From nobody Tue Apr 30 17:02:57 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1522197890060621.0816020913707;
 Tue, 27 Mar 2018 17:44:50 -0700 (PDT)
Received: from localhost ([::1]:36819 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1f0zCr-00072P-9H
	for importer@patchew.org; Tue, 27 Mar 2018 20:44:49 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57724)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjc@sifive.com>) id 1f0zBN-000681-Es
	for qemu-devel@nongnu.org; Tue, 27 Mar 2018 20:43:18 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mjc@sifive.com>) id 1f0zBL-00015E-Gu
	for qemu-devel@nongnu.org; Tue, 27 Mar 2018 20:43:17 -0400
Received: from mail-pg0-x244.google.com ([2607:f8b0:400e:c05::244]:41374)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <mjc@sifive.com>) id 1f0zBL-00014w-BQ
	for qemu-devel@nongnu.org; Tue, 27 Mar 2018 20:43:15 -0400
Received: by mail-pg0-x244.google.com with SMTP id t10so296285pgv.8
	for <qemu-devel@nongnu.org>; Tue, 27 Mar 2018 17:43:15 -0700 (PDT)
Received: from monty.com ([12.206.222.5])
	by smtp.gmail.com with ESMTPSA id l90sm5470064pfg.5.2018.03.27.17.43.13
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 27 Mar 2018 17:43:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=2r9uQyaDxMrwcT6QUGWN9rWZyoR9fKEPbUigu44NvvA=;
	b=DZAIamPsRZ3g6FLMFJ/ZFS/291c6WYvPjvLUSzU4ZsiP6DoEyTHLEJfEG+XswU8qeh
	O6RKlwYGlPgrab1q7egKshCHuEtjSC7xrJ2b8kYRu6I0vqcpGpD0zQ12zClWqhXijO85
	wdYY0pRrNh3buao8TSaqvp2YgwKiq346GzTSTSqV35L6I2O7XLqUT9dzsWhcwpaGGSA9
	lbncbdoi6hKTo1kcGiVUDwqzLUdwSRm5s1a63rWYmTk3AFcmrPK6NaDfZ+wUqhwXocJM
	HNw3916Ram8sV2yxxujBcpYE+OW8+qyFP8CQpSn29Q1vcTdKNm8XpSXgTjohiHqs+Dvj
	VCCg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=2r9uQyaDxMrwcT6QUGWN9rWZyoR9fKEPbUigu44NvvA=;
	b=BIiOYYMuArt+saM6rGnp+Z7wNOBcq/I3gee8OH0Dxh5OV2KGIzdOtYe0p1QyBzISTV
	bIRsqaz6dpXIzhozb6ZYQDXhbF4FLwd4hEKYVNa6jwPgcinCa15+e6yhMEjRNFY5QWkJ
	q4OhAKcC03Cdrz/L1tyqNo/i58MOgHd5fK63r7MQJeCpPa/nEdc9SODmybLf5DMAj9Sy
	MtGetuFpPjWRInhBbllrsnIo/DOfVco+2mLmw6EjjSKJO1DbV7X+L3cXNVdvLR1ZE5Yv
	PUFS4PC/pYy65XwfUpmpypz9DMxZP8qEpJRL2b6C7n3ehsf9Q10ZoTOXs8GCUAaRgh99
	nqPg==
X-Gm-Message-State: AElRT7HtN6dj5y1LAq2zMqitDrW556Em2flV+pLUA8FDIEmNrftYONJw
	AJdLVyjUxNJZbilUc6N3LHCqSj2OkwA=
X-Google-Smtp-Source: 
 AIpwx48FCvldCt5BTsuZhuTEoxSdTcg79O+AyVMXkRkiAXfbGnZ+WZt23lPB7ZFCmZHOswL1lVml5A==
X-Received: by 10.101.87.201 with SMTP id q9mr988314pgr.215.1522197794297;
	Tue, 27 Mar 2018 17:43:14 -0700 (PDT)
From: Michael Clark <mjc@sifive.com>
To: qemu-devel@nongnu.org
Date: Tue, 27 Mar 2018 17:42:25 -0700
Message-Id: <1522197746-26020-2-git-send-email-mjc@sifive.com>
X-Mailer: git-send-email 2.7.0
In-Reply-To: <1522197746-26020-1-git-send-email-mjc@sifive.com>
References: <1522197746-26020-1-git-send-email-mjc@sifive.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:400e:c05::244
Subject: [Qemu-devel] [PATCH v2 1/1] RISC-V: Workaround for critical
 mstatus.FS MTTCG bug
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Peter Maydell <peter.maydell@linaro.org>,
	Sagar Karandikar <sagark@eecs.berkeley.edu>,
	Bastian Koppelmann <kbastian@mail.uni-paderborn.de>,
	Palmer Dabbelt <palmer@sifive.com>,
	Richard Henderson <richard.henderson@linaro.org>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>,
	Michael Clark <mjc@sifive.com>, patches@groups.riscv.org,
	=?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZohoMail: RDKM_2  RSF_0  Z_629925259 SPT_0

This change is a workaround for a bug where mstatus.FS
is not correctly reporting dirty after operations that
modify floating point registers. This a critical bug
or RISC-V in QEMU as it results in floating point
register file corruption when running SMP Linux due to
task migration and possibly uniprocessor Linux if
more than one process is using the FPU.

This workaround will return dirty if mstatus.FS is
switched from off to initial or clean. According to
the specification it is legal for an implementation
to return only off, or dirty.

Cc: Palmer Dabbelt <palmer@sifive.com>
Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Alex Benn=C3=A9e <alex.bennee@linaro.org>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/riscv/op_helper.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c
index e34715d..7c6068b 100644
--- a/target/riscv/op_helper.c
+++ b/target/riscv/op_helper.c
@@ -144,8 +144,21 @@ void csr_write_helper(CPURISCVState *env, target_ulong=
 val_to_write,
         }
=20
         mstatus =3D (mstatus & ~mask) | (val_to_write & mask);
-        int dirty =3D (mstatus & MSTATUS_FS) =3D=3D MSTATUS_FS;
-        dirty |=3D (mstatus & MSTATUS_XS) =3D=3D MSTATUS_XS;
+
+        /* Note: this is a workaround for an issue where mstatus.FS
+           does not report dirty after floating point operations
+           that modify floating point state. This workaround is
+           technically compliant with the RISC-V Privileged
+           specification as it is legal to return only off, or dirty.
+           at the expense of extra floating point save/restore. */
+
+        /* FP is always dirty or off */
+        if (mstatus & MSTATUS_FS) {
+            mstatus |=3D MSTATUS_FS;
+        }
+
+        int dirty =3D ((mstatus & MSTATUS_FS) =3D=3D MSTATUS_FS) |
+                    ((mstatus & MSTATUS_XS) =3D=3D MSTATUS_XS);
         mstatus =3D set_field(mstatus, MSTATUS_SD, dirty);
         env->mstatus =3D mstatus;
         break;
--=20
2.7.0


From nobody Tue Apr 30 17:02:57 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as
 permitted sender) client-ip=208.118.235.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists.gnu.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted
 sender)  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by
 mx.zohomail.com
	with SMTPS id 1522197891523610.2114044272685;
 Tue, 27 Mar 2018 17:44:51 -0700 (PDT)
Received: from localhost ([::1]:36820 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <qemu-devel-bounces+importer=patchew.org@nongnu.org>)
	id 1f0zCs-00073t-K8
	for importer@patchew.org; Tue, 27 Mar 2018 20:44:50 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57740)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mjc@sifive.com>) id 1f0zBO-000688-7l
	for qemu-devel@nongnu.org; Tue, 27 Mar 2018 20:43:19 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mjc@sifive.com>) id 1f0zBM-00016E-Vq
	for qemu-devel@nongnu.org; Tue, 27 Mar 2018 20:43:18 -0400
Received: from mail-pf0-x243.google.com ([2607:f8b0:400e:c00::243]:37344)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <mjc@sifive.com>) id 1f0zBM-00015a-RW
	for qemu-devel@nongnu.org; Tue, 27 Mar 2018 20:43:16 -0400
Received: by mail-pf0-x243.google.com with SMTP id t16so313103pfh.4
	for <qemu-devel@nongnu.org>; Tue, 27 Mar 2018 17:43:16 -0700 (PDT)
Received: from monty.com ([12.206.222.5])
	by smtp.gmail.com with ESMTPSA id l90sm5470064pfg.5.2018.03.27.17.43.14
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 27 Mar 2018 17:43:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references
	:mime-version:content-transfer-encoding;
	bh=2r9uQyaDxMrwcT6QUGWN9rWZyoR9fKEPbUigu44NvvA=;
	b=R6HN+1AXd6a+7te7jIboEd+Eq6w7Qz30PkBSvfIVdDheG2Er920wKhfVj8fR0ucBey
	fkwAeVDz/eefCQf2nlwZVP4rKKoyYHDQpPRzySr8Hf6yLBYUcXHV1Rz7Y6c1vUq3zboG
	MMEg0sYY6JO3LY2rm9qMxNlA9sfZq5zbei0Ox49bmqP3+xOVN0UWlMwXhyLSswvOtBzN
	smNWBcSwowwYwQPDUDIcxoCx4yVNkSvXYjWf+JmqUlxSUIxDqNDvhm/OIa2AbeQjkXhQ
	LkXzlXPULbjilbOL4q5RQRvWDUTv8XR7p49fPqfUtI+NN3M7hmMBI6XO1t/qKMwtfGS/
	E33Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references:mime-version:content-transfer-encoding;
	bh=2r9uQyaDxMrwcT6QUGWN9rWZyoR9fKEPbUigu44NvvA=;
	b=Y176C8oSEpqtY6EF+MyAZ/8aU6fSa53qhpEPr71vY4hZwaZzv7KSeQoe+uyJxbO6aS
	V8Gt9Kmd5OiDZe9svk02erPvLBADw4tn0HACaDiNN9fYzfNDanYKwKfn8CsGC9g145GU
	dchsZdHQD177+w76b/Yy7GnfAMrWRjKZudrkFwgW/LkWO/dyYKfguK/+UfwGjYiFTOYf
	Pbd1Su/Kk3zJTH2F/RADntqO3ROYQv1FNYilj16L4D+OCOhr2jHYukI6MPMI35es8YeY
	pUUTFG70OzmjLwSKPKAT0Sdo3h2ZVhMVro6S5/70NYguvJEzyWdLHeCsrIyblY38YMHn
	NX9Q==
X-Gm-Message-State: AElRT7HXh0IRKUgJ09jeet+GhHUjd405EFV18cdF3pI26s5b1dSdmqQ9
	rDMkkqIQHzAGiOu11bQ7PONWj7kzTaw=
X-Google-Smtp-Source: 
 AIpwx48325f6/jD78ryfuhxBUvVh/OM3HKyDpryiAylklUolV9dULh35zrFZjqy5JRFye7BVWoP5IA==
X-Received: by 10.98.244.6 with SMTP id r6mr1137994pff.242.1522197795614;
	Tue, 27 Mar 2018 17:43:15 -0700 (PDT)
From: Michael Clark <mjc@sifive.com>
To: qemu-devel@nongnu.org
Date: Tue, 27 Mar 2018 17:42:26 -0700
Message-Id: <1522197746-26020-3-git-send-email-mjc@sifive.com>
X-Mailer: git-send-email 2.7.0
In-Reply-To: <1522197746-26020-1-git-send-email-mjc@sifive.com>
References: <1522197746-26020-1-git-send-email-mjc@sifive.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:400e:c00::243
Subject: [Qemu-devel] [PATCH v2 1/1] RISC-V: Workaround for critical
 mstatus.FS bug
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Peter Maydell <peter.maydell@linaro.org>,
	Sagar Karandikar <sagark@eecs.berkeley.edu>,
	Bastian Koppelmann <kbastian@mail.uni-paderborn.de>,
	Palmer Dabbelt <palmer@sifive.com>,
	Richard Henderson <richard.henderson@linaro.org>,
	=?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org>,
	Michael Clark <mjc@sifive.com>, patches@groups.riscv.org,
	=?UTF-8?q?Alex=20Benn=C3=A9e?= <alex.bennee@linaro.org>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: "Qemu-devel" <qemu-devel-bounces+importer=patchew.org@nongnu.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZohoMail: RDKM_2  RSF_0  Z_629925259 SPT_0

This change is a workaround for a bug where mstatus.FS
is not correctly reporting dirty after operations that
modify floating point registers. This a critical bug
or RISC-V in QEMU as it results in floating point
register file corruption when running SMP Linux due to
task migration and possibly uniprocessor Linux if
more than one process is using the FPU.

This workaround will return dirty if mstatus.FS is
switched from off to initial or clean. According to
the specification it is legal for an implementation
to return only off, or dirty.

Cc: Palmer Dabbelt <palmer@sifive.com>
Cc: Sagar Karandikar <sagark@eecs.berkeley.edu>
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>
Cc: Peter Maydell <peter.maydell@linaro.org>
Cc: Alex Benn=C3=A9e <alex.bennee@linaro.org>
Cc: Richard Henderson <richard.henderson@linaro.org>
Cc: Philippe Mathieu-Daud=C3=A9 <f4bug@amsat.org>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Michael Clark <mjc@sifive.com>
---
 target/riscv/op_helper.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c
index e34715d..7c6068b 100644
--- a/target/riscv/op_helper.c
+++ b/target/riscv/op_helper.c
@@ -144,8 +144,21 @@ void csr_write_helper(CPURISCVState *env, target_ulong=
 val_to_write,
         }
=20
         mstatus =3D (mstatus & ~mask) | (val_to_write & mask);
-        int dirty =3D (mstatus & MSTATUS_FS) =3D=3D MSTATUS_FS;
-        dirty |=3D (mstatus & MSTATUS_XS) =3D=3D MSTATUS_XS;
+
+        /* Note: this is a workaround for an issue where mstatus.FS
+           does not report dirty after floating point operations
+           that modify floating point state. This workaround is
+           technically compliant with the RISC-V Privileged
+           specification as it is legal to return only off, or dirty.
+           at the expense of extra floating point save/restore. */
+
+        /* FP is always dirty or off */
+        if (mstatus & MSTATUS_FS) {
+            mstatus |=3D MSTATUS_FS;
+        }
+
+        int dirty =3D ((mstatus & MSTATUS_FS) =3D=3D MSTATUS_FS) |
+                    ((mstatus & MSTATUS_XS) =3D=3D MSTATUS_XS);
         mstatus =3D set_field(mstatus, MSTATUS_SD, dirty);
         env->mstatus =3D mstatus;
         break;
--=20
2.7.0