From patchwork Tue Nov 14 09:42:03 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Richard Henderson <richard.henderson@linaro.org>
X-Patchwork-Id: 118864
Delivered-To: patch@linaro.org
Received: by 10.140.22.164 with SMTP id 33csp2826685qgn;
 Tue, 14 Nov 2017 01:44:26 -0800 (PST)
X-Google-Smtp-Source: AGs4zMa6hs3gzFyf+s0e4XhVOE/+N6YtBa9iUa7V1dANdjJNHry1xsDHvUGA7FTM8cbwMO8oTZlG
X-Received: by 10.37.125.71 with SMTP id y68mr7013371ybc.35.1510652666740;
 Tue, 14 Nov 2017 01:44:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1510652666; cv=none;
 d=google.com; s=arc-20160816;
 b=gMAGS9s3alklQsg+hO4L9Q3Lm4zEUbRQvYoXxjdKSZ2kKPqfEjfKPyFLK2VkX2AekG
 eK3nJkQAryua9Y11wnbZDNOLEDquIJrBMNZh+fCMr8FcRxIpxKEbYfEAtjOi7ZNmEllY
 0GYt4dldgzC81/WnDS9asYWOw7TuZW/i+abk1GfOQFqouhNQ6FKpxztAx+/V0+/TJp4D
 pUPt+TMbD9Y8xmn1YFEgJmJ+VvIK5H/5tP/atgg4l0MbZIBQWpktzi3i4JLnLqrpUjdY
 F+56KMq6w8UU5aECGgg7VROvthK9wdU95ti1yvJMHj5UtBB2qSBem2jYSUJTucncaBHF
 2ljw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:subject:message-id:date:to:from
 :dkim-signature:arc-authentication-results;
 bh=WaMrwHciPAETRSvhXhXwAGx5KtbYSUVKuFVkDY9duRs=;
 b=DPCSMEvA6FWjaKG3izWozLxl1W3EZJHq0tyEmFvqTeCunnK/iTLzfuVCHR3kOGphBy
 +FcxG7Z6RU4PFrDATbUL0eJFBULTcfSctvAG2FN1l739TdV0pITWteSTKY5XfI0CiT1c
 mRb0DQYwc9KCWBi7fv5SzJREASZHQMit4TP4umZgDGhxlJ+6tz0nM5l8gG5kDj5RKm15
 KMfMwPg8BTB/Gxj7/nPMKyZyWbEEggXi90nI0Va54+XWJj35iAqq4CHYT+f0Y9ATtqwc
 iDKYln8WQX3khEP2eWZGfWAn0UMVlSuWJZF4IvWVusnLgllLal1JBz4lyhJaUnLli8e5
 XHGw==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=SGmmMGyk;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11])
 by mx.google.com with ESMTPS id
 u123si1101120ywg.173.2017.11.14.01.44.26 for <patch@linaro.org>
 (version=TLS1 cipher=AES128-SHA bits=128/128);
 Tue, 14 Nov 2017 01:44:26 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 client-ip=2001:4830:134:3::11; 
Authentication-Results: mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=SGmmMGyk;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([::1]:58515 helo=lists.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <qemu-devel-bounces+patch=linaro.org@nongnu.org>)
 id 1eEXla-0006TB-A1
 for patch@linaro.org; Tue, 14 Nov 2017 04:44:26 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:58403)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1eEXlM-0006R3-Un
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 04:44:14 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1eEXlH-0005ez-SM
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 04:44:13 -0500
Received: from mail-wr0-x243.google.com ([2a00:1450:400c:c0c::243]:53170)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <richard.henderson@linaro.org>)
 id 1eEXlH-0005eS-Hm
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 04:44:07 -0500
Received: by mail-wr0-x243.google.com with SMTP id j23so16914333wra.9
 for <qemu-devel@nongnu.org>; Tue, 14 Nov 2017 01:44:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id;
 bh=WaMrwHciPAETRSvhXhXwAGx5KtbYSUVKuFVkDY9duRs=;
 b=SGmmMGyk+fAfbdaFD0WDQ1zx5jJVqW8ib87vj5o1nXt9fXa+SUROwX1QBY80efxZtc
 IwtHWc1JmIA0O/3NRhPbnzSGZlD8xLanESiHn1+MwzgAI/YJ9mcXyl1HAlEfFpg6bOaR
 66KlkaijWuUXfeBayHl5WivfvCMCX6ov7BeyY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=WaMrwHciPAETRSvhXhXwAGx5KtbYSUVKuFVkDY9duRs=;
 b=L6l9L8V1sYRUgZ1MpykwYa/8RfSTjOgMyQ8w5UlEEiZGoBTA9dRHRFZmB6GuNZpvva
 yeeUGzgukyYmGnIAr8gjTBMqHlt/DTfuC+Uc2u+McLA8Zw8TgGrxIEaKFyjgPvH1RMLH
 BI68q3K/j5zD7qAl3k9k8VXQfJ08qjqkCbtRqbLHYB66iba9KcO+qBJyzEuT+iOJ9vqU
 WPKdimdMw+6Ys1K5h6BMqPcIeZGTuYDXfR8mjpP+hjosMvY1Xzpsm5xJPXOASIy3GDmI
 kd+MheK8TEDmGa6kSlxvIwvB+EHH/xWGBOZWI51rdu6o+fHgFPpAL+iEBHgNY/naadht
 ApEw==
X-Gm-Message-State: AJaThX677fHJbnnv8edb6OTTiYsE+axEDwmxbgNK/Vx6O09LRAxNKO/q
 voO/gihDZeeYzzQF8wnWb+4fvR8Oyfs=
X-Received: by 10.223.129.41 with SMTP id 38mr10296748wrm.57.1510652646106; 
 Tue, 14 Nov 2017 01:44:06 -0800 (PST)
Received: from cloudburst.twiddle.net
 (176.red-213-99-135.dynamicip.rima-tde.net. [213.99.135.176])
 by smtp.gmail.com with ESMTPSA id
 h8sm5693217wme.30.2017.11.14.01.44.04
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Tue, 14 Nov 2017 01:44:05 -0800 (PST)
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Date: Tue, 14 Nov 2017 10:42:03 +0100
Message-Id: <20171114094203.28030-1-richard.henderson@linaro.org>
X-Mailer: git-send-email 2.13.6
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2a00:1450:400c:c0c::243
Subject: [Qemu-devel] [PATCH] tcg: Record code_gen_buffer address for
 user-only memory helpers
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: peter.maydell@linaro.org
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

When we handle a signal from a fault within a user-only memory helper,
we cannot cpu_restore_state with the PC found within the signal frame.
Use a TLS variable, helper_retaddr, to record the unwind start point
to find the faulting guest insn.

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---

Tested only with a silly test case --

int main()
{
  int new = 1, old = 0;
  __atomic_compare_exchange((int *)0, &old, &new, 0, 0, 0);
  return old;
}

which even before the patch does not fail in the way Peter describes.

As I post this, I remember in theory we should use __atomic_signal_fence
after setting helper_retaddr, but as far as I know this is a no-op on all
supported hosts.  It might still generate a compiler barrier though, so it's
worth considering.


r~
---

 accel/tcg/atomic_template.h               | 32 +++++++++++++----
 include/exec/cpu_ldst.h                   |  2 ++
 include/exec/cpu_ldst_useronly_template.h | 14 ++++++--
 accel/tcg/cputlb.c                        |  1 +
 accel/tcg/user-exec.c                     | 58 +++++++++++++++++++++++++------
 5 files changed, 87 insertions(+), 20 deletions(-)

-- 
2.13.6
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>

diff --git a/accel/tcg/atomic_template.h b/accel/tcg/atomic_template.h
index b400b2a3d3..1c7c17526c 100644
--- a/accel/tcg/atomic_template.h
+++ b/accel/tcg/atomic_template.h
@@ -62,7 +62,9 @@ ABI_TYPE ATOMIC_NAME(cmpxchg)(CPUArchState *env, target_ulong addr,
                               ABI_TYPE cmpv, ABI_TYPE newv EXTRA_ARGS)
 {
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
-    return atomic_cmpxchg__nocheck(haddr, cmpv, newv);
+    DATA_TYPE ret = atomic_cmpxchg__nocheck(haddr, cmpv, newv);
+    ATOMIC_MMU_CLEANUP;
+    return ret;
 }
 
 #if DATA_SIZE >= 16
@@ -70,6 +72,7 @@ ABI_TYPE ATOMIC_NAME(ld)(CPUArchState *env, target_ulong addr EXTRA_ARGS)
 {
     DATA_TYPE val, *haddr = ATOMIC_MMU_LOOKUP;
     __atomic_load(haddr, &val, __ATOMIC_RELAXED);
+    ATOMIC_MMU_CLEANUP;
     return val;
 }
 
@@ -78,13 +81,16 @@ void ATOMIC_NAME(st)(CPUArchState *env, target_ulong addr,
 {
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
     __atomic_store(haddr, &val, __ATOMIC_RELAXED);
+    ATOMIC_MMU_CLEANUP;
 }
 #else
 ABI_TYPE ATOMIC_NAME(xchg)(CPUArchState *env, target_ulong addr,
                            ABI_TYPE val EXTRA_ARGS)
 {
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
-    return atomic_xchg__nocheck(haddr, val);
+    DATA_TYPE ret = atomic_xchg__nocheck(haddr, val);
+    ATOMIC_MMU_CLEANUP;
+    return ret;
 }
 
 #define GEN_ATOMIC_HELPER(X)                                        \
@@ -92,8 +98,10 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr,       \
                  ABI_TYPE val EXTRA_ARGS)                           \
 {                                                                   \
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;                           \
-    return atomic_##X(haddr, val);                                  \
-}                                                                   \
+    DATA_TYPE ret = atomic_##X(haddr, val);                         \
+    ATOMIC_MMU_CLEANUP;                                             \
+    return ret;                                                     \
+}
 
 GEN_ATOMIC_HELPER(fetch_add)
 GEN_ATOMIC_HELPER(fetch_and)
@@ -123,7 +131,9 @@ ABI_TYPE ATOMIC_NAME(cmpxchg)(CPUArchState *env, target_ulong addr,
                               ABI_TYPE cmpv, ABI_TYPE newv EXTRA_ARGS)
 {
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
-    return BSWAP(atomic_cmpxchg__nocheck(haddr, BSWAP(cmpv), BSWAP(newv)));
+    DATA_TYPE ret = atomic_cmpxchg__nocheck(haddr, BSWAP(cmpv), BSWAP(newv));
+    ATOMIC_MMU_CLEANUP;
+    return BSWAP(ret);
 }
 
 #if DATA_SIZE >= 16
@@ -131,6 +141,7 @@ ABI_TYPE ATOMIC_NAME(ld)(CPUArchState *env, target_ulong addr EXTRA_ARGS)
 {
     DATA_TYPE val, *haddr = ATOMIC_MMU_LOOKUP;
     __atomic_load(haddr, &val, __ATOMIC_RELAXED);
+    ATOMIC_MMU_CLEANUP;
     return BSWAP(val);
 }
 
@@ -140,13 +151,16 @@ void ATOMIC_NAME(st)(CPUArchState *env, target_ulong addr,
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
     val = BSWAP(val);
     __atomic_store(haddr, &val, __ATOMIC_RELAXED);
+    ATOMIC_MMU_CLEANUP;
 }
 #else
 ABI_TYPE ATOMIC_NAME(xchg)(CPUArchState *env, target_ulong addr,
                            ABI_TYPE val EXTRA_ARGS)
 {
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
-    return BSWAP(atomic_xchg__nocheck(haddr, BSWAP(val)));
+    ABI_TYPE ret = atomic_xchg__nocheck(haddr, BSWAP(val));
+    ATOMIC_MMU_CLEANUP;
+    return BSWAP(ret);
 }
 
 #define GEN_ATOMIC_HELPER(X)                                        \
@@ -154,7 +168,9 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr,       \
                  ABI_TYPE val EXTRA_ARGS)                           \
 {                                                                   \
     DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;                           \
-    return BSWAP(atomic_##X(haddr, BSWAP(val)));                    \
+    DATA_TYPE ret = atomic_##X(haddr, BSWAP(val));                  \
+    ATOMIC_MMU_CLEANUP;                                             \
+    return BSWAP(ret);                                              \
 }
 
 GEN_ATOMIC_HELPER(fetch_and)
@@ -180,6 +196,7 @@ ABI_TYPE ATOMIC_NAME(fetch_add)(CPUArchState *env, target_ulong addr,
         sto = BSWAP(ret + val);
         ldn = atomic_cmpxchg__nocheck(haddr, ldo, sto);
         if (ldn == ldo) {
+            ATOMIC_MMU_CLEANUP;
             return ret;
         }
         ldo = ldn;
@@ -198,6 +215,7 @@ ABI_TYPE ATOMIC_NAME(add_fetch)(CPUArchState *env, target_ulong addr,
         sto = BSWAP(ret);
         ldn = atomic_cmpxchg__nocheck(haddr, ldo, sto);
         if (ldn == ldo) {
+            ATOMIC_MMU_CLEANUP;
             return ret;
         }
         ldo = ldn;
diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
index 6eb5fe80dc..191f2e962a 100644
--- a/include/exec/cpu_ldst.h
+++ b/include/exec/cpu_ldst.h
@@ -76,6 +76,8 @@
 
 #if defined(CONFIG_USER_ONLY)
 
+extern __thread uintptr_t helper_retaddr;
+
 /* In user-only mode we provide only the _code and _data accessors. */
 
 #define MEMSUFFIX _data
diff --git a/include/exec/cpu_ldst_useronly_template.h b/include/exec/cpu_ldst_useronly_template.h
index 7b8c7c506e..c168f31bba 100644
--- a/include/exec/cpu_ldst_useronly_template.h
+++ b/include/exec/cpu_ldst_useronly_template.h
@@ -73,7 +73,11 @@ glue(glue(glue(cpu_ld, USUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
                                                   target_ulong ptr,
                                                   uintptr_t retaddr)
 {
-    return glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(env, ptr);
+    RES_TYPE ret;
+    helper_retaddr = retaddr;
+    ret = glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(env, ptr);
+    helper_retaddr = 0;
+    return ret;
 }
 
 #if DATA_SIZE <= 2
@@ -93,7 +97,11 @@ glue(glue(glue(cpu_lds, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
                                                   target_ulong ptr,
                                                   uintptr_t retaddr)
 {
-    return glue(glue(cpu_lds, SUFFIX), MEMSUFFIX)(env, ptr);
+    int ret;
+    helper_retaddr = retaddr;
+    ret = glue(glue(cpu_lds, SUFFIX), MEMSUFFIX)(env, ptr);
+    helper_retaddr = 0;
+    return ret;
 }
 #endif
 
@@ -116,7 +124,9 @@ glue(glue(glue(cpu_st, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
                                                   RES_TYPE v,
                                                   uintptr_t retaddr)
 {
+    helper_retaddr = retaddr;
     glue(glue(cpu_st, SUFFIX), MEMSUFFIX)(env, ptr, v);
+    helper_retaddr = 0;
 }
 #endif
 
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index a23919c3a8..d071ca4d14 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1041,6 +1041,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
 #define ATOMIC_NAME(X) \
     HELPER(glue(glue(glue(atomic_ ## X, SUFFIX), END), _mmu))
 #define ATOMIC_MMU_LOOKUP  atomic_mmu_lookup(env, addr, oi, retaddr)
+#define ATOMIC_MMU_CLEANUP do { } while (0)
 
 #define DATA_SIZE 1
 #include "atomic_template.h"
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 492ea0826c..0324ba8ad1 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -39,6 +39,8 @@
 #include <sys/ucontext.h>
 #endif
 
+__thread uintptr_t helper_retaddr;
+
 //#define DEBUG_SIGNAL
 
 /* exit the current TB from a signal handler. The host registers are
@@ -62,6 +64,27 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
     CPUClass *cc;
     int ret;
 
+    /* We must handle PC addresses from two different sources:
+     * a call return address and a signal frame address.
+     *
+     * Within cpu_restore_state_from_tb we assume the former and adjust
+     * the address by -GETPC_ADJ so that the address is within the call
+     * insn so that addr does not accidentally match the beginning of the
+     * next guest insn.
+     *
+     * However, when the PC comes from the signal frame, it points to
+     * the actual faulting host insn and not a call insn.  Subtracting
+     * GETPC_ADJ in that case may accidentally match the previous guest insn.
+     *
+     * So for the later case, adjust forward to compensate for what
+     * will be done later by cpu_restore_state_from_tb.
+     */
+    if (helper_retaddr) {
+        pc = helper_retaddr;
+    } else {
+        pc += GETPC_ADJ;
+    }
+
     /* For synchronous signals we expect to be coming from the vCPU
      * thread (so current_cpu should be valid) and either from running
      * code or during translation which can fault as we cross pages.
@@ -84,21 +107,24 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
         switch (page_unprotect(h2g(address), pc)) {
         case 0:
             /* Fault not caused by a page marked unwritable to protect
-             * cached translations, must be the guest binary's problem
+             * cached translations, must be the guest binary's problem.
              */
             break;
         case 1:
             /* Fault caused by protection of cached translation; TBs
-             * invalidated, so resume execution
+             * invalidated, so resume execution.  Retain helper_retaddr
+             * for a possible second fault.
              */
             return 1;
         case 2:
             /* Fault caused by protection of cached translation, and the
              * currently executing TB was modified and must be exited
-             * immediately.
+             * immediately.  Clear helper_retaddr for next execution.
              */
+            helper_retaddr = 0;
             cpu_exit_tb_from_sighandler(cpu, old_set);
-            g_assert_not_reached();
+            /* NORETURN */
+
         default:
             g_assert_not_reached();
         }
@@ -112,17 +138,25 @@ static inline int handle_cpu_signal(uintptr_t pc, unsigned long address,
     /* see if it is an MMU fault */
     g_assert(cc->handle_mmu_fault);
     ret = cc->handle_mmu_fault(cpu, address, is_write, MMU_USER_IDX);
+
+    if (ret == 0) {
+        /* The MMU fault was handled without causing real CPU fault.
+         *  Retain helper_retaddr for a possible second fault.
+         */
+        return 1;
+    }
+
+    /* All other paths lead to cpu_exit; clear helper_retaddr
+     * for next execution.
+     */
+    helper_retaddr = 0;
+
     if (ret < 0) {
         return 0; /* not an MMU fault */
     }
-    if (ret == 0) {
-        return 1; /* the MMU fault was handled without causing real CPU fault */
-    }
 
-    /* Now we have a real cpu fault.  Since this is the exact location of
-     * the exception, we must undo the adjustment done by cpu_restore_state
-     * for handling call return addresses.  */
-    cpu_restore_state(cpu, pc + GETPC_ADJ);
+    /* Now we have a real cpu fault.  */
+    cpu_restore_state(cpu, pc);
 
     sigprocmask(SIG_SETMASK, old_set, NULL);
     cpu_loop_exit(cpu);
@@ -585,11 +619,13 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
     if (unlikely(addr & (size - 1))) {
         cpu_loop_exit_atomic(ENV_GET_CPU(env), retaddr);
     }
+    helper_retaddr = retaddr;
     return g2h(addr);
 }
 
 /* Macro to call the above, with local variables from the use context.  */
 #define ATOMIC_MMU_LOOKUP  atomic_mmu_lookup(env, addr, DATA_SIZE, GETPC())
+#define ATOMIC_MMU_CLEANUP do { helper_retaddr = 0; } while (0)
 
 #define ATOMIC_NAME(X)   HELPER(glue(glue(atomic_ ## X, SUFFIX), END))
 #define EXTRA_ARGS

From patchwork Tue Nov 14 12:53:04 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Richard Henderson <richard.henderson@linaro.org>
X-Patchwork-Id: 118874
Delivered-To: patch@linaro.org
Received: by 10.140.22.164 with SMTP id 33csp3007793qgn;
 Tue, 14 Nov 2017 04:55:41 -0800 (PST)
X-Google-Smtp-Source: AGs4zMZ9e0TChBsJ/mn4vByPO0SzcGqXn1toZjiUx01HlgZY8a5lS4/5GbzqWaH+dTnFPL2HDp+O
X-Received: by 10.129.173.94 with SMTP id l30mr453006ywk.5.1510664141940;
 Tue, 14 Nov 2017 04:55:41 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1510664141; cv=none;
 d=google.com; s=arc-20160816;
 b=V6hIjilHcdzUXUG96tNCnSmUAsQw7ZKUZMAcNthfocZH3au8FG2GcNq+wVsVZWjp4b
 1ypYgm2zY+ofbCE3CAVjDK/jlvxCDtszGOTqDHqOzxTfkk5S8tmXlZ+OpeSQt8IXnSk/
 eEN93BYSrZGeydSinNg4StQI8trc5wc2FJrLuTeNXwLx0obUT40Ef/lJg75inAeSErc/
 58VdNv/AF0qIbv8KdSuvD+Ui8aVXStg+DooW3WCiaDz0I0BirR7A2rboI+N9HgmC2i7+
 5b/GmohxuZ6fI8XfacTk0pfsqCUxaLP+X+Md2HAaJMP4NWmHBucDVgubV1ox1RFgRxSA
 CZjQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:subject:references:in-reply-to
 :message-id:date:to:from:dkim-signature:arc-authentication-results;
 bh=wKRxKghRYX66bnj0i5LS3QaZCXhWXU21G1WwQjVQFMA=;
 b=ho+KmS95gI2TPWeAd0FLivSG/s4Lqt/HH1YzaUW+XB73rleGtzfSkjjWK0Cud3uifK
 sjw+HDbxfI8A33+3IneP5DeQOepbinrTCCVDbQ010jDQEL0FS0kDrsu46VxSRUcvz6Pb
 32ihh9QeOrw+R2QSX86crumTn1ZJ+eu8/651/5tPcIGmNdc8vV6ky5jw3ghC4K+qZsz1
 5ysuynP/Ct4OQItIUJ+l3EAHet+QEKTdIxlyhgqnPtWY3G1f7Soahmkp/346UoESt/nQ
 CC3YSm5q0o9ZW0Qur9PuhkaMq9Enzb0WpNdkjfY7boYzNdxmWTeKPtduLzNLPmHnebRb
 OqFA==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=GU6n6op4;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11])
 by mx.google.com with ESMTPS id
 22si1811469ywb.327.2017.11.14.04.55.41 for <patch@linaro.org>
 (version=TLS1 cipher=AES128-SHA bits=128/128);
 Tue, 14 Nov 2017 04:55:41 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 client-ip=2001:4830:134:3::11; 
Authentication-Results: mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=GU6n6op4;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([::1]:59303 helo=lists.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <qemu-devel-bounces+patch=linaro.org@nongnu.org>)
 id 1eEake-0001Md-PJ
 for patch@linaro.org; Tue, 14 Nov 2017 07:55:40 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42187)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1eEakE-0001H6-FK
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 07:55:18 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1eEak9-0006C4-Gg
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 07:55:14 -0500
Received: from mail-wm0-x243.google.com ([2a00:1450:400c:c09::243]:35045)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <richard.henderson@linaro.org>)
 id 1eEak9-0006Ab-63
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 07:55:09 -0500
Received: by mail-wm0-x243.google.com with SMTP id y80so21058254wmd.0
 for <qemu-devel@nongnu.org>; Tue, 14 Nov 2017 04:55:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=wKRxKghRYX66bnj0i5LS3QaZCXhWXU21G1WwQjVQFMA=;
 b=GU6n6op4ZMig107uIZ/vv4Kulx97X/mMhe6lDL7DnaPy5J5U79PPKfYatFdLzah0zR
 bE6OkPMByCGAmIxFVOhNfIV9lY/xduq1vwrmtVDl/Eh3hNmoAFDPhJLCS7qxg1LMTiKZ
 UUWfISPhPiR89gdqOX6yeFNC1UrJeOA8XQUFQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=wKRxKghRYX66bnj0i5LS3QaZCXhWXU21G1WwQjVQFMA=;
 b=lIU1pKNqIkUYF/hs08Oo7edDQfz4Bw6VnXlQHMtJrdVgJ0Pyetz26BqULygoS6oTVu
 sSeFHrUEL0jVXj88hBRoq/h+YZoC6M004KuItVmKGzu61LSVYJskJgF6mzkPqyPOvzwt
 GNIPR+9+4xaP1BAG2gDSWMsx7GabXOTAV5b4Y0e41CN/UTI6p6jRqtvTvZyG+Z1PWEQ8
 lwIzauzcvPvJVDJCEuo6vR2ewjosSjnDhCpghbKUwtMl8t4GzpCRLggHHKcFP/8Dx4Yu
 JLjzAvcExjnZc2vbG56DiruUY4ImS8qPt9OYqXLlDC4/p1Wpo6EvF/XWWuKitvcTQeyz
 EIYg==
X-Gm-Message-State: AJaThX41DqkKcUbpuj7hd3Me8JgJAMARFZFe7ODq3CMLHz2IvAumGiH4
 fWLoHvA4a0Dkz3dqs2kouzJMLIa6ueU=
X-Received: by 10.28.194.139 with SMTP id s133mr6167828wmf.14.1510664107535; 
 Tue, 14 Nov 2017 04:55:07 -0800 (PST)
Received: from cloudburst.twiddle.net
 (176.red-213-99-135.dynamicip.rima-tde.net. [213.99.135.176])
 by smtp.gmail.com with ESMTPSA id
 f10sm16898208wrg.20.2017.11.14.04.55.06
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Tue, 14 Nov 2017 04:55:06 -0800 (PST)
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Date: Tue, 14 Nov 2017 13:53:04 +0100
Message-Id: <20171114125304.854-1-richard.henderson@linaro.org>
X-Mailer: git-send-email 2.13.6
In-Reply-To: <20171114094203.28030-1-richard.henderson@linaro.org>
References: <20171114094203.28030-1-richard.henderson@linaro.org>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2a00:1450:400c:c09::243
Subject: [Qemu-devel] [PATCH 2/1] target/arm: Use helper_retaddr in stxp
 helpers
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: peter.maydell@linaro.org
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

We use raw memory primitives along the !parallel_cpus paths in order to
simplify the endianness handling.  Because of that, we did not benefit
from the generic changes to cpu_ldst_user_only_template.h.

The simplest fix is to manipulate helper_retaddr here.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/helper-a64.c | 6 ++++++
 1 file changed, 6 insertions(+)

-- 
2.12.0
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
index d0e435ca4b..96a3ecf707 100644
--- a/target/arm/helper-a64.c
+++ b/target/arm/helper-a64.c
@@ -456,6 +456,8 @@ static uint64_t do_paired_cmpxchg64_le(CPUARMState *env, uint64_t addr,
 #ifdef CONFIG_USER_ONLY
         /* ??? Enforce alignment.  */
         uint64_t *haddr = g2h(addr);
+
+        helper_retaddr = ra;
         o0 = ldq_le_p(haddr + 0);
         o1 = ldq_le_p(haddr + 1);
         oldv = int128_make128(o0, o1);
@@ -465,6 +467,7 @@ static uint64_t do_paired_cmpxchg64_le(CPUARMState *env, uint64_t addr,
             stq_le_p(haddr + 0, int128_getlo(newv));
             stq_le_p(haddr + 1, int128_gethi(newv));
         }
+        helper_retaddr = 0;
 #else
         int mem_idx = cpu_mmu_index(env, false);
         TCGMemOpIdx oi0 = make_memop_idx(MO_LEQ | MO_ALIGN_16, mem_idx);
@@ -523,6 +526,8 @@ static uint64_t do_paired_cmpxchg64_be(CPUARMState *env, uint64_t addr,
 #ifdef CONFIG_USER_ONLY
         /* ??? Enforce alignment.  */
         uint64_t *haddr = g2h(addr);
+
+        helper_retaddr = ra;
         o1 = ldq_be_p(haddr + 0);
         o0 = ldq_be_p(haddr + 1);
         oldv = int128_make128(o0, o1);
@@ -532,6 +537,7 @@ static uint64_t do_paired_cmpxchg64_be(CPUARMState *env, uint64_t addr,
             stq_be_p(haddr + 0, int128_gethi(newv));
             stq_be_p(haddr + 1, int128_getlo(newv));
         }
+        helper_retaddr = 0;
 #else
         int mem_idx = cpu_mmu_index(env, false);
         TCGMemOpIdx oi0 = make_memop_idx(MO_BEQ | MO_ALIGN_16, mem_idx);

From patchwork Tue Nov 14 13:41:53 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Richard Henderson <richard.henderson@linaro.org>
X-Patchwork-Id: 118875
Delivered-To: patch@linaro.org
Received: by 10.140.22.164 with SMTP id 33csp3059800qgn;
 Tue, 14 Nov 2017 05:44:11 -0800 (PST)
X-Google-Smtp-Source: AGs4zMapAZMo0BBnpurzTyMs3Ae/k4znQ2Elm669DvbMeUU75VqcyY4IyzFZx9XxhmTELuqKjamM
X-Received: by 10.37.139.133 with SMTP id j5mr7565744ybl.4.1510667051899;
 Tue, 14 Nov 2017 05:44:11 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1510667051; cv=none;
 d=google.com; s=arc-20160816;
 b=H8MxApZaDFMFXLk4kfUmLYLZk3pXcO4zBmU4rfno95Ex+MV0Iw8z2RsNiQIqe+hIJ9
 rms9D8qgmXQB3ffaBhI2T5snsPjWYk/zxQCU5fm0XF/oiATV8Rf1zmCzhy+68rVgqCGF
 x8QvL0xiWcjVXNwZPlcMPpUgGDKpcQhAOyRsBQLezYV1OC+6iWNK8PWxnbHBnAZLrNyF
 TIx8nJEsSRCUYxAcaqQqIgK7e77jjrGJwccJky4IYJ5/zfzCIPhjPUS1EOX0rLg6p+s/
 fqbYiDOjImTmM0qnRg1otVZ5LoI39gOJ+nSEYpSchyyfhchPeYsPPR2jLNnhnawkujZA
 K9TQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816; 
 h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:subject:references:in-reply-to
 :message-id:date:to:from:dkim-signature:arc-authentication-results;
 bh=4hTT0KQlSicoXtG1hgSqzyoNEsN2iExd0Bmp2GECoy4=;
 b=eyVwSxbgJ7jzDrbizblSMnB1mAUcse8MagTnKE8vWTrdLvD7f2Lz6weuCjt6URGtye
 Jxj1j5BlyVYvMLcopI5/I5IOLxqQ+kX2pKr3OLjjNXq6mb7aSrONXX0jxKr7YVuKnRUX
 +LvTLJJa54Tmj/PK7pUj7CaymHepE1a9heez4dhuI1DYhSROa5q88I6wkm3ywo3kZtkz
 998BnoJxLG/9t+dhJPSU/GkZOpYySzO/mQDOs0h9Ggl0mYie/GWgPiEgfCSJvb5m2k9t
 aTrDHvUA9TAOOMMZEkWKBj5JAeWTWTPyKjqDeERnhEcTDRARm4lTREq18Lw9ocfhW9F3
 RVzQ==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=UOPs8D8l;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11])
 by mx.google.com with ESMTPS id
 s205si918666ywc.279.2017.11.14.05.44.11 for <patch@linaro.org>
 (version=TLS1 cipher=AES128-SHA bits=128/128);
 Tue, 14 Nov 2017 05:44:11 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 client-ip=2001:4830:134:3::11; 
Authentication-Results: mx.google.com;
 dkim=fail header.i=@linaro.org header.s=google header.b=UOPs8D8l;
 spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates
 2001:4830:134:3::11 as permitted sender)
 smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; 
 dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from localhost ([::1]:59824 helo=lists.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <qemu-devel-bounces+patch=linaro.org@nongnu.org>)
 id 1eEbVb-00034p-GJ
 for patch@linaro.org; Tue, 14 Nov 2017 08:44:11 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:40151)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1eEbVQ-00034R-HJ
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 08:44:01 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <richard.henderson@linaro.org>) id 1eEbVN-0002rd-Vp
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 08:44:00 -0500
Received: from mail-wm0-x242.google.com ([2a00:1450:400c:c09::242]:35706)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
 (Exim 4.71) (envelope-from <richard.henderson@linaro.org>)
 id 1eEbVN-0002oz-OQ
 for qemu-devel@nongnu.org; Tue, 14 Nov 2017 08:43:57 -0500
Received: by mail-wm0-x242.google.com with SMTP id y80so21364046wmd.0
 for <qemu-devel@nongnu.org>; Tue, 14 Nov 2017 05:43:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=4hTT0KQlSicoXtG1hgSqzyoNEsN2iExd0Bmp2GECoy4=;
 b=UOPs8D8l5MQ6MyOJx5IatQ6RLj/8QQ3mo/gT5KSfD7BwWgKc1iVPohzGF+tbQvfg4t
 kYlEUIK7jmoh7d/n5QQVkJBR9CCSnjcIG0LmA87CPNsFmFOjZHGmIStPEe6HZY1IbX1m
 pysdBnOAj+BfMgRdYXmjPwkDBomJhT/ENoxEk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=4hTT0KQlSicoXtG1hgSqzyoNEsN2iExd0Bmp2GECoy4=;
 b=OVCoTj7YiSYY9GtClDNsl4tM0DVjCwSd9ciDyzMnWJok2kuqz3lFT7L9584TWSX7IO
 5GD5kfPw2XgstB5yJpC8oFFJkyxWc1rTNTOHoSZLsqi5X792WeKuZLkTNUgsPJaP01Sn
 eEmcGNjNRzQikaWiOOSSp73riwgaZJrDQKEmRfPox2nj3uYS1j3iL/fh3i0m6XlVcUkx
 Q33RKA3sf8gbUowXio6DxBlMw2x9RjpT6KmL0HxEWKsGA0NOocR/6f1n5W7vL4AtVQX8
 UorvDaBBo6dlBtIkWrTtj3kyjsG6+zJ2fKSVgu+r9poVpG/Hb3JJVo1c6mvo0Q1HpfBk
 Q4mQ==
X-Gm-Message-State: AJaThX6S473EeaxWS+gEp9ZqgVbmgLofn5PwdH+2lZi2s01Z5WmnHJI5
 M6LjhrOHnB1pgFrSt5B0I5CMWM2tVCA=
X-Received: by 10.28.239.12 with SMTP id n12mr8069702wmh.140.1510667036205; 
 Tue, 14 Nov 2017 05:43:56 -0800 (PST)
Received: from cloudburst.twiddle.net
 (176.red-213-99-135.dynamicip.rima-tde.net. [213.99.135.176])
 by smtp.gmail.com with ESMTPSA id
 n43sm19462578wrb.93.2017.11.14.05.43.54
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Tue, 14 Nov 2017 05:43:55 -0800 (PST)
From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Date: Tue, 14 Nov 2017 14:41:53 +0100
Message-Id: <20171114134153.11167-1-richard.henderson@linaro.org>
X-Mailer: git-send-email 2.13.6
In-Reply-To: <20171114094203.28030-1-richard.henderson@linaro.org>
References: <20171114094203.28030-1-richard.henderson@linaro.org>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
 recognized.
X-Received-From: 2a00:1450:400c:c09::242
Subject: [Qemu-devel] [PATCH 3/1] target/arm: Fix GETPC usage in
 do_paired_cmpxchg64_l/be
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: peter.maydell@linaro.org
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+patch=linaro.org@nongnu.org>

Use of GETPC must be restricted to those functions that are
directly called from TCG generated code.

Fixes: 2399d4e7cec22ecf1c51062d2ebfd45220dbaace
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/helper-a64.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

-- 
2.12.0
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

diff --git a/target/arm/helper-a64.c b/target/arm/helper-a64.c
index 96a3ecf707..b84ebcae6e 100644
--- a/target/arm/helper-a64.c
+++ b/target/arm/helper-a64.c
@@ -432,9 +432,8 @@ uint64_t HELPER(crc32c_64)(uint64_t acc, uint64_t val, uint32_t bytes)
 /* Returns 0 on success; 1 otherwise.  */
 static uint64_t do_paired_cmpxchg64_le(CPUARMState *env, uint64_t addr,
                                        uint64_t new_lo, uint64_t new_hi,
-                                       bool parallel)
+                                       bool parallel, uintptr_t ra)
 {
-    uintptr_t ra = GETPC();
     Int128 oldv, cmpv, newv;
     bool success;
 
@@ -491,20 +490,19 @@ static uint64_t do_paired_cmpxchg64_le(CPUARMState *env, uint64_t addr,
 uint64_t HELPER(paired_cmpxchg64_le)(CPUARMState *env, uint64_t addr,
                                               uint64_t new_lo, uint64_t new_hi)
 {
-    return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, false);
+    return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, false, GETPC());
 }
 
 uint64_t HELPER(paired_cmpxchg64_le_parallel)(CPUARMState *env, uint64_t addr,
                                               uint64_t new_lo, uint64_t new_hi)
 {
-    return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, true);
+    return do_paired_cmpxchg64_le(env, addr, new_lo, new_hi, true, GETPC());
 }
 
 static uint64_t do_paired_cmpxchg64_be(CPUARMState *env, uint64_t addr,
                                        uint64_t new_lo, uint64_t new_hi,
-                                       bool parallel)
+                                       bool parallel, uintptr_t ra)
 {
-    uintptr_t ra = GETPC();
     Int128 oldv, cmpv, newv;
     bool success;
 
@@ -561,11 +559,11 @@ static uint64_t do_paired_cmpxchg64_be(CPUARMState *env, uint64_t addr,
 uint64_t HELPER(paired_cmpxchg64_be)(CPUARMState *env, uint64_t addr,
                                      uint64_t new_lo, uint64_t new_hi)
 {
-    return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, false);
+    return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, false, GETPC());
 }
 
 uint64_t HELPER(paired_cmpxchg64_be_parallel)(CPUARMState *env, uint64_t addr,
                                      uint64_t new_lo, uint64_t new_hi)
 {
-    return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, true);
+    return do_paired_cmpxchg64_be(env, addr, new_lo, new_hi, true, GETPC());
 }