On 3/16/26 04:14, Zenghui Yu wrote:
Hi Richard,
On 2/27/26 11:01 AM, Richard Henderson wrote:
On 2/27/26 04:12, Zenghui Yu wrote:
+ /*
+ * For AccessType_AT, DB is not updated (AArch64.SetDirtyFlag),
+ * and it is IMPLEMENTATION DEFINED whether AF is updated
+ * (AArch64.SetAccessFlag; qemu chooses to not update).
+ */
+ if (likely(!ptw->in_at)) {
/*
* Access flag.
* If HA is enabled, prepare to update the descriptor below.
| * Otherwise, pass the access fault on to software.
| */
| if (!(descriptor & (1 << 10))) {
| if (param.ha) {
| new_descriptor |= 1 << 10; /* AF */
| } else {
| fi->type = ARMFault_AccessFlag;
| goto do_fault;
This also skips the access flag fault which could be generated by an AT
instruction. Is this an expected change?
Yes. As mentioned right there in the comment, the access flag fault is
IMPLEMENTATION DEFINED.
The comment says that "it is IMPLEMENTATION DEFINED whether AF is
updated" which matches R_XQSMX. I'm fine with it.
I was concerning about whether an access flag fault should be generated
by the AT instruction, if !param.ha. Could you please point out the
description in the specification regarding "the access flag fault is
IMPLEMENTATION DEFINED"?
You're right; there are only 4 exceptions that are to be passed on listed in J1.1.3.10
AArch64.AT.
r~
