> I have been testing TCG plugin patch on latest Qemu build but noticed that it
> fails with assert on some of the applications.
> 
>    ERROR:../accel/tcg/cpu-exec.c:983:cpu_exec_loop:
>        assertion failed: (cpu->plugin_mem_cbs == ((void *)0))
> 

It seems that the problem is around tcg_ctx->plugin_tb->mem_helper flag. It is set to true
by inject_mem_enable_helper() if plugin requests memory callbacks injection and checked
by inject_mem_disable_helper() to insert appropriate cleanup code at the end. It works if
translation block has single exit point. However if translation block has branches or exits,
inject_mem_disable_helper() is called during code generation prepending all tb exits.
Unfortunately it happens before inject_mem_enable_helper() initializes mem_helper flag for
that block.

I’ve tried quick fix by commenting out this check in inject_mem_disable_helper() so that clean
up code is inserted unconditionally on every exit. The assert is gone.
What would be a better way to fix it?


diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
index 17a686bd9e..6651874c0f 100644
--- a/accel/tcg/plugin-gen.c
+++ b/accel/tcg/plugin-gen.c
@@ -637,9 +637,9 @@ void plugin_gen_disable_mem_helpers(void)
      * Note: we do not reset plugin_tb->mem_helper here; a TB might have several
      * exit points, and we want to emit the clearing from all of them.
      */
-    if (!tcg_ctx->plugin_tb->mem_helper) {
-        return;
-    }
+    // if (!tcg_ctx->plugin_tb->mem_helper) {
+    //     return;
+    // }
     ptr = tcg_const_ptr(NULL);
     tcg_gen_st_ptr(ptr, cpu_env, offsetof(CPUState, plugin_mem_cbs) -
                                  offsetof(ArchCPU, env));