peter Maydell (11):
>   target-arm: Collect up the debug cp register definitions
>   target-arm: Allow STATE_BOTH reginfo descriptions for more than cp14
>   target-arm: Provide both 32 and 64 bit versions of debug registers
>   target-arm: Adjust debug ID registers per-CPU
>   target-arm: Don't allow AArch32 to access RES0 CPSR bits
>   target-arm: Correctly handle PSTATE.SS when taking exception to
>     AArch32
>   target-arm: Set PSTATE.SS correctly on exception return from AArch64
>   target-arm: A64: Avoid duplicate exit_tb(0) in non-linked goto_tb
>   target-arm: Implement ARMv8 single-step handling for A64 code
>   target-arm: Implement ARMv8 single-stepping for AArch32 code
>   target-arm: Implement MDSCR_EL1 as having state
>
>  target-arm/cpu-qom.h       |   1 +
>  target-arm/cpu.c           |   3 +
>  target-arm/cpu.h           | 115 ++++++++++++++++++++++++++++++++++-
>  target-arm/cpu64.c         |   1 +
>  target-arm/helper.c        | 145 
> +++++++++++++++++++++++++++++++--------------
>  target-arm/helper.h        |   1 +
>  target-arm/internals.h     |   6 ++
>  target-arm/op_helper.c     |  27 ++++++++-
>  target-arm/translate-a64.c |  96 +++++++++++++++++++++++++++---
>  target-arm/translate.c     |  89 +++++++++++++++++++++++++---
>  target-arm/translate.h     |  12 ++++
>  11 files changed, 434 insertions(+), 62 deletions(-)