Re: [PULL 10/16] target/i386: implement TSS trap bit

[Thomas Huth <thuth@redhat.com>]

On 10/09/2025 10.01, Mark Cave-Ayland wrote:
> On 10/09/2025 06:50, Thomas Huth wrote:
> 
>> On 12/05/2025 21.05, Paolo Bonzini wrote:
>>> Now that we can do so after the error code has been pushed, raising
>>> the #DB exception for task-switch traps is trivial.
>>>
>>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>>> ---
>>>   target/i386/tcg/seg_helper.c | 9 +++++----
>>>   1 file changed, 5 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
>>> index cb90ccd2adc..071f3fbd83d 100644
>>> --- a/target/i386/tcg/seg_helper.c
>>> +++ b/target/i386/tcg/seg_helper.c
>>> @@ -473,10 +473,6 @@ static void switch_tss_ra(CPUX86State *env, int 
>>> tss_selector,
>>>           new_segs[R_GS] = 0;
>>>           new_trap = 0;
>>>       }
>>> -    /* XXX: avoid a compiler warning, see
>>> -     https://urldefense.proofpoint.com/v2/url? 
>>> u=http-3A__support.amd.com_us_Processor-5FTechDocs_24593.pdf&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=Lx1uoh3Mv7iduPgFcshKa1nly0lcsCF6Z1G0neDOxQ4&e= -     chapters 12.2.5 and 13.2.4 on how to implement TSS Trap bit */
>>> -    (void)new_trap;
>>>       /* clear busy bit (it is restartable) */
>>>       if (source == SWITCH_TSS_JMP || source == SWITCH_TSS_IRET) {
>>> @@ -622,6 +618,11 @@ static void switch_tss_ra(CPUX86State *env, int 
>>> tss_selector,
>>>           }
>>>           SET_ESP(sa.sp, sa.sp_mask);
>>>       }
>>> +
>>> +    if (new_trap) {
>>> +        env->dr[6] |= DR6_BT;
>>> +        raise_exception_ra(env, EXCP01_DB, retaddr);
>>> +    }
>>>   }
>>
>>   Hi Paolo,
>>
>> as already quickly mentioned in IRC, the kvm-unit-tests CI had a 
>> regression after homebrew updated its QEMU from 10.0 to 10.1, the 
>> "eventinj" and the "taskwitch" test started failing:
>>
>> 10.0:  https://urldefense.proofpoint.com/v2/url? 
>> u=https-3A__gitlab.com_kvm-2Dunit-2Dtests_kvm-2Dunit-2Dtests_-2D_jobs_10871048973&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=2-qwz0tlJsb4ChkM4ZqunWv6Bmf3Zri5BDO1guawTyc&e= 10.1:  https://urldefense.proofpoint.com/v2/url?u=https-3A__gitlab.com_kvm-2Dunit-2Dtests_kvm-2Dunit-2Dtests_-2D_jobs_11282832498&d=DwICaQ&c=s883GpUCOChKOHiocYtGcg&r=c23RpsaH4D2MKyD3EPJTDa0BAxz6tV8aUJqVSoytEiY&m=ne1e2OYZDArdmBhjIXmv-d6hN8DFQV2i9elKEJJ2rgw_Rjs4bbFAj9BI-B8Y8SUa&s=U7Y_mIKPuJtmnCc5eDadnSt1qVAWtKHPBqnXRrPcG1s&e=
>> I've now bisected the problem (painfully in the terminal window of the 
>> cirrus-ci), and it seems to be this commit here that is causing the issue:
>>
>>   ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5 is the first bad commit
>>   commit ad441b8b7913a26b18edbc076c74ca0cdbfa4ee5
>>   Author: Paolo Bonzini <pbonzini@redhat.com>
>>   Date:   Wed Aug 14 12:33:02 2024 +0200
>>
>>       target/i386: implement TSS trap bit
>>
>> Could you please have a look?
>>
>>   Thanks,
>>    Thomas
> 
> Possibly related: https://gitlab.com/qemu-project/qemu/-/issues/3101? The 
> submitter has also provided a suggested patch.

Well spotted! I can confirm that that patch fixes the problem with the 
kvm-unit-tests, too!

  Thomas