From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34153) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VifaJ-0003ff-Gy for qemu-devel@nongnu.org; Tue, 19 Nov 2013 02:19:03 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VifaB-0005Ou-3n for qemu-devel@nongnu.org; Tue, 19 Nov 2013 02:18:55 -0500 Received: from mail-pb0-x22c.google.com ([2607:f8b0:400e:c01::22c]:59740) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VifaA-0005Ok-NF for qemu-devel@nongnu.org; Tue, 19 Nov 2013 02:18:47 -0500 Received: by mail-pb0-f44.google.com with SMTP id rq2so1477110pbb.3 for ; Mon, 18 Nov 2013 23:18:45 -0800 (PST) Sender: Richard Henderson Message-ID: <528B10D0.3010806@twiddle.net> Date: Tue, 19 Nov 2013 17:18:40 +1000 From: Richard Henderson MIME-Version: 1.0 References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] Self-modifying code with REP-prefix on TCG List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Clemens Kolbitsch , "qemu-devel@nongnu.org" On 11/19/2013 05:47 AM, Clemens Kolbitsch wrote: > Getting around this is not trivial, so if it's a new issue, does anyone have an > idea how to approach it most meaningfully? I was thinking about detecting this > very specific case and marking the TB for re-translation only after the TB is > exited, but this is not very clean and also somewhat prone to errors. > I don't believe there are any good solutions for this. See what's enabled by TARGET_HAS_PRECISE_SMC wrt flushing and re-generating TBs for other bits of self-modifying code. Which are strictly at odds with the desire here to continue executing the same REP. I have a feeling even your example isn't robust even on real HW, in that if any kind of interrupt occurs, the REP will terminate and (if overwritten) fail to restart. Even with CLI, system management interrupts can still occur. r~