[PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
@ 2024-02-08 15:33 Peter Maydell
  2024-02-08 17:45 ` Philippe Mathieu-Daudé
  2024-02-10 17:45 ` Richard Henderson
  0 siblings, 2 replies; 3+ messages in thread
From: Peter Maydell @ 2024-02-08 15:33 UTC (permalink / raw)
  To: qemu-arm, qemu-devel; +Cc: qemu-stable

It doesn't make sense to read the value of MDCR_EL2 on a non-A-profile
CPU, and in fact if you try to do it we will assert:

#6  0x00007ffff4b95e96 in __GI___assert_fail
    (assertion=0x5555565a8c70 "!arm_feature(env, ARM_FEATURE_M)", file=0x5555565a6e5c "../../target/arm/helper.c", line=12600, function=0x5555565a9560 <__PRETTY_FUNCTION__.0> "arm_security_space_below_el3") at ./assert/assert.c:101
#7  0x0000555555ebf412 in arm_security_space_below_el3 (env=0x555557bc8190) at ../../target/arm/helper.c:12600
#8  0x0000555555ea6f89 in arm_is_el2_enabled (env=0x555557bc8190) at ../../target/arm/cpu.h:2595
#9  0x0000555555ea942f in arm_mdcr_el2_eff (env=0x555557bc8190) at ../../target/arm/internals.h:1512

We might call pmu_counter_enabled() on an M-profile CPU (for example
from the migration pre/post hooks in machine.c); this should always
return false because these CPUs don't set ARM_FEATURE_PMU.

Avoid the assertion by not calling arm_mdcr_el2_eff() before we
have done the early return for "PMU not present".

This fixes an assertion failure if you try to do a loadvm or
savevm for an M-profile board.

Cc: qemu-stable@nongnu.org
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2155
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target/arm/helper.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/target/arm/helper.c b/target/arm/helper.c
index 8c1ff16f0d9..7c531ee9cff 100644
--- a/target/arm/helper.c
+++ b/target/arm/helper.c
@@ -1187,13 +1187,21 @@ static bool pmu_counter_enabled(CPUARMState *env, uint8_t counter)
     bool enabled, prohibited = false, filtered;
     bool secure = arm_is_secure(env);
     int el = arm_current_el(env);
-    uint64_t mdcr_el2 = arm_mdcr_el2_eff(env);
-    uint8_t hpmn = mdcr_el2 & MDCR_HPMN;
+    uint64_t mdcr_el2;
+    uint8_t hpmn;
 
+    /*
+     * We might be called for M-profile cores where MDCR_EL2 doesn't
+     * exist and arm_mdcr_el2_eff() will assert, so this early-exit check
+     * must be before we read that value.
+     */
     if (!arm_feature(env, ARM_FEATURE_PMU)) {
         return false;
     }
 
+    mdcr_el2 = arm_mdcr_el2_eff(env);
+    hpmn = mdcr_el2 & MDCR_HPMN;
+
     if (!arm_feature(env, ARM_FEATURE_EL2) ||
             (counter < hpmn || counter == 31)) {
         e = env->cp15.c9_pmcr & PMCRE;
-- 
2.34.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
  2024-02-08 15:33 [PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU Peter Maydell
@ 2024-02-08 17:45 ` Philippe Mathieu-Daudé
  2024-02-10 17:45 ` Richard Henderson
  1 sibling, 0 replies; 3+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-02-08 17:45 UTC (permalink / raw)
  To: Peter Maydell, qemu-arm, qemu-devel; +Cc: qemu-stable

On 8/2/24 16:33, Peter Maydell wrote:
> It doesn't make sense to read the value of MDCR_EL2 on a non-A-profile
> CPU, and in fact if you try to do it we will assert:
> 
> #6  0x00007ffff4b95e96 in __GI___assert_fail
>      (assertion=0x5555565a8c70 "!arm_feature(env, ARM_FEATURE_M)", file=0x5555565a6e5c "../../target/arm/helper.c", line=12600, function=0x5555565a9560 <__PRETTY_FUNCTION__.0> "arm_security_space_below_el3") at ./assert/assert.c:101
> #7  0x0000555555ebf412 in arm_security_space_below_el3 (env=0x555557bc8190) at ../../target/arm/helper.c:12600
> #8  0x0000555555ea6f89 in arm_is_el2_enabled (env=0x555557bc8190) at ../../target/arm/cpu.h:2595
> #9  0x0000555555ea942f in arm_mdcr_el2_eff (env=0x555557bc8190) at ../../target/arm/internals.h:1512
> 
> We might call pmu_counter_enabled() on an M-profile CPU (for example
> from the migration pre/post hooks in machine.c); this should always
> return false because these CPUs don't set ARM_FEATURE_PMU.
> 
> Avoid the assertion by not calling arm_mdcr_el2_eff() before we
> have done the early return for "PMU not present".
> 
> This fixes an assertion failure if you try to do a loadvm or
> savevm for an M-profile board.
> 
> Cc: qemu-stable@nongnu.org
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2155
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
>   target/arm/helper.c | 12 ++++++++++--
>   1 file changed, 10 insertions(+), 2 deletions(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU
  2024-02-08 15:33 [PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU Peter Maydell
  2024-02-08 17:45 ` Philippe Mathieu-Daudé
@ 2024-02-10 17:45 ` Richard Henderson
  1 sibling, 0 replies; 3+ messages in thread
From: Richard Henderson @ 2024-02-10 17:45 UTC (permalink / raw)
  To: Peter Maydell, qemu-arm, qemu-devel; +Cc: qemu-stable

On 2/8/24 05:33, Peter Maydell wrote:
> It doesn't make sense to read the value of MDCR_EL2 on a non-A-profile
> CPU, and in fact if you try to do it we will assert:
> 
> #6  0x00007ffff4b95e96 in __GI___assert_fail
>      (assertion=0x5555565a8c70 "!arm_feature(env, ARM_FEATURE_M)",
> file=0x5555565a6e5c "../../target/arm/helper.c", line=12600,
> function=0x5555565a9560 <__PRETTY_FUNCTION__.0>
> "arm_security_space_below_el3") at ./assert/assert.c:101
> #7  0x0000555555ebf412 in arm_security_space_below_el3
> (env=0x555557bc8190) at ../../target/arm/helper.c:12600
> #8  0x0000555555ea6f89 in arm_is_el2_enabled (env=0x555557bc8190) at
> ../../target/arm/cpu.h:2595
> #9  0x0000555555ea942f in arm_mdcr_el2_eff (env=0x555557bc8190) at
> ../../target/arm/internals.h:1512
> 
> We might call pmu_counter_enabled() on an M-profile CPU (for example
> from the migration pre/post hooks in machine.c); this should always
> return false because these CPUs don't set ARM_FEATURE_PMU.
> 
> Avoid the assertion by not calling arm_mdcr_el2_eff() before we
> have done the early return for "PMU not present".
> 
> This fixes an assertion failure if you try to do a loadvm or
> savevm for an M-profile board.
> 
> Cc:qemu-stable@nongnu.org
> Resolves:https://gitlab.com/qemu-project/qemu/-/issues/2155
> Signed-off-by: Peter Maydell<peter.maydell@linaro.org>
> ---
>   target/arm/helper.c | 12 ++++++++++--
>   1 file changed, 10 insertions(+), 2 deletions(-)

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

r~


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2024-02-10 17:46 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-02-08 15:33 [PATCH] target/arm: Don't get MDCR_EL2 in pmu_counter_enabled() before checking ARM_FEATURE_PMU Peter Maydell
2024-02-08 17:45 ` Philippe Mathieu-Daudé
2024-02-10 17:45 ` Richard Henderson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).