From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52668) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z4P86-0000c9-Oz for qemu-devel@nongnu.org; Mon, 15 Jun 2015 03:48:27 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Z4P81-0000io-1I for qemu-devel@nongnu.org; Mon, 15 Jun 2015 03:48:26 -0400 Received: from mail.ispras.ru ([83.149.199.45]:49665) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z4P80-0000ij-PU for qemu-devel@nongnu.org; Mon, 15 Jun 2015 03:48:20 -0400 From: "Pavel Dovgaluk" References: <20150610083306.5492.31869.stgit@PASHA-ISP> <20150611223727.GB13281@aurel32.net> <000601d0a727$41271d70$c3755850$@Dovgaluk@ispras.ru> <20150615072640.GA23868@aurel32.net> In-Reply-To: <20150615072640.GA23868@aurel32.net> Date: Mon, 15 Jun 2015 10:48:20 +0300 Message-ID: <000801d0a73f$a5f85d00$f1e91700$@Dovgaluk@ispras.ru> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Language: ru Subject: Re: [Qemu-devel] [PATCH] MIPS: exceptions handling in icount mode List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: 'Aurelien Jarno' Cc: pbonzini@redhat.com, leon.alrae@imgtec.com, qemu-devel@nongnu.org > From: Aurelien Jarno [mailto:aurelien@aurel32.net] > On 2015-06-15 07:53, Pavel Dovgaluk wrote: > > > From: Aurelien Jarno [mailto:aurelien@aurel32.net] > > > On 2015-06-10 11:33, Pavel Dovgalyuk wrote: > > > > This patch fixes exception handling in MIPS. > > > > MIPS instructions generate several types of exceptions. > > > > When exception is generated, it breaks the execution of the current translation > > > > block. Implementation of the exceptions handling in MIPS does not correctly > > > > restore icount for the instruction which caused the exception. In most cases > > > > icount will be decreased by the value equal to the size of TB. > > > > > > I don't think it is correct. There is no real point of always doing > > > retranslation for an exception triggered from the helpers, especially > > > when the CPU state has been saved before anyway? > > > > As you know, icount is processed as follows: > > > > TB: > > if icount < n then exit > > icount -= n > > instr1 > > instr2 > > ... > > instrn > > exit > > > > When one of the instructions initiates an exception, then icount should be restored > > and adjusted number of instructions should be subtracted instead of initial n. > > > > E.g., tlb_fill function passes retaddr to raise_exception, which allows restoring > > current instructions in TB and correct icount calculation. > > > > When exception triggered with other function (e.g. by embedding call to > > helper_raise_exception_err into TB), then PC is not passed as retaddr and > > correct icount is not recovered. > > > > This behavior leads to incorrect values of timers and non-deterministic execution > > of the code. > > Ok, this therefore doesn't looks something MIPS specific, but rather a > flaw in the icount design. Instead of fixing blindly one target, we > should try to fix it globally, or if not possible at least agree on a > way to fix that for all target and provide the infrastructure for that > (for example provide load/store functions which accept a return > address). Paolo any opinion on that? Recovering from is a tricky mechanism. It can break the correct execution if used inaccurately even when icount is disabled. I already posted a patch for maskmov instruction in i386: http://lists.nongnu.org/archive/html/qemu-devel/2014-09/msg02960.html Pavel Dovgalyuk