* Re: [PATCH v2] riscv: smp: Align secondary_start_sbi to 4 bytes
[not found] <20260413132009.133752-1-cp0613@linux.alibaba.com>
@ 2026-04-15 3:39 ` Vivian Wang
2026-04-15 12:37 ` Chen Pei
0 siblings, 1 reply; 2+ messages in thread
From: Vivian Wang @ 2026-04-15 3:39 UTC (permalink / raw)
To: cp0613, pjw, anup, andrew.jones, guoren
Cc: linux-riscv, linux-kernel, opensbi, Anup Patel
[ +cc opensbi, Anup: What was the deal with setting stvec in sbi_hart_switch_mode? ]
On 4/13/26 21:20, cp0613@linux.alibaba.com wrote:
> From: Chen Pei <cp0613@linux.alibaba.com>
>
> During SMP boot, the secondary_start_sbi address is passed to the
> slave core via sbi_hsm_hart_start. In OpenSBI, this address is
> written to STVEC in sbi_hart_switch_mode.
This is certainly odd (OpenSBI git blames to initial git commit. No idea
why this was needed.) but technically permitted by the SBI HSM spec (see
below).
* Anup and other opensbi folks: Do you know/remember why it was there?
It's not really a bug, but some historical context would be appreciated.
> According to the privileged specification, the BASE field of STVEC
> must always be aligned on a 4-byte boundary. However, System.map
> reveals that secondary_start_sbi is not a 4-byte aligned address.
>
> For example, the address of secondary_start_sbi is
> 0xffffffff80001066, and the disassembly is as follows:
>
> Dump of assembler code from 0xffffffff80001052 to 0xffffffff8000107a:
> 0xffffffff80001052 <_start+4178>: c.nop -11
> 0xffffffff80001054 <_start+4180>: auipc gp,0x1a1f
> 0xffffffff80001058 <_start+4184>: addi gp,gp,84
> 0xffffffff8000105c <_start+4188>: csrw satp,a2
> 0xffffffff80001060 <_start+4192>: sfence.vma
> 0xffffffff80001064 <_start+4196>: ret
> 0xffffffff80001066 <_start+4198>: csrw sie,zero
> 0xffffffff8000106a <_start+4202>: csrw sip,zero
> 0xffffffff8000106e <_start+4206>: li t0,2
> 0xffffffff80001070 <_start+4208>: csrw scounteren,t0
> 0xffffffff80001074 <_start+4212>: auipc gp,0x1a1f
> 0xffffffff80001078 <_start+4216>: addi gp,gp,52
>
> When writing to STVEC at address 0xffffffff80001066, the actual
> write address is 0xffffffff80001064, corresponding to the address
> of the previous ret instruction.
Also technically permitted.
> This is unexpected, and if an
> interrupt occurs at this point, it will cause unpredictable results.
>
> However, secondary_start_sbi immediately masks all interrupts and
> updates STVEC, so no problems occurred.
An interrupt cannot trap in between secondary_start_sbi starting and the
interrupts getting masked individually. The only arch state guaranteed
by HSM is [1]:
|Register Name | Register Value
|satp | 0
|sstatus.SIE | 0
|a0 | hartid
|a1 | `opaque` parameter
|All other registers remain in an undefined state.
Of which sstatus.SIE = 0 means that interrupts are masked in Supervisor
mode.
> In summary, it is more reasonable to make secondary_start_sbi
> satisfy 4-byte alignment.
Thus, it is unnecessary.
If this fixes a bug where an interrupt can trap into the wrong stvec for
you, then your firmware is broken.
Michael's suggestion about SYM_CODE_START still stands, but if you do
that, that's just a really minor refactoring, and in any case the
current commit message cannot stand.
Vivian "dramforever" Wang
[1]:
https://github.com/riscv-non-isa/riscv-sbi-doc/blob/v3.0/src/ext-hsm.adoc#function-hart-start-fid-0
--
opensbi mailing list
opensbi@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/opensbi
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH v2] riscv: smp: Align secondary_start_sbi to 4 bytes
2026-04-15 3:39 ` [PATCH v2] riscv: smp: Align secondary_start_sbi to 4 bytes Vivian Wang
@ 2026-04-15 12:37 ` Chen Pei
0 siblings, 0 replies; 2+ messages in thread
From: Chen Pei @ 2026-04-15 12:37 UTC (permalink / raw)
To: wangruikang
Cc: pjw, anup, andrew.jones, guoren, linux-kernel, linux-riscv,
opensbi
On Wed, 15 Apr 2026 11:39:22 +0800, wangruikang@iscas.ac.cn wrote:
> > During SMP boot, the secondary_start_sbi address is passed to the
> > slave core via sbi_hsm_hart_start. In OpenSBI, this address is
> > written to STVEC in sbi_hart_switch_mode.
>
> This is certainly odd (OpenSBI git blames to initial git commit. No idea
> why this was needed.) but technically permitted by the SBI HSM spec (see
> below).
>
> * Anup and other opensbi folks: Do you know/remember why it was there?
> It's not really a bug, but some historical context would be appreciated.
Yes, looking forward to responses from Anup and other opensbi folks.
> > According to the privileged specification, the BASE field of STVEC
> > must always be aligned on a 4-byte boundary. However, System.map
> > reveals that secondary_start_sbi is not a 4-byte aligned address.
> >
> > For example, the address of secondary_start_sbi is
> > 0xffffffff80001066, and the disassembly is as follows:
> >
> > Dump of assembler code from 0xffffffff80001052 to 0xffffffff8000107a:
> > 0xffffffff80001052 <_start+4178>: c.nop -11
> > 0xffffffff80001054 <_start+4180>: auipc gp,0x1a1f
> > 0xffffffff80001058 <_start+4184>: addi gp,gp,84
> > 0xffffffff8000105c <_start+4188>: csrw satp,a2
> > 0xffffffff80001060 <_start+4192>: sfence.vma
> > 0xffffffff80001064 <_start+4196>: ret
> > 0xffffffff80001066 <_start+4198>: csrw sie,zero
> > 0xffffffff8000106a <_start+4202>: csrw sip,zero
> > 0xffffffff8000106e <_start+4206>: li t0,2
> > 0xffffffff80001070 <_start+4208>: csrw scounteren,t0
> > 0xffffffff80001074 <_start+4212>: auipc gp,0x1a1f
> > 0xffffffff80001078 <_start+4216>: addi gp,gp,52
> >
> > When writing to STVEC at address 0xffffffff80001066, the actual
> > write address is 0xffffffff80001064, corresponding to the address
> > of the previous ret instruction.
> Also technically permitted.
Yes, but this is unintended behavior, and we should avoid it.
> > This is unexpected, and if an
> > interrupt occurs at this point, it will cause unpredictable results.
> >
> > However, secondary_start_sbi immediately masks all interrupts and
> > updates STVEC, so no problems occurred.
>
> An interrupt cannot trap in between secondary_start_sbi starting and the
> interrupts getting masked individually. The only arch state guaranteed
> by HSM is [1]:
>
> |Register Name | Register Value
> |satp | 0
> |sstatus.SIE | 0
> |a0 | hartid
> |a1 | `opaque` parameter
> |All other registers remain in an undefined state.
>
> Of which sstatus.SIE = 0 means that interrupts are masked in Supervisor
> mode.
> > In summary, it is more reasonable to make secondary_start_sbi
> > satisfy 4-byte alignment.
>
> Thus, it is unnecessary.
>
> If this fixes a bug where an interrupt can trap into the wrong stvec for
> you, then your firmware is broken.
This isn't about fixing a bug (as mentioned earlier, it's highly unlikely
to happen), but rather the STVEC check mechanism added to QEMU discovered
this issue. Regarding the problem itself, I would appreciate any clarification
or modifications from OpenSBI, but currently this modification is the simplest
and most feasible.
> Michael's suggestion about SYM_CODE_START still stands, but if you do
> that, that's just a really minor refactoring, and in any case the
> current commit message cannot stand.
>
> Vivian "dramforever" Wang
>
> [1]:
> https://github.com/riscv-non-isa/riscv-sbi-doc/blob/v3.0/src/ext-hsm.adoc#function-hart-start-fid-0
Thanks,
Pei
--
opensbi mailing list
opensbi@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/opensbi
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-04-15 12:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20260413132009.133752-1-cp0613@linux.alibaba.com>
2026-04-15 3:39 ` [PATCH v2] riscv: smp: Align secondary_start_sbi to 4 bytes Vivian Wang
2026-04-15 12:37 ` Chen Pei
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox