From: Paolo Bonzini <pbonzini@redhat.com>
To: "Clément Chigot" <chigot@adacore.com>,
"Mark Cave-Ayland" <mark.cave-ayland@ilande.co.uk>
Cc: qemu-devel@nongnu.org
Subject: Re: [PULL 13/42] target/i386: use gen_writeback() within gen_POP()
Date: Wed, 10 Jul 2024 12:43:34 +0200 [thread overview]
Message-ID: <0a94f7e1-611f-42bd-8fea-d3c940a26647@redhat.com> (raw)
In-Reply-To: <CAJ307EhO9MEk7=w62CGjYn9J3YGOPk0e7gRKMUGk57Wh0y75rg@mail.gmail.com>
On 7/10/24 11:42, Clément Chigot wrote:
> Hi Mark,
>
> This patch introduces regressions in our x86_64 VxWorks kernels
> running over qemu. Some page faults are triggered randomly.
>
> Earlier to this patch, the MemOp `ot` passed to `gen_op_st_v` was the
> `gen_pop_T0` created a few lines above.
> Now, this is `op->ot` which comes from elsewhere.
>
> Adding `op->ot = ot` just before calling `gen_writeback` fixes my
> regressions. But I'm wondering if there could be some unexpected
> fallbacks, `op->ot` possibly being used afterwards.
Mark's patch is correct and the (previously latent) mistake is in
the decoding table.
The manual correctly says that POP has "default 64-bit" operand;
that is, it is 64-bit even without a REX.W prefix. It must be
marked as "d64" rather than "v".
Can you test this patch?
diff --git a/target/i386/tcg/decode-new.c.inc b/target/i386/tcg/decode-new.c.inc
index 0d846c32c22..d2da1d396d5 100644
--- a/target/i386/tcg/decode-new.c.inc
+++ b/target/i386/tcg/decode-new.c.inc
@@ -1717,7 +1717,7 @@ static const X86OpEntry opcodes_root[256] = {
[0x8C] = X86_OP_ENTRYwr(MOV, E,v, S,w, op0_Mw),
[0x8D] = X86_OP_ENTRYwr(LEA, G,v, M,v, nolea),
[0x8E] = X86_OP_ENTRYwr(MOV, S,w, E,w),
- [0x8F] = X86_OP_GROUPw(group1A, E,v),
+ [0x8F] = X86_OP_GROUPw(group1A, E,d64),
[0x98] = X86_OP_ENTRY1(CBW, 0,v), /* rAX */
[0x99] = X86_OP_ENTRYwr(CWD, 2,v, 0,v), /* rDX, rAX */
diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
index fc7477833bc..36bb308e449 100644
--- a/target/i386/tcg/emit.c.inc
+++ b/target/i386/tcg/emit.c.inc
@@ -2788,6 +2788,8 @@ static void gen_POP(DisasContext *s, X86DecodedInsn *decode)
X86DecodedOp *op = &decode->op[0];
MemOp ot = gen_pop_T0(s);
+ /* Only 16/32-bit access in 32-bit mode, 16/64-bit access in long mode. */
+ assert(ot == op->ot);
if (op->has_ea || op->unit == X86_OP_SEG) {
/* NOTE: order is important for MMU exceptions */
gen_writeback(s, decode, 0, s->T0);
Thanks (and it's reassuring that everything else has worked fine
for you!),
Paolo
> Thanks,
> Clément
>
> On Sat, Jun 8, 2024 at 10:36 AM Paolo Bonzini <pbonzini@redhat.com> wrote:
>>
>> From: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>>
>> Instead of directly implementing the writeback using gen_op_st_v(), use the
>> existing gen_writeback() function.
>>
>> Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
>> Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
>> Message-ID: <20240606095319.229650-3-mark.cave-ayland@ilande.co.uk>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>> ---
>> target/i386/tcg/emit.c.inc | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/target/i386/tcg/emit.c.inc b/target/i386/tcg/emit.c.inc
>> index ca78504b6e4..6123235c000 100644
>> --- a/target/i386/tcg/emit.c.inc
>> +++ b/target/i386/tcg/emit.c.inc
>> @@ -2580,9 +2580,9 @@ static void gen_POP(DisasContext *s, CPUX86State *env, X86DecodedInsn *decode)
>>
>> if (op->has_ea) {
>> /* NOTE: order is important for MMU exceptions */
>> - gen_op_st_v(s, ot, s->T0, s->A0);
>> - op->unit = X86_OP_SKIP;
>> + gen_writeback(s, decode, 0, s->T0);
>> }
>> +
>> /* NOTE: writing back registers after update is important for pop %sp */
>> gen_pop_update(s, ot);
>> }
>> --
>> 2.45.1
>>
>>
>
>
next prev parent reply other threads:[~2024-07-10 10:43 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-08 8:33 [PULL 00/42] i386, scsi. hostmem fixes for 2024-06-08 Paolo Bonzini
2024-06-08 8:33 ` [PULL 01/42] target/i386: fix pushed value of EFLAGS.RF Paolo Bonzini
2024-06-08 8:33 ` [PULL 02/42] target/i386: fix implementation of ICEBP Paolo Bonzini
2024-06-08 8:33 ` [PULL 03/42] target/i386: cleanup HLT helpers Paolo Bonzini
2024-06-08 8:33 ` [PULL 04/42] target/i386: cleanup PAUSE helpers Paolo Bonzini
2024-06-08 8:33 ` [PULL 05/42] target/i386: implement DR7.GD Paolo Bonzini
2024-06-08 8:33 ` [PULL 06/42] target/i386: disable/enable breakpoints on vmentry/vmexit Paolo Bonzini
2024-06-08 8:33 ` [PULL 07/42] target/i386: fix INHIBIT_IRQ/TF/RF handling for VMRUN Paolo Bonzini
2024-06-08 8:33 ` [PULL 08/42] target/i386: fix INHIBIT_IRQ/TF/RF handling for PAUSE Paolo Bonzini
2024-06-08 8:33 ` [PULL 09/42] target/i386: fix TF/RF handling for HLT Paolo Bonzini
2024-06-08 8:33 ` [PULL 10/42] target/i386: document incorrect semantics of watchpoint following MOV/POP SS Paolo Bonzini
2024-06-08 8:33 ` [PULL 11/42] target/i386: document use of DISAS_NORETURN Paolo Bonzini
2024-06-08 8:33 ` [PULL 12/42] target/i386: use local X86DecodedOp in gen_POP() Paolo Bonzini
2024-06-08 8:33 ` [PULL 13/42] target/i386: use gen_writeback() within gen_POP() Paolo Bonzini
2024-07-10 9:42 ` Clément Chigot
2024-07-10 10:43 ` Paolo Bonzini [this message]
2024-07-10 12:53 ` Clément Chigot
2024-06-08 8:33 ` [PULL 14/42] target/i386: fix SP when taking a memory fault during POP Paolo Bonzini
2024-06-08 8:33 ` [PULL 15/42] target/i386: fix size of EBP writeback in gen_enter() Paolo Bonzini
2024-06-08 8:33 ` [PULL 16/42] machine: default -M mem-merge to off is QEMU_MADV_MERGEABLE is not available Paolo Bonzini
2024-06-08 8:33 ` [PULL 17/42] meson: Don't even detect posix_madvise() on Darwin Paolo Bonzini
2024-06-08 8:33 ` [PULL 18/42] osdep: Make qemu_madvise() to set errno in all cases Paolo Bonzini
2024-06-08 8:33 ` [PULL 19/42] osdep: Make qemu_madvise() return ENOSYS on unsupported OSes Paolo Bonzini
2024-06-08 8:33 ` [PULL 20/42] backends/hostmem: Report error when memory size is unaligned Paolo Bonzini
2024-06-08 8:33 ` [PULL 21/42] machine, hostmem: improve error messages for unsupported features Paolo Bonzini
2024-06-08 8:33 ` [PULL 22/42] hostmem: simplify the code for merge and dump properties Paolo Bonzini
2024-06-08 8:33 ` [PULL 23/42] scsi-disk: Don't silently truncate serial number Paolo Bonzini
2024-06-08 8:33 ` [PULL 24/42] stubs/meson: Fix qemuutil build when --disable-system Paolo Bonzini
2024-06-08 8:33 ` [PULL 25/42] i386/hvf: Adds support for INVTSC cpuid bit Paolo Bonzini
2024-06-08 8:33 ` [PULL 26/42] i386/hvf: Fixes some compilation warnings Paolo Bonzini
2024-06-08 8:34 ` [PULL 27/42] hvf: Consistent types for vCPU handles Paolo Bonzini
2024-06-08 8:34 ` [PULL 28/42] i386/hvf: Fixes dirty memory tracking by page granularity RX->RWX change Paolo Bonzini
2024-06-08 8:34 ` [PULL 29/42] i386/hvf: In kick_vcpu use hv_vcpu_interrupt to force exit Paolo Bonzini
2024-06-08 8:34 ` [PULL 30/42] i386/hvf: Updates API usage to use modern vCPU run function Paolo Bonzini
2024-06-08 8:34 ` [PULL 31/42] hvf: Makes assert_hvf_ok report failed expression Paolo Bonzini
2024-06-08 8:34 ` [PULL 32/42] target/i386: add support for FRED in CPUID enumeration Paolo Bonzini
2024-06-08 8:34 ` [PULL 33/42] target/i386: mark CR4.FRED not reserved Paolo Bonzini
2024-06-08 8:34 ` [PULL 34/42] vmxcap: add support for VMX FRED controls Paolo Bonzini
2024-06-08 8:34 ` [PULL 35/42] target/i386: enumerate VMX nested-exception support Paolo Bonzini
2024-06-08 8:34 ` [PULL 36/42] target/i386: Add get/set/migrate support for FRED MSRs Paolo Bonzini
2024-06-08 8:34 ` [PULL 37/42] docs: i386: pc: Avoid mentioning limit of maximum vCPUs Paolo Bonzini
2024-06-08 8:34 ` [PULL 38/42] i386: Fix MCE support for AMD hosts Paolo Bonzini
2024-06-08 8:34 ` [PULL 39/42] i386: Add support for SUCCOR feature Paolo Bonzini
2024-06-13 9:50 ` Xiaoyao Li
2024-06-24 16:29 ` John Allen
2024-06-27 14:00 ` Paolo Bonzini
2024-06-08 8:34 ` [PULL 40/42] i386: Add support for overflow recovery Paolo Bonzini
2024-06-08 8:34 ` [PULL 41/42] Revert "python: use vendored tomli" Paolo Bonzini
2024-06-08 8:34 ` [PULL 42/42] python: mkvenv: remove ensure command Paolo Bonzini
2024-06-08 20:19 ` [PULL 00/42] i386, scsi. hostmem fixes for 2024-06-08 Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0a94f7e1-611f-42bd-8fea-d3c940a26647@redhat.com \
--to=pbonzini@redhat.com \
--cc=chigot@adacore.com \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).