* [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models
@ 2020-12-09 17:35 Greg Kurz
2020-12-09 17:35 ` [PATCH 1/2] ppc/translate: Use POWERPC_MMU_64 to detect " Greg Kurz
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Greg Kurz @ 2020-12-09 17:35 UTC (permalink / raw)
To: qemu-devel; +Cc: Stephane Duverger, qemu-ppc, Greg Kurz, David Gibson
Stephane Duverger posted a patch to fix a miscomputation of the
'need_access_type' flag in ppc_tr_init_disas_context(), which can
cause QEMU to abort with 32-bit CPUs.
This series contains an extended version of Stephane's patch and
introduce an mmu_is_64bit() helper to avoid a similar confusion
in the future.
Greg Kurz (1):
target/ppc: Introduce an mmu_is_64bit() helper
Stephane Duverger (1):
ppc/translate: Use POWERPC_MMU_64 to detect 64-bit MMU models
target/ppc/cpu-qom.h | 5 +++++
target/ppc/excp_helper.c | 4 ++--
target/ppc/machine.c | 4 ++--
target/ppc/mmu-hash64.c | 2 +-
target/ppc/mmu_helper.c | 10 +++++-----
target/ppc/translate.c | 4 ++--
target/ppc/translate_init.c.inc | 2 +-
7 files changed, 18 insertions(+), 13 deletions(-)
--
2.26.2
^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/2] ppc/translate: Use POWERPC_MMU_64 to detect 64-bit MMU models
2020-12-09 17:35 [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models Greg Kurz
@ 2020-12-09 17:35 ` Greg Kurz
2020-12-09 17:35 ` [PATCH 2/2] target/ppc: Introduce an mmu_is_64bit() helper Greg Kurz
2020-12-10 3:24 ` [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models David Gibson
2 siblings, 0 replies; 4+ messages in thread
From: Greg Kurz @ 2020-12-09 17:35 UTC (permalink / raw)
To: qemu-devel; +Cc: Stephane Duverger, qemu-ppc, Greg Kurz, David Gibson
From: Stephane Duverger <stephane.duverger@free.fr>
The ppc_tr_init_disas_context() function currently checks whether the
MMU is 64-bit by ANDing its model type with POWERPC_MMU_64B. This is
wrong : POWERPC_MMU_64B isn't a mask, it is the generic MMU model for
pre-PowerISA-2.03 64-bit CPUs (ie. PowerPC 970 in QEMU).
Use POWERPC_MMU_64 instead of POWERPC_MMU_64B. This should fix a
potential bug with some 32-bit CPUs for which 'need_access_type'
was mis-computed because (POWERPC_MMU_32B & POWERPC_MMU_64B)
happens to be equal to 1. The end result being a crash in
ppc_hash32_direct_store() because the access type isn't set:
cpu_abort(cs, "ERROR: instruction should not need "
"address translation\n");
This doesn't change anything for 'lazy_tlb_flush' since POWERPC_MMU_32B
is checked first.
Fixes: 5f2a6254522b ("ppc: Don't set access_type on all load/stores on hash64")
Signed-off-by: Stephane Duverger <stephane.duverger@free.fr>
[groug: - extended patch to address another misuse of POWERPC_MMU_64B
- updated title and changelog accordingly]
Signed-off-by: Greg Kurz <groug@kaod.org>
---
target/ppc/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index 54cac0e6a779..e68dd65ad3e1 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -7892,7 +7892,7 @@ static void ppc_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
ctx->insns_flags = env->insns_flags;
ctx->insns_flags2 = env->insns_flags2;
ctx->access_type = -1;
- ctx->need_access_type = !(env->mmu_model & POWERPC_MMU_64B);
+ ctx->need_access_type = !(env->mmu_model & POWERPC_MMU_64);
ctx->le_mode = !!(env->hflags & (1 << MSR_LE));
ctx->default_tcg_memop_mask = ctx->le_mode ? MO_LE : MO_BE;
ctx->flags = env->flags;
@@ -7902,7 +7902,7 @@ static void ppc_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
#endif
ctx->lazy_tlb_flush = env->mmu_model == POWERPC_MMU_32B
|| env->mmu_model == POWERPC_MMU_601
- || (env->mmu_model & POWERPC_MMU_64B);
+ || env->mmu_model & POWERPC_MMU_64;
ctx->fpu_enabled = !!msr_fp;
if ((env->flags & POWERPC_FLAG_SPE) && msr_spe) {
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] target/ppc: Introduce an mmu_is_64bit() helper
2020-12-09 17:35 [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models Greg Kurz
2020-12-09 17:35 ` [PATCH 1/2] ppc/translate: Use POWERPC_MMU_64 to detect " Greg Kurz
@ 2020-12-09 17:35 ` Greg Kurz
2020-12-10 3:24 ` [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models David Gibson
2 siblings, 0 replies; 4+ messages in thread
From: Greg Kurz @ 2020-12-09 17:35 UTC (permalink / raw)
To: qemu-devel; +Cc: Stephane Duverger, qemu-ppc, Greg Kurz, David Gibson
Callers don't really need to know how 64-bit MMU model enums are
computed. Hide this in a helper.
Signed-off-by: Greg Kurz <groug@kaod.org>
---
target/ppc/cpu-qom.h | 5 +++++
target/ppc/excp_helper.c | 4 ++--
target/ppc/machine.c | 4 ++--
target/ppc/mmu-hash64.c | 2 +-
target/ppc/mmu_helper.c | 10 +++++-----
target/ppc/translate.c | 2 +-
target/ppc/translate_init.c.inc | 2 +-
7 files changed, 17 insertions(+), 12 deletions(-)
diff --git a/target/ppc/cpu-qom.h b/target/ppc/cpu-qom.h
index 5fdb96f04df5..63b9e8632cab 100644
--- a/target/ppc/cpu-qom.h
+++ b/target/ppc/cpu-qom.h
@@ -74,6 +74,11 @@ enum powerpc_mmu_t {
POWERPC_MMU_3_00 = POWERPC_MMU_64 | 0x00000005,
};
+static inline bool mmu_is_64bit(powerpc_mmu_t mmu_model)
+{
+ return mmu_model & POWERPC_MMU_64;
+}
+
/*****************************************************************************/
/* Exception model */
typedef enum powerpc_excp_t powerpc_excp_t;
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index 74f987080ffc..85de7e6c906b 100644
--- a/target/ppc/excp_helper.c
+++ b/target/ppc/excp_helper.c
@@ -266,7 +266,7 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int excp_model, int excp)
*/
if (excp == POWERPC_EXCP_HV_EMU
#if defined(TARGET_PPC64)
- && !((env->mmu_model & POWERPC_MMU_64) && (env->msr_mask & MSR_HVB))
+ && !(mmu_is_64bit(env->mmu_model) && (env->msr_mask & MSR_HVB))
#endif /* defined(TARGET_PPC64) */
) {
@@ -824,7 +824,7 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int excp_model, int excp)
vector = (uint32_t)vector;
}
} else {
- if (!msr_isf && !(env->mmu_model & POWERPC_MMU_64)) {
+ if (!msr_isf && !mmu_is_64bit(env->mmu_model)) {
vector = (uint32_t)vector;
} else {
new_msr |= (target_ulong)1 << MSR_SF;
diff --git a/target/ppc/machine.c b/target/ppc/machine.c
index c38e7b1268dd..d9d911b9b181 100644
--- a/target/ppc/machine.c
+++ b/target/ppc/machine.c
@@ -550,7 +550,7 @@ static bool sr_needed(void *opaque)
#ifdef TARGET_PPC64
PowerPCCPU *cpu = opaque;
- return !(cpu->env.mmu_model & POWERPC_MMU_64);
+ return !mmu_is_64bit(cpu->env.mmu_model);
#else
return true;
#endif
@@ -606,7 +606,7 @@ static bool slb_needed(void *opaque)
PowerPCCPU *cpu = opaque;
/* We don't support any of the old segment table based 64-bit CPUs */
- return cpu->env.mmu_model & POWERPC_MMU_64;
+ return mmu_is_64bit(cpu->env.mmu_model);
}
static int slb_post_load(void *opaque, int version_id)
diff --git a/target/ppc/mmu-hash64.c b/target/ppc/mmu-hash64.c
index 1b1248fc9054..0fabc10302d7 100644
--- a/target/ppc/mmu-hash64.c
+++ b/target/ppc/mmu-hash64.c
@@ -1140,7 +1140,7 @@ void ppc_hash64_init(PowerPCCPU *cpu)
PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu);
if (!pcc->hash64_opts) {
- assert(!(env->mmu_model & POWERPC_MMU_64));
+ assert(!mmu_is_64bit(env->mmu_model));
return;
}
diff --git a/target/ppc/mmu_helper.c b/target/ppc/mmu_helper.c
index 9f22b66ea948..ca88658cba04 100644
--- a/target/ppc/mmu_helper.c
+++ b/target/ppc/mmu_helper.c
@@ -2002,7 +2002,7 @@ void helper_store_601_batl(CPUPPCState *env, uint32_t nr, target_ulong value)
void ppc_tlb_invalidate_all(CPUPPCState *env)
{
#if defined(TARGET_PPC64)
- if (env->mmu_model & POWERPC_MMU_64) {
+ if (mmu_is_64bit(env->mmu_model)) {
env->tlb_need_flush = 0;
tlb_flush(env_cpu(env));
} else
@@ -2046,7 +2046,7 @@ void ppc_tlb_invalidate_one(CPUPPCState *env, target_ulong addr)
#if !defined(FLUSH_ALL_TLBS)
addr &= TARGET_PAGE_MASK;
#if defined(TARGET_PPC64)
- if (env->mmu_model & POWERPC_MMU_64) {
+ if (mmu_is_64bit(env->mmu_model)) {
/* tlbie invalidate TLBs for all segments */
/*
* XXX: given the fact that there are too many segments to invalidate,
@@ -2091,7 +2091,7 @@ void ppc_store_sdr1(CPUPPCState *env, target_ulong value)
qemu_log_mask(CPU_LOG_MMU, "%s: " TARGET_FMT_lx "\n", __func__, value);
assert(!cpu->vhyp);
#if defined(TARGET_PPC64)
- if (env->mmu_model & POWERPC_MMU_64) {
+ if (mmu_is_64bit(env->mmu_model)) {
target_ulong sdr_mask = SDR_64_HTABORG | SDR_64_HTABSIZE;
target_ulong htabsize = value & SDR_64_HTABSIZE;
@@ -2144,7 +2144,7 @@ void ppc_store_ptcr(CPUPPCState *env, target_ulong value)
target_ulong helper_load_sr(CPUPPCState *env, target_ulong sr_num)
{
#if defined(TARGET_PPC64)
- if (env->mmu_model & POWERPC_MMU_64) {
+ if (mmu_is_64bit(env->mmu_model)) {
/* XXX */
return 0;
}
@@ -2158,7 +2158,7 @@ void helper_store_sr(CPUPPCState *env, target_ulong srnum, target_ulong value)
"%s: reg=%d " TARGET_FMT_lx " " TARGET_FMT_lx "\n", __func__,
(int)srnum, value, env->sr[srnum]);
#if defined(TARGET_PPC64)
- if (env->mmu_model & POWERPC_MMU_64) {
+ if (mmu_is_64bit(env->mmu_model)) {
PowerPCCPU *cpu = env_archcpu(env);
uint64_t esid, vsid;
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index e68dd65ad3e1..0984ce637be9 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -7892,7 +7892,7 @@ static void ppc_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs)
ctx->insns_flags = env->insns_flags;
ctx->insns_flags2 = env->insns_flags2;
ctx->access_type = -1;
- ctx->need_access_type = !(env->mmu_model & POWERPC_MMU_64);
+ ctx->need_access_type = !mmu_is_64bit(env->mmu_model);
ctx->le_mode = !!(env->hflags & (1 << MSR_LE));
ctx->default_tcg_memop_mask = ctx->le_mode ? MO_LE : MO_BE;
ctx->flags = env->flags;
diff --git a/target/ppc/translate_init.c.inc b/target/ppc/translate_init.c.inc
index e4082cfde746..a4d0038828d9 100644
--- a/target/ppc/translate_init.c.inc
+++ b/target/ppc/translate_init.c.inc
@@ -10671,7 +10671,7 @@ static void ppc_cpu_reset(DeviceState *dev)
#endif
#if defined(TARGET_PPC64)
- if (env->mmu_model & POWERPC_MMU_64) {
+ if (mmu_is_64bit(env->mmu_model)) {
msr |= (1ULL << MSR_SF);
}
#endif
--
2.26.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models
2020-12-09 17:35 [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models Greg Kurz
2020-12-09 17:35 ` [PATCH 1/2] ppc/translate: Use POWERPC_MMU_64 to detect " Greg Kurz
2020-12-09 17:35 ` [PATCH 2/2] target/ppc: Introduce an mmu_is_64bit() helper Greg Kurz
@ 2020-12-10 3:24 ` David Gibson
2 siblings, 0 replies; 4+ messages in thread
From: David Gibson @ 2020-12-10 3:24 UTC (permalink / raw)
To: Greg Kurz; +Cc: Stephane Duverger, qemu-ppc, qemu-devel
[-- Attachment #1: Type: text/plain, Size: 817 bytes --]
On Wed, Dec 09, 2020 at 06:35:34PM +0100, Greg Kurz wrote:
> Stephane Duverger posted a patch to fix a miscomputation of the
> 'need_access_type' flag in ppc_tr_init_disas_context(), which can
> cause QEMU to abort with 32-bit CPUs.
>
> This series contains an extended version of Stephane's patch and
> introduce an mmu_is_64bit() helper to avoid a similar confusion
> in the future.
Applied to ppc-for-6.0, thanks.
Really that whole mmu_model thing is a mess. A mix of flags and an
enum, for something that should probably be class callbacks in most
cases. But your patches certainly improve things.
--
David Gibson | I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-12-10 3:41 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-09 17:35 [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models Greg Kurz
2020-12-09 17:35 ` [PATCH 1/2] ppc/translate: Use POWERPC_MMU_64 to detect " Greg Kurz
2020-12-09 17:35 ` [PATCH 2/2] target/ppc: Introduce an mmu_is_64bit() helper Greg Kurz
2020-12-10 3:24 ` [PATCH 0/2] target/ppc: Fix detection of 64-bit MMU models David Gibson
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.