[PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail
@ 2020-08-13 20:08 Richard Henderson
  2020-08-13 20:08 ` [PATCH v2 1/2] target/arm: Pass the entire mte descriptor to mte_check_fail Richard Henderson
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Richard Henderson @ 2020-08-13 20:08 UTC (permalink / raw)
  To: qemu-devel; +Cc: andreyknvl, vincenzo.frascino, alex.bennee, peter.maydell

Supercedes: <20200812171946.2044791-1-richard.henderson@linaro.org>

We missed filling in the WnR bit for the syndrome reported
into ESR_ELx for the Tag Check Fail Data Abort.


r~


Richard Henderson (2):
  target/arm: Pass the entire mte descriptor to mte_check_fail
  target/arm: Fill in the WnR syndrome bit in mte_check_fail

 target/arm/mte_helper.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

-- 
2.25.1



^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH v2 1/2] target/arm: Pass the entire mte descriptor to mte_check_fail
  2020-08-13 20:08 [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Richard Henderson
@ 2020-08-13 20:08 ` Richard Henderson
  2020-08-13 20:08 ` [PATCH v2 2/2] target/arm: Fill in the WnR syndrome bit in mte_check_fail Richard Henderson
  2020-08-24 15:32 ` [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Richard Henderson @ 2020-08-13 20:08 UTC (permalink / raw)
  To: qemu-devel; +Cc: andreyknvl, vincenzo.frascino, alex.bennee, peter.maydell

We need more information than just the mmu_idx in order
to create the proper exception syndrome.  Only change the
function signature so far.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/mte_helper.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
index 104752041f..a40454588d 100644
--- a/target/arm/mte_helper.c
+++ b/target/arm/mte_helper.c
@@ -514,9 +514,10 @@ void HELPER(stzgm_tags)(CPUARMState *env, uint64_t ptr, uint64_t val)
 }
 
 /* Record a tag check failure.  */
-static void mte_check_fail(CPUARMState *env, int mmu_idx,
+static void mte_check_fail(CPUARMState *env, uint32_t desc,
                            uint64_t dirty_ptr, uintptr_t ra)
 {
+    int mmu_idx = FIELD_EX32(desc, MTEDESC, MIDX);
     ARMMMUIdx arm_mmu_idx = core_to_aa64_mmu_idx(mmu_idx);
     int el, reg_el, tcf, select;
     uint64_t sctlr;
@@ -639,8 +640,7 @@ uint64_t mte_check1(CPUARMState *env, uint32_t desc,
     }
 
     if (unlikely(!mte_probe1_int(env, desc, ptr, ra, bit55))) {
-        int mmu_idx = FIELD_EX32(desc, MTEDESC, MIDX);
-        mte_check_fail(env, mmu_idx, ptr, ra);
+        mte_check_fail(env, desc, ptr, ra);
     }
 
     return useronly_clean_ptr(ptr);
@@ -810,7 +810,7 @@ uint64_t mte_checkN(CPUARMState *env, uint32_t desc,
 
         fail_ofs = tag_first + n * TAG_GRANULE - ptr;
         fail_ofs = ROUND_UP(fail_ofs, esize);
-        mte_check_fail(env, mmu_idx, ptr + fail_ofs, ra);
+        mte_check_fail(env, desc, ptr + fail_ofs, ra);
     }
 
  done:
@@ -922,7 +922,7 @@ uint64_t HELPER(mte_check_zva)(CPUARMState *env, uint32_t desc, uint64_t ptr)
  fail:
     /* Locate the first nibble that differs. */
     i = ctz64(mem_tag ^ ptr_tag) >> 4;
-    mte_check_fail(env, mmu_idx, align_ptr + i * TAG_GRANULE, ra);
+    mte_check_fail(env, desc, align_ptr + i * TAG_GRANULE, ra);
 
  done:
     return useronly_clean_ptr(ptr);
-- 
2.25.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH v2 2/2] target/arm: Fill in the WnR syndrome bit in mte_check_fail
  2020-08-13 20:08 [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Richard Henderson
  2020-08-13 20:08 ` [PATCH v2 1/2] target/arm: Pass the entire mte descriptor to mte_check_fail Richard Henderson
@ 2020-08-13 20:08 ` Richard Henderson
  2020-08-24 15:32 ` [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Richard Henderson @ 2020-08-13 20:08 UTC (permalink / raw)
  To: qemu-devel; +Cc: andreyknvl, vincenzo.frascino, alex.bennee, peter.maydell

According to AArch64.TagCheckFault, none of the other ISS values are
provided, so we do not need to go so far as merge_syn_data_abort.
But we were missing the WnR bit.

Tested-by: Andrey Konovalov <andreyknvl@google.com>
Reported-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 target/arm/mte_helper.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
index a40454588d..891306f5b0 100644
--- a/target/arm/mte_helper.c
+++ b/target/arm/mte_helper.c
@@ -519,7 +519,7 @@ static void mte_check_fail(CPUARMState *env, uint32_t desc,
 {
     int mmu_idx = FIELD_EX32(desc, MTEDESC, MIDX);
     ARMMMUIdx arm_mmu_idx = core_to_aa64_mmu_idx(mmu_idx);
-    int el, reg_el, tcf, select;
+    int el, reg_el, tcf, select, is_write, syn;
     uint64_t sctlr;
 
     reg_el = regime_el(env, arm_mmu_idx);
@@ -547,9 +547,10 @@ static void mte_check_fail(CPUARMState *env, uint32_t desc,
          */
         cpu_restore_state(env_cpu(env), ra, true);
         env->exception.vaddress = dirty_ptr;
-        raise_exception(env, EXCP_DATA_ABORT,
-                        syn_data_abort_no_iss(el != 0, 0, 0, 0, 0, 0, 0x11),
-                        exception_target_el(env));
+
+        is_write = FIELD_EX32(desc, MTEDESC, WRITE);
+        syn = syn_data_abort_no_iss(el != 0, 0, 0, 0, 0, is_write, 0x11);
+        raise_exception(env, EXCP_DATA_ABORT, syn, exception_target_el(env));
         /* noreturn, but fall through to the assert anyway */
 
     case 0:
-- 
2.25.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail
  2020-08-13 20:08 [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Richard Henderson
  2020-08-13 20:08 ` [PATCH v2 1/2] target/arm: Pass the entire mte descriptor to mte_check_fail Richard Henderson
  2020-08-13 20:08 ` [PATCH v2 2/2] target/arm: Fill in the WnR syndrome bit in mte_check_fail Richard Henderson
@ 2020-08-24 15:32 ` Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2020-08-24 15:32 UTC (permalink / raw)
  To: Richard Henderson
  Cc: andreyknvl, vincenzo.frascino, Alex Bennée, QEMU Developers

On Thu, 13 Aug 2020 at 21:08, Richard Henderson
<richard.henderson@linaro.org> wrote:
>
> Supercedes: <20200812171946.2044791-1-richard.henderson@linaro.org>
>
> We missed filling in the WnR bit for the syndrome reported
> into ESR_ELx for the Tag Check Fail Data Abort.
>
>


Applied to target-arm.next, thanks.

-- PMM


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-08-24 15:33 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-13 20:08 [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Richard Henderson
2020-08-13 20:08 ` [PATCH v2 1/2] target/arm: Pass the entire mte descriptor to mte_check_fail Richard Henderson
2020-08-13 20:08 ` [PATCH v2 2/2] target/arm: Fill in the WnR syndrome bit in mte_check_fail Richard Henderson
2020-08-24 15:32 ` [PATCH v2 0/2] target/arm: Fix syndrome for MTE tag check fail Peter Maydell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).