From nobody Thu Nov 14 18:07:30 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=gmail.com ARC-Seal: i=1; a=rsa-sha256; t=1708703764; cv=none; d=zohomail.com; s=zohoarc; b=TvngUSMp0yU8Wxs2tcJeyZ6KOz43zb5dVB75d5fVrzCtR/hf4y1C1XnlVs1Y3j1p4Z9hDgNSwrKtT3HZCrJgdOr0UsLiT3XqjPJnWrlaDhK0qrNifnTiYPSAVVwb/pRq8aVM1WpEoWer+cnj/EzetqMCL/GxTKGbjCwkBnmoWBw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1708703764; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=FP9KRL+SerwXW0dsmmqgLA3tloMgPQHHxabviXvEun8=; b=eOTmP1q73y5KNZR0Xh3kmuxs3+VRtiDgYfE59xrXDrQQA797ZBbGKEaFBqnKYBLsE1ic91TjuSaDQBScH6dwlgSXlMUg+VNrZUQH7J0+0i1oxdqsc7qc4FrfX/aseYpJygL9ijDgWzPU/5sAlN53I4SUVAwhP+zx132rVBfW77w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1708703764537706.9765368416131; Fri, 23 Feb 2024 07:56:04 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1rdXu4-0003Q2-J3; Fri, 23 Feb 2024 10:56:00 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1rdXhX-0004l7-RV; Fri, 23 Feb 2024 10:43:03 -0500 Received: from mail-pl1-x62b.google.com ([2607:f8b0:4864:20::62b]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1rdXhW-000641-0y; Fri, 23 Feb 2024 10:43:03 -0500 Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-1dc0e5b223eso7723885ad.1; Fri, 23 Feb 2024 07:43:00 -0800 (PST) Received: from wheely.local0.net (220-235-194-103.tpgi.com.au. [220.235.194.103]) by smtp.gmail.com with ESMTPSA id h18-20020a170902f2d200b001d913992d8csm11808208plc.242.2024.02.23.07.42.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 23 Feb 2024 07:42:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1708702980; x=1709307780; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FP9KRL+SerwXW0dsmmqgLA3tloMgPQHHxabviXvEun8=; b=D/NP2aeEdH9DaI1Ald5YcjajCOpdcXsWYAeTmljLBnXDorVzFVTNzFk+EfQmqiqY+2 pHBJGeHwv5ZthF9FzM5BEdiFhDlnzIGHBIkOqK8N7fefiJRD90q4/5ZJN9zWdna7yRRF wpgVUv3aKXLXyRK1ET8Xxc8VCh8VbWi1+btpI/Ep6c0zLAjFUis0jbOQw+1ZKOJVQEej 63x0HN1F2OHEp3WsXGzfgH7IwRmQpwjXqi+ganyEtJr/3WVAL3fS7G3EC/jRNLnQ3t7K kb3oE9jZR4GiE5ZWab6NgnpUcvMFAo5G5zP0FA7lzbPXTM9UMQ3XP5r+yC5w3VA1sRLK 0MFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1708702980; x=1709307780; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FP9KRL+SerwXW0dsmmqgLA3tloMgPQHHxabviXvEun8=; b=DwO7anWHxkzFdi1TjhEBKOS7dnvr22efI0C0zGOZauj5PZst43PbFaMQ6Qi/NDuv2C ol7VyhEdf++dsLC03NuA7Qqlwm7zwtBZNdQGhW6udzm99Vc+EvO4mLf5uI9+SkNNRTsj 7B3qNvb9iBJKZNh2z43Al2FIPFejAEynZWnlNYFmAYEsen+AqhqWeBXSXFcOimvyOVp5 LaoLTKQWIKgUZuQ+vk5jFdF281LhE/o8/zEFs0p+Q2ADOeV1mR8gdsQAL5uTdxE42KaQ 9fr/qKJJ1HVjjJDQkbRZ1NJnw0RtyRJCVDoaYoAN3zwSsfk9v3057VMVFZiz1acyLk+d Dn1g== X-Forwarded-Encrypted: i=1; AJvYcCUF9CfpUl7lNXaC4cEJ0XeCwlFWLYHdkabL3VzgPtaaO8IPkwKbhqMNxMTF1PLyicp0BGPjj75Gqq12m5pVNzeF9zDhv14TgyCk9YBk3zSXl2JDIT1/n38my3yJ X-Gm-Message-State: AOJu0Yy31bjQXIMz0umFniS37wB0e4nWPF/8KIqNfEXo56NnvHFMH/Wt qtCTkQWabYxl1eu3R0QdR+MczLp0Mn9x+lsrQaGNkppwpZ3+msDRlZv77CDu X-Google-Smtp-Source: AGHT+IECEf1HuITZ2tDNxR+a3DKYH49h3PZeGfnQwmI0C52utuFyyjM8i0J6mOTPKRVu862yp9lATQ== X-Received: by 2002:a17:902:d543:b0:1db:9fa4:c770 with SMTP id z3-20020a170902d54300b001db9fa4c770mr207968plf.34.1708702979583; Fri, 23 Feb 2024 07:42:59 -0800 (PST) From: Nicholas Piggin To: qemu-devel@nongnu.org Cc: Nicholas Piggin , qemu-ppc@nongnu.org, Daniel Henrique Barboza , =?UTF-8?q?C=C3=A9dric=20Le=20Goater?= , Harsh Prateek Bora , qemu-stable@nongnu.org Subject: [PULL 02/47] target/ppc: Fix crash on machine check caused by ifetch Date: Sat, 24 Feb 2024 01:41:21 +1000 Message-ID: <20240223154211.1001692-3-npiggin@gmail.com> X-Mailer: git-send-email 2.42.0 In-Reply-To: <20240223154211.1001692-1-npiggin@gmail.com> References: <20240223154211.1001692-1-npiggin@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::62b; envelope-from=npiggin@gmail.com; helo=mail-pl1-x62b.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @gmail.com) X-ZM-MESSAGEID: 1708703765162100001 is_prefix_insn_excp() loads the first word of the instruction address which caused an exception, to determine whether or not it was prefixed so the prefix bit can be set in [H]SRR1. This works if the instruction image can be loaded, but if the exception was caused by an ifetch, this load could fail and cause a recursive exception and crash. Machine checks caused by ifetch are not excluded from the prefix check and can crash (see issue 2108 for an example). Fix this by excluding machine checks caused by ifetch from the prefix check. Cc: qemu-stable@nongnu.org Acked-by: C=C3=A9dric Le Goater Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2108 Fixes: 55a7fa34f89 ("target/ppc: Machine check on invalid real address acce= ss on POWER9/10") Fixes: 5a5d3b23cb2 ("target/ppc: Add SRR1 prefix indication to interrupt ha= ndlers") Signed-off-by: Nicholas Piggin --- target/ppc/excp_helper.c | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c index 2ec6429e36..98952de267 100644 --- a/target/ppc/excp_helper.c +++ b/target/ppc/excp_helper.c @@ -1312,6 +1312,10 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, int= excp) { CPUPPCState *env =3D &cpu->env; =20 + if (!(env->insns_flags2 & PPC2_ISA310)) { + return false; + } + if (!tcg_enabled()) { /* * This does not load instructions and set the prefix bit correctly @@ -1322,6 +1326,15 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, int= excp) } =20 switch (excp) { + case POWERPC_EXCP_MCHECK: + if (!(env->error_code & PPC_BIT(42))) { + /* + * Fetch attempt caused a machine check, so attempting to fetch + * again would cause a recursive machine check. + */ + return false; + } + break; case POWERPC_EXCP_HDSI: /* HDSI PRTABLE_FAULT has the originating access type in error_cod= e */ if ((env->spr[SPR_HDSISR] & DSISR_PRTABLE_FAULT) && @@ -1332,10 +1345,10 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, in= t excp) * instruction at NIP would cause recursive faults with the sa= me * translation). */ - break; + return false; } - /* fall through */ - case POWERPC_EXCP_MCHECK: + break; + case POWERPC_EXCP_DSI: case POWERPC_EXCP_DSEG: case POWERPC_EXCP_ALIGN: @@ -1346,17 +1359,13 @@ static bool is_prefix_insn_excp(PowerPCCPU *cpu, in= t excp) case POWERPC_EXCP_VPU: case POWERPC_EXCP_VSXU: case POWERPC_EXCP_FU: - case POWERPC_EXCP_HV_FU: { - uint32_t insn =3D ppc_ldl_code(env, env->nip); - if (is_prefix_insn(env, insn)) { - return true; - } + case POWERPC_EXCP_HV_FU: break; - } default: - break; + return false; } - return false; + + return is_prefix_insn(env, ppc_ldl_code(env, env->nip)); } #else static bool is_prefix_insn_excp(PowerPCCPU *cpu, int excp) @@ -3224,6 +3233,7 @@ void ppc_cpu_do_transaction_failed(CPUState *cs, hwad= dr physaddr, =20 switch (env->excp_model) { #if defined(TARGET_PPC64) + case POWERPC_EXCP_POWER8: case POWERPC_EXCP_POWER9: case POWERPC_EXCP_POWER10: /* @@ -3245,6 +3255,10 @@ void ppc_cpu_do_transaction_failed(CPUState *cs, hwa= ddr physaddr, env->error_code |=3D PPC_BIT(42); =20 } else { /* Fetch */ + /* + * is_prefix_insn_excp() tests !PPC_BIT(42) to avoid fetching + * the instruction, so that must always be clear for fetches. + */ env->error_code =3D PPC_BIT(36) | PPC_BIT(44) | PPC_BIT(45); } break; --=20 2.42.0