* [PATCH] target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0
@ 2023-08-17 15:29 Daniel Henrique Barboza
2023-08-22 7:28 ` Andrew Jones
2023-08-22 18:41 ` Alistair Francis
0 siblings, 2 replies; 3+ messages in thread
From: Daniel Henrique Barboza @ 2023-08-17 15:29 UTC (permalink / raw)
To: qemu-devel
Cc: qemu-riscv, alistair.francis, bmeng, liweiwei, zhiwei_liu, palmer,
Daniel Henrique Barboza, Alexandre Ghiti
In the same emulated RISC-V host, the 'host' KVM CPU takes 4 times
longer to boot than the 'rv64' KVM CPU.
The reason is an unintended behavior of riscv_cpu_satp_mode_finalize()
when satp_mode.supported = 0, i.e. when cpu_init() does not set
satp_mode_max_supported(). satp_mode_max_from_map(map) does:
31 - __builtin_clz(map)
This means that, if satp_mode.supported = 0, satp_mode_supported_max
wil be '31 - 32'. But this is C, so satp_mode_supported_max will gladly
set it to UINT_MAX (4294967295). After that, if the user didn't set a
satp_mode, set_satp_mode_default_map(cpu) will make
cfg.satp_mode.map = cfg.satp_mode.supported
So satp_mode.map = 0. And then satp_mode_map_max will be set to
satp_mode_max_from_map(cpu->cfg.satp_mode.map), i.e. also UINT_MAX. The
guard "satp_mode_map_max > satp_mode_supported_max" doesn't protect us
here since both are UINT_MAX.
And finally we have 2 loops:
for (int i = satp_mode_map_max - 1; i >= 0; --i) {
Which are, in fact, 2 loops from UINT_MAX -1 to -1. This is where the
extra delay when booting the 'host' CPU is coming from.
Commit 43d1de32f8 already set a precedence for satp_mode.supported = 0
in a different manner. We're doing the same here. If supported == 0,
interpret as 'the CPU wants the OS to handle satp mode alone' and skip
satp_mode_finalize().
We'll also put a guard in satp_mode_max_from_map() to assert out if map
is 0 since the function is not ready to deal with it.
Cc: Alexandre Ghiti <alexghiti@rivosinc.com>
Fixes: 6f23aaeb9b ("riscv: Allow user to set the satp mode")
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
---
target/riscv/cpu.c | 23 ++++++++++++++++++++---
1 file changed, 20 insertions(+), 3 deletions(-)
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index d608026a28..86da93c7bc 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -349,6 +349,17 @@ static uint8_t satp_mode_from_str(const char *satp_mode_str)
uint8_t satp_mode_max_from_map(uint32_t map)
{
+ /*
+ * 'map = 0' will make us return (31 - 32), which C will
+ * happily overflow to UINT_MAX. There's no good result to
+ * return if 'map = 0' (e.g. returning 0 will be ambiguous
+ * with the result for 'map = 1').
+ *
+ * Assert out if map = 0. Callers will have to deal with
+ * it outside of this function.
+ */
+ g_assert(map > 0);
+
/* map here has at least one bit set, so no problem with clz */
return 31 - __builtin_clz(map);
}
@@ -1387,9 +1398,15 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp)
static void riscv_cpu_satp_mode_finalize(RISCVCPU *cpu, Error **errp)
{
bool rv32 = riscv_cpu_mxl(&cpu->env) == MXL_RV32;
- uint8_t satp_mode_map_max;
- uint8_t satp_mode_supported_max =
- satp_mode_max_from_map(cpu->cfg.satp_mode.supported);
+ uint8_t satp_mode_map_max, satp_mode_supported_max;
+
+ /* The CPU wants the OS to decide which satp mode to use */
+ if (cpu->cfg.satp_mode.supported == 0) {
+ return;
+ }
+
+ satp_mode_supported_max =
+ satp_mode_max_from_map(cpu->cfg.satp_mode.supported);
if (cpu->cfg.satp_mode.map == 0) {
if (cpu->cfg.satp_mode.init == 0) {
--
2.41.0
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH] target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0
2023-08-17 15:29 [PATCH] target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0 Daniel Henrique Barboza
@ 2023-08-22 7:28 ` Andrew Jones
2023-08-22 18:41 ` Alistair Francis
1 sibling, 0 replies; 3+ messages in thread
From: Andrew Jones @ 2023-08-22 7:28 UTC (permalink / raw)
To: Daniel Henrique Barboza
Cc: qemu-devel, qemu-riscv, alistair.francis, bmeng, liweiwei,
zhiwei_liu, palmer, Alexandre Ghiti
On Thu, Aug 17, 2023 at 12:29:03PM -0300, Daniel Henrique Barboza wrote:
> In the same emulated RISC-V host, the 'host' KVM CPU takes 4 times
> longer to boot than the 'rv64' KVM CPU.
>
> The reason is an unintended behavior of riscv_cpu_satp_mode_finalize()
> when satp_mode.supported = 0, i.e. when cpu_init() does not set
> satp_mode_max_supported(). satp_mode_max_from_map(map) does:
>
> 31 - __builtin_clz(map)
>
> This means that, if satp_mode.supported = 0, satp_mode_supported_max
> wil be '31 - 32'. But this is C, so satp_mode_supported_max will gladly
> set it to UINT_MAX (4294967295). After that, if the user didn't set a
> satp_mode, set_satp_mode_default_map(cpu) will make
>
> cfg.satp_mode.map = cfg.satp_mode.supported
>
> So satp_mode.map = 0. And then satp_mode_map_max will be set to
> satp_mode_max_from_map(cpu->cfg.satp_mode.map), i.e. also UINT_MAX. The
> guard "satp_mode_map_max > satp_mode_supported_max" doesn't protect us
> here since both are UINT_MAX.
>
> And finally we have 2 loops:
>
> for (int i = satp_mode_map_max - 1; i >= 0; --i) {
>
> Which are, in fact, 2 loops from UINT_MAX -1 to -1. This is where the
> extra delay when booting the 'host' CPU is coming from.
>
> Commit 43d1de32f8 already set a precedence for satp_mode.supported = 0
> in a different manner. We're doing the same here. If supported == 0,
> interpret as 'the CPU wants the OS to handle satp mode alone' and skip
> satp_mode_finalize().
>
> We'll also put a guard in satp_mode_max_from_map() to assert out if map
> is 0 since the function is not ready to deal with it.
>
> Cc: Alexandre Ghiti <alexghiti@rivosinc.com>
> Fixes: 6f23aaeb9b ("riscv: Allow user to set the satp mode")
> Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
> ---
> target/riscv/cpu.c | 23 ++++++++++++++++++++---
> 1 file changed, 20 insertions(+), 3 deletions(-)
>
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index d608026a28..86da93c7bc 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -349,6 +349,17 @@ static uint8_t satp_mode_from_str(const char *satp_mode_str)
>
> uint8_t satp_mode_max_from_map(uint32_t map)
> {
> + /*
> + * 'map = 0' will make us return (31 - 32), which C will
> + * happily overflow to UINT_MAX. There's no good result to
> + * return if 'map = 0' (e.g. returning 0 will be ambiguous
> + * with the result for 'map = 1').
> + *
> + * Assert out if map = 0. Callers will have to deal with
> + * it outside of this function.
> + */
> + g_assert(map > 0);
> +
> /* map here has at least one bit set, so no problem with clz */
> return 31 - __builtin_clz(map);
> }
> @@ -1387,9 +1398,15 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp)
> static void riscv_cpu_satp_mode_finalize(RISCVCPU *cpu, Error **errp)
> {
> bool rv32 = riscv_cpu_mxl(&cpu->env) == MXL_RV32;
> - uint8_t satp_mode_map_max;
> - uint8_t satp_mode_supported_max =
> - satp_mode_max_from_map(cpu->cfg.satp_mode.supported);
> + uint8_t satp_mode_map_max, satp_mode_supported_max;
> +
> + /* The CPU wants the OS to decide which satp mode to use */
> + if (cpu->cfg.satp_mode.supported == 0) {
> + return;
> + }
> +
> + satp_mode_supported_max =
> + satp_mode_max_from_map(cpu->cfg.satp_mode.supported);
>
> if (cpu->cfg.satp_mode.map == 0) {
> if (cpu->cfg.satp_mode.init == 0) {
> --
> 2.41.0
>
>
Reviewed-by: Andrew Jones <ajones@ventanamicro.com>
Thanks,
drew
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH] target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0
2023-08-17 15:29 [PATCH] target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0 Daniel Henrique Barboza
2023-08-22 7:28 ` Andrew Jones
@ 2023-08-22 18:41 ` Alistair Francis
1 sibling, 0 replies; 3+ messages in thread
From: Alistair Francis @ 2023-08-22 18:41 UTC (permalink / raw)
To: Daniel Henrique Barboza
Cc: qemu-devel, qemu-riscv, alistair.francis, bmeng, liweiwei,
zhiwei_liu, palmer, Alexandre Ghiti
On Thu, Aug 17, 2023 at 11:29 AM Daniel Henrique Barboza
<dbarboza@ventanamicro.com> wrote:
>
> In the same emulated RISC-V host, the 'host' KVM CPU takes 4 times
> longer to boot than the 'rv64' KVM CPU.
>
> The reason is an unintended behavior of riscv_cpu_satp_mode_finalize()
> when satp_mode.supported = 0, i.e. when cpu_init() does not set
> satp_mode_max_supported(). satp_mode_max_from_map(map) does:
>
> 31 - __builtin_clz(map)
>
> This means that, if satp_mode.supported = 0, satp_mode_supported_max
> wil be '31 - 32'. But this is C, so satp_mode_supported_max will gladly
> set it to UINT_MAX (4294967295). After that, if the user didn't set a
> satp_mode, set_satp_mode_default_map(cpu) will make
>
> cfg.satp_mode.map = cfg.satp_mode.supported
>
> So satp_mode.map = 0. And then satp_mode_map_max will be set to
> satp_mode_max_from_map(cpu->cfg.satp_mode.map), i.e. also UINT_MAX. The
> guard "satp_mode_map_max > satp_mode_supported_max" doesn't protect us
> here since both are UINT_MAX.
>
> And finally we have 2 loops:
>
> for (int i = satp_mode_map_max - 1; i >= 0; --i) {
>
> Which are, in fact, 2 loops from UINT_MAX -1 to -1. This is where the
> extra delay when booting the 'host' CPU is coming from.
>
> Commit 43d1de32f8 already set a precedence for satp_mode.supported = 0
> in a different manner. We're doing the same here. If supported == 0,
> interpret as 'the CPU wants the OS to handle satp mode alone' and skip
> satp_mode_finalize().
>
> We'll also put a guard in satp_mode_max_from_map() to assert out if map
> is 0 since the function is not ready to deal with it.
>
> Cc: Alexandre Ghiti <alexghiti@rivosinc.com>
> Fixes: 6f23aaeb9b ("riscv: Allow user to set the satp mode")
> Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Thanks!
Applied to riscv-to-apply.next
Alistair
> ---
> target/riscv/cpu.c | 23 ++++++++++++++++++++---
> 1 file changed, 20 insertions(+), 3 deletions(-)
>
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index d608026a28..86da93c7bc 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -349,6 +349,17 @@ static uint8_t satp_mode_from_str(const char *satp_mode_str)
>
> uint8_t satp_mode_max_from_map(uint32_t map)
> {
> + /*
> + * 'map = 0' will make us return (31 - 32), which C will
> + * happily overflow to UINT_MAX. There's no good result to
> + * return if 'map = 0' (e.g. returning 0 will be ambiguous
> + * with the result for 'map = 1').
> + *
> + * Assert out if map = 0. Callers will have to deal with
> + * it outside of this function.
> + */
> + g_assert(map > 0);
> +
> /* map here has at least one bit set, so no problem with clz */
> return 31 - __builtin_clz(map);
> }
> @@ -1387,9 +1398,15 @@ void riscv_cpu_validate_set_extensions(RISCVCPU *cpu, Error **errp)
> static void riscv_cpu_satp_mode_finalize(RISCVCPU *cpu, Error **errp)
> {
> bool rv32 = riscv_cpu_mxl(&cpu->env) == MXL_RV32;
> - uint8_t satp_mode_map_max;
> - uint8_t satp_mode_supported_max =
> - satp_mode_max_from_map(cpu->cfg.satp_mode.supported);
> + uint8_t satp_mode_map_max, satp_mode_supported_max;
> +
> + /* The CPU wants the OS to decide which satp mode to use */
> + if (cpu->cfg.satp_mode.supported == 0) {
> + return;
> + }
> +
> + satp_mode_supported_max =
> + satp_mode_max_from_map(cpu->cfg.satp_mode.supported);
>
> if (cpu->cfg.satp_mode.map == 0) {
> if (cpu->cfg.satp_mode.init == 0) {
> --
> 2.41.0
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-08-22 18:42 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-17 15:29 [PATCH] target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0 Daniel Henrique Barboza
2023-08-22 7:28 ` Andrew Jones
2023-08-22 18:41 ` Alistair Francis
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).