From nobody Mon Feb 9 08:48:56 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=sifive.com ARC-Seal: i=1; a=rsa-sha256; t=1769613884; cv=none; d=zohomail.com; s=zohoarc; b=RHwxGcx8GmUyNPJynZIXFKpw/aevRNDYuCmehsHg+qq4x7FbWSk2lpIEfLWC6zwjEc0DFyQCHFQFPrwCWhkPooMk32qK7w6YdzfOYvKzdnEMGfJXFXo7OBBY8oDFY/aYGG7oJTV24xK8rp1FXEGclI4WfufHNyvcYiPcyAeFVHA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1769613884; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=PtjvUeuWhkZyONrdS1On48+U1sCeHHvT9T0OfWxFIiU=; b=RXccE9iB4dv2eCzFcqFg1mBQpaw1m1ukXiMf6+BG7Kc35z0PpTueZzPGinN+I+/yLpnMmMIS1IMBgSvL3HQcsklCkfmwISOFGJzVQn7MKVuY9EGqLLYOFR2WDNsyDOP6/Y4ftDfqImYSGV+Gb7RI3o6KHHjOJM249uVBSXWiBUc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1769613884618473.7245601703826; Wed, 28 Jan 2026 07:24:44 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vl7PH-0000y2-99; Wed, 28 Jan 2026 10:24:35 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vl7Oi-0000Zg-SO for qemu-devel@nongnu.org; Wed, 28 Jan 2026 10:24:01 -0500 Received: from mail-pf1-x42d.google.com ([2607:f8b0:4864:20::42d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1vl7Oh-0003Tp-Cg for qemu-devel@nongnu.org; Wed, 28 Jan 2026 10:24:00 -0500 Received: by mail-pf1-x42d.google.com with SMTP id d2e1a72fcca58-81f4e36512aso6918592b3a.3 for ; Wed, 28 Jan 2026 07:23:59 -0800 (PST) Received: from hsinchu26.internal.sifive.com ([210.176.154.34]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-82379c1eeebsm3021304b3a.45.2026.01.28.07.23.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Jan 2026 07:23:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; t=1769613838; x=1770218638; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PtjvUeuWhkZyONrdS1On48+U1sCeHHvT9T0OfWxFIiU=; b=Cl83GaaEsBeB7S05m92oQ1hOW4DwoQJQ98BHkTL35Ap3Gqm3O6i5ljxWBFJEt9ivC8 2jrfsxkGXE3cu2DWPPTUhXyzEcTZAP+iJ4lCvlRIoHkykMXf5GJ/Z+5VaXXbw8Zj9Bwx NalKg/A11MFRW4cd2ArPp8FdFWzIdtfC/JfPbKjUfz2X2iZdAF4gHtviYOSwaz17ptoR vc3fj5Fq7hjU3+zlwkymtOEXd/AKI/NBpGynnUdTL/jFs4eRG0qi4VgZKvC1NmyBrIz8 0n7iiTcbF1OWu1k1LxwMNWQ/jCvxQ07/sgxllo0tPSsNsw52FNFOLjYwi4fQROriz46c P5cQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1769613838; x=1770218638; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=PtjvUeuWhkZyONrdS1On48+U1sCeHHvT9T0OfWxFIiU=; b=ZuW5YUqfm6eNUF4y1oiPh3ihRxD1UNtF2DCh7Jc77dN+c0nVAyqUmm8aMHNpkbyhgu ZZeylX/hEsC1HlkVezzdmx5h8N8+OatEiRADscBgsRef0hQsIhDkdL76LiCtk9CCH0hg LUc1wOCyK7N4nvMtohusUYRH+EnN5oY+r4NPVWGqY38yox9rRELhvv/3GZzGWR6rNMxP M1eQ0r2CxhykJ0HbQAG9ZgnMfETvK/h8z5l3KZVt9ERdhRRBMrDY2KpBaWcPwQt09EnS ZG7tJANFm/g6HWwnta8ovco0B8h5noC87pZlTm6cac+rebJ64oJ0JdT6MHXNIgz8FD5h H7Ng== X-Gm-Message-State: AOJu0Yzg/KblOos0E6igHlUBJm6KBwuP+g8TxWWqRtYML8Gi0jnosFxM qPaocmzBy7gY+rdurqej5nVQcSqVc8boaw3/4QFl1+5Fd0DJ2CGXyMgZhp0rIqk6RJigjwWLqaJ epIvMs+aQZ6gni40ujIQxH1lht+GYWxjX5O0awS0UuTfmgLTFM6ctfT4UEb+oxR/guHf6shC2j+ XHTixneI8bYyw0/FWKbKaO9eQGY+RR0dhTboqvNg== X-Gm-Gg: AZuq6aJwATRnevpi2CEpzbj8nXe8fm3p/WAqtkYtnVV/umBRE+vqlAYn1PjkcKxlOCK Mqrj0LdfRbfxdfykaJlCx9Ae0VksyWjPrOrlOVW/s/KhbBsnJokocsQnSXsza0uxacwKKKzYZLj giSb4Hw1p+GsFKLj+K8G1cjm6bMqsTjRaEbeesL4vNtjz+1GZecIA3E0QH3+csFfpumlZIrkoLs +kZouPryITX48zjKsOMbqgQDlgf7WyLuAu55vKrbW/xLCC/vsfd89sCoM/Akl3UIJErm4AUCgr4 Zix+CgcOMKkxPRXLR8lW9k+PvyIHZxkaV9gVJ2dMi+hZFfVkTTcXgxbQBcu23JuRlFdRDrJbVbS eWG2n4Mv7GcLoNYz+6PPukpGqeEqHq+MBo/xJYeUIn9i2XMhfSrDmNoGYcPa3efyoBA39CIr58t 2h9XS5cFatCD3BMRVvSJIS8Y0HhokkCJDkn1SI6F8aQJ0= X-Received: by 2002:a05:6a00:3a24:b0:823:bbb:76f9 with SMTP id d2e1a72fcca58-823692a7e92mr5427906b3a.42.1769613837616; Wed, 28 Jan 2026 07:23:57 -0800 (PST) From: Jim Shu To: qemu-devel@nongnu.org Cc: Daniel Henrique Barboza , Richard Henderson , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Eduardo Habkost , Marcel Apfelbaum , Yanan Wang , Zhao Liu , Peter Xu , Jim Shu Subject: [PATCH v2 1/3] accel/tcg: Send the CPUTLBEntryFull struct into io_prepare() Date: Wed, 28 Jan 2026 23:23:46 +0800 Message-ID: <20260128152348.2095427-2-jim.shu@sifive.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260128152348.2095427-1-jim.shu@sifive.com> References: <20260128152348.2095427-1-jim.shu@sifive.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::42d; envelope-from=jim.shu@sifive.com; helo=mail-pf1-x42d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @sifive.com) X-ZM-MESSAGEID: 1769613886493154100 Content-Type: text/plain; charset="utf-8" To let io_prepare() function use the multiple members in CPUTLBEntryFull struct, send the full struct instead of 'xlat_section' member as the argument. It is the preliminary patch of next commit. Signed-off-by: Jim Shu Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Pierrick Bouvier Tested-by: Mark Burton --- accel/tcg/cputlb.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c index 6900a126827..82c9b6389dc 100644 --- a/accel/tcg/cputlb.c +++ b/accel/tcg/cputlb.c @@ -1270,14 +1270,14 @@ static inline void cpu_unaligned_access(CPUState *c= pu, vaddr addr, } =20 static MemoryRegionSection * -io_prepare(hwaddr *out_offset, CPUState *cpu, hwaddr xlat, +io_prepare(hwaddr *out_offset, CPUState *cpu, CPUTLBEntryFull *full, MemTxAttrs attrs, vaddr addr, uintptr_t retaddr) { MemoryRegionSection *section; hwaddr mr_offset; =20 - section =3D iotlb_to_section(cpu, xlat, attrs); - mr_offset =3D (xlat & TARGET_PAGE_MASK) + addr; + section =3D iotlb_to_section(cpu, full->xlat_section, attrs); + mr_offset =3D (full->xlat_section & TARGET_PAGE_MASK) + addr; cpu->mem_io_pc =3D retaddr; if (!cpu->neg.can_do_io) { cpu_io_recompile(cpu, retaddr); @@ -1981,7 +1981,7 @@ static uint64_t do_ld_mmio_beN(CPUState *cpu, CPUTLBE= ntryFull *full, tcg_debug_assert(size > 0 && size <=3D 8); =20 attrs =3D full->attrs; - section =3D io_prepare(&mr_offset, cpu, full->xlat_section, attrs, add= r, ra); + section =3D io_prepare(&mr_offset, cpu, full, attrs, addr, ra); mr =3D section->mr; =20 BQL_LOCK_GUARD(); @@ -2002,7 +2002,7 @@ static Int128 do_ld16_mmio_beN(CPUState *cpu, CPUTLBE= ntryFull *full, tcg_debug_assert(size > 8 && size <=3D 16); =20 attrs =3D full->attrs; - section =3D io_prepare(&mr_offset, cpu, full->xlat_section, attrs, add= r, ra); + section =3D io_prepare(&mr_offset, cpu, full, attrs, addr, ra); mr =3D section->mr; =20 BQL_LOCK_GUARD(); @@ -2499,7 +2499,7 @@ static uint64_t do_st_mmio_leN(CPUState *cpu, CPUTLBE= ntryFull *full, tcg_debug_assert(size > 0 && size <=3D 8); =20 attrs =3D full->attrs; - section =3D io_prepare(&mr_offset, cpu, full->xlat_section, attrs, add= r, ra); + section =3D io_prepare(&mr_offset, cpu, full, attrs, addr, ra); mr =3D section->mr; =20 BQL_LOCK_GUARD(); @@ -2519,7 +2519,7 @@ static uint64_t do_st16_mmio_leN(CPUState *cpu, CPUTL= BEntryFull *full, tcg_debug_assert(size > 8 && size <=3D 16); =20 attrs =3D full->attrs; - section =3D io_prepare(&mr_offset, cpu, full->xlat_section, attrs, add= r, ra); + section =3D io_prepare(&mr_offset, cpu, full, attrs, addr, ra); mr =3D section->mr; =20 BQL_LOCK_GUARD(); --=20 2.43.0 From nobody Mon Feb 9 08:48:56 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=sifive.com ARC-Seal: i=1; a=rsa-sha256; t=1769613887; cv=none; d=zohomail.com; s=zohoarc; b=kR8hFEANB0AANqhPosodJTKRVn3BbJsEIwHnNqSXyeiThmENv3y6B1LdvVk1ViJDfn4dBoOAAhWlcqM7mT8tKWB6yruSnB+q1/KWMuhcvB9Ry85Y4MCIJNtVjeCXlpPN2WYEhIf7TSlT3MCg/e6ptW8tHTzy09FWxzFFHn2yfjE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1769613887; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=0OxWCzPW0g/rN962XyMygE+kbGhHN7q/RykJMy+ty6Y=; b=Bv11J1euu3rS5KAt7q82BoEYV6GIwwTv4n7QIQ+vkWmfsXNGmRqxQlfcKTTGN2uwyVVd06cny2S9FL3520TI/dfd9hw4yiQR+lI7idfPBJ3ygIbNlAlSxpvvUkoq079ff0wXz3lO2unWxiFG9ahHlDQ+qms9JdkuWbfrCcLRaRs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1769613886849503.3503131118605; Wed, 28 Jan 2026 07:24:46 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vl7PL-000188-6R; Wed, 28 Jan 2026 10:24:39 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vl7Oo-0000f1-JL for qemu-devel@nongnu.org; Wed, 28 Jan 2026 10:24:07 -0500 Received: from mail-pf1-x429.google.com ([2607:f8b0:4864:20::429]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1vl7Ol-0003UG-0j for qemu-devel@nongnu.org; Wed, 28 Jan 2026 10:24:04 -0500 Received: by mail-pf1-x429.google.com with SMTP id d2e1a72fcca58-82311f4070cso644752b3a.0 for ; Wed, 28 Jan 2026 07:24:01 -0800 (PST) Received: from hsinchu26.internal.sifive.com ([210.176.154.34]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-82379c1eeebsm3021304b3a.45.2026.01.28.07.23.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Jan 2026 07:23:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; t=1769613840; x=1770218640; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0OxWCzPW0g/rN962XyMygE+kbGhHN7q/RykJMy+ty6Y=; b=aFEUJAoaBoZzjyNrMeFKRUIW7Zn9PaNh63rScR8bbam7a2b6C6i1dwcIfHFzV5o3W1 QBra2+YOb/epsifpCDwb2oiMGAAFYS/8z1AKrMY7NhZYFnSsGDPQqKJ1Z/2oTJgRgG8Z qK/v6835lXvWBZEcnMgRPv18yjnxr1GhO67wNSqqZHcqbWMnUxijiG3I19SZgq2L5FYf tAIeNjiOtY++1mN+6OT/RQ4wEjAL3GYS4CUoYeP5eKtiBXhlhi0FrIvKiweTxdyXndWY glgi6DvJE/9fuKGYdedrnCTgVUz15Grj3KwWDr+LC5YwCSFJX23BOWwfzTegjqko7zKK ukSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1769613840; x=1770218640; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=0OxWCzPW0g/rN962XyMygE+kbGhHN7q/RykJMy+ty6Y=; b=QpfcrF5MByus0C9xkx8drfvFHhqSBqkhLtw9rUE4hLUQ7ubqpt1CTK9it72QHZ9Gcw Pse/3M2e2LG8sRlsSJoCwcWSH/W1xRjZh1eWisx76VYJxcO94+t1aaIb3IuMOmgZZnfy yCIkJbfNtqS8yrY929w+Jvye2g/w+KsCqBcmfX+eUA+UkY711LLgQhcNxO4M8cdoRlKx sPMkqfdKMMr9IbgIFyjyKg1UcVmEw+zCsvPE07t6C97gyt4kkOZTDW/5ZmtxCQFBNVip Bqwh13XdPk9EQNi+Kop0W7ZO2FwhH1hbDUq2LsokqYy4BMfnPNHBoSmY0BO+KM7QiGCh gUFA== X-Gm-Message-State: AOJu0YyXjTglegz2oo37EKQCLk9LSQ3m/uTK/VAuleeECUgvJwrrWb8A 5pDuCVn0CAAALifzGk+3eqQVuBnF8fW25BM9c4GpEjdCOjuVHMt9mtFystWEVJs9fC4f3D/+/RM o40SnSjPw9HMApJgBG+Iqfu+y+7Y994GraqwLptV5wCFnJBFWfjVRALYiDC8yAdVFXykDev3wTH CM0ItYVTZVvDfdHiE9pSUeiE8/33Ehn8Uhf4S2Mw== X-Gm-Gg: AZuq6aJyTWDFpAhOvbKgmdjacrtgLVdEqqsU0Fya8dcggzwzi0JnHLiy0tElkcBWJ3W pTFm6kILyjZQGN4hiqTK8wJqhAjKdkbjmS8zRGMmVI+2a9WratCVi9N+bFgPshILYpEExQZfx0y wPIOyOE3QHQRxY5pE66YzdOeWn+dBZ7T4x8dhdsA9E4K/Wetc4i6zkXVi7X5wCDIt9laRmk/ZQ9 SDJ8I6I6Ukmjlq+ljjZIhnujLu16KL4GVEyfDZujtVA2bWm6kxZXbBdrG3OuPyhVdRmxrAYZQf9 Bc73PlpcrRApeVgFjY+fhqkoW0pyJi/aRe1j8HbpWwP3pE+1laTHuU/o3fwH0rQv5lLWOCIrp82 TQ7ZPOpME73NmjDoJoR3F4a/Q0M/yAlm5q2GBH/N52+8ryVX/HsOle9rOvZEAMUR94HX8NHRWa3 MEazV/Ai7xA9Jbph9DzLmIZYi6RMT/Gu5w X-Received: by 2002:a05:6a00:6088:b0:81f:804f:af26 with SMTP id d2e1a72fcca58-8236a38cb0emr4926649b3a.19.1769613840056; Wed, 28 Jan 2026 07:24:00 -0800 (PST) From: Jim Shu To: qemu-devel@nongnu.org Cc: Daniel Henrique Barboza , Richard Henderson , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Eduardo Habkost , Marcel Apfelbaum , Yanan Wang , Zhao Liu , Peter Xu , Jim Shu Subject: [PATCH v2 2/3] accel/tcg: Fix iotlb_to_section() for different AddressSpace Date: Wed, 28 Jan 2026 23:23:47 +0800 Message-ID: <20260128152348.2095427-3-jim.shu@sifive.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260128152348.2095427-1-jim.shu@sifive.com> References: <20260128152348.2095427-1-jim.shu@sifive.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::429; envelope-from=jim.shu@sifive.com; helo=mail-pf1-x429.google.com X-Spam_score_int: -4 X-Spam_score: -0.5 X-Spam_bar: / X-Spam_report: (-0.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_SBL=1.623 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @sifive.com) X-ZM-MESSAGEID: 1769613889215158500 'CPUTLBEntryFull.xlat_section' stores section_index in last 12 bits to find the correct section when CPU access the IO region over the IOTLB. However, section_index is only unique inside single AddressSpace. If address space translation is over IOMMUMemoryRegion, it could return section from other AddressSpace. 'iotlb_to_section()' API only finds the sections from CPU's AddressSpace so that it couldn't find section in other AddressSpace. Thus, using 'iotlb_to_section()' API will find the wrong section and QEMU will have wrong load/store access. To fix this bug of iotlb_to_section(), store complete MemoryRegionSection pointer in CPUTLBEntryFull to replace the section_index in xlat_section. Rename 'xlat_section' to 'xlat' as we remove last 12 bits section_index inside. Also, since we directly use section pointer in the CPUTLBEntryFull (full->section), we can remove the unused functions: iotlb_to_section(), memory_region_section_get_iotlb(). This bug occurs only when (1) IOMMUMemoryRegion is in the path of CPU access. (2) IOMMUMemoryRegion returns different target_as and the section is in the IO region. Common IOMMU devices don't have this issue since they are only in the path of DMA access. Currently, the bug only occurs when ARM MPC device (hw/misc/tz-mpc.c) returns 'blocked_io_as' to emulate blocked access handling. Upcoming RISC-V wgChecker [1] and IOPMP [2] devices are also affected by this bug. [1] RISC-V WG: https://patchew.org/QEMU/20251021155548.584543-1-jim.shu@sifive.com/ [2] RISC-V IOPMP: https://patchew.org/QEMU/20250312093735.1517740-1-ethan84@andestech.com/ Signed-off-by: Jim Shu Reviewed-by: Philippe Mathieu-Daud=C3=A9 Reviewed-by: Pierrick Bouvier Tested-by: Mark Burton --- accel/tcg/cputlb.c | 22 ++++++++++------------ include/accel/tcg/iommu.h | 15 --------------- include/exec/cputlb.h | 4 ++-- include/hw/core/cpu.h | 17 +++++++++-------- system/physmem.c | 25 ------------------------- 5 files changed, 21 insertions(+), 62 deletions(-) diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c index 82c9b6389dc..76546c66515 100644 --- a/accel/tcg/cputlb.c +++ b/accel/tcg/cputlb.c @@ -1090,7 +1090,7 @@ void tlb_set_page_full(CPUState *cpu, int mmu_idx, } } else { /* I/O or ROMD */ - iotlb =3D memory_region_section_get_iotlb(cpu, section) + xlat; + iotlb =3D xlat; /* * Writes to romd devices must go through MMIO to enable write. * Reads to romd devices go through the ram_ptr found above, @@ -1141,10 +1141,9 @@ void tlb_set_page_full(CPUState *cpu, int mmu_idx, /* * When memory region is ram, iotlb contains a TARGET_PAGE_BITS * aligned ram_addr_t of the page base of the target RAM. - * Otherwise, iotlb contains - * - a physical section number in the lower TARGET_PAGE_BITS - * - the offset within section->mr of the page base (I/O, ROMD) with = the - * TARGET_PAGE_BITS masked off. + * Otherwise, iotlb contains a TARGET_PAGE_BITS aligned + * offset within section->mr of the page base (I/O, ROMD) + * * We subtract addr_page (which is page aligned and thus won't * disturb the low bits) to give an offset which can be added to the * (non-page-aligned) vaddr of the eventual memory access to get @@ -1154,7 +1153,8 @@ void tlb_set_page_full(CPUState *cpu, int mmu_idx, */ desc->fulltlb[index] =3D *full; full =3D &desc->fulltlb[index]; - full->xlat_section =3D iotlb - addr_page; + full->xlat_offset =3D iotlb - addr_page; + full->section =3D section; full->phys_addr =3D paddr_page; =20 /* Now calculate the new entry */ @@ -1276,8 +1276,8 @@ io_prepare(hwaddr *out_offset, CPUState *cpu, CPUTLBE= ntryFull *full, MemoryRegionSection *section; hwaddr mr_offset; =20 - section =3D iotlb_to_section(cpu, full->xlat_section, attrs); - mr_offset =3D (full->xlat_section & TARGET_PAGE_MASK) + addr; + section =3D full->section; + mr_offset =3D full->xlat_offset + addr; cpu->mem_io_pc =3D retaddr; if (!cpu->neg.can_do_io) { cpu_io_recompile(cpu, retaddr); @@ -1336,7 +1336,7 @@ static bool victim_tlb_hit(CPUState *cpu, size_t mmu_= idx, size_t index, static void notdirty_write(CPUState *cpu, vaddr mem_vaddr, unsigned size, CPUTLBEntryFull *full, uintptr_t retaddr) { - ram_addr_t ram_addr =3D mem_vaddr + full->xlat_section; + ram_addr_t ram_addr =3D mem_vaddr + full->xlat_offset; =20 trace_memory_notdirty_write_access(mem_vaddr, ram_addr, size); =20 @@ -1593,9 +1593,7 @@ bool tlb_plugin_lookup(CPUState *cpu, vaddr addr, int= mmu_idx, =20 /* We must have an iotlb entry for MMIO */ if (tlb_addr & TLB_MMIO) { - MemoryRegionSection *section =3D - iotlb_to_section(cpu, full->xlat_section & ~TARGET_PAGE_MASK, - full->attrs); + MemoryRegionSection *section =3D full->section; data->is_io =3D true; data->mr =3D section->mr; } else { diff --git a/include/accel/tcg/iommu.h b/include/accel/tcg/iommu.h index 90cfd6c0ed1..547f8ea0ef0 100644 --- a/include/accel/tcg/iommu.h +++ b/include/accel/tcg/iommu.h @@ -14,18 +14,6 @@ #include "exec/hwaddr.h" #include "exec/memattrs.h" =20 -/** - * iotlb_to_section: - * @cpu: CPU performing the access - * @index: TCG CPU IOTLB entry - * - * Given a TCG CPU IOTLB entry, return the MemoryRegionSection that - * it refers to. @index will have been initially created and returned - * by memory_region_section_get_iotlb(). - */ -MemoryRegionSection *iotlb_to_section(CPUState *cpu, - hwaddr index, MemTxAttrs attrs); - MemoryRegionSection *address_space_translate_for_iotlb(CPUState *cpu, int asidx, hwaddr addr, @@ -34,8 +22,5 @@ MemoryRegionSection *address_space_translate_for_iotlb(CP= UState *cpu, MemTxAttrs attrs, int *prot); =20 -hwaddr memory_region_section_get_iotlb(CPUState *cpu, - MemoryRegionSection *section); - #endif =20 diff --git a/include/exec/cputlb.h b/include/exec/cputlb.h index 0d1d46429c9..3a9603a6965 100644 --- a/include/exec/cputlb.h +++ b/include/exec/cputlb.h @@ -44,8 +44,8 @@ void tlb_reset_dirty_range_all(ram_addr_t start, ram_addr= _t length); * @full: the details of the tlb entry * * Add an entry to @cpu tlb index @mmu_idx. All of the fields of - * @full must be filled, except for xlat_section, and constitute - * the complete description of the translated page. + * @full must be filled, except for xlat_offset & section, and + * constitute the complete description of the translated page. * * This is generally called by the target tlb_fill function after * having performed a successful page table walk to find the physical diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h index 61da2ea4331..98678704a64 100644 --- a/include/hw/core/cpu.h +++ b/include/hw/core/cpu.h @@ -219,15 +219,16 @@ typedef uint32_t MMUIdxMap; */ struct CPUTLBEntryFull { /* - * @xlat_section contains: - * - in the lower TARGET_PAGE_BITS, a physical section number - * - with the lower TARGET_PAGE_BITS masked off, an offset which - * must be added to the virtual address to obtain: - * + the ram_addr_t of the target RAM (if the physical section - * number is PHYS_SECTION_NOTDIRTY or PHYS_SECTION_ROM) - * + the offset within the target MemoryRegion (otherwise) + * @xlat_offset: TARGET_PAGE_BITS aligned offset which must be added to + * the virtual address to obtain: + * + the ram_addr_t of the target RAM (if the physical section + * number is PHYS_SECTION_NOTDIRTY or PHYS_SECTION_ROM) + * + the offset within the target MemoryRegion (otherwise) */ - hwaddr xlat_section; + hwaddr xlat_offset; + + /* @section contains physical section. */ + MemoryRegionSection *section; =20 /* * @phys_addr contains the physical address in the address space diff --git a/system/physmem.c b/system/physmem.c index b0311f45312..d17596a77fb 100644 --- a/system/physmem.c +++ b/system/physmem.c @@ -747,31 +747,6 @@ translate_fail: return &d->map.sections[PHYS_SECTION_UNASSIGNED]; } =20 -MemoryRegionSection *iotlb_to_section(CPUState *cpu, - hwaddr index, MemTxAttrs attrs) -{ - int asidx =3D cpu_asidx_from_attrs(cpu, attrs); - CPUAddressSpace *cpuas =3D &cpu->cpu_ases[asidx]; - AddressSpaceDispatch *d =3D address_space_to_dispatch(cpuas->as); - int section_index =3D index & ~TARGET_PAGE_MASK; - MemoryRegionSection *ret; - - assert(section_index < d->map.sections_nb); - ret =3D d->map.sections + section_index; - assert(ret->mr); - assert(ret->mr->ops); - - return ret; -} - -/* Called from RCU critical section */ -hwaddr memory_region_section_get_iotlb(CPUState *cpu, - MemoryRegionSection *section) -{ - AddressSpaceDispatch *d =3D flatview_to_dispatch(section->fv); - return section - d->map.sections; -} - #endif /* CONFIG_TCG */ =20 void cpu_address_space_init(CPUState *cpu, int asidx, --=20 2.43.0 From nobody Mon Feb 9 08:48:56 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=sifive.com ARC-Seal: i=1; a=rsa-sha256; t=1769613883; cv=none; d=zohomail.com; s=zohoarc; b=VMAP4OmXvPqj9QkF26h/DdrrKMdfrh4iavM3Zxv3x5pfPnlCbpRQMivm2MURDuqkAYyYIFQC7V+v3482lveYZXtelOUUE/yqHMqPIKfnvNaxkPQT0ztMoPURp/P/HZcjoNbGr9vI/Jwy//b0rDnkcs3GNn30GwIf/FJMEj2aimE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1769613883; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=Xlz7hyCztKb/ddjMOgK8ThA+NqW4yiGJ0YmFpHJkjZQ=; b=js8WbxG4MQUC/3rj+cANtz4R8JhhOP+7ZWGxCKUZ3i9FgB/GUvviXZvQoSEudc1Qvp1LpuVeLZi5kaED6/YLa8WGl+XYphkz0rbYyMeOA6Xdtd3pIGSf0WayH7fuQhF7n/gkxnY/1KUFTTM5hTw4znbHP99CRt6Xn3Sbswj7+EE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1769613883486774.5434253400144; Wed, 28 Jan 2026 07:24:43 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vl7PH-0000y7-6i; Wed, 28 Jan 2026 10:24:35 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vl7Oq-0000hj-Ip for qemu-devel@nongnu.org; Wed, 28 Jan 2026 10:24:12 -0500 Received: from mail-pf1-x442.google.com ([2607:f8b0:4864:20::442]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1vl7On-0003UP-Qs for qemu-devel@nongnu.org; Wed, 28 Jan 2026 10:24:07 -0500 Received: by mail-pf1-x442.google.com with SMTP id d2e1a72fcca58-823075fed75so661008b3a.1 for ; Wed, 28 Jan 2026 07:24:04 -0800 (PST) Received: from hsinchu26.internal.sifive.com ([210.176.154.34]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-82379c1eeebsm3021304b3a.45.2026.01.28.07.24.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 Jan 2026 07:24:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sifive.com; s=google; t=1769613843; x=1770218643; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Xlz7hyCztKb/ddjMOgK8ThA+NqW4yiGJ0YmFpHJkjZQ=; b=GP3l18a4Y1nQWZC3AbqwtYMTb2q5iSuZH96fITEH4pm6N+EeDIiGOX9dgTCYFzSdSB mvHOu//8JBUk5cQjwjPFawb55kWJsEeKnC0SbPdolmK4xGYsSxwblUaMuza+AHfBAW3R EK6nZgvEVU+ljmurcF3++D6RAJzrVSlixQpYxBsLKgYUdEo6MwHLTqJluTe+SJb6edGC IVsOVO5ZVT65zMNx4s/sJTdfBz8fHiKTQaJvBefEQXDULdL2YDenoRA0tsG4/ISpsLH4 mT+VB3aUw4RxdTnAYfkjA5SVYjRRvYOhnvvOGPw4TstQGbA62k8mU8uvL1FTSS8qg2Yi yq7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1769613843; x=1770218643; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=Xlz7hyCztKb/ddjMOgK8ThA+NqW4yiGJ0YmFpHJkjZQ=; b=vLXFg50gPDZo3fnEMDjVngY26nYemzoS4Lzj+xWp9qQvcIH4Rim+AutslxzNbxPVvp rL7WMw7D9sVEMcpWpuGSwuJTv3ooK2+iASvKM9V4epOFqb5YUTd7xTdUeK8qFFbLZB+l 1qQ2Tjw0hR5CGXRJWjTNvZR+rPkAPDAzLjsnBHYU4NZcnmDHgOfwXp5DYva57/N5H8G5 TpcmFstInNrDYsgBgZyuhLuRKpCdLe3+UHJmn+BjswlZHMOHwcjYzUc1y08YCvT16J9n JLYw0hWhLZvlA8SxCblsKyeBZ+c0ZWORz1pA6Xu06E5B1Vo76+6JEbglSkqeffMZVHG4 TdQg== X-Gm-Message-State: AOJu0YyFEgdl++36Yre1QLhJ3W15hriEF80dDMdJ1jJZYl6swwxaNK0F swSUyRxlKJodjWzMWmX9sHFvd5U7mV2kGhbqAh2q0UGCAS9+EwE5PtDLYy/ulpORX7ICGaxuyEA vTKmKzCtovuXLhuvES8YrkT4Fj8fN5NW5f86GlSuiFpZekAzBWDKI2Ff3g+qkmx5UJMf2hMJNIi C+YYIAcmAAxS1bGIq6qH/a9hwt1g37Njs/PQJQMO+M X-Gm-Gg: AZuq6aJ2h/0i3+cfRRgwk6RL9fLn75wnJTNt9ZmSJNBRGcHFTg0bFWcDHy+c+/wtWM8 mgX4rVLBx1FNdQ3y6qlJJsGbCvKgt0oTRhg8hXufOIToBEVqUyJBdlCAWixZdXrqM1LHRoq+Maj NHSeuFatEcAEaGpF4rqZEPPGNIkHwmY2xBxGdGywuvl9ae750dx8za1+nKmqg7uEVC4eMj9UMYd 28YeSRsz0mibk3J7U40HBBL32etTMNyBJGNSllq6EerzniQ4E4CmJ4dRkueUTHA5UMJCT7Xllff gCfieCWRzR1ezKvrGGTUwNz96Jq73FdxnVstCSz6xTX+F6sh/tuEE0Z4HafbD8FUO6IM44d8v6w tnedk7LHUTOxNpGbsnjvqkkK4fzwwkgoKdtJ9erYq7B20tzWgQqbBDNqwB456e3ovJyfOxA8Zw7 tUCJwIT5F5bGj5nB/LhnmZp1jl8mQK9Od2 X-Received: by 2002:a05:6a00:92a4:b0:81f:4708:b46e with SMTP id d2e1a72fcca58-8236a38b7efmr4151608b3a.20.1769613842532; Wed, 28 Jan 2026 07:24:02 -0800 (PST) From: Jim Shu To: qemu-devel@nongnu.org Cc: Daniel Henrique Barboza , Richard Henderson , Paolo Bonzini , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , Eduardo Habkost , Marcel Apfelbaum , Yanan Wang , Zhao Liu , Peter Xu , Jim Shu Subject: [PATCH v2 3/3] system/physmem: Remove the assertion of page-aligned section number Date: Wed, 28 Jan 2026 23:23:48 +0800 Message-ID: <20260128152348.2095427-4-jim.shu@sifive.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260128152348.2095427-1-jim.shu@sifive.com> References: <20260128152348.2095427-1-jim.shu@sifive.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::442; envelope-from=jim.shu@sifive.com; helo=mail-pf1-x442.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @sifive.com) X-ZM-MESSAGEID: 1769613885327158500 Content-Type: text/plain; charset="utf-8" The physical section number is no longer ORed into the IOTLB entries together with a page-aligned pointer, so it no longer needs to be page-aligned. Signed-off-by: Jim Shu Reviewed-by: Pierrick Bouvier --- system/physmem.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/system/physmem.c b/system/physmem.c index d17596a77fb..2fb0c25c93b 100644 --- a/system/physmem.c +++ b/system/physmem.c @@ -1323,12 +1323,6 @@ static subpage_t *subpage_init(FlatView *fv, hwaddr = base); static uint16_t phys_section_add(PhysPageMap *map, MemoryRegionSection *section) { - /* The physical section number is ORed with a page-aligned - * pointer to produce the iotlb entries. Thus it should - * never overflow into the page-aligned value. - */ - assert(map->sections_nb < TARGET_PAGE_SIZE); - if (map->sections_nb =3D=3D map->sections_nb_alloc) { map->sections_nb_alloc =3D MAX(map->sections_nb_alloc * 2, 16); map->sections =3D g_renew(MemoryRegionSection, map->sections, --=20 2.43.0