| Message ID | 20230329032346.55185-5-liweiwei@iscas.ac.cn (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | target/riscv: Fix pointer mask related support | expand |
On 3/28/23 20:23, Weiwei Li wrote: > static bool trans_auipc(DisasContext *ctx, arg_auipc *a) > { > - gen_set_gpri(ctx, a->rd, a->imm + ctx->base.pc_next); > + assert(ctx->pc_save != -1); > + if (tb_cflags(ctx->base.tb) & CF_PCREL) { > + TCGv target_pc = tcg_temp_new(); dest_gpr(s, a->rd) > @@ -51,26 +59,43 @@ static bool trans_jal(DisasContext *ctx, arg_jal *a) > static bool trans_jalr(DisasContext *ctx, arg_jalr *a) > { > TCGLabel *misaligned = NULL; > + TCGv succ_pc = tcg_temp_new(); succ_pc can by null for !CF_PCREL... > + TCGv target_pc = tcg_temp_new(); > + > + if (tb_cflags(ctx->base.tb) & CF_PCREL) { > + tcg_gen_addi_tl(succ_pc, cpu_pc, ctx->pc_succ_insn - ctx->pc_save); > + } ... or initialized like } else { succ_pc = tcg_constant_tl(ctx->pc_succ_insn); } > - gen_set_pc(ctx, cpu_pc); > if (!has_ext(ctx, RVC)) { > TCGv t0 = tcg_temp_new(); > > misaligned = gen_new_label(); > - tcg_gen_andi_tl(t0, cpu_pc, 0x2); > + tcg_gen_andi_tl(t0, target_pc, 0x2); > tcg_gen_brcondi_tl(TCG_COND_NE, t0, 0x0, misaligned); > } ... > if (misaligned) { > gen_set_label(misaligned); > - gen_exception_inst_addr_mis(ctx); > + gen_exception_inst_addr_mis(ctx, target_pc); > } This is what I expected from patch 3: cpu_pc is unchanged, with the new (incorrect) address passed to inst_addr_mis for assigning to badaddr. Bug being fixed here, thus should really be a separate patch. > @@ -172,7 +197,7 @@ static bool gen_branch(DisasContext *ctx, arg_b *a, TCGCond cond) > if (!has_ext(ctx, RVC) && ((ctx->base.pc_next + a->imm) & 0x3)) { > /* misaligned */ > gen_set_pc_imm(ctx, ctx->base.pc_next + a->imm); > - gen_exception_inst_addr_mis(ctx); > + gen_exception_inst_addr_mis(ctx, cpu_pc); But this one's different and (probably) incorrect. > @@ -552,13 +567,21 @@ static void gen_jal(DisasContext *ctx, int rd, target_ulong imm) > if (!has_ext(ctx, RVC)) { > if ((next_pc & 0x3) != 0) { > gen_set_pc_imm(ctx, next_pc); > - gen_exception_inst_addr_mis(ctx); > + gen_exception_inst_addr_mis(ctx, cpu_pc); Likewise. > + assert(ctx->pc_save != -1); > + if (tb_cflags(ctx->base.tb) & CF_PCREL) { > + TCGv succ_pc = tcg_temp_new(); > + tcg_gen_addi_tl(succ_pc, cpu_pc, ctx->pc_succ_insn - ctx->pc_save); > + gen_set_gpr(ctx, rd, succ_pc); dest_gpr. r~
On 2023/3/30 00:27, Richard Henderson wrote: > On 3/28/23 20:23, Weiwei Li wrote: >> static bool trans_auipc(DisasContext *ctx, arg_auipc *a) >> { >> - gen_set_gpri(ctx, a->rd, a->imm + ctx->base.pc_next); >> + assert(ctx->pc_save != -1); >> + if (tb_cflags(ctx->base.tb) & CF_PCREL) { >> + TCGv target_pc = tcg_temp_new(); > > dest_gpr(s, a->rd) OK. I'll fix this. > >> @@ -51,26 +59,43 @@ static bool trans_jal(DisasContext *ctx, arg_jal *a) >> static bool trans_jalr(DisasContext *ctx, arg_jalr *a) >> { >> TCGLabel *misaligned = NULL; >> + TCGv succ_pc = tcg_temp_new(); > > succ_pc can by null for !CF_PCREL... I think this is OK since it's only used for CF_PCREL. > >> + TCGv target_pc = tcg_temp_new(); >> + >> + if (tb_cflags(ctx->base.tb) & CF_PCREL) { >> + tcg_gen_addi_tl(succ_pc, cpu_pc, ctx->pc_succ_insn - >> ctx->pc_save); >> + } > > ... or initialized like > > } else { > succ_pc = tcg_constant_tl(ctx->pc_succ_insn); > } > >> - gen_set_pc(ctx, cpu_pc); >> if (!has_ext(ctx, RVC)) { >> TCGv t0 = tcg_temp_new(); >> misaligned = gen_new_label(); >> - tcg_gen_andi_tl(t0, cpu_pc, 0x2); >> + tcg_gen_andi_tl(t0, target_pc, 0x2); >> tcg_gen_brcondi_tl(TCG_COND_NE, t0, 0x0, misaligned); >> } > ... >> if (misaligned) { >> gen_set_label(misaligned); >> - gen_exception_inst_addr_mis(ctx); >> + gen_exception_inst_addr_mis(ctx, target_pc); >> } > > This is what I expected from patch 3: cpu_pc is unchanged, with the > new (incorrect) address passed to inst_addr_mis for assigning to > badaddr. Bug being fixed here, thus should really be a separate patch. It's OK to update cpu_pc before gen_exception_inst_addr_mis() since it will restore the current pc by gen_set_pc_imm() after update cpu_pc into badaddr. However, after PC-relative translation is enabled, we cannot use gen_set_pc to directly update cpu_pc in above case, since gen_set_pc() will break the pc_save, and make gen_set_pc_imm() in gen_exception_inst_addr_mis() failed. So we introduce a temp target_pc instead of cpu_pc to compute the destination pc and use it to do misaligned check. > >> @@ -172,7 +197,7 @@ static bool gen_branch(DisasContext *ctx, arg_b >> *a, TCGCond cond) >> if (!has_ext(ctx, RVC) && ((ctx->base.pc_next + a->imm) & 0x3)) { >> /* misaligned */ >> gen_set_pc_imm(ctx, ctx->base.pc_next + a->imm); >> - gen_exception_inst_addr_mis(ctx); >> + gen_exception_inst_addr_mis(ctx, cpu_pc); > > But this one's different and (probably) incorrect. > >> @@ -552,13 +567,21 @@ static void gen_jal(DisasContext *ctx, int rd, >> target_ulong imm) >> if (!has_ext(ctx, RVC)) { >> if ((next_pc & 0x3) != 0) { >> gen_set_pc_imm(ctx, next_pc); >> - gen_exception_inst_addr_mis(ctx); >> + gen_exception_inst_addr_mis(ctx, cpu_pc); > > Likewise. > >> + assert(ctx->pc_save != -1); >> + if (tb_cflags(ctx->base.tb) & CF_PCREL) { >> + TCGv succ_pc = tcg_temp_new(); >> + tcg_gen_addi_tl(succ_pc, cpu_pc, ctx->pc_succ_insn - >> ctx->pc_save); >> + gen_set_gpr(ctx, rd, succ_pc); > > dest_gpr. OK. I'll fix this. Regards, Weiwei Li > > > > r~
On 3/29/23 18:09, liweiwei wrote: >>> @@ -51,26 +59,43 @@ static bool trans_jal(DisasContext *ctx, arg_jal *a) >>> static bool trans_jalr(DisasContext *ctx, arg_jalr *a) >>> { >>> TCGLabel *misaligned = NULL; >>> + TCGv succ_pc = tcg_temp_new(); >> >> succ_pc can by null for !CF_PCREL... > I think this is OK since it's only used for CF_PCREL. It allocates an unused temp. Not a bug per se, but an easily fixable mistake. >> ... or initialized like >> >> } else { >> succ_pc = tcg_constant_tl(ctx->pc_succ_insn); >> } If you do this, you can avoid the test/set/seti later. >>> if (misaligned) { >>> gen_set_label(misaligned); >>> - gen_exception_inst_addr_mis(ctx); >>> + gen_exception_inst_addr_mis(ctx, target_pc); >>> } >> >> This is what I expected from patch 3: cpu_pc is unchanged, with the new (incorrect) >> address passed to inst_addr_mis for assigning to badaddr. Bug being fixed here, thus >> should really be a separate patch. > > It's OK to update cpu_pc before gen_exception_inst_addr_mis() since it will restore the > current pc by gen_set_pc_imm() after update cpu_pc into badaddr. True, but I think it's confusing to set cpu_pc for it's mere use in copying to badaddr, and rely on generate_exception to reset cpu_pc to the correct value. > However, after PC-relative translation is enabled, we cannot use gen_set_pc to directly > update cpu_pc in above case, since gen_set_pc() will break the pc_save, and make > gen_set_pc_imm() in gen_exception_inst_addr_mis() failed. So we introduce a temp target_pc > instead of cpu_pc to compute the destination pc and use it to do misaligned check. Exactly. Which is why I think it is better to simply pass gen_exception_inst_addr_mis the value to use with badaddr in a normal temp (or constant). And do this always, not simply in the one case where it is absolutely required to not clobber cpu_pc. r~
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c index 1e97473af2..646fa31a59 100644 --- a/target/riscv/cpu.c +++ b/target/riscv/cpu.c @@ -658,16 +658,18 @@ static vaddr riscv_cpu_get_pc(CPUState *cs) static void riscv_cpu_synchronize_from_tb(CPUState *cs, const TranslationBlock *tb) { - RISCVCPU *cpu = RISCV_CPU(cs); - CPURISCVState *env = &cpu->env; - RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL); + if (!(tb_cflags(tb) & CF_PCREL)) { + RISCVCPU *cpu = RISCV_CPU(cs); + CPURISCVState *env = &cpu->env; + RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL); - tcg_debug_assert(!(cs->tcg_cflags & CF_PCREL)); + tcg_debug_assert(!(cs->tcg_cflags & CF_PCREL)); - if (xl == MXL_RV32) { - env->pc = (int32_t) tb->pc; - } else { - env->pc = tb->pc; + if (xl == MXL_RV32) { + env->pc = (int32_t) tb->pc; + } else { + env->pc = tb->pc; + } } } @@ -693,11 +695,18 @@ static void riscv_restore_state_to_opc(CPUState *cs, RISCVCPU *cpu = RISCV_CPU(cs); CPURISCVState *env = &cpu->env; RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL); + target_ulong pc; + + if (tb_cflags(tb) & CF_PCREL) { + pc = (env->pc & TARGET_PAGE_MASK) | data[0]; + } else { + pc = data[0]; + } if (xl == MXL_RV32) { - env->pc = (int32_t)data[0]; + env->pc = (int32_t)pc; } else { - env->pc = data[0]; + env->pc = pc; } env->bins = data[1]; } diff --git a/target/riscv/insn_trans/trans_rvi.c.inc b/target/riscv/insn_trans/trans_rvi.c.inc index 05d8b5d57f..1ba00f30a9 100644 --- a/target/riscv/insn_trans/trans_rvi.c.inc +++ b/target/riscv/insn_trans/trans_rvi.c.inc @@ -38,7 +38,15 @@ static bool trans_lui(DisasContext *ctx, arg_lui *a) static bool trans_auipc(DisasContext *ctx, arg_auipc *a) { - gen_set_gpri(ctx, a->rd, a->imm + ctx->base.pc_next); + assert(ctx->pc_save != -1); + if (tb_cflags(ctx->base.tb) & CF_PCREL) { + TCGv target_pc = tcg_temp_new(); + tcg_gen_addi_tl(target_pc, cpu_pc, a->imm + ctx->base.pc_next - + ctx->pc_save); + gen_set_gpr(ctx, a->rd, target_pc); + } else { + gen_set_gpri(ctx, a->rd, a->imm + ctx->base.pc_next); + } return true; } @@ -51,26 +59,43 @@ static bool trans_jal(DisasContext *ctx, arg_jal *a) static bool trans_jalr(DisasContext *ctx, arg_jalr *a) { TCGLabel *misaligned = NULL; + TCGv succ_pc = tcg_temp_new(); + TCGv target_pc = tcg_temp_new(); + + if (tb_cflags(ctx->base.tb) & CF_PCREL) { + tcg_gen_addi_tl(succ_pc, cpu_pc, ctx->pc_succ_insn - ctx->pc_save); + } + + tcg_gen_addi_tl(target_pc, get_gpr(ctx, a->rs1, EXT_NONE), a->imm); + tcg_gen_andi_tl(target_pc, target_pc, (target_ulong)-2); - tcg_gen_addi_tl(cpu_pc, get_gpr(ctx, a->rs1, EXT_NONE), a->imm); - tcg_gen_andi_tl(cpu_pc, cpu_pc, (target_ulong)-2); + if (get_xl(ctx) == MXL_RV32) { + tcg_gen_ext32s_tl(target_pc, target_pc); + } - gen_set_pc(ctx, cpu_pc); if (!has_ext(ctx, RVC)) { TCGv t0 = tcg_temp_new(); misaligned = gen_new_label(); - tcg_gen_andi_tl(t0, cpu_pc, 0x2); + tcg_gen_andi_tl(t0, target_pc, 0x2); tcg_gen_brcondi_tl(TCG_COND_NE, t0, 0x0, misaligned); } - gen_set_gpri(ctx, a->rd, ctx->pc_succ_insn); + tcg_gen_mov_tl(cpu_pc, target_pc); + + if (tb_cflags(ctx->base.tb) & CF_PCREL) { + gen_set_gpr(ctx, a->rd, succ_pc); + } else { + gen_set_gpri(ctx, a->rd, ctx->pc_succ_insn); + } lookup_and_goto_ptr(ctx); if (misaligned) { gen_set_label(misaligned); - gen_exception_inst_addr_mis(ctx); + gen_exception_inst_addr_mis(ctx, target_pc); } + + ctx->pc_save = -1; ctx->base.is_jmp = DISAS_NORETURN; return true; @@ -172,7 +197,7 @@ static bool gen_branch(DisasContext *ctx, arg_b *a, TCGCond cond) if (!has_ext(ctx, RVC) && ((ctx->base.pc_next + a->imm) & 0x3)) { /* misaligned */ gen_set_pc_imm(ctx, ctx->base.pc_next + a->imm); - gen_exception_inst_addr_mis(ctx); + gen_exception_inst_addr_mis(ctx, cpu_pc); } else { gen_goto_tb(ctx, 0, ctx->base.pc_next + a->imm); } diff --git a/target/riscv/translate.c b/target/riscv/translate.c index f7ddf4c50d..faf6975e80 100644 --- a/target/riscv/translate.c +++ b/target/riscv/translate.c @@ -59,6 +59,7 @@ typedef struct DisasContext { DisasContextBase base; /* pc_succ_insn points to the instruction following base.pc_next */ target_ulong pc_succ_insn; + target_ulong pc_save; target_ulong priv_ver; RISCVMXL misa_mxl_max; RISCVMXL xl; @@ -224,18 +225,19 @@ static void decode_save_opc(DisasContext *ctx) static void gen_set_pc_imm(DisasContext *ctx, target_ulong dest) { - if (get_xl(ctx) == MXL_RV32) { - dest = (int32_t)dest; - } - tcg_gen_movi_tl(cpu_pc, dest); -} + assert(ctx->pc_save != -1); + if (tb_cflags(ctx->base.tb) & CF_PCREL) { + tcg_gen_addi_tl(cpu_pc, cpu_pc, dest - ctx->pc_save); + if (get_xl(ctx) == MXL_RV32) { + tcg_gen_ext32s_tl(cpu_pc, cpu_pc); + } -static void gen_set_pc(DisasContext *ctx, TCGv dest) -{ - if (get_xl(ctx) == MXL_RV32) { - tcg_gen_ext32s_tl(cpu_pc, dest); + ctx->pc_save = dest; } else { - tcg_gen_mov_tl(cpu_pc, dest); + if (get_xl(ctx) == MXL_RV32) { + dest = (int32_t)dest; + } + tcg_gen_movi_tl(cpu_pc, dest); } } @@ -257,9 +259,9 @@ static void gen_exception_illegal(DisasContext *ctx) } } -static void gen_exception_inst_addr_mis(DisasContext *ctx) +static void gen_exception_inst_addr_mis(DisasContext *ctx, TCGv target) { - tcg_gen_st_tl(cpu_pc, cpu_env, offsetof(CPURISCVState, badaddr)); + tcg_gen_st_tl(target, cpu_env, offsetof(CPURISCVState, badaddr)); generate_exception(ctx, RISCV_EXCP_INST_ADDR_MIS); } @@ -290,8 +292,21 @@ static void gen_goto_tb(DisasContext *ctx, int n, target_ulong dest) * direct block chain benefits will be small. */ if (translator_use_goto_tb(&ctx->base, dest) && !ctx->itrigger) { - tcg_gen_goto_tb(n); - gen_set_pc_imm(ctx, dest); + /* + * For pcrel, the pc must always be up-to-date on entry to + * the linked TB, so that it can use simple additions for all + * further adjustments. For !pcrel, the linked TB is compiled + * to know its full virtual address, so we can delay the + * update to pc to the unlinked path. A long chain of links + * can thus avoid many updates to the PC. + */ + if (tb_cflags(ctx->base.tb) & CF_PCREL) { + gen_set_pc_imm(ctx, dest); + tcg_gen_goto_tb(n); + } else { + tcg_gen_goto_tb(n); + gen_set_pc_imm(ctx, dest); + } tcg_gen_exit_tb(ctx->base.tb, n); } else { gen_set_pc_imm(ctx, dest); @@ -552,13 +567,21 @@ static void gen_jal(DisasContext *ctx, int rd, target_ulong imm) if (!has_ext(ctx, RVC)) { if ((next_pc & 0x3) != 0) { gen_set_pc_imm(ctx, next_pc); - gen_exception_inst_addr_mis(ctx); + gen_exception_inst_addr_mis(ctx, cpu_pc); return; } } - gen_set_gpri(ctx, rd, ctx->pc_succ_insn); - gen_goto_tb(ctx, 0, ctx->base.pc_next + imm); /* must use this for safety */ + assert(ctx->pc_save != -1); + if (tb_cflags(ctx->base.tb) & CF_PCREL) { + TCGv succ_pc = tcg_temp_new(); + tcg_gen_addi_tl(succ_pc, cpu_pc, ctx->pc_succ_insn - ctx->pc_save); + gen_set_gpr(ctx, rd, succ_pc); + } else { + gen_set_gpri(ctx, rd, ctx->pc_succ_insn); + } + + gen_goto_tb(ctx, 0, next_pc); /* must use this for safety */ ctx->base.is_jmp = DISAS_NORETURN; } @@ -1152,6 +1175,7 @@ static void riscv_tr_init_disas_context(DisasContextBase *dcbase, CPUState *cs) RISCVCPU *cpu = RISCV_CPU(cs); uint32_t tb_flags = ctx->base.tb->flags; + ctx->pc_save = ctx->base.pc_first; ctx->pc_succ_insn = ctx->base.pc_first; ctx->mem_idx = FIELD_EX32(tb_flags, TB_FLAGS, MEM_IDX); ctx->mstatus_fs = tb_flags & TB_FLAGS_MSTATUS_FS; @@ -1197,8 +1221,13 @@ static void riscv_tr_tb_start(DisasContextBase *db, CPUState *cpu) static void riscv_tr_insn_start(DisasContextBase *dcbase, CPUState *cpu) { DisasContext *ctx = container_of(dcbase, DisasContext, base); + target_ulong pc_next = ctx->base.pc_next; + + if (tb_cflags(dcbase->tb) & CF_PCREL) { + pc_next &= ~TARGET_PAGE_MASK; + } - tcg_gen_insn_start(ctx->base.pc_next, 0); + tcg_gen_insn_start(pc_next, 0); ctx->insn_start = tcg_last_op(); }