[Qemu-devel] Questions about the flow of interrupt simulation

[Eva Chen]

Hi,

I have added a new virtual device under qemu/hw, and a device driver in the
source code of guest OS (I use arm linux).
Since I want to add an interrupt to the virtual device, I am tracing the
flow of interrupt simulation of QEMU.
However, I have some questions about the flow of interrupt, and wondering
if I could ask here for some help.

I use $qemu-system-aarch64 -machine virt.
Take the flow of interrupt that generated from the UART pl011 device as
example.
First an interrupt, CPU_INTERRUPT_HARD, will be sent from device to GIC for
telling CPU that this device finished some job, then this interrupt wiil be
transformed into EXCP_IRQ in aarch64_cpu_do_interrupt() and interrupt
handled by CPU.

- Details of function call:
1. Device to GIC : pl011_write() => pl011_update() => gic_set_irq()
2. CPU handling : cpu_exec() => arm_cpu_exec_interrupt() =>
aarch64_cpu_do_interrupt()
Guest CPU's pc (env->pc) will be changed to the address of interrupt
service routine in aarch64_cpu_do_interrupt().

The question is:
Will CPU execute the ISR that env->pc assigned?
If yes, is the ISR defined in the guest OS (I use arm-linux kernel image)?
How can I see the code that handling the EXCP_IRQ? Is there any method I
can set some breakpoint in gdb or set some log flags to see the handler?
If not, then is that all guest ISR will not be called by using QEMU?

The reason that I have this question is that I look into the cpu_exec(),
find that tb_find() will be executed after handling an interrupt. At this
time, the ISR address in env->pc should be replaced by the TB that is going
to be executed. However, I don't know how to check my thought since I can't
debug of execution in the TB so I ask for some help here.

I will be grateful for any advice, thanks.

Sincerely,
Eva