Re: [PATCH v2 00/48] tcg patch queue

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Richard Henderson <richard.henderson@linaro.org>
To: Bastian Koppelmann <kbastian@mail.uni-paderborn.de>,
	Stefan Hajnoczi <stefanha@gmail.com>, "anjo@rev.ng" <anjo@rev.ng>
Cc: qemu-devel@nongnu.org
Subject: Re: [PATCH v2 00/48] tcg patch queue
Date: Tue, 29 Aug 2023 11:26:48 -0700	[thread overview]
Message-ID: <dad30d57-1afa-c034-b85d-b0f4391abf45@linaro.org> (raw)
In-Reply-To: <zk2esxk4l3okthx5hg3egzvgsfp5e5jugsfstmenia5vcygym4@m4ui2pj7h4pv>

On 8/28/23 23:17, Bastian Koppelmann wrote:
>> I'm seeing a segfault in "make docker-test-tcg@debian-tricore-cross"
>> after this pull request.
> 
> git bisect points to:
> 
> commit fc15bfb6a6bda8d4d01f1383579d385acae17c0f
> Author: Anton Johansson <anjo@rev.ng>
> Date:   Mon Aug 7 17:57:03 2023 +0200
> 
>      include/exec: typedef abi_ptr to vaddr in softmmu
> 
>      In system mode, abi_ptr is primarily used for representing addresses
>      when accessing guest memory with cpu_[st|ld]*(). Widening it from
>      target_ulong to vaddr reduces the target dependence of these functions
>      and is step towards building accel/ once for system mode.
> 
>      Signed-off-by: Anton Johansson <anjo@rev.ng>
>      Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
>      Message-Id: <20230807155706.9580-7-anjo@rev.ng>
>      Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> 
> diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
> index da10ba1433..f3ce4eb1d0 100644
> --- a/include/exec/cpu_ldst.h
> +++ b/include/exec/cpu_ldst.h
> @@ -121,8 +121,8 @@ static inline bool guest_range_valid_untagged(abi_ulong start, abi_ulong len)
>       h2g_nocheck(x); \
>   })
>   #else
> -typedef target_ulong abi_ptr;
> -#define TARGET_ABI_FMT_ptr TARGET_FMT_lx
> +typedef vaddr abi_ptr;
> +#define TARGET_ABI_FMT_ptr "%016" VADDR_PRIx
>   #endif
> 
> 
> Changeing typedef vaddr abi_ptr back to target_ulong fixes it.
> 
> The faulting TriCore insn is OPC1_32_BOL_ST_W_LONGOFF, that tries to write to
> guest addr 0xd0000124, which is in a valid memory region.

Right.  The traceback is

#6  0x000055555582c511 in mmu_lookup
     (env=0x555555e98ee0, addr=18446744072904253376, oi=32, ra=0, type=MMU_DATA_STORE, 
l=0x7ffff1888cc0) at ../src/accel/tcg/cputlb.c:1828
#7  0x000055555582f531 in do_st4_mmu
     (env=0x555555e98ee0, addr=18446744072904253376, val=0, oi=32, ra=0)
     at ../src/accel/tcg/cputlb.c:2991
#8  0x000055555582fe59 in cpu_stl_mmu
     (env=0x555555e98ee0, addr=18446744072904253376, val=0, oi=32, retaddr=0)
     at ../src/accel/tcg/cputlb.c:3138
#9  0x000055555583041d in cpu_stl_le_mmuidx_ra
     (env=0x555555e98ee0, addr=18446744072904253376, val=0, mmu_idx=0, ra=0)
     at ../src/accel/tcg/ldst_common.c.inc:118
#10 0x00005555558308b5 in cpu_stl_le_data_ra
     (env=0x555555e98ee0, addr=18446744072904253376, val=0, ra=0)
     at ../src/accel/tcg/ldst_common.c.inc:213
#11 0x0000555555830bf2 in cpu_stl_le_data
     (env=0x555555e98ee0, addr=18446744072904253376, val=0)
     at ../src/accel/tcg/ldst_common.c.inc:301
#12 0x00005555557a2ce2 in save_context_upper
     (env=0x555555e98ee0, ea=-805298240)
     at ../src/target/tricore/op_helper.c:2400
#13 0x00005555557a35ee in helper_call (env=0x555555e98ee0, next_pc=2147484092)
     at ../src/target/tricore/op_helper.c:2519

With

     void save_context_upper(CPUTriCoreState *env, int ea)

providing the signed address variable, which gets extended to 64-bits with the change to 
abi_ptr instead of converted to unsigned 32-bits in cpu_stl_le_data.

For the short-term, let's revert this patch.


r~

     prev parent reply	other threads:[~2023-08-29 23:23 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-24 18:28 [PATCH v2 00/48] tcg patch queue Richard Henderson
2023-08-24 18:54 ` [PULL " Richard Henderson
2023-08-28 21:14 ` [PATCH " Stefan Hajnoczi
2023-08-28 22:52 ` Stefan Hajnoczi
2023-08-29  6:17   ` Bastian Koppelmann
2023-08-29 18:26     ` Richard Henderson [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=dad30d57-1afa-c034-b85d-b0f4391abf45@linaro.org \
    --to=richard.henderson@linaro.org \
    --cc=anjo@rev.ng \
    --cc=kbastian@mail.uni-paderborn.de \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanha@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).