On 5/9/19 6:35 AM, Peter Maydell wrote:
>> + if (probe) {
>> + return false;
>> + }
>> +
>> + if (env->mmuregs[3]) { /* Fault status register */
>> + env->mmuregs[3] = 1; /* overflow (not read before another fault) */
>> + }
>> + env->mmuregs[3] |= (access_index << 5) | error_code | 2;
>> + env->mmuregs[4] = address; /* Fault address register */
>> +
>> + if (access_type == MMU_INST_FETCH) {
>> + cs->exception_index = TT_TFAULT;
>> + } else {
>> + cs->exception_index = TT_DFAULT;
>> + }
>> + cpu_loop_exit_restore(cs, retaddr);
>> }
>
> ...but in the new code we only set them if we're really
> going to fault.
Yes, I made change assuming that would allow probe to work, which would seem to
require that the FSR not be modified.
> The v8 SPARC architecture manual appending H says that
> when the NF bit is 1 faults detected by the MMU cause
> FSR and FAR to be updated even though no fault is generated
> to the processor. So I think the change here is not correct.
>
> (The spec also says that ASI 9 is supposed to be special and
> not affected by NF==1; and I think that since we put entries in
> the TLB for the NF case we won't correctly set the fault address
> register if the CPU makes two successive accesses to the same
> page, because the second access won't take the slow path and
> won't update the FAR. But those are pre-existing bugs.)
Thanks for the pointers. They do look like pre-existing bugs.
I think the only thing to do for sparc is the same as i386 -- assert that probe
is unset. If someone ever decides to use tlb_vaddr_to_host from the sparc
backend, they'll have to come back and untangle this.
r~
