From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Cc: "Philippe Mathieu-Daudé" <philmd@linaro.org>
Subject: [PULL 03/24] accel/tcg: Do not issue misaligned i/o
Date: Sat, 5 Aug 2023 20:36:54 -0700 [thread overview]
Message-ID: <20230806033715.244648-4-richard.henderson@linaro.org> (raw)
In-Reply-To: <20230806033715.244648-1-richard.henderson@linaro.org>
In the single-page case we were issuing misaligned i/o to
the memory subsystem, which does not handle it properly.
Split such accesses via do_{ld,st}_mmio_*.
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1800
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/cputlb.c | 118 +++++++++++++++++++++++++++------------------
1 file changed, 72 insertions(+), 46 deletions(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index a308cb7534..4b1bfaa53d 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -2370,16 +2370,20 @@ static uint8_t do_ld_1(CPUArchState *env, MMULookupPageData *p, int mmu_idx,
static uint16_t do_ld_2(CPUArchState *env, MMULookupPageData *p, int mmu_idx,
MMUAccessType type, MemOp memop, uintptr_t ra)
{
- uint64_t ret;
+ uint16_t ret;
if (unlikely(p->flags & TLB_MMIO)) {
- return io_readx(env, p->full, mmu_idx, p->addr, ra, type, memop);
- }
-
- /* Perform the load host endian, then swap if necessary. */
- ret = load_atom_2(env, ra, p->haddr, memop);
- if (memop & MO_BSWAP) {
- ret = bswap16(ret);
+ QEMU_IOTHREAD_LOCK_GUARD();
+ ret = do_ld_mmio_beN(env, p->full, 0, p->addr, 2, mmu_idx, type, ra);
+ if ((memop & MO_BSWAP) == MO_LE) {
+ ret = bswap16(ret);
+ }
+ } else {
+ /* Perform the load host endian, then swap if necessary. */
+ ret = load_atom_2(env, ra, p->haddr, memop);
+ if (memop & MO_BSWAP) {
+ ret = bswap16(ret);
+ }
}
return ret;
}
@@ -2390,13 +2394,17 @@ static uint32_t do_ld_4(CPUArchState *env, MMULookupPageData *p, int mmu_idx,
uint32_t ret;
if (unlikely(p->flags & TLB_MMIO)) {
- return io_readx(env, p->full, mmu_idx, p->addr, ra, type, memop);
- }
-
- /* Perform the load host endian. */
- ret = load_atom_4(env, ra, p->haddr, memop);
- if (memop & MO_BSWAP) {
- ret = bswap32(ret);
+ QEMU_IOTHREAD_LOCK_GUARD();
+ ret = do_ld_mmio_beN(env, p->full, 0, p->addr, 4, mmu_idx, type, ra);
+ if ((memop & MO_BSWAP) == MO_LE) {
+ ret = bswap32(ret);
+ }
+ } else {
+ /* Perform the load host endian. */
+ ret = load_atom_4(env, ra, p->haddr, memop);
+ if (memop & MO_BSWAP) {
+ ret = bswap32(ret);
+ }
}
return ret;
}
@@ -2407,13 +2415,17 @@ static uint64_t do_ld_8(CPUArchState *env, MMULookupPageData *p, int mmu_idx,
uint64_t ret;
if (unlikely(p->flags & TLB_MMIO)) {
- return io_readx(env, p->full, mmu_idx, p->addr, ra, type, memop);
- }
-
- /* Perform the load host endian. */
- ret = load_atom_8(env, ra, p->haddr, memop);
- if (memop & MO_BSWAP) {
- ret = bswap64(ret);
+ QEMU_IOTHREAD_LOCK_GUARD();
+ ret = do_ld_mmio_beN(env, p->full, 0, p->addr, 8, mmu_idx, type, ra);
+ if ((memop & MO_BSWAP) == MO_LE) {
+ ret = bswap64(ret);
+ }
+ } else {
+ /* Perform the load host endian. */
+ ret = load_atom_8(env, ra, p->haddr, memop);
+ if (memop & MO_BSWAP) {
+ ret = bswap64(ret);
+ }
}
return ret;
}
@@ -2561,20 +2573,22 @@ static Int128 do_ld16_mmu(CPUArchState *env, vaddr addr,
cpu_req_mo(TCG_MO_LD_LD | TCG_MO_ST_LD);
crosspage = mmu_lookup(env, addr, oi, ra, MMU_DATA_LOAD, &l);
if (likely(!crosspage)) {
- /* Perform the load host endian. */
if (unlikely(l.page[0].flags & TLB_MMIO)) {
QEMU_IOTHREAD_LOCK_GUARD();
- a = io_readx(env, l.page[0].full, l.mmu_idx, addr,
- ra, MMU_DATA_LOAD, MO_64);
- b = io_readx(env, l.page[0].full, l.mmu_idx, addr + 8,
- ra, MMU_DATA_LOAD, MO_64);
- ret = int128_make128(HOST_BIG_ENDIAN ? b : a,
- HOST_BIG_ENDIAN ? a : b);
+ a = do_ld_mmio_beN(env, l.page[0].full, 0, addr, 8,
+ l.mmu_idx, MMU_DATA_LOAD, ra);
+ b = do_ld_mmio_beN(env, l.page[0].full, 0, addr + 8, 8,
+ l.mmu_idx, MMU_DATA_LOAD, ra);
+ ret = int128_make128(b, a);
+ if ((l.memop & MO_BSWAP) == MO_LE) {
+ ret = bswap128(ret);
+ }
} else {
+ /* Perform the load host endian. */
ret = load_atom_16(env, ra, l.page[0].haddr, l.memop);
- }
- if (l.memop & MO_BSWAP) {
- ret = bswap128(ret);
+ if (l.memop & MO_BSWAP) {
+ ret = bswap128(ret);
+ }
}
return ret;
}
@@ -2874,7 +2888,11 @@ static void do_st_2(CPUArchState *env, MMULookupPageData *p, uint16_t val,
int mmu_idx, MemOp memop, uintptr_t ra)
{
if (unlikely(p->flags & TLB_MMIO)) {
- io_writex(env, p->full, mmu_idx, val, p->addr, ra, memop);
+ if ((memop & MO_BSWAP) != MO_LE) {
+ val = bswap16(val);
+ }
+ QEMU_IOTHREAD_LOCK_GUARD();
+ do_st_mmio_leN(env, p->full, val, p->addr, 2, mmu_idx, ra);
} else if (unlikely(p->flags & TLB_DISCARD_WRITE)) {
/* nothing */
} else {
@@ -2890,7 +2908,11 @@ static void do_st_4(CPUArchState *env, MMULookupPageData *p, uint32_t val,
int mmu_idx, MemOp memop, uintptr_t ra)
{
if (unlikely(p->flags & TLB_MMIO)) {
- io_writex(env, p->full, mmu_idx, val, p->addr, ra, memop);
+ if ((memop & MO_BSWAP) != MO_LE) {
+ val = bswap32(val);
+ }
+ QEMU_IOTHREAD_LOCK_GUARD();
+ do_st_mmio_leN(env, p->full, val, p->addr, 4, mmu_idx, ra);
} else if (unlikely(p->flags & TLB_DISCARD_WRITE)) {
/* nothing */
} else {
@@ -2906,7 +2928,11 @@ static void do_st_8(CPUArchState *env, MMULookupPageData *p, uint64_t val,
int mmu_idx, MemOp memop, uintptr_t ra)
{
if (unlikely(p->flags & TLB_MMIO)) {
- io_writex(env, p->full, mmu_idx, val, p->addr, ra, memop);
+ if ((memop & MO_BSWAP) != MO_LE) {
+ val = bswap64(val);
+ }
+ QEMU_IOTHREAD_LOCK_GUARD();
+ do_st_mmio_leN(env, p->full, val, p->addr, 8, mmu_idx, ra);
} else if (unlikely(p->flags & TLB_DISCARD_WRITE)) {
/* nothing */
} else {
@@ -3029,22 +3055,22 @@ static void do_st16_mmu(CPUArchState *env, vaddr addr, Int128 val,
cpu_req_mo(TCG_MO_LD_ST | TCG_MO_ST_ST);
crosspage = mmu_lookup(env, addr, oi, ra, MMU_DATA_STORE, &l);
if (likely(!crosspage)) {
- /* Swap to host endian if necessary, then store. */
- if (l.memop & MO_BSWAP) {
- val = bswap128(val);
- }
if (unlikely(l.page[0].flags & TLB_MMIO)) {
- QEMU_IOTHREAD_LOCK_GUARD();
- if (HOST_BIG_ENDIAN) {
- b = int128_getlo(val), a = int128_gethi(val);
- } else {
- a = int128_getlo(val), b = int128_gethi(val);
+ if ((l.memop & MO_BSWAP) != MO_LE) {
+ val = bswap128(val);
}
- io_writex(env, l.page[0].full, l.mmu_idx, a, addr, ra, MO_64);
- io_writex(env, l.page[0].full, l.mmu_idx, b, addr + 8, ra, MO_64);
+ a = int128_getlo(val);
+ b = int128_gethi(val);
+ QEMU_IOTHREAD_LOCK_GUARD();
+ do_st_mmio_leN(env, l.page[0].full, a, addr, 8, l.mmu_idx, ra);
+ do_st_mmio_leN(env, l.page[0].full, b, addr + 8, 8, l.mmu_idx, ra);
} else if (unlikely(l.page[0].flags & TLB_DISCARD_WRITE)) {
/* nothing */
} else {
+ /* Swap to host endian if necessary, then store. */
+ if (l.memop & MO_BSWAP) {
+ val = bswap128(val);
+ }
store_atom_16(env, ra, l.page[0].haddr, l.memop, val);
}
return;
--
2.34.1
next prev parent reply other threads:[~2023-08-06 3:38 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-06 3:36 [PULL 00/24] tcg + linux-user queue for 8.1-rc3 Richard Henderson
2023-08-06 3:36 ` [PULL 01/24] accel/tcg: Adjust parameters and locking with do_{ld, st}_mmio_* Richard Henderson
2023-08-06 3:36 ` [PULL 02/24] accel/tcg: Issue wider aligned i/o in do_{ld,st}_mmio_* Richard Henderson
2023-08-06 3:36 ` Richard Henderson [this message]
2023-08-06 3:36 ` [PULL 04/24] gdbstub: use 0 ("any process") on packets with no PID Richard Henderson
2023-08-06 3:36 ` [PULL 05/24] linux-user: Unset MAP_FIXED_NOREPLACE for host Richard Henderson
2023-08-06 3:36 ` [PULL 06/24] linux-user: Fix MAP_FIXED_NOREPLACE on old kernels Richard Henderson
2023-08-06 3:36 ` [PULL 07/24] linux-user: Do not call get_errno() in do_brk() Richard Henderson
2023-08-06 6:53 ` Michael Tokarev
2023-08-07 1:23 ` Richard Henderson
2023-08-06 3:36 ` [PULL 08/24] linux-user: Use MAP_FIXED_NOREPLACE for do_brk() Richard Henderson
2023-08-06 3:37 ` [PULL 09/24] linux-user: Do nothing if too small brk is specified Richard Henderson
2023-08-06 3:37 ` [PULL 10/24] linux-user: Do not align brk with host page size Richard Henderson
2023-08-06 3:37 ` [PULL 11/24] linux-user: Remove last_brk Richard Henderson
2023-08-06 3:37 ` [PULL 12/24] bsd-user: " Richard Henderson
2023-08-06 3:37 ` [PULL 13/24] linux-user: Adjust task_unmapped_base for reserved_va Richard Henderson
2023-08-06 3:37 ` [PULL 14/24] linux-user: Define TASK_UNMAPPED_BASE in $guest/target_mman.h Richard Henderson
2023-08-06 3:37 ` [PULL 15/24] linux-user: Define ELF_ET_DYN_BASE " Richard Henderson
2023-08-06 3:37 ` [PULL 16/24] linux-user: Use MAP_FIXED_NOREPLACE for initial image mmap Richard Henderson
2023-08-06 3:37 ` [PULL 17/24] linux-user: Use elf_et_dyn_base for ET_DYN with interpreter Richard Henderson
2023-08-06 3:37 ` [PULL 18/24] linux-user: Adjust initial brk when interpreter is close to executable Richard Henderson
2023-08-06 3:37 ` [PULL 19/24] linux-user: Properly set image_info.brk in flatload Richard Henderson
2023-08-06 3:37 ` [PULL 20/24] linux-user: Do not adjust image mapping for host page size Richard Henderson
2023-08-06 3:37 ` [PULL 21/24] linux-user: Do not adjust zero_bss " Richard Henderson
2023-08-06 3:37 ` [PULL 22/24] linux-user: Use zero_bss for PT_LOAD with no file contents too Richard Henderson
2023-08-06 3:37 ` [PULL 23/24] accel/tcg: Call save_iotlb_data from io_readx as well Richard Henderson
2023-08-06 3:37 ` [PULL 24/24] linux-user/elfload: Set V in ELF_HWCAP for RISC-V Richard Henderson
2023-08-07 1:22 ` [PULL 00/24] tcg + linux-user queue for 8.1-rc3 Richard Henderson
2023-08-23 13:04 ` Failing avocado tests in CI (was: Re: [PULL 00/24] tcg + linux-user queue for 8.1-rc3) Thomas Huth
2023-08-23 16:27 ` Richard Henderson
2023-08-24 15:31 ` Alex Bennée
2023-08-24 16:23 ` Michael Tokarev
2023-08-25 11:05 ` Philippe Mathieu-Daudé
2023-08-24 18:31 ` Richard Henderson
2023-08-25 11:36 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230806033715.244648-4-richard.henderson@linaro.org \
--to=richard.henderson@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).