From patchwork Tue Nov 19 06:04:00 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844261
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1004508wrx; 
 Mon, 18 Nov 2024 22:05:32 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCXGdswq0mVO2/IpSLaQ8bz7ST/ntUDQLRvtJEekeQuoMdLuhNW/i/ZigvgktRNOqufjoU2dPw==@linaro.org
X-Google-Smtp-Source: AGHT+IHapQN5Hhh2uaRGuAL7Gj6AyLbUMqjJihslW4mNikqZ+OeAOwc0QIG6/WU2WdJi57h/akuF
X-Received: by 2002:a05:622a:1aa4:b0:45d:7ebd:76e0 with SMTP id
 d75a77b69052e-46363e9ffb0mr222234771cf.44.1731996331758;
 Mon, 18 Nov 2024 22:05:31 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996331; cv=none;
 d=google.com; s=arc-20240605;
 b=fBItAg5BPwO8pfzcslwnjBeax5vJRP77vyTjtiJNw8RuGWraKonoZJVvotTEPRVKnA
 BsZc4FMi81RRR8il3gW9Uq95hTZsN4kj3vj5nRxm7ZijS+j6Djv8cE3yH9cASKcuU0ob
 NKRkuIExknBKArJI6Km4yvauW5+X4xQW4Z/avycef9SZKyqeNVOBcMCMU5OnmIvGDunR
 6DeogAC8pj0D98dK78yQ+IJQjDe452Y+a5umM8s8KZe7o/1DekIlZTgsr+cxzqnCofMs
 WUHQ2ao/rc4j682upIkaf1+1B+Psl3EoSrDyJvZxUeVXUk33mdGym+f8hsOEDzdJH22b
 rM5A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=62JqUg92M3alw/Usv8GuoT3aBRifxrz6aoofIKY02Dw=;
 fh=tMa47au2sw5piyxOJuQsGBLvYh0d/gfD9bj/VCraw+I=;
 b=CbpKI0KllscW1SEVCnpPoA7pQSDxuPRWNTf/eYhgnRdKb8QqeGK4wYo7T6x/vAllCE
 L9VD90kaR+qcGnelK/Nz7itXiUtMRVIFGL9O8zzFVZ79AUpJLZGLf7SFh0ZIrqrjkzPQ
 nUGMTSyjZbMe8Unpuipc9FXDuEX1NnvAzQdL94/HMr3KSIqNu/TaIB3PwuaWKTMIb2nl
 F5VRHfCNfx6YU9pYdci8//F5xaBEt/55m2d0mduxsGjv6Px08qQTT3zqbh+42rvI58ZS
 k76j6kC7WQ4r4Z5KUMV9Heq9Ihw6qiEKFJ4zXHABAyytLc5AlOjNdqWQvOM09Ue770Uq
 kZOg==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 d75a77b69052e-46392c1d386si14276121cf.225.2024.11.18.22.05.31
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:05:31 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHLp-0000sD-VA; Tue, 19 Nov 2024 01:04:38 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLn-0000jq-3Z; Tue, 19 Nov 2024 01:04:35 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLk-0004cR-Rq; Tue, 19 Nov 2024 01:04:34 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id A4FADA6261;
 Tue, 19 Nov 2024 09:04:14 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id CBBBB1738D7;
 Tue, 19 Nov 2024 09:04:18 +0300 (MSK)
Received: (nullmailer pid 2368929 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Peter Maydell <peter.maydell@linaro.org>,
 Paolo Bonzini <pbonzini@redhat.com>, Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 59/72] hw/i386/pc: Don't try to init PCI NICs if there
 is no PCI bus
Date: Tue, 19 Nov 2024 09:04:00 +0300
Message-Id: <20241119060418.2368866-2-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Peter Maydell <peter.maydell@linaro.org>

The 'isapc' machine type has no PCI bus, but pc_nic_init() still
calls pci_init_nic_devices() passing it a NULL bus pointer.  This
causes the clang sanitizer to complain:

$ ./build/clang/qemu-system-i386 -M isapc
../../hw/pci/pci.c:1866:39: runtime error: member access within null pointer of type 'PCIBus' (aka 'struct PCIBus')
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../hw/pci/pci.c:1866:39 in

This is because pci_init_nic_devices() does
 &bus->qbus
which is undefined behaviour on a NULL pointer even though we're not
actually dereferencing the pointer. (We don't actually crash as
a result, so if you aren't running a sanitizer build then there
are no user-visible effects.)

Make pc_nic_init() avoid trying to initialize PCI NICs on a non-PCI
system.

Cc: qemu-stable@nongnu.org
Fixes: 8d39f9ba14d64 ("hw/i386/pc: use qemu_get_nic_info() and pci_init_nic_devices()")
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Link: https://lore.kernel.org/r/20241105171813.3031969-1-peter.maydell@linaro.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit bd0e501e1a4813fa36a4cf9842aaf430323a03c3)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/hw/i386/pc.c b/hw/i386/pc.c
index 7779c88a91..a527c0df0a 100644
--- a/hw/i386/pc.c
+++ b/hw/i386/pc.c
@@ -1245,7 +1245,9 @@ void pc_nic_init(PCMachineClass *pcmc, ISABus *isa_bus, PCIBus *pci_bus)
     }
 
     /* Anything remaining should be a PCI NIC */
-    pci_init_nic_devices(pci_bus, mc->default_nic);
+    if (pci_bus) {
+        pci_init_nic_devices(pci_bus, mc->default_nic);
+    }
 
     rom_reset_order_override();
 }

From patchwork Tue Nov 19 06:04:02 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844260
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1004401wrx; 
 Mon, 18 Nov 2024 22:05:10 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCXmNPdPmpeQsRx1c3P6Y7dyKc3B8edpO24vVWC9WZHKbWLJvv5KV/f3bwHototflTD8/mHAug==@linaro.org
X-Google-Smtp-Source: AGHT+IEynqevGFLziTHbpprGurPENKsHNi4W3C6qOlU9d1vAVNHRqdAFaXZw++5xGo4pQ2YNzVmz
X-Received: by 2002:a05:620a:4588:b0:7b1:3b5e:4b50 with SMTP id
 af79cd13be357-7b3622d2c70mr2053501885a.19.1731996310362;
 Mon, 18 Nov 2024 22:05:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996310; cv=none;
 d=google.com; s=arc-20240605;
 b=C+l8NcHa5KmONXcY8++XMf0EG4m30Lsj9b+jj/0dKMSN8sA2tfhJDKQh4FmDXrgpd9
 ZqGfWeAt4Zd55v8k/6TrP7L7y9pCqa126eWbbuSZCtfdOmVg/ERzK45qSBy9/99gBCya
 foWnLQhLk7VAYLsukGmMR7N7L51dLCttDozXHhhc5czlqa2oKq9wye7saLiVG9PR0Jpr
 Pd9iLms+nsIpE0oDqG7G9szYUhJmied5Jndv0CCtXxgtILRkRn1nhbkDDQpBC74adurE
 igRhs2/rm/GcM345b+JcY/jBQfiAJlLUxY1x/qpH2Fj9y9WePBjfbzy4oEuIcdgDhpJZ
 KuwQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=NJ7unYVTxa1mPZQu/LJA552haMPNwrsSV58hCuuFlno=;
 fh=NoJ7n5JVE2hviRF6uNBFRIJvWH7igafuy1AIwg26ToM=;
 b=IAmj3M9Pok6QtjyFTtM+X/QxZs47shgA/PzmsaG4twzj/z8EfjVGbvFjhYCcws7QZW
 tAi6521pzIOr2aVDgvZFOBaX2c1cO2tOXSNtFqPfdWetZwTZIpm66Zf9mkAAopTj4tiO
 q/tkc/KUX6sbjRBlyJ1gZtBUg53fiKoYt+FTRjxwdpThx6QnzeoR7sWvVRjF8dy7JmTU
 co5HhWaR+ZkgmGBwKPqJ8nuKgQfEiZfP9rUZLW/qQ3eB4Kn356RIJ4yfcoP9YMyesoIA
 VVGNRmFHhY1GEJzM8QpRfCFEAjG7JCykfGy4O6JLyAzXP2hL19vDUp11oZ2vQGGgxjvm
 NFjw==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 af79cd13be357-7b37a83be92si148944085a.104.2024.11.18.22.05.10
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:05:10 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHLw-00015r-Dr; Tue, 19 Nov 2024 01:04:44 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLq-0000xN-SY; Tue, 19 Nov 2024 01:04:38 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLo-0004dU-Hm; Tue, 19 Nov 2024 01:04:38 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id C2A0EA6263;
 Tue, 19 Nov 2024 09:04:14 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id EAC2E1738D9;
 Tue, 19 Nov 2024 09:04:18 +0300 (MSK)
Received: (nullmailer pid 2368935 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Richard Henderson <richard.henderson@linaro.org>, 
 Peter Maydell <peter.maydell@linaro.org>, Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 61/72] target/arm: Drop user-only special case in
 sve_stN_r
Date: Tue, 19 Nov 2024 09:04:02 +0300
Message-Id: <20241119060418.2368866-4-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Richard Henderson <richard.henderson@linaro.org>

This path is reachable with plugins enabled, and provoked
with run-plugin-catch-syscalls-with-libinline.so.

Cc: qemu-stable@nongnu.org
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241112141232.321354-1-richard.henderson@linaro.org>
(cherry picked from commit f27550804688da43c6e0d87b2f9e143adbf76271)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/target/arm/tcg/sve_helper.c b/target/arm/tcg/sve_helper.c
index f1ee0e060f..904296705c 100644
--- a/target/arm/tcg/sve_helper.c
+++ b/target/arm/tcg/sve_helper.c
@@ -6317,9 +6317,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr,
 
     flags = info.page[0].flags | info.page[1].flags;
     if (unlikely(flags != 0)) {
-#ifdef CONFIG_USER_ONLY
-        g_assert_not_reached();
-#else
         /*
          * At least one page includes MMIO.
          * Any bus operation can fail with cpu_transaction_failed,
@@ -6350,7 +6347,6 @@ void sve_stN_r(CPUARMState *env, uint64_t *vg, target_ulong addr,
             } while (reg_off & 63);
         } while (reg_off <= reg_last);
         return;
-#endif
     }
 
     mem_off = info.mem_off_first[0];

From patchwork Tue Nov 19 06:04:03 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844266
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1005323wrx; 
 Mon, 18 Nov 2024 22:08:00 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCXCJcjefaI5VnEw2UnemS2d9Xd4YQi6SnAJIhCUwFdSwL7zfbIJNpoYhTv39ZOOe1Ha6v2Z5Q==@linaro.org
X-Google-Smtp-Source: AGHT+IEMPI7+69MHWYfpSJlH/eXrwUICubk7rVokXHRqL92A6OrQdZbti5YcmqixgsTFLkMdCsc6
X-Received: by 2002:a05:6214:cc8:b0:6d4:edc:12fc with SMTP id
 6a1803df08f44-6d40edc162cmr176292496d6.46.1731996480673;
 Mon, 18 Nov 2024 22:08:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996480; cv=none;
 d=google.com; s=arc-20240605;
 b=GZFVsMvjj75bMpR1iYdGOw39wJ1xcIm32TB5zTOssWYe/t1QMvRVJn9U7wdN8ulrZV
 sHXmenE8feGrZdXEjiQKj9KkyBC3YYyQZlyvIzJ6JkXhUsVQZFq3CFXiIXVHouFWZFF0
 gosMsCOPGC7Ym/JrKtlsvmtYUDMvzscdSsG6oaJ3XhqV6dNl0sE8a8lKjuy8/XyGaXFH
 ycysed3GQczysTJAvz98uuqB4RxtR1OHLxkb3CSm9EYmVRwMjNWX2OpyiQlixzDWz+KM
 NTuKH1hxyxRZkLxicTfkcIBz9DSyYnI+2Y4Rw8vKD+WxtG++tEeovdu3HZjk7+X0EuA/
 DDhA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=wMjABy+hk5DF/13bOYxyKWUoJVSk12Uk0Kv7PsGKnR8=;
 fh=fA8wXgZkOijV3QzeJqIqYxlGqKQb9nNVVJRQwjQ6hao=;
 b=geQWD6l9+C1OhiwstGjXoUS/UBDoertzQDpC2A0Vrwe6013Oh82ECrA+whtywaf1xm
 0byyts4h+qLkv9TwGza4PaZ6jdc4gKyXSb2fl4IUq/lCzbbYuqOxE09bwMupA0P+9f1F
 YanKcdTeMuH402sOJBaAqsAcVZybsOiKARL9Y3yic2RJTz3VvMfnmjgKYnwmOvR/zfUy
 r6fqcsD+9BxZe4tf0zIarHS90cs331UZvBUpwt1e3XqACD2YGvyCCRmSzmWUJCEGOgmJ
 40QDTBlym9PfUwWi3oAm9r9nPbxxydraau7TdzMF+tQHKWEM8a0lKpHhJ32MbprjsQOm
 Ef2w==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 6a1803df08f44-6d40dc93733si84092776d6.345.2024.11.18.22.08.00
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:08:00 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHLx-000162-DS; Tue, 19 Nov 2024 01:04:45 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLt-00012Z-DD; Tue, 19 Nov 2024 01:04:41 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLr-0004eJ-5m; Tue, 19 Nov 2024 01:04:41 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id D04A4A6264;
 Tue, 19 Nov 2024 09:04:14 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id 042E91738DA;
 Tue, 19 Nov 2024 09:04:19 +0300 (MSK)
Received: (nullmailer pid 2368938 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Richard Henderson <richard.henderson@linaro.org>, 
 =?utf-8?q?Alex_Benn=C3=A9e?= <alex.bennee@linaro.org>,
 Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 62/72] accel/tcg: Fix user-only probe_access_internal
 plugin check
Date: Tue, 19 Nov 2024 09:04:03 +0300
Message-Id: <20241119060418.2368866-5-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Richard Henderson <richard.henderson@linaro.org>

The acc_flag check for write should have been against PAGE_WRITE_ORG,
not PAGE_WRITE.  But it is better to combine two acc_flag checks
to a single check against access_type.  This matches the system code
in cputlb.c.

Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2647
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: 20241111145002.144995-1-richard.henderson@linaro.org
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
(cherry picked from commit 2a339fee450638b512c5122281cb5ab49331cfb8)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 7ddc47b0ba..4c269daf7d 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -805,7 +805,7 @@ static int probe_access_internal(CPUArchState *env, vaddr addr,
     if (guest_addr_valid_untagged(addr)) {
         int page_flags = page_get_flags(addr);
         if (page_flags & acc_flag) {
-            if ((acc_flag == PAGE_READ || acc_flag == PAGE_WRITE)
+            if (access_type != MMU_INST_FETCH
                 && cpu_plugin_mem_cbs_enabled(env_cpu(env))) {
                 return TLB_MMIO;
             }

From patchwork Tue Nov 19 06:04:05 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844264
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1005119wrx; 
 Mon, 18 Nov 2024 22:07:23 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCXk/p7faijGSGubIX1zU8cbT+E+1zqlf6FnJwExe3TPlqG6MXWpD4BMj8EVnZXHzCwnNVdWaw==@linaro.org
X-Google-Smtp-Source: AGHT+IH27oQ7MrUOXEpY6w+YE7ykJ2tkOeokI/N3WlXOKyCBND315qJc2bXC0zaaqfmJuySWWLuY
X-Received: by 2002:a05:690c:e18:b0:6ea:8c14:7bfc with SMTP id
 00721157ae682-6ee55cbbedamr127014617b3.34.1731996443185;
 Mon, 18 Nov 2024 22:07:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996443; cv=none;
 d=google.com; s=arc-20240605;
 b=NPtdLj8EN5PDcQrrhG7kpYqems8n3wB6yeSjIcI1UPieCdDEU/ehRg+//gebyGVbRL
 Bm3HGhxvKKEDwhptVwZJ/5FcwUqQe+kGyeZ9uev1iOp/OwTQ0WW0R04SO2/nJd8VClrH
 nEyAXKmnzyuNWKZP6t7aaaGjV6re4gHoIsPH/lApdzQU1lNt2ejWbBJHOcfxTb4YXh1g
 0ZbrtC6Xz5wfNcVs1+HnurfyFqxF6yokE7RBL5L9ZzPU6c3UWunC/KE8XzeUNdapt1Iz
 Ru7oS4grjqteX1A5BaNz8SVrHoSnHkbKGcOtHRYpx46UqL9YuvOrwoanNn8D11ZkSFxV
 S/Ig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=UAF4xrnSiDr+6+n8Ih/c+HXHjjKo4DYLm/IpHVBiYaE=;
 fh=K4abbxCgZAPvqzOXA+PZ7RIZh+KufMVJze7rXLOwES0=;
 b=dMkpXMvEeHJeydk1jX29WlIekeur3PG72DeTA6onVhLaYWWl1EZRS86JD5FmTIDVWW
 868v9xVv1XmV4DHpqI+xby+Ss5XZNVxBpkA+we6R5ZiIDSX2G+sLduH+O100ZStPG6kO
 xoQJ4Idd6jNU6PC9I2/TbUPQWt/KfrLuoyhhzuCJhoEGLDWEkIhBTKoruNDAXINKy9Zl
 oaSUwwC0/MT5CsIMGuM8SIjkthuxJ1Xm4RIk+FizC2vrVIoGuQ8YjVs4ccz0XRKF3dmP
 ovEIkKwsq8gTdsjfqO80TqDZQbbzFTfE2GHg3qiRieH2KD2YCp101LKa84tft5PhlcUO
 KIZQ==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 6a1803df08f44-6d40db97a66si81770196d6.117.2024.11.18.22.07.23
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:07:23 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHM2-0001AK-Cn; Tue, 19 Nov 2024 01:04:50 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLw-00015s-9y; Tue, 19 Nov 2024 01:04:44 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLu-0004f3-ON; Tue, 19 Nov 2024 01:04:44 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id EB92FA6267;
 Tue, 19 Nov 2024 09:04:14 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id 1FA221738DC;
 Tue, 19 Nov 2024 09:04:19 +0300 (MSK)
Received: (nullmailer pid 2368944 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Richard Henderson <richard.henderson@linaro.org>, 
 =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 64/72] linux-user/arm: Reduce vdso alignment to 4k
Date: Tue, 19 Nov 2024 09:04:05 +0300
Message-Id: <20241119060418.2368866-7-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Richard Henderson <richard.henderson@linaro.org>

Reduce vdso alignment to minimum page size.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit f7150b2151398c9274686d06c2c1e24618aa4cd6)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/linux-user/arm/vdso-be.so b/linux-user/arm/vdso-be.so
index 69cafbb956..bed02804a4 100755
Binary files a/linux-user/arm/vdso-be.so and b/linux-user/arm/vdso-be.so differ
diff --git a/linux-user/arm/vdso-le.so b/linux-user/arm/vdso-le.so
index ad05a12518..38d3d51047 100755
Binary files a/linux-user/arm/vdso-le.so and b/linux-user/arm/vdso-le.so differ

diff --git a/linux-user/arm/Makefile.vdso b/linux-user/arm/Makefile.vdso
index 2d098a5748..8a24b0e534 100644
--- a/linux-user/arm/Makefile.vdso
+++ b/linux-user/arm/Makefile.vdso
@@ -6,7 +6,7 @@ VPATH += $(SUBDIR)
 all: $(SUBDIR)/vdso-be.so $(SUBDIR)/vdso-le.so
 
 # Adding -use-blx disables unneeded interworking without actually using blx.
-LDFLAGS = -nostdlib -shared -Wl,-use-blx \
+LDFLAGS = -nostdlib -shared -Wl,-use-blx -Wl,-z,max-page-size=4096 \
 	  -Wl,-h,linux-vdso.so.1 -Wl,--build-id=sha1 \
 	  -Wl,--hash-style=both -Wl,-T,$(SUBDIR)/vdso.ld
 

From patchwork Tue Nov 19 06:04:06 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844263
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1004708wrx; 
 Mon, 18 Nov 2024 22:06:05 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCWk/7CekZkuV/rklcaKAZb0dozWvbkLTi8kK+EnvV+4eyBijPy3ZAYI+LuEOEvADXb3rvEoFg==@linaro.org
X-Google-Smtp-Source: AGHT+IEPaXS+g+pc6Y6BWioRMziXI4SzRZ8vGprDQW8aBon/eOn2xFGABsCIe7lSnO8mNQSEK8Tz
X-Received: by 2002:a05:6214:212a:b0:6d4:19a0:208 with SMTP id
 6a1803df08f44-6d419a005e4mr117534506d6.29.1731996364802;
 Mon, 18 Nov 2024 22:06:04 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996364; cv=none;
 d=google.com; s=arc-20240605;
 b=JnNnEbaiV22ZvhBqR6VsUBkvvjl9XiQcj1fKEpuJfecQtsXDc86/BGkkuE9kpMCYXr
 Yrhn1cVk7dBiF67DGV8M7hhYxBNXzj/nTvz2lUgnstqbpl4jUeS1X6cQ7TcDgSyqWXc2
 cyLFrz0AVGu+q7yLDpgG6c0TDXiOA8wFhapvHW+AHMqorAS6djiADclja8uEB43G4nfb
 fZzEBcUUQoHQtLTsPakck0XW2GWDwY6oGvvsLz+8DICf6WDJuuSQQcY23+/hoDU/KYNs
 2i54t6yci8OCcZZaa3ARvpsTbqG517mGPCqdvo8MQtkTXCdo5iJINurIST+RfnP9h+gS
 +jxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=a/Wa578I0YraGqLzvRxV34yqmGHJ0o2SvtSJaMlwQ/s=;
 fh=K4abbxCgZAPvqzOXA+PZ7RIZh+KufMVJze7rXLOwES0=;
 b=kFU+5zT3rrtC7jK8mIEYqFElIC1oxAGVpskT084XmDVbE8lxD1Msivf/SaJ3DgvHdn
 DiRhiqU3ftgfKPVsAKNQbX5C+UAMJs9i1zzBdeCpe3fv9yYAB0SmzTy+4/9kG9Rec0zL
 WdwmI6Z+lWO6jV43UCnVhX15L2xB4EQ7UfF80KXtwJ1MfbNVn6pPKz5KLNpnvukPFZnw
 8C/cCRnPjOPsYauBXC3wKeF+C0iAPN1Vg8uJDeeZPmZKiAbaKy/iMbP3DN06HwoBG35V
 CkBcIQIN7aaClD5SRaL4zuBqPJ3PP68Mm8V6WqvYOl12sI5FJ0cEgUJooHOxxd/vpDAk
 3sag==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 6a1803df08f44-6d40db72107si80484206d6.84.2024.11.18.22.06.04
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:06:04 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHM1-00019J-8u; Tue, 19 Nov 2024 01:04:49 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLx-00016i-Ke; Tue, 19 Nov 2024 01:04:45 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLv-0004fO-HR; Tue, 19 Nov 2024 01:04:45 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id 063B5A6268;
 Tue, 19 Nov 2024 09:04:15 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id 2D4391738DD;
 Tue, 19 Nov 2024 09:04:19 +0300 (MSK)
Received: (nullmailer pid 2368948 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Richard Henderson <richard.henderson@linaro.org>, 
 =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= <philmd@linaro.org>,
 Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 65/72] linux-user/arm: Select vdso for be8 and be32
 modes
Date: Tue, 19 Nov 2024 09:04:06 +0300
Message-Id: <20241119060418.2368866-8-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Richard Henderson <richard.henderson@linaro.org>

In be8 mode, instructions are little-endian.
In be32 mode, instructions are big-endian.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2333
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 95c9e2209cc09453cfd49e91321df254ccbf466f)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/linux-user/arm/Makefile.vdso b/linux-user/arm/Makefile.vdso
index 8a24b0e534..ede489e236 100644
--- a/linux-user/arm/Makefile.vdso
+++ b/linux-user/arm/Makefile.vdso
@@ -3,15 +3,18 @@ include $(BUILD_DIR)/tests/tcg/arm-linux-user/config-target.mak
 SUBDIR = $(SRC_PATH)/linux-user/arm
 VPATH += $(SUBDIR)
 
-all: $(SUBDIR)/vdso-be.so $(SUBDIR)/vdso-le.so
+all: $(SUBDIR)/vdso-be8.so $(SUBDIR)/vdso-be32.so $(SUBDIR)/vdso-le.so
 
 # Adding -use-blx disables unneeded interworking without actually using blx.
 LDFLAGS = -nostdlib -shared -Wl,-use-blx -Wl,-z,max-page-size=4096 \
 	  -Wl,-h,linux-vdso.so.1 -Wl,--build-id=sha1 \
 	  -Wl,--hash-style=both -Wl,-T,$(SUBDIR)/vdso.ld
 
-$(SUBDIR)/vdso-be.so: vdso.S vdso.ld vdso-asmoffset.h
-	$(CC) -o $@ $(LDFLAGS) -mbig-endian $<
+$(SUBDIR)/vdso-be8.so: vdso.S vdso.ld vdso-asmoffset.h
+	$(CC) -o $@ $(LDFLAGS) -mbig-endian -mbe8 $<
+
+$(SUBDIR)/vdso-be32.so: vdso.S vdso.ld vdso-asmoffset.h
+	$(CC) -o $@ $(LDFLAGS) -mbig-endian -mbe32 $<
 
 $(SUBDIR)/vdso-le.so: vdso.S vdso.ld vdso-asmoffset.h
 	$(CC) -o $@ $(LDFLAGS) -mlittle-endian $<
diff --git a/linux-user/arm/meson.build b/linux-user/arm/meson.build
index c4bb9af5b8..348ffb810d 100644
--- a/linux-user/arm/meson.build
+++ b/linux-user/arm/meson.build
@@ -10,10 +10,17 @@ syscall_nr_generators += {
 # is always true as far as source_set.apply() is concerned.  Always build
 # both header files and include the right one via #if.
 
-vdso_be_inc = gen_vdso.process('vdso-be.so',
-                               extra_args: ['-s', 'sigreturn_codes'])
+vdso_be8_inc = gen_vdso.process('vdso-be8.so',
+                               extra_args: ['-s', 'sigreturn_codes',
+                                            '-p', 'vdso_be8'])
+
+vdso_be32_inc = gen_vdso.process('vdso-be32.so',
+                               extra_args: ['-s', 'sigreturn_codes',
+                                            '-p', 'vdso_be32'])
 
 vdso_le_inc = gen_vdso.process('vdso-le.so',
                                extra_args: ['-s', 'sigreturn_codes'])
 
-linux_user_ss.add(when: 'TARGET_ARM', if_true: [vdso_be_inc, vdso_le_inc])
+linux_user_ss.add(when: 'TARGET_ARM', if_true: [
+    vdso_be8_inc, vdso_be32_inc, vdso_le_inc
+])
diff --git a/linux-user/arm/vdso-be32.so b/linux-user/arm/vdso-be32.so
new file mode 100755
index 0000000000..b896d3d545
Binary files /dev/null and b/linux-user/arm/vdso-be32.so differ
diff --git a/linux-user/arm/vdso-be.so b/linux-user/arm/vdso-be8.so
similarity index 95%
rename from linux-user/arm/vdso-be.so
rename to linux-user/arm/vdso-be8.so
index bed02804a4..784b7bdb2a 100755
Binary files a/linux-user/arm/vdso-be.so and b/linux-user/arm/vdso-be8.so differ
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index 3b8db721e2..1deaf904e9 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -659,6 +659,23 @@ static const char *get_elf_platform(void)
 #undef END
 }
 
+#if TARGET_BIG_ENDIAN
+#include "elf.h"
+#include "vdso-be8.c.inc"
+#include "vdso-be32.c.inc"
+
+static const VdsoImageInfo *vdso_image_info(uint32_t elf_flags)
+{
+    return (EF_ARM_EABI_VERSION(elf_flags) >= EF_ARM_EABI_VER4
+            && (elf_flags & EF_ARM_BE8)
+            ? &vdso_be8_image_info
+            : &vdso_be32_image_info);
+}
+#define vdso_image_info vdso_image_info
+#else
+# define VDSO_HEADER  "vdso-le.c.inc"
+#endif
+
 #else
 /* 64 bit ARM definitions */
 
@@ -958,14 +975,14 @@ const char *elf_hwcap2_str(uint32_t bit)
 
 #undef GET_FEATURE_ID
 
-#endif /* not TARGET_AARCH64 */
-
 #if TARGET_BIG_ENDIAN
 # define VDSO_HEADER  "vdso-be.c.inc"
 #else
 # define VDSO_HEADER  "vdso-le.c.inc"
 #endif
 
+#endif /* not TARGET_AARCH64 */
+
 #endif /* TARGET_ARM */
 
 #ifdef TARGET_SPARC
@@ -3519,12 +3536,14 @@ static void load_elf_interp(const char *filename, struct image_info *info,
     load_elf_image(filename, &src, info, &ehdr, NULL);
 }
 
+#ifndef vdso_image_info
 #ifdef VDSO_HEADER
 #include VDSO_HEADER
-#define  vdso_image_info()  &vdso_image_info
+#define  vdso_image_info(flags)  &vdso_image_info
 #else
-#define  vdso_image_info()  NULL
-#endif
+#define  vdso_image_info(flags)  NULL
+#endif /* VDSO_HEADER */
+#endif /* vdso_image_info */
 
 static void load_elf_vdso(struct image_info *info, const VdsoImageInfo *vdso)
 {
@@ -3855,7 +3874,7 @@ int load_elf_binary(struct linux_binprm *bprm, struct image_info *info)
      * Load a vdso if available, which will amongst other things contain the
      * signal trampolines.  Otherwise, allocate a separate page for them.
      */
-    const VdsoImageInfo *vdso = vdso_image_info();
+    const VdsoImageInfo *vdso = vdso_image_info(info->elf_flags);
     if (vdso) {
         load_elf_vdso(&vdso_info, vdso);
         info->vdso = vdso_info.load_bias;

From patchwork Tue Nov 19 06:04:07 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844262
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1004620wrx; 
 Mon, 18 Nov 2024 22:05:46 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCWvD0/3Z/KHelE7E0XznYH2PRTVKufhmktRkaSuYUmDG8GmG3Rnc1DDORMUot1+dVIy65bRrg==@linaro.org
X-Google-Smtp-Source: AGHT+IGjGQ+m21tz7KMW/0VTsHYHEUmUrpQ/ihcVFFHlkTd6FrJSBJj583zQ9O4OnphSW+Hbu5VN
X-Received: by 2002:a05:622a:1f8b:b0:463:59fc:db8a with SMTP id
 d75a77b69052e-46363eb5e1cmr236791711cf.53.1731996346401;
 Mon, 18 Nov 2024 22:05:46 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996346; cv=none;
 d=google.com; s=arc-20240605;
 b=Y/5To/S75U0oolkLXMhoJ/SvZqvLN1REbMuzSl/keot4xrYE/dM/0Q7748mBQn/dwR
 CHLabAhgslu61O72UuGfNY5OgZiGIZJLRhoB5yFeL37UYhmvifU2ijtvJ/jkgt1gg3FZ
 wpdnCuDr1umIVSHIxXaSpSDy7We6RhChRvO0eCPRk5nmCv3GtdeqMxmO+MypfnUyukw2
 aqc2HGNDtVFviTAkcH7z3UybDznzwAHCJWbvU+BlEWZJ3M4WA1+PG5Y86dAwz+2MiwrB
 wT8He03JGZQEsCJN5wWgFJAAFToYhlnBZmvfNiKxf0oicA51Z5CegIGMOLk1MdIkxyuE
 Srew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=ryfPCxQDpaxjS2fHlNrwjXtZsuVX3ytr+Z4Yp1zzVmw=;
 fh=xJ1URYKcMN3TM0/XAv5v+aCN+5tIbzAdcfBx5UNgoLw=;
 b=DhEo1+OtNOrCe+6A9wEDL1JVhKXmhoOioVhk/cMbwESRe2fdGEOLO0R4NlFF03hiPR
 sMwHKiGCtGnLE5TUBJo0vB5J9yrt30DQ2PNQDgc/J5aa2kfgZu+Hk/0Sp5QYkUC/6qzv
 oeG32qjwlypPZlM4TOlrlW9niBn+EWgMI5+7s0HEHIC3Iyzrn2Yulp9HuI34r1samJmQ
 9NFJCwXC3xGy9i9gx9Tx1yoSj6pOFChUumE3jPwZ58KxMCVt0X1ec+vCdSFHISJe0hLN
 NBozuO3ICHbWjDuxXAWTokuOtZ9Gv4vLbAh5WEei5/tyvX0Q8vY25aWm7y/Q08blVhfL
 KLBQ==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 d75a77b69052e-46392c617f2si14623631cf.575.2024.11.18.22.05.46
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:05:46 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHM1-00019P-Al; Tue, 19 Nov 2024 01:04:49 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLz-00017s-C1; Tue, 19 Nov 2024 01:04:47 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLx-0004fu-JZ; Tue, 19 Nov 2024 01:04:47 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id 1426AA6269;
 Tue, 19 Nov 2024 09:04:15 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id 3C3641738DE;
 Tue, 19 Nov 2024 09:04:19 +0300 (MSK)
Received: (nullmailer pid 2368951 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Peter Maydell <peter.maydell@linaro.org>,
 Richard Henderson <richard.henderson@linaro.org>,
 Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 66/72] tcg: Allow top bit of SIMD_DATA_BITS to be set
 in simd_desc()
Date: Tue, 19 Nov 2024 09:04:07 +0300
Message-Id: <20241119060418.2368866-9-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Peter Maydell <peter.maydell@linaro.org>

In simd_desc() we create a SIMD descriptor from various pieces
including an arbitrary data value from the caller.  We try to
sanitize these to make sure everything will fit: the 'data' value
needs to fit in the SIMD_DATA_BITS (== 22) sized field.  However we
do that sanitizing with:
   tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));

This works for the case where the data is supposed to be considered
as a signed integer (which can then be returned via simd_data()).
However, some callers want to treat the data value as unsigned.

Specifically, for the Arm SVE operations, make_svemte_desc()
assembles a data value as a collection of fields, and it needs to use
all 22 bits.  Currently if MTE is enabled then its MTEDESC SIZEM1
field may have the most significant bit set, and then it will trip
this assertion.

Loosen the assertion so that we only check that the data value will
fit into the field in some way, either as a signed or as an unsigned
value.  This means we will fail to detect some kinds of bug in the
callers, but we won't spuriously assert for intentional use of the
data field as unsigned.

Cc: qemu-stable@nongnu.org
Fixes: db432672dc50e ("tcg: Add generic vector expanders")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2601
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20241115172515.1229393-1-peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 8377e3fb854d126ba10e61cb6b60885af8443ad4)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
index 78ee1ced80..97e4df221a 100644
--- a/tcg/tcg-op-gvec.c
+++ b/tcg/tcg-op-gvec.c
@@ -88,7 +88,20 @@ uint32_t simd_desc(uint32_t oprsz, uint32_t maxsz, int32_t data)
     uint32_t desc = 0;
 
     check_size_align(oprsz, maxsz, 0);
-    tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS));
+
+    /*
+     * We want to check that 'data' will fit into SIMD_DATA_BITS.
+     * However, some callers want to treat the data as a signed
+     * value (which they can later get back with simd_data())
+     * and some want to treat it as an unsigned value.
+     * So here we assert only that the data will fit into the
+     * field in at least one way. This means that some invalid
+     * values from the caller will not be detected, e.g. if the
+     * caller wants to handle the value as a signed integer but
+     * incorrectly passes us 1 << (SIMD_DATA_BITS - 1).
+     */
+    tcg_debug_assert(data == sextract32(data, 0, SIMD_DATA_BITS) ||
+                     data == extract32(data, 0, SIMD_DATA_BITS));
 
     oprsz = (oprsz / 8) - 1;
     maxsz = (maxsz / 8) - 1;

From patchwork Tue Nov 19 06:04:08 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Tokarev <mjt@tls.msk.ru>
X-Patchwork-Id: 844265
Delivered-To: patch@linaro.org
Received: by 2002:a05:6000:8b:b0:382:43a8:7b94 with SMTP id m11csp1005157wrx; 
 Mon, 18 Nov 2024 22:07:29 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCVvwnlaEK23pKQeax+p+9mZ4pPPIQUld9L+XgR2Qh1wQrKSl64R0pHQuF6dZIiGr6kl5W6VDg==@linaro.org
X-Google-Smtp-Source: AGHT+IF4mbmm4em9iJ+KOOY9XY5s7l4WZnfao4amozYqukPY6aITnZkH9AEyBEqHHTw9Gbg2T4LM
X-Received: by 2002:a05:6214:570a:b0:6cc:378f:f7fb with SMTP id
 6a1803df08f44-6d3fb88beb2mr217171106d6.35.1731996449176;
 Mon, 18 Nov 2024 22:07:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731996449; cv=none;
 d=google.com; s=arc-20240605;
 b=fp3co8Pt0lxTx8kptiF5xP5KFSZx88XE4N4YqGbMkUogKTu95UNmEF8gML1bHd9K+C
 6ktB0ZITkgg62lnM9dpYVb2L5Il6FjaRBXmpvxA3ael7XtTCfJDPl/N/3ag4SzE3+xt4
 hiwgX15+uQuTxL/S6hV+Qc29aHH4AxTm/YbXreWDGjBIDeAgaaOQg482JJn8K0IW68t0
 KJ7kE/yP4Huizq2lr3r8MlgnJIxYgTkTw5tgPNUbb16+zcGM2zVX0Yxd01ziG+d4uCBw
 S93TUl09hiBPly6i65ESwVHMW6Z4AUHF8FbV5ubx9Wx4LQv6JHMzesGfvcRGfRyX8EnX
 Gx/Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:references:in-reply-to:message-id:date:subject:cc:to
 :from; bh=reKyoe4ucz2+yLsBvPtbuTHP7MTUMsECyCoSlfiBDmc=;
 fh=bJM08QyuQI9qNgdwAnWtM8YuXTWExZXcb9tnmXCkn/A=;
 b=b8vCNnFrhf+fkaIsc7s3TkSUOa2kGlJPiUswDNGvpYnnsnUU2Y0THzT1mgekFmYIPg
 kHR7e6ASTdis4tBr3tBBW3d0vUs6LiicofW2FQjs+uGv4dPMOgXE7UBjkYWq65B4InA9
 2iVQ+71QvbDHrdT0eaSs5+Nal277AbjLdtFJ8NQOUPZqpbYdDmUZdngV5RZO1Uqa/xQd
 4GM2jT25SLKIRTWIHGYP5wizptpzp+SdNZoY+r3JCGg7W7vIfEYZEWPAaxSMyL9IGNOm
 a8RQ/HEdVXqlEBuLmNrGmYBn9lQm5iAhloD+YoQoCR2aQRc7/kf+D2KOIBeNroGNrDGz
 xx6A==; dara=google.com
ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Return-Path: <qemu-devel-bounces+patch=linaro.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17])
 by mx.google.com with ESMTPS id
 af79cd13be357-7b37a8a3a19si150108385a.626.2024.11.18.22.07.29
 for <patch@linaro.org>
 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 18 Nov 2024 22:07:29 -0800 (PST)
Received-SPF: pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender) client-ip=209.51.188.17;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
 qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as
 permitted sender)
 smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"
Received: from localhost ([::1] helo=lists1p.gnu.org)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <qemu-devel-bounces@nongnu.org>)
 id 1tDHM3-0001Aj-Py; Tue, 19 Nov 2024 01:04:52 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHM0-00018y-QK; Tue, 19 Nov 2024 01:04:48 -0500
Received: from isrv.corpit.ru ([86.62.121.231])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mjt@tls.msk.ru>)
 id 1tDHLz-0004gE-0r; Tue, 19 Nov 2024 01:04:48 -0500
Received: from tsrv.corpit.ru (tsrv.tls.msk.ru [192.168.177.2])
 by isrv.corpit.ru (Postfix) with ESMTP id 21C63A626A;
 Tue, 19 Nov 2024 09:04:15 +0300 (MSK)
Received: from tls.msk.ru (mjt.wg.tls.msk.ru [192.168.177.130])
 by tsrv.corpit.ru (Postfix) with SMTP id 49D461738DF;
 Tue, 19 Nov 2024 09:04:19 +0300 (MSK)
Received: (nullmailer pid 2368954 invoked by uid 1000);
 Tue, 19 Nov 2024 06:04:18 -0000
From: Michael Tokarev <mjt@tls.msk.ru>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Pierrick Bouvier <pierrick.bouvier@linaro.org>,
 Richard Henderson <richard.henderson@linaro.org>,
 Michael Tokarev <mjt@tls.msk.ru>
Subject: [Stable-9.1.2 67/72] target/i386: fix hang when using slow path for
 ptw_setl
Date: Tue, 19 Nov 2024 09:04:08 +0300
Message-Id: <20241119060418.2368866-10-mjt@tls.msk.ru>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
References: <qemu-stable-9.1.2-20241118224223@cover.tls.msk.ru>
MIME-Version: 1.0
Received-SPF: pass client-ip=86.62.121.231; envelope-from=mjt@tls.msk.ru;
 helo=isrv.corpit.ru
X-Spam_score_int: -68
X-Spam_score: -6.9
X-Spam_bar: ------
X-Spam_report: (-6.9 / 5.0 requ) BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5,
 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
 RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org
Sender: qemu-devel-bounces+patch=linaro.org@nongnu.org

From: Pierrick Bouvier <pierrick.bouvier@linaro.org>

When instrumenting memory accesses for plugin, we force memory accesses
to use the slow path for mmu [1]. This create a situation where we end
up calling ptw_setl_slow. This was fixed recently in [2] but the issue
still could appear out of plugins use case.

Since this function gets called during a cpu_exec, start_exclusive then
hangs. This exclusive section was introduced initially for security
reasons [3].

I suspect this code path was never triggered, because ptw_setl_slow
would always be called transitively from cpu_exec, resulting in a hang.

[1] https://gitlab.com/qemu-project/qemu/-/commit/6d03226b42247b68ab2f0b3663e0f624335a4055
[2] https://gitlab.com/qemu-project/qemu/-/commit/115ade42d50144c15b74368d32dc734ea277d853
[2] https://gitlab.com/qemu-project/qemu/-/commit/3a41aa8226bdaa709121515faea6e0e5ad1efa39 in 9.1.x series
[3] https://gitlab.com/qemu-project/qemu/-/issues/279

Fixes: https://gitlab.com/qemu-project/qemu/-/issues/2566
Signed-off-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20241025175857.2554252-2-pierrick.bouvier@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 7ba055b49b74c4d2f4a338c5198485bdff373fb1)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(Mjt: mention [2] in 9.1.x series)

diff --git a/target/i386/tcg/sysemu/excp_helper.c b/target/i386/tcg/sysemu/excp_helper.c
index da732c2ca8..b812a9a97b 100644
--- a/target/i386/tcg/sysemu/excp_helper.c
+++ b/target/i386/tcg/sysemu/excp_helper.c
@@ -107,6 +107,10 @@ static bool ptw_setl_slow(const PTETranslate *in, uint32_t old, uint32_t new)
 {
     uint32_t cmp;
 
+    CPUState *cpu = env_cpu(in->env);
+    /* We are in cpu_exec, and start_exclusive can't be called directly.*/
+    g_assert(cpu->running);
+    cpu_exec_end(cpu);
     /* Does x86 really perform a rmw cycle on mmio for ptw? */
     start_exclusive();
     cmp = cpu_ldl_mmuidx_ra(in->env, in->gaddr, in->ptw_idx, 0);
@@ -114,6 +118,7 @@ static bool ptw_setl_slow(const PTETranslate *in, uint32_t old, uint32_t new)
         cpu_stl_mmuidx_ra(in->env, in->gaddr, new, in->ptw_idx, 0);
     }
     end_exclusive();
+    cpu_exec_start(cpu);
     return cmp == old;
 }