diff options
author | Peter Maydell <peter.maydell@linaro.org> | 2023-01-19 11:56:50 +0000 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2023-01-19 11:56:51 +0000 |
commit | ef4f031fab7b070816454949a1b6b6c7aa3cf503 (patch) | |
tree | e120d446527f8c91b9f3020a90338e52e1b2de59 /accel | |
parent | 701ed34833f53880ba38bde09b0846d01fc16d66 (diff) | |
parent | 493c9b19a7fb7f387c4fcf57d3836504d5242bf5 (diff) | |
download | qemu-ef4f031fab7b070816454949a1b6b6c7aa3cf503.zip qemu-ef4f031fab7b070816454949a1b6b6c7aa3cf503.tar.gz qemu-ef4f031fab7b070816454949a1b6b6c7aa3cf503.tar.bz2 |
Merge tag 'pull-tcg-20230117' of https://gitlab.com/rth7680/qemu into staging
tcg: Fix race conditions in (most) goto_tb implementations
# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmPHKmEdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV+W+gf/cPFM+cY5QrC/ziVI
# Dbqc9Z+B4QVNoQjA+Qv9uL+ErjJ1zXuaS512NPHaL5nkjqzzbU4rYiIk1UET/vDJ
# 4RDw7o4pia3umt68zf9BfxPhkCqB+Zfdo/iolszL9OBpufPGD9NRjJn1qfM6Mpbd
# 38s6InRrmCWlGT3fsJq2cGzmT64dGDIovbHbJ5Y0EbtWBIcP99w2YfucclMB5AFI
# j6gX8jOKCfuN1Hru8waH77X2B0Jv36xlfRV9GLrwo/FQ/aiCyJLl5Hxuwm0adSql
# PBhDSdTXOTiNFmtnBUhaV1orgYKGGwWWfrGmzd0cGg/UcgHHDuJaoeuZHGNJlYai
# PFLW/Q==
# =fMV8
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 17 Jan 2023 23:08:17 GMT
# gpg: using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg: issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" [full]
# Primary key fingerprint: 7A48 1E78 868B 4DB6 A85A 05C0 64DF 38E8 AF7E 215F
* tag 'pull-tcg-20230117' of https://gitlab.com/rth7680/qemu: (22 commits)
tcg/riscv: Implement direct branch for goto_tb
tcg/riscv: Introduce OPC_NOP
tcg/arm: Implement direct branch for goto_tb
tcg/sparc64: Reorg goto_tb implementation
tcg/sparc64: Remove USE_REG_TB
tcg/ppc: Reorg goto_tb implementation
tcg/aarch64: Reorg goto_tb implementation
tcg: Remove TCG_TARGET_HAS_direct_jump
tcg: Always define tb_target_set_jmp_target
tcg: Move tb_target_set_jmp_target declaration to tcg.h
tcg: Change tb_target_set_jmp_target arguments
tcg: Add TranslationBlock.jmp_insn_offset
tcg: Add gen_tb to TCGContext
tcg: Rename TB_JMP_RESET_OFFSET_INVALID to TB_JMP_OFFSET_INVALID
tcg: Split out tcg_out_goto_tb
tcg: Introduce get_jmp_target_addr
tcg: Introduce set_jmp_insn_offset
tcg: Replace asserts on tcg_jmp_insn_offset
tcg/sparc64: Remove unused goto_tb code for indirect jump
tcg/ppc: Remove unused goto_tb code for indirect jump
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'accel')
-rw-r--r-- | accel/tcg/cpu-exec.c | 21 | ||||
-rw-r--r-- | accel/tcg/translate-all.c | 10 |
2 files changed, 17 insertions, 14 deletions
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c index 8927092..04cd1f3 100644 --- a/accel/tcg/cpu-exec.c +++ b/accel/tcg/cpu-exec.c @@ -572,15 +572,18 @@ void cpu_exec_step_atomic(CPUState *cpu) void tb_set_jmp_target(TranslationBlock *tb, int n, uintptr_t addr) { - if (TCG_TARGET_HAS_direct_jump) { - uintptr_t offset = tb->jmp_target_arg[n]; - uintptr_t tc_ptr = (uintptr_t)tb->tc.ptr; - uintptr_t jmp_rx = tc_ptr + offset; - uintptr_t jmp_rw = jmp_rx - tcg_splitwx_diff; - tb_target_set_jmp_target(tc_ptr, jmp_rx, jmp_rw, addr); - } else { - tb->jmp_target_arg[n] = addr; - } + /* + * Get the rx view of the structure, from which we find the + * executable code address, and tb_target_set_jmp_target can + * produce a pc-relative displacement to jmp_target_addr[n]. + */ + const TranslationBlock *c_tb = tcg_splitwx_to_rx(tb); + uintptr_t offset = tb->jmp_insn_offset[n]; + uintptr_t jmp_rx = (uintptr_t)tb->tc.ptr + offset; + uintptr_t jmp_rw = jmp_rx - tcg_splitwx_diff; + + tb->jmp_target_addr[n] = addr; + tb_target_set_jmp_target(c_tb, n, jmp_rx, jmp_rw); } static inline void tb_add_jump(TranslationBlock *tb, int n, diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c index 979f8e1..9e925c1 100644 --- a/accel/tcg/translate-all.c +++ b/accel/tcg/translate-all.c @@ -350,7 +350,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu, tb->trace_vcpu_dstate = *cpu->trace_dstate; tb_set_page_addr0(tb, phys_pc); tb_set_page_addr1(tb, -1); - tcg_ctx->tb_cflags = cflags; + tcg_ctx->gen_tb = tb; tb_overflow: #ifdef CONFIG_PROFILER @@ -508,10 +508,10 @@ TranslationBlock *tb_gen_code(CPUState *cpu, tb->jmp_dest[1] = (uintptr_t)NULL; /* init original jump addresses which have been set during tcg_gen_code() */ - if (tb->jmp_reset_offset[0] != TB_JMP_RESET_OFFSET_INVALID) { + if (tb->jmp_reset_offset[0] != TB_JMP_OFFSET_INVALID) { tb_reset_jump(tb, 0); } - if (tb->jmp_reset_offset[1] != TB_JMP_RESET_OFFSET_INVALID) { + if (tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) { tb_reset_jump(tb, 1); } @@ -693,9 +693,9 @@ static gboolean tb_tree_stats_iter(gpointer key, gpointer value, gpointer data) if (tb_page_addr1(tb) != -1) { tst->cross_page++; } - if (tb->jmp_reset_offset[0] != TB_JMP_RESET_OFFSET_INVALID) { + if (tb->jmp_reset_offset[0] != TB_JMP_OFFSET_INVALID) { tst->direct_jmp_count++; - if (tb->jmp_reset_offset[1] != TB_JMP_RESET_OFFSET_INVALID) { + if (tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) { tst->direct_jmp2_count++; } } |