From patchwork Fri Apr 1 15:00:55 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Peter Maydell X-Patchwork-Id: 555578 Delivered-To: patch@linaro.org Received: by 2002:a05:7000:1248:0:0:0:0 with SMTP id z8csp1625996mag; Fri, 1 Apr 2022 08:06:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwOUkxTLCWVeIXzQb686914DdB4pDQiRiIaFo74pLD/ZZqlNz3KOEDaWgqbPWMRP4+7uK+K X-Received: by 2002:a25:d88:0:b0:633:6bb9:7997 with SMTP id 130-20020a250d88000000b006336bb97997mr9521045ybn.37.1648825616217; Fri, 01 Apr 2022 08:06:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648825616; cv=none; d=google.com; s=arc-20160816; b=0wiJazyZ/g+SNmgRSNDVmegiN6Fkvrmq6YWdS6MI30LNPO49Av6rad4f6/MRBTJtTd goK88Gc+X3h1DuO1imci1USDviZoj5BH8VdFd0EIF9F/fi7gC5uIyF8+4bxfsYGSpE/l wMStzyTyQgzizu7lPnTaIeQUaiwzmhC0YlefkbaeN29IUcy1dZ2pyKs4hoBYPA0ZdJR1 J9cvFLlN8SrMJx9nhIfxT000Pv/hq1ksc/JEyqulGNi8w6lErKpbCm2irzQaEZ645ai5 BxPzgH1rzIbpvcbjRgtnWxdGKAAtC3u/ggvw/aiI/guGVX/8u5/lDs7BTKkcMqyCKtIM rdzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=b/IMCq50GJawrmIsXbxL/Y8Mb/df1w5GpM6DR/upW00=; b=sDCd1n5XlF5zaZHPHChfruGJh8Y98ej0DGbPd7/XOzC2NIKW80kjpJWVguu4bNiDK6 X3q6kosB9Y8HIrr8Mxk1FpH+3EjEODdmS1bHlLgMJtlrm7CAEX0Xf4DIr6xIdbKF8bjH vLV2kmbtUySZpgwgPwxN7TBq7P7XOpwE/JF9Re62BAreaQhdampg72Db+U2MKDj3eyCG X+ZZKPR3F9dwC3/efmOx28+UUQKE3oF7RvpIsQNs8zYvWNkko+W8T7+PZiQCayodFQpC tM7L/h84Hgzrf9uOM5RbtU0JI8Po69L2FK5VbObAc/dmzxXITF9E7cVP99EFgorWtNpJ c3eA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=yQWm6aml; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id t206-20020a2546d7000000b006339940463csi2301081yba.678.2022.04.01.08.06.56 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 01 Apr 2022 08:06:56 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=yQWm6aml; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:53544 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1naIrX-0005XZ-Mz for patch@linaro.org; Fri, 01 Apr 2022 11:06:55 -0400 Received: from eggs.gnu.org ([209.51.188.92]:45022) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1naIm0-0003oY-0A for qemu-devel@nongnu.org; Fri, 01 Apr 2022 11:01:12 -0400 Received: from [2a00:1450:4864:20::436] (port=46005 helo=mail-wr1-x436.google.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1naIly-0005kV-5l for qemu-devel@nongnu.org; Fri, 01 Apr 2022 11:01:11 -0400 Received: by mail-wr1-x436.google.com with SMTP id w4so4608728wrg.12 for ; Fri, 01 Apr 2022 08:01:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=b/IMCq50GJawrmIsXbxL/Y8Mb/df1w5GpM6DR/upW00=; b=yQWm6amlY+WqqiA+kXEMXM9YBtHKUQQwvXflGDfdUGwFRICN5ASTyqFu7shRwPcZAf uKjINSakDVKoJ3I7aBLn7k0p/PA4A7RNAXc4/DlBEyyIotoJK9EmMBpKjm689jhbJqVT B7eqH3VonQHU4zAC7oq3vRt3JnQWGrns+LpK0pSQqE53iW9AhG/msOdf/325W5S30GMr eELhdMVCJuNfjDqJin6uzQ6M4mkucroFJ2dmmKXsrn7XLoM8sQp8IC001h+z2SNJrQaF jJjCGvlU6VlpQkE/j9Bs5MuajwDmrCjGBU+7InZ+tjSOLvXXIduqmk+5YWnJ693t9+Mp vVbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=b/IMCq50GJawrmIsXbxL/Y8Mb/df1w5GpM6DR/upW00=; b=kPfPGo9cJ+jg1zil5Fb37xr0NxAzZdlHksORAh49rK7R/Ym2kcTs1dVI1tVWRkzgtA GH29iBT6x/Pt7fVCvZ3234fMQWORXJJnxG5Ow6UNhzmMTy3fjWuyx1t4x7vI3egMkN7M +NKaxjQldfHkOp1LsRCYTT69xq2EFBYCPplG9RZHn9KVRMSJ3BNSnkU4LRaI0Qu7s40d f5zFi1In98Tp0NsqEFFek0VOmoFUxq3SpMR8MtGOXZfvWhe8dzh3i04Hl27BH6DUeX4U typAzAIGMlwo1LC0NXyURnkCG+Ha/YlBfbmNIRlSFc1b3or5f9xj0K2QRlF+X+GoqYP/ vEUg== X-Gm-Message-State: AOAM530bpx2kQgArgThhoXyoYlMiPL7Tgjcjmecp17NY+bkSxVgO8iGj 2Yc+YQVWnHu7y8WK9s2I40Lxv6BO+28Y5g== X-Received: by 2002:adf:e604:0:b0:203:d866:f741 with SMTP id p4-20020adfe604000000b00203d866f741mr7962031wrm.391.1648825267143; Fri, 01 Apr 2022 08:01:07 -0700 (PDT) Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]) by smtp.gmail.com with ESMTPSA id 6-20020a05600c020600b0038cbb21fb00sm2084023wmi.39.2022.04.01.08.01.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Apr 2022 08:01:06 -0700 (PDT) From: Peter Maydell To: qemu-devel@nongnu.org Subject: [PULL 6/6] target/arm: Don't use DISAS_NORETURN in STXP !HAVE_CMPXCHG128 codegen Date: Fri, 1 Apr 2022 16:00:55 +0100 Message-Id: <20220401150055.421608-7-peter.maydell@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220401150055.421608-1-peter.maydell@linaro.org> References: <20220401150055.421608-1-peter.maydell@linaro.org> MIME-Version: 1.0 X-Host-Lookup-Failed: Reverse DNS lookup failed for 2a00:1450:4864:20::436 (failed) Received-SPF: pass client-ip=2a00:1450:4864:20::436; envelope-from=peter.maydell@linaro.org; helo=mail-wr1-x436.google.com X-Spam_score_int: -6 X-Spam_score: -0.7 X-Spam_bar: / X-Spam_report: (-0.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, PDS_HP_HELO_NORDNS=0.659, RCVD_IN_DNSWL_NONE=-0.0001, RDNS_NONE=0.793, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" In gen_store_exclusive(), if the host does not have a cmpxchg128 primitive then we generate bad code for STXP for storing two 64-bit values. We generate a call to the exit_atomic helper, which never returns, and set is_jmp to DISAS_NORETURN. However, this is forgetting that we have already emitted a brcond that jumps over this call for the case where we don't hold the exclusive. The effect is that we don't generate any code to end the TB for the exclusive-not-held execution path, which falls into the "exit with TB_EXIT_REQUESTED" code that gen_tb_end() emits. This then causes an assert at runtime when cpu_loop_exec_tb() sees an EXIT_REQUESTED TB return that wasn't for an interrupt or icount. In particular, you can hit this case when using the clang sanitizers and trying to run the xlnx-versal-virt acceptance test in 'make check-acceptance'. This bug was masked until commit 848126d11e93ff ("meson: move int128 checks from configure") because we used to set CONFIG_CMPXCHG128=1 and avoid the buggy codepath, but after that we do not. Fix the bug by not setting is_jmp. The code after the exit_atomic call up to the fail_label is dead, but TCG is smart enough to eliminate it. We do need to set 'tmp' to some valid value, though (in the same way the exit_atomic-using code in tcg/tcg-op.c does). Resolves: https://gitlab.com/qemu-project/qemu/-/issues/953 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20220331150858.96348-1-peter.maydell@linaro.org --- target/arm/translate-a64.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c index d1a59fad9c2..9333d7be41a 100644 --- a/target/arm/translate-a64.c +++ b/target/arm/translate-a64.c @@ -2470,7 +2470,12 @@ static void gen_store_exclusive(DisasContext *s, int rd, int rt, int rt2, } else if (tb_cflags(s->base.tb) & CF_PARALLEL) { if (!HAVE_CMPXCHG128) { gen_helper_exit_atomic(cpu_env); - s->base.is_jmp = DISAS_NORETURN; + /* + * Produce a result so we have a well-formed opcode + * stream when the following (dead) code uses 'tmp'. + * TCG will remove the dead ops for us. + */ + tcg_gen_movi_i64(tmp, 0); } else if (s->be_data == MO_LE) { gen_helper_paired_cmpxchg64_le_parallel(tmp, cpu_env, cpu_exclusive_addr,