Re: [Qemu-ppc] Regression in ppc-softmmu when running HelenOS

[Mark Cave-Ayland]

On 13/03/12 12:03, Alexander Graf wrote:

> msr becomes srr1 (and masks the not-to-be-set bits out)
> new_msr becomes the new MSR and only carries over MSR_ME from the current MSR
>
> This looks correct to me. For reference, please check up page 811 on the 
> PowerISA 2.06B:
>
>    https://www.power.org/resources/downloads/PowerISA_V2.06B_V2_PUBLIC.pdf

Now this is very interesting as having read the above document, I had a 
very different interpretation as to what should happen. From p.811:


1. SRR0 or HSRR0 is loaded with an instruction
address that depends on the type of interrupt; see
the specific interrupt description for details.

- This is already handled in the interrupt routine.

2. Bits 33:36 and 42:47 of SRR1 or HSRR1 are
loaded with information specific to the interrupt
type.

- These bits are not relevant on PPC32 since MSR is only 32-bit.

3. Bits 0:32, 37:41, and 48:63 of SRR1 or HSRR1 are
loaded with a copy of the corresponding bits of the
MSR.

- Since bits 0:32 should be copied from the MSR to SRR1 then since 
sizeof(target_ulong) is 4 on PPC32, then that implies that msr = env->msr.

4. The MSR is set as shown in Figure 44 on
page 814. In particular, MSR bits IR and DR are
set to 0, disabling relocation, and MSR bit SF is set
to 1, selecting 64-bit mode. The new values take
effect beginning with the first instruction executed
following the interrupt.

- This is a combination of forcing various values to zero in the MSR 
after it has been copied to SRR1 as per Fig. 44 (p.814), plus defaulting 
RI and HVB to zero; these two values can be overridden later in the 
exception handler if required.

5. Instruction fetch and execution resumes, using the
new MSR value, at the effective address specific to
the interrupt type. These effective addresses are
shown in Figure 45 on page 815.

- This is already handled in the interrupt routine.


This leads to the attached patch for PPC32; note that it will probably 
require a #if defined(TARGET_PPC64) ... #endif around msr = env->msr 
since according to 2) above there are extra bits that need to be reset 
in a 64-bit MSR. However I'm pleased to report that the patch boots all 
of my openSUSE, Fedora and HelenOS test images as before.

The only other change I needed to make was here:

    if (new_msr & ((1 << MSR_IR) | (1 << MSR_DR)))
        tlb_flush(env, 1);

Here I changed new_msr to msr because obviously if we are masking IR and 
DR when calculating new_msr at the start of the exception handler, then 
we can no longer detect the status of the IR and DR bits within new_msr 
to force the required TLB flush.


HTH,

Mark.

qemu-ppc-v2.patch
Description: Text Data