Meson, x86, Rust patches for 2025-05-12

[PULL 10/16] target/i386: implement TSS trap bit

Posted by Paolo Bonzini 6 months, 1 week ago

Now that we can do so after the error code has been pushed, raising
the #DB exception for task-switch traps is trivial.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 target/i386/tcg/seg_helper.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index cb90ccd2adc..071f3fbd83d 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -473,10 +473,6 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
         new_segs[R_GS] = 0;
         new_trap = 0;
     }
-    /* XXX: avoid a compiler warning, see
-     http://support.amd.com/us/Processor_TechDocs/24593.pdf
-     chapters 12.2.5 and 13.2.4 on how to implement TSS Trap bit */
-    (void)new_trap;
 
     /* clear busy bit (it is restartable) */
     if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
@@ -622,6 +618,11 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
         }
         SET_ESP(sa.sp, sa.sp_mask);
     }
+
+    if (new_trap) {
+        env->dr[6] |= DR6_BT;
+        raise_exception_ra(env, EXCP01_DB, retaddr);
+    }
 }
 
 static void switch_tss(CPUX86State *env, int tss_selector,
-- 
2.49.0

Re: [PULL 10/16] target/i386: implement TSS trap bit

Posted by Thomas Huth 2 months ago

On 12/05/2025 21.05, Paolo Bonzini wrote:
> Now that we can do so after the error code has been pushed, raising
> the #DB exception for task-switch traps is trivial.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>   target/i386/tcg/seg_helper.c | 9 +++++----
>   1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
> index cb90ccd2adc..071f3fbd83d 100644
> --- a/target/i386/tcg/seg_helper.c
> +++ b/target/i386/tcg/seg_helper.c
> @@ -473,10 +473,6 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
>           new_segs[R_GS] = 0;
>           new_trap = 0;
>       }
> -    /* XXX: avoid a compiler warning, see
> -     http://support.amd.com/us/Processor_TechDocs/24593.pdf
> -     chapters 12.2.5 and 13.2.4 on how to implement TSS Trap bit */
> -    (void)new_trap;
>   
>       /* clear busy bit (it is restartable) */
>       if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
> @@ -622,6 +618,11 @@ static void switch_tss_ra(CPUX86State *env, int tss_selector,
>           }
>           SET_ESP(sa.sp, sa.sp_mask);
>       }
> +
> +    if (new_trap) {
> +        env->dr[6] |= DR6_BT;
> +        raise_exception_ra(env, EXCP01_DB, retaddr);
> +    }
>   }

  Hi Paolo,

as already quickly mentioned in IRC, the kvm-unit-tests CI had a regression 
after homebrew updated its QEMU from 10.0 to 10.1, the "eventinj" and the 
"taskwitch" test started failing:

10.0:  https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/10871048973
10.1:  https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/jobs/11282832498

I've now bisected the problem (painfully in the terminal window of the 
cirrus-ci), and it seems to be this commit here that is causing the issue:

  ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5 is the first bad commit
  commit ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5
  Author: Paolo Bonzini <pbonzini@redhat.com>
  Date:   Wed Aug 14 12:33:02 2024 +0200

      target/i386: implement TSS trap bit

Could you please have a look?

  Thanks,
   Thomas

Re: [PULL 10/16] target/i386: implement TSS trap bit

Posted by Mark Cave-Ayland 2 months ago

On 10/09/2025 06:50, Thomas Huth wrote:

> On 12/05/2025 21.05, Paolo Bonzini wrote:
>> Now that we can do so after the error code has been pushed, raising
>> the #DB exception for task-switch traps is trivial.
>>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>> ---
>>   target/i386/tcg/seg_helper.c | 9 +++++----
>>   1 file changed, 5 insertions(+), 4 deletions(-)
>>
>> diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
>> index cb90ccd2adc..071f3fbd83d 100644
>> --- a/target/i386/tcg/seg_helper.c
>> +++ b/target/i386/tcg/seg_helper.c
>> @@ -473,10 +473,6 @@ static void switch_tss_ra(CPUX86State *env, int 
>> tss_selector,
>>           new_segs[R_GS] = 0;
>>           new_trap = 0;
>>       }
>> -    /* XXX: avoid a compiler warning, see
>> -     https://urldefense.proofpoint.com/v2/url? 
>> u=http-3A__support.amd.com_us_Processor-5FTechDocs_24593.pdf&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=Lx1uoh3Mv7iduPgFcshKa1nly0lcsCF6Z1G0neDOxQ4&e= -     chapters 12.2.5 and 13.2.4 on how to implement TSS Trap bit */
>> -    (void)new_trap;
>>       /* clear busy bit (it is restartable) */
>>       if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
>> @@ -622,6 +618,11 @@ static void switch_tss_ra(CPUX86State *env, int 
>> tss_selector,
>>           }
>>           SET_ESP(sa.sp, sa.sp_mask);
>>       }
>> +
>> +    if (new_trap) {
>> +        env->dr[6] |= DR6_BT;
>> +        raise_exception_ra(env, EXCP01_DB, retaddr);
>> +    }
>>   }
> 
>   Hi Paolo,
> 
> as already quickly mentioned in IRC, the kvm-unit-tests CI had a 
> regression after homebrew updated its QEMU from 10.0 to 10.1, the 
> "eventinj" and the "taskwitch" test started failing:
> 
> 10.0:  https://urldefense.proofpoint.com/v2/url? 
> u=https-3A__gitlab.com_kvm-2Dunit-2Dtests_kvm-2Dunit-2Dtests_-2D_jobs_10871048973&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=2-qwz0tlJsb4ChkM4ZqunWv6Bmf3Zri5BDO1guawTyc&e= 10.1:  https://urldefense.proofpoint.com/v2/url?u=https-3A__gitlab.com_kvm-2Dunit-2Dtests_kvm-2Dunit-2Dtests_-2D_jobs_11282832498&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=U7Y_mIKPuJtmnCc5eDadnSt1qVAWtKHPBqnXRrPcG1s&e=
> I've now bisected the problem (painfully in the terminal window of the 
> cirrus-ci), and it seems to be this commit here that is causing the issue:
> 
>   ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5 is the first bad commit
>   commit ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5
>   Author: Paolo Bonzini <pbonzini@redhat.com>
>   Date:   Wed Aug 14 12:33:02 2024 +0200
> 
>       target/i386: implement TSS trap bit
> 
> Could you please have a look?
> 
>   Thanks,
>    Thomas

Possibly related: https://gitlab.com/qemu-project/qemu/-/issues/3101? 
The submitter has also provided a suggested patch.


ATB,

Mark.

Re: [PULL 10/16] target/i386: implement TSS trap bit

Posted by Thomas Huth 2 months ago

On 10/09/2025 10.01, Mark Cave-Ayland wrote:
> On 10/09/2025 06:50, Thomas Huth wrote:
> 
>> On 12/05/2025 21.05, Paolo Bonzini wrote:
>>> Now that we can do so after the error code has been pushed, raising
>>> the #DB exception for task-switch traps is trivial.
>>>
>>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>>> ---
>>>   target/i386/tcg/seg_helper.c | 9 +++++----
>>>   1 file changed, 5 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
>>> index cb90ccd2adc..071f3fbd83d 100644
>>> --- a/target/i386/tcg/seg_helper.c
>>> +++ b/target/i386/tcg/seg_helper.c
>>> @@ -473,10 +473,6 @@ static void switch_tss_ra(CPUX86State *env, int 
>>> tss_selector,
>>>           new_segs[R_GS] = 0;
>>>           new_trap = 0;
>>>       }
>>> -    /* XXX: avoid a compiler warning, see
>>> -     https://urldefense.proofpoint.com/v2/url? 
>>> u=http-3A__support.amd.com_us_Processor-5FTechDocs_24593.pdf&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=Lx1uoh3Mv7iduPgFcshKa1nly0lcsCF6Z1G0neDOxQ4&e= -     chapters 12.2.5 and 13.2.4 on how to implement TSS Trap bit */
>>> -    (void)new_trap;
>>>       /* clear busy bit (it is restartable) */
>>>       if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
>>> @@ -622,6 +618,11 @@ static void switch_tss_ra(CPUX86State *env, int 
>>> tss_selector,
>>>           }
>>>           SET_ESP(sa.sp, sa.sp_mask);
>>>       }
>>> +
>>> +    if (new_trap) {
>>> +        env->dr[6] |= DR6_BT;
>>> +        raise_exception_ra(env, EXCP01_DB, retaddr);
>>> +    }
>>>   }
>>
>>   Hi Paolo,
>>
>> as already quickly mentioned in IRC, the kvm-unit-tests CI had a 
>> regression after homebrew updated its QEMU from 10.0 to 10.1, the 
>> "eventinj" and the "taskwitch" test started failing:
>>
>> 10.0:  https://urldefense.proofpoint.com/v2/url? 
>> u=https-3A__gitlab.com_kvm-2Dunit-2Dtests_kvm-2Dunit-2Dtests_-2D_jobs_10871048973&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=2-qwz0tlJsb4ChkM4ZqunWv6Bmf3Zri5BDO1guawTyc&e= 10.1:  https://urldefense.proofpoint.com/v2/url?u=https-3A__gitlab.com_kvm-2Dunit-2Dtests_kvm-2Dunit-2Dtests_-2D_jobs_11282832498&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=U7Y_mIKPuJtmnCc5eDadnSt1qVAWtKHPBqnXRrPcG1s&e=
>> I've now bisected the problem (painfully in the terminal window of the 
>> cirrus-ci), and it seems to be this commit here that is causing the issue:
>>
>>   ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5 is the first bad commit
>>   commit ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5
>>   Author: Paolo Bonzini <pbonzini@redhat.com>
>>   Date:   Wed Aug 14 12:33:02 2024 +0200
>>
>>       target/i386: implement TSS trap bit
>>
>> Could you please have a look?
>>
>>   Thanks,
>>    Thomas
> 
> Possibly related: https://gitlab.com/qemu-project/qemu/-/issues/3101? The 
> submitter has also provided a suggested patch.

Well spotted! I can confirm that that patch fixes the problem with the 
kvm-unit-tests, too!

  Thomas