From nobody Thu Apr 30 00:42:21 2026
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass(p=none dis=none)  header.from=nongnu.org
ARC-Seal: i=1; a=rsa-sha256; t=1776251951; cv=none;
	d=zohomail.com; s=zohoarc;
	b=mm78aTXMSjvP7o6uOEg1NchDCFzCUj0m+iT8IdRFSlCoqFmPTG+X/3rnBF9KMyJo+pAnPnS+iwnhA9GykvnQcM0K5l5hxAsMC4MPXGPxvNpGaa8y5jvL6ReibBB8o+xFkIfRsEwxRwDpTws1VQZkqKQk+JetjeDOOfC25VWLEyo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1776251951;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:Sender:Subject:Subject:To:To:Message-Id;
	bh=0bgVa/XghYUWcG8RXYHNnUSz/hV6IrmeBt6NaBnQDg0=;
	b=gwIfKHphjAriW5fLDwUOBIfGAJAwQroKRRNUIRCeoK8MbXeRyTWD8OSwbFmoB/QgqlnxVl9ZZKSxmnuGSS5y8o4Hr7VFGd88D7hZbcDBB7nNN3iBvEjTbs8kXjSC7o/OMUYdaiiuQFVA7jTIWQLIF+vyAItCPpr4v/L9+pOx+m4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as
 permitted sender)
  smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org;
	dmarc=pass header.from=<qemu-devel@nongnu.org> (p=none dis=none)
Return-Path: <qemu-devel-bounces+importer=patchew.org@nongnu.org>
Received: from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17]) by
 mx.zohomail.com
	with SMTPS id 1776251951038729.3466586959227;
 Wed, 15 Apr 2026 04:19:11 -0700 (PDT)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists1p.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <qemu-devel-bounces@nongnu.org>)
	id 1wCyGL-0000Dv-ES; Wed, 15 Apr 2026 07:18:30 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <andrew@rail5.org>) id 1wCyGG-0000DH-DR
 for qemu-devel@nongnu.org; Wed, 15 Apr 2026 07:18:24 -0400
Received: from layka.disroot.org ([178.21.23.139])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <andrew@rail5.org>) id 1wCyGE-00018c-IV
 for qemu-devel@nongnu.org; Wed, 15 Apr 2026 07:18:23 -0400
Received: from [127.0.0.1] (localhost [127.0.0.1])
 by disroot.org (Postfix) with ESMTP id 88CC72650C;
 Wed, 15 Apr 2026 13:18:16 +0200 (CEST)
Received: from layka.disroot.org ([127.0.0.1])
 by localhost (disroot.org [127.0.0.1]) (amavis, port 10024) with ESMTP
 id 6tAwmskDO1UY; Wed, 15 Apr 2026 13:18:16 +0200 (CEST)
X-Virus-Scanned: SPAM Filter at disroot.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=rail5.org; s=mail;
 t=1776251896; bh=UR6UQSfqlww9S8q5dRVffbCW+mZBwQCATEBpNojYDmY=;
 h=From:To:Cc:Subject:Date;
 b=RAAYM8P0KPgqOFlzhDR8ld7+N3gNZHoyEqbW0UOpxt+PEJ174DsXU+/88b2r7SJ5h
 EIoIUPGCw+ExlGAa/XfIM0UhXl4Id0uJx8PgnkyJynpZsb1BE3sDTihYo1NlYEdkU0
 tTJqdAcZBswB1AEfxTNBDcX/mfrGIWpzQWZp6FYEV4BZxNmQWDVqVG4A/VRcBEatpN
 rWQqBBEqOXM4A924YF/6KIWXWZg7eyThyv2ww8/7O+QSrteZmkdmNw4Ct9wCH656W6
 dqCZNK5FKdloGQC3fXdtq/NGht5bgWJaz/mOy8AJq7JdU8cNLJyiufkZZuyXRKwu6K
 92reBbsiukKDg==
To: qemu-devel@nongnu.org
Cc: Song Gao <gaosong@loongson.cn>, "Andrew S. Rightenburg" <andrew@rail5.org>
Subject: [PATCH] target/loongarch: Fix SWI interrupt delivery via CSR_ESTAT
Date: Wed, 15 Apr 2026 19:17:07 +0800
Message-ID: <20260415111738.3264448-1-andrew@rail5.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17
 as permitted sender) client-ip=209.51.188.17;
 envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org;
 helo=lists1p.gnu.org;
Received-SPF: pass client-ip=178.21.23.139; envelope-from=andrew@rail5.org;
 helo=layka.disroot.org
X-Spam_score_int: -16
X-Spam_score: -1.7
X-Spam_bar: -
X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1,
 DKIM_SIGNED=0.1, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001,
 RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: qemu development <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Reply-to: "Andrew S. Rightenburg" <andrew@rail5.org>
From: "Andrew S. Rightenburg" via qemu development <qemu-devel@nongnu.org>
Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org
Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org
X-ZohoMail-DKIM: fail (identity @rail5.org: invalid key for signature:
 Unexpected termination at position 8: v=DKIM1;
 lL35sG042y7aaT9vn7lGmw26+ReezB5vL/AUt8gOdOnESFwVHbcQCDE3+HPGI0ILRv0Wz2AH7rmsoVpIPVTTI5C5BfkMlozcxU3qqiPLaVwaAKYd1sA29IDBaFHZM2B63Ta71ETH2RjfvJcxEYq5/FKP5jNvXhQIDAQAB;
 | [
 lL35sG042y7aaT9vn7lGmw26+ReezB5vL/AUt8gOdOnESFwVHbcQCDE3+HPGI0ILRv0Wz2AH7rmsoVpIPVTTI5C5BfkMlozcxU3qqiPLaVwaAKYd1sA29IDBaFHZM2B63Ta71ETH2RjfvJcxEYq5/FKP5jNvXhQIDAQAB;])
X-ZM-MESSAGEID: 1776251954957154100
Content-Type: text/plain; charset="utf-8"

In TCG mode, helper_csrwr_estat() updates CSR.ESTAT.IS[1:0] (SWI0/SWI1)
when the guest writes CSR_ESTAT, but it did not update the CPU interrupt
request state. As a result, software interrupts could be observed as pending
in CSR.ESTAT while no interrupt exception was taken.

Update CPU_INTERRUPT_HARD after modifying CSR_ESTAT, matching the behavior =
of
loongarch_cpu_set_irq(). The helper runs without the Big QEMU Lock (BQL), so
take the BQL while calling cpu_interrupt().

Fixes: 5b1dedfe848b ("target/loongarch: Add LoongArch CSR instruction")
Reported-by: Andrew S. Rightenburg <andrew@rail5.org>
Signed-off-by: Andrew S. Rightenburg <andrew@rail5.org>
---
 target/loongarch/tcg/csr_helper.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/target/loongarch/tcg/csr_helper.c b/target/loongarch/tcg/csr_h=
elper.c
index cd35ca93c7..0a5ed52eb6 100644
--- a/target/loongarch/tcg/csr_helper.c
+++ b/target/loongarch/tcg/csr_helper.c
@@ -98,10 +98,22 @@ target_ulong helper_csrrd_msgir(CPULoongArchState *env)
 target_ulong helper_csrwr_estat(CPULoongArchState *env, target_ulong val)
 {
     int64_t old_v =3D env->CSR_ESTAT;
+    CPUState *cs =3D env_cpu(env);
=20
     /* Only IS[1:0] can be written */
     env->CSR_ESTAT =3D deposit64(env->CSR_ESTAT, 0, 2, val);
=20
+    /*
+     * Software interrupts (SWI0/SWI1) are latched in CSR.ESTAT.IS[1:0].
+     * Make sure the CPU interrupt request state tracks the pending bits,
+     * matching the behavior of loongarch_cpu_set_irq().
+     */
+    if (FIELD_EX64(env->CSR_ESTAT, CSR_ESTAT, IS)) {
+        bql_lock();
+        cpu_interrupt(cs, CPU_INTERRUPT_HARD);
+        bql_unlock();
+    }
+
     return old_v;
 }
=20
--=20
2.47.3