All of lore.kernel.org
 help / color / mirror / Atom feed
From: David Gibson <david@gibson.dropbear.id.au>
To: peter.maydell@linaro.org, groug@kaod.org
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Cheptsov <cheptsov@ispras.ru>,
	qemu-ppc@nongnu.org, qemu-devel@nongnu.org,
	David Gibson <david@gibson.dropbear.id.au>
Subject: [PULL 18/20] target/ppc: fix icount support on Book-e vms accessing SPRs
Date: Wed, 10 Mar 2021 15:10:00 +1100	[thread overview]
Message-ID: <20210310041002.333813-19-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <20210310041002.333813-1-david@gibson.dropbear.id.au>

From: Vitaly Cheptsov <cheptsov@ispras.ru>

Failing to guard SPR access with gen_io_start/gen_stop_exception
causes "Bad icount read" exceptions when running VMs with
e500mc and e500v2 CPUs with an icount parameter.

Cc: David Gibson <david@gibson.dropbear.id.au>
Cc: Greg Kurz <groug@kaod.org>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Vitaly Cheptsov <cheptsov@ispras.ru>
Message-Id: <20210303140851.78383-1-cheptsov@ispras.ru>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 target/ppc/translate_init.c.inc | 36 +++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/target/ppc/translate_init.c.inc b/target/ppc/translate_init.c.inc
index e7324e85cd..09c9ae2c98 100644
--- a/target/ppc/translate_init.c.inc
+++ b/target/ppc/translate_init.c.inc
@@ -567,35 +567,71 @@ static void spr_write_601_ubatl(DisasContext *ctx, int sprn, int gprn)
 #if !defined(CONFIG_USER_ONLY)
 static void spr_read_40x_pit(DisasContext *ctx, int gprn, int sprn)
 {
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_io_start();
+    }
     gen_helper_load_40x_pit(cpu_gpr[gprn], cpu_env);
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_stop_exception(ctx);
+    }
 }
 
 static void spr_write_40x_pit(DisasContext *ctx, int sprn, int gprn)
 {
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_io_start();
+    }
     gen_helper_store_40x_pit(cpu_env, cpu_gpr[gprn]);
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_stop_exception(ctx);
+    }
 }
 
 static void spr_write_40x_dbcr0(DisasContext *ctx, int sprn, int gprn)
 {
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_io_start();
+    }
     gen_store_spr(sprn, cpu_gpr[gprn]);
     gen_helper_store_40x_dbcr0(cpu_env, cpu_gpr[gprn]);
     /* We must stop translation as we may have rebooted */
     gen_stop_exception(ctx);
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_stop_exception(ctx);
+    }
 }
 
 static void spr_write_40x_sler(DisasContext *ctx, int sprn, int gprn)
 {
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_io_start();
+    }
     gen_helper_store_40x_sler(cpu_env, cpu_gpr[gprn]);
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_stop_exception(ctx);
+    }
 }
 
 static void spr_write_booke_tcr(DisasContext *ctx, int sprn, int gprn)
 {
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_io_start();
+    }
     gen_helper_store_booke_tcr(cpu_env, cpu_gpr[gprn]);
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_stop_exception(ctx);
+    }
 }
 
 static void spr_write_booke_tsr(DisasContext *ctx, int sprn, int gprn)
 {
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_io_start();
+    }
     gen_helper_store_booke_tsr(cpu_env, cpu_gpr[gprn]);
+    if (tb_cflags(ctx->base.tb) & CF_USE_ICOUNT) {
+        gen_stop_exception(ctx);
+    }
 }
 #endif
 
-- 
2.29.2



  parent reply	other threads:[~2021-03-10  4:22 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-10  4:09 [PULL 00/20] ppc-for-6.0 queue 20210310 David Gibson
2021-03-10  4:09 ` [PULL 01/20] hw/display/sm501: Remove dead code for non-32-bit RGB surfaces David Gibson
2021-03-10  4:09 ` [PULL 02/20] hw/display/sm501: Expand out macros in template header David Gibson
2021-03-10  4:09 ` [PULL 03/20] hw/display/sm501: Inline template header into C file David Gibson
2021-03-10  4:09 ` [PULL 04/20] spapr_drc.c: do not call spapr_drc_detach() in drc_isolate_logical() David Gibson
2021-03-10  4:09 ` [PULL 05/20] pseries: Update SLOF firmware image David Gibson
2021-03-10  4:09 ` [PULL 06/20] spapr_drc.c: use spapr_drc_release() in isolate_physical/set_unusable David Gibson
2021-03-10  4:09 ` [PULL 07/20] spapr: rename spapr_drc_detach() to spapr_drc_unplug_request() David Gibson
2021-03-10  4:09 ` [PULL 08/20] docs/system: Extend PPC section David Gibson
2021-03-10  4:09 ` [PULL 09/20] target/ppc: Fix bcdsub. emulation when result overflows David Gibson
2021-03-10  4:09 ` [PULL 10/20] spapr_drc.c: introduce unplug_timeout_timer David Gibson
2021-03-10  4:09 ` [PULL 11/20] spapr_drc.c: add hotunplug timeout for CPUs David Gibson
2021-03-10  4:09 ` [PULL 12/20] spapr_drc.c: use DRC reconfiguration to cleanup DIMM unplug state David Gibson
2021-03-10  4:09 ` [PULL 13/20] hw/net: fsl_etsec: Fix build error when HEX_DUMP is on David Gibson
2021-03-10  4:09 ` [PULL 14/20] hw/ppc: e500: Add missing <ranges> in the eTSEC node David Gibson
2021-03-10  4:09 ` [PULL 15/20] spapr.c: add 'unplug already in progress' message for PHB unplug David Gibson
2021-03-10  4:09 ` [PULL 16/20] spapr_pci.c: add 'unplug already in progress' message for PCI unplug David Gibson
2021-03-10  4:09 ` [PULL 17/20] qemu_timer.c: add timer_deadline_ms() helper David Gibson
2021-03-10  4:10 ` David Gibson [this message]
2021-03-10  4:10 ` [PULL 19/20] spapr.c: remove duplicated assert in spapr_memory_unplug_request() David Gibson
2021-03-10  4:10 ` [PULL 20/20] spapr.c: send QAPI event when memory hotunplug fails David Gibson
2021-03-10  4:43 ` [PULL 00/20] ppc-for-6.0 queue 20210310 Bin Meng
2021-03-10  6:00   ` David Gibson
2021-03-11  1:26     ` Bin Meng
2021-03-10 14:09 ` Ivan Warren
2021-03-11  1:47   ` David Gibson
2021-03-11  3:22     ` Ivan Warren
2021-03-11  4:56       ` David Gibson
2021-03-11 13:31         ` Richard Henderson
2021-03-11 15:54           ` Greg Kurz
2021-03-11 18:02             ` Greg Kurz
2021-03-12 13:53 ` Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210310041002.333813-19-david@gibson.dropbear.id.au \
    --to=david@gibson.dropbear.id.au \
    --cc=cheptsov@ispras.ru \
    --cc=groug@kaod.org \
    --cc=pbonzini@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.