Re: [PATCH] accel/tcg: Fix atomic_mmu_lookup vs TLB_FORCE_SLOW

Mon, 26 May 2025 11:14:24 -0700 

On 24/5/25 16:40, Richard Henderson wrote:

When we moved TLB_MMIO and TLB_DISCARD_WRITE to TLB_SLOW_FLAGS_MASK,
we failed to update atomic_mmu_lookup to properly reconstruct flags.

Fixes: 24b5e0fdb543 ("include/exec: Move TLB_MMIO, TLB_DISCARD_WRITE to slow 
flags")


Cc'ing Pierrick


Reported-by: Jonathan Cameron <jonathan.came...@huawei.com>
Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
---
  accel/tcg/cputlb.c | 15 ++++++++-------
  1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 5f6d7c601c..86d0deb08c 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1871,8 +1871,12 @@ static void *atomic_mmu_lookup(CPUState *cpu, vaddr 
addr, MemOpIdx oi,
          goto stop_the_world;
      }
- /* Collect tlb flags for read. */ 
+    /* Finish collecting tlb flags for both read and write. */
+    full = &cpu->neg.tlb.d[mmu_idx].fulltlb[index];
      tlb_addr |= tlbe->addr_read;
+    tlb_addr &= TLB_FLAGS_MASK & ~TLB_FORCE_SLOW;
+    tlb_addr |= full->slow_flags[MMU_DATA_STORE];
+    tlb_addr |= full->slow_flags[MMU_DATA_LOAD];
/* Notice an IO access or a needs-MMU-lookup access */ 
      if (unlikely(tlb_addr & (TLB_MMIO | TLB_DISCARD_WRITE))) {
@@ -1882,13 +1886,12 @@ static void *atomic_mmu_lookup(CPUState *cpu, vaddr 
addr, MemOpIdx oi,
      }
hostaddr = (void *)((uintptr_t)addr + tlbe->addend); 
-    full = &cpu->neg.tlb.d[mmu_idx].fulltlb[index];
if (unlikely(tlb_addr & TLB_NOTDIRTY)) { 
          notdirty_write(cpu, addr, size, full, retaddr);
      }
- if (unlikely(tlb_addr & TLB_FORCE_SLOW)) { 
+    if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
          int wp_flags = 0;
if (full->slow_flags[MMU_DATA_STORE] & TLB_WATCHPOINT) { 
@@ -1897,10 +1900,8 @@ static void *atomic_mmu_lookup(CPUState *cpu, vaddr 
addr, MemOpIdx oi,
          if (full->slow_flags[MMU_DATA_LOAD] & TLB_WATCHPOINT) {
              wp_flags |= BP_MEM_READ;
          }
-        if (wp_flags) {
-            cpu_check_watchpoint(cpu, addr, size,
-                                 full->attrs, wp_flags, retaddr);
-        }
+        cpu_check_watchpoint(cpu, addr, size,
+                             full->attrs, wp_flags, retaddr);
      }
return hostaddr; 

Patch LGTM but this is outside my comfort zone, so better wait for
a second review ;)

Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>

Reply via email to