target/ppc: Ensure stcx size matches larx
Differently-sized larx/stcx. pairs can succeed if the starting address matches. Add a check to require the size of stcx. exactly match the larx that established the reservation. Use the term "reserve_length" for this state, which matches the terminology used in the ISA. Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Nicholas Piggin <npiggin@gmail.com> Message-Id: <20230605025445.161932-2-npiggin@gmail.com> Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
This commit is contained in:
parent
e025e8f5a8
commit
392d328abe
@ -1114,8 +1114,9 @@ struct CPUArchState {
|
||||
target_ulong ov32;
|
||||
target_ulong ca32;
|
||||
|
||||
target_ulong reserve_addr; /* Reservation address */
|
||||
target_ulong reserve_val; /* Reservation value */
|
||||
target_ulong reserve_addr; /* Reservation address */
|
||||
target_ulong reserve_length; /* Reservation larx op size (bytes) */
|
||||
target_ulong reserve_val; /* Reservation value */
|
||||
target_ulong reserve_val2;
|
||||
|
||||
/* These are used in supervisor mode only */
|
||||
|
@ -7392,8 +7392,8 @@ void ppc_cpu_dump_state(CPUState *cs, FILE *f, int flags)
|
||||
}
|
||||
qemu_fprintf(f, " %c%c", a, env->crf[i] & 0x01 ? 'O' : ' ');
|
||||
}
|
||||
qemu_fprintf(f, " ] RES " TARGET_FMT_lx "\n",
|
||||
env->reserve_addr);
|
||||
qemu_fprintf(f, " ] RES %03x@" TARGET_FMT_lx "\n",
|
||||
(int)env->reserve_length, env->reserve_addr);
|
||||
|
||||
if (flags & CPU_DUMP_FPU) {
|
||||
for (i = 0; i < 32; i++) {
|
||||
|
@ -75,6 +75,7 @@ static TCGv cpu_cfar;
|
||||
#endif
|
||||
static TCGv cpu_xer, cpu_so, cpu_ov, cpu_ca, cpu_ov32, cpu_ca32;
|
||||
static TCGv cpu_reserve;
|
||||
static TCGv cpu_reserve_length;
|
||||
static TCGv cpu_reserve_val;
|
||||
static TCGv cpu_reserve_val2;
|
||||
static TCGv cpu_fpscr;
|
||||
@ -143,6 +144,10 @@ void ppc_translate_init(void)
|
||||
cpu_reserve = tcg_global_mem_new(cpu_env,
|
||||
offsetof(CPUPPCState, reserve_addr),
|
||||
"reserve_addr");
|
||||
cpu_reserve_length = tcg_global_mem_new(cpu_env,
|
||||
offsetof(CPUPPCState,
|
||||
reserve_length),
|
||||
"reserve_length");
|
||||
cpu_reserve_val = tcg_global_mem_new(cpu_env,
|
||||
offsetof(CPUPPCState, reserve_val),
|
||||
"reserve_val");
|
||||
@ -3469,6 +3474,7 @@ static void gen_load_locked(DisasContext *ctx, MemOp memop)
|
||||
gen_addr_reg_index(ctx, t0);
|
||||
tcg_gen_qemu_ld_tl(gpr, t0, ctx->mem_idx, memop | MO_ALIGN);
|
||||
tcg_gen_mov_tl(cpu_reserve, t0);
|
||||
tcg_gen_movi_tl(cpu_reserve_length, memop_size(memop));
|
||||
tcg_gen_mov_tl(cpu_reserve_val, gpr);
|
||||
tcg_gen_mb(TCG_MO_ALL | TCG_BAR_LDAQ);
|
||||
}
|
||||
@ -3700,6 +3706,7 @@ static void gen_conditional_store(DisasContext *ctx, MemOp memop)
|
||||
gen_set_access_type(ctx, ACCESS_RES);
|
||||
gen_addr_reg_index(ctx, t0);
|
||||
tcg_gen_brcond_tl(TCG_COND_NE, t0, cpu_reserve, l1);
|
||||
tcg_gen_brcondi_tl(TCG_COND_NE, cpu_reserve_length, memop_size(memop), l1);
|
||||
|
||||
t0 = tcg_temp_new();
|
||||
tcg_gen_atomic_cmpxchg_tl(t0, cpu_reserve, cpu_reserve_val,
|
||||
@ -3766,6 +3773,7 @@ static void gen_lqarx(DisasContext *ctx)
|
||||
tcg_gen_extr_i128_i64(lo, hi, t16);
|
||||
|
||||
tcg_gen_mov_tl(cpu_reserve, EA);
|
||||
tcg_gen_movi_tl(cpu_reserve_length, 16);
|
||||
tcg_gen_st_tl(hi, cpu_env, offsetof(CPUPPCState, reserve_val));
|
||||
tcg_gen_st_tl(lo, cpu_env, offsetof(CPUPPCState, reserve_val2));
|
||||
}
|
||||
@ -3791,6 +3799,7 @@ static void gen_stqcx_(DisasContext *ctx)
|
||||
gen_addr_reg_index(ctx, EA);
|
||||
|
||||
tcg_gen_brcond_tl(TCG_COND_NE, EA, cpu_reserve, lab_fail);
|
||||
tcg_gen_brcondi_tl(TCG_COND_NE, cpu_reserve_length, 16, lab_fail);
|
||||
|
||||
cmp = tcg_temp_new_i128();
|
||||
val = tcg_temp_new_i128();
|
||||
|
Loading…
x
Reference in New Issue
Block a user