From nobody Fri May 3 20:18:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1494974950483445.63961972449727; Tue, 16 May 2017 15:49:10 -0700 (PDT) Received: from localhost ([::1]:44445 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlHA-0003Cg-Cz for importer@patchew.org; Tue, 16 May 2017 18:49:08 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46826) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlFa-0002Hn-0W for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dAlFZ-0005JI-8I for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from hall.aurel32.net ([2001:bc8:30d7:100::1]:45080) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dAlFZ-0005IV-2J for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:29 -0400 Received: from [2001:bc8:30d7:120:9bb5:8936:7e6a:9e36] (helo=ohm.rr44.fr) by hall.aurel32.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1dAlFX-0001Hx-GZ; Wed, 17 May 2017 00:47:27 +0200 Received: from aurel32 by ohm.rr44.fr with local (Exim 4.89) (envelope-from ) id 1dAlFW-0004kB-S9; Wed, 17 May 2017 00:47:26 +0200 From: Aurelien Jarno To: qemu-devel@nongnu.org Date: Wed, 17 May 2017 00:47:17 +0200 Message-Id: <20170516224721.13832-2-aurelien@aurel32.net> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170516224721.13832-1-aurelien@aurel32.net> References: <20170516224721.13832-1-aurelien@aurel32.net> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:bc8:30d7:100::1 Subject: [Qemu-devel] [PATCH 1/5] target/sh4: log unauthorized accesses using qemu_log_mask X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" qemu_log_mask() is preferred over fprintf() for logging errors. Signed-off-by: Aurelien Jarno Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/sh4/helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/sh4/helper.c b/target/sh4/helper.c index 8f8ce81401..4c024f9529 100644 --- a/target/sh4/helper.c +++ b/target/sh4/helper.c @@ -420,7 +420,7 @@ static int get_physical_address(CPUSH4State * env, targ= et_ulong * physical, if (!(env->sr & (1u << SR_MD)) && (address < 0xe0000000 || address >=3D 0xe4000000)) { /* Unauthorized access in user mode (only store queues are available)= */ - fprintf(stderr, "Unauthorized access\n"); + qemu_log_mask(LOG_GUEST_ERROR, "Unauthorized access\n"); if (rw =3D=3D 0) return MMU_DADDR_ERROR_READ; else if (rw =3D=3D 1) --=20 2.11.0 From nobody Fri May 3 20:18:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 14949749512131006.4093836195783; Tue, 16 May 2017 15:49:11 -0700 (PDT) Received: from localhost ([::1]:44447 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlHB-0003Da-OK for importer@patchew.org; Tue, 16 May 2017 18:49:09 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46827) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlFa-0002Ho-0f for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dAlFZ-0005J7-7T for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from hall.aurel32.net ([2001:bc8:30d7:100::1]:45082) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dAlFZ-0005IW-23 for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:29 -0400 Received: from [2001:bc8:30d7:120:9bb5:8936:7e6a:9e36] (helo=ohm.rr44.fr) by hall.aurel32.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1dAlFX-0001Hy-KH; Wed, 17 May 2017 00:47:27 +0200 Received: from aurel32 by ohm.rr44.fr with local (Exim 4.89) (envelope-from ) id 1dAlFW-0004kI-Vw; Wed, 17 May 2017 00:47:26 +0200 From: Aurelien Jarno To: qemu-devel@nongnu.org Date: Wed, 17 May 2017 00:47:18 +0200 Message-Id: <20170516224721.13832-3-aurelien@aurel32.net> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170516224721.13832-1-aurelien@aurel32.net> References: <20170516224721.13832-1-aurelien@aurel32.net> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:bc8:30d7:100::1 Subject: [Qemu-devel] [PATCH 2/5] target/sh4: fix reset when using a kernel and an initrd X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" When a masked exception happens, the SH4 CPU generates a non-masked reset exception, which then jumps to the reset vector at address 0xA0000000. While this is emulated correctly in QEMU, this does not work when using a kernel and initrd as this address then contain an illegal instruction (and there is no guarantee the kernel and initrd haven't been overwritten). Therefore call qemu_system_reset_request to reload the kernel and initrd and load the program counter to the kernel entry point. Signed-off-by: Aurelien Jarno Reviewed-by: Richard Henderson --- target/sh4/helper.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/target/sh4/helper.c b/target/sh4/helper.c index 4c024f9529..5296e7cf4e 100644 --- a/target/sh4/helper.c +++ b/target/sh4/helper.c @@ -21,6 +21,7 @@ #include "cpu.h" #include "exec/exec-all.h" #include "exec/log.h" +#include "sysemu/sysemu.h" =20 #if !defined(CONFIG_USER_ONLY) #include "hw/sh4/sh_intc.h" @@ -92,7 +93,14 @@ void superh_cpu_do_interrupt(CPUState *cs) =20 if (env->sr & (1u << SR_BL)) { if (do_exp && cs->exception_index !=3D 0x1e0) { - cs->exception_index =3D 0x000; /* masked exception -> reset */ + /* In theory a masked exception generates a reset exception, + which in turn jumps to the reset vector. However this only + works when using a bootloader. When using a kernel and an + initrd, they need to be reloaded and the program counter + should be loaded with the kernel entry point. + qemu_system_reset_request takes care of that. */ + qemu_system_reset_request(); + return; } if (do_irq && !env->in_sleep) { return; /* masked */ --=20 2.11.0 From nobody Fri May 3 20:18:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1494975162623619.6703293391633; Tue, 16 May 2017 15:52:42 -0700 (PDT) Received: from localhost ([::1]:44461 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlKb-0005jM-8L for importer@patchew.org; Tue, 16 May 2017 18:52:41 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46859) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlFa-0002Hs-Oz for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:32 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dAlFZ-0005Ja-A9 for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from hall.aurel32.net ([2001:bc8:30d7:100::1]:45086) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dAlFZ-0005IY-3J for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:29 -0400 Received: from [2001:bc8:30d7:120:9bb5:8936:7e6a:9e36] (helo=ohm.rr44.fr) by hall.aurel32.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1dAlFX-0001Hz-PA; Wed, 17 May 2017 00:47:27 +0200 Received: from aurel32 by ohm.rr44.fr with local (Exim 4.89) (envelope-from ) id 1dAlFX-0004kP-4E; Wed, 17 May 2017 00:47:27 +0200 From: Aurelien Jarno To: qemu-devel@nongnu.org Date: Wed, 17 May 2017 00:47:19 +0200 Message-Id: <20170516224721.13832-4-aurelien@aurel32.net> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170516224721.13832-1-aurelien@aurel32.net> References: <20170516224721.13832-1-aurelien@aurel32.net> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:bc8:30d7:100::1 Subject: [Qemu-devel] [PATCH 3/5] target/sh4: introduce DELAY_SLOT_MASK X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" This will make easier the introduction of a new flag in the next patches. Signed-off-by: Aurelien Jarno Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/sh4/cpu.h | 3 ++- target/sh4/helper.c | 4 ++-- target/sh4/translate.c | 17 ++++++++--------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h index 6c07c6b24b..7969c9af98 100644 --- a/target/sh4/cpu.h +++ b/target/sh4/cpu.h @@ -91,6 +91,7 @@ #define FPSCR_RM_NEAREST (0 << 0) #define FPSCR_RM_ZERO (1 << 0) =20 +#define DELAY_SLOT_MASK 0x3 #define DELAY_SLOT (1 << 0) #define DELAY_SLOT_CONDITIONAL (1 << 1) =20 @@ -380,7 +381,7 @@ static inline void cpu_get_tb_cpu_state(CPUSH4State *en= v, target_ulong *pc, { *pc =3D env->pc; *cs_base =3D 0; - *flags =3D (env->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) /* Bit= s 0-1 */ + *flags =3D (env->flags & DELAY_SLOT_MASK) /* Bits = 0- 1 */ | (env->fpscr & (FPSCR_FR | FPSCR_SZ | FPSCR_PR)) /* Bits 19-= 21 */ | (env->sr & ((1u << SR_MD) | (1u << SR_RB))) /* Bits 29-= 30 */ | (env->sr & (1u << SR_FD)) /* Bit 15 */ diff --git a/target/sh4/helper.c b/target/sh4/helper.c index 5296e7cf4e..d420931530 100644 --- a/target/sh4/helper.c +++ b/target/sh4/helper.c @@ -172,11 +172,11 @@ void superh_cpu_do_interrupt(CPUState *cs) env->sgr =3D env->gregs[15]; env->sr |=3D (1u << SR_BL) | (1u << SR_MD) | (1u << SR_RB); =20 - if (env->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { + if (env->flags & DELAY_SLOT_MASK) { /* Branch instruction should be executed again before delay slot. = */ env->spc -=3D 2; /* Clear flags for exception/interrupt routine. */ - env->flags &=3D ~(DELAY_SLOT | DELAY_SLOT_CONDITIONAL); + env->flags &=3D ~DELAY_SLOT_MASK; } =20 if (do_exp) { diff --git a/target/sh4/translate.c b/target/sh4/translate.c index 0bc2f9ff19..aba316f593 100644 --- a/target/sh4/translate.c +++ b/target/sh4/translate.c @@ -217,8 +217,7 @@ static inline void gen_save_cpu_state(DisasContext *ctx= , bool save_pc) if (ctx->delayed_pc !=3D (uint32_t) -1) { tcg_gen_movi_i32(cpu_delayed_pc, ctx->delayed_pc); } - if ((ctx->tbflags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) - !=3D ctx->envflags) { + if ((ctx->tbflags & DELAY_SLOT_MASK) !=3D ctx->envflags) { tcg_gen_movi_i32(cpu_flags, ctx->envflags); } } @@ -329,7 +328,7 @@ static inline void gen_store_fpr64 (TCGv_i64 t, int reg) #define DREG(x) FREG(x) /* Assumes lsb of (x) is always 0 */ =20 #define CHECK_NOT_DELAY_SLOT \ - if (ctx->envflags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { \ + if (ctx->envflags & DELAY_SLOT_MASK) { \ gen_save_cpu_state(ctx, true); \ gen_helper_raise_slot_illegal_instruction(cpu_env); \ ctx->bstate =3D BS_EXCP; \ @@ -339,7 +338,7 @@ static inline void gen_store_fpr64 (TCGv_i64 t, int reg) #define CHECK_PRIVILEGED \ if (IS_USER(ctx)) { \ gen_save_cpu_state(ctx, true); \ - if (ctx->envflags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { \ + if (ctx->envflags & DELAY_SLOT_MASK) { \ gen_helper_raise_slot_illegal_instruction(cpu_env); \ } else { \ gen_helper_raise_illegal_instruction(cpu_env); \ @@ -351,7 +350,7 @@ static inline void gen_store_fpr64 (TCGv_i64 t, int reg) #define CHECK_FPU_ENABLED \ if (ctx->tbflags & (1u << SR_FD)) { \ gen_save_cpu_state(ctx, true); \ - if (ctx->envflags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { \ + if (ctx->envflags & DELAY_SLOT_MASK) { \ gen_helper_raise_slot_fpu_disable(cpu_env); \ } else { \ gen_helper_raise_fpu_disable(cpu_env); \ @@ -1784,7 +1783,7 @@ static void _decode_opc(DisasContext * ctx) fflush(stderr); #endif gen_save_cpu_state(ctx, true); - if (ctx->envflags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { + if (ctx->envflags & DELAY_SLOT_MASK) { gen_helper_raise_slot_illegal_instruction(cpu_env); } else { gen_helper_raise_illegal_instruction(cpu_env); @@ -1798,9 +1797,9 @@ static void decode_opc(DisasContext * ctx) =20 _decode_opc(ctx); =20 - if (old_flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL)) { + if (old_flags & DELAY_SLOT_MASK) { /* go out of the delay slot */ - ctx->envflags &=3D ~(DELAY_SLOT | DELAY_SLOT_CONDITIONAL); + ctx->envflags &=3D ~DELAY_SLOT_MASK; tcg_gen_movi_i32(cpu_flags, ctx->envflags); ctx->bstate =3D BS_BRANCH; if (old_flags & DELAY_SLOT_CONDITIONAL) { @@ -1824,7 +1823,7 @@ void gen_intermediate_code(CPUSH4State * env, struct = TranslationBlock *tb) pc_start =3D tb->pc; ctx.pc =3D pc_start; ctx.tbflags =3D (uint32_t)tb->flags; - ctx.envflags =3D tb->flags & (DELAY_SLOT | DELAY_SLOT_CONDITIONAL); + ctx.envflags =3D tb->flags & DELAY_SLOT_MASK; ctx.bstate =3D BS_NONE; ctx.memidx =3D (ctx.tbflags & (1u << SR_MD)) =3D=3D 0 ? 1 : 0; /* We don't know if the delayed pc came from a dynamic or static branc= h, --=20 2.11.0 From nobody Fri May 3 20:18:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1494974951566726.1510794054576; Tue, 16 May 2017 15:49:11 -0700 (PDT) Received: from localhost ([::1]:44446 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlHB-0003DK-66 for importer@patchew.org; Tue, 16 May 2017 18:49:09 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46825) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlFa-0002Hm-0L for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dAlFZ-0005JE-8a for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from hall.aurel32.net ([2001:bc8:30d7:100::1]:45088) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dAlFZ-0005Ib-1t for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:29 -0400 Received: from [2001:bc8:30d7:120:9bb5:8936:7e6a:9e36] (helo=ohm.rr44.fr) by hall.aurel32.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1dAlFX-0001I0-U7; Wed, 17 May 2017 00:47:27 +0200 Received: from aurel32 by ohm.rr44.fr with local (Exim 4.89) (envelope-from ) id 1dAlFX-0004kk-7a; Wed, 17 May 2017 00:47:27 +0200 From: Aurelien Jarno To: qemu-devel@nongnu.org Date: Wed, 17 May 2017 00:47:20 +0200 Message-Id: <20170516224721.13832-5-aurelien@aurel32.net> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170516224721.13832-1-aurelien@aurel32.net> References: <20170516224721.13832-1-aurelien@aurel32.net> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:bc8:30d7:100::1 Subject: [Qemu-devel] [PATCH 4/5] target/sh4: ignore interrupts in a delay slot X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Delay slots are indivisible, therefore avoid scheduling an interrupt in the delay slot. However exceptions are possible. Signed-off-by: Aurelien Jarno Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Richard Henderson --- target/sh4/helper.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/target/sh4/helper.c b/target/sh4/helper.c index d420931530..19d4ec5fb5 100644 --- a/target/sh4/helper.c +++ b/target/sh4/helper.c @@ -871,8 +871,16 @@ int cpu_sh4_is_cached(CPUSH4State * env, target_ulong = addr) bool superh_cpu_exec_interrupt(CPUState *cs, int interrupt_request) { if (interrupt_request & CPU_INTERRUPT_HARD) { - superh_cpu_do_interrupt(cs); - return true; + SuperHCPU *cpu =3D SUPERH_CPU(cs); + CPUSH4State *env =3D &cpu->env; + + /* Delay slots are indivisible, ignore interrupts */ + if (env->flags & DELAY_SLOT_MASK) { + return false; + } else { + superh_cpu_do_interrupt(cs); + return true; + } } return false; } --=20 2.11.0 From nobody Fri May 3 20:18:55 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1494975058643284.3564259561115; Tue, 16 May 2017 15:50:58 -0700 (PDT) Received: from localhost ([::1]:44455 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlIv-0004ZS-4W for importer@patchew.org; Tue, 16 May 2017 18:50:57 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46834) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dAlFa-0002Hr-6Y for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:31 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dAlFZ-0005JP-9I for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:30 -0400 Received: from hall.aurel32.net ([2001:bc8:30d7:100::1]:45090) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dAlFZ-0005If-3N for qemu-devel@nongnu.org; Tue, 16 May 2017 18:47:29 -0400 Received: from [2001:bc8:30d7:120:9bb5:8936:7e6a:9e36] (helo=ohm.rr44.fr) by hall.aurel32.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1dAlFY-0001I1-0M; Wed, 17 May 2017 00:47:28 +0200 Received: from aurel32 by ohm.rr44.fr with local (Exim 4.89) (envelope-from ) id 1dAlFX-0004kr-AW; Wed, 17 May 2017 00:47:27 +0200 From: Aurelien Jarno To: qemu-devel@nongnu.org Date: Wed, 17 May 2017 00:47:21 +0200 Message-Id: <20170516224721.13832-6-aurelien@aurel32.net> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20170516224721.13832-1-aurelien@aurel32.net> References: <20170516224721.13832-1-aurelien@aurel32.net> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:bc8:30d7:100::1 Subject: [Qemu-devel] [PATCH 5/5] target/sh4: fix RTE instruction delay slot X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Aurelien Jarno Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The ReTurn from Exception (RTE) instruction loads the system register (SR) with the saved system register (SSR). It has a delay slot, and behaves specially according to the SH4 manual: The SR value accessed by the instruction in the RTE delay slot is the value restored from SSR by the RTE instruction. The SR and MD values defined prior to RTE execution are used to fetch the instruction in the RTE delay slot. The instruction in the delay slot being often a NOP, it doesn't cause any issue most of the time except in some rare cases where the NOP is being splitted in a different TB (for example when the TCG op buffer is full). In that case the NOP is fetched with the user permissions and causes an instruction TLB protection violation exception. This patches fixes that by introducing a new delay slot flag for the RTE instruction. Given it's a privileged instruction, the RTE delay slot instruction is always fetched in privileged mode. It is therefore enough to to check for this flag in cpu_mmu_index. Signed-off-by: Aurelien Jarno Reviewed-by: Richard Henderson --- target/sh4/cpu.h | 13 ++++++++++--- target/sh4/translate.c | 8 ++++++-- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/target/sh4/cpu.h b/target/sh4/cpu.h index 7969c9af98..ffb91687b8 100644 --- a/target/sh4/cpu.h +++ b/target/sh4/cpu.h @@ -91,9 +91,10 @@ #define FPSCR_RM_NEAREST (0 << 0) #define FPSCR_RM_ZERO (1 << 0) =20 -#define DELAY_SLOT_MASK 0x3 +#define DELAY_SLOT_MASK 0x7 #define DELAY_SLOT (1 << 0) #define DELAY_SLOT_CONDITIONAL (1 << 1) +#define DELAY_SLOT_RTE (1 << 2) =20 typedef struct tlb_t { uint32_t vpn; /* virtual page number */ @@ -264,7 +265,13 @@ void cpu_load_tlb(CPUSH4State * env); #define MMU_USER_IDX 1 static inline int cpu_mmu_index (CPUSH4State *env, bool ifetch) { - return (env->sr & (1u << SR_MD)) =3D=3D 0 ? 1 : 0; + /* The instruction in a RTE delay slot is fetched in privileged + mode, but executed in user mode. */ + if (ifetch && (env->flags & DELAY_SLOT_RTE)) { + return 0; + } else { + return (env->sr & (1u << SR_MD)) =3D=3D 0 ? 1 : 0; + } } =20 #include "exec/cpu-all.h" @@ -381,7 +388,7 @@ static inline void cpu_get_tb_cpu_state(CPUSH4State *en= v, target_ulong *pc, { *pc =3D env->pc; *cs_base =3D 0; - *flags =3D (env->flags & DELAY_SLOT_MASK) /* Bits = 0- 1 */ + *flags =3D (env->flags & DELAY_SLOT_MASK) /* Bits = 0- 2 */ | (env->fpscr & (FPSCR_FR | FPSCR_SZ | FPSCR_PR)) /* Bits 19-= 21 */ | (env->sr & ((1u << SR_MD) | (1u << SR_RB))) /* Bits 29-= 30 */ | (env->sr & (1u << SR_FD)) /* Bit 15 */ diff --git a/target/sh4/translate.c b/target/sh4/translate.c index aba316f593..8bc132b27b 100644 --- a/target/sh4/translate.c +++ b/target/sh4/translate.c @@ -185,6 +185,9 @@ void superh_cpu_dump_state(CPUState *cs, FILE *f, } else if (env->flags & DELAY_SLOT_CONDITIONAL) { cpu_fprintf(f, "in conditional delay slot (delayed_pc=3D0x%08x)\n", env->delayed_pc); + } else if (env->flags & DELAY_SLOT_RTE) { + cpu_fprintf(f, "in rte delay slot (delayed_pc=3D0x%08x)\n", + env->delayed_pc); } } =20 @@ -427,8 +430,9 @@ static void _decode_opc(DisasContext * ctx) CHECK_NOT_DELAY_SLOT gen_write_sr(cpu_ssr); tcg_gen_mov_i32(cpu_delayed_pc, cpu_spc); - ctx->envflags |=3D DELAY_SLOT; + ctx->envflags |=3D DELAY_SLOT_RTE; ctx->delayed_pc =3D (uint32_t) - 1; + ctx->bstate =3D BS_STOP; return; case 0x0058: /* sets */ tcg_gen_ori_i32(cpu_sr, cpu_sr, (1u << SR_S)); @@ -1804,7 +1808,7 @@ static void decode_opc(DisasContext * ctx) ctx->bstate =3D BS_BRANCH; if (old_flags & DELAY_SLOT_CONDITIONAL) { gen_delayed_conditional_jump(ctx); - } else if (old_flags & DELAY_SLOT) { + } else { gen_jump(ctx); } =20 --=20 2.11.0