Re: [PATCH 0/2] Fix probe_pages and vext_ldff issues

[Michael Tokarev <mjt@tls.msk.ru>]

On 18.03.2026 04:38, Max Chou wrote:
> This patchset fixes following issues in the RISC-V vector
> fault-only-first load implementation and the probe_pages helper
> function.
> 
> 1. probe_pages flag handling:
>     When probing memory spanning two pages, probe_pages calls
>     probe_access_flags twice. The flags from the second page were
>     overwriting the first page's flags instead of being merged, causing
>     watchpoint and other TLB attributes to be lost.
> 
> 2. vext_ldff cross-page logic:
>     The manual two-phase probing in vext_ldff had three issues:
>     a) Wrong condition: checked "env->vl > elems" instead of
>        "env->vl > elems + env->vstart", missing the vstart offset
>     b) Wrong address: used "addr + (elems << log2_esz)" instead of
>        "addr + page_split", probing incorrect addresses for segment
>        loads (nf > 1)
>     c) Wrong size: used "elems * msize" (first page size) instead of
>        calculating remaining size, potentially missing faults
> 
> 
> Patch 1 fixes the probe_pages helper to properly merge flags from both
> pages.
> 
> Patch 2 fixes vext_ldff by replacing the buggy manual cross-page logic
> by a single probe_pages call with the correct total size. This
> leverages the infrastructure that probe_pages already provides for
> handling cross-page accesses automatically.
> 
> rnax

This feels like a qemu-stable material but I'm not sure about that.

Please let me know if these fixes should be picked up for the current
stable releases of qemu, especially for 10.0.x series which is currently
an LTS series.

Thanks,

/mjt