From: Sergey Sorokin <afarallax@yandex.ru>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
Sergey Sorokin <afarallax@yandex.ru>
Subject: [Qemu-devel] [PATCH v2] target-arm: Break the TB after ISB to execute self-modified code correctly
Date: Wed, 2 Sep 2015 13:03:18 +0300 [thread overview]
Message-ID: <1441188198-1620-1-git-send-email-afarallax@yandex.ru> (raw)
If any store instruction writes the code inside the same TB
after this store insn, the execution of the TB must be stopped
to execute new code correctly.
As described in ARMv8 manual D3.4.6 a self-modified code need to do
IC invalidation to be valid, and ISB after it. So it's enough to end the TB
after ISB instruction on the code translation.
Signed-off-by: Sergey Sorokin <afarallax@yandex.ru>
---
In the first version of the patch the TB was broken after IC invalidation
instead of ISB.
target-arm/translate-a64.c | 7 ++++++-
target-arm/translate.c | 14 ++++++++++++--
2 files changed, 18 insertions(+), 3 deletions(-)
diff --git a/target-arm/translate-a64.c b/target-arm/translate-a64.c
index 5c13e15..9a900c9 100644
--- a/target-arm/translate-a64.c
+++ b/target-arm/translate-a64.c
@@ -1234,9 +1234,14 @@ static void handle_sync(DisasContext *s, uint32_t insn,
return;
case 4: /* DSB */
case 5: /* DMB */
- case 6: /* ISB */
/* We don't emulate caches so barriers are no-ops */
return;
+ case 6: /* ISB */
+ /* We need to break the TB after this insn to execute
+ * a self-modified code correctly.
+ */
+ s->is_jmp = DISAS_UPDATE;
+ return;
default:
unallocated_encoding(s);
return;
diff --git a/target-arm/translate.c b/target-arm/translate.c
index e27634f..236b3a5 100644
--- a/target-arm/translate.c
+++ b/target-arm/translate.c
@@ -7689,10 +7689,15 @@ static void disas_arm_insn(DisasContext *s, unsigned int insn)
return;
case 4: /* dsb */
case 5: /* dmb */
- case 6: /* isb */
ARCH(7);
/* We don't emulate caches so these are a no-op. */
return;
+ case 6: /* isb */
+ /* We need to break the TB after this insn to execute
+ * a self-modified code correctly.
+ */
+ gen_lookup_tb(s);
+ return;
default:
goto illegal_op;
}
@@ -9999,9 +10004,14 @@ static int disas_thumb2_insn(CPUARMState *env, DisasContext *s, uint16_t insn_hw
break;
case 4: /* dsb */
case 5: /* dmb */
- case 6: /* isb */
/* These execute as NOPs. */
break;
+ case 6: /* isb */
+ /* We need to break the TB after this insn
+ * to execute a self-modified code correctly.
+ */
+ gen_lookup_tb(s);
+ return;
default:
goto illegal_op;
}
--
1.9.3
next reply other threads:[~2015-09-02 10:03 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-02 10:03 Sergey Sorokin [this message]
2015-09-04 13:59 ` [Qemu-devel] [PATCH v2] target-arm: Break the TB after ISB to execute self-modified code correctly Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1441188198-1620-1-git-send-email-afarallax@yandex.ru \
--to=afarallax@yandex.ru \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).