From nobody Fri Dec 19 15:59:17 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=posteo.net ARC-Seal: i=1; a=rsa-sha256; t=1751567114; cv=none; d=zohomail.com; s=zohoarc; b=ZzxVRX7WjdWNlGDQTiG86Tp7NLsnsAwWFZ2lDNuVDwE0hHkYwRQunpDMXPkLNsrbef7A3A8feczx4GtRV+yeUg5bEzBdLIsWJAdSqjIF+qqILplKA8XbIIiNCkhtpi84Uwt7iYcVtcmIDjP/o5Vb4UcqMZW8C9yW3lxFn3nOCnE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1751567114; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=tZpaJVHAkliJPZ3G0I0UHMSBeXFjO7qarSjaVZhq4fs=; b=HXQ4uWm/0C8bhwCZl/DYckra8PGpJyb6yYW9U2dtHkEgp788PeB+8FURBFdtolKwTHJoV6u/rzQQi23dhOzdDqJwjSGm6TG1foZZQue8A1gZrUSryamDwx7AKEYyGe4H63pylpjPeMt08d8ZgDt1NLGw3ju7uROJaaAj13lHTN0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1751567114893380.01883734462206; Thu, 3 Jul 2025 11:25:14 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uXObP-0003o4-84; Thu, 03 Jul 2025 14:24:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uXObJ-0003mw-04 for qemu-devel@nongnu.org; Thu, 03 Jul 2025 14:24:01 -0400 Received: from mout01.posteo.de ([185.67.36.65]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uXObD-0007mP-2p for qemu-devel@nongnu.org; Thu, 03 Jul 2025 14:23:59 -0400 Received: from submission (posteo.de [185.67.36.169]) by mout01.posteo.de (Postfix) with ESMTPS id A3769240029 for ; Thu, 3 Jul 2025 20:23:49 +0200 (CEST) Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4bY4sJ3LjFz6v0p; Thu, 3 Jul 2025 20:23:48 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=posteo.net; s=1984.ea087b; t=1751567029; bh=tZpaJVHAkliJPZ3G0I0UHMSBeXFjO7qarSjaVZhq4fs=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version: Content-Transfer-Encoding:From; b=VlJFzHVRMbAZUva4VHzioGYauO2NeUJTG4e4DmwfseY+2dMbt3iaLGbPD/7nX8D95 F2K8kSG5urudKkI6JGBCjxe5x8Z5asaL2rZ9jjd6t0UZ/ksrfyZeJSu0Kj/8HGT8tf f8yYS8dAvsn/t9kI4jW54AzMhHqoHnO8RzOsY9Ex8ms/obxuCBxhok6AL0NImK2NcQ hUAZm90KwYk21Q/Buj52/6OjURrWJ1F1Rb/FhU5UaCp3ehe6ZSGOs6ZQjeCBdqwu5x +YMqc8X9O7lAlymvzusFAXvY85XLQA0xTlvYaLJNj05ti4lYSeW2SOHTOmLXAeAcxx Tp6inOxNdkDva34rugAdJvEZw6FuEMDbo7fUv8hhrh/7J9NNvpqBNi00opUHAMIudX h57R7QDkEJwmYgaxWoRP3QcICa8ItxSSR02TdC8oKzoSHiAlC5hlOBOFKprNYrR4D7 3ckhcnsRi/tZ1nVpg2ZCTWDMoQJ6elL8k8l4YSefGcy4xXRr6em From: Charalampos Mitrodimas To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, alistair.francis@wdc.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, Charalampos Mitrodimas Subject: [PATCH 1/2] target/riscv: Fix MEPC/SEPC bit masking for IALIGN Date: Thu, 3 Jul 2025 18:21:43 +0000 Message-ID: <20250703182157.281320-2-charmitro@posteo.net> In-Reply-To: <20250703182157.281320-1-charmitro@posteo.net> References: <20250703182157.281320-1-charmitro@posteo.net> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=185.67.36.65; envelope-from=charmitro@posteo.net; helo=mout01.posteo.de X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.237, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @posteo.net) X-ZM-MESSAGEID: 1751567116973116601 Content-Type: text/plain; charset="utf-8" According to the RISC-V Privileged Architecture specification, the low bit of MEPC/SEPC must always be zero. When IALIGN=3D32, the two low bits must be zero. This commit fixes the behavior of MEPC/SEPC CSR reads and writes, and the implicit reads by MRET/SRET instructions to properly mask the lowest bit(s) based on whether the C extension is enabled: - When C extension is enabled (IALIGN=3D16): mask bit 0 - When C extension is disabled (IALIGN=3D32): mask bits [1:0] Previously, when vectored mode bits from STVEC (which sets bit 0 for vectored mode) were written to MEPC, the bits would not be cleared correctly, causing incorrect behavior on MRET. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2855 Signed-off-by: Charalampos Mitrodimas Reviewed-by: Alistair Francis Reviewed-by: Daniel Henrique Barboza --- target/riscv/csr.c | 8 ++++---- target/riscv/internals.h | 11 +++++++++++ target/riscv/op_helper.c | 4 ++-- 3 files changed, 17 insertions(+), 6 deletions(-) diff --git a/target/riscv/csr.c b/target/riscv/csr.c index fb14972169..c33a6e86d2 100644 --- a/target/riscv/csr.c +++ b/target/riscv/csr.c @@ -3126,14 +3126,14 @@ static RISCVException write_mscratch(CPURISCVState = *env, int csrno, static RISCVException read_mepc(CPURISCVState *env, int csrno, target_ulong *val) { - *val =3D env->mepc; + *val =3D env->mepc & get_xepc_mask(env); return RISCV_EXCP_NONE; } =20 static RISCVException write_mepc(CPURISCVState *env, int csrno, target_ulong val, uintptr_t ra) { - env->mepc =3D val; + env->mepc =3D val & get_xepc_mask(env); return RISCV_EXCP_NONE; } =20 @@ -4113,14 +4113,14 @@ static RISCVException write_sscratch(CPURISCVState = *env, int csrno, static RISCVException read_sepc(CPURISCVState *env, int csrno, target_ulong *val) { - *val =3D env->sepc; + *val =3D env->sepc & get_xepc_mask(env); return RISCV_EXCP_NONE; } =20 static RISCVException write_sepc(CPURISCVState *env, int csrno, target_ulong val, uintptr_t ra) { - env->sepc =3D val; + env->sepc =3D val & get_xepc_mask(env); return RISCV_EXCP_NONE; } =20 diff --git a/target/riscv/internals.h b/target/riscv/internals.h index 4570bd50be..89ac6a160f 100644 --- a/target/riscv/internals.h +++ b/target/riscv/internals.h @@ -142,6 +142,17 @@ static inline float16 check_nanbox_h(CPURISCVState *en= v, uint64_t f) } } =20 +static inline target_ulong get_xepc_mask(CPURISCVState *env) +{ + /* When IALIGN=3D32, both low bits must be zero. + * When IALIGN=3D16 (has C extension), only bit 0 must be zero. */ + if (riscv_has_ext(env, RVC)) { + return ~(target_ulong)1; + } else { + return ~(target_ulong)3; + } +} + #ifndef CONFIG_USER_ONLY /* Our implementation of SysemuCPUOps::has_work */ bool riscv_cpu_has_work(CPUState *cs); diff --git a/target/riscv/op_helper.c b/target/riscv/op_helper.c index 557807ba4b..15460bf84b 100644 --- a/target/riscv/op_helper.c +++ b/target/riscv/op_helper.c @@ -280,7 +280,7 @@ target_ulong helper_sret(CPURISCVState *env) riscv_raise_exception(env, RISCV_EXCP_ILLEGAL_INST, GETPC()); } =20 - target_ulong retpc =3D env->sepc; + target_ulong retpc =3D env->sepc & get_xepc_mask(env); if (!riscv_cpu_allow_16bit_insn(&env_archcpu(env)->cfg, env->priv_ver, env->misa_ext) && (retpc & 0x3)) { @@ -391,7 +391,7 @@ static target_ulong ssdbltrp_mxret(CPURISCVState *env, = target_ulong mstatus, =20 target_ulong helper_mret(CPURISCVState *env) { - target_ulong retpc =3D env->mepc; + target_ulong retpc =3D env->mepc & get_xepc_mask(env); uint64_t mstatus =3D env->mstatus; target_ulong prev_priv =3D get_field(mstatus, MSTATUS_MPP); =20 --=20 2.47.2 From nobody Fri Dec 19 15:59:17 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=posteo.net ARC-Seal: i=1; a=rsa-sha256; t=1751567115; cv=none; d=zohomail.com; s=zohoarc; b=Ow8AXhnJvrHuC7daSgnol0Chr952+UGjCzSVJZ73YXq7j/zvM9GUffs8U41tsUSdUI4KTXqhgzsvHB37hLJxyeZbfGVyGVpB5FUCWd9SxqtKKRCtwvKTBmdhvTYeP9AhfOBEAT5z9mRXbwTqX5dVagRhjh9rWXDTCoHH0fFmZik= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1751567115; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=aONxnhG2/4C5CRB6gZRLVbyh3cNluMhiy15RdumhPlM=; b=NGIJibpvfyFnvYQ5LX+EYRPMcJsl1dEHbwEQTa2giRHBOKuggd0eXFvfwf3v6bwtSRTPyTyyDpmwu2rG4F97C0NWTo0wu7nOKYfbf+CmqRLQJDumv0USSWZUlQ+JZd5Q/kLHnV7m10npaH2JEGL5E7/47HUJx6ShGIgxlUKeHww= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1751567114889465.236781583017; Thu, 3 Jul 2025 11:25:14 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1uXObP-0003oO-GO; Thu, 03 Jul 2025 14:24:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uXObK-0003nP-6w for qemu-devel@nongnu.org; Thu, 03 Jul 2025 14:24:03 -0400 Received: from mout01.posteo.de ([185.67.36.65]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1uXObG-0007nf-NS for qemu-devel@nongnu.org; Thu, 03 Jul 2025 14:24:01 -0400 Received: from submission (posteo.de [185.67.36.169]) by mout01.posteo.de (Postfix) with ESMTPS id 9912324002B for ; Thu, 3 Jul 2025 20:23:50 +0200 (CEST) Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4bY4sK372fz6v0M; Thu, 3 Jul 2025 20:23:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=posteo.net; s=1984.ea087b; t=1751567030; bh=aONxnhG2/4C5CRB6gZRLVbyh3cNluMhiy15RdumhPlM=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version: Content-Transfer-Encoding:From; b=iizuKDkDGjGE6OCBfRVLREmzVrM/1vk+yyLSgcUj+NIThiC13dGTAMBakeheHugn+ J4haCs+ajFxyWmUlb4v4ec8tQI21PUmptOsYQXqHzrK5wf5AWITjOd13a8LFcsD8aq ydMbG6h0BjOzDuPP0ErshwI1QqdgeveydMXJSB/87+mnFxy1dQQzwog+yM3yJrnBhy mNd8xmMQ0V0W+m3qBGk66d0xf2FPHrbPHsXw5oC94WDAEx4NzpvOy5ObQBan2c2H1k QulnSnmuR8qAEBXGFow4pbqbYHYQosubdYqQUlxcz1HdyQo4c+ur6YORKBFGVXzPoT xaaS/dablze4SOPqhSqTQ8Gjj5WeCRLfOdtV5VSmr1mGYdILh9UbvUyzu1ELu8NmKm onhko2pCJ4uxU5yeXpPTtmz8TsD+Cr/R4xdRgGRe1gb9Mt9aM3pYmdW9gAzYOqC7Em QceOJXW32ikBf3sym58yWTywK9Q0NvpSEN34cjWKJKUVXuxtU8l From: Charalampos Mitrodimas To: qemu-riscv@nongnu.org, qemu-devel@nongnu.org Cc: palmer@dabbelt.com, alistair.francis@wdc.com, liwei1518@gmail.com, dbarboza@ventanamicro.com, zhiwei_liu@linux.alibaba.com, Charalampos Mitrodimas Subject: [PATCH 2/2] tests/tcg/riscv64: Add test for MEPC bit masking Date: Thu, 3 Jul 2025 18:21:44 +0000 Message-ID: <20250703182157.281320-3-charmitro@posteo.net> In-Reply-To: <20250703182157.281320-1-charmitro@posteo.net> References: <20250703182157.281320-1-charmitro@posteo.net> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=185.67.36.65; envelope-from=charmitro@posteo.net; helo=mout01.posteo.de X-Spam_score_int: -41 X-Spam_score: -4.2 X-Spam_bar: ---- X-Spam_report: (-4.2 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.237, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=unavailable autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @posteo.net) X-ZM-MESSAGEID: 1751567116973116600 Content-Type: text/plain; charset="utf-8" Add a regression test to verify that MEPC properly masks the lower bits when an address with mode bits is written to it, as required by the RISC-V Privileged Architecture specification. The test sets STVEC to an address with bit 0 set (vectored mode), triggers an illegal instruction exception, copies STVEC to MEPC in the trap handler, and verifies that MEPC masks bits [1:0] correctly for IALIGN=3D32. Without the fix, MEPC retains the mode bits (returns non-zero/FAIL). With the fix, MEPC clears bits [1:0] (returns 0/PASS). Signed-off-by: Charalampos Mitrodimas Reviewed-by: Daniel Henrique Barboza --- tests/tcg/riscv64/Makefile.softmmu-target | 4 ++ tests/tcg/riscv64/test-mepc-masking.S | 73 +++++++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 tests/tcg/riscv64/test-mepc-masking.S diff --git a/tests/tcg/riscv64/Makefile.softmmu-target b/tests/tcg/riscv64/= Makefile.softmmu-target index 7c1d44d3f4..3ca595335d 100644 --- a/tests/tcg/riscv64/Makefile.softmmu-target +++ b/tests/tcg/riscv64/Makefile.softmmu-target @@ -20,5 +20,9 @@ EXTRA_RUNS +=3D run-issue1060 run-issue1060: issue1060 $(call run-test, $<, $(QEMU) $(QEMU_OPTS)$<) =20 +EXTRA_RUNS +=3D run-test-mepc-masking +run-test-mepc-masking: test-mepc-masking + $(call run-test, $<, $(QEMU) $(QEMU_OPTS)$<) + # We don't currently support the multiarch system tests undefine MULTIARCH_TESTS diff --git a/tests/tcg/riscv64/test-mepc-masking.S b/tests/tcg/riscv64/test= -mepc-masking.S new file mode 100644 index 0000000000..fccd2a7ac4 --- /dev/null +++ b/tests/tcg/riscv64/test-mepc-masking.S @@ -0,0 +1,73 @@ +/* + * Test for MEPC masking bug fix + * + * This test verifies that MEPC properly masks the lower bits according + * to the RISC-V specification when vectored mode bits from STVEC are + * written to MEPC. + */ + + .option norvc + + .text + .global _start +_start: + /* Set up machine trap vector */ + lla t0, machine_trap_handler + csrw mtvec, t0 + + /* Set STVEC with vectored mode (mode bits =3D 01) */ + li t0, 0x80004001 + csrw stvec, t0 + + /* Clear medeleg to handle exceptions in M-mode */ + csrw medeleg, zero + + /* Trigger illegal instruction exception */ + .word 0xffffffff + +test_completed: + /* Exit with result in a0 */ + /* a0 =3D 0: success (bits [1:0] were masked) */ + /* a0 !=3D 0: failure (some bits were not masked) */ + j _exit + +machine_trap_handler: + /* Check if illegal instruction (mcause =3D 2) */ + csrr t0, mcause + li t1, 2 + bne t0, t1, skip_test + + /* Test: Copy STVEC (with mode bits) to MEPC */ + csrr t0, stvec /* t0 =3D 0x80004001 */ + csrw mepc, t0 /* Write to MEPC */ + csrr t1, mepc /* Read back MEPC */ + + /* Check if bits [1:0] are masked (IALIGN=3D32 without RVC) */ + andi a0, t1, 3 /* a0 =3D 0 if both bits masked correctly */ + + /* Set correct return address */ + lla t0, test_completed + csrw mepc, t0 + +skip_test: + mret + +/* Exit with semihosting */ +_exit: + lla a1, semiargs + li t0, 0x20026 /* ADP_Stopped_ApplicationExit */ + sd t0, 0(a1) + sd a0, 8(a1) + li a0, 0x20 /* TARGET_SYS_EXIT_EXTENDED */ + + /* Semihosting call sequence */ + .balign 16 + slli zero, zero, 0x1f + ebreak + srai zero, zero, 0x7 + j . + + .data + .balign 8 +semiargs: + .space 16 --=20 2.47.2