[Qemu-devel] [PATCH 12/20] target/openrisc: Fix tlb flushing in mtspr

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 12/20] target/openrisc: Fix tlb flushing in mtspr

From:	Richard Henderson
Subject:	[Qemu-devel] [PATCH 12/20] target/openrisc: Fix tlb flushing in mtspr
Date:	Sun, 27 May 2018 09:13:16 -0500

The previous code was confused, avoiding the flush of the old entry
if the new entry is invalid.  We need to flush the old page if the
old entry is valid and the new page if the new entry is valid.

This bug was masked by over-flushing elsewhere.

Signed-off-by: Richard Henderson <address@hidden>
---
 target/openrisc/sys_helper.c | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/target/openrisc/sys_helper.c b/target/openrisc/sys_helper.c
index 8ad7a7d898..e00aaa332e 100644
--- a/target/openrisc/sys_helper.c
+++ b/target/openrisc/sys_helper.c
@@ -32,6 +32,7 @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, 
target_ulong rb)
 #ifndef CONFIG_USER_ONLY
     OpenRISCCPU *cpu = openrisc_env_get_cpu(env);
     CPUState *cs = CPU(cpu);
+    target_ulong mr;
     int idx;
 
     switch (spr) {
@@ -84,12 +85,15 @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, 
target_ulong rb)
 
     case TO_SPR(1, 512) ... TO_SPR(1, 512+DTLB_SIZE-1): /* DTLBW0MR 0-127 */
         idx = spr - TO_SPR(1, 512);
-        if (!(rb & 1)) {
-            tlb_flush_page(cs, env->tlb.dtlb[idx].mr & TARGET_PAGE_MASK);
+        mr = env->tlb.dtlb[idx].mr;
+        if (mr & 1) {
+            tlb_flush_page(cs, mr & TARGET_PAGE_MASK);
+        }
+        if (rb & 1) {
+            tlb_flush_page(cs, rb & TARGET_PAGE_MASK);
         }
         env->tlb.dtlb[idx].mr = rb;
         break;
-
     case TO_SPR(1, 640) ... TO_SPR(1, 640+DTLB_SIZE-1): /* DTLBW0TR 0-127 */
         idx = spr - TO_SPR(1, 640);
         env->tlb.dtlb[idx].tr = rb;
@@ -101,14 +105,18 @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong 
spr, target_ulong rb)
     case TO_SPR(1, 1280) ... TO_SPR(1, 1407): /* DTLBW3MR 0-127 */
     case TO_SPR(1, 1408) ... TO_SPR(1, 1535): /* DTLBW3TR 0-127 */
         break;
+
     case TO_SPR(2, 512) ... TO_SPR(2, 512+ITLB_SIZE-1):   /* ITLBW0MR 0-127 */
         idx = spr - TO_SPR(2, 512);
-        if (!(rb & 1)) {
-            tlb_flush_page(cs, env->tlb.itlb[idx].mr & TARGET_PAGE_MASK);
+        mr = env->tlb.itlb[idx].mr;
+        if (mr & 1) {
+            tlb_flush_page(cs, mr & TARGET_PAGE_MASK);
+        }
+        if (rb & 1) {
+            tlb_flush_page(cs, rb & TARGET_PAGE_MASK);
         }
         env->tlb.itlb[idx].mr = rb;
         break;
-
     case TO_SPR(2, 640) ... TO_SPR(2, 640+ITLB_SIZE-1): /* ITLBW0TR 0-127 */
         idx = spr - TO_SPR(2, 640);
         env->tlb.itlb[idx].tr = rb;
@@ -120,6 +128,7 @@ void HELPER(mtspr)(CPUOpenRISCState *env, target_ulong spr, 
target_ulong rb)
     case TO_SPR(2, 1280) ... TO_SPR(2, 1407): /* ITLBW3MR 0-127 */
     case TO_SPR(2, 1408) ... TO_SPR(2, 1535): /* ITLBW3TR 0-127 */
         break;
+
     case TO_SPR(5, 1):  /* MACLO */
         env->mac = deposit64(env->mac, 0, 32, rb);
         break;
-- 
2.17.0

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 04/20] target/openrisc: Link more translation blocks, (continued)
- [Qemu-devel] [PATCH 04/20] target/openrisc: Link more translation blocks, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 08/20] target/openrisc: Merge tlb allocation into CPUOpenRISCState, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 10/20] target/openrisc: Merge mmu_helper.c into mmu.c, Richard Henderson, 2018/05/27
  - Re: [Qemu-devel] [PATCH 10/20] target/openrisc: Merge mmu_helper.c into mmu.c, Philippe Mathieu-Daudé, 2018/05/27
- [Qemu-devel] [PATCH 06/20] target/openrisc: Exit the TB after l.mtspr, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 07/20] target/openrisc: Form the spr index from tcg, Richard Henderson, 2018/05/27
  - Re: [Qemu-devel] [PATCH 07/20] target/openrisc: Form the spr index from tcg, Philippe Mathieu-Daudé, 2018/05/27
- [Qemu-devel] [PATCH 09/20] target/openrisc: Remove indirect function calls for mmu, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 11/20] target/openrisc: Reduce tlb to a single dimension, Richard Henderson, 2018/05/27
  - Re: [Qemu-devel] [PATCH 11/20] target/openrisc: Reduce tlb to a single dimension, Philippe Mathieu-Daudé, 2018/05/27
- [Qemu-devel] [PATCH 12/20] target/openrisc: Fix tlb flushing in mtspr, Richard Henderson <=
- [Qemu-devel] [PATCH 13/20] target/openrisc: Fix cpu_mmu_index, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 14/20] target/openrisc: Use identical sizes for ITLB and DTLB, Richard Henderson, 2018/05/27
  - Re: [Qemu-devel] [PATCH 14/20] target/openrisc: Use identical sizes for ITLB and DTLB, Philippe Mathieu-Daudé, 2018/05/27
- [Qemu-devel] [PATCH 15/20] target/openrisc: Stub out handle_mmu_fault for softmmu, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 16/20] target/openrisc: Log interrupts, Richard Henderson, 2018/05/27
  - Re: [Qemu-devel] [PATCH 16/20] target/openrisc: Log interrupts, Philippe Mathieu-Daudé, 2018/05/27
- [Qemu-devel] [PATCH 17/20] target/openrisc: Increase the TLB size, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 18/20] target/openrisc: Reorg tlb lookup, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 20/20] target/or1k: Add support in scripts/qemu-binfmt-conf.sh, Richard Henderson, 2018/05/27
- [Qemu-devel] [PATCH 19/20] target/openrisc: Add print_insn_or1k, Richard Henderson, 2018/05/27

Prev by Date: [Qemu-devel] [PATCH 11/20] target/openrisc: Reduce tlb to a single dimension
Next by Date: [Qemu-devel] [PATCH 13/20] target/openrisc: Fix cpu_mmu_index
Previous by thread: Re: [Qemu-devel] [PATCH 11/20] target/openrisc: Reduce tlb to a single dimension
Next by thread: [Qemu-devel] [PATCH 13/20] target/openrisc: Fix cpu_mmu_index
Index(es):
- Date
- Thread