Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20181008' into staging

target-arm queue:
 * target/arm: fix error in a code comment
 * virt: Suppress external aborts on virt-2.10 and earlier
 * target/arm: Correct condition for v8M callee stack push
 * target/arm: Don't read r4 from v8M exception stackframe twice
 * target/arm: Support SVE in system emulation mode
 * target/arm: Implement v8M hardware stack limit checking
 * hw/display/bcm2835_fb: Silence Coverity warning about multiply overflow

# gpg: Signature made Mon 08 Oct 2018 14:58:53 BST
# gpg:                using RSA key 3C2525ED14360CDE
# gpg: Good signature from "Peter Maydell <peter.maydell@linaro.org>"
# gpg:                 aka "Peter Maydell <pmaydell@gmail.com>"
# gpg:                 aka "Peter Maydell <pmaydell@chiark.greenend.org.uk>"
# Primary key fingerprint: E1A5 C593 CD41 9DE2 8E83  15CF 3C25 25ED 1436 0CDE

* remotes/pmaydell/tags/pull-target-arm-20181008: (33 commits)
  hw/display/bcm2835_fb: Silence Coverity warning about multiply overflow
  target/arm: Add v8M stack checks for MSR to SP_NS
  target/arm: Add v8M stack checks for VLDM/VSTM
  target/arm: Add v8M stack checks for Thumb push/pop
  target/arm: Add v8M stack checks for T32 load/store single
  target/arm: Add v8M stack checks for Thumb2 LDM/STM
  target/arm: Add v8M stack checks for LDRD/STRD (imm)
  target/arm: Add v8M stack limit checks on NS function calls
  target/arm: Add v8M stack checks on exception entry
  target/arm: Add some comments in Thumb decode
  target/arm: Add v8M stack checks on ADD/SUB/MOV of SP
  target/arm: Move v7m_using_psp() to internals.h
  target/arm: Define new EXCP type for v8M stack overflows
  target/arm: Define new TBFLAG for v8M stack checking
  target/arm: Pass TCGMemOpIdx to sve memory helpers
  target/arm: Rewrite vector gather first-fault loads
  target/arm: Rewrite vector gather stores
  target/arm: Rewrite vector gather loads
  target/arm: Split contiguous stores for endianness
  target/arm: Split contiguous loads for endianness
  ...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

1 files changed, 22 insertions, 2 deletions

diff --git a/target/arm/op_helper.c b/target/arm/op_helper.c
index 952b8d122b..fb15a13e6c 100644
--- a/target/arm/op_helper.c
+++ b/target/arm/op_helper.c
@@ -28,8 +28,8 @@
 #define SIGNBIT (uint32_t)0x80000000
 #define SIGNBIT64 ((uint64_t)1 << 63)
 
-static void raise_exception(CPUARMState *env, uint32_t excp,
-                            uint32_t syndrome, uint32_t target_el)
+void raise_exception(CPUARMState *env, uint32_t excp,
+                     uint32_t syndrome, uint32_t target_el)
 {
     CPUState *cs = CPU(arm_env_get_cpu(env));
 
@@ -238,6 +238,25 @@ void arm_cpu_do_transaction_failed(CPUState *cs, hwaddr physaddr,
 
 #endif /* !defined(CONFIG_USER_ONLY) */
 
+void HELPER(v8m_stackcheck)(CPUARMState *env, uint32_t newvalue)
+{
+    /*
+     * Perform the v8M stack limit check for SP updates from translated code,
+     * raising an exception if the limit is breached.
+     */
+    if (newvalue < v7m_sp_limit(env)) {
+        CPUState *cs = CPU(arm_env_get_cpu(env));
+
+        /*
+         * Stack limit exceptions are a rare case, so rather than syncing
+         * PC/condbits before the call, we use cpu_restore_state() to
+         * get them right before raising the exception.
+         */
+        cpu_restore_state(cs, GETPC(), true);
+        raise_exception(env, EXCP_STKOF, 0, 1);
+    }
+}
+
 uint32_t HELPER(add_setq)(CPUARMState *env, uint32_t a, uint32_t b)
 {
     uint32_t res = a + b;
@@ -1082,6 +1101,7 @@ void HELPER(exception_return)(CPUARMState *env)
                       "AArch64 EL%d PC 0x%" PRIx64 "\n",
                       cur_el, new_el, env->pc);
     }
+    aarch64_sve_change_el(env, cur_el, new_el);
 
     qemu_mutex_lock_iothread();
     arm_call_el_change_hook(arm_env_get_cpu(env));