From b8d6e05f16b77231d11b96659072b302290b3396 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Date: Tue, 10 Jun 2025 11:19:34 +0200 Subject: target/ppc/kvm: Avoid using alloca() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit kvmppc_load_htab_chunk() is used for migration, thus is not a hot path. Use the heap instead of the stack, removing the alloca() call. Reported-by: Peter Maydell Signed-off-by: Philippe Mathieu-Daudé Reviewed-by: Peter Maydell Reviewed-by: Manos Pitsidianakis Reviewed-by: Harsh Prateek Bora Reviewed-by: Stefan Hajnoczi Message-Id: <20250901132626.28639-2-philmd@linaro.org> --- target/ppc/kvm.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'target') diff --git a/target/ppc/kvm.c b/target/ppc/kvm.c index d145774..2521ff6 100644 --- a/target/ppc/kvm.c +++ b/target/ppc/kvm.c @@ -2760,11 +2760,11 @@ int kvmppc_save_htab(QEMUFile *f, int fd, size_t bufsize, int64_t max_ns) int kvmppc_load_htab_chunk(QEMUFile *f, int fd, uint32_t index, uint16_t n_valid, uint16_t n_invalid, Error **errp) { - struct kvm_get_htab_header *buf; - size_t chunksize = sizeof(*buf) + n_valid * HASH_PTE_SIZE_64; + size_t chunksize = sizeof(struct kvm_get_htab_header) + + n_valid * HASH_PTE_SIZE_64; + g_autofree struct kvm_get_htab_header *buf = g_malloc(chunksize); ssize_t rc; - buf = alloca(chunksize); buf->index = index; buf->n_valid = n_valid; buf->n_invalid = n_invalid; -- cgit v1.1 From 1f82ca723478f44823a18e7151e487d58da03659 Mon Sep 17 00:00:00 2001 From: Denis Rastyogin Date: Thu, 14 Aug 2025 13:48:32 +0300 Subject: target/mips: fix TLB huge page check to use 64-bit shift MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Use extract64(entry, psn, 1) instead of (entry & (1 << psn)) to avoid undefined behavior for shifts by 32–63 and to make bit extraction intent explicit. Found by Linux Verification Center (linuxtesting.org) with SVACE. Signed-off-by: Denis Rastyogin Message-ID: <20250814104914.13101-1-gerben@altlinux.org> Signed-off-by: Philippe Mathieu-Daudé --- target/mips/tcg/system/tlb_helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'target') diff --git a/target/mips/tcg/system/tlb_helper.c b/target/mips/tcg/system/tlb_helper.c index eccaf36..1e89015 100644 --- a/target/mips/tcg/system/tlb_helper.c +++ b/target/mips/tcg/system/tlb_helper.c @@ -652,7 +652,7 @@ static int walk_directory(CPUMIPSState *env, uint64_t *vaddr, return 0; } - if ((entry & (1 << psn)) && hugepg) { + if (extract64(entry, psn, 1) && hugepg) { *huge_page = true; *hgpg_directory_hit = true; entry = get_tlb_entry_layout(env, entry, leaf_mop, pf_ptew); -- cgit v1.1 From 46d03bb23dde86513465724760d85f42eb17539e Mon Sep 17 00:00:00 2001 From: Aditya Gupta Date: Wed, 20 Aug 2025 17:55:17 +0530 Subject: hw/ppc: Fix build error with CONFIG_POWERNV disabled MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently when CONFIG_POWERNV is not enabled, the build fails, such as with --without-default-devices: $ ./configure --without-default-devices $ make [281/283] Linking target qemu-system-ppc64 FAILED: qemu-system-ppc64 cc -m64 @qemu-system-ppc64.rsp /usr/bin/ld: libqemu-ppc64-softmmu.a.p/target_ppc_misc_helper.c.o: in function `helper_load_sprd': .../target/ppc/misc_helper.c:335:(.text+0xcdc): undefined reference to `pnv_chip_find_core' /usr/bin/ld: libqemu-ppc64-softmmu.a.p/target_ppc_misc_helper.c.o: in function `helper_store_sprd': .../target/ppc/misc_helper.c:375:(.text+0xdf4): undefined reference to `pnv_chip_find_core' collect2: error: ld returned 1 exit status ... This is since target/ppc/misc_helper.c references PowerNV specific 'pnv_chip_find_core' call. Split the PowerNV specific SPRD code out of the generic PowerPC code, by moving the SPRD code to pnv.c Fixes: 9808ce6d5cb ("target/ppc: Big-core scratch register fix") Cc: Philippe Mathieu-Daudé Reported-by: Thomas Huth Suggested-by: Cédric Le Goater Signed-off-by: Aditya Gupta Acked-by: Cédric Le Goater Message-ID: <20250820122516.949766-2-adityag@linux.ibm.com> Signed-off-by: Philippe Mathieu-Daudé --- target/ppc/cpu.h | 4 ++++ target/ppc/misc_helper.c | 59 +++++------------------------------------------- 2 files changed, 10 insertions(+), 53 deletions(-) (limited to 'target') diff --git a/target/ppc/cpu.h b/target/ppc/cpu.h index 6b90543..0e26e43 100644 --- a/target/ppc/cpu.h +++ b/target/ppc/cpu.h @@ -1522,6 +1522,10 @@ struct PowerPCCPUClass { void (*init_proc)(CPUPPCState *env); int (*check_pow)(CPUPPCState *env); int (*check_attn)(CPUPPCState *env); + + /* Handlers to be set by the machine initialising the chips */ + uint64_t (*load_sprd)(CPUPPCState *env); + void (*store_sprd)(CPUPPCState *env, uint64_t val); }; static inline bool ppc_cpu_core_single_threaded(CPUState *cs) diff --git a/target/ppc/misc_helper.c b/target/ppc/misc_helper.c index e7d9462..0e625cb 100644 --- a/target/ppc/misc_helper.c +++ b/target/ppc/misc_helper.c @@ -328,69 +328,22 @@ target_ulong helper_load_sprd(CPUPPCState *env) * accessed by powernv machines. */ PowerPCCPU *cpu = env_archcpu(env); - PnvCore *pc = pnv_cpu_state(cpu)->pnv_core; - target_ulong sprc = env->spr[SPR_POWER_SPRC]; + PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); - if (pc->big_core) { - pc = pnv_chip_find_core(pc->chip, CPU_CORE(pc)->core_id & ~0x1); + if (pcc->load_sprd) { + return pcc->load_sprd(env); } - switch (sprc & 0x3e0) { - case 0: /* SCRATCH0-3 */ - case 1: /* SCRATCH4-7 */ - return pc->scratch[(sprc >> 3) & 0x7]; - - case 0x1e0: /* core thread state */ - if (env->excp_model == POWERPC_EXCP_POWER9) { - /* - * Only implement for POWER9 because skiboot uses it to check - * big-core mode. Other bits are unimplemented so we would - * prefer to get unimplemented message on POWER10 if it were - * used anywhere. - */ - if (pc->big_core) { - return PPC_BIT(63); - } else { - return 0; - } - } - /* fallthru */ - - default: - qemu_log_mask(LOG_UNIMP, "mfSPRD: Unimplemented SPRC:0x" - TARGET_FMT_lx"\n", sprc); - break; - } return 0; } void helper_store_sprd(CPUPPCState *env, target_ulong val) { - target_ulong sprc = env->spr[SPR_POWER_SPRC]; PowerPCCPU *cpu = env_archcpu(env); - PnvCore *pc = pnv_cpu_state(cpu)->pnv_core; - int nr; - - if (pc->big_core) { - pc = pnv_chip_find_core(pc->chip, CPU_CORE(pc)->core_id & ~0x1); - } + PowerPCCPUClass *pcc = POWERPC_CPU_GET_CLASS(cpu); - switch (sprc & 0x3e0) { - case 0: /* SCRATCH0-3 */ - case 1: /* SCRATCH4-7 */ - /* - * Log stores to SCRATCH, because some firmware uses these for - * debugging and logging, but they would normally be read by the BMC, - * which is not implemented in QEMU yet. This gives a way to get at the - * information. Could also dump these upon checkstop. - */ - nr = (sprc >> 3) & 0x7; - pc->scratch[nr] = val; - break; - default: - qemu_log_mask(LOG_UNIMP, "mtSPRD: Unimplemented SPRC:0x" - TARGET_FMT_lx"\n", sprc); - break; + if (pcc->store_sprd) { + return pcc->store_sprd(env, val); } } -- cgit v1.1