From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33259)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aneesh.kumar@linux.vnet.ibm.com>) id 1WORvZ-0005ul-68
	for qemu-devel@nongnu.org; Fri, 14 Mar 2014 09:13:42 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <aneesh.kumar@linux.vnet.ibm.com>) id 1WORvQ-0006OX-7M
	for qemu-devel@nongnu.org; Fri, 14 Mar 2014 09:13:33 -0400
Received: from e23smtp07.au.ibm.com ([202.81.31.140]:50421)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aneesh.kumar@linux.vnet.ibm.com>) id 1WORvP-0006Kn-EJ
	for qemu-devel@nongnu.org; Fri, 14 Mar 2014 09:13:24 -0400
Received: from /spool/local
	by e23smtp07.au.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <aneesh.kumar@linux.vnet.ibm.com>;
	Fri, 14 Mar 2014 23:13:19 +1000
From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
In-Reply-To: <5322E783.5030604@redhat.com>
References: <1394148857-19607-1-git-send-email-agraf@suse.de>
	<1394148857-19607-126-git-send-email-agraf@suse.de>
	<5322E783.5030604@redhat.com>
Date: Fri, 14 Mar 2014 18:43:11 +0530
Message-ID: <878usc7wk8.fsf@linux.vnet.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain
Subject: Re: [Qemu-devel] [PULL 125/130] target-ppc: Fix page table lookup
	with kvm enabled
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>, Alexander Graf <agraf@suse.de>, qemu-devel@nongnu.org
Cc: Alexey Kardashevskiy <aik@au1.ibm.com>, Peter Maydell <peter.maydell@linaro.org>, qemu-ppc@nongnu.org, Greg Kurz <gkurz@linux.vnet.ibm.com>

Paolo Bonzini <pbonzini@redhat.com> writes:

> Il 07/03/2014 00:34, Alexander Graf ha scritto:
>> @@ -105,30 +106,37 @@ static target_ulong h_enter(PowerPCCPU *cpu, sPAPREnvironment *spapr,
>>      if (!valid_pte_index(env, pte_index)) {
>>          return H_PARAMETER;
>>      }
>> +
>> +    index = 0;
>> +    hpte = pte_index * HASH_PTE_SIZE_64;
>>      if (likely((flags & H_EXACT) == 0)) {
>>          pte_index &= ~7ULL;
>> -        hpte = pte_index * HASH_PTE_SIZE_64;
>> -        for (i = 0; ; ++i) {
>> -            if (i == 8) {
>> +        token = ppc_hash64_start_access(cpu, pte_index);
>> +        do {
>> +            if (index == 8) {
>> +                ppc_hash64_stop_access(token);
>>                  return H_PTEG_FULL;
>>              }
>> -            if ((ppc_hash64_load_hpte0(env, hpte) & HPTE64_V_VALID) == 0) {
>> +            if ((ppc_hash64_load_hpte0(env, token, index) & HPTE64_V_VALID) == 0) {
>>                  break;
>>              }
>> -            hpte += HASH_PTE_SIZE_64;
>> -        }
>> +        } while (index++);
>> +        ppc_hash64_stop_access(token);
>
> I'm afraid you have a bug here, as spotted by Coverity.  The do...while 
> loop only loops once.  I'm not sure what you meant, could you rewrite it 
> with a "for (index = 0; index < 8; i++)" instead?

good find. how about

diff --git a/hw/ppc/spapr_hcall.c b/hw/ppc/spapr_hcall.c
index e999bbaea062..e079be050fc7 100644
--- a/hw/ppc/spapr_hcall.c
+++ b/hw/ppc/spapr_hcall.c
@@ -118,7 +118,8 @@ static target_ulong h_enter(PowerPCCPU *cpu, sPAPREnvironment *spapr,
             if ((ppc_hash64_load_hpte0(env, token, index) & HPTE64_V_VALID) == 0) {
                 break;
             }
-        } while (index++);
+            index++;
+        } while (1);
         ppc_hash64_stop_access(token);
     } else {
         token = ppc_hash64_start_access(cpu, pte_index);

         -aneesh