1 files changed, 52 insertions, 0 deletions

diff --git a/results/classifier/105/boot/1587535 b/results/classifier/105/boot/1587535
new file mode 100644
index 00000000..f3075fa7
--- /dev/null
+++ b/results/classifier/105/boot/1587535
@@ -0,0 +1,52 @@
+boot: 0.860
+instruction: 0.817
+semantic: 0.774
+graphic: 0.759
+device: 0.758
+mistranslation: 0.724
+network: 0.668
+socket: 0.667
+assembly: 0.579
+other: 0.571
+vnc: 0.499
+KVM: 0.486
+
+Incorrect MAS1_TSIZE_SHIFT in ppce500_spin.c causes incorrectly sized TLB.
+
+When e500 PPC is booted multi-core, the non-boot cores are started via
+the spin table.  ppce500_spin.c:spin_kick() calls
+mmubooke_create_initial_mapping() to allocate a 64MB TLB entry, but
+the created TLB entry is only 256KB.
+
+The root cause is that the function computing the size of the TLB
+entry, namely booke206_page_size_to_tlb assumes MAS1.TSIZE as defined
+by latter PPC cores, specifically n to the power of FOUR * 1KB.  The
+result is then used by mmubooke_create_initial_mapping using
+MAS1_TSIZE_SHIFT, but MAS1_TSIZE_SHIFT is defined assuming TLB entries
+are n to the power of TWO * 1KB.  I.e., a difference of shift=7 or
+shift=8.
+
+Simply changing MAS1_TSIZE_SHIFT from 7 to 8 is not appropriate since
+the macro is used elsewhere.
+
+Removing the ">>1" from:
+
+> static inline hwaddr booke206_page_size_to_tlb(uint64_t size)
+> {
+>     return ctz32(size >> 10) >> 1;
+
+and adding an appropriate comment is what I used as a work around:
+
+> static inline hwaddr booke206_page_size_to_tlb(uint64_t size)
+> {
+>     // resulting size is based on MAS1_TSIZE_SHIFT=7 TLB size.
+>     return ctz32(size >> 10);
+
+Patch accepted.  
+
+Commit title is:
+
+Eliminate redundant and incorrect function booke206_page_size_to_tlb
+
+Patch had been released with QEMU 2.7
+