From patchwork Wed May 14 12:56:09 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889864 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2608021wrr; Wed, 14 May 2025 06:02:53 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWgdQdjE2gbn2vsGNF/Zr1wOU+dZ1wtOHoF378gxamv9hDv5hjBTMI+btu+UTw20q/HV55vhA==@linaro.org X-Google-Smtp-Source: AGHT+IF2BY0/52f71zIGwRJgRnCOwTofyPl5RY1wnvZvRrSKdlvoR8HBO+4iBSn1UBMMdk6guipY X-Received: by 2002:a05:620a:2489:b0:7c5:4278:d15f with SMTP id af79cd13be357-7cd287f4cd4mr426231785a.17.1747227772703; Wed, 14 May 2025 06:02:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747227772; cv=none; d=google.com; s=arc-20240605; b=G6Nfxr0JgLoOxQCoPi2DQUy5+ln0plHzJX7WdCNx2E595qPz7yHRZLTP0Y9DMWSiiT QC+ni+Tr8eQUxCbE623D2ZS2l2voz48Owk91a5NKDtpEZH3XXq9Eva9L31wWJ+wFuSn8 ajTGmFERIxNZ8u1q+Lm05nJDVPW/+ZTwA6ZuR5SerMqaR8+Sc8/ypDh34M/kuGDo3G89 zPdzg/M7+zc4LtRz7Ub6EiSvmafDI3AoAerkvGEcKh4CkxcMxSh2gzMUEOylmMLIgUUN H3rndCqudvOLfjAf5BZ12OJD0kqrceSjsyWkG8WtiA16bSpKxLWGVyQoTBvRb9KT47ur jz3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=gWxmW+lvbDyVyOgNqarOPpZ3HgOiSTM4b/KAACzpyIY=; fh=waOOaCAHGkGAvDtriDX2L95bU3DxXm/8McTidG/7GXg=; b=juN3+Y7vBP9CBntRHMgsQpWCfPgHoRYaWPg9Ak0bdfDshngaEbD1/jUv6VW9WeP5dD JsPH1ckaPgXoKOR4oGadlbI5rsTEfxH30tqi+L/ail6RpWguZgAzEzP9L/1tV+jmg2+o hYvEYycadU2jaX0xBgI4v50PwNbtbiR5ZRM6rxPtHYVSX7TSTTLWadl25wTgjci47Xbl 8zMFaj7FvzCUxXZ8PmtU3x4N+8z2HbE5J0M+1WbkPx8O1qqCsnSLWsIcE2MjKLdJ5eyf 9gGO+j4efAkcCpM+z1HtyNj4iZy8U/B4OeisQVA7JQnF6CrFFzVtCYu0LG0HqFS8qF2i IR/A==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id af79cd13be357-7cd00fe46c0si1374730885a.437.2025.05.14.06.02.52 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:02:52 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBfi-0000TH-O0; Wed, 14 May 2025 08:57:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfQ-0008S0-Ku; Wed, 14 May 2025 08:57:08 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfN-0007hk-EE; Wed, 14 May 2025 08:57:00 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id BE745121AC3; Wed, 14 May 2025 15:56:30 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 5E22520B83B; Wed, 14 May 2025 15:56:40 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Joey , Gustavo Romero , Michael Tokarev Subject: [Stable-7.2.18 03/18] hw/pci-host/designware: Fix ATU_UPPER_TARGET register access Date: Wed, 14 May 2025 15:56:09 +0300 Message-Id: <20250514125640.91677-3-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Philippe Mathieu-Daudé Fix copy/paste error writing to the ATU_UPPER_TARGET register, we want to update the upper 32 bits. Cc: qemu-stable@nongnu.org Reported-by: Joey Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2861 Fixes: d64e5eabc4c ("pci: Add support for Designware IP block") Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Gustavo Romero Message-Id: <20250331152041.74533-2-philmd@linaro.org> (cherry picked from commit 04e99f9eb7920b0f0fcce65686c3bedf5e32a1f9) Signed-off-by: Michael Tokarev diff --git a/hw/pci-host/designware.c b/hw/pci-host/designware.c index c235b9daa3..2156c7f9de 100644 --- a/hw/pci-host/designware.c +++ b/hw/pci-host/designware.c @@ -362,7 +362,7 @@ static void designware_pcie_root_config_write(PCIDevice *d, uint32_t address, case DESIGNWARE_PCIE_ATU_UPPER_TARGET: viewport->target &= 0x00000000FFFFFFFFULL; - viewport->target |= val; + viewport->target |= (uint64_t)val << 32; break; case DESIGNWARE_PCIE_ATU_LIMIT: From patchwork Wed May 14 12:56:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889872 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2614351wrr; Wed, 14 May 2025 06:12:34 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXUHMH65KiwOk+b55LvYuYL+kRjDNipsXse4hcOnXBI74CJMueayqC8xysJ9B5ktvpVYmkPBw==@linaro.org X-Google-Smtp-Source: AGHT+IGAuB7Z9VrcdmHRkIB1f+UHk2ZkXlo0rfPvGLOKQcD+nWq45NPs7mknFGcm+yDVC3Kt89Pn X-Received: by 2002:a05:622a:4819:b0:494:48b1:a047 with SMTP id d75a77b69052e-49495ccda24mr50611281cf.40.1747228354379; Wed, 14 May 2025 06:12:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747228354; cv=none; d=google.com; s=arc-20240605; b=fL8Dv51UF89rXEgPHzGRXZ+ujqbOySsCSrRrXWgLuIWwpxActFrQ1chfJ2ZcqnxzPp dD3FTPS2yf9nyBU5cGipbURmVQTFSCyH5FfwFMLWRbwtuZ696RrTOJp4uaAw4oQSjUDH vpW45Oowx6VHqq7heWOSWy/1dSoSPMyohDG75RzmfBLdhDHBRxy0KUHOq10JeIrznGNn v+LJk+Qa/QCtr0EIdhKoXUb+evcczdTN7WW7pW03YQPcvYaHo5rJZhYEoqWG5Mki32J0 k3u2tVUtvSgfcdyJDbRU+mwoMCqe/eF2KpVZ8hjnwGAnq3MtP6cyIsVLcO8+wnR5CUIg hrgg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=mvrVQf+lQpw1wUiePLwBgjQ2iZQIjfECqzfRMtWOsVA=; fh=AgmXo2+zLpyt0lWz/ekZ8kEoo1qvR6yygj195zlOVQE=; b=KbdoqI9FCZgE1P0ZnQrhLBbKqLQcAYlTpg0rgkRPvq52Yj/5TP4SwnLQsGR66tx/s2 wHWwORV5kLYuv6wn57uY/4e542ZHa38PQNq0Y7TIGi6sy9tyaj/9Q25lWmN4vzLcRImq xjDhW+KKmw6Y9iPyU+OK7AYDkNiYvr79qFLWHXGEFQcUH95/bUzDO+l0MFHChu0m83z0 l1LNcYoZGsytRYkObjK+LX+Bju3qErs7nWBov02EzGySv4LzzEDlzHhif6R4iV/gmChL joQD4+n9xlD0J0gjyNUIHsLbsNMDhzRoQjQYZ2QFeRCzCuhMplK9fYWUA6aFE354Qaxz HRNQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d75a77b69052e-49460098126si112591401cf.82.2025.05.14.06.12.34 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:12:34 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBfm-0000hg-14; Wed, 14 May 2025 08:57:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfX-00007Q-EU; Wed, 14 May 2025 08:57:09 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfS-0007iK-Ph; Wed, 14 May 2025 08:57:04 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id C944D121AC4; Wed, 14 May 2025 15:56:30 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 73C2220B83C; Wed, 14 May 2025 15:56:40 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Pierrick Bouvier , =?utf-8?q?Philippe_Mathieu-?= =?utf-8?q?Daud=C3=A9?= , Michael Tokarev Subject: [Stable-7.2.18 04/18] target/avr: Fix buffer read in avr_print_insn Date: Wed, 14 May 2025 15:56:10 +0300 Message-Id: <20250514125640.91677-4-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson Do not unconditionally attempt to read 4 bytes, as there may only be 2 bytes remaining in the translator cache. Cc: qemu-stable@nongnu.org Reviewed-by: Pierrick Bouvier Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20250325224403.4011975-2-richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit 070a500cc0da70c1b4c62a6c95e41f0a1b19dc0b) Signed-off-by: Michael Tokarev diff --git a/target/avr/disas.c b/target/avr/disas.c index b7689e8d7c..d341030174 100644 --- a/target/avr/disas.c +++ b/target/avr/disas.c @@ -68,28 +68,35 @@ static bool decode_insn(DisasContext *ctx, uint16_t insn); int avr_print_insn(bfd_vma addr, disassemble_info *info) { - DisasContext ctx; + DisasContext ctx = { info }; DisasContext *pctx = &ctx; bfd_byte buffer[4]; uint16_t insn; int status; - ctx.info = info; - - status = info->read_memory_func(addr, buffer, 4, info); + status = info->read_memory_func(addr, buffer, 2, info); if (status != 0) { info->memory_error_func(status, addr, info); return -1; } insn = bfd_getl16(buffer); - ctx.next_word = bfd_getl16(buffer + 2); - ctx.next_word_used = false; + + status = info->read_memory_func(addr + 2, buffer + 2, 2, info); + if (status == 0) { + ctx.next_word = bfd_getl16(buffer + 2); + } if (!decode_insn(&ctx, insn)) { output(".db", "0x%02x, 0x%02x", buffer[0], buffer[1]); } - return ctx.next_word_used ? 4 : 2; + if (!ctx.next_word_used) { + return 2; + } else if (status == 0) { + return 4; + } + info->memory_error_func(status, addr + 2, info); + return -1; } From patchwork Wed May 14 12:56:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889874 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2614818wrr; Wed, 14 May 2025 06:13:23 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWcIALqtLqshRlpsDZx2ypkkcfGKef8xpGdafkgAnqJij/OF3HfelaOeDOAZMETLyl4pwsWnA==@linaro.org X-Google-Smtp-Source: AGHT+IEqoYPEfZ4XQcZgFTtKsX7W2jJl1Zf2aMOuSjeY6uUppt1nNtKXZCi+Ob4vlPBCAIRtgj/S X-Received: by 2002:a05:622a:608c:b0:476:b078:c41c with SMTP id d75a77b69052e-49495cdb5ebmr40418691cf.35.1747228402833; Wed, 14 May 2025 06:13:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747228402; cv=none; d=google.com; s=arc-20240605; b=P8SlQwNr1rxCcQch+cYoKzVLB811V0PIxZpUoarcpoj8Mfq2gbcCaNQrPwA8lI2M/5 cFZyaNGPeC+EZ9EkqRTvzYUJyp4AFKM4OmlV1s1y3rzCBzYDY8uZT+3HgEvi/+AFdHqa FV7K7bwWTevcdpGUsdSgz02EMDhLNvUj+BW1hPFr6uMlwSoNu+Q2KE1iGlWyMZp3Y+uQ LPYeS7qIlDXs4c4MfdgXSq++fB6gxgXwrQuBuBlZo290NkUm6jfzGCen1Oksqy/IFFzu l+XIjgTnxTmiWT7p6BzpUUgva1DNiOBD9uAOAedU/A3kYGSg3H2HCHm0RPzvHIiiMVSN OUfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=puYLBvnDRXi4M5WmBhViuiVrKwhdBXgurU4n00dxYNA=; fh=K4abbxCgZAPvqzOXA+PZ7RIZh+KufMVJze7rXLOwES0=; b=S4tUDZ1nYduAO7Hhf8ND8Y+Je2Yxn0RF0PCPKY/HHhpIfNasgah8DTbCFvU20HOf86 bO+B7MaOSylw3y1L4OD62tT2KzmwQRgWMW7B+tBl40AJOmb+Tq/fnznMI54FZVh11oVA Dz75Nn2L2iaaqltTCcEKzl8o3YwDZpfCGsKttarQREESepeOjEGSz/3eia1GtaQ6mj98 xlsvk6Gvjo8/KYk3owFY9fvkwUc9DoUSXkkEsZLPT0oNvQqM9LVpMtf5X/WR+fuSDZIx 7KPdfFB83r5EdgtKn9exedNjueC2F31QVRq2QUVQve9xp/W4I8f/aAHzCbcF04DzI+dO hJPg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id d75a77b69052e-49452479becsi134977051cf.157.2025.05.14.06.13.22 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:13:22 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBfc-0000Cr-GG; Wed, 14 May 2025 08:57:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfV-00006r-HZ; Wed, 14 May 2025 08:57:09 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfS-0007iL-AE; Wed, 14 May 2025 08:57:04 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id D2939121AC5; Wed, 14 May 2025 15:56:30 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 7E76E20B83D; Wed, 14 May 2025 15:56:40 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-7.2.18 05/18] target/mips: Revert TARGET_PAGE_BITS_VARY Date: Wed, 14 May 2025 15:56:11 +0300 Message-Id: <20250514125640.91677-5-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson Revert ee3863b9d41 and a08d60bc6c2b. The logic behind changing the system page size because of what the Loongson kernel "prefers" is flawed. In the Loongson-2E manual, section 5.5, it is clear that the cpu supports a 4k page size (along with many others). Similarly for the Loongson-3 series CPUs, the 4k page size is mentioned in the section 7.7 (PageMask Register). Therefore we must continue to support a 4k page size. Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20250328175526.368121-2-richard.henderson@linaro.org> [PMD: Mention Loongson-3 series CPUs] Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit fca2817fdcb00e65020c2dcfcb0b23b2a20ea3c4) (Mjt: context fixes for 7.2.x) Signed-off-by: Michael Tokarev diff --git a/hw/mips/fuloong2e.c b/hw/mips/fuloong2e.c index 34befa5dd5..dbd26df00b 100644 --- a/hw/mips/fuloong2e.c +++ b/hw/mips/fuloong2e.c @@ -336,7 +336,6 @@ static void mips_fuloong2e_machine_init(MachineClass *mc) mc->default_cpu_type = MIPS_CPU_TYPE_NAME("Loongson-2E"); mc->default_ram_size = 256 * MiB; mc->default_ram_id = "fuloong2e.ram"; - mc->minimum_page_bits = 14; } DEFINE_MACHINE("fuloong2e", mips_fuloong2e_machine_init) diff --git a/hw/mips/loongson3_virt.c b/hw/mips/loongson3_virt.c index b4f6bff1b8..dc94e21438 100644 --- a/hw/mips/loongson3_virt.c +++ b/hw/mips/loongson3_virt.c @@ -616,7 +616,6 @@ static void loongson3v_machine_class_init(ObjectClass *oc, void *data) mc->max_cpus = LOONGSON_MAX_VCPUS; mc->default_ram_id = "loongson3.highram"; mc->default_ram_size = 1600 * MiB; - mc->minimum_page_bits = 14; } static const TypeInfo loongson3_machine_types[] = { diff --git a/target/mips/cpu-param.h b/target/mips/cpu-param.h index f4c76994ea..4d9f4297f1 100644 --- a/target/mips/cpu-param.h +++ b/target/mips/cpu-param.h @@ -23,12 +23,7 @@ # define TARGET_VIRT_ADDR_SPACE_BITS 32 #endif #endif -#ifdef CONFIG_USER_ONLY #define TARGET_PAGE_BITS 12 -#else -#define TARGET_PAGE_BITS_VARY -#define TARGET_PAGE_BITS_MIN 12 -#endif #define NB_MMU_MODES 4 #endif diff --git a/target/mips/tcg/sysemu/cp0_helper.c b/target/mips/tcg/sysemu/cp0_helper.c index 5da1124589..f0459a85e6 100644 --- a/target/mips/tcg/sysemu/cp0_helper.c +++ b/target/mips/tcg/sysemu/cp0_helper.c @@ -900,18 +900,13 @@ void update_pagemask(CPUMIPSState *env, target_ulong arg1, int32_t *pagemask) if ((mask >> maskbits) != 0) { goto invalid; } - /* We don't support VTLB entry smaller than target page */ - if ((maskbits + TARGET_PAGE_BITS_MIN) < TARGET_PAGE_BITS) { - goto invalid; - } env->CP0_PageMask = mask << CP0PM_MASK; return; invalid: /* When invalid, set to default target page size. */ - mask = (~TARGET_PAGE_MASK >> TARGET_PAGE_BITS_MIN); - env->CP0_PageMask = mask << CP0PM_MASK; + env->CP0_PageMask = 0; } void helper_mtc0_pagemask(CPUMIPSState *env, target_ulong arg1) diff --git a/target/mips/tcg/sysemu/tlb_helper.c b/target/mips/tcg/sysemu/tlb_helper.c index 9d16859c0a..f0a513365b 100644 --- a/target/mips/tcg/sysemu/tlb_helper.c +++ b/target/mips/tcg/sysemu/tlb_helper.c @@ -877,7 +877,7 @@ refill: break; } } - pw_pagemask = m >> TARGET_PAGE_BITS_MIN; + pw_pagemask = m >> TARGET_PAGE_BITS; update_pagemask(env, pw_pagemask << CP0PM_MASK, &pw_pagemask); pw_entryhi = (address & ~0x1fff) | (env->CP0_EntryHi & 0xFF); { From patchwork Wed May 14 12:56:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889865 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2608381wrr; Wed, 14 May 2025 06:03:21 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWySY4RbU0+sjP004AI9+ynuk+sgX4IAAowsVIVFxkaoiO0WAtoez6a1FHt7hQDJxVDHE+U+A==@linaro.org X-Google-Smtp-Source: AGHT+IF2OfU1xbQOIMHQ7UxP3RE9HA+M/rMY4crIhyhp8Y3/sUgJj8xYw9oLzFbPxzQ+PlcuIE4b X-Received: by 2002:a05:620a:4693:b0:7c5:5d13:f188 with SMTP id af79cd13be357-7cd28800317mr389132285a.26.1747227801392; Wed, 14 May 2025 06:03:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747227801; cv=none; d=google.com; s=arc-20240605; b=ZQkqZRhVMQehtZEc1LVR48Dz+gHnX8cbU4NIRUrRnjoRtTh0TSYATD7xVjtmWNZV/0 k82Djd96eOv3p65RZnIeIaIPyHn0gkimrghAAmzzpYXG6HxQloa2W0qRPI3d2wYyQo02 K7Ko174y7clEAHmI1WUAQOJ6+N5S6MX5Df4To38975COXq3T8SsrnmBCpRHnd84zu6md libZwQ7y0FoywKAL/jPPBNkf7RKnx6fkPJpkzblY+PCkiOSVxOFT7XrRt+4M8Y188XAj r/mXn2qBtSPovdcme5Afyu7JmuHwh0hOZUmZRsu8ViMZ7SHiOBht5EIXdEP7DobtFMP1 zzYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=Dia+voaXxrkVp8yTGJA9KI6X4jz7DWtZgcEuuBIsTDA=; fh=K4abbxCgZAPvqzOXA+PZ7RIZh+KufMVJze7rXLOwES0=; b=Sc3UXoogK0drXOcyyqxuqsSXNX0SnXiAqDs684tPV13ps384rYSv+B0DxXYYHGOC6a HKDdRg42ALPfhEgWxqM62b4nxZ7YGDBcesYvqvqea/3rxnb+2W3ZZz/9if1kD+/BVYL2 sjKBa0+vCTTlFw9u53EjRrVphpeQFH9+/IGxV5nzQB92S/2ZJi0jyWhUFezGxdtk1ed5 wWZOTiLbe4TY058nEl1ZQsjISlRg5eJG49xsrBcWVkT/1dABUlNGC4sszjJIffSZ6NqS pBVDfCtwUQFcPPgDYHOHLDRAab6daCnbXQ148mLzKFWp162GLnpnWEDJuXQBsZgofEe/ CPHA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id af79cd13be357-7cd00fd4c59si1423594385a.223.2025.05.14.06.03.21 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:03:21 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBfm-0000iy-Ai; Wed, 14 May 2025 08:57:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfc-0000Fu-GS; Wed, 14 May 2025 08:57:13 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfY-0007im-RK; Wed, 14 May 2025 08:57:11 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id DC1B8121AC6; Wed, 14 May 2025 15:56:30 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 87FDB20B83E; Wed, 14 May 2025 15:56:40 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-7.2.18 06/18] target/mips: Require even maskbits in update_pagemask Date: Wed, 14 May 2025 15:56:12 +0300 Message-Id: <20250514125640.91677-6-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson The number of bits set in PageMask must be even. Fixes: d40b55bc1b86 ("target/mips: Fix PageMask with variable page size") Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20250328175526.368121-3-richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé Cc: qemu-stable@nongnu.org (cherry picked from commit d89b9899babcc01d7ee75f2917da861dc2afbc27) Signed-off-by: Michael Tokarev diff --git a/target/mips/tcg/sysemu/cp0_helper.c b/target/mips/tcg/sysemu/cp0_helper.c index f0459a85e6..a4a6282827 100644 --- a/target/mips/tcg/sysemu/cp0_helper.c +++ b/target/mips/tcg/sysemu/cp0_helper.c @@ -889,24 +889,17 @@ void helper_mtc0_memorymapid(CPUMIPSState *env, target_ulong arg1) void update_pagemask(CPUMIPSState *env, target_ulong arg1, int32_t *pagemask) { - uint32_t mask; - int maskbits; - /* Don't care MASKX as we don't support 1KB page */ - mask = extract32((uint32_t)arg1, CP0PM_MASK, 16); - maskbits = cto32(mask); + uint32_t mask = extract32((uint32_t)arg1, CP0PM_MASK, 16); + int maskbits = cto32(mask); - /* Ensure no more set bit after first zero */ - if ((mask >> maskbits) != 0) { - goto invalid; + /* Ensure no more set bit after first zero, and maskbits even. */ + if ((mask >> maskbits) == 0 && maskbits % 2 == 0) { + env->CP0_PageMask = mask << CP0PM_MASK; + } else { + /* When invalid, set to default target page size. */ + env->CP0_PageMask = 0; } - env->CP0_PageMask = mask << CP0PM_MASK; - - return; - -invalid: - /* When invalid, set to default target page size. */ - env->CP0_PageMask = 0; } void helper_mtc0_pagemask(CPUMIPSState *env, target_ulong arg1) From patchwork Wed May 14 12:56:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889861 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2606100wrr; Wed, 14 May 2025 06:00:03 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXsYaxrJ5ykb94/HSfVMRk2PHJ8BnK7Sceqzsigy75NQRuIbXPh5FvX1WXtwQuyCQaHcAd+LA==@linaro.org X-Google-Smtp-Source: AGHT+IEpDbKWtM65/h1Sk8MLexpBEWvKljYJuzBMkK5ePV5V0joe0laPYvS8LRXydJOrQwZ5svnc X-Received: by 2002:a05:620a:2622:b0:7c7:c772:7442 with SMTP id af79cd13be357-7cd287e3b00mr467082285a.20.1747227602437; Wed, 14 May 2025 06:00:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747227602; cv=none; d=google.com; s=arc-20240605; b=k0wDYDTWxwtkhb5FQmIVlcqSAZ7lz/fsk76a9RbpIekEN5Ky02Gf4Zt7s1RXtWDaPR G5zKyiXWkSQfRFOnRc2HuwFnHDUVDQJtVdWnL5/qWlPvdLydCIB5Gj5NQkqPWACL9QtB 8HHMVde1RUAUgg/1qWjkSx13d3EIsBpH9KEAr5/s12S7lHxkKKt6LUbwntkgHhs0013y 6h9R5sfE472oO+dhSmntiZRzaApD8x+MqIWWs3ISJaRkgcS6jShufxx94WQ19sPDQm9L gSLih2rroHMRhIO5ZdMUdXdlFicyT3VPX6DqjALR3xlnn3ccimwtENE9cjrgPIsDGtgH 1+Jg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=VjC+QcjffOz2OW91Cn+s46SyPcj+KiL5Bwn0i1H97F4=; fh=K4abbxCgZAPvqzOXA+PZ7RIZh+KufMVJze7rXLOwES0=; b=GYlaG9HZl+HtQhzRBc3najtg9a5c4lDNYYzMfMXRQp5aISf0TjQvkK5iBmqumbyWxg GW6EQ30C6trJwCdAUtxejOG83NptkgQ0TrQC+PcBYo2Ni7ojTVRiFsU5ICF4vXAZXa8T SRZ8AmhdMUU0hudgaSvyWspeHygdClqht7syxQL7G1UzrPsht5Q6osHcq8bZwlsNQVvA L7wTFD8W/zqJuQy/q0ZzTq7PjhKnNd1m6+LQ/wWFchU4f1+gtSVsriG/kHK3CtuG2hvz n6xcOpso2rDBYz7qZdNGGbmXFsbOqfcKFOmX5r79MXs3W7X62kIXA4IPwF5x6fGuizCc rx8w==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id af79cd13be357-7cd00f51ae7si1291735985a.31.2025.05.14.06.00.02 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:00:02 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBfl-0000ds-AW; Wed, 14 May 2025 08:57:21 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfb-0000Ey-Uc; Wed, 14 May 2025 08:57:12 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfZ-0007ix-TN; Wed, 14 May 2025 08:57:11 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id E5535121AC7; Wed, 14 May 2025 15:56:30 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 916E120B83F; Wed, 14 May 2025 15:56:40 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-7.2.18 07/18] target/mips: Simplify and fix update_pagemask Date: Wed, 14 May 2025 15:56:13 +0300 Message-Id: <20250514125640.91677-7-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson When update_pagemask was split from helper_mtc0_pagemask, we failed to actually write to the new parameter but continue to write to env->CP0_PageMask. Thus the use within page_table_walk_refill modifies cpu state and not the local variable as expected. Simplify by renaming to compute_pagemask and returning the value directly. No need for either env or pointer return. Fixes: 074cfcb4dae ("target/mips: Implement hardware page table walker for MIPS32") Signed-off-by: Richard Henderson Reviewed-by: Philippe Mathieu-Daudé Message-ID: <20250328175526.368121-4-richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé Cc: qemu-stable@nongnu.org (cherry picked from commit 256ba7715b109c080c0c77a3923df9e69736ba17) Signed-off-by: Michael Tokarev diff --git a/target/mips/tcg/sysemu/cp0_helper.c b/target/mips/tcg/sysemu/cp0_helper.c index a4a6282827..80260ecd8a 100644 --- a/target/mips/tcg/sysemu/cp0_helper.c +++ b/target/mips/tcg/sysemu/cp0_helper.c @@ -887,24 +887,24 @@ void helper_mtc0_memorymapid(CPUMIPSState *env, target_ulong arg1) } } -void update_pagemask(CPUMIPSState *env, target_ulong arg1, int32_t *pagemask) +uint32_t compute_pagemask(uint32_t val) { /* Don't care MASKX as we don't support 1KB page */ - uint32_t mask = extract32((uint32_t)arg1, CP0PM_MASK, 16); + uint32_t mask = extract32(val, CP0PM_MASK, 16); int maskbits = cto32(mask); /* Ensure no more set bit after first zero, and maskbits even. */ if ((mask >> maskbits) == 0 && maskbits % 2 == 0) { - env->CP0_PageMask = mask << CP0PM_MASK; + return mask << CP0PM_MASK; } else { /* When invalid, set to default target page size. */ - env->CP0_PageMask = 0; + return 0; } } void helper_mtc0_pagemask(CPUMIPSState *env, target_ulong arg1) { - update_pagemask(env, arg1, &env->CP0_PageMask); + env->CP0_PageMask = compute_pagemask(arg1); } void helper_mtc0_pagegrain(CPUMIPSState *env, target_ulong arg1) diff --git a/target/mips/tcg/sysemu/tlb_helper.c b/target/mips/tcg/sysemu/tlb_helper.c index f0a513365b..cce3dcdc0e 100644 --- a/target/mips/tcg/sysemu/tlb_helper.c +++ b/target/mips/tcg/sysemu/tlb_helper.c @@ -878,7 +878,7 @@ refill: } } pw_pagemask = m >> TARGET_PAGE_BITS; - update_pagemask(env, pw_pagemask << CP0PM_MASK, &pw_pagemask); + pw_pagemask = compute_pagemask(pw_pagemask << CP0PM_MASK); pw_entryhi = (address & ~0x1fff) | (env->CP0_EntryHi & 0xFF); { target_ulong tmp_entryhi = env->CP0_EntryHi; diff --git a/target/mips/tcg/tcg-internal.h b/target/mips/tcg/tcg-internal.h index aef032c48d..be398665e6 100644 --- a/target/mips/tcg/tcg-internal.h +++ b/target/mips/tcg/tcg-internal.h @@ -45,7 +45,7 @@ bool mips_cpu_exec_interrupt(CPUState *cpu, int int_req); void mmu_init(CPUMIPSState *env, const mips_def_t *def); -void update_pagemask(CPUMIPSState *env, target_ulong arg1, int32_t *pagemask); +uint32_t compute_pagemask(uint32_t val); void r4k_invalidate_tlb(CPUMIPSState *env, int idx, int use_extra); uint32_t cpu_mips_get_random(CPUMIPSState *env); From patchwork Wed May 14 12:56:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889871 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2612849wrr; Wed, 14 May 2025 06:09:50 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXHWpWNa40ncdSbtOGysUipErIFoMnRMxcbS3yc6/x8OS475wsbnge2PZ01NQjJ0vX7+Frpdg==@linaro.org X-Google-Smtp-Source: AGHT+IE6QeR9ojERAtAAo5D6AwJ1ojo+/4CWHOVqFvXo3eJjoLxt/I/U9qQlVJGSAONPHfbO0iIO X-Received: by 2002:a05:6808:384a:b0:403:3549:6a78 with SMTP id 5614622812f47-404c212b932mr2091214b6e.33.1747228179464; Wed, 14 May 2025 06:09:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747228179; cv=none; d=google.com; s=arc-20240605; b=QAJQWzqovFrS2AzqQ4O35nP5A/z5lgh6uCLxsx+XhumjfUIlWNtShDDDHLdXrbD9li 1osfT3F8i4csb84pjW83BpBGjoHvjny3ywDy/zPnW1yseB+4vXgSToPKQaYiR4Wi4XZf C1jwk+Ccz3F52TfWAKst2jOnHoNS9E0gN++M3hYRddqQuHld3mKQ995vG5LylwIQ57Az FEcUJgFS0ZG5UVox37DJZp9kvLOFJ+T+c1RunPiIwKKsC7hAJtB+bmPX8qZQJ+EYQZ1H 36T2OM39lM5BSmSNzEY4j3A6V/efL7fdSX+QVu8ViwC2PZWOPGhOsIDFNx+eX1/6uhpA 2N7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=7hyxyKMXBHJ/72PYSAHnQkclRfUcANkIGZM8qtoqXNE=; fh=+wMSfnX4fxTfXW1DjiavKR9uTGsY3qwogeIuG15zSmg=; b=XkEQ24DnyUA1AayotvhUB/l2xY01frtgsJu9puZz/c+BuODr62F1b6+IbDplJuxq2U 3ak9PoQxyHAyfehjqd2j+TRb6f0HR9jVTof+8mLuPWOP5Po00jeCvkDjrcz4yly+rBMW muHm1fUNr7BLLm/k/dzs8S8b464l8RHIGcKn6tOi2XmnJI91X6g8hcIDLLImT0I06eU+ s8uDtczvqtzqzK4BiDgYqil3IvvTEweOQcmZJOaUltJFl/g8KqcNqKMkQPkKUGbZCsV6 vjCmkN7Xb06bDxTUCZecdVkHOlRqk5lfsahrve2Ahuh43njAwy4co20HDiNZcCHyeGbE 39CQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id a1e0cc1a2514c-879f61980d6si4697794241.21.2025.05.14.06.09.39 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:09:39 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBfu-00011w-6A; Wed, 14 May 2025 08:57:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfl-0000eZ-5M; Wed, 14 May 2025 08:57:21 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBfi-0007kQ-55; Wed, 14 May 2025 08:57:19 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 45550121ACB; Wed, 14 May 2025 15:56:31 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id D956A20B843; Wed, 14 May 2025 15:56:40 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Pierrick Bouvier , =?utf-8?q?Alex_Benn=C3=A9e?= , =?utf-8?q?Philippe_M?= =?utf-8?q?athieu-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-7.2.18 11/18] plugins/loader: fix deadlock when resetting/uninstalling a plugin Date: Wed, 14 May 2025 15:56:17 +0300 Message-Id: <20250514125640.91677-11-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Pierrick Bouvier Reported and fixed by Dmitry Kurakin. Fixes: https://gitlab.com/qemu-project/qemu/-/issues/2901 Signed-off-by: Pierrick Bouvier Message-Id: <20250404032027.430575-2-pierrick.bouvier@linaro.org> Signed-off-by: Alex Bennée Reviewed-by: Philippe Mathieu-Daudé (cherry picked from commit c07cd110a1824e2d046581af7375f16dac26e96f) Signed-off-by: Michael Tokarev diff --git a/plugins/loader.c b/plugins/loader.c index 88c30bde2d..370fe54836 100644 --- a/plugins/loader.c +++ b/plugins/loader.c @@ -374,7 +374,7 @@ static void plugin_reset_destroy(struct qemu_plugin_reset_data *data) { qemu_rec_mutex_lock(&plugin.lock); plugin_reset_destroy__locked(data); - qemu_rec_mutex_lock(&plugin.lock); + qemu_rec_mutex_unlock(&plugin.lock); } static void plugin_flush_destroy(CPUState *cpu, run_on_cpu_data arg) From patchwork Wed May 14 12:56:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889862 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2606330wrr; Wed, 14 May 2025 06:00:26 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCWsb42g6+ArrvaSOVfKY6VzOVZJxoohyAh3CAvehadlPD9NmwFQ0N9zHty001geky5FpgxT2A==@linaro.org X-Google-Smtp-Source: AGHT+IFAhgWGkrFUpRPeNg2LK/KJlm1UvxWFl962Hnngn66Trv0AdaGM6mrz/DOXn50aWWbfRMzY X-Received: by 2002:ad4:5bac:0:b0:6d8:a7e1:e270 with SMTP id 6a1803df08f44-6f896ef4a1emr42243066d6.40.1747227615750; Wed, 14 May 2025 06:00:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747227615; cv=none; d=google.com; s=arc-20240605; b=Ko3jDcwIk8fvVIvpuvsW9KK0yW8F2AtU1NZ9xdl1AycuShcGJj3YXW7UcsJOfsThX+ /7ZaxM8Oi6Fr9ahFTktLYssCcROOc2NULgKmVgNqtlhH252Ew6258+PJN6itptysHxnE ZWrVmFGB3DnzBHmu0ZFodjrZpOAkYdIxFEuqCjOdMuV7PaDKODClkK1vsQuPeZSDMOg2 nUyvd+F4h7Tj7tKTym0nLasBoRenVOOI9r97Oukaoumqh7yuOlK41iZx/dDUJ5D+WiOK s+ovtIFBEsTANvGTv1pDdeAMM7e0Mj+m3Z17lIluIZmdm/CZl5Fn9P4K1N0lpvwwVtc7 nBBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=YR+rGvhCgEhDcTD5YMAOAY0f0vY99F0xCrWq7ccRCk8=; fh=slBUHiphGZf68YtXAZoDwMwGT4RM1dtceEFytJ1qTrs=; b=GF7kNQRIbDskG9Dt2YlJ9rZ5AdqDieY+eScwiFfJQuyZPE70vTYW4JZA8heNphYwoZ 0bC3j8uKuskSwQ2gwJgbsiT5k7Lwh/DBLMaLTxQE1VTRwv/w7xjeQkKpUg2OnDSEMLkZ SMuvvBq3pOTRcc1z4zJFD4QCgG9w9gJyQR7uCJPLW3SJib4+Tl2z/IfICuX4qKNnufba +O9ewatcMJnb9H4/qTOoqVBp9DKFyFhKtIyrjVWJrTbyAv8yXzMoAim2b3oQM5ounNlk KnOrrd3s3P9PdlhC5KeprbRADhrLmVp4HtQ3af8rTv0JUPWHWZOatOp5F5ogINfD8p3s FZEA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 6a1803df08f44-6f6e39f730esi145462256d6.115.2025.05.14.06.00.15 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:00:15 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBgF-0001a3-2C; Wed, 14 May 2025 08:57:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBgB-0001UC-Uf; Wed, 14 May 2025 08:57:47 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBg5-0007l1-Tl; Wed, 14 May 2025 08:57:47 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 631AA121ACD; Wed, 14 May 2025 15:56:31 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 0EF8F20B845; Wed, 14 May 2025 15:56:41 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Pierrick Bouvier , Michael Tokarev Subject: [Stable-7.2.18 13/18] target/avr: Improve decode of LDS, STS Date: Wed, 14 May 2025 15:56:19 +0300 Message-Id: <20250514125640.91677-13-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson The comment about not being able to define a field with zero bits is out of date since 94597b6146f3 ("decodetree: Allow !function with no input bits"). This fixes the missing load of imm in the disassembler. Cc: qemu-stable@nongnu.org Fixes: 9d8caa67a24 ("target/avr: Add support for disassembling via option '-d in_asm'") Reviewed-by: Pierrick Bouvier Signed-off-by: Richard Henderson (cherry picked from commit 6b661b7ed7cd02c54a78426d5eb7dd8543b030ed) Signed-off-by: Michael Tokarev diff --git a/target/avr/insn.decode b/target/avr/insn.decode index 482c23ad0c..cc302249db 100644 --- a/target/avr/insn.decode +++ b/target/avr/insn.decode @@ -118,11 +118,8 @@ BRBC 1111 01 ....... ... @op_bit_imm @io_rd_imm .... . .. ..... .... &rd_imm rd=%rd imm=%io_imm @ldst_d .. . . .. . rd:5 . ... &rd_imm imm=%ldst_d_imm -# The 16-bit immediate is completely in the next word. -# Fields cannot be defined with no bits, so we cannot play -# the same trick and append to a zero-bit value. -# Defer reading the immediate until trans_{LDS,STS}. -@ldst_s .... ... rd:5 .... imm=0 +%ldst_imm !function=next_word +@ldst_s .... ... rd:5 .... imm=%ldst_imm MOV 0010 11 . ..... .... @op_rd_rr MOVW 0000 0001 .... .... &rd_rr rd=%rd_d rr=%rr_d diff --git a/target/avr/translate.c b/target/avr/translate.c index 2bed56f135..a1bfa500bf 100644 --- a/target/avr/translate.c +++ b/target/avr/translate.c @@ -1690,7 +1690,6 @@ static bool trans_LDS(DisasContext *ctx, arg_LDS *a) TCGv Rd = cpu_r[a->rd]; TCGv addr = tcg_temp_new_i32(); TCGv H = cpu_rampD; - a->imm = next_word(ctx); tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ tcg_gen_shli_tl(addr, addr, 16); @@ -1925,7 +1924,6 @@ static bool trans_STS(DisasContext *ctx, arg_STS *a) TCGv Rd = cpu_r[a->rd]; TCGv addr = tcg_temp_new_i32(); TCGv H = cpu_rampD; - a->imm = next_word(ctx); tcg_gen_mov_tl(addr, H); /* addr = H:M:L */ tcg_gen_shli_tl(addr, addr, 16); From patchwork Wed May 14 12:56:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 889863 Delivered-To: patch@linaro.org Received: by 2002:adf:fd8a:0:b0:3a1:f579:ae88 with SMTP id d10csp2607448wrr; Wed, 14 May 2025 06:02:01 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVNSfQmvMRw7IbhyFEfhT1wCIT7n9vbzqLtG9J1vUAUUhDTIpu90xPZlQ+Fz389e6Q3Jz1DHg==@linaro.org X-Google-Smtp-Source: AGHT+IHB1DbC7HkN1u0wunFD/Xvv5QVBYO7rr+QLS1Z76d3+D+M+JxWwR8oSpLsKaDtwl9Kh0n0Z X-Received: by 2002:a05:6512:609a:b0:54f:cc0b:158f with SMTP id 2adb3069b0e04-550d5fe88aamr1273544e87.40.1747227720891; Wed, 14 May 2025 06:02:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1747227720; cv=none; d=google.com; s=arc-20240605; b=jjxUK7wgB9IPkY1JOOF2CCQzRnj6Msa7YzM5kn0ee/Ud/W9KDzumYAEuv5MlQxA6ja VG0hJH165DV/sDJZiSsp9ERCFUieNo/n9b7uF2NA4VV/ZDdH0msQvF9nr4oELo/GI0Yz /0NKuLCXYB/mmqnj5uBoFe/kKjIaPm4MN/qmTC4J4lDN2lLyd70uZHrO5dJv3RAcpGY5 ejfxZzOrL5jTPOmX6Kg6m9YhN0zNrImlv+noyZNE5D7OayYqU+Jsh2vQ8Oje8nqaIJh8 T+6IxzSuycBszOuWb+0666dwh4Vg7XuE5eEnNmufmsfqF1gzE0M52BCaMum70XoGHjFw NC1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=OQr2hCBuzaiCKgqYlHicm5pWvES2ckCRHzvnvFgBC5E=; fh=xJ1URYKcMN3TM0/XAv5v+aCN+5tIbzAdcfBx5UNgoLw=; b=EFEv6eySXdyeYeQ7n3K6Ti3kd/N0k6E/co8Xz7r6piQYoOSNJN99Q0XgoF598jvKI5 SW+1RcL3DQad3YSJHiZTwtMNOxRVaJdGc+yWIG5MVsn8rmUrfnpz+r99HeSQQ7ld0S7w PICATKoD/Mmi1+JN3NjuSQ+imW5MZBpnkiS6o7SHuhYFNFU42SMIU16fCdBdpb3ofEi5 /Q6bGoOwd5sUvM70ASSEc++ntP27nAzDIAaHxxVXBPL30bhIRQ57SIDC8zIy2FTuLCEC Cj8PuSs5MTzMdoWSgAec94HqXGlLY2B+8KqI335KhK7GRKZsUe86QbO1KVH24PAE8mTL EP4A==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 2adb3069b0e04-54fc650a3b5si5268988e87.286.2025.05.14.06.02.00 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Wed, 14 May 2025 06:02:00 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uFBgE-0001Y7-4j; Wed, 14 May 2025 08:57:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBgC-0001Us-Bm; Wed, 14 May 2025 08:57:48 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uFBgA-0007lL-17; Wed, 14 May 2025 08:57:47 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 6C9C7121ACE; Wed, 14 May 2025 15:56:31 +0300 (MSK) Received: from think4mjt.tls.msk.ru (mjtthink.wg.tls.msk.ru [192.168.177.146]) by tsrv.corpit.ru (Postfix) with ESMTP id 18E0D20B846; Wed, 14 May 2025 15:56:41 +0300 (MSK) From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , Richard Henderson , Michael Tokarev Subject: [Stable-7.2.18 14/18] target/arm: Don't assert() for ISB/SB inside IT block Date: Wed, 14 May 2025 15:56:20 +0300 Message-Id: <20250514125640.91677-14-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.5 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Peter Maydell If the guest code has an ISB or SB insn inside an IT block, we generate incorrect code which trips a TCG assertion: qemu-system-arm: ../tcg/tcg-op.c:3343: void tcg_gen_goto_tb(unsigned int): Assertion `(tcg_ctx->goto_tb_issue_mask & (1 << idx)) == 0' failed. This is because we call gen_goto_tb(dc, 1, ...) twice: brcond_i32 ZF,$0x0,ne,$L1 add_i32 pc,pc,$0x4 goto_tb $0x1 exit_tb $0x73d948001b81 set_label $L1 add_i32 pc,pc,$0x4 goto_tb $0x1 exit_tb $0x73d948001b81 Both calls are in arm_tr_tb_stop(), one for the DISAS_NEXT/DISAS_TOO_MANY handling, and one for the dc->condjump condition-failed codepath. The DISAS_NEXT handling doesn't have this problem because arm_post_translate_insn() does the handling of "emit the label for the condition-failed conditional execution" and so arm_tr_tb_stop() doesn't have dc->condjump set. But for DISAS_TOO_MANY we don't do that. Fix the bug by making arm_post_translate_insn() handle the DISAS_TOO_MANY case. This only affects the SB and ISB insns when used in Thumb mode inside an IT block: only these insns specifically set is_jmp to TOO_MANY, and their A32 encodings are unconditional. For the major TOO_MANY case (breaking the TB because it would cross a page boundary) we do that check and set is_jmp to TOO_MANY only after the call to arm_post_translate_insn(); so arm_post_translate_insn() sees is_jmp == DISAS_NEXT, and we emit the correct code for that situation. With this fix we generate the somewhat more sensible set of TCG ops: brcond_i32 ZF,$0x0,ne,$L1 set_label $L1 add_i32 pc,pc,$0x4 goto_tb $0x1 exit_tb $0x7c5434001b81 (NB: the TCG optimizer doesn't optimize out the jump-to-next, but we can't really avoid emitting it because we don't know at the point we're emitting the handling for the condexec check whether this insn is going to happen to be a nop for us or not.) Cc: qemu-stable@nongnu.org Fixes: https://gitlab.com/qemu-project/qemu/-/issues/2942 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20250501125544.727038-1-peter.maydell@linaro.org (cherry picked from commit 8ed7c0b6488a7f20318d6ba414f1cbcd0ed92afe) Signed-off-by: Michael Tokarev diff --git a/target/arm/translate.c b/target/arm/translate.c index 10dfa11a2b..ed9ed8ed0a 100644 --- a/target/arm/translate.c +++ b/target/arm/translate.c @@ -9545,7 +9545,8 @@ static bool arm_check_ss_active(DisasContext *dc) static void arm_post_translate_insn(DisasContext *dc) { - if (dc->condjmp && dc->base.is_jmp == DISAS_NEXT) { + if (dc->condjmp && + (dc->base.is_jmp == DISAS_NEXT || dc->base.is_jmp == DISAS_TOO_MANY)) { if (dc->pc_save != dc->condlabel.pc_save) { gen_update_pc(dc, dc->condlabel.pc_save - dc->pc_save); }