From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:42668) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bgfjl-00018B-LC for qemu-devel@nongnu.org; Sun, 04 Sep 2016 18:18:02 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bgfjh-0005nF-CF for qemu-devel@nongnu.org; Sun, 04 Sep 2016 18:18:00 -0400 Message-ID: <1473027456.2313.32.camel@kernel.crashing.org> From: Benjamin Herrenschmidt Date: Mon, 05 Sep 2016 08:17:36 +1000 In-Reply-To: <87wpirbnwn.fsf@linaro.org> References: <1472797976-24210-1-git-send-email-nikunj@linux.vnet.ibm.com> <1472797976-24210-5-git-send-email-nikunj@linux.vnet.ibm.com> <1472800972.9620.8.camel@kernel.crashing.org> <87y43akb51.fsf@abhimanyu.i-did-not-set--mail-host-address--so-tickle-me> <87wpirbnwn.fsf@linaro.org> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Subject: Re: [Qemu-devel] [PATCH RFC 4/4] target-ppc: flush tlb from all the cpu List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Alex =?ISO-8859-1?Q?Benn=E9e?= , Nikunj A Dadhania Cc: qemu-ppc@nongnu.org, david@gibson.dropbear.id.au, rth@twiddle.net, qemu-devel@nongnu.org On Sun, 2016-09-04 at 18:00 +0100, Alex Benn=C3=A9e wrote: > >=20 > > > We must provide a guarantee that no other processor can see the old > > > translation when the tlb invalidation sequence completes. With the > > > current lazy TLB flush, we already delay the invalidation until > > > we hit that synchronization point so we need to be synchronous. >=20 > When is the synchronisation point? On ARM we end the basic block on > system instructions that mess with the cache. As a result the flush is > done as soon as we exit the run loop on the next instruction. Look for gen_check_tlb_flush() in translated code and check_tlb_flush elsewhere in target-ppc. Basically, when we hit tlbie or slbie (TLB or segment invalidation instruction), we just set a flag indicating that the TLB "needs flushing". When we hit an execution synchronizing instruction (isync) or a ptesync, or if we hit an exception, we do the actual flush. This isn't 100% architecturally correct but work with every OS out there and saves quite a bit of churn, especially on context switch when we invalidate/replae multiple segments or when invalidating range of pages. In any case, ptesync especially needs to be the hard sync point, past tha= t point all translation must have been gone and all accesses using the prev= ious transltion completed or retried on all processors. Another approach would be to shoot asynchronous event on the actual tlbie= / slbie instructions and synchronize at the end, but I suspect it won't be any better, especially since the current code structure can't do fine gra= ined invalidation of the qemu TLB anyway, we can only blow it all up. So better safe than sorry here. That being said, your statement about basic block confuses me a bit. You mean MT TCG will sync all the threads when exiting a basic block on any C= PU ? =20 Cheers, Ben. > >=20 > >=20 > >=20 > > >=20 > > > >=20 > > > > diff --git a/target-ppc/mmu-hash64.c b/target-ppc/mmu-hash64.c > > > > index 8118143..d852c21 100644 > > > > --- a/target-ppc/mmu-hash64.c > > > > +++ b/target-ppc/mmu-hash64.c > > > > @@ -912,7 +912,7 @@ void ppc_hash64_tlb_flush_hpte(PowerPCCPU *cp= u, > > > > * invalidate, and we still don't have a tlb_flush_mask(env, n, > > > > * mask) in QEMU, we just invalidate all TLBs > > > > */ > > > > -tlb_flush(CPU(cpu), 1); > > > > +tlb_flush_all(CPU(cpu), 1); > > > > } > > > >=20 > > > > void ppc_hash64_update_rmls(CPUPPCState *env) > >=20 > > Regards, > > Nikunj >=20 >=20 > -- > Alex Benn=C3=A9e