xref: /openbmc/qemu/linux-user/main.c (revision b14df228)
1 /*
2  *  qemu user main
3  *
4  *  Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  *  This program is free software; you can redistribute it and/or modify
7  *  it under the terms of the GNU General Public License as published by
8  *  the Free Software Foundation; either version 2 of the License, or
9  *  (at your option) any later version.
10  *
11  *  This program is distributed in the hope that it will be useful,
12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *  GNU General Public License for more details.
15  *
16  *  You should have received a copy of the GNU General Public License
17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
18  */
19 
20 #include "qemu/osdep.h"
21 #include "qemu/help-texts.h"
22 #include "qemu/units.h"
23 #include "qemu/accel.h"
24 #include "qemu-version.h"
25 #include <sys/syscall.h>
26 #include <sys/resource.h>
27 #include <sys/shm.h>
28 #include <linux/binfmts.h>
29 
30 #include "qapi/error.h"
31 #include "qemu.h"
32 #include "user-internals.h"
33 #include "qemu/path.h"
34 #include "qemu/queue.h"
35 #include "qemu/config-file.h"
36 #include "qemu/cutils.h"
37 #include "qemu/error-report.h"
38 #include "qemu/help_option.h"
39 #include "qemu/module.h"
40 #include "qemu/plugin.h"
41 #include "exec/exec-all.h"
42 #include "exec/gdbstub.h"
43 #include "tcg/tcg.h"
44 #include "qemu/timer.h"
45 #include "qemu/envlist.h"
46 #include "qemu/guest-random.h"
47 #include "elf.h"
48 #include "trace/control.h"
49 #include "target_elf.h"
50 #include "cpu_loop-common.h"
51 #include "crypto/init.h"
52 #include "fd-trans.h"
53 #include "signal-common.h"
54 #include "loader.h"
55 #include "user-mmap.h"
56 
57 #ifdef CONFIG_SEMIHOSTING
58 #include "semihosting/semihost.h"
59 #endif
60 
61 #ifndef AT_FLAGS_PRESERVE_ARGV0
62 #define AT_FLAGS_PRESERVE_ARGV0_BIT 0
63 #define AT_FLAGS_PRESERVE_ARGV0 (1 << AT_FLAGS_PRESERVE_ARGV0_BIT)
64 #endif
65 
66 char *exec_path;
67 
68 int singlestep;
69 static const char *argv0;
70 static const char *gdbstub;
71 static envlist_t *envlist;
72 static const char *cpu_model;
73 static const char *cpu_type;
74 static const char *seed_optarg;
75 unsigned long mmap_min_addr;
76 uintptr_t guest_base;
77 bool have_guest_base;
78 
79 /*
80  * Used to implement backwards-compatibility for the `-strace`, and
81  * QEMU_STRACE options. Without this, the QEMU_LOG can be overwritten by
82  * -strace, or vice versa.
83  */
84 static bool enable_strace;
85 
86 /*
87  * The last log mask given by the user in an environment variable or argument.
88  * Used to support command line arguments overriding environment variables.
89  */
90 static int last_log_mask;
91 static const char *last_log_filename;
92 
93 /*
94  * When running 32-on-64 we should make sure we can fit all of the possible
95  * guest address space into a contiguous chunk of virtual host memory.
96  *
97  * This way we will never overlap with our own libraries or binaries or stack
98  * or anything else that QEMU maps.
99  *
100  * Many cpus reserve the high bit (or more than one for some 64-bit cpus)
101  * of the address for the kernel.  Some cpus rely on this and user space
102  * uses the high bit(s) for pointer tagging and the like.  For them, we
103  * must preserve the expected address space.
104  */
105 #ifndef MAX_RESERVED_VA
106 # if HOST_LONG_BITS > TARGET_VIRT_ADDR_SPACE_BITS
107 #  if TARGET_VIRT_ADDR_SPACE_BITS == 32 && \
108       (TARGET_LONG_BITS == 32 || defined(TARGET_ABI32))
109 /* There are a number of places where we assign reserved_va to a variable
110    of type abi_ulong and expect it to fit.  Avoid the last page.  */
111 #   define MAX_RESERVED_VA(CPU)  (0xfffffffful & TARGET_PAGE_MASK)
112 #  else
113 #   define MAX_RESERVED_VA(CPU)  (1ul << TARGET_VIRT_ADDR_SPACE_BITS)
114 #  endif
115 # else
116 #  define MAX_RESERVED_VA(CPU)  0
117 # endif
118 #endif
119 
120 unsigned long reserved_va;
121 
122 static void usage(int exitcode);
123 
124 static const char *interp_prefix = CONFIG_QEMU_INTERP_PREFIX;
125 const char *qemu_uname_release;
126 
127 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so
128    we allocate a bigger stack. Need a better solution, for example
129    by remapping the process stack directly at the right place */
130 unsigned long guest_stack_size = 8 * 1024 * 1024UL;
131 
132 /***********************************************************/
133 /* Helper routines for implementing atomic operations.  */
134 
135 /* Make sure everything is in a consistent state for calling fork().  */
136 void fork_start(void)
137 {
138     start_exclusive();
139     mmap_fork_start();
140     cpu_list_lock();
141 }
142 
143 void fork_end(int child)
144 {
145     mmap_fork_end(child);
146     if (child) {
147         CPUState *cpu, *next_cpu;
148         /* Child processes created by fork() only have a single thread.
149            Discard information about the parent threads.  */
150         CPU_FOREACH_SAFE(cpu, next_cpu) {
151             if (cpu != thread_cpu) {
152                 QTAILQ_REMOVE_RCU(&cpus, cpu, node);
153             }
154         }
155         qemu_init_cpu_list();
156         gdbserver_fork(thread_cpu);
157         /* qemu_init_cpu_list() takes care of reinitializing the
158          * exclusive state, so we don't need to end_exclusive() here.
159          */
160     } else {
161         cpu_list_unlock();
162         end_exclusive();
163     }
164 }
165 
166 __thread CPUState *thread_cpu;
167 
168 bool qemu_cpu_is_self(CPUState *cpu)
169 {
170     return thread_cpu == cpu;
171 }
172 
173 void qemu_cpu_kick(CPUState *cpu)
174 {
175     cpu_exit(cpu);
176 }
177 
178 void task_settid(TaskState *ts)
179 {
180     if (ts->ts_tid == 0) {
181         ts->ts_tid = (pid_t)syscall(SYS_gettid);
182     }
183 }
184 
185 void stop_all_tasks(void)
186 {
187     /*
188      * We trust that when using NPTL, start_exclusive()
189      * handles thread stopping correctly.
190      */
191     start_exclusive();
192 }
193 
194 /* Assumes contents are already zeroed.  */
195 void init_task_state(TaskState *ts)
196 {
197     long ticks_per_sec;
198     struct timespec bt;
199 
200     ts->used = 1;
201     ts->sigaltstack_used = (struct target_sigaltstack) {
202         .ss_sp = 0,
203         .ss_size = 0,
204         .ss_flags = TARGET_SS_DISABLE,
205     };
206 
207     /* Capture task start time relative to system boot */
208 
209     ticks_per_sec = sysconf(_SC_CLK_TCK);
210 
211     if ((ticks_per_sec > 0) && !clock_gettime(CLOCK_BOOTTIME, &bt)) {
212         /* start_boottime is expressed in clock ticks */
213         ts->start_boottime = bt.tv_sec * (uint64_t) ticks_per_sec;
214         ts->start_boottime += bt.tv_nsec * (uint64_t) ticks_per_sec /
215                               NANOSECONDS_PER_SECOND;
216     }
217 }
218 
219 CPUArchState *cpu_copy(CPUArchState *env)
220 {
221     CPUState *cpu = env_cpu(env);
222     CPUState *new_cpu = cpu_create(cpu_type);
223     CPUArchState *new_env = new_cpu->env_ptr;
224     CPUBreakpoint *bp;
225 
226     /* Reset non arch specific state */
227     cpu_reset(new_cpu);
228 
229     new_cpu->tcg_cflags = cpu->tcg_cflags;
230     memcpy(new_env, env, sizeof(CPUArchState));
231 
232     /* Clone all break/watchpoints.
233        Note: Once we support ptrace with hw-debug register access, make sure
234        BP_CPU break/watchpoints are handled correctly on clone. */
235     QTAILQ_INIT(&new_cpu->breakpoints);
236     QTAILQ_FOREACH(bp, &cpu->breakpoints, entry) {
237         cpu_breakpoint_insert(new_cpu, bp->pc, bp->flags, NULL);
238     }
239 
240     return new_env;
241 }
242 
243 static void handle_arg_help(const char *arg)
244 {
245     usage(EXIT_SUCCESS);
246 }
247 
248 static void handle_arg_log(const char *arg)
249 {
250     last_log_mask = qemu_str_to_log_mask(arg);
251     if (!last_log_mask) {
252         qemu_print_log_usage(stdout);
253         exit(EXIT_FAILURE);
254     }
255 }
256 
257 static void handle_arg_dfilter(const char *arg)
258 {
259     qemu_set_dfilter_ranges(arg, &error_fatal);
260 }
261 
262 static void handle_arg_log_filename(const char *arg)
263 {
264     last_log_filename = arg;
265 }
266 
267 static void handle_arg_set_env(const char *arg)
268 {
269     char *r, *p, *token;
270     r = p = strdup(arg);
271     while ((token = strsep(&p, ",")) != NULL) {
272         if (envlist_setenv(envlist, token) != 0) {
273             usage(EXIT_FAILURE);
274         }
275     }
276     free(r);
277 }
278 
279 static void handle_arg_unset_env(const char *arg)
280 {
281     char *r, *p, *token;
282     r = p = strdup(arg);
283     while ((token = strsep(&p, ",")) != NULL) {
284         if (envlist_unsetenv(envlist, token) != 0) {
285             usage(EXIT_FAILURE);
286         }
287     }
288     free(r);
289 }
290 
291 static void handle_arg_argv0(const char *arg)
292 {
293     argv0 = strdup(arg);
294 }
295 
296 static void handle_arg_stack_size(const char *arg)
297 {
298     char *p;
299     guest_stack_size = strtoul(arg, &p, 0);
300     if (guest_stack_size == 0) {
301         usage(EXIT_FAILURE);
302     }
303 
304     if (*p == 'M') {
305         guest_stack_size *= MiB;
306     } else if (*p == 'k' || *p == 'K') {
307         guest_stack_size *= KiB;
308     }
309 }
310 
311 static void handle_arg_ld_prefix(const char *arg)
312 {
313     interp_prefix = strdup(arg);
314 }
315 
316 static void handle_arg_pagesize(const char *arg)
317 {
318     qemu_host_page_size = atoi(arg);
319     if (qemu_host_page_size == 0 ||
320         (qemu_host_page_size & (qemu_host_page_size - 1)) != 0) {
321         fprintf(stderr, "page size must be a power of two\n");
322         exit(EXIT_FAILURE);
323     }
324 }
325 
326 static void handle_arg_seed(const char *arg)
327 {
328     seed_optarg = arg;
329 }
330 
331 static void handle_arg_gdb(const char *arg)
332 {
333     gdbstub = g_strdup(arg);
334 }
335 
336 static void handle_arg_uname(const char *arg)
337 {
338     qemu_uname_release = strdup(arg);
339 }
340 
341 static void handle_arg_cpu(const char *arg)
342 {
343     cpu_model = strdup(arg);
344     if (cpu_model == NULL || is_help_option(cpu_model)) {
345         /* XXX: implement xxx_cpu_list for targets that still miss it */
346 #if defined(cpu_list)
347         cpu_list();
348 #endif
349         exit(EXIT_FAILURE);
350     }
351 }
352 
353 static void handle_arg_guest_base(const char *arg)
354 {
355     guest_base = strtol(arg, NULL, 0);
356     have_guest_base = true;
357 }
358 
359 static void handle_arg_reserved_va(const char *arg)
360 {
361     char *p;
362     int shift = 0;
363     reserved_va = strtoul(arg, &p, 0);
364     switch (*p) {
365     case 'k':
366     case 'K':
367         shift = 10;
368         break;
369     case 'M':
370         shift = 20;
371         break;
372     case 'G':
373         shift = 30;
374         break;
375     }
376     if (shift) {
377         unsigned long unshifted = reserved_va;
378         p++;
379         reserved_va <<= shift;
380         if (reserved_va >> shift != unshifted) {
381             fprintf(stderr, "Reserved virtual address too big\n");
382             exit(EXIT_FAILURE);
383         }
384     }
385     if (*p) {
386         fprintf(stderr, "Unrecognised -R size suffix '%s'\n", p);
387         exit(EXIT_FAILURE);
388     }
389 }
390 
391 static void handle_arg_singlestep(const char *arg)
392 {
393     singlestep = 1;
394 }
395 
396 static void handle_arg_strace(const char *arg)
397 {
398     enable_strace = true;
399 }
400 
401 static void handle_arg_version(const char *arg)
402 {
403     printf("qemu-" TARGET_NAME " version " QEMU_FULL_VERSION
404            "\n" QEMU_COPYRIGHT "\n");
405     exit(EXIT_SUCCESS);
406 }
407 
408 static void handle_arg_trace(const char *arg)
409 {
410     trace_opt_parse(arg);
411 }
412 
413 #if defined(TARGET_XTENSA)
414 static void handle_arg_abi_call0(const char *arg)
415 {
416     xtensa_set_abi_call0();
417 }
418 #endif
419 
420 static QemuPluginList plugins = QTAILQ_HEAD_INITIALIZER(plugins);
421 
422 #ifdef CONFIG_PLUGIN
423 static void handle_arg_plugin(const char *arg)
424 {
425     qemu_plugin_opt_parse(arg, &plugins);
426 }
427 #endif
428 
429 struct qemu_argument {
430     const char *argv;
431     const char *env;
432     bool has_arg;
433     void (*handle_opt)(const char *arg);
434     const char *example;
435     const char *help;
436 };
437 
438 static const struct qemu_argument arg_table[] = {
439     {"h",          "",                 false, handle_arg_help,
440      "",           "print this help"},
441     {"help",       "",                 false, handle_arg_help,
442      "",           ""},
443     {"g",          "QEMU_GDB",         true,  handle_arg_gdb,
444      "port",       "wait gdb connection to 'port'"},
445     {"L",          "QEMU_LD_PREFIX",   true,  handle_arg_ld_prefix,
446      "path",       "set the elf interpreter prefix to 'path'"},
447     {"s",          "QEMU_STACK_SIZE",  true,  handle_arg_stack_size,
448      "size",       "set the stack size to 'size' bytes"},
449     {"cpu",        "QEMU_CPU",         true,  handle_arg_cpu,
450      "model",      "select CPU (-cpu help for list)"},
451     {"E",          "QEMU_SET_ENV",     true,  handle_arg_set_env,
452      "var=value",  "sets targets environment variable (see below)"},
453     {"U",          "QEMU_UNSET_ENV",   true,  handle_arg_unset_env,
454      "var",        "unsets targets environment variable (see below)"},
455     {"0",          "QEMU_ARGV0",       true,  handle_arg_argv0,
456      "argv0",      "forces target process argv[0] to be 'argv0'"},
457     {"r",          "QEMU_UNAME",       true,  handle_arg_uname,
458      "uname",      "set qemu uname release string to 'uname'"},
459     {"B",          "QEMU_GUEST_BASE",  true,  handle_arg_guest_base,
460      "address",    "set guest_base address to 'address'"},
461     {"R",          "QEMU_RESERVED_VA", true,  handle_arg_reserved_va,
462      "size",       "reserve 'size' bytes for guest virtual address space"},
463     {"d",          "QEMU_LOG",         true,  handle_arg_log,
464      "item[,...]", "enable logging of specified items "
465      "(use '-d help' for a list of items)"},
466     {"dfilter",    "QEMU_DFILTER",     true,  handle_arg_dfilter,
467      "range[,...]","filter logging based on address range"},
468     {"D",          "QEMU_LOG_FILENAME", true, handle_arg_log_filename,
469      "logfile",     "write logs to 'logfile' (default stderr)"},
470     {"p",          "QEMU_PAGESIZE",    true,  handle_arg_pagesize,
471      "pagesize",   "set the host page size to 'pagesize'"},
472     {"singlestep", "QEMU_SINGLESTEP",  false, handle_arg_singlestep,
473      "",           "run in singlestep mode"},
474     {"strace",     "QEMU_STRACE",      false, handle_arg_strace,
475      "",           "log system calls"},
476     {"seed",       "QEMU_RAND_SEED",   true,  handle_arg_seed,
477      "",           "Seed for pseudo-random number generator"},
478     {"trace",      "QEMU_TRACE",       true,  handle_arg_trace,
479      "",           "[[enable=]<pattern>][,events=<file>][,file=<file>]"},
480 #ifdef CONFIG_PLUGIN
481     {"plugin",     "QEMU_PLUGIN",      true,  handle_arg_plugin,
482      "",           "[file=]<file>[,<argname>=<argvalue>]"},
483 #endif
484     {"version",    "QEMU_VERSION",     false, handle_arg_version,
485      "",           "display version information and exit"},
486 #if defined(TARGET_XTENSA)
487     {"xtensa-abi-call0", "QEMU_XTENSA_ABI_CALL0", false, handle_arg_abi_call0,
488      "",           "assume CALL0 Xtensa ABI"},
489 #endif
490     {NULL, NULL, false, NULL, NULL, NULL}
491 };
492 
493 static void usage(int exitcode)
494 {
495     const struct qemu_argument *arginfo;
496     int maxarglen;
497     int maxenvlen;
498 
499     printf("usage: qemu-" TARGET_NAME " [options] program [arguments...]\n"
500            "Linux CPU emulator (compiled for " TARGET_NAME " emulation)\n"
501            "\n"
502            "Options and associated environment variables:\n"
503            "\n");
504 
505     /* Calculate column widths. We must always have at least enough space
506      * for the column header.
507      */
508     maxarglen = strlen("Argument");
509     maxenvlen = strlen("Env-variable");
510 
511     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
512         int arglen = strlen(arginfo->argv);
513         if (arginfo->has_arg) {
514             arglen += strlen(arginfo->example) + 1;
515         }
516         if (strlen(arginfo->env) > maxenvlen) {
517             maxenvlen = strlen(arginfo->env);
518         }
519         if (arglen > maxarglen) {
520             maxarglen = arglen;
521         }
522     }
523 
524     printf("%-*s %-*s Description\n", maxarglen+1, "Argument",
525             maxenvlen, "Env-variable");
526 
527     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
528         if (arginfo->has_arg) {
529             printf("-%s %-*s %-*s %s\n", arginfo->argv,
530                    (int)(maxarglen - strlen(arginfo->argv) - 1),
531                    arginfo->example, maxenvlen, arginfo->env, arginfo->help);
532         } else {
533             printf("-%-*s %-*s %s\n", maxarglen, arginfo->argv,
534                     maxenvlen, arginfo->env,
535                     arginfo->help);
536         }
537     }
538 
539     printf("\n"
540            "Defaults:\n"
541            "QEMU_LD_PREFIX  = %s\n"
542            "QEMU_STACK_SIZE = %ld byte\n",
543            interp_prefix,
544            guest_stack_size);
545 
546     printf("\n"
547            "You can use -E and -U options or the QEMU_SET_ENV and\n"
548            "QEMU_UNSET_ENV environment variables to set and unset\n"
549            "environment variables for the target process.\n"
550            "It is possible to provide several variables by separating them\n"
551            "by commas in getsubopt(3) style. Additionally it is possible to\n"
552            "provide the -E and -U options multiple times.\n"
553            "The following lines are equivalent:\n"
554            "    -E var1=val2 -E var2=val2 -U LD_PRELOAD -U LD_DEBUG\n"
555            "    -E var1=val2,var2=val2 -U LD_PRELOAD,LD_DEBUG\n"
556            "    QEMU_SET_ENV=var1=val2,var2=val2 QEMU_UNSET_ENV=LD_PRELOAD,LD_DEBUG\n"
557            "Note that if you provide several changes to a single variable\n"
558            "the last change will stay in effect.\n"
559            "\n"
560            QEMU_HELP_BOTTOM "\n");
561 
562     exit(exitcode);
563 }
564 
565 static int parse_args(int argc, char **argv)
566 {
567     const char *r;
568     int optind;
569     const struct qemu_argument *arginfo;
570 
571     for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
572         if (arginfo->env == NULL) {
573             continue;
574         }
575 
576         r = getenv(arginfo->env);
577         if (r != NULL) {
578             arginfo->handle_opt(r);
579         }
580     }
581 
582     optind = 1;
583     for (;;) {
584         if (optind >= argc) {
585             break;
586         }
587         r = argv[optind];
588         if (r[0] != '-') {
589             break;
590         }
591         optind++;
592         r++;
593         if (!strcmp(r, "-")) {
594             break;
595         }
596         /* Treat --foo the same as -foo.  */
597         if (r[0] == '-') {
598             r++;
599         }
600 
601         for (arginfo = arg_table; arginfo->handle_opt != NULL; arginfo++) {
602             if (!strcmp(r, arginfo->argv)) {
603                 if (arginfo->has_arg) {
604                     if (optind >= argc) {
605                         (void) fprintf(stderr,
606                             "qemu: missing argument for option '%s'\n", r);
607                         exit(EXIT_FAILURE);
608                     }
609                     arginfo->handle_opt(argv[optind]);
610                     optind++;
611                 } else {
612                     arginfo->handle_opt(NULL);
613                 }
614                 break;
615             }
616         }
617 
618         /* no option matched the current argv */
619         if (arginfo->handle_opt == NULL) {
620             (void) fprintf(stderr, "qemu: unknown option '%s'\n", r);
621             exit(EXIT_FAILURE);
622         }
623     }
624 
625     if (optind >= argc) {
626         (void) fprintf(stderr, "qemu: no user program specified\n");
627         exit(EXIT_FAILURE);
628     }
629 
630     exec_path = argv[optind];
631 
632     return optind;
633 }
634 
635 int main(int argc, char **argv, char **envp)
636 {
637     struct target_pt_regs regs1, *regs = &regs1;
638     struct image_info info1, *info = &info1;
639     struct linux_binprm bprm;
640     TaskState *ts;
641     CPUArchState *env;
642     CPUState *cpu;
643     int optind;
644     char **target_environ, **wrk;
645     char **target_argv;
646     int target_argc;
647     int i;
648     int ret;
649     int execfd;
650     unsigned long max_reserved_va;
651     bool preserve_argv0;
652 
653     error_init(argv[0]);
654     module_call_init(MODULE_INIT_TRACE);
655     qemu_init_cpu_list();
656     module_call_init(MODULE_INIT_QOM);
657 
658     envlist = envlist_create();
659 
660     /* add current environment into the list */
661     for (wrk = environ; *wrk != NULL; wrk++) {
662         (void) envlist_setenv(envlist, *wrk);
663     }
664 
665     /* Read the stack limit from the kernel.  If it's "unlimited",
666        then we can do little else besides use the default.  */
667     {
668         struct rlimit lim;
669         if (getrlimit(RLIMIT_STACK, &lim) == 0
670             && lim.rlim_cur != RLIM_INFINITY
671             && lim.rlim_cur == (target_long)lim.rlim_cur) {
672             guest_stack_size = lim.rlim_cur;
673         }
674     }
675 
676     cpu_model = NULL;
677 
678     qemu_add_opts(&qemu_trace_opts);
679     qemu_plugin_add_opts();
680 
681     optind = parse_args(argc, argv);
682 
683     qemu_set_log_filename_flags(last_log_filename,
684                                 last_log_mask | (enable_strace * LOG_STRACE),
685                                 &error_fatal);
686 
687     if (!trace_init_backends()) {
688         exit(1);
689     }
690     trace_init_file();
691     qemu_plugin_load_list(&plugins, &error_fatal);
692 
693     /* Zero out regs */
694     memset(regs, 0, sizeof(struct target_pt_regs));
695 
696     /* Zero out image_info */
697     memset(info, 0, sizeof(struct image_info));
698 
699     memset(&bprm, 0, sizeof (bprm));
700 
701     /* Scan interp_prefix dir for replacement files. */
702     init_paths(interp_prefix);
703 
704     init_qemu_uname_release();
705 
706     /*
707      * Manage binfmt-misc open-binary flag
708      */
709     execfd = qemu_getauxval(AT_EXECFD);
710     if (execfd == 0) {
711         execfd = open(exec_path, O_RDONLY);
712         if (execfd < 0) {
713             printf("Error while loading %s: %s\n", exec_path, strerror(errno));
714             _exit(EXIT_FAILURE);
715         }
716     }
717 
718     /*
719      * get binfmt_misc flags
720      */
721     preserve_argv0 = !!(qemu_getauxval(AT_FLAGS) & AT_FLAGS_PRESERVE_ARGV0);
722 
723     /*
724      * Manage binfmt-misc preserve-arg[0] flag
725      *    argv[optind]     full path to the binary
726      *    argv[optind + 1] original argv[0]
727      */
728     if (optind + 1 < argc && preserve_argv0) {
729         optind++;
730     }
731 
732     if (cpu_model == NULL) {
733         cpu_model = cpu_get_model(get_elf_eflags(execfd));
734     }
735     cpu_type = parse_cpu_option(cpu_model);
736 
737     /* init tcg before creating CPUs and to get qemu_host_page_size */
738     {
739         AccelClass *ac = ACCEL_GET_CLASS(current_accel());
740 
741         accel_init_interfaces(ac);
742         ac->init_machine(NULL);
743     }
744     cpu = cpu_create(cpu_type);
745     env = cpu->env_ptr;
746     cpu_reset(cpu);
747     thread_cpu = cpu;
748 
749     /*
750      * Reserving too much vm space via mmap can run into problems
751      * with rlimits, oom due to page table creation, etc.  We will
752      * still try it, if directed by the command-line option, but
753      * not by default.
754      */
755     max_reserved_va = MAX_RESERVED_VA(cpu);
756     if (reserved_va != 0) {
757         if (max_reserved_va && reserved_va > max_reserved_va) {
758             fprintf(stderr, "Reserved virtual address too big\n");
759             exit(EXIT_FAILURE);
760         }
761     } else if (HOST_LONG_BITS == 64 && TARGET_VIRT_ADDR_SPACE_BITS <= 32) {
762         /*
763          * reserved_va must be aligned with the host page size
764          * as it is used with mmap()
765          */
766         reserved_va = max_reserved_va & qemu_host_page_mask;
767     }
768 
769     {
770         Error *err = NULL;
771         if (seed_optarg != NULL) {
772             qemu_guest_random_seed_main(seed_optarg, &err);
773         } else {
774             qcrypto_init(&err);
775         }
776         if (err) {
777             error_reportf_err(err, "cannot initialize crypto: ");
778             exit(1);
779         }
780     }
781 
782     target_environ = envlist_to_environ(envlist, NULL);
783     envlist_free(envlist);
784 
785     /*
786      * Read in mmap_min_addr kernel parameter.  This value is used
787      * When loading the ELF image to determine whether guest_base
788      * is needed.  It is also used in mmap_find_vma.
789      */
790     {
791         FILE *fp;
792 
793         if ((fp = fopen("/proc/sys/vm/mmap_min_addr", "r")) != NULL) {
794             unsigned long tmp;
795             if (fscanf(fp, "%lu", &tmp) == 1 && tmp != 0) {
796                 mmap_min_addr = tmp;
797                 qemu_log_mask(CPU_LOG_PAGE, "host mmap_min_addr=0x%lx\n",
798                               mmap_min_addr);
799             }
800             fclose(fp);
801         }
802     }
803 
804     /*
805      * We prefer to not make NULL pointers accessible to QEMU.
806      * If we're in a chroot with no /proc, fall back to 1 page.
807      */
808     if (mmap_min_addr == 0) {
809         mmap_min_addr = qemu_host_page_size;
810         qemu_log_mask(CPU_LOG_PAGE,
811                       "host mmap_min_addr=0x%lx (fallback)\n",
812                       mmap_min_addr);
813     }
814 
815     /*
816      * Prepare copy of argv vector for target.
817      */
818     target_argc = argc - optind;
819     target_argv = calloc(target_argc + 1, sizeof (char *));
820     if (target_argv == NULL) {
821         (void) fprintf(stderr, "Unable to allocate memory for target_argv\n");
822         exit(EXIT_FAILURE);
823     }
824 
825     /*
826      * If argv0 is specified (using '-0' switch) we replace
827      * argv[0] pointer with the given one.
828      */
829     i = 0;
830     if (argv0 != NULL) {
831         target_argv[i++] = strdup(argv0);
832     }
833     for (; i < target_argc; i++) {
834         target_argv[i] = strdup(argv[optind + i]);
835     }
836     target_argv[target_argc] = NULL;
837 
838     ts = g_new0(TaskState, 1);
839     init_task_state(ts);
840     /* build Task State */
841     ts->info = info;
842     ts->bprm = &bprm;
843     cpu->opaque = ts;
844     task_settid(ts);
845 
846     fd_trans_init();
847 
848     ret = loader_exec(execfd, exec_path, target_argv, target_environ, regs,
849         info, &bprm);
850     if (ret != 0) {
851         printf("Error while loading %s: %s\n", exec_path, strerror(-ret));
852         _exit(EXIT_FAILURE);
853     }
854 
855     for (wrk = target_environ; *wrk; wrk++) {
856         g_free(*wrk);
857     }
858 
859     g_free(target_environ);
860 
861     if (qemu_loglevel_mask(CPU_LOG_PAGE)) {
862         FILE *f = qemu_log_trylock();
863         if (f) {
864             fprintf(f, "guest_base  %p\n", (void *)guest_base);
865             fprintf(f, "page layout changed following binary load\n");
866             page_dump(f);
867 
868             fprintf(f, "start_brk   0x" TARGET_ABI_FMT_lx "\n",
869                     info->start_brk);
870             fprintf(f, "end_code    0x" TARGET_ABI_FMT_lx "\n",
871                     info->end_code);
872             fprintf(f, "start_code  0x" TARGET_ABI_FMT_lx "\n",
873                     info->start_code);
874             fprintf(f, "start_data  0x" TARGET_ABI_FMT_lx "\n",
875                     info->start_data);
876             fprintf(f, "end_data    0x" TARGET_ABI_FMT_lx "\n",
877                     info->end_data);
878             fprintf(f, "start_stack 0x" TARGET_ABI_FMT_lx "\n",
879                     info->start_stack);
880             fprintf(f, "brk         0x" TARGET_ABI_FMT_lx "\n",
881                     info->brk);
882             fprintf(f, "entry       0x" TARGET_ABI_FMT_lx "\n",
883                     info->entry);
884             fprintf(f, "argv_start  0x" TARGET_ABI_FMT_lx "\n",
885                     info->argv);
886             fprintf(f, "env_start   0x" TARGET_ABI_FMT_lx "\n",
887                     info->envp);
888             fprintf(f, "auxv_start  0x" TARGET_ABI_FMT_lx "\n",
889                     info->saved_auxv);
890             qemu_log_unlock(f);
891         }
892     }
893 
894     target_set_brk(info->brk);
895     syscall_init();
896     signal_init();
897 
898     /* Now that we've loaded the binary, GUEST_BASE is fixed.  Delay
899        generating the prologue until now so that the prologue can take
900        the real value of GUEST_BASE into account.  */
901     tcg_prologue_init(tcg_ctx);
902 
903     target_cpu_copy_regs(env, regs);
904 
905     if (gdbstub) {
906         if (gdbserver_start(gdbstub) < 0) {
907             fprintf(stderr, "qemu: could not open gdbserver on %s\n",
908                     gdbstub);
909             exit(EXIT_FAILURE);
910         }
911         gdb_handlesig(cpu, 0);
912     }
913 
914 #ifdef CONFIG_SEMIHOSTING
915     qemu_semihosting_guestfd_init();
916 #endif
917 
918     cpu_loop(env);
919     /* never exits */
920     return 0;
921 }
922