On 12/6/19 9:14 AM, Peter Maydell wrote:
>> static void tlbi_aa64_alle2_write(CPUARMState *env, const ARMCPRegInfo *ri,
>> uint64_t value)
>> {
>> - ARMCPU *cpu = env_archcpu(env);
>> - CPUState *cs = CPU(cpu);
>> + CPUState *cs = env_cpu(env);
>> + int mask = vae2_tlbmask(env);
>
> Why do we use the 'v' mask function for a non 'v' TLB op?
>
>>
>> - tlb_flush_by_mmuidx(cs, ARMMMUIdxBit_E2);
>> + tlb_flush_by_mmuidx(cs, mask);
>
> The spec fror TLBI ALLE2 doesn't say it depends on
> what the E2H setting is. It says it flushes all entries
> for either NS EL2 or NS EL2&0 translation regimes.
> Wouldn't that be
> ARMMMUIdxBit_EL20_0 | ARMMMUIdxBit_EL20_2 | ARMMMUIdxBit_E2
> ?
>
> Contrast TLBI VAE2, which does say that the entries it
> flushes depend on the current setting of HCR_EL2.E2H.
Hmm. True. It would seem that ALLE1 has the same bug, because I confused
matters in 4a354502869. Will fix both.
r~
