From 55be7adad9a0332df0f81f75d5e932a4b1268d91 Mon Sep 17 00:00:00 2001 From: Hou Weiying Date: Mon, 8 Mar 2021 12:42:01 -0500 Subject: [PATCH] riscv: Fix bug in setting pmpcfg CSR for RISCV64 First, sizeof(target_ulong) equals to 4 on riscv32, so this change does not change the function on riscv32. Second, sizeof(target_ulong) equals to 8 on riscv64, and 'reg_index * 8 + i' is not a legal pmp_index (we will explain later), which should be 'reg_index * 4 + i'. If the parameter reg_index equals to 2 (means that we will change the value of pmpcfg2, or the second pmpcfg on riscv64), then pmpcfg_csr_write(env, 2, val) will map write tasks to pmp_write_cfg(env, 2 * 8 + [0...7], val). However, no cfg csr is indexed by value 16 or 23 on riscv64, so we consider it as a bug. We are looking for constant (e.g., define a new constant named RISCV_WORD_SIZE) in QEMU to help others understand code better, but none was found. A possible good explanation of this literal is it is the minimum word length on riscv is 4 bytes (32 bit). Backports fdd33b86b20d153b131fc6259aea7a0084ab14b8 --- qemu/target/riscv/pmp.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/qemu/target/riscv/pmp.c b/qemu/target/riscv/pmp.c index 1878698f..330e9a32 100644 --- a/qemu/target/riscv/pmp.c +++ b/qemu/target/riscv/pmp.c @@ -316,8 +316,7 @@ void pmpcfg_csr_write(CPURISCVState *env, uint32_t reg_index, for (i = 0; i < sizeof(target_ulong); i++) { cfg_val = (val >> 8 * i) & 0xff; - pmp_write_cfg(env, (reg_index * sizeof(target_ulong)) + i, - cfg_val); + pmp_write_cfg(env, (reg_index * 4) + i, cfg_val); } } @@ -332,7 +331,7 @@ target_ulong pmpcfg_csr_read(CPURISCVState *env, uint32_t reg_index) target_ulong val = 0; for (i = 0; i < sizeof(target_ulong); i++) { - val = pmp_read_cfg(env, (reg_index * sizeof(target_ulong)) + i); + val = pmp_read_cfg(env, (reg_index * 4) + i); cfg_val |= (val << (i * 8)); }