From patchwork Mon Oct 16 17:25:43 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 115964 Delivered-To: patch@linaro.org Received: by 10.140.22.163 with SMTP id 32csp3956196qgn; Mon, 16 Oct 2017 10:52:50 -0700 (PDT) X-Received: by 10.237.58.225 with SMTP id o88mr6492780qte.190.1508176370785; Mon, 16 Oct 2017 10:52:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1508176370; cv=none; d=google.com; s=arc-20160816; b=tBpCATuDnD8RJZHQQVNQyXLnZMeywd2z9BATv48FybCmZr5fouD58Yl8c/3otJmNkM WIOvwgkz9NlVGHQEoqPlK72m3W9oHpgo8uH+iNrjQ6p5F0AgHGdRKMJvXxt5zcUbFGj9 XNFFrGbjg640RsU2BBfYG8Bg/lpOYjGXTkWimA34giG+aLfTKEvbUnPQSK2kj0Wb9fQe olLKRyQo141Xjk+nhdKUGDKqo/OVpqwK8G1zDRSArO/X8anY2xPfMpiWacvnNwuy4fQn icy1LTlGk1/JxX7kXAkqWTtgx0/KwqCLVdgpoR6A8y616omgr9OVjPFtr4GkvShCs6vP h61w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:references:in-reply-to :message-id:date:to:from:dkim-signature:arc-authentication-results; bh=sJo+iGomDG5NL/43UhVM4Ppm/0mTQM65rKN2jIeYUSc=; b=aHpF4709uc/hH4xteC9dAgqPdSdnFoCSNAmXYGmNoXVwciTPJinwLn2grSEyAJkFW3 4TJ11UUw0/mQmXK2KNyNG4Nrzxc7thfpULWDpkFtPjzpCet2DdXQ7fP24kB/xTH7BJ+P LmxyLbNWPbjFLWhDnWJYLFx5HpwHOpTIupcXnxurilraXciFEyaSxlIIrYi7mgGQw4pv E8OPuf2gKYJVN6LqzIxj+GP0SadJ/TQJutkrjKy1UWe5pSgsq3v+27KqXeOuSgYbCbCz Puqc2BXRaCTZDc4UrOplBNtF6hFW2wY/L0vb6wmHUx7UjyJFK294M1BR4kIsEpI+CERh Jl4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=UoU8LvrK; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [2001:4830:134:3::11]) by mx.google.com with ESMTPS id 10si930861qkv.348.2017.10.16.10.52.50 for (version=TLS1 cipher=AES128-SHA bits=128/128); Mon, 16 Oct 2017 10:52:50 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) client-ip=2001:4830:134:3::11; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=UoU8LvrK; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 2001:4830:134:3::11 as permitted sender) smtp.mailfrom=qemu-devel-bounces+patch=linaro.org@nongnu.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:34401 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e49ZH-00076g-Av for patch@linaro.org; Mon, 16 Oct 2017 13:52:47 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:52456) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1e49AA-0002OE-C6 for qemu-devel@nongnu.org; Mon, 16 Oct 2017 13:26:51 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1e49A9-0003da-3t for qemu-devel@nongnu.org; Mon, 16 Oct 2017 13:26:50 -0400 Received: from mail-pf0-x22c.google.com ([2607:f8b0:400e:c00::22c]:54267) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1e49A8-0003d7-Sl for qemu-devel@nongnu.org; Mon, 16 Oct 2017 13:26:49 -0400 Received: by mail-pf0-x22c.google.com with SMTP id t188so13794023pfd.10 for ; Mon, 16 Oct 2017 10:26:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sJo+iGomDG5NL/43UhVM4Ppm/0mTQM65rKN2jIeYUSc=; b=UoU8LvrKNygT5NSnI4AJ4vYq4V4InDnH1r/CN7f8kGx9/ztMjT/77CNH2WLp6nIfqS yNC9Ne9zzFzGVAPGzdsTXGBg84ytr3TDmIrW+bGMpKXcr8h6fhDeaKF/0uVxcFuvTBYL xUpSsieutK5LD/QWHKrAspr3v5ujrI19lwuPc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sJo+iGomDG5NL/43UhVM4Ppm/0mTQM65rKN2jIeYUSc=; b=DFOQj8zwMRJFHJpXcX3m9GEBSzP9o9LOmvQ77byTVWbz7BDsL7JmLUbudnkvAodUba +BMeyrmOUuV5oIQkpHD7N1FC0Ll3WH5YpqTmTd6z/ftWwlA+Z8T0x5vtBhV/hkBIlenP iY3NkCi6eQBy0jaz/ZM7uZIWioMEl/5DZL2+3LQ0kKlDVMw5uYHr/zkuuoqSL4rlunnz /DE8tiZJJSJ9le+s0E4spo4V9jSExAWwmvhzG6z4Np5AMBqyI+0tYnttRwZ7B5vS0ao5 mSnET8hXm7IAMZt1GQ+C/GTr9cFDp1LP61OghNMdAA0s4rKji4cpmBsrKXDzjffcElyb fCqw== X-Gm-Message-State: AMCzsaUPXaIYRjLF1ftTRnkCbjd2SFkd8ge/saTRd+zUHRn2uh2DnhFI rA+fdAui6k6TmfnAYzRuJGo9Ke+4uh4= X-Google-Smtp-Source: AOwi7QCiFttcS7MqufjM2glxx4frxF14q0OYQJktiQYBYKmJVHapaVlAvh96HfH5zxSm30+U4u8qdg== X-Received: by 10.159.211.7 with SMTP id bc7mr9700708plb.425.1508174807699; Mon, 16 Oct 2017 10:26:47 -0700 (PDT) Received: from cloudburst.twiddle.net (97-126-104-76.tukw.qwest.net. [97.126.104.76]) by smtp.gmail.com with ESMTPSA id i187sm5594249pfc.96.2017.10.16.10.26.46 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 16 Oct 2017 10:26:46 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Date: Mon, 16 Oct 2017 10:25:43 -0700 Message-Id: <20171016172609.23422-25-richard.henderson@linaro.org> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20171016172609.23422-1-richard.henderson@linaro.org> References: <20171016172609.23422-1-richard.henderson@linaro.org> X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:400e:c00::22c Subject: [Qemu-devel] [PATCH v6 24/50] tcg: Add CPUState step_next_tb X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: cota@braap.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" We were generating code during tb_invalidate_phys_page_range and check_watchpoint, and (seemingly) discarding the TB, assuming that it would magically be picked up during the next iteration through the cpu_exec loop. Instead, set a flag in CPUState so that we set cflags to properly request a TB with a single guest insn so that there is no more magic. Signed-off-by: Richard Henderson --- include/qom/cpu.h | 1 + accel/tcg/cpu-exec.c | 19 +++++++++++++++---- accel/tcg/translate-all.c | 18 ++++-------------- exec.c | 6 +----- 4 files changed, 21 insertions(+), 23 deletions(-) -- 2.13.6 diff --git a/include/qom/cpu.h b/include/qom/cpu.h index df0ba86202..1fb165a43c 100644 --- a/include/qom/cpu.h +++ b/include/qom/cpu.h @@ -344,6 +344,7 @@ struct CPUState { bool unplug; bool crash_occurred; bool exit_request; + bool step_next_tb; /* updates protected by BQL */ uint32_t interrupt_request; int singlestep_enabled; diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c index 99f1d519c5..df410a8d6e 100644 --- a/accel/tcg/cpu-exec.c +++ b/accel/tcg/cpu-exec.c @@ -367,13 +367,12 @@ static inline void tb_add_jump(TranslationBlock *tb, int n, static inline TranslationBlock *tb_find(CPUState *cpu, TranslationBlock *last_tb, - int tb_exit) + int tb_exit, uint32_t cf_mask) { TranslationBlock *tb; target_ulong cs_base, pc; uint32_t flags; bool acquired_tb_lock = false; - uint32_t cf_mask = curr_cflags(); tb = tb_lookup__cpu_state(cpu, &pc, &cs_base, &flags, cf_mask); if (tb == NULL) { @@ -501,7 +500,7 @@ static inline bool cpu_handle_exception(CPUState *cpu, int *ret) } else if (replay_has_exception() && cpu->icount_decr.u16.low + cpu->icount_extra == 0) { /* try to cause an exception pending in the log */ - cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0), true); + cpu_exec_nocache(cpu, 1, tb_find(cpu, NULL, 0, curr_cflags()), true); *ret = -1; return true; #endif @@ -697,7 +696,19 @@ int cpu_exec(CPUState *cpu) int tb_exit = 0; while (!cpu_handle_interrupt(cpu, &last_tb)) { - TranslationBlock *tb = tb_find(cpu, last_tb, tb_exit); + uint32_t cf_mask = curr_cflags(); + TranslationBlock *tb; + + /* For precise smc, we generate a block containing just the + instruction modifying the memory, ensuring that it cannot + modify itself. We also need to single-step past a + stop-after-access watchpoint. */ + if (cpu->step_next_tb) { + cf_mask |= 1; + cpu->step_next_tb = false; + } + + tb = tb_find(cpu, last_tb, tb_exit, cf_mask); cpu_loop_exec_tb(cpu, tb, &last_tb, &tb_exit); /* Try to align the host and virtual clocks if the guest is in advance */ diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c index 1271944ae8..a7415c8661 100644 --- a/accel/tcg/translate-all.c +++ b/accel/tcg/translate-all.c @@ -1463,14 +1463,12 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end, int is_cpu_write_access) { TranslationBlock *tb, *tb_next; -#if defined(TARGET_HAS_PRECISE_SMC) - CPUState *cpu = current_cpu; - CPUArchState *env = NULL; -#endif tb_page_addr_t tb_start, tb_end; PageDesc *p; int n; #ifdef TARGET_HAS_PRECISE_SMC + CPUState *cpu = current_cpu; + CPUArchState *env = NULL; int current_tb_not_found = is_cpu_write_access; TranslationBlock *current_tb = NULL; int current_tb_modified = 0; @@ -1547,11 +1545,7 @@ void tb_invalidate_phys_page_range(tb_page_addr_t start, tb_page_addr_t end, #endif #ifdef TARGET_HAS_PRECISE_SMC if (current_tb_modified) { - /* we generate a block containing just the instruction - modifying the memory. It will ensure that it cannot modify - itself */ - tb_gen_code(cpu, current_pc, current_cs_base, current_flags, - 1 | curr_cflags()); + cpu->step_next_tb = true; cpu_loop_exit_noexc(cpu); } #endif @@ -1666,11 +1660,7 @@ static bool tb_invalidate_phys_page(tb_page_addr_t addr, uintptr_t pc) p->first_tb = NULL; #ifdef TARGET_HAS_PRECISE_SMC if (current_tb_modified) { - /* we generate a block containing just the instruction - modifying the memory. It will ensure that it cannot modify - itself */ - tb_gen_code(cpu, current_pc, current_cs_base, current_flags, - 1 | curr_cflags()); + cpu->step_next_tb = true; /* tb_lock will be reset after cpu_loop_exit_noexc longjmps * back into the cpu_exec loop. */ return true; diff --git a/exec.c b/exec.c index 5d43d9541f..a9737ba5e9 100644 --- a/exec.c +++ b/exec.c @@ -2390,11 +2390,8 @@ static void check_watchpoint(int offset, int len, MemTxAttrs attrs, int flags) { CPUState *cpu = current_cpu; CPUClass *cc = CPU_GET_CLASS(cpu); - CPUArchState *env = cpu->env_ptr; - target_ulong pc, cs_base; target_ulong vaddr; CPUWatchpoint *wp; - uint32_t cpu_flags; assert(tcg_enabled()); if (cpu->watchpoint_hit) { @@ -2434,8 +2431,7 @@ static void check_watchpoint(int offset, int len, MemTxAttrs attrs, int flags) cpu->exception_index = EXCP_DEBUG; cpu_loop_exit(cpu); } else { - cpu_get_tb_cpu_state(env, &pc, &cs_base, &cpu_flags); - tb_gen_code(cpu, pc, cs_base, cpu_flags, 1 | curr_cflags()); + cpu->step_next_tb = true; cpu_loop_exit_noexc(cpu); } }