From patchwork Fri Aug 24 14:14:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 145072 Delivered-To: patch@linaro.org Received: by 2002:a2e:1648:0:0:0:0:0 with SMTP id 8-v6csp1319964ljw; Fri, 24 Aug 2018 07:16:30 -0700 (PDT) X-Google-Smtp-Source: ANB0VdbH8Hn6wACaZdJ61qgcrV8ggAAeuqaJA+oHd9/YqmXYhDHpk5KNtKZFMz93ugpb3q3twlNi X-Received: by 2002:ac8:3c3:: with SMTP id z3-v6mr1937632qtg.39.1535120190268; Fri, 24 Aug 2018 07:16:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535120190; cv=none; d=google.com; s=arc-20160816; b=fERI2InTBbOtX4I22vaNfn/ukDvHz3PTzgKYnBKavKRm58AO1lCdNYLJEOzNh8MNVB Wr+NM8aInjQY3dKFshg5MB9Rv7dB3y70sFHFIwsIJfOvs/5hgaKdGiuLnWXOMmk0BeQj 9Z8ChTuy+H06Xu+9r3kg/3uXo5WoKBPWdTXmtJqQWdmH6DPS080Use2rEmaJKJWyxwVi o98XcYInQn5n7DtSuny9jmKS/59DC/UiDl32yvbJ6ApIM7ARngR2Siiat6wZ/rCIQPgh /NRVaajcx8CzagDg2yYn3u3EGb2tZrSzMxyOPiD6MOVY6g/LLVdHoT84nBVKfJ8TDNEF 9PMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:message-id:date:to:from :dkim-signature:arc-authentication-results; bh=L7daPktJf66RIlptMUtJCq/HpZB2ABcq2rEcvJuDG8c=; b=c1QUqhtaeDd9rRaX/RUMXMMboS+QvVNQpEPKmwrZsPh38H+H+QE65RKllG9ZbdlsfH f8OF4Jy2T2U1jxROtvFqLwOdSGUlYunTRVY4HWRvERqj8yEOkzXQ7lGNn/jeRlRvYoSC p+ZOBf5jhgyAHUXP7ovc4Qea3TNMOmhUiI9dnocyNhGT2m5M52JlW/3bD1azxGMUPwco M50WPsv7imR5sdQPlVYH664TG/ISZsDLix8tEXjmsIPkCr2Qk18Vz0IxQom6G/5/PRL+ /76e5F3dnkKel9RYwplR5gI/bnWWcI5x1QA9JmnYViv0raA/jFeamcUVonuaUWQK1hn6 ojVw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=ItH69KHz; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id x61-v6si5269073qvx.96.2018.08.24.07.16.30 for (version=TLS1 cipher=AES128-SHA bits=128/128); Fri, 24 Aug 2018 07:16:30 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=ItH69KHz; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:42006 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ftCt3-0003r3-Nk for patch@linaro.org; Fri, 24 Aug 2018 10:16:29 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:50009) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ftCrF-0002eD-8D for qemu-devel@nongnu.org; Fri, 24 Aug 2018 10:14:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ftCrA-0001mb-Ae for qemu-devel@nongnu.org; Fri, 24 Aug 2018 10:14:37 -0400 Received: from mail-pl1-x643.google.com ([2607:f8b0:4864:20::643]:37024) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1ftCr9-0001lH-UC for qemu-devel@nongnu.org; Fri, 24 Aug 2018 10:14:32 -0400 Received: by mail-pl1-x643.google.com with SMTP id c6-v6so1156761pls.4 for ; Fri, 24 Aug 2018 07:14:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=L7daPktJf66RIlptMUtJCq/HpZB2ABcq2rEcvJuDG8c=; b=ItH69KHzdGR/MRQhElncDMstrmux4YWaMUdC6Eml3MeSTsOZgGVi1JhFj5BfR0S615 8o6R/9DG1tR4Lxsi2P3DolFUbzeUJP2PFgK4UQty96vaK3IzMApdOa8WlO/jypiIWzg9 N0Y4YvC7fBQ0dbqjCpoN9Pr7MsWd2Naow3Fm0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=L7daPktJf66RIlptMUtJCq/HpZB2ABcq2rEcvJuDG8c=; b=LASuaSdG1B81EhBjrI7PcB6BqZ0sexbAbq2ofJ0VuLm8lqKHyzysx2N1YRCO0IkneO tW09SCQZ9iVkUNG7fi9TtyfmxcqmFE2mS6HDal3g+rt/5v8NIvcv1MDskdqsmgzrsYd7 eKBSI5ASKDfldHi6TF82AGZmC8DAbEHh26ZDDpq6O2u9doKY1tTClQMU16k5ysvj8Iyh OMYdAxTQhw/FcdnRZ0vV6EKfHVAv1JJg351yVBUgOVfLfr2ngJhPkydjM8Hgxx7lEdad AexUO9jQbakwd+sd2fVK8JMLBROTqrcDZbdWYvoF3GgAcbB0KhijND1r8cOSg0ll+k/X ge4g== X-Gm-Message-State: APzg51CovHZ+51uAJW2MldA9VSTr2D93nDkWL7KpWvqYKkkwJU6ZZIYM QYc+1kNOTX6tYIKwbM9QcNnxo3+516Q= X-Received: by 2002:a17:902:b40c:: with SMTP id x12-v6mr1908099plr.163.1535120070668; Fri, 24 Aug 2018 07:14:30 -0700 (PDT) Received: from cloudburst.twiddle.net (50-200-230-211-static.hfc.comcastbusiness.net. [50.200.230.211]) by smtp.gmail.com with ESMTPSA id p3-v6sm9913916pfo.130.2018.08.24.07.14.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 24 Aug 2018 07:14:29 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Date: Fri, 24 Aug 2018 07:14:28 -0700 Message-Id: <20180824141428.27268-1-richard.henderson@linaro.org> X-Mailer: git-send-email 2.17.1 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::643 Subject: [Qemu-devel] [PATCH] target/arm: Fix cpu_get_tb_cpu_flags vs !sve X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Not only are the sve-related tb_flags fields unused when SVE is disabled, but not all of the cpu registers are initialized properly for computing same. This can corrupt other fields by oring in -1. Signed-off-by: Richard Henderson --- target/arm/helper.c | 45 ++++++++++++++++++++++++--------------------- 1 file changed, 24 insertions(+), 21 deletions(-) -- 2.17.1 Reviewed-by: Peter Maydell diff --git a/target/arm/helper.c b/target/arm/helper.c index 088f452716..64b1564594 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -12587,36 +12587,39 @@ void cpu_get_tb_cpu_state(CPUARMState *env, target_ulong *pc, uint32_t flags; if (is_a64(env)) { - int sve_el = sve_exception_el(env); - uint32_t zcr_len; - *pc = env->pc; flags = ARM_TBFLAG_AARCH64_STATE_MASK; /* Get control bits for tagged addresses */ flags |= (arm_regime_tbi0(env, mmu_idx) << ARM_TBFLAG_TBI0_SHIFT); flags |= (arm_regime_tbi1(env, mmu_idx) << ARM_TBFLAG_TBI1_SHIFT); - flags |= sve_el << ARM_TBFLAG_SVEEXC_EL_SHIFT; - /* If SVE is disabled, but FP is enabled, - then the effective len is 0. */ - if (sve_el != 0 && fp_el == 0) { - zcr_len = 0; - } else { - int current_el = arm_current_el(env); - ARMCPU *cpu = arm_env_get_cpu(env); + if (arm_feature(env, ARM_FEATURE_SVE)) { + int sve_el = sve_exception_el(env); + uint32_t zcr_len; - zcr_len = cpu->sve_max_vq - 1; - if (current_el <= 1) { - zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[1]); - } - if (current_el < 2 && arm_feature(env, ARM_FEATURE_EL2)) { - zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[2]); - } - if (current_el < 3 && arm_feature(env, ARM_FEATURE_EL3)) { - zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[3]); + /* If SVE is disabled, but FP is enabled, + * then the effective len is 0. + */ + if (sve_el != 0 && fp_el == 0) { + zcr_len = 0; + } else { + int current_el = arm_current_el(env); + ARMCPU *cpu = arm_env_get_cpu(env); + + zcr_len = cpu->sve_max_vq - 1; + if (current_el <= 1) { + zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[1]); + } + if (current_el < 2 && arm_feature(env, ARM_FEATURE_EL2)) { + zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[2]); + } + if (current_el < 3 && arm_feature(env, ARM_FEATURE_EL3)) { + zcr_len = MIN(zcr_len, 0xf & (uint32_t)env->vfp.zcr_el[3]); + } } + flags |= sve_el << ARM_TBFLAG_SVEEXC_EL_SHIFT; + flags |= zcr_len << ARM_TBFLAG_ZCR_LEN_SHIFT; } - flags |= zcr_len << ARM_TBFLAG_ZCR_LEN_SHIFT; } else { *pc = env->regs[15]; flags = (env->thumb << ARM_TBFLAG_THUMB_SHIFT)