aboutsummaryrefslogtreecommitdiff
path: root/target/avr
diff options
context:
space:
mode:
authorRichard Henderson <richard.henderson@linaro.org>2022-08-26 13:53:32 -0700
committerRichard Henderson <richard.henderson@linaro.org>2022-09-01 06:42:21 +0100
commit36027c70974fef1392e6c73dfb94c3f94f0930bc (patch)
tree70f4dd74f40b820a8f12c9add46c8634bd15cbe0 /target/avr
parentcecaad540155927f2faf1b6897c72cc59074cb45 (diff)
downloadqemu-36027c70974fef1392e6c73dfb94c3f94f0930bc.zip
qemu-36027c70974fef1392e6c73dfb94c3f94f0930bc.tar.gz
qemu-36027c70974fef1392e6c73dfb94c3f94f0930bc.tar.bz2
target/avr: Disable interrupts when env->skip set
This bit is not saved across interrupts, so we must delay delivering the interrupt until the skip has been processed. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1118 Reviewed-by: Michael Rolnik <mrolnik@gmail.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Diffstat (limited to 'target/avr')
-rw-r--r--target/avr/helper.c9
-rw-r--r--target/avr/translate.c26
2 files changed, 31 insertions, 4 deletions
diff --git a/target/avr/helper.c b/target/avr/helper.c
index 34f1cbf..156dde4 100644
--- a/target/avr/helper.c
+++ b/target/avr/helper.c
@@ -31,6 +31,15 @@ bool avr_cpu_exec_interrupt(CPUState *cs, int interrupt_request)
AVRCPU *cpu = AVR_CPU(cs);
CPUAVRState *env = &cpu->env;
+ /*
+ * We cannot separate a skip from the next instruction,
+ * as the skip would not be preserved across the interrupt.
+ * Separating the two insn normally only happens at page boundaries.
+ */
+ if (env->skip) {
+ return false;
+ }
+
if (interrupt_request & CPU_INTERRUPT_RESET) {
if (cpu_interrupts_enabled(env)) {
cs->exception_index = EXCP_RESET;
diff --git a/target/avr/translate.c b/target/avr/translate.c
index dc9c3d6..026753c 100644
--- a/target/avr/translate.c
+++ b/target/avr/translate.c
@@ -2971,8 +2971,18 @@ static void avr_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
if (skip_label) {
canonicalize_skip(ctx);
gen_set_label(skip_label);
- if (ctx->base.is_jmp == DISAS_NORETURN) {
+
+ switch (ctx->base.is_jmp) {
+ case DISAS_NORETURN:
ctx->base.is_jmp = DISAS_CHAIN;
+ break;
+ case DISAS_NEXT:
+ if (ctx->base.tb->flags & TB_FLAGS_SKIP) {
+ ctx->base.is_jmp = DISAS_TOO_MANY;
+ }
+ break;
+ default:
+ break;
}
}
@@ -2989,6 +2999,11 @@ static void avr_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs)
{
DisasContext *ctx = container_of(dcbase, DisasContext, base);
bool nonconst_skip = canonicalize_skip(ctx);
+ /*
+ * Because we disable interrupts while env->skip is set,
+ * we must return to the main loop to re-evaluate afterward.
+ */
+ bool force_exit = ctx->base.tb->flags & TB_FLAGS_SKIP;
switch (ctx->base.is_jmp) {
case DISAS_NORETURN:
@@ -2997,7 +3012,7 @@ static void avr_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs)
case DISAS_NEXT:
case DISAS_TOO_MANY:
case DISAS_CHAIN:
- if (!nonconst_skip) {
+ if (!nonconst_skip && !force_exit) {
/* Note gen_goto_tb checks singlestep. */
gen_goto_tb(ctx, 1, ctx->npc);
break;
@@ -3005,8 +3020,11 @@ static void avr_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs)
tcg_gen_movi_tl(cpu_pc, ctx->npc);
/* fall through */
case DISAS_LOOKUP:
- tcg_gen_lookup_and_goto_ptr();
- break;
+ if (!force_exit) {
+ tcg_gen_lookup_and_goto_ptr();
+ break;
+ }
+ /* fall through */
case DISAS_EXIT:
tcg_gen_exit_tb(NULL, 0);
break;