From patchwork Fri Sep 12 13:23:49 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 37308 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ee0-f72.google.com (mail-ee0-f72.google.com [74.125.83.72]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 6BB49203EE for ; Fri, 12 Sep 2014 13:29:30 +0000 (UTC) Received: by mail-ee0-f72.google.com with SMTP id d17sf548976eek.11 for ; Fri, 12 Sep 2014 06:29:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:delivered-to:from:to:date :message-id:in-reply-to:references:subject:precedence:list-id :list-unsubscribe:list-archive:list-post:list-help:list-subscribe :errors-to:sender:x-original-sender :x-original-authentication-results:mailing-list; bh=JQ+YO33B3VJ9ooUzNwezXMPsNx0EPVgCJR/l3aPeF6Q=; b=I7l7NHcR+3OwFO2zXLzLlF67ZVhxsg/5n0cnyxj/5burUQNMzpdCQN8/DWLZhbd27k s9Cxn9MbO6yYo0OibxfU8RhT9zaXNgaty2YNvqCW+f1iRnj/1ATKQjbigjAUfLHeJBI+ 6/xyx4ZgOjXSPtXLA29234qUIib/L5M9S9rXd8FfyZMi4chZfxyAmfqUuT+DwOsknW2b 6xbZmQUdpQXohYstdBnzc/XH9nTq2+M2mBiYsFUb2vdinX4A6J7iLeC+gWq5Ndogo1KS 0xyy5szdfj4XKWA99UyT/v0HhBx9S+liLrDFsCjKlWkgRpMiZUYm8Mzw8tIS7E+S2Bnb HVCw== X-Gm-Message-State: ALoCoQmdVJCBCpVBo1dr9HvZVfH+eHrzclklnZrreK02aMIRdazx1k0n29Uqtrl7H9wTXH3m8v1+ X-Received: by 10.194.121.72 with SMTP id li8mr2257895wjb.1.1410528569521; Fri, 12 Sep 2014 06:29:29 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.26.132 with SMTP id l4ls157976lag.45.gmail; Fri, 12 Sep 2014 06:29:29 -0700 (PDT) X-Received: by 10.112.35.44 with SMTP id e12mr8403879lbj.13.1410528569273; Fri, 12 Sep 2014 06:29:29 -0700 (PDT) Received: from mail-la0-f43.google.com (mail-la0-f43.google.com [209.85.215.43]) by mx.google.com with ESMTPS id vs12si6587298lac.36.2014.09.12.06.29.28 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 12 Sep 2014 06:29:28 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.43 as permitted sender) client-ip=209.85.215.43; Received: by mail-la0-f43.google.com with SMTP id gi9so945321lab.2 for ; Fri, 12 Sep 2014 06:29:28 -0700 (PDT) X-Received: by 10.112.53.230 with SMTP id e6mr8517307lbp.100.1410528568138; Fri, 12 Sep 2014 06:29:28 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.141.42 with SMTP id rl10csp731552lbb; Fri, 12 Sep 2014 06:29:27 -0700 (PDT) X-Received: by 10.224.7.197 with SMTP id e5mr12076908qae.58.1410528565897; Fri, 12 Sep 2014 06:29:25 -0700 (PDT) Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id la1si5619574qcb.46.2014.09.12.06.29.25 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 12 Sep 2014 06:29:25 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Received: from localhost ([::1]:44942 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XSQui-0006tU-RR for patch@linaro.org; Fri, 12 Sep 2014 09:29:24 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56904) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XSQpX-0006pn-FD for qemu-devel@nongnu.org; Fri, 12 Sep 2014 09:24:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XSQpR-0003yI-09 for qemu-devel@nongnu.org; Fri, 12 Sep 2014 09:24:03 -0400 Received: from mnementh.archaic.org.uk ([81.2.115.146]:46960) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XSQpQ-0003xI-O5 for qemu-devel@nongnu.org; Fri, 12 Sep 2014 09:23:56 -0400 Received: from pm215 by mnementh.archaic.org.uk with local (Exim 4.80) (envelope-from ) id 1XSQpP-0003YN-Fp for qemu-devel@nongnu.org; Fri, 12 Sep 2014 14:23:55 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Date: Fri, 12 Sep 2014 14:23:49 +0100 Message-Id: <1410528234-13545-19-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1410528234-13545-1-git-send-email-peter.maydell@linaro.org> References: <1410528234-13545-1-git-send-email-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 81.2.115.146 Subject: [Qemu-devel] [PULL 18/23] target-arm: Make *IS TLB maintenance ops affect all CPUs X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: , List-Help: , List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: peter.maydell@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.43 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 The ARM architecture defines that the "IS" variants of TLB maintenance operations must affect all TLBs in the Inner Shareable domain, which for us means all CPUs. We were incorrectly implementing these to only affect the current CPU, which meant that SMP TCG operation was unstable. Signed-off-by: Peter Maydell Message-id: 1410274883-9578-3-git-send-email-peter.maydell@linaro.org Cc: qemu-stable@nongnu.org --- target-arm/helper.c | 101 +++++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 89 insertions(+), 12 deletions(-) diff --git a/target-arm/helper.c b/target-arm/helper.c index 9984cca..ece9673 100644 --- a/target-arm/helper.c +++ b/target-arm/helper.c @@ -377,6 +377,47 @@ static void tlbimvaa_write(CPUARMState *env, const ARMCPRegInfo *ri, tlb_flush_page(CPU(cpu), value & TARGET_PAGE_MASK); } +/* IS variants of TLB operations must affect all cores */ +static void tlbiall_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + + CPU_FOREACH(other_cs) { + tlb_flush(other_cs, 1); + } +} + +static void tlbiasid_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + + CPU_FOREACH(other_cs) { + tlb_flush(other_cs, value == 0); + } +} + +static void tlbimva_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + + CPU_FOREACH(other_cs) { + tlb_flush_page(other_cs, value & TARGET_PAGE_MASK); + } +} + +static void tlbimvaa_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + + CPU_FOREACH(other_cs) { + tlb_flush_page(other_cs, value & TARGET_PAGE_MASK); + } +} + static const ARMCPRegInfo cp_reginfo[] = { { .name = "FCSEIDR", .cp = 15, .crn = 13, .crm = 0, .opc1 = 0, .opc2 = 0, .access = PL1_RW, .fieldoffset = offsetof(CPUARMState, cp15.c13_fcse), @@ -908,13 +949,15 @@ static const ARMCPRegInfo v7_cp_reginfo[] = { static const ARMCPRegInfo v7mp_cp_reginfo[] = { /* 32 bit TLB invalidates, Inner Shareable */ { .name = "TLBIALLIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 0, - .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbiall_write }, + .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbiall_is_write }, { .name = "TLBIMVAIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 1, - .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimva_write }, + .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimva_is_write }, { .name = "TLBIASIDIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 2, - .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbiasid_write }, + .type = ARM_CP_NO_MIGRATE, .access = PL1_W, + .writefn = tlbiasid_is_write }, { .name = "TLBIMVAAIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 3, - .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimvaa_write }, + .type = ARM_CP_NO_MIGRATE, .access = PL1_W, + .writefn = tlbimvaa_is_write }, REGINFO_SENTINEL }; @@ -1904,6 +1947,39 @@ static void tlbi_aa64_asid_write(CPUARMState *env, const ARMCPRegInfo *ri, tlb_flush(CPU(cpu), asid == 0); } +static void tlbi_aa64_va_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + uint64_t pageaddr = sextract64(value << 12, 0, 56); + + CPU_FOREACH(other_cs) { + tlb_flush_page(other_cs, pageaddr); + } +} + +static void tlbi_aa64_vaa_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + uint64_t pageaddr = sextract64(value << 12, 0, 56); + + CPU_FOREACH(other_cs) { + tlb_flush_page(other_cs, pageaddr); + } +} + +static void tlbi_aa64_asid_is_write(CPUARMState *env, const ARMCPRegInfo *ri, + uint64_t value) +{ + CPUState *other_cs; + int asid = extract64(value, 48, 16); + + CPU_FOREACH(other_cs) { + tlb_flush(other_cs, asid == 0); + } +} + static CPAccessResult aa64_zva_access(CPUARMState *env, const ARMCPRegInfo *ri) { /* We don't implement EL2, so the only control on DC ZVA is the @@ -2021,27 +2097,27 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { { .name = "TLBI_VMALLE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 0, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, - .writefn = tlbiall_write }, + .writefn = tlbiall_is_write }, { .name = "TLBI_VAE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 1, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, - .writefn = tlbi_aa64_va_write }, + .writefn = tlbi_aa64_va_is_write }, { .name = "TLBI_ASIDE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 2, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, - .writefn = tlbi_aa64_asid_write }, + .writefn = tlbi_aa64_asid_is_write }, { .name = "TLBI_VAAE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 3, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, - .writefn = tlbi_aa64_vaa_write }, + .writefn = tlbi_aa64_vaa_is_write }, { .name = "TLBI_VALE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 5, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, - .writefn = tlbi_aa64_va_write }, + .writefn = tlbi_aa64_va_is_write }, { .name = "TLBI_VAALE1IS", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 7, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, - .writefn = tlbi_aa64_vaa_write }, + .writefn = tlbi_aa64_vaa_is_write }, { .name = "TLBI_VMALLE1", .state = ARM_CP_STATE_AA64, .opc0 = 1, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 0, .access = PL1_W, .type = ARM_CP_NO_MIGRATE, @@ -2083,9 +2159,10 @@ static const ARMCPRegInfo v8_cp_reginfo[] = { #endif /* TLB invalidate last level of translation table walk */ { .name = "TLBIMVALIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 5, - .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimva_write }, + .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimva_is_write }, { .name = "TLBIMVAALIS", .cp = 15, .opc1 = 0, .crn = 8, .crm = 3, .opc2 = 7, - .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimvaa_write }, + .type = ARM_CP_NO_MIGRATE, .access = PL1_W, + .writefn = tlbimvaa_is_write }, { .name = "TLBIMVAL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 5, .type = ARM_CP_NO_MIGRATE, .access = PL1_W, .writefn = tlbimva_write }, { .name = "TLBIMVAAL", .cp = 15, .opc1 = 0, .crn = 8, .crm = 7, .opc2 = 7,