From: BALATON Zoltan <balaton@eik.bme.hu>
To: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Cc: Francois Revol <revol@free.fr>,
qemu-ppc@nongnu.org, qemu-devel@nongnu.org,
David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [Qemu-devel] [Qemu-ppc] BookE MMU question
Date: Sun, 20 Aug 2017 23:59:55 +0200 (CEST) [thread overview]
Message-ID: <alpine.LMD.2.02.1708202333240.3635@jedlik.phy.bme.hu> (raw)
In-Reply-To: <7f4e58b7-7e8e-4e94-8435-861af3103d1c@ilande.co.uk>
On Sun, 20 Aug 2017, Mark Cave-Ayland wrote:
> Just glancing at the code again it looks like the choice of slot is
> determined by alloc_tlb(). It seems there are 64 TLB slots stored in
> tlb_info as 2 x 32-bit bitmaps where a 1 bit indicates the slot is free
> and a 0 bit indicates the slot is in use.
>
> From alloc_tlb() you can see that it uses clz (count leading zeros) in
> order to locate the next free TLB slot in the bitmap, returning the slot
> number as an integer (tlb) which is then passed into tlbwe.
>
> So I'd suggest adding debugging to alloc_tlb() to find out why TLB slot
> 0 is being chosen again for the 0x80000000 mapping even though
> free_tlb() hasn't been called for that entry.
I've tried that but it only confirmed what I thought. This is the first
map_region call so nothing is allocated yet and it just picks the first
slot:
[KRN] i = 2, allowable_pages[i].mask = 000fffff; tlb_info ffffffff:ffffffff => 7fffffff:ffffffff
(The numbers after tlb_info are bitmap[0]:bitmap[1] before and after the
alloc_tlb() call.) So this looks OK just does not work on QEMU and I don't
know why it works on real hardware (or if it works there at all but I
assume it does).
I've also tried to change mmubooke_create_initial_mapping_uboot() in
sam460ex.c to use another TLB slot than 0 for the initial mapping hoping
it may avoid the problem but that does not work because U-Boot clears TLB
slots 1-63 so it has to be slot 0. Because of this I think it cannot be
another slot on real hardware either and it probably works due to caching
TLB entries in shadow TLB until the isync call at the end of mmu_init().
How could that be matched in QEMU?
next prev parent reply other threads:[~2017-08-20 22:08 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-18 13:48 [Qemu-devel] BookE MMU question BALATON Zoltan
2017-08-19 22:56 ` KONRAD Frederic
2017-08-19 23:19 ` [Qemu-devel] [Qemu-ppc] " BALATON Zoltan
2017-08-20 7:20 ` Mark Cave-Ayland
2017-08-20 13:35 ` BALATON Zoltan
2017-08-20 15:16 ` Mark Cave-Ayland
2017-08-20 21:59 ` BALATON Zoltan [this message]
2017-08-20 22:48 ` Mark Cave-Ayland
2017-08-20 22:57 ` BALATON Zoltan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LMD.2.02.1708202333240.3635@jedlik.phy.bme.hu \
--to=balaton@eik.bme.hu \
--cc=david@gibson.dropbear.id.au \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=qemu-devel@nongnu.org \
--cc=qemu-ppc@nongnu.org \
--cc=revol@free.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).