This change adapts io_readx() to its input access_type. Currently io_readx() treats any memory access as a read, although it has an input argument "MMUAccessType access_type". This results in:
1) Calling the tlb_fill() only with MMU_DATA_LOAD 2) Considering only entry->addr_read as the tlb_addr Buglink: https://bugs.launchpad.net/qemu/+bug/1825359 Signed-off-by: Shahab Vahedi <shahab.vah...@gmail.com> --- Changelog: v3 - Only handle read/fetch. There must be no write access. v2 - Extra space before closing parenthesis is removed v1 - Initial submit accel/tcg/cputlb.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c index 88cc8389e9..6d50fcc52d 100644 --- a/accel/tcg/cputlb.c +++ b/accel/tcg/cputlb.c @@ -868,6 +868,9 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry, bool locked = false; MemTxResult r; + /* Only support for reading/fetching IO */ + assert(access_type == MMU_DATA_LOAD || access_type == MMU_INST_FETCH); + if (recheck) { /* * This is a TLB_RECHECK access, where the MMU protection @@ -878,10 +881,11 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry, CPUTLBEntry *entry; target_ulong tlb_addr; - tlb_fill(cpu, addr, size, MMU_DATA_LOAD, mmu_idx, retaddr); + tlb_fill(cpu, addr, size, access_type, mmu_idx, retaddr); entry = tlb_entry(env, mmu_idx, addr); - tlb_addr = entry->addr_read; + tlb_addr = (access_type == MMU_DATA_LOAD) ? + entry->addr_read : entry->addr_code; if (!(tlb_addr & ~(TARGET_PAGE_MASK | TLB_RECHECK))) { /* RAM access */ uintptr_t haddr = addr + entry->addend; -- 2.21.0