1. Patchew
  2. QEMU
  3. View series

[PATCH] target/riscv/insn_trans/trans_rvzicbo.c.inc: save opcode before helpers

Daniel Henrique Barboza posted 1 patch 1 week, 2 days ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20260520214704.1943652-1-daniel.barboza@oss.qualcomm.com
Maintainers: Palmer Dabbelt <palmer@dabbelt.com>, Alistair Francis <alistair.francis@wdc.com>, Weiwei Li <liwei1518@gmail.com>, Daniel Henrique Barboza <daniel.barboza@oss.qualcomm.com>, Liu Zhiwei <zhiwei_liu@linux.alibaba.com>, Chao Liu <chao.liu.zevorn@gmail.com>
target/riscv/insn_trans/trans_rvzicbo.c.inc | 8 ++++++++
1 file changed, 8 insertions(+)
[PATCH] target/riscv/insn_trans/trans_rvzicbo.c.inc: save opcode before helpers
Posted by Daniel Henrique Barboza 1 week, 2 days ago 
All helpers from this file can trigger ILLEGAL_INSN exceptions via
check_zicbo_envcfg() directly, bypassing the usual exception code from
translate.c.   If we don't save the opcode before each helper,
riscv_raise_exception() is triggered and env->bins won't be unwind during
cpu_loop_exit_restore() (code path cpu_restore_state ->
cpu_restore_state_from_tb() -> restore_state_to_opc()).

And finally, in riscv_cpu_do_interrupt(), we will set (m)tval = 0 when we can,
instead, set it to the cbo opcode that generated the exception.

Resolves: https://gitlab.com/qemu-project/qemu/-/work_items/3380
Signed-off-by: Daniel Henrique Barboza <daniel.barboza@oss.qualcomm.com>
---
 target/riscv/insn_trans/trans_rvzicbo.c.inc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/target/riscv/insn_trans/trans_rvzicbo.c.inc b/target/riscv/insn_trans/trans_rvzicbo.c.inc
index 15711c3140..096f7dde27 100644
--- a/target/riscv/insn_trans/trans_rvzicbo.c.inc
+++ b/target/riscv/insn_trans/trans_rvzicbo.c.inc
@@ -33,6 +33,8 @@ static bool trans_cbo_clean(DisasContext *ctx, arg_cbo_clean *a)
     REQUIRE_ZICBOM(ctx);
     TCGv src = get_address(ctx, a->rs1, 0);
 
+    /* The helper may raise ILLEGAL_INSN -- record binv for unwind. */
+    decode_save_opc(ctx, 0);
     gen_helper_cbo_clean_flush(tcg_env, src);
     return true;
 }
@@ -42,6 +44,8 @@ static bool trans_cbo_flush(DisasContext *ctx, arg_cbo_flush *a)
     REQUIRE_ZICBOM(ctx);
     TCGv src = get_address(ctx, a->rs1, 0);
 
+    /* The helper may raise ILLEGAL_INSN -- record binv for unwind. */
+    decode_save_opc(ctx, 0);
     gen_helper_cbo_clean_flush(tcg_env, src);
     return true;
 }
@@ -51,6 +55,8 @@ static bool trans_cbo_inval(DisasContext *ctx, arg_cbo_inval *a)
     REQUIRE_ZICBOM(ctx);
     TCGv src = get_address(ctx, a->rs1, 0);
 
+    /* The helper may raise ILLEGAL_INSN -- record binv for unwind. */
+    decode_save_opc(ctx, 0);
     gen_helper_cbo_inval(tcg_env, src);
     return true;
 }
@@ -60,6 +66,8 @@ static bool trans_cbo_zero(DisasContext *ctx, arg_cbo_zero *a)
     REQUIRE_ZICBOZ(ctx);
     TCGv src = get_address(ctx, a->rs1, 0);
 
+    /* The helper may raise ILLEGAL_INSN -- record binv for unwind. */
+    decode_save_opc(ctx, 0);
     gen_helper_cbo_zero(tcg_env, src);
     return true;
 }
-- 
2.43.0
Re: [PATCH] target/riscv/insn_trans/trans_rvzicbo.c.inc: save opcode before helpers
Posted by Alistair Francis 3 days, 16 hours ago 
On Wed, 2026-05-20 at 18:47 -0300, Daniel Henrique Barboza wrote:
> All helpers from this file can trigger ILLEGAL_INSN exceptions via
> check_zicbo_envcfg() directly, bypassing the usual exception code
> from
> translate.c.   If we don't save the opcode before each helper,
> riscv_raise_exception() is triggered and env->bins won't be unwind
> during
> cpu_loop_exit_restore() (code path cpu_restore_state ->
> cpu_restore_state_from_tb() -> restore_state_to_opc()).
> 
> And finally, in riscv_cpu_do_interrupt(), we will set (m)tval = 0
> when we can,
> instead, set it to the cbo opcode that generated the exception.
> 
> Resolves: https://gitlab.com/qemu-project/qemu/-/work_items/3380
> Signed-off-by: Daniel Henrique Barboza
> <daniel.barboza@oss.qualcomm.com>

Thanks!

Applied to riscv-to-apply.next

Alistair

> ---
>  target/riscv/insn_trans/trans_rvzicbo.c.inc | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/target/riscv/insn_trans/trans_rvzicbo.c.inc
> b/target/riscv/insn_trans/trans_rvzicbo.c.inc
> index 15711c3140..096f7dde27 100644
> --- a/target/riscv/insn_trans/trans_rvzicbo.c.inc
> +++ b/target/riscv/insn_trans/trans_rvzicbo.c.inc
> @@ -33,6 +33,8 @@ static bool trans_cbo_clean(DisasContext *ctx,
> arg_cbo_clean *a)
>      REQUIRE_ZICBOM(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_clean_flush(tcg_env, src);
>      return true;
>  }
> @@ -42,6 +44,8 @@ static bool trans_cbo_flush(DisasContext *ctx,
> arg_cbo_flush *a)
>      REQUIRE_ZICBOM(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_clean_flush(tcg_env, src);
>      return true;
>  }
> @@ -51,6 +55,8 @@ static bool trans_cbo_inval(DisasContext *ctx,
> arg_cbo_inval *a)
>      REQUIRE_ZICBOM(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_inval(tcg_env, src);
>      return true;
>  }
> @@ -60,6 +66,8 @@ static bool trans_cbo_zero(DisasContext *ctx,
> arg_cbo_zero *a)
>      REQUIRE_ZICBOZ(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_zero(tcg_env, src);
>      return true;
>  }
Re: [PATCH] target/riscv/insn_trans/trans_rvzicbo.c.inc: save opcode before helpers
Posted by Alistair Francis 3 days, 16 hours ago 
On Wed, 2026-05-20 at 18:47 -0300, Daniel Henrique Barboza wrote:
> All helpers from this file can trigger ILLEGAL_INSN exceptions via
> check_zicbo_envcfg() directly, bypassing the usual exception code
> from
> translate.c.   If we don't save the opcode before each helper,
> riscv_raise_exception() is triggered and env->bins won't be unwind
> during
> cpu_loop_exit_restore() (code path cpu_restore_state ->
> cpu_restore_state_from_tb() -> restore_state_to_opc()).
> 
> And finally, in riscv_cpu_do_interrupt(), we will set (m)tval = 0
> when we can,
> instead, set it to the cbo opcode that generated the exception.
> 
> Resolves: https://gitlab.com/qemu-project/qemu/-/work_items/3380
> Signed-off-by: Daniel Henrique Barboza
> <daniel.barboza@oss.qualcomm.com>

Reviewed-by: Alistair Francis <alistair.francis@wdc.com>

Alistair

> ---
>  target/riscv/insn_trans/trans_rvzicbo.c.inc | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/target/riscv/insn_trans/trans_rvzicbo.c.inc
> b/target/riscv/insn_trans/trans_rvzicbo.c.inc
> index 15711c3140..096f7dde27 100644
> --- a/target/riscv/insn_trans/trans_rvzicbo.c.inc
> +++ b/target/riscv/insn_trans/trans_rvzicbo.c.inc
> @@ -33,6 +33,8 @@ static bool trans_cbo_clean(DisasContext *ctx,
> arg_cbo_clean *a)
>      REQUIRE_ZICBOM(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_clean_flush(tcg_env, src);
>      return true;
>  }
> @@ -42,6 +44,8 @@ static bool trans_cbo_flush(DisasContext *ctx,
> arg_cbo_flush *a)
>      REQUIRE_ZICBOM(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_clean_flush(tcg_env, src);
>      return true;
>  }
> @@ -51,6 +55,8 @@ static bool trans_cbo_inval(DisasContext *ctx,
> arg_cbo_inval *a)
>      REQUIRE_ZICBOM(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_inval(tcg_env, src);
>      return true;
>  }
> @@ -60,6 +66,8 @@ static bool trans_cbo_zero(DisasContext *ctx,
> arg_cbo_zero *a)
>      REQUIRE_ZICBOZ(ctx);
>      TCGv src = get_address(ctx, a->rs1, 0);
>  
> +    /* The helper may raise ILLEGAL_INSN -- record binv for unwind.
> */
> +    decode_save_opc(ctx, 0);
>      gen_helper_cbo_zero(tcg_env, src);
>      return true;
>  }

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.