From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9664BCCF9E3 for ; Mon, 10 Nov 2025 16:01:49 +0000 (UTC) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vIUKS-0008OX-Ab; Mon, 10 Nov 2025 11:01:16 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vIUKL-0008Gf-3B for qemu-devel@nongnu.org; Mon, 10 Nov 2025 11:01:10 -0500 Received: from hognose1.porkbun.com ([35.82.102.206]) by eggs.gnu.org with esmtps (TLS1.0:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1vIUKH-0003Lg-I5 for qemu-devel@nongnu.org; Mon, 10 Nov 2025 11:01:08 -0500 Received: from [192.168.1.4] (unknown [117.133.64.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: c@jia.je) by hognose1.porkbun.com (Postfix) with ESMTPSA id C8F33459DF; Mon, 10 Nov 2025 16:00:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jia.je; s=default; t=1762790453; bh=YPcN6OmI9H/Th0Em+ryYlKFOXrNSrN4UY39LvRIARhI=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=ke+YcOMLW1gSXjmE0Tv0j/qGb5qCFN84Yx7m251jByw7e4XNXHKF1BjfJvb515EVP 5aGgdzrv7mWbNURgTeCF9zoBxK+9yQK5yjIcPuDdoFpUIOqUhdSdMAyweIGaBWwUqs BeEtMIzmXinS7rn7fGqQ4DojUCvroAYZFsU2NaXg= Content-Type: multipart/alternative; boundary="------------OVwiMiIR0z3BuTgw6a09OEQs" Message-ID: Date: Tue, 11 Nov 2025 00:00:43 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 0/5] Add LoongArch v1.1 instructions To: gaosong , Richard Henderson , qemu-devel@nongnu.org Cc: git@xen0n.name, bibo mao References: <20231023153029.269211-2-c@jia.je> <1af667c0-f1ba-4538-9aec-8232397dd3c5@jia.je> <70260625-5981-40f3-a189-afddac2a6dfa@linaro.org> <062ee798-c112-46d4-82b8-983e85ffe2ed@jia.je> <6482c6cf-1f4b-a7b9-d106-4c687360e810@loongson.cn> <603b8709-4288-4268-abd4-642366b0b7e2@jia.je> <798c78df-cc9d-78dd-5bbd-0de2ead0eb1f@loongson.cn> <5cffe61f-6aac-4765-a39b-68f1c90daa09@jia.je> <4f03d60c-cea4-4576-be1f-758c46706087@jia.je> Content-Language: en-US From: Jiajie Chen In-Reply-To: Received-SPF: pass client-ip=35.82.102.206; envelope-from=c@jia.je; helo=hognose1.porkbun.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org This is a multi-part message in MIME format. --------------OVwiMiIR0z3BuTgw6a09OEQs Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Reply below. On 2025/11/10 11:42, gaosong wrote: > 在 2023/10/31 下午7:10, Jiajie Chen 写道: >> >> On 2023/10/31 19:06, gaosong wrote: >>> 在 2023/10/31 下午5:13, Jiajie Chen 写道: >>>> >>>> On 2023/10/31 17:11, gaosong wrote: >>>>> 在 2023/10/30 下午7:54, Jiajie Chen 写道: >>>>>> >>>>>> On 2023/10/30 16:23, gaosong wrote: >>>>>>> 在 2023/10/28 下午9:09, Jiajie Chen 写道: >>>>>>>> >>>>>>>> On 2023/10/26 14:54, gaosong wrote: >>>>>>>>> 在 2023/10/26 上午9:38, Jiajie Chen 写道: >>>>>>>>>> >>>>>>>>>> On 2023/10/26 03:04, Richard Henderson wrote: >>>>>>>>>>> On 10/25/23 10:13, Jiajie Chen wrote: >>>>>>>>>>>>> On 2023/10/24 07:26, Richard Henderson wrote: >>>>>>>>>>>>>> See target/arm/tcg/translate-a64.c, gen_store_exclusive, >>>>>>>>>>>>>> TCGv_i128 block. >>>>>>>>>>>>>> See target/ppc/translate.c, gen_stqcx_. >>>>>>>>>>>>> >>>>>>>>>>>>> The situation here is slightly different: aarch64 and >>>>>>>>>>>>> ppc64 have both 128-bit ll and sc, however LoongArch v1.1 >>>>>>>>>>>>> only has 64-bit ll and 128-bit sc. >>>>>>>>>>> >>>>>>>>>>> Ah, that does complicate things. >>>>>>>>>>> >>>>>>>>>>>> Possibly use the combination of ll.d and ld.d: >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> ll.d lo, base, 0 >>>>>>>>>>>> ld.d hi, base, 4 >>>>>>>>>>>> >>>>>>>>>>>> # do some computation >>>>>>>>>>>> >>>>>>>>>>>> sc.q lo, hi, base >>>>>>>>>>>> >>>>>>>>>>>> # try again if sc failed >>>>>>>>>>>> >>>>>>>>>>>> Then a possible implementation of gen_ll() would be: align >>>>>>>>>>>> base to 128-bit boundary, read 128-bit from memory, save >>>>>>>>>>>> 64-bit part to rd and record whole 128-bit data in llval. >>>>>>>>>>>> Then, in gen_sc_q(), it uses a 128-bit cmpxchg. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> But what about the reversed instruction pattern: ll.d hi, >>>>>>>>>>>> base, 4; ld.d lo, base 0? >>>>>>>>>>> >>>>>>>>>>> It would be worth asking your hardware engineers about the >>>>>>>>>>> bounds of legal behaviour. Ideally there would be some very >>>>>>>>>>> explicit language, similar to >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> I'm a community developer not affiliated with Loongson. Song >>>>>>>>>> Gao, could you provide some detail from Loongson Inc.? >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> ll.d   r1, base, 0 >>>>>>>>> dbar 0x700          ==> see 2.2.8.1 >>>>>>>>> ld.d  r2, base,  8 >>>>>>>>> ... >>>>>>>>> sc.q r1, r2, base >>>>>>>> >>>>>>>> >>>>>>>> Thanks! I think we may need to detect the ll.d-dbar-ld.d >>>>>>>> sequence and translate the sequence into one >>>>>>>> tcg_gen_qemu_ld_i128 and split the result into two 64-bit >>>>>>>> parts. Can do this in QEMU? >>>>>>>> >>>>>>>> >>>>>>> Oh, I'm not sure. >>>>>>> >>>>>>> I think we just need to implement sc.q. We don't need to care >>>>>>> about 'll.d-dbar-ld.d'. It's just like 'll.q'. >>>>>>> It needs the user to ensure that . >>>>>>> >>>>>>> ll.q' is >>>>>>> 1) ll.d r1 base, 0 ==> set LLbit, load the low 64 bits into r1 >>>>>>> 2) dbar 0x700  >>>>>>> 3) ld.d r2 base, 8 ==> load the high 64 bits to r2 >>>>>>> >>>>>>> sc.q needs to >>>>>>> 1) Use 64-bit cmpxchg. >>>>>>> 2) Write 128 bits to memory. >>>>>> >>>>>> Consider the following code: >>>>>> >>>>>> >>>>>> ll.d r1, base, 0 >>>>>> >>>>>> dbar 0x700 >>>>>> >>>>>> ld.d r2, base, 8 >>>>>> >>>>>> addi.d r2, r2, 1 >>>>>> >>>>>> sc.q r1, r2, base >>>>>> >>>>>> >>>>>> We translate them into native code: >>>>>> >>>>>> >>>>>> ld.d r1, base, 0 >>>>>> >>>>>> mv LLbit, 1 >>>>>> >>>>>> mv LLaddr, base >>>>>> >>>>>> mv LLval, r1 >>>>>> >>>>>> dbar 0x700 >>>>>> >>>>>> ld.d r2, base, 8 >>>>>> >>>>>> addi.d r2, r2, 1 >>>>>> >>>>>> if (LLbit == 1 && LLaddr == base) { >>>>>> >>>>>>     cmpxchg addr=base compare=LLval new=r1 >>>>>> >>>>>>     128-bit write {r2, r1} to base if cmpxchg succeeded >>>>>> >>>>>> } >>>>>> >>>>>> set r1 if sc.q succeeded >>>>>> >>>>>> >>>>>> >>>>>> If the memory content of base+8 has changed between ld.d r2 and >>>>>> addi.d r2, the atomicity is not guaranteed, i.e. only the high >>>>>> part has changed, the low part hasn't. >>>>>> >>>>>> >>>>> Sorry,  my mistake.  need use cmpxchg_i128.   See >>>>> target/arm/tcg/translate-a64.c   gen_store_exclusive(). >>>>> >>>>> gen_scq(rd, rk, rj) >>>>> { >>>>>      ... >>>>>     TCGv_i128 t16 = tcg_temp_new_i128(); >>>>>     TCGv_i128 c16 = tcg_temp_new_i128(); >>>>>     TCGv_i64 low = tcg_temp_new_i64(); >>>>>     TCGv_i64 high= tcg_temp_new_i64(); >>>>>     TCGv_i64 temp = tcg_temp_new_i64(); >>>>> >>>>>     tcg_gen_concat_i64_i128(t16, cpu_gpr[rd], cpu_gpr[rk])); >>>>> >>>>>     tcg_gen_qemu_ld(low, cpu_lladdr, ctx->mem_idx, MO_TEUQ); >>>>>     tcg_gen_addi_tl(temp, cpu_lladdr, 8); >>>>>     tcg_gen_mb(TCG_BAR_SC | TCG_MO_LD_LD); >>>>>     tcg_gen_qemu_ld(high, temp, ctx->mem_idx, MO_TEUQ); >>>> >>>> >>>> The problem is that, the high value read here might not equal to >>>> the previously read one in ll.d r2, base 8 instruction. >>> I think dbar 0x7000 ensures that the 2 loads in 'll.q' are a 128bit >>> atomic operation. >> >> >> The code does work in real LoongArch machine. However, we are >> emulating LoongArch in qemu, we have to make it atomic, yet it isn't >> now. >> >> > Hi, jiajie > > Could you help refresh this series ? > > Thanks. > Song Gao I am busy with my research these days, until around mid December. After that I may try to implement following idea: https://developer.arm.com/documentation/ddi0487/latest/ B2.9.5 Load-Exclusive and Store-Exclusive instruction usage restrictions But you could do the same thing, aligning and recording the entire 128-bit quantity, then extract the ll.d result based on address bit 6. This would complicate the implementation of sc.d as well, but would perhaps bring us "close enough" to the actual architecture. Note that our Arm store-exclusive implementation isn't quite in spec either.  There is quite a large comment within translate-a64.c store_exclusive() about the ways things are not quite right.  But it seems to be close enough for actual usage to succeed. r~ Best regards, Jiajie Chen >>> Thanks. >>> Song Gao >>>>> tcg_gen_concat_i64_i128(c16, low, high); >>>>> >>>>>     tcg_gen_atomic_cmpxchg_i128(t16, cpu_lladdr, c16, t16, >>>>> ctx->mem_idx, MO_128); >>>>> >>>>>     ... >>>>> } >>>>> >>>>> I am not sure this is right. >>>>> >>>>> I think Richard can give you more suggestions. @Richard >>>>> >>>>> Thanks. >>>>> Song Gao >>>>>> >>>>>>> Thanks. >>>>>>> Song Gao >>>>>>>>> >>>>>>>>> >>>>>>>>> For this series, >>>>>>>>> I think we need set the new config bits to the 'max cpu', and >>>>>>>>> change linux-user/target_elf.h ''any' to 'max', so that we can >>>>>>>>> use these new instructions on linux-user mode. >>>>>>>> >>>>>>>> I will work on it. >>>>>>>> >>>>>>>> >>>>>>>>> >>>>>>>>> Thanks >>>>>>>>> Song Gao >>>>>>>>>>> >>>>>>>>>>> https://developer.arm.com/documentation/ddi0487/latest/ >>>>>>>>>>> B2.9.5 Load-Exclusive and Store-Exclusive instruction usage >>>>>>>>>>> restrictions >>>>>>>>>>> >>>>>>>>>>> But you could do the same thing, aligning and recording the >>>>>>>>>>> entire 128-bit quantity, then extract the ll.d result based >>>>>>>>>>> on address bit 6. This would complicate the implementation >>>>>>>>>>> of sc.d as well, but would perhaps bring us "close enough" >>>>>>>>>>> to the actual architecture. >>>>>>>>>>> >>>>>>>>>>> Note that our Arm store-exclusive implementation isn't quite >>>>>>>>>>> in spec either. There is quite a large comment within >>>>>>>>>>> translate-a64.c store_exclusive() about the ways things are >>>>>>>>>>> not quite right.  But it seems to be close enough for actual >>>>>>>>>>> usage to succeed. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> r~ >>>>>>>>> >>>>>>> >>>>> >>> > --------------OVwiMiIR0z3BuTgw6a09OEQs Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit

Reply below.

On 2025/11/10 11:42, gaosong wrote:
在 2023/10/31 下午7:10, Jiajie Chen 写道:

On 2023/10/31 19:06, gaosong wrote:
在 2023/10/31 下午5:13, Jiajie Chen 写道:

On 2023/10/31 17:11, gaosong wrote:
在 2023/10/30 下午7:54, Jiajie Chen 写道:

On 2023/10/30 16:23, gaosong wrote:
在 2023/10/28 下午9:09, Jiajie Chen 写道:

On 2023/10/26 14:54, gaosong wrote:
在 2023/10/26 上午9:38, Jiajie Chen 写道:

On 2023/10/26 03:04, Richard Henderson wrote:
On 10/25/23 10:13, Jiajie Chen wrote:
On 2023/10/24 07:26, Richard Henderson wrote:
See target/arm/tcg/translate-a64.c, gen_store_exclusive, TCGv_i128 block.
See target/ppc/translate.c, gen_stqcx_.

The situation here is slightly different: aarch64 and ppc64 have both 128-bit ll and sc, however LoongArch v1.1 only has 64-bit ll and 128-bit sc.

Ah, that does complicate things.

Possibly use the combination of ll.d and ld.d:


ll.d lo, base, 0
ld.d hi, base, 4

# do some computation

sc.q lo, hi, base

# try again if sc failed

Then a possible implementation of gen_ll() would be: align base to 128-bit boundary, read 128-bit from memory, save 64-bit part to rd and record whole 128-bit data in llval. Then, in gen_sc_q(), it uses a 128-bit cmpxchg.


But what about the reversed instruction pattern: ll.d hi, base, 4; ld.d lo, base 0?

It would be worth asking your hardware engineers about the bounds of legal behaviour. Ideally there would be some very explicit language, similar to


I'm a community developer not affiliated with Loongson. Song Gao, could you provide some detail from Loongson Inc.?



ll.d   r1, base, 0
dbar 0x700          ==> see 2.2.8.1
ld.d  r2, base,  8
...
sc.q r1, r2, base


Thanks! I think we may need to detect the ll.d-dbar-ld.d sequence and translate the sequence into one tcg_gen_qemu_ld_i128 and split the result into two 64-bit parts. Can do this in QEMU?


Oh, I'm not sure.

I think we just need to implement sc.q. We don't need to care about 'll.d-dbar-ld.d'. It's just like 'll.q'.
It needs the user to ensure that .

ll.q' is
1) ll.d r1 base, 0 ==> set LLbit, load the low 64 bits into r1
2) dbar 0x700 
3) ld.d r2 base, 8 ==> load the high 64 bits to r2

sc.q needs to
1) Use 64-bit cmpxchg.
2) Write 128 bits to memory.

Consider the following code:


ll.d r1, base, 0

dbar 0x700

ld.d r2, base, 8

addi.d r2, r2, 1

sc.q r1, r2, base


We translate them into native code:


ld.d r1, base, 0

mv LLbit, 1

mv LLaddr, base

mv LLval, r1

dbar 0x700

ld.d r2, base, 8

addi.d r2, r2, 1

if (LLbit == 1 && LLaddr == base) {

    cmpxchg addr=base compare=LLval new=r1

    128-bit write {r2, r1} to base if cmpxchg succeeded

}

set r1 if sc.q succeeded



If the memory content of base+8 has changed between ld.d r2 and addi.d r2, the atomicity is not guaranteed, i.e. only the high part has changed, the low part hasn't.


Sorry,  my mistake.  need use cmpxchg_i128.   See target/arm/tcg/translate-a64.c   gen_store_exclusive().

gen_scq(rd, rk, rj)
{
     ...
    TCGv_i128 t16 = tcg_temp_new_i128();
    TCGv_i128 c16 = tcg_temp_new_i128();
    TCGv_i64 low = tcg_temp_new_i64();
    TCGv_i64 high= tcg_temp_new_i64();
    TCGv_i64 temp = tcg_temp_new_i64();

    tcg_gen_concat_i64_i128(t16, cpu_gpr[rd], cpu_gpr[rk]));

    tcg_gen_qemu_ld(low, cpu_lladdr, ctx->mem_idx, MO_TEUQ);
    tcg_gen_addi_tl(temp, cpu_lladdr, 8);
    tcg_gen_mb(TCG_BAR_SC | TCG_MO_LD_LD);
    tcg_gen_qemu_ld(high, temp, ctx->mem_idx, MO_TEUQ);


The problem is that, the high value read here might not equal to the previously read one in ll.d r2, base 8 instruction.
I think dbar 0x7000 ensures that the 2 loads in 'll.q' are a 128bit atomic operation.


The code does work in real LoongArch machine. However, we are emulating LoongArch in qemu, we have to make it atomic, yet it isn't now.


Hi, jiajie

Could you help refresh this series ?

Thanks.
Song Gao 


I am busy with my research these days, until around mid December. After that I may try to implement following idea:


https://developer.arm.com/documentation/ddi0487/latest/
B2.9.5 Load-Exclusive and Store-Exclusive instruction usage restrictions

But you could do the same thing, aligning and recording the entire 128-bit quantity, then extract the ll.d result based on address bit 6. This would complicate the implementation of sc.d as well, but would perhaps bring us "close enough" to the actual architecture.

Note that our Arm store-exclusive implementation isn't quite in spec either.  There is quite a large comment within translate-a64.c store_exclusive() about the ways things are not quite right.  But it seems to be close enough for actual usage to succeed.


r~


Best regards,

Jiajie Chen


Thanks.
Song Gao
tcg_gen_concat_i64_i128(c16, low, high);

    tcg_gen_atomic_cmpxchg_i128(t16, cpu_lladdr, c16, t16, ctx->mem_idx, MO_128);

    ...
}

I am not sure this is right.

I think Richard can give you more suggestions. @Richard

Thanks.
Song Gao

Thanks.
Song Gao


For this series,
I think we need set the new config bits to the 'max cpu', and change linux-user/target_elf.h ''any' to 'max', so that we can use these new instructions on linux-user mode.

I will work on it.



Thanks
Song Gao

https://developer.arm.com/documentation/ddi0487/latest/
B2.9.5 Load-Exclusive and Store-Exclusive instruction usage restrictions

But you could do the same thing, aligning and recording the entire 128-bit quantity, then extract the ll.d result based on address bit 6. This would complicate the implementation of sc.d as well, but would perhaps bring us "close enough" to the actual architecture.

Note that our Arm store-exclusive implementation isn't quite in spec either.  There is quite a large comment within translate-a64.c store_exclusive() about the ways things are not quite right.  But it seems to be close enough for actual usage to succeed.


r~





--------------OVwiMiIR0z3BuTgw6a09OEQs--