From nobody Thu Dec 18 22:26:33 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 152907483229699.14388507676313; Fri, 15 Jun 2018 08:00:32 -0700 (PDT) Received: from localhost ([::1]:47351 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fTqDH-00062d-FC for importer@patchew.org; Fri, 15 Jun 2018 11:00:31 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:60840) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fTpfX-0001ed-2F for qemu-devel@nongnu.org; Fri, 15 Jun 2018 10:25:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fTpfS-0006CT-8V for qemu-devel@nongnu.org; Fri, 15 Jun 2018 10:25:39 -0400 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:42766) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fTpfR-0006Bk-NC for qemu-devel@nongnu.org; Fri, 15 Jun 2018 10:25:34 -0400 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1fTpfQ-0003g2-OW for qemu-devel@nongnu.org; Fri, 15 Jun 2018 15:25:32 +0100 From: Peter Maydell To: qemu-devel@nongnu.org Date: Fri, 15 Jun 2018 15:24:52 +0100 Message-Id: <20180615142521.19143-15-peter.maydell@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20180615142521.19143-1-peter.maydell@linaro.org> References: <20180615142521.19143-1-peter.maydell@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PULL 14/43] cputlb: Pass cpu_transaction_failed() the correct physaddr X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" The API for cpu_transaction_failed() says that it takes the physical address for the failed transaction. However we were actually passing it the offset within the target MemoryRegion. We don't currently have any target CPU implementations of this hook that require the physical address; fix this bug so we don't get confused if we ever do add one. Suggested-by: Paolo Bonzini Signed-off-by: Peter Maydell Reviewed-by: Paolo Bonzini Reviewed-by: Richard Henderson Message-id: 20180611125633.32755-3-peter.maydell@linaro.org --- include/exec/exec-all.h | 13 ++++++++++-- accel/tcg/cputlb.c | 44 +++++++++++++++++++++++++++++------------ exec.c | 5 +++-- 3 files changed, 45 insertions(+), 17 deletions(-) diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h index 4d09eaba72d..aed55aaaa7d 100644 --- a/include/exec/exec-all.h +++ b/include/exec/exec-all.h @@ -437,8 +437,17 @@ void tb_lock_reset(void); =20 #if !defined(CONFIG_USER_ONLY) =20 -struct MemoryRegion *iotlb_to_region(CPUState *cpu, - hwaddr index, MemTxAttrs attrs); +/** + * iotlb_to_section: + * @cpu: CPU performing the access + * @index: TCG CPU IOTLB entry + * + * Given a TCG CPU IOTLB entry, return the MemoryRegionSection that + * it refers to. @index will have been initially created and returned + * by memory_region_section_get_iotlb(). + */ +struct MemoryRegionSection *iotlb_to_section(CPUState *cpu, + hwaddr index, MemTxAttrs attr= s); =20 void tlb_fill(CPUState *cpu, target_ulong addr, int size, MMUAccessType access_type, int mmu_idx, uintptr_t retaddr); diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c index 31f7695cb29..1768fcdc473 100644 --- a/accel/tcg/cputlb.c +++ b/accel/tcg/cputlb.c @@ -777,13 +777,16 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBE= ntry *iotlbentry, target_ulong addr, uintptr_t retaddr, int size) { CPUState *cpu =3D ENV_GET_CPU(env); - hwaddr physaddr =3D iotlbentry->addr; - MemoryRegion *mr =3D iotlb_to_region(cpu, physaddr, iotlbentry->attrs); + hwaddr mr_offset; + MemoryRegionSection *section; + MemoryRegion *mr; uint64_t val; bool locked =3D false; MemTxResult r; =20 - physaddr =3D (physaddr & TARGET_PAGE_MASK) + addr; + section =3D iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs); + mr =3D section->mr; + mr_offset =3D (iotlbentry->addr & TARGET_PAGE_MASK) + addr; cpu->mem_io_pc =3D retaddr; if (mr !=3D &io_mem_rom && mr !=3D &io_mem_notdirty && !cpu->can_do_io= ) { cpu_io_recompile(cpu, retaddr); @@ -795,9 +798,13 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEn= try *iotlbentry, qemu_mutex_lock_iothread(); locked =3D true; } - r =3D memory_region_dispatch_read(mr, physaddr, + r =3D memory_region_dispatch_read(mr, mr_offset, &val, size, iotlbentry->attrs); if (r !=3D MEMTX_OK) { + hwaddr physaddr =3D mr_offset + + section->offset_within_address_space - + section->offset_within_region; + cpu_transaction_failed(cpu, physaddr, addr, size, MMU_DATA_LOAD, mmu_idx, iotlbentry->attrs, r, retaddr); } @@ -814,12 +821,15 @@ static void io_writex(CPUArchState *env, CPUIOTLBEntr= y *iotlbentry, uintptr_t retaddr, int size) { CPUState *cpu =3D ENV_GET_CPU(env); - hwaddr physaddr =3D iotlbentry->addr; - MemoryRegion *mr =3D iotlb_to_region(cpu, physaddr, iotlbentry->attrs); + hwaddr mr_offset; + MemoryRegionSection *section; + MemoryRegion *mr; bool locked =3D false; MemTxResult r; =20 - physaddr =3D (physaddr & TARGET_PAGE_MASK) + addr; + section =3D iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs); + mr =3D section->mr; + mr_offset =3D (iotlbentry->addr & TARGET_PAGE_MASK) + addr; if (mr !=3D &io_mem_rom && mr !=3D &io_mem_notdirty && !cpu->can_do_io= ) { cpu_io_recompile(cpu, retaddr); } @@ -830,9 +840,13 @@ static void io_writex(CPUArchState *env, CPUIOTLBEntry= *iotlbentry, qemu_mutex_lock_iothread(); locked =3D true; } - r =3D memory_region_dispatch_write(mr, physaddr, + r =3D memory_region_dispatch_write(mr, mr_offset, val, size, iotlbentry->attrs); if (r !=3D MEMTX_OK) { + hwaddr physaddr =3D mr_offset + + section->offset_within_address_space - + section->offset_within_region; + cpu_transaction_failed(cpu, physaddr, addr, size, MMU_DATA_STORE, mmu_idx, iotlbentry->attrs, r, retaddr); } @@ -880,12 +894,13 @@ static bool victim_tlb_hit(CPUArchState *env, size_t = mmu_idx, size_t index, */ tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr) { - int mmu_idx, index, pd; + int mmu_idx, index; void *p; MemoryRegion *mr; + MemoryRegionSection *section; CPUState *cpu =3D ENV_GET_CPU(env); CPUIOTLBEntry *iotlbentry; - hwaddr physaddr; + hwaddr physaddr, mr_offset; =20 index =3D (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1); mmu_idx =3D cpu_mmu_index(env, true); @@ -896,8 +911,8 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env, ta= rget_ulong addr) } } iotlbentry =3D &env->iotlb[mmu_idx][index]; - pd =3D iotlbentry->addr & ~TARGET_PAGE_MASK; - mr =3D iotlb_to_region(cpu, pd, iotlbentry->attrs); + section =3D iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs); + mr =3D section->mr; if (memory_region_is_unassigned(mr)) { qemu_mutex_lock_iothread(); if (memory_region_request_mmio_ptr(mr, addr)) { @@ -918,7 +933,10 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env, t= arget_ulong addr) * and use the MemTXResult it produced). However it is the * simplest place we have currently available for the check. */ - physaddr =3D (iotlbentry->addr & TARGET_PAGE_MASK) + addr; + mr_offset =3D (iotlbentry->addr & TARGET_PAGE_MASK) + addr; + physaddr =3D mr_offset + + section->offset_within_address_space - + section->offset_within_region; cpu_transaction_failed(cpu, physaddr, addr, 0, MMU_INST_FETCH, mmu= _idx, iotlbentry->attrs, MEMTX_DECODE_ERROR, 0); =20 diff --git a/exec.c b/exec.c index f6645ede0c2..9cbba6adcd3 100644 --- a/exec.c +++ b/exec.c @@ -2897,14 +2897,15 @@ static const MemoryRegionOps readonly_mem_ops =3D { }, }; =20 -MemoryRegion *iotlb_to_region(CPUState *cpu, hwaddr index, MemTxAttrs attr= s) +MemoryRegionSection *iotlb_to_section(CPUState *cpu, + hwaddr index, MemTxAttrs attrs) { int asidx =3D cpu_asidx_from_attrs(cpu, attrs); CPUAddressSpace *cpuas =3D &cpu->cpu_ases[asidx]; AddressSpaceDispatch *d =3D atomic_rcu_read(&cpuas->memory_dispatch); MemoryRegionSection *sections =3D d->map.sections; =20 - return sections[index & ~TARGET_PAGE_MASK].mr; + return §ions[index & ~TARGET_PAGE_MASK]; } =20 static void io_mem_init(void) --=20 2.17.1