1. Patchew
  2. QEMU
  3. View series

[PATCH] tcg/aarch64: Fix patching of LDR in tb_target_set_jmp_target

Richard Henderson posted 1 patch 1 month, 3 weeks ago 
tcg/aarch64/tcg-target.c.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] tcg/aarch64: Fix patching of LDR in tb_target_set_jmp_target
Posted by Richard Henderson 1 month, 3 weeks ago 
'offset' should be bits [23:5] of LDR instruction, rather than [4:0].

Fixes: d59d83a1c388 ("tcg/aarch64: Reorg goto_tb implementation")
Reported-by: Zenghui Yu <yuzenghui@huawei.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 tcg/aarch64/tcg-target.c.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tcg/aarch64/tcg-target.c.inc b/tcg/aarch64/tcg-target.c.inc
index fde3b30ad1..a091326f84 100644
--- a/tcg/aarch64/tcg-target.c.inc
+++ b/tcg/aarch64/tcg-target.c.inc
@@ -1914,7 +1914,7 @@ void tb_target_set_jmp_target(const TranslationBlock *tb, int n,
         ptrdiff_t i_offset = i_addr - jmp_rx;
 
         /* Note that we asserted this in range in tcg_out_goto_tb. */
-        insn = deposit32(I3305_LDR | TCG_REG_TMP, 0, 5, i_offset >> 2);
+        insn = deposit32(I3305_LDR | TCG_REG_TMP, 5, 19, i_offset >> 2);
     }
     qatomic_set((uint32_t *)jmp_rw, insn);
     flush_idcache_range(jmp_rx, jmp_rw, 4);
-- 
2.34.1
Re: [PATCH] tcg/aarch64: Fix patching of LDR in tb_target_set_jmp_target
Posted by Zenghui Yu via 1 month, 3 weeks ago 
On 2023/2/4 1:18, Richard Henderson wrote:
> 'offset' should be bits [23:5] of LDR instruction, rather than [4:0].
> 
> Fixes: d59d83a1c388 ("tcg/aarch64: Reorg goto_tb implementation")
> Reported-by: Zenghui Yu <yuzenghui@huawei.com>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>  tcg/aarch64/tcg-target.c.inc | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tcg/aarch64/tcg-target.c.inc b/tcg/aarch64/tcg-target.c.inc
> index fde3b30ad1..a091326f84 100644
> --- a/tcg/aarch64/tcg-target.c.inc
> +++ b/tcg/aarch64/tcg-target.c.inc
> @@ -1914,7 +1914,7 @@ void tb_target_set_jmp_target(const TranslationBlock *tb, int n,
>          ptrdiff_t i_offset = i_addr - jmp_rx;
>  
>          /* Note that we asserted this in range in tcg_out_goto_tb. */
> -        insn = deposit32(I3305_LDR | TCG_REG_TMP, 0, 5, i_offset >> 2);
> +        insn = deposit32(I3305_LDR | TCG_REG_TMP, 5, 19, i_offset >> 2);
>      }
>      qatomic_set((uint32_t *)jmp_rw, insn);
>      flush_idcache_range(jmp_rx, jmp_rw, 4);

Reviewed-by: Zenghui Yu <yuzenghui@huawei.com>

Thanks!
Re: [PATCH] tcg/aarch64: Fix patching of LDR in tb_target_set_jmp_target
Posted by Philippe Mathieu-Daudé 1 month, 3 weeks ago 
On 3/2/23 18:18, Richard Henderson wrote:
> 'offset' should be bits [23:5] of LDR instruction, rather than [4:0].
> 
> Fixes: d59d83a1c388 ("tcg/aarch64: Reorg goto_tb implementation")
> Reported-by: Zenghui Yu <yuzenghui@huawei.com>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>   tcg/aarch64/tcg-target.c.inc | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)

Is it worth Cc'ing qemu-stable@ ?
Re: [PATCH] tcg/aarch64: Fix patching of LDR in tb_target_set_jmp_target
Posted by Richard Henderson 1 month, 3 weeks ago 
On 2/3/23 07:25, Philippe Mathieu-Daudé wrote:
> On 3/2/23 18:18, Richard Henderson wrote:
>> 'offset' should be bits [23:5] of LDR instruction, rather than [4:0].
>>
>> Fixes: d59d83a1c388 ("tcg/aarch64: Reorg goto_tb implementation")
>> Reported-by: Zenghui Yu <yuzenghui@huawei.com>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>> ---
>>   tcg/aarch64/tcg-target.c.inc | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> Is it worth Cc'ing qemu-stable@ ?
> 

The patch being fixed is not in v7.2.


r~

Patchew 2.1-devel-8c64711

© 2016 - 2023 Red Hat, Inc.