From patchwork Fri Aug 4 19:16:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710235 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp162750rwb; Fri, 4 Aug 2023 12:19:15 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFC0ptnKhXqoXJMfZjVPIl1mbQdal6nmLG6+WA/XUHFBRhqfGmCyTeLzB9X4/bdjLPEi9AC X-Received: by 2002:a05:622a:30a:b0:405:49c6:4102 with SMTP id q10-20020a05622a030a00b0040549c64102mr3011057qtw.36.1691176755581; Fri, 04 Aug 2023 12:19:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176755; cv=none; d=google.com; s=arc-20160816; b=zvtv6TNzVqm2ZPqzlGNROBfd0OOzFo72ke0RerEK4FuOZW1NHXoOh1RMEzwPSLsGv3 Bv3QEy6vXszBXT8X1tEs3NtEZzUM7/2+MCqxCN6f/I3I5QvTDrKGY4KgEk2WK/FUvbek n7W2eC0Du+79MxzFN/1Bx7crBoQEAeJN7ae75Rh5VgR4knEhq+iXvzOYYI3+MNG/xxmi b45LQv1ayTO6n/yNSC9MT1GsZVdqMRi/DHmC78Ql41Yni5HDV7xifENPoKm+xkBTYV/2 v9ftIbX7NvGnUAMB1bmBKY2ZUB570pjTp253u30M/UvUxww4IuScolbaf5xjIM1pxfLc Mk/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=ZC5uVDiLUFgufLRaKp/YTHmHmrEj6xDK+knQDaZNTnc=; fh=q8kquewWrepzqmq3nHS+hJTfjGAHzh7HW/o6ooL2YMw=; b=VpLKA8tOGiRKFDz8CnA8Bn4pQTFYI0MNg9K7y0Hvt3AOwTmy1iPAlryzo8jibLcOXJ nxh5+/AHs3k+gyqjhmL8iqwcqijBbB+iZA41NbscZAJ+auICM9TlE28DjLkZkSsC0oeN 5TEi0bRU9dhkdXZEr48AvboZZoscA78aOIHkzQ11nVdtmrUX6H0GuMWB68b0Mtol1/+l 4Q1psPq12dszwIyTALqFk//w7Zszk7lSF1g2cZDPPIytT1RaUs2dkV2VFPdp3/tlWZbo CGg5xyjkdV1MQa8y6Mp2LbGzlADGBYX89WTBeS5vcdQMi+tUkC8/SR5+ixYzs0us8Tdq CSMg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 19-20020ac85913000000b00409e2477114si1735735qty.626.2023.08.04.12.19.15 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:19:15 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0IO-0000Mk-0W; Fri, 04 Aug 2023 15:17:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IM-0000Ld-Ik; Fri, 04 Aug 2023 15:17:06 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IK-0006wK-Vm; Fri, 04 Aug 2023 15:17:06 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id CB57618458; Fri, 4 Aug 2023 22:17:10 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 5F1AB1B89B; Fri, 4 Aug 2023 22:16:50 +0300 (MSK) Received: (nullmailer pid 1875705 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , Thomas Huth , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Eric Auger , Michael Tokarev Subject: [Stable-8.0.4 38/63] hw/arm/smmu: Handle big-endian hosts correctly Date: Fri, 4 Aug 2023 22:16:21 +0300 Message-Id: <20230804191647.1875608-7-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Peter Maydell The implementation of the SMMUv3 has multiple places where it reads a data structure from the guest and directly operates on it without doing a guest-to-host endianness conversion. Since all SMMU data structures are little-endian, this means that the SMMU doesn't work on a big-endian host. In particular, this causes the Avocado test machine_aarch64_virt.py:Aarch64VirtMachine.test_alpine_virt_tcg_gic_max to fail on an s390x host. Add appropriate byte-swapping on reads and writes of guest in-memory data structures so that the device works correctly on big-endian hosts. As part of this we constrain queue_read() to operate only on Cmd structs and queue_write() on Evt structs, because in practice these are the only data structures the two functions are used with, and we need to know what the data structure is to be able to byte-swap its parts correctly. Signed-off-by: Peter Maydell Tested-by: Thomas Huth Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Eric Auger Message-id: 20230717132641.764660-1-peter.maydell@linaro.org Cc: qemu-stable@nongnu.org (cherry picked from commit c6445544d4cea2628fbad3bad09f3d3a03c749d3) Signed-off-by: Michael Tokarev diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index e7f1c1f219..daa02ce798 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -192,8 +192,7 @@ static int get_pte(dma_addr_t baseaddr, uint32_t index, uint64_t *pte, dma_addr_t addr = baseaddr + index * sizeof(*pte); /* TODO: guarantee 64-bit single-copy atomicity */ - ret = dma_memory_read(&address_space_memory, addr, pte, sizeof(*pte), - MEMTXATTRS_UNSPECIFIED); + ret = ldq_le_dma(&address_space_memory, addr, pte, MEMTXATTRS_UNSPECIFIED); if (ret != MEMTX_OK) { info->type = SMMU_PTW_ERR_WALK_EABT; diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index 270c80b665..cfb56725a6 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -98,20 +98,34 @@ static void smmuv3_write_gerrorn(SMMUv3State *s, uint32_t new_gerrorn) trace_smmuv3_write_gerrorn(toggled & pending, s->gerrorn); } -static inline MemTxResult queue_read(SMMUQueue *q, void *data) +static inline MemTxResult queue_read(SMMUQueue *q, Cmd *cmd) { dma_addr_t addr = Q_CONS_ENTRY(q); + MemTxResult ret; + int i; - return dma_memory_read(&address_space_memory, addr, data, q->entry_size, - MEMTXATTRS_UNSPECIFIED); + ret = dma_memory_read(&address_space_memory, addr, cmd, sizeof(Cmd), + MEMTXATTRS_UNSPECIFIED); + if (ret != MEMTX_OK) { + return ret; + } + for (i = 0; i < ARRAY_SIZE(cmd->word); i++) { + le32_to_cpus(&cmd->word[i]); + } + return ret; } -static MemTxResult queue_write(SMMUQueue *q, void *data) +static MemTxResult queue_write(SMMUQueue *q, Evt *evt_in) { dma_addr_t addr = Q_PROD_ENTRY(q); MemTxResult ret; + Evt evt = *evt_in; + int i; - ret = dma_memory_write(&address_space_memory, addr, data, q->entry_size, + for (i = 0; i < ARRAY_SIZE(evt.word); i++) { + cpu_to_le32s(&evt.word[i]); + } + ret = dma_memory_write(&address_space_memory, addr, &evt, sizeof(Evt), MEMTXATTRS_UNSPECIFIED); if (ret != MEMTX_OK) { return ret; @@ -291,7 +305,7 @@ static void smmuv3_init_regs(SMMUv3State *s) static int smmu_get_ste(SMMUv3State *s, dma_addr_t addr, STE *buf, SMMUEventInfo *event) { - int ret; + int ret, i; trace_smmuv3_get_ste(addr); /* TODO: guarantee 64-bit single-copy atomicity */ @@ -304,6 +318,9 @@ static int smmu_get_ste(SMMUv3State *s, dma_addr_t addr, STE *buf, event->u.f_ste_fetch.addr = addr; return -EINVAL; } + for (i = 0; i < ARRAY_SIZE(buf->word); i++) { + le32_to_cpus(&buf->word[i]); + } return 0; } @@ -313,7 +330,7 @@ static int smmu_get_cd(SMMUv3State *s, STE *ste, uint32_t ssid, CD *buf, SMMUEventInfo *event) { dma_addr_t addr = STE_CTXPTR(ste); - int ret; + int ret, i; trace_smmuv3_get_cd(addr); /* TODO: guarantee 64-bit single-copy atomicity */ @@ -326,6 +343,9 @@ static int smmu_get_cd(SMMUv3State *s, STE *ste, uint32_t ssid, event->u.f_ste_fetch.addr = addr; return -EINVAL; } + for (i = 0; i < ARRAY_SIZE(buf->word); i++) { + le32_to_cpus(&buf->word[i]); + } return 0; } @@ -407,7 +427,7 @@ static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, return -EINVAL; } if (s->features & SMMU_FEATURE_2LVL_STE) { - int l1_ste_offset, l2_ste_offset, max_l2_ste, span; + int l1_ste_offset, l2_ste_offset, max_l2_ste, span, i; dma_addr_t l1ptr, l2ptr; STEDesc l1std; @@ -431,6 +451,9 @@ static int smmu_find_ste(SMMUv3State *s, uint32_t sid, STE *ste, event->u.f_ste_fetch.addr = l1ptr; return -EINVAL; } + for (i = 0; i < ARRAY_SIZE(l1std.word); i++) { + le32_to_cpus(&l1std.word[i]); + } span = L1STD_SPAN(&l1std); From patchwork Fri Aug 4 19:16:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710231 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp162288rwb; Fri, 4 Aug 2023 12:18:17 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE5fVBS3hgBaPyktIxuCfkfC2cvIhMb78Cu2IqBPmQbTNfUmuOc60NzSZnfKRLSJ+mjZ/PO X-Received: by 2002:a0c:f3c3:0:b0:625:bb19:278c with SMTP id f3-20020a0cf3c3000000b00625bb19278cmr2091426qvm.2.1691176697619; Fri, 04 Aug 2023 12:18:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176697; cv=none; d=google.com; s=arc-20160816; b=Wxsn/+MhAwNh4EHcXCVKvFmEH9lawIJJdtq6pZXBxYbimIehGRU/bcf/PgjjbyxS+y akdQxQ7uB1MqEN2lAf12nppFJFRxV0UUImwMW/1i43ByoW+C1epk9GvP0YZgCIOHL4zK 1PW8BsVUCXsOhGqAA2qWAvfi68LV1eFOUBOcsj5ET7qUoodv8j3cVoYT0LeULxkw3jFK JZIZPhIAQndYtI1MQDzQblj86l9CblkObDtr3stawercrgsuhdno0o2Izcs3BP68h3hx zrZstaSw4n/ZLV6xcDgXjWyWMwH+l62/NCxdmLtvE5pGnz8bizxs4ogMHwHnCUH9O5LT 78iA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=2bnxnsqKoc7Sxwgvf9h3UpbubHsGjX1Iy7DpWkohFuo=; fh=+twXHueQny8msdLYk4HIx2SowV0ZnuRfIAxEj9lDJjg=; b=R+g/vCsRd7cpARRCz8FLtu1Cbkxl7FO8pOy7N/5L95gwKZ1wy6rUdSGFfvrQMDJfo5 veTx2SHTf9u6FgIovorhWbvhLCSfozQcVxx7Ere42rn9XHtRU6AZjQ3xs+Zg3uuvZNGD oPt1/tAzRQg6Em4en6cOSxJ9vbg+602kXqqxgli/qNGo/4qqvGJiyk+DoSvuwOlvZ2jQ KNsPk44Ypk3uXRY2HcIz4g7+bHXRlI2H6Pu537lrhZOK8vcJeafIRWEvvBT3/QOuB7RY Ti6O4L1mvnPQ8Mz4ShOyaTpmDeyOZTUKle/bMmo7pPruM6Duu6omGcOs11ruZMgIDGXM pe+g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id t7-20020a0cde07000000b0063cf6f808a2si1635159qvk.441.2023.08.04.12.18.17 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:18:17 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0IP-0000NJ-8d; Fri, 04 Aug 2023 15:17:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IM-0000Ls-V3; Fri, 04 Aug 2023 15:17:06 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IL-0006wh-Af; Fri, 04 Aug 2023 15:17:06 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 3020F18459; Fri, 4 Aug 2023 22:17:11 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 90BEC1B89C; Fri, 4 Aug 2023 22:16:50 +0300 (MSK) Received: (nullmailer pid 1875708 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , Richard Henderson , Michael Tokarev Subject: [Stable-8.0.4 39/63] target/arm: Special case M-profile in debug_helper.c code Date: Fri, 4 Aug 2023 22:16:22 +0300 Message-Id: <20230804191647.1875608-8-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Peter Maydell A lot of the code called from helper_exception_bkpt_insn() is written assuming A-profile, but we will also call this helper on M-profile CPUs when they execute a BKPT insn. This used to work by accident, but recent changes mean that we will hit an assert when some of this code calls down into lower level functions that end up calling arm_security_space_below_el3(), arm_el_is_aa64(), and other functions that now explicitly assert that the guest CPU is not M-profile. Handle M-profile directly to avoid the assertions: * in arm_debug_target_el(), M-profile debug exceptions always go to EL1 * in arm_debug_exception_fsr(), M-profile always uses the short format FSR (compare commit d7fe699be54b2, though in this case the code in arm_v7m_cpu_do_interrupt() does not need to look at the FSR value at all) Cc: qemu-stable@nongnu.org Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1775 Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20230721143239.1753066-1-peter.maydell@linaro.org (cherry picked from commit 5d78893f39caf94c8587141e2219b57a7d63dd5c) Signed-off-by: Michael Tokarev diff --git a/target/arm/debug_helper.c b/target/arm/debug_helper.c index dfc8b2a1a5..0cbc8171d5 100644 --- a/target/arm/debug_helper.c +++ b/target/arm/debug_helper.c @@ -21,6 +21,10 @@ static int arm_debug_target_el(CPUARMState *env) bool secure = arm_is_secure(env); bool route_to_el2 = false; + if (arm_feature(env, ARM_FEATURE_M)) { + return 1; + } + if (arm_is_el2_enabled(env)) { route_to_el2 = env->cp15.hcr_el2 & HCR_TGE || env->cp15.mdcr_el2 & MDCR_TDE; @@ -434,18 +438,20 @@ static uint32_t arm_debug_exception_fsr(CPUARMState *env) { ARMMMUFaultInfo fi = { .type = ARMFault_Debug }; int target_el = arm_debug_target_el(env); - bool using_lpae = false; + bool using_lpae; - if (target_el == 2 || arm_el_is_aa64(env, target_el)) { + if (arm_feature(env, ARM_FEATURE_M)) { + using_lpae = false; + } else if (target_el == 2 || arm_el_is_aa64(env, target_el)) { using_lpae = true; } else if (arm_feature(env, ARM_FEATURE_PMSA) && arm_feature(env, ARM_FEATURE_V8)) { using_lpae = true; + } else if (arm_feature(env, ARM_FEATURE_LPAE) && + (env->cp15.tcr_el[target_el] & TTBCR_EAE)) { + using_lpae = true; } else { - if (arm_feature(env, ARM_FEATURE_LPAE) && - (env->cp15.tcr_el[target_el] & TTBCR_EAE)) { - using_lpae = true; - } + using_lpae = false; } if (using_lpae) { From patchwork Fri Aug 4 19:16:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710236 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp162773rwb; Fri, 4 Aug 2023 12:19:19 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGDFfQgRmUCFKZlEU+eEf9JG1UCltAWKJmVtI6KXP/jV/+g/2NubZhB25kPR0n8/dZ2gUN2 X-Received: by 2002:a05:620a:2587:b0:767:81fc:c6b8 with SMTP id x7-20020a05620a258700b0076781fcc6b8mr3077282qko.6.1691176758982; Fri, 04 Aug 2023 12:19:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176758; cv=none; d=google.com; s=arc-20160816; b=gBAPi1GEwW//+v78x6nRu9I1IfwJVasCQHHiXxJQyHUtHhj4Ne/QjTfxPIzxA6hBaC Qofol24gR3laoB17Udraljzstm5sAGtZt78zaCR2hmHle40F4zdytCJY/rH4gI44sFuq qQG6UJFTIPbTBP9g7l+pL60vYb9ypQKZ0PN0zTdC0EyM+cuRwxvpExPmfY/KhRoB9KuJ o/o4hSXrmZI1QNsgZWKEsuMYzDOWvaGB+Z7BsuFFC+mZfaPUWmr5Rozv5aYBv4B+eOA2 nBk5ySvhUNPltCFrUtu9kfK6XZFWhcgsetKCGzIBY8vs1rGZRUdr5AORlNFqwzP+enaE 2SBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=Fp59DzngyvKyxdVCUWBHng4ZbMtv2B/kXWjI+o4Lz+U=; fh=+twXHueQny8msdLYk4HIx2SowV0ZnuRfIAxEj9lDJjg=; b=vXrqjcDHm0876YRmKo1TG8QyYa9sXUWC66XlIVUpGYDbtDNYfklKdY1BB+OCp/XY+I K4nhvugDQ0+7QfmnpdC5mEWGWuewkJpTQi4L3FkkSgFHxXm4WUt1JfIvm3X7pmryuahF G8cWcWV1J9KwG5/r8z3AARYx08CxlNQabrd/AKgPKT2cAjh6HN3wU1gCqwPBdcbRGgAB 3tjIm95SEbCkz0Cv7RtAcxStvK1BW/8JZq04mLWRfFlVdsmiHxIEyBcqbmsr/MUYO20C gWNJCuuo4gFNjY+nautlCyEAkT7h6oiLcvPWbvDa0iIsgat6hYCGw7tBIMPk6trMFpvd sHQw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 12-20020a05620a040c00b0076c93916911si1623879qkp.584.2023.08.04.12.19.18 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:19:18 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0IR-0000OR-BA; Fri, 04 Aug 2023 15:17:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IP-0000No-H2; Fri, 04 Aug 2023 15:17:09 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IO-0006xN-0S; Fri, 04 Aug 2023 15:17:09 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 659FE1845A; Fri, 4 Aug 2023 22:17:11 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id EA7741B89D; Fri, 4 Aug 2023 22:16:50 +0300 (MSK) Received: (nullmailer pid 1875711 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , Richard Henderson , Michael Tokarev Subject: [Stable-8.0.4 40/63] target/arm: Avoid writing to constant TCGv in trans_CSEL() Date: Fri, 4 Aug 2023 22:16:23 +0300 Message-Id: <20230804191647.1875608-9-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Peter Maydell In commit 0b188ea05acb5 we changed the implementation of trans_CSEL() to use tcg_constant_i32(). However, this change was incorrect, because the implementation of the function sets up the TCGv_i32 rn and rm to be either zero or else a TCG temp created in load_reg(), and these TCG temps are then in both cases written to by the emitted TCG ops. The result is that we hit a TCG assertion: qemu-system-arm: ../../tcg/tcg.c:4455: tcg_reg_alloc_mov: Assertion `!temp_readonly(ots)' failed. (or on a non-debug build, just produce a garbage result) Adjust the code so that rn and rm are always writeable temporaries whether the instruction is using the special case "0" or a normal register as input. Cc: qemu-stable@nongnu.org Fixes: 0b188ea05acb5 ("target/arm: Use tcg_constant in trans_CSEL") Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson Message-id: 20230727103906.2641264-1-peter.maydell@linaro.org (cherry picked from commit 2b0d656ab6484cae7f174e194215a6d50343ecd2) Signed-off-by: Michael Tokarev diff --git a/target/arm/tcg/translate.c b/target/arm/tcg/translate.c index 7468476724..1e4d94e58a 100644 --- a/target/arm/tcg/translate.c +++ b/target/arm/tcg/translate.c @@ -8814,7 +8814,7 @@ static bool trans_IT(DisasContext *s, arg_IT *a) /* v8.1M CSEL/CSINC/CSNEG/CSINV */ static bool trans_CSEL(DisasContext *s, arg_CSEL *a) { - TCGv_i32 rn, rm, zero; + TCGv_i32 rn, rm; DisasCompare c; if (!arm_dc_feature(s, ARM_FEATURE_V8_1M)) { @@ -8832,16 +8832,17 @@ static bool trans_CSEL(DisasContext *s, arg_CSEL *a) } /* In this insn input reg fields of 0b1111 mean "zero", not "PC" */ - zero = tcg_constant_i32(0); + rn = tcg_temp_new_i32(); + rm = tcg_temp_new_i32(); if (a->rn == 15) { - rn = zero; + tcg_gen_movi_i32(rn, 0); } else { - rn = load_reg(s, a->rn); + load_reg_var(s, rn, a->rn); } if (a->rm == 15) { - rm = zero; + tcg_gen_movi_i32(rm, 0); } else { - rm = load_reg(s, a->rm); + load_reg_var(s, rm, a->rm); } switch (a->op) { @@ -8861,7 +8862,7 @@ static bool trans_CSEL(DisasContext *s, arg_CSEL *a) } arm_test_cc(&c, a->fcond); - tcg_gen_movcond_i32(c.cond, rn, c.value, zero, rn, rm); + tcg_gen_movcond_i32(c.cond, rn, c.value, tcg_constant_i32(0), rn, rm); store_reg(s, a->rd, rn); return true; From patchwork Fri Aug 4 19:16:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710234 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp162683rwb; Fri, 4 Aug 2023 12:19:06 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFRmYPRIW9chIjyp3nq9CBJixNiUL+PGQS8ZPiVGZHEfC3myNZq2mzO6gJXepAqxEsQ1rDC X-Received: by 2002:a05:622a:15d3:b0:40f:d849:5b19 with SMTP id d19-20020a05622a15d300b0040fd8495b19mr3735543qty.22.1691176746044; Fri, 04 Aug 2023 12:19:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176746; cv=none; d=google.com; s=arc-20160816; b=DMJDIsDY5qwds2wOIrqdPXabhgFf1JIp4Y6a2UTHpJ50nSGyUTR8DvfBS1pYhO7rNj hZM8TtrDl+1QYIO+clV2QDmMwaqwoF+axu+A9dWRoVwjBWj/g+PU1reWfMnb2F9uiPhN goD6XTIhJC//EH/A58nj3adc8PFGi+SyCL2N60MB/JqPFtcP75m+sLTAS3lnt9HX4t2d 4aRPdLKw166uOX4xt0f1/+JgzbPawUhHRn9XhAqWB/TOZ8CeKFXHvV9k8LVfswt1QGlq rPLED2AWSY1P7dOpEEKRpYL/EUj2uIlJOOlsCL/Fa9gckyasVBvuY+gj23NRrR10CW3g bqUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=rfwL6c6jAIK//ovZvYw4PQAE19TbiMppmZMkjWPMQtc=; fh=Xkin6fdEYjnaOLU5AKa5pmdx6bOMlQ5vBl3viP607iU=; b=BcFDSSt81VCdqZdJ7enHAZAmfPWVeufoKa227VuvVUPYUl+dZX86UueBMOabUZFuPA VluuQigcitLatFmZ3NI1EPkoryBVXp59QJzNT8rDzE3Vqyo1xpj0x11Z0Nyk+aJqCif+ nSH9PJG5rEH42zqlONj0y1HkTdLjpJotbSqU6Yofz2/+u/XJlID0o3S/mIlNq/kvktem QJQggAnd/Ac5OcT9gj+U/4jS/yV+pMEFYZLSr0r5+anYwdQmgcIw1tuywyAFTzEvr91m oLDBuYRn/I1Lt8WdwKf9OGZgjDPBfh1vF/Lo35cQGJ1FWyqsPE0+P3OwOSEHMztrgi/t SceQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 1-20020ac85941000000b00403676c96e8si1737193qtz.136.2023.08.04.12.19.05 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:19:06 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0IR-0000OZ-K6; Fri, 04 Aug 2023 15:17:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IP-0000Nw-VJ; Fri, 04 Aug 2023 15:17:10 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IO-0006xV-CZ; Fri, 04 Aug 2023 15:17:09 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id AACE81845B; Fri, 4 Aug 2023 22:17:11 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 2BA031B89E; Fri, 4 Aug 2023 22:16:51 +0300 (MSK) Received: (nullmailer pid 1875714 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Peter Maydell , Michael Tokarev Subject: [Stable-8.0.4 41/63] util/interval-tree: Use qatomic_read for left/right while searching Date: Fri, 4 Aug 2023 22:16:24 +0300 Message-Id: <20230804191647.1875608-10-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson Fixes a race condition (generally without optimization) in which the subtree is re-read after the protecting if condition. Cc: qemu-stable@nongnu.org Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson (cherry picked from commit 055b86e0f0b4325117055d8d31c49011258f4af3) Signed-off-by: Michael Tokarev diff --git a/util/interval-tree.c b/util/interval-tree.c index 4c0baf108f..5a0ad21b2d 100644 --- a/util/interval-tree.c +++ b/util/interval-tree.c @@ -745,8 +745,9 @@ static IntervalTreeNode *interval_tree_subtree_search(IntervalTreeNode *node, * Loop invariant: start <= node->subtree_last * (Cond2 is satisfied by one of the subtree nodes) */ - if (node->rb.rb_left) { - IntervalTreeNode *left = rb_to_itree(node->rb.rb_left); + RBNode *tmp = qatomic_read(&node->rb.rb_left); + if (tmp) { + IntervalTreeNode *left = rb_to_itree(tmp); if (start <= left->subtree_last) { /* @@ -765,8 +766,9 @@ static IntervalTreeNode *interval_tree_subtree_search(IntervalTreeNode *node, if (start <= node->last) { /* Cond2 */ return node; /* node is leftmost match */ } - if (node->rb.rb_right) { - node = rb_to_itree(node->rb.rb_right); + tmp = qatomic_read(&node->rb.rb_right); + if (tmp) { + node = rb_to_itree(tmp); if (start <= node->subtree_last) { continue; } @@ -814,8 +816,9 @@ IntervalTreeNode *interval_tree_iter_first(IntervalTreeRoot *root, IntervalTreeNode *interval_tree_iter_next(IntervalTreeNode *node, uint64_t start, uint64_t last) { - RBNode *rb = node->rb.rb_right, *prev; + RBNode *rb, *prev; + rb = qatomic_read(&node->rb.rb_right); while (true) { /* * Loop invariants: @@ -840,7 +843,7 @@ IntervalTreeNode *interval_tree_iter_next(IntervalTreeNode *node, } prev = &node->rb; node = rb_to_itree(rb); - rb = node->rb.rb_right; + rb = qatomic_read(&node->rb.rb_right); } while (prev == rb); /* Check if the node intersects [start;last] */ From patchwork Fri Aug 4 19:16:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710232 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp162294rwb; Fri, 4 Aug 2023 12:18:18 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH5KL30XZT+IFdCTHh4cCJ7swAX7fKxAG4w5AYxtlemV3HqGV62m5LkLUKrp8poZI1995Cp X-Received: by 2002:a1f:5c44:0:b0:487:19c7:4ed7 with SMTP id q65-20020a1f5c44000000b0048719c74ed7mr1968270vkb.16.1691176698436; Fri, 04 Aug 2023 12:18:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176698; cv=none; d=google.com; s=arc-20160816; b=a7I7bMXRpJFq7CjOu/7Ngw7yEbSGZCbtbGZUd+Omwts88WTNY1IizWxaL9jO9vxTqF VWbjG56I17x5gQ+qyUTSq0qUanSqeVk4G0LWztEENlKHY4JbT7fQhMY94P55Q1bm/vYK eZ3otNLBMSrupBKr7Xu2Eei21qw11MEH6YjSTyGMr4yiXHks5lvUIbNzJLzOja36j8qF yNwrnGkS6yCuWU9mRLilMHlP+UU6hutnWRRtm7z87I2WM+cXmu62OSTGRcaoVvMtHuSu 0M/tPIJfbTOqR9G21ebijD05dOpRDCDEfBOyOOMgnUG6bDwa4xQVysPgMo0l3wnxFkxg BkwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=wKVTryVzZe73FK1hD+juThMQnW4xn/TI2NSDr39LRvQ=; fh=Xkin6fdEYjnaOLU5AKa5pmdx6bOMlQ5vBl3viP607iU=; b=GE8t80dM1tVc+w9cExHQxODlDVZMXO8z1JdqJazT0nUdxfascf3+PaoUrYgfUQqIo4 ySs+kukDoQp0qhINa1fGDyeKWxwc07ujHt5w29uZCyCvynlQkf9cjsNluP9+mBkArOoe sOb74eSva9g8doK9QyshKQkDRKPc5ZUgq67E+u8zNJmkCy44FcakMR5HktZdENztXyJQ 51QzXXBtb3e7l3z96JYrwm9S0VY9TN4FNZ1/1LbJRzDBACh2ujeXOo+mLdRR/qb3Jvc0 O1IGTIPolNe7QEpttVvKlxkUu53EHaLQeoTSsy9uyFvrPF6Skdjay7TYWYgIhDKuOX04 EyaQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 8-20020ac84e88000000b0040fefce0dbbsi1763009qtp.216.2023.08.04.12.18.18 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:18:18 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0IT-0000Pu-MQ; Fri, 04 Aug 2023 15:17:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IS-0000PH-EM; Fri, 04 Aug 2023 15:17:12 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0IR-0006xt-0H; Fri, 04 Aug 2023 15:17:12 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id DBA821845C; Fri, 4 Aug 2023 22:17:11 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 709CC1B89F; Fri, 4 Aug 2023 22:16:51 +0300 (MSK) Received: (nullmailer pid 1875717 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , Peter Maydell , Michael Tokarev Subject: [Stable-8.0.4 42/63] util/interval-tree: Use qatomic_set_mb in rb_link_node Date: Fri, 4 Aug 2023 22:16:25 +0300 Message-Id: <20230804191647.1875608-11-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson Ensure that the stores to rb_left and rb_right are complete before inserting the new node into the tree. Otherwise a concurrent reader could see garbage in the new leaf. Cc: qemu-stable@nongnu.org Reviewed-by: Peter Maydell Signed-off-by: Richard Henderson (cherry picked from commit 4c8baa02d36379507afd17bdea87aabe0aa32ed3) Signed-off-by: Michael Tokarev (Mjt: s/qatomic_set_mb/qatomic_mb_set/ for 8.0 - it was renamed later) diff --git a/util/interval-tree.c b/util/interval-tree.c index 5a0ad21b2d..2000cd2935 100644 --- a/util/interval-tree.c +++ b/util/interval-tree.c @@ -128,7 +128,11 @@ static inline void rb_link_node(RBNode *node, RBNode *parent, RBNode **rb_link) node->rb_parent_color = (uintptr_t)parent; node->rb_left = node->rb_right = NULL; - qatomic_set(rb_link, node); + /* + * Ensure that node is initialized before insertion, + * as viewed by a concurrent search. + */ + qatomic_mb_set(rb_link, node); } static RBNode *rb_next(RBNode *node) From patchwork Fri Aug 4 19:16:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710237 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp163029rwb; Fri, 4 Aug 2023 12:19:50 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFV8v1R/A33qeuHnK5cH0A64CyMwFJYjyJISOtwe75n0CAnu7ywIjeGy6vpsI47crQmMWBA X-Received: by 2002:a05:620a:400b:b0:768:1d1e:29ce with SMTP id h11-20020a05620a400b00b007681d1e29cemr3503216qko.5.1691176790491; Fri, 04 Aug 2023 12:19:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176790; cv=none; d=google.com; s=arc-20160816; b=Xp1fnzrSyMtH587bKN60pZgh71pVIJRlD5SwXfgsMP2zkBSrIAq3HOkkB/yyGQvXl8 Lit0Y7Agagh/gxVaw2v4Z2BKzeqmRqocYIUhtUxoZ3ahuBtl3CRq0fi3Vdb7feYkykOK jShUTYX/WgeaoODgW166Hyr1Rx4VFRWtyRsnQT5S20LRlQOAWj3Ko17IN482EMZ9eCZx X+svtjelPGjK1kGSr8g/h3VzlFJ8JaSDJyWvE84ysz9nGSbXQMMng8kdRoXkKmvSklZW Eq1x/siPmfu8uTXPmXGBVPBpNw514+wxKZK/3KyxWRwqrKMS6YrJAQAm3LSBQEXzPtz6 rXdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=30eqFVi/VZqmtwb/4cWi5Jj+KrNJYmXMAC62wW/uaYs=; fh=L4rfWCYvgJSPl2MlAyDx7JRNwJ2TCiSBvmAQuo2o+WM=; b=mhHSPoZFN6Z693QTiZcMRsPVXSMwx7l2iRP87nEi0zbuXIUFqPkUbslm+mzMCiFtuu 15o+tMa1C8gaUJyca926+pnABOG8jAcpZyGyO3rhS2YibO4eXhyMnqLah0DCM+/QBMsT V4FrlLuHH2iwP4zlON34zYfHmW1asSR//zfa94UjAKS1RpYJ4AY0gH7/fUpvjXtP97Fl pDkTDZ038kX4lfn0tIaJkywq6bF18l++kFOEdGVK7VTx08S7rbLvWkwhBK3hngWbGNnY EGFdTlorm1053YtAHeDIhaOIxctzSXxZxeiGP27Uv12p4M35QXv2Vhqq1mcxuzAiw6cD VgpQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id n2-20020a05620a294200b00767cae047dcsi1777967qkp.267.2023.08.04.12.19.50 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:19:50 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0Io-0000ZY-E1; Fri, 04 Aug 2023 15:17:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0Im-0000YL-V2; Fri, 04 Aug 2023 15:17:32 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0Il-0006y2-BX; Fri, 04 Aug 2023 15:17:32 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 1680C1845D; Fri, 4 Aug 2023 22:17:12 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id A10A71B8A0; Fri, 4 Aug 2023 22:16:51 +0300 (MSK) Received: (nullmailer pid 1875720 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Richard Henderson , =?utf-8?q?C=C3=A9dric_Le_Goater?= , =?utf-8?q?Philippe_Mathie?= =?utf-8?q?u-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-8.0.4 43/63] target/ppc: Disable goto_tb with architectural singlestep Date: Fri, 4 Aug 2023 22:16:26 +0300 Message-Id: <20230804191647.1875608-12-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Richard Henderson The change to use translator_use_goto_tb went too far, as the CF_SINGLE_STEP flag managed by the translator only handles gdb single stepping and not the architectural single stepping modeled in DisasContext.singlestep_enabled. Fixes: 6e9cc373ec5 ("target/ppc: Use translator_use_goto_tb") Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1795 Reviewed-by: Cédric Le Goater Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson (cherry picked from commit 2e718e665706d5fcc3e3501bda26f277f055ed85) Signed-off-by: Michael Tokarev diff --git a/target/ppc/translate.c b/target/ppc/translate.c index 49a6b91842..26222e9078 100644 --- a/target/ppc/translate.c +++ b/target/ppc/translate.c @@ -4132,6 +4132,9 @@ static void pmu_count_insns(DisasContext *ctx) static inline bool use_goto_tb(DisasContext *ctx, target_ulong dest) { + if (unlikely(ctx->singlestep_enabled)) { + return false; + } return translator_use_goto_tb(&ctx->base, dest); } From patchwork Fri Aug 4 19:16:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Michael Tokarev X-Patchwork-Id: 710233 Delivered-To: patch@linaro.org Received: by 2002:a05:6359:d30:b0:129:c516:61db with SMTP id gp48csp162563rwb; Fri, 4 Aug 2023 12:18:49 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGvg5Rlwtqi+TJU8Fh5fFhd95D0oukHURw5gwov381QSAT1B9T0WY+69hfJGu8tKrxiJVUH X-Received: by 2002:ad4:48ce:0:b0:636:2e7c:4955 with SMTP id v14-20020ad448ce000000b006362e7c4955mr2467242qvx.20.1691176729690; Fri, 04 Aug 2023 12:18:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691176729; cv=none; d=google.com; s=arc-20160816; b=N9xfpjcWC/FXtqVR9ct2kx8cF9epEz4GpVpluxUZl2L0DFcv4g8xkesn3M0m2j7aDp NpbOq+iLmqytoPDTXmEc3L9Zfc55935hTDpVXDyfpMeXBus+aVNnctgJ5BH7T9duVxHJ jmu6sm1dAgd/lqPx/jAu2YZVE+ROd5N8V0AqbY6HdobZ2WA3ZGME90b10wjJtR/0uEoZ kp5k7FrDqbE5mlWurpC65UdQ/cus4OO+nb5agK0+ugQhEdtaa/j4kRkSRo5Z/nhLjDon 8SqZuQvui1WjD6uYu3bPMreFusdQBaq3VXX+iwwjU7w8Wec0egmunb7Jjhu64o3RDOCd Ebjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from; bh=EwdDPllNFajw64wk8OrbWVHiQAlOJrdv64fonJRMxX0=; fh=N0pzpkMrBzgxwu1Zqyrxxf8KeOW94Gy2VyKYyB2OHBY=; b=ymBWakRXA/+c5Rsq8XFyaVBnwXv6pFA1dgXnCvdyojzDWGfYoG67bIqDVcHMZLtDH9 JoFywMv+diN9X+a8ZMrDvqdWELqS9xtFQsVd2weqqIbr+Ezs/TSMeyyIi2lmV4TTmEV9 8x2DgVHeclD64dC/aDHXEYLRjk/TPjjC0kBokxlliW1NnZ6SLXEtvrMG975DMc0i7j5J JaOQhFvM27Q4Wj4Jfg8ryfNv/qlEnhWkhJjcjd6ued1OXYyXYtyh/aAO9FAZWitYzwX3 gVf3QMxwGpxS+Z1aG0dJmB+lGX2nJvWbSEBN5i56u9iJ4QraImqEsX8NXfV2I/xks/q8 wPmg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id w5-20020a0c8e45000000b0063d3cf3419esi1689872qvb.551.2023.08.04.12.18.49 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 04 Aug 2023 12:18:49 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org" Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qS0Jd-0001cw-Fk; Fri, 04 Aug 2023 15:18:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0JM-0001JZ-Vc; Fri, 04 Aug 2023 15:18:10 -0400 Received: from isrv.corpit.ru ([86.62.121.231]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qS0JJ-00076P-Lz; Fri, 04 Aug 2023 15:18:07 -0400 Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2]) by isrv.corpit.ru (Postfix) with ESMTP id 1049118465; Fri, 4 Aug 2023 22:17:14 +0300 (MSK) Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130]) by tsrv.corpit.ru (Postfix) with SMTP id 93B711B8A8; Fri, 4 Aug 2023 22:16:53 +0300 (MSK) Received: (nullmailer pid 1875744 invoked by uid 1000); Fri, 04 Aug 2023 19:16:49 -0000 From: Michael Tokarev To: qemu-devel@nongnu.org Cc: qemu-stable@nongnu.org, Peter Maydell , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Michael Tokarev Subject: [Stable-8.0.4 51/63] target/m68k: Fix semihost lseek offset computation Date: Fri, 4 Aug 2023 22:16:34 +0300 Message-Id: <20230804191647.1875608-20-mjt@tls.msk.ru> X-Mailer: git-send-email 2.39.2 In-Reply-To: References: MIME-Version: 1.0 Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru; helo=isrv.corpit.ru X-Spam_score_int: -68 X-Spam_score: -6.9 X-Spam_bar: ------ X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org From: Peter Maydell The arguments for deposit64 are (value, start, length, fieldval); this appears to have thought they were (value, fieldval, start, length). Reorder the parameters to match the actual function. Cc: qemu-stable@nongnu.org Fixes: 950272506d ("target/m68k: Use semihosting/syscalls.h") Reported-by: Philippe Mathieu-Daudé Signed-off-by: Peter Maydell Reviewed-by: Philippe Mathieu-Daudé Message-Id: <20230801154519.3505531-1-peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé (cherry picked from commit 8caaae7319a5f7ca449900c0e6bfcaed78fa3ae2) Signed-off-by: Michael Tokarev diff --git a/target/m68k/m68k-semi.c b/target/m68k/m68k-semi.c index 88ad9ba814..239f6e44e9 100644 --- a/target/m68k/m68k-semi.c +++ b/target/m68k/m68k-semi.c @@ -166,7 +166,7 @@ void do_m68k_semihosting(CPUM68KState *env, int nr) GET_ARG64(2); GET_ARG64(3); semihost_sys_lseek(cs, m68k_semi_u64_cb, arg0, - deposit64(arg2, arg1, 32, 32), arg3); + deposit64(arg2, 32, 32, arg1), arg3); break; case HOSTED_RENAME: