[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 9/9] target/arm: Fix qemu-system-arm handling of LPAE block descri
From: |
Peter Maydell |
Subject: |
[PULL 9/9] target/arm: Fix qemu-system-arm handling of LPAE block descriptors for highmem |
Date: |
Thu, 7 Jul 2022 13:27:34 +0100 |
In commit 39a1fd25287f5d we fixed a bug in the handling of LPAE block
descriptors where we weren't correctly zeroing out some RES0 bits.
However this fix has a bug because the calculation of the mask is
done at the wrong width: in
descaddr &= ~(page_size - 1);
page_size is a target_ulong, so in the 'qemu-system-arm' binary it is
only 32 bits, and the effect is that we always zero out the top 32
bits of the calculated address. Fix the calculation by forcing the
mask to be calculated with the same type as descaddr.
This only affects 32-bit CPUs which support LPAE (e.g. cortex-a15)
when used on board models which put RAM or devices above the 4GB
mark and when the 'qemu-system-arm' executable is being used.
It was also masked in 7.0 by the main bug reported in
https://gitlab.com/qemu-project/qemu/-/issues/1078 where the
virt board incorrectly does not enable 'highmem' for 32-bit CPUs.
The workaround is to use 'qemu-system-aarch64' with the same
command line.
Reported-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20220627134620.3190252-1-peter.maydell@linaro.org
Fixes: 39a1fd25287f5de ("target/arm: Fix handling of LPAE block descriptors")
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
target/arm/ptw.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/arm/ptw.c b/target/arm/ptw.c
index da478104f05..e71fc1f4293 100644
--- a/target/arm/ptw.c
+++ b/target/arm/ptw.c
@@ -1257,7 +1257,7 @@ static bool get_phys_addr_lpae(CPUARMState *env, uint64_t
address,
* clear the lower bits here before ORing in the low vaddr bits.
*/
page_size = (1ULL << ((stride * (4 - level)) + 3));
- descaddr &= ~(page_size - 1);
+ descaddr &= ~(hwaddr)(page_size - 1);
descaddr |= (address & (page_size - 1));
/* Extract attributes from the descriptor */
attrs = extract64(descriptor, 2, 10)
--
2.25.1
- [PULL 0/9] target-arm queue, Peter Maydell, 2022/07/07
- [PULL 1/9] hw/arm/virt: dt: add rng-seed property, Peter Maydell, 2022/07/07
- [PULL 2/9] target/arm: Fix MTE check in sve_ldnfff1_r, Peter Maydell, 2022/07/07
- [PULL 3/9] target/arm: Record tagged bit for user-only in sve_probe_page, Peter Maydell, 2022/07/07
- [PULL 4/9] target/arm: Fix code style issues in debug helper functions, Peter Maydell, 2022/07/07
- [PULL 6/9] target/arm: Suppress debug exceptions when OS Lock set, Peter Maydell, 2022/07/07
- [PULL 7/9] target/arm: Implement AArch32 DBGDEVID, DBGDEVID1, DBGDEVID2, Peter Maydell, 2022/07/07
- [PULL 5/9] target/arm: Move define_debug_regs() to debug_helper.c, Peter Maydell, 2022/07/07
- [PULL 9/9] target/arm: Fix qemu-system-arm handling of LPAE block descriptors for highmem,
Peter Maydell <=
- [PULL 8/9] target/arm: Correctly implement Feat_DoubleLock, Peter Maydell, 2022/07/07
- Re: [PULL 0/9] target-arm queue, Richard Henderson, 2022/07/07
- [PULL 0/9] target-arm queue, Peter Maydell, 2022/07/26
- [PULL 1/9] scripts/coverity-scan/COMPONENTS.md: Add loongarch component, Peter Maydell, 2022/07/26
- [PULL 2/9] scripts/coverity-scan/COMPONENTS.md: Update slirp component info, Peter Maydell, 2022/07/26
- [PULL 8/9] configure: Avoid '==' bashism, Peter Maydell, 2022/07/26
- [PULL 3/9] target/arm: Add MO_128 entry to pred_esz_masks[], Peter Maydell, 2022/07/26
- [PULL 7/9] configure: Drop dead code attempting to use -msmall-data on alpha hosts, Peter Maydell, 2022/07/26
- [PULL 4/9] configure: Add missing POSIX-required space, Peter Maydell, 2022/07/26
- [PULL 5/9] configure: Add braces to clarify intent of $emu[[:space:]], Peter Maydell, 2022/07/26