From: David Gibson <david@gibson.dropbear.id.au>
To: peter.maydell@linaro.org
Cc: aik@ozlabs.ru, Amit Lazar <abasarlaz@hotmail.com>,
qemu-devel@nongnu.org, groug@kaod.org, qemu-ppc@nongnu.org,
clg@kaod.org, David Gibson <david@gibson.dropbear.id.au>
Subject: [PULL 6/7] hw/ppc: Take QEMU lock when calling ppc_dcr_read/write()
Date: Tue, 24 Mar 2020 16:14:55 +1100 [thread overview]
Message-ID: <20200324051456.256116-7-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20200324051456.256116-1-david@gibson.dropbear.id.au>
From: Peter Maydell <peter.maydell@linaro.org>
The ppc_dcr_read() and ppc_dcr_write() functions call into callbacks
in device code, so we need to hold the QEMU iothread lock while
calling them. This is the case already for the callsites in
kvmppc_handle_dcr_read/write(), but we must also take the lock when
calling the helpers from TCG.
This fixes a bug where attempting to initialise the PPC405EP
SDRAM will cause an assertion when sdram_map_bcr() attempts
to remap memory regions.
Reported-by: Amit Lazar <abasarlaz@hotmail.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200322192258.14039-1-peter.maydell@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
target/ppc/timebase_helper.c | 40 +++++++++++++++++++++++-------------
1 file changed, 26 insertions(+), 14 deletions(-)
diff --git a/target/ppc/timebase_helper.c b/target/ppc/timebase_helper.c
index 703bd9ed18..d16360ab66 100644
--- a/target/ppc/timebase_helper.c
+++ b/target/ppc/timebase_helper.c
@@ -21,6 +21,7 @@
#include "exec/helper-proto.h"
#include "exec/exec-all.h"
#include "qemu/log.h"
+#include "qemu/main-loop.h"
/*****************************************************************************/
/* SPR accesses */
@@ -167,13 +168,19 @@ target_ulong helper_load_dcr(CPUPPCState *env, target_ulong dcrn)
raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM,
POWERPC_EXCP_INVAL |
POWERPC_EXCP_INVAL_INVAL, GETPC());
- } else if (unlikely(ppc_dcr_read(env->dcr_env,
- (uint32_t)dcrn, &val) != 0)) {
- qemu_log_mask(LOG_GUEST_ERROR, "DCR read error %d %03x\n",
- (uint32_t)dcrn, (uint32_t)dcrn);
- raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM,
- POWERPC_EXCP_INVAL |
- POWERPC_EXCP_PRIV_REG, GETPC());
+ } else {
+ int ret;
+
+ qemu_mutex_lock_iothread();
+ ret = ppc_dcr_read(env->dcr_env, (uint32_t)dcrn, &val);
+ qemu_mutex_unlock_iothread();
+ if (unlikely(ret != 0)) {
+ qemu_log_mask(LOG_GUEST_ERROR, "DCR read error %d %03x\n",
+ (uint32_t)dcrn, (uint32_t)dcrn);
+ raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM,
+ POWERPC_EXCP_INVAL |
+ POWERPC_EXCP_PRIV_REG, GETPC());
+ }
}
return val;
}
@@ -185,12 +192,17 @@ void helper_store_dcr(CPUPPCState *env, target_ulong dcrn, target_ulong val)
raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM,
POWERPC_EXCP_INVAL |
POWERPC_EXCP_INVAL_INVAL, GETPC());
- } else if (unlikely(ppc_dcr_write(env->dcr_env, (uint32_t)dcrn,
- (uint32_t)val) != 0)) {
- qemu_log_mask(LOG_GUEST_ERROR, "DCR write error %d %03x\n",
- (uint32_t)dcrn, (uint32_t)dcrn);
- raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM,
- POWERPC_EXCP_INVAL |
- POWERPC_EXCP_PRIV_REG, GETPC());
+ } else {
+ int ret;
+ qemu_mutex_lock_iothread();
+ ret = ppc_dcr_write(env->dcr_env, (uint32_t)dcrn, (uint32_t)val);
+ qemu_mutex_unlock_iothread();
+ if (unlikely(ret != 0)) {
+ qemu_log_mask(LOG_GUEST_ERROR, "DCR write error %d %03x\n",
+ (uint32_t)dcrn, (uint32_t)dcrn);
+ raise_exception_err_ra(env, POWERPC_EXCP_PROGRAM,
+ POWERPC_EXCP_INVAL |
+ POWERPC_EXCP_PRIV_REG, GETPC());
+ }
}
}
--
2.25.1
next prev parent reply other threads:[~2020-03-24 5:16 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-24 5:14 [PULL 0/7] ppc-for-5.0 queue 20200324 David Gibson
2020-03-24 5:14 ` [PULL 1/7] ppc/spapr: Set the effective address provided flag in mc error log David Gibson
2020-03-24 5:14 ` [PULL 2/7] target/ppc: Fix slbia TLB invalidation gap David Gibson
2020-03-24 5:14 ` [PULL 3/7] target/ppc: Fix ISA v3.0 (POWER9) slbia implementation David Gibson
2020-03-24 5:14 ` [PULL 4/7] target/ppc: don't byte swap ELFv2 signal handler David Gibson
2020-03-24 5:14 ` [PULL 5/7] spapr: Fix memory leak in h_client_architecture_support() David Gibson
2020-03-24 5:14 ` David Gibson [this message]
2020-03-24 5:14 ` [PULL 7/7] ppc/ppc405_boards: Remove unnecessary NULL check David Gibson
2020-03-24 11:07 ` [PULL 0/7] ppc-for-5.0 queue 20200324 Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200324051456.256116-7-david@gibson.dropbear.id.au \
--to=david@gibson.dropbear.id.au \
--cc=abasarlaz@hotmail.com \
--cc=aik@ozlabs.ru \
--cc=clg@kaod.org \
--cc=groug@kaod.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.