aboutsummaryrefslogtreecommitdiff
path: root/tcg/tcg.h
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2013-02-22 18:10:03 +0000
committerBlue Swirl <blauwirbel@gmail.com>2013-03-03 14:28:47 +0000
commit378df4b23753a11be650af7664ca76bc75cb9f01 (patch)
treecedcd8fd2c8b23401ca4275ce65388e745cbcb37 /tcg/tcg.h
parent77211379d73ea0c89c0b5bb6eee74b17cb06f9a8 (diff)
downloadqemu-378df4b23753a11be650af7664ca76bc75cb9f01.zip
qemu-378df4b23753a11be650af7664ca76bc75cb9f01.tar.gz
qemu-378df4b23753a11be650af7664ca76bc75cb9f01.tar.bz2
Handle CPU interrupts by inline checking of a flag
Fix some of the nasty TCG race conditions and crashes by implementing cpu_exit() as setting a flag which is checked at the start of each TB. This avoids crashes if a thread or signal handler calls cpu_exit() while the execution thread is itself modifying the TB graph (which may happen in system emulation mode as well as in linux-user mode with a multithreaded guest binary). This fixes the crashes seen in LP:668799; however there are another class of crashes described in LP:1098729 which stem from the fact that in linux-user with a multithreaded guest all threads will use and modify the same global TCG date structures (including the generated code buffer) without any kind of locking. This means that multithreaded guest binaries are still in the "unsupported" category. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <rth@twiddle.net> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
Diffstat (limited to 'tcg/tcg.h')
-rw-r--r--tcg/tcg.h5
1 files changed, 5 insertions, 0 deletions
diff --git a/tcg/tcg.h b/tcg/tcg.h
index f5d0aed..df375cf 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -703,6 +703,10 @@ TCGv_i64 tcg_const_local_i64(int64_t val);
* would hit zero midway through it. In this case the next-TB pointer
* returned is the TB we were about to execute, and the caller must
* arrange to execute the remaining count of instructions.
+ * 3: we stopped because the CPU's exit_request flag was set
+ * (usually meaning that there is an interrupt that needs to be
+ * handled). The next-TB pointer returned is the TB we were
+ * about to execute when we noticed the pending exit request.
*
* If the bottom two bits indicate an exit-via-index then the CPU
* state is correctly synchronised and ready for execution of the next
@@ -719,6 +723,7 @@ TCGv_i64 tcg_const_local_i64(int64_t val);
#define TB_EXIT_IDX0 0
#define TB_EXIT_IDX1 1
#define TB_EXIT_ICOUNT_EXPIRED 2
+#define TB_EXIT_REQUESTED 3
#if !defined(tcg_qemu_tb_exec)
# define tcg_qemu_tb_exec(env, tb_ptr) \