From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: aliguori@us.ibm.com, qemu-stable@nongnu.org
Subject: [Qemu-devel] [PATCH 11/15] cpu-exec: wrap tcg_qemu_tb_exec() in a fn to restore the PC
Date: Tue, 14 May 2013 16:53:08 -0500 [thread overview]
Message-ID: <1368568392-2127-12-git-send-email-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <1368568392-2127-1-git-send-email-mdroth@linux.vnet.ibm.com>
From: Peter Maydell <peter.maydell@linaro.org>
If tcg_qemu_tb_exec() returns a value whose low bits don't indicate a
link to an indexed next TB, this means that the TB execution never
started (eg because the instruction counter hit zero). In this case the
guest PC has to be reset to the address of the start of the TB.
Refactor the cpu-exec code to make all tcg_qemu_tb_exec() calls pass
through a wrapper function which does this restoration if necessary.
Note that the apparent change in cpu_exec_nocache() from calling
cpu_pc_from_tb() with the old TB to calling it with the TB returned by
do_tcg_qemu_tb_exec() is safe, because in the nocache case we can
guarantee that the TB we try to execute is not linked to any others,
so the only possible returned TB is the one we started at. That is,
we should arguably previously have included in cpu_exec_nocache() an
assert(next_tb & ~TB_EXIT_MASK) == tb), since the API requires restore
from next_tb but we were using tb.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <rth@twiddle.net>
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
(cherry picked from commit 77211379d73ea0c89c0b5bb6eee74b17cb06f9a8)
Conflicts:
cpu-exec.c
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
cpu-exec.c | 28 +++++++++++++++++-----------
1 file changed, 17 insertions(+), 11 deletions(-)
diff --git a/cpu-exec.c b/cpu-exec.c
index 797e11a..4ffae22 100644
--- a/cpu-exec.c
+++ b/cpu-exec.c
@@ -51,12 +51,26 @@ void cpu_resume_from_signal(CPUArchState *env, void *puc)
}
#endif
+/* Execute a TB, and fix up the CPU state afterwards if necessary */
+static inline tcg_target_ulong cpu_tb_exec(CPUArchState *env, uint8_t *tb_ptr)
+{
+ tcg_target_ulong next_tb = tcg_qemu_tb_exec(env, tb_ptr);
+ if ((next_tb & TB_EXIT_MASK) > TB_EXIT_IDX1) {
+ /* We didn't start executing this TB (eg because the instruction
+ * counter hit zero); we must restore the guest PC to the address
+ * of the start of the TB.
+ */
+ TranslationBlock *tb = (TranslationBlock *)(next_tb & ~TB_EXIT_MASK);
+ cpu_pc_from_tb(env, tb);
+ }
+ return next_tb;
+}
+
/* Execute the code without caching the generated code. An interpreter
could be used if available. */
static void cpu_exec_nocache(CPUArchState *env, int max_cycles,
TranslationBlock *orig_tb)
{
- tcg_target_ulong next_tb;
TranslationBlock *tb;
/* Should never happen.
@@ -68,14 +82,8 @@ static void cpu_exec_nocache(CPUArchState *env, int max_cycles,
max_cycles);
env->current_tb = tb;
/* execute the generated code */
- next_tb = tcg_qemu_tb_exec(env, tb->tc_ptr);
+ cpu_tb_exec(env, tb->tc_ptr);
env->current_tb = NULL;
-
- if ((next_tb & TB_EXIT_MASK) == TB_EXIT_ICOUNT_EXPIRED) {
- /* Restore PC. This may happen if async event occurs before
- the TB starts executing. */
- cpu_pc_from_tb(env, tb);
- }
tb_phys_invalidate(tb, -1);
tb_free(tb);
}
@@ -597,13 +605,11 @@ int cpu_exec(CPUArchState *env)
if (likely(!env->exit_request)) {
tc_ptr = tb->tc_ptr;
/* execute the generated code */
- next_tb = tcg_qemu_tb_exec(env, tc_ptr);
+ next_tb = cpu_tb_exec(env, tc_ptr);
if ((next_tb & TB_EXIT_MASK) == TB_EXIT_ICOUNT_EXPIRED) {
/* Instruction counter expired. */
int insns_left;
tb = (TranslationBlock *)(next_tb & ~TB_EXIT_MASK);
- /* Restore PC. */
- cpu_pc_from_tb(env, tb);
insns_left = env->icount_decr.u32;
if (env->icount_extra && insns_left >= 0) {
/* Refill decrementer and continue execution. */
--
1.7.9.5
next prev parent reply other threads:[~2013-05-14 21:55 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-14 21:52 [Qemu-devel] Patch Round-up for stable 1.4.2, freeze on Monday Michael Roth
2013-05-14 21:52 ` [Qemu-devel] [PATCH 01/15] nbd: unlock mutex in nbd_co_send_request() error path Michael Roth
2013-05-14 21:52 ` [Qemu-devel] [PATCH 02/15] qdev: Fix QOM unrealize behavior Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 03/15] rng random backend: check for -EAGAIN errors on read Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 04/15] tap: properly initialize vhostfds Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 05/15] virtio-ccw: Check indicators location Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 06/15] configure: Pick up libseccomp include path Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 07/15] target-mips: Fix accumulator arguments to gen_helper_dmult(u) Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 08/15] tcg/optimize: fix setcond2 optimization Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 09/15] qga: set umask 0077 when daemonizing (CVE-2013-2007) Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 10/15] tcg: Document tcg_qemu_tb_exec() and provide constants for low bit uses Michael Roth
2013-05-14 21:53 ` Michael Roth [this message]
2013-05-14 21:53 ` [Qemu-devel] [PATCH 12/15] Handle CPU interrupts by inline checking of a flag Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 13/15] translate-all.c: Remove cpu_unlink_tb() Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 14/15] qga: distinguish binary modes in "guest_file_open_modes" map Michael Roth
2013-05-14 21:53 ` [Qemu-devel] [PATCH 15/15] qga: unlink just created guest-file if fchmod() or fdopen() fails on it Michael Roth
2013-05-15 4:49 ` [Qemu-devel] Patch Round-up for stable 1.4.2, freeze on Monday Michael Tokarev
2013-05-15 4:51 ` Michael Tokarev
2013-05-15 14:09 ` Brad Smith
2013-05-15 16:25 ` mdroth
2013-05-15 21:48 ` Cole Robinson
2013-05-16 17:20 ` mdroth
2013-05-17 12:43 ` Luiz Capitulino
2013-05-17 15:46 ` Doug Goldstein
2013-05-17 19:08 ` mdroth
2013-05-17 20:43 ` [Qemu-devel] [Qemu-stable] " Josh Durgin
2013-05-17 21:01 ` mdroth
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1368568392-2127-12-git-send-email-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=aliguori@us.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).