This series simulates the behavior of receiving NMI interrupt for "virt" board. First of all, a new interrupt (SError) is supported for each CPU. The backend is either sending error events through kvm module or emulating the bahavior when TCG is enabled. The outcome is SError or data abort is raised to crash guest.
For GICv2 or GICv3, a new IRQ line is added for each CPU and it's connected to the (above) introduced SError interrupt. The IRQ line of CPU#0 is raised when HMP/QMP "nmi" is issued, to crash the guest. Testing ======= After the HMP/QMP "nmi" is issued in the following 4 environment, the guest is crashed as expected. Accel Mode Crashed Parameter ------------------------------------------------------------------------ kvm aarch64 yes -machine virt -cpu host kvm aarch32(cortex-a15) yes -machine virt -cpu host,aarch64=off tcg aarch64 yes -machine virt -cpu max tcg aarch32(cortex-a15) yes -machine virt -cpu cortex-a15 Changelog ========= v3: * Support SError injection for aarch32 (Richard Henderson) * Export the SError injection through IRQ line (Peter Maydell) * Removed RFC tag as it seems in correct track (Gavin Shan) v2: * Redesigned to fully exploit SError interrupt Gavin Shan (2): target/arm: Support SError injection hw/arm/virt: Simulate NMI injection hw/arm/virt.c | 34 ++++++++++++++- hw/intc/arm_gic_common.c | 3 ++ hw/intc/arm_gicv3_common.c | 3 ++ include/hw/intc/arm_gic_common.h | 1 + include/hw/intc/arm_gicv3_common.h | 1 + target/arm/cpu.c | 69 ++++++++++++++++++++++++------ target/arm/cpu.h | 17 +++++--- target/arm/helper.c | 6 +++ target/arm/m_helper.c | 8 ++++ 9 files changed, 122 insertions(+), 20 deletions(-) -- 2.23.0