diff options
author | aurel32 <aurel32@c046a42c-6fe2-441c-8c8c-71466251a162> | 2008-08-22 08:57:52 +0000 |
---|---|---|
committer | aurel32 <aurel32@c046a42c-6fe2-441c-8c8c-71466251a162> | 2008-08-22 08:57:52 +0000 |
commit | 06afe2c8840ec39c3b23db0eb830a5f49244b947 (patch) | |
tree | 7f3c1a89f27b7f7e5da3bd1e7750414993f8c651 | |
parent | 29e179bc3f5e804ab58b975e65c91cb9cd287846 (diff) |
[sh4] MMU bug fix
Some bugs on SH4 MMU are fixed.
- When a TLB entry is overwritten or invalidated, tlb_flush_page() should be
invoked to invalidate old entry.
- When a ASID is changed, tlb_flush() should be invoke to invalidate entries
which have old ASID.
- The check for shared bit in TLB entry causes multiple TLB hit exception.
As SH3's MMU, shared bit is ignored.
- ASID is used when MMUCR's SV bit or SR's MD bit is zero.
No need to check both bits are zero.
(Shin-ichiro KAWASAKI)
git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5068 c046a42c-6fe2-441c-8c8c-71466251a162
-rw-r--r-- | hw/sh7750.c | 4 | ||||
-rw-r--r-- | target-sh4/helper.c | 23 |
2 files changed, 24 insertions, 3 deletions
diff --git a/hw/sh7750.c b/hw/sh7750.c index 0ff3e6d778..04a7437530 100644 --- a/hw/sh7750.c +++ b/hw/sh7750.c @@ -30,6 +30,7 @@ #include "sh7750_regs.h" #include "sh7750_regnames.h" #include "sh_intc.h" +#include "exec-all.h" #include "cpu.h" #define NB_DEVICES 4 @@ -356,6 +357,9 @@ static void sh7750_mem_writel(void *opaque, target_phys_addr_t addr, s->cpu->mmucr = mem_value; return; case SH7750_PTEH_A7: + /* If asid changes, clear all registered tlb entries. */ + if ((s->cpu->pteh & 0xff) != (mem_value & 0xff)) + tlb_flush(s->cpu, 1); s->cpu->pteh = mem_value; return; case SH7750_PTEL_A7: diff --git a/target-sh4/helper.c b/target-sh4/helper.c index 06df9d1f35..6429862084 100644 --- a/target-sh4/helper.c +++ b/target-sh4/helper.c @@ -251,7 +251,7 @@ static int find_tlb_entry(CPUState * env, target_ulong address, for (i = 0; i < nbtlb; i++) { if (!entries[i].v) continue; /* Invalid entry */ - if (use_asid && entries[i].asid != asid && !entries[i].sh) + if (use_asid && entries[i].asid != asid) continue; /* Bad ASID */ #if 0 switch (entries[i].sz) { @@ -320,8 +320,14 @@ int find_itlb_entry(CPUState * env, target_ulong address, else if (e == MMU_DTLB_MISS && update) { e = find_tlb_entry(env, address, env->utlb, UTLB_SIZE, use_asid); if (e >= 0) { + tlb_t * ientry; n = itlb_replacement(env); - env->itlb[n] = env->utlb[e]; + ientry = &env->itlb[n]; + if (ientry->v) { + if (!same_tlb_entry_exists(env->utlb, UTLB_SIZE, ientry)) + tlb_flush_page(env, ientry->vpn << 10); + } + *ientry = env->utlb[e]; e = n; } else if (e == MMU_DTLB_MISS) e = MMU_ITLB_MISS; @@ -356,7 +362,7 @@ static int get_mmu_address(CPUState * env, target_ulong * physical, int use_asid, is_code, n; tlb_t *matching = NULL; - use_asid = (env->mmucr & MMUCR_SV) == 0 && (env->sr & SR_MD) == 0; + use_asid = (env->mmucr & MMUCR_SV) == 0 || (env->sr & SR_MD) == 0; is_code = env->pc == address; /* Hack */ /* Use a hack to find if this is an instruction or data access */ @@ -540,6 +546,17 @@ void cpu_load_tlb(CPUState * env) int n = cpu_mmucr_urc(env->mmucr); tlb_t * entry = &env->utlb[n]; + if (entry->v) { + /* Overwriting valid entry in utlb. */ + target_ulong address = entry->vpn << 10; + if (!same_tlb_entry_exists(env->itlb, ITLB_SIZE, entry)) { + tlb_flush_page(env, address); + } + } + + /* per utlb access cannot implemented. */ + increment_urc(env); + /* Take values into cpu status from registers. */ entry->asid = (uint8_t)cpu_pteh_asid(env->pteh); entry->vpn = cpu_pteh_vpn(env->pteh); |