[mirror_qemu.git] / system / watchpoint.c

/*
 * CPU watchpoints
 *
 *  Copyright (c) 2003 Fabrice Bellard
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
 */

#include "qemu/osdep.h"
#include "qemu/main-loop.h"
#include "qemu/error-report.h"
#include "exec/exec-all.h"
#include "exec/translate-all.h"
#include "sysemu/tcg.h"
#include "sysemu/replay.h"
#include "hw/core/tcg-cpu-ops.h"
#include "hw/core/cpu.h"

/* Add a watchpoint.  */
int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
                          int flags, CPUWatchpoint **watchpoint)
{
    CPUWatchpoint *wp;
    vaddr in_page;

    /* forbid ranges which are empty or run off the end of the address space */
    if (len == 0 || (addr + len - 1) < addr) {
        error_report("tried to set invalid watchpoint at %"
                     VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
        return -EINVAL;
    }
    wp = g_malloc(sizeof(*wp));

    wp->vaddr = addr;
    wp->len = len;
    wp->flags = flags;

    /* keep all GDB-injected watchpoints in front */
    if (flags & BP_GDB) {
        QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
    } else {
        QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
    }

    in_page = -(addr | TARGET_PAGE_MASK);
    if (len <= in_page) {
        tlb_flush_page(cpu, addr);
    } else {
        tlb_flush(cpu);
    }

    if (watchpoint) {
        *watchpoint = wp;
    }
    return 0;
}

/* Remove a specific watchpoint.  */
int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
                          int flags)
{
    CPUWatchpoint *wp;

    QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
        if (addr == wp->vaddr && len == wp->len
                && flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
            cpu_watchpoint_remove_by_ref(cpu, wp);
            return 0;
        }
    }
    return -ENOENT;
}

/* Remove a specific watchpoint by reference.  */
void cpu_watchpoint_remove_by_ref(CPUState *cpu, CPUWatchpoint *watchpoint)
{
    QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);

    tlb_flush_page(cpu, watchpoint->vaddr);

    g_free(watchpoint);
}

/* Remove all matching watchpoints.  */
void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
{
    CPUWatchpoint *wp, *next;

    QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
        if (wp->flags & mask) {
            cpu_watchpoint_remove_by_ref(cpu, wp);
        }
    }
}

#ifdef CONFIG_TCG

/*
 * Return true if this watchpoint address matches the specified
 * access (ie the address range covered by the watchpoint overlaps
 * partially or completely with the address range covered by the
 * access).
 */
static inline bool watchpoint_address_matches(CPUWatchpoint *wp,
                                              vaddr addr, vaddr len)
{
    /*
     * We know the lengths are non-zero, but a little caution is
     * required to avoid errors in the case where the range ends
     * exactly at the top of the address space and so addr + len
     * wraps round to zero.
     */
    vaddr wpend = wp->vaddr + wp->len - 1;
    vaddr addrend = addr + len - 1;

    return !(addr > wpend || wp->vaddr > addrend);
}

/* Return flags for watchpoints that match addr + prot.  */
int cpu_watchpoint_address_matches(CPUState *cpu, vaddr addr, vaddr len)
{
    CPUWatchpoint *wp;
    int ret = 0;

    QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
        if (watchpoint_address_matches(wp, addr, len)) {
            ret |= wp->flags;
        }
    }
    return ret;
}

/* Generate a debug exception if a watchpoint has been hit.  */
void cpu_check_watchpoint(CPUState *cpu, vaddr addr, vaddr len,
                          MemTxAttrs attrs, int flags, uintptr_t ra)
{
    CPUClass *cc = CPU_GET_CLASS(cpu);
    CPUWatchpoint *wp;

    assert(tcg_enabled());
    if (cpu->watchpoint_hit) {
        /*
         * We re-entered the check after replacing the TB.
         * Now raise the debug interrupt so that it will
         * trigger after the current instruction.
         */
        qemu_mutex_lock_iothread();
        cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
        qemu_mutex_unlock_iothread();
        return;
    }

    if (cc->tcg_ops->adjust_watchpoint_address) {
        /* this is currently used only by ARM BE32 */
        addr = cc->tcg_ops->adjust_watchpoint_address(cpu, addr, len);
    }

    assert((flags & ~BP_MEM_ACCESS) == 0);
    QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
        int hit_flags = wp->flags & flags;

        if (hit_flags && watchpoint_address_matches(wp, addr, len)) {
            if (replay_running_debug()) {
                /*
                 * replay_breakpoint reads icount.
                 * Force recompile to succeed, because icount may
                 * be read only at the end of the block.
                 */
                if (!cpu->neg.can_do_io) {
                    /* Force execution of one insn next time.  */
                    cpu->cflags_next_tb = 1 | CF_LAST_IO | CF_NOIRQ
                                          | curr_cflags(cpu);
                    cpu_loop_exit_restore(cpu, ra);
                }
                /*
                 * Don't process the watchpoints when we are
                 * in a reverse debugging operation.
                 */
                replay_breakpoint();
                return;
            }

            wp->flags |= hit_flags << BP_HIT_SHIFT;
            wp->hitaddr = MAX(addr, wp->vaddr);
            wp->hitattrs = attrs;

            if (wp->flags & BP_CPU
                && cc->tcg_ops->debug_check_watchpoint
                && !cc->tcg_ops->debug_check_watchpoint(cpu, wp)) {
                wp->flags &= ~BP_WATCHPOINT_HIT;
                continue;
            }
            cpu->watchpoint_hit = wp;

            mmap_lock();
            /* This call also restores vCPU state */
            tb_check_watchpoint(cpu, ra);
            if (wp->flags & BP_STOP_BEFORE_ACCESS) {
                cpu->exception_index = EXCP_DEBUG;
                mmap_unlock();
                cpu_loop_exit(cpu);
            } else {
                /* Force execution of one insn next time.  */
                cpu->cflags_next_tb = 1 | CF_LAST_IO | CF_NOIRQ
                                      | curr_cflags(cpu);
                mmap_unlock();
                cpu_loop_exit_noexc(cpu);
            }
        } else {
            wp->flags &= ~BP_WATCHPOINT_HIT;
        }
    }
}

#endif /* CONFIG_TCG */
Commit	Line	Data
2609ec28 PMD	1	/*
	2	* CPU watchpoints
	3	*
	4	* Copyright (c) 2003 Fabrice Bellard
	5	*
	6	* This library is free software; you can redistribute it and/or
	7	* modify it under the terms of the GNU Lesser General Public
	8	* License as published by the Free Software Foundation; either
	9	* version 2.1 of the License, or (at your option) any later version.
	10	*
	11	* This library is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	14	* Lesser General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU Lesser General Public
	17	* License along with this library; if not, see <http://www.gnu.org/licenses/>.
	18	*/
	19
	20	#include "qemu/osdep.h"
	21	#include "qemu/main-loop.h"
a0858608	22	#include "qemu/error-report.h"
2609ec28 PMD	23	#include "exec/exec-all.h"
	24	#include "exec/translate-all.h"
	25	#include "sysemu/tcg.h"
	26	#include "sysemu/replay.h"
	27	#include "hw/core/tcg-cpu-ops.h"
	28	#include "hw/core/cpu.h"
	29
	30	/* Add a watchpoint. */
	31	int cpu_watchpoint_insert(CPUState *cpu, vaddr addr, vaddr len,
	32	int flags, CPUWatchpoint **watchpoint)
	33	{
	34	CPUWatchpoint *wp;
	35	vaddr in_page;
	36
	37	/* forbid ranges which are empty or run off the end of the address space */
	38	if (len == 0 \|\| (addr + len - 1) < addr) {
	39	error_report("tried to set invalid watchpoint at %"
	40	VADDR_PRIx ", len=%" VADDR_PRIu, addr, len);
	41	return -EINVAL;
	42	}
	43	wp = g_malloc(sizeof(*wp));
	44
	45	wp->vaddr = addr;
	46	wp->len = len;
	47	wp->flags = flags;
	48
	49	/* keep all GDB-injected watchpoints in front */
	50	if (flags & BP_GDB) {
	51	QTAILQ_INSERT_HEAD(&cpu->watchpoints, wp, entry);
	52	} else {
	53	QTAILQ_INSERT_TAIL(&cpu->watchpoints, wp, entry);
	54	}
	55
	56	in_page = -(addr \| TARGET_PAGE_MASK);
	57	if (len <= in_page) {
	58	tlb_flush_page(cpu, addr);
	59	} else {
	60	tlb_flush(cpu);
	61	}
	62
	63	if (watchpoint) {
	64	*watchpoint = wp;
	65	}
	66	return 0;
	67	}
	68
	69	/* Remove a specific watchpoint. */
	70	int cpu_watchpoint_remove(CPUState *cpu, vaddr addr, vaddr len,
	71	int flags)
	72	{
	73	CPUWatchpoint *wp;
	74
	75	QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
	76	if (addr == wp->vaddr && len == wp->len
	77	&& flags == (wp->flags & ~BP_WATCHPOINT_HIT)) {
	78	cpu_watchpoint_remove_by_ref(cpu, wp);
	79	return 0;
	80	}
	81	}
	82	return -ENOENT;
	83	}
	84
	85	/* Remove a specific watchpoint by reference. */
	86	void cpu_watchpoint_remove_by_ref(CPUState cpu, CPUWatchpoint watchpoint)
87	{
88	QTAILQ_REMOVE(&cpu->watchpoints, watchpoint, entry);
89
90	tlb_flush_page(cpu, watchpoint->vaddr);
91
92	g_free(watchpoint);
93	}
94
95	/* Remove all matching watchpoints. */
96	void cpu_watchpoint_remove_all(CPUState *cpu, int mask)
97	{
98	CPUWatchpoint wp, next;
99
100	QTAILQ_FOREACH_SAFE(wp, &cpu->watchpoints, entry, next) {
101	if (wp->flags & mask) {
102	cpu_watchpoint_remove_by_ref(cpu, wp);
103	}
104	}
105	}
106
87e303de PMD	107	#ifdef CONFIG_TCG
87e303de PMD	108
2609ec28 PMD	109	/*
	110	* Return true if this watchpoint address matches the specified
	111	* access (ie the address range covered by the watchpoint overlaps
	112	* partially or completely with the address range covered by the
	113	* access).
	114	*/
	115	static inline bool watchpoint_address_matches(CPUWatchpoint *wp,
	116	vaddr addr, vaddr len)
	117	{
	118	/*
	119	* We know the lengths are non-zero, but a little caution is
	120	* required to avoid errors in the case where the range ends
	121	* exactly at the top of the address space and so addr + len
	122	* wraps round to zero.
	123	*/
	124	vaddr wpend = wp->vaddr + wp->len - 1;
	125	vaddr addrend = addr + len - 1;
	126
	127	return !(addr > wpend \|\| wp->vaddr > addrend);
	128	}
	129
	130	/* Return flags for watchpoints that match addr + prot. */
	131	int cpu_watchpoint_address_matches(CPUState *cpu, vaddr addr, vaddr len)
	132	{
	133	CPUWatchpoint *wp;
	134	int ret = 0;
	135
	136	QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
	137	if (watchpoint_address_matches(wp, addr, len)) {
	138	ret \|= wp->flags;
	139	}
	140	}
	141	return ret;
	142	}
	143
	144	/* Generate a debug exception if a watchpoint has been hit. */
	145	void cpu_check_watchpoint(CPUState *cpu, vaddr addr, vaddr len,
	146	MemTxAttrs attrs, int flags, uintptr_t ra)
	147	{
	148	CPUClass *cc = CPU_GET_CLASS(cpu);
	149	CPUWatchpoint *wp;
	150
	151	assert(tcg_enabled());
	152	if (cpu->watchpoint_hit) {
	153	/*
	154	* We re-entered the check after replacing the TB.
	155	* Now raise the debug interrupt so that it will
	156	* trigger after the current instruction.
	157	*/
	158	qemu_mutex_lock_iothread();
	159	cpu_interrupt(cpu, CPU_INTERRUPT_DEBUG);
	160	qemu_mutex_unlock_iothread();
	161	return;
	162	}
	163
	164	if (cc->tcg_ops->adjust_watchpoint_address) {
	165	/* this is currently used only by ARM BE32 */
	166	addr = cc->tcg_ops->adjust_watchpoint_address(cpu, addr, len);
	167	}
019a9808 RH	168
019a9808 RH	169	assert((flags & ~BP_MEM_ACCESS) == 0);
2609ec28	170	QTAILQ_FOREACH(wp, &cpu->watchpoints, entry) {
019a9808 RH	171	int hit_flags = wp->flags & flags;
	172
	173	if (hit_flags && watchpoint_address_matches(wp, addr, len)) {
2609ec28 PMD	174	if (replay_running_debug()) {
	175	/*
	176	* replay_breakpoint reads icount.
	177	* Force recompile to succeed, because icount may
	178	* be read only at the end of the block.
	179	*/
464dacf6	180	if (!cpu->neg.can_do_io) {
2609ec28 PMD	181	/* Force execution of one insn next time. */
	182	cpu->cflags_next_tb = 1 \| CF_LAST_IO \| CF_NOIRQ
	183	\| curr_cflags(cpu);
	184	cpu_loop_exit_restore(cpu, ra);
	185	}
	186	/*
	187	* Don't process the watchpoints when we are
	188	* in a reverse debugging operation.
	189	*/
	190	replay_breakpoint();
	191	return;
	192	}
019a9808 RH	193
019a9808 RH	194	wp->flags \|= hit_flags << BP_HIT_SHIFT;
2609ec28 PMD	195	wp->hitaddr = MAX(addr, wp->vaddr);
	196	wp->hitattrs = attrs;
	197
019a9808 RH	198	if (wp->flags & BP_CPU
	199	&& cc->tcg_ops->debug_check_watchpoint
	200	&& !cc->tcg_ops->debug_check_watchpoint(cpu, wp)) {
2609ec28 PMD	201	wp->flags &= ~BP_WATCHPOINT_HIT;
	202	continue;
	203	}
	204	cpu->watchpoint_hit = wp;
	205
	206	mmap_lock();
	207	/* This call also restores vCPU state */
	208	tb_check_watchpoint(cpu, ra);
	209	if (wp->flags & BP_STOP_BEFORE_ACCESS) {
	210	cpu->exception_index = EXCP_DEBUG;
	211	mmap_unlock();
	212	cpu_loop_exit(cpu);
	213	} else {
	214	/* Force execution of one insn next time. */
	215	cpu->cflags_next_tb = 1 \| CF_LAST_IO \| CF_NOIRQ
	216	\| curr_cflags(cpu);
	217	mmap_unlock();
	218	cpu_loop_exit_noexc(cpu);
	219	}
	220	} else {
	221	wp->flags &= ~BP_WATCHPOINT_HIT;
	222	}
	223	}
	224	}
87e303de PMD	225
87e303de PMD	226	#endif /* CONFIG_TCG */