From nobody Tue Feb 10 02:00:49 2026 Delivered-To: importer@patchew.org Received-SPF: temperror (zoho.com: Error in retrieving data from DNS) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=temperror (zoho.com: Error in retrieving data from DNS) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1508924598805494.8771865761536; Wed, 25 Oct 2017 02:43:18 -0700 (PDT) Received: from localhost ([::1]:47336 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e7IDH-0005ja-Ft for importer@patchew.org; Wed, 25 Oct 2017 05:43:03 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45675) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e7I6c-0008NS-Gu for qemu-devel@nongnu.org; Wed, 25 Oct 2017 05:36:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e7I6a-0008Jr-Sa for qemu-devel@nongnu.org; Wed, 25 Oct 2017 05:36:10 -0400 Received: from mail-wr0-x243.google.com ([2a00:1450:400c:c0c::243]:54075) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e7I6a-0008Ik-J8 for qemu-devel@nongnu.org; Wed, 25 Oct 2017 05:36:08 -0400 Received: by mail-wr0-x243.google.com with SMTP id u40so17445468wrf.10 for ; Wed, 25 Oct 2017 02:36:08 -0700 (PDT) Received: from cloudburst.twiddle.net ([62.168.35.107]) by smtp.gmail.com with ESMTPSA id v23sm2751025wmh.8.2017.10.25.02.36.06 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 25 Oct 2017 02:36:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=tBbNfyciZ0758Ekj2DHALRtNQpi+SCXGhJm+AkrmF+E=; b=VBQztqexsqiqL+6AqrdBKqxw04xqW204JiQDWn0qap8r1l138Ddw5kJpvg9RX9+ngn ZC6KhzukCQZOuwWjTWHnewphXfpgfgr9KuObIL/yHjng32PBOqvyHsizKcSOrujbsWBf ga6fjcNcbusyRTbb6eAhSZPorZAHxGxGxUPA4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=tBbNfyciZ0758Ekj2DHALRtNQpi+SCXGhJm+AkrmF+E=; b=MrWld1skTag9TJ8HwLhaz2EoDfGQ2oAfd73HJRwAocY5ESGw+d/0u92UeTGOVHirDI p2+omoKfl+2i0Xat6OWu5GWuxGB4GqFcIRaEKDgXZThxNj0DX66z/qldS2f9Pl4j7WOW dpakNUTUq78N9jk0E3RMaMasy4DhVBcwKuHvx+nvdjcVhhm8XRZ5J+P3513aBolcy0LP OQpnW5H9gKqbnXmihoaQnDl++d4BOL8c4X+RnrGeWyizG6AqHdDwRRSmMNLbkYeKCbaZ efMZaOqb6l4K/iXDTWxvg0KFsAgwZjpPue3peFezMs9Hksu6JBc9QW9sd++2dbh47qaG /HFQ== X-Gm-Message-State: AMCzsaWBGO7svzhQQhBSMhdfZbnh4iFL+6ecYXIsqQQNubpu7rehtGJG c9N/axf1zErwzxgI8NZgfOY8UewH98M= X-Google-Smtp-Source: ABhQp+ROVpYocTqyjlRlPc4JZ0L5/JkOaHX1kQcjPg+OUMXI8hC3iXtxt9vpFx7ly3MJBtf9/oJjyA== X-Received: by 10.223.201.8 with SMTP id m8mr1513069wrh.260.1508924167252; Wed, 25 Oct 2017 02:36:07 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Date: Wed, 25 Oct 2017 11:35:07 +0200 Message-Id: <20171025093535.10175-24-richard.henderson@linaro.org> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20171025093535.10175-1-richard.henderson@linaro.org> References: <20171025093535.10175-1-richard.henderson@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:400c:c0c::243 Subject: [Qemu-devel] [PULL 23/51] tcg: Add CPUState cflags_next_tb X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter.maydell@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_6 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" We were generating code during tb_invalidate_phys_page_range, check_watchpoint, cpu_io_recompile, and (seemingly) discarding the TB, assuming that it would magically be picked up during the next iteration through the cpu_exec loop. Instead, record the desired cflags in CPUState so that we request the proper TB so that there is no more magic. Reviewed-by: Emilio G. Cota Signed-off-by: Richard Henderson --- include/qom/cpu.h | 1 + accel/tcg/cpu-exec.c | 21 +++++++++++++++++---- accel/tcg/translate-all.c | 36 ++++++++++-------------------------- exec.c | 7 ++----- qom/cpu.c | 1 + 5 files changed, 31 insertions(+), 35 deletions(-) diff --git a/include/qom/cpu.h b/include/qom/cpu.h index df0ba86202..fa4b0c9dba 100644 --- a/include/qom/cpu.h +++ b/include/qom/cpu.h @@ -344,6 +344,7 @@ struct CPUState { bool unplug; bool crash_occurred; bool exit_request; + uint32_t cflags_next_tb; /* updates protected by BQL */ uint32_t interrupt_request; int singlestep_enabled; diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c index 39ec9508d1..1c64977849 100644 --- a/accel/tcg/cpu-exec.c +++ b/accel/tcg/cpu-exec.c @@ -367,13 +367,12 @@ static inline void tb_add_jump(TranslationBlock *tb, = int n, =20 static inline TranslationBlock *tb_find(CPUState *cpu, TranslationBlock *last_tb, - int tb_exit) + int tb_exit, uint32_t cf_mask) { TranslationBlock *tb; target_ulong cs_base, pc; uint32_t flags; bool acquired_tb_lock =3D false; - uint32_t cf_mask =3D curr_cflags(); =20 tb =3D tb_lookup__cpu_state(cpu, &pc, &cs_base, &flags, cf_mask); if (tb =3D=3D NULL) { @@ -501,7 +500,7 @@ static inline bool cpu_handle_exception(CPUState *cpu, = int *ret) } else if (replay_has_exception() && cpu->icount_decr.u16.low + cpu->icount_extra =3D=3D 0) { /* try to cause an exception pending in the log */ - cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0), true); + cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0, curr_cflags()), tru= e); *ret =3D -1; return true; #endif @@ -697,7 +696,21 @@ int cpu_exec(CPUState *cpu) int tb_exit =3D 0; =20 while (!cpu_handle_interrupt(cpu, &last_tb)) { - TranslationBlock *tb =3D tb_find(cpu, last_tb, tb_exit); + uint32_t cflags =3D cpu->cflags_next_tb; + TranslationBlock *tb; + + /* When requested, use an exact setting for cflags for the next + execution. This is used for icount, precise smc, and stop- + after-access watchpoints. Since this request should never + have CF_INVALID set, -1 is a convenient invalid value that + does not require tcg headers for cpu_common_reset. */ + if (cflags =3D=3D -1) { + cflags =3D curr_cflags(); + } else { + cpu->cflags_next_tb =3D -1; + } + + tb =3D tb_find(cpu, last_tb, tb_exit, cflags); cpu_loop_exec_tb(cpu, tb, &last_tb, &tb_exit); /* Try to align the host and virtual clocks if the guest is in advance */ diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c index 7ad65bc705..91fd6e444b 100644 --- a/accel/tcg/translate-all.c +++ b/accel/tcg/translate-all.c @@ -1463,14 +1463,12 @@ void tb_invalidate_phys_page_range(tb_page_addr_t s= tart, tb_page_addr_t end, int is_cpu_write_access) { TranslationBlock *tb, *tb_next; -#if defined(TARGET_HAS_PRECISE_SMC) - CPUState *cpu =3D current_cpu; - CPUArchState *env =3D NULL; -#endif tb_page_addr_t tb_start, tb_end; PageDesc *p; int n; #ifdef TARGET_HAS_PRECISE_SMC + CPUState *cpu =3D current_cpu; + CPUArchState *env =3D NULL; int current_tb_not_found =3D is_cpu_write_access; TranslationBlock *current_tb =3D NULL; int current_tb_modified =3D 0; @@ -1547,11 +1545,8 @@ void tb_invalidate_phys_page_range(tb_page_addr_t st= art, tb_page_addr_t end, #endif #ifdef TARGET_HAS_PRECISE_SMC if (current_tb_modified) { - /* we generate a block containing just the instruction - modifying the memory. It will ensure that it cannot modify - itself */ - tb_gen_code(cpu, current_pc, current_cs_base, current_flags, - 1 | curr_cflags()); + /* Force execution of one insn next time. */ + cpu->cflags_next_tb =3D 1 | curr_cflags(); cpu_loop_exit_noexc(cpu); } #endif @@ -1666,11 +1661,8 @@ static bool tb_invalidate_phys_page(tb_page_addr_t a= ddr, uintptr_t pc) p->first_tb =3D NULL; #ifdef TARGET_HAS_PRECISE_SMC if (current_tb_modified) { - /* we generate a block containing just the instruction - modifying the memory. It will ensure that it cannot modify - itself */ - tb_gen_code(cpu, current_pc, current_cs_base, current_flags, - 1 | curr_cflags()); + /* Force execution of one insn next time. */ + cpu->cflags_next_tb =3D 1 | curr_cflags(); /* tb_lock will be reset after cpu_loop_exit_noexc longjmps * back into the cpu_exec loop. */ return true; @@ -1773,9 +1765,7 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retadd= r) CPUArchState *env =3D cpu->env_ptr; #endif TranslationBlock *tb; - uint32_t n, cflags; - target_ulong pc, cs_base; - uint32_t flags; + uint32_t n; =20 tb_lock(); tb =3D tb_find_pc(retaddr); @@ -1813,12 +1803,9 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retad= dr) cpu_abort(cpu, "TB too big during recompile"); } =20 - cflags =3D n | CF_LAST_IO; - cflags |=3D curr_cflags(); - pc =3D tb->pc; - cs_base =3D tb->cs_base; - flags =3D tb->flags; - tb_phys_invalidate(tb, -1); + /* Adjust the execution state of the next TB. */ + cpu->cflags_next_tb =3D curr_cflags() | CF_LAST_IO | n; + if (tb->cflags & CF_NOCACHE) { if (tb->orig_tb) { /* Invalidate original TB if this TB was generated in @@ -1827,9 +1814,6 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retadd= r) } tb_free(tb); } - /* FIXME: In theory this could raise an exception. In practice - we have already translated the block once so it's probably ok. */ - tb_gen_code(cpu, pc, cs_base, flags, cflags); =20 /* TODO: If env->pc !=3D tb->pc (i.e. the faulting instruction was not * the first in the TB) then we end up generating a whole new TB and diff --git a/exec.c b/exec.c index 3e0a3dae46..97a24a875e 100644 --- a/exec.c +++ b/exec.c @@ -2431,11 +2431,8 @@ static void check_watchpoint(int offset, int len, Me= mTxAttrs attrs, int flags) { CPUState *cpu =3D current_cpu; CPUClass *cc =3D CPU_GET_CLASS(cpu); - CPUArchState *env =3D cpu->env_ptr; - target_ulong pc, cs_base; target_ulong vaddr; CPUWatchpoint *wp; - uint32_t cpu_flags; =20 assert(tcg_enabled()); if (cpu->watchpoint_hit) { @@ -2475,8 +2472,8 @@ static void check_watchpoint(int offset, int len, Mem= TxAttrs attrs, int flags) cpu->exception_index =3D EXCP_DEBUG; cpu_loop_exit(cpu); } else { - cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags); - tb_gen_code(cpu, pc, cs_base, cpu_flags, 1 | curr_cfla= gs()); + /* Force execution of one insn next time. */ + cpu->cflags_next_tb =3D 1 | curr_cflags(); cpu_loop_exit_noexc(cpu); } } diff --git a/qom/cpu.c b/qom/cpu.c index 54c9452b1c..e42d9a7f9e 100644 --- a/qom/cpu.c +++ b/qom/cpu.c @@ -301,6 +301,7 @@ static void cpu_common_reset(CPUState *cpu) cpu->can_do_io =3D 1; cpu->exception_index =3D -1; cpu->crash_occurred =3D false; + cpu->cflags_next_tb =3D -1; =20 if (tcg_enabled()) { cpu_tb_jmp_cache_clear(cpu); --=20 2.13.6