ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

accel/tcg: Fix jump cache set in cpu_exec_loop 

Assign pc and use store_release to assign tb.

Fixes: 2dd5b7a1b9 ("accel/tcg: Move jmp-cache `CF_PCREL` checks to caller")
Reported-by: Weiwei Li <liweiwei@iscas.ac.cn>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
This commit is contained in:
Richard Henderson 2023-03-31 18:52:33 -07:00
parent c83574392e
commit 3371802fba
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
accel/tcg/cpu-exec.c
View File

@ -257,7 +257,7 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
if (cflags & CF_PCREL) { if (cflags & CF_PCREL) {
/* Use acquire to ensure current load of pc from jc. */ /* Use acquire to ensure current load of pc from jc. */
tb = qatomic_load_acquire(&jc->array[hash].tb); tb = qatomic_load_acquire(&jc->array[hash].tb);
if (likely(tb && if (likely(tb &&
jc->array[hash].pc == pc && jc->array[hash].pc == pc &&
@ -272,7 +272,7 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
return NULL; return NULL;
} }
jc->array[hash].pc = pc; jc->array[hash].pc = pc;
/* Use store_release on tb to ensure pc is written first. */ /* Ensure pc is written first. */
qatomic_store_release(&jc->array[hash].tb, tb); qatomic_store_release(&jc->array[hash].tb, tb);
} else { } else {
/* Use rcu_read to ensure current load of pc from *tb. */ /* Use rcu_read to ensure current load of pc from *tb. */
@ -971,18 +971,27 @@ cpu_exec_loop(CPUState *cpu, SyncClocks *sc)
tb = tb_lookup(cpu, pc, cs_base, flags, cflags); tb = tb_lookup(cpu, pc, cs_base, flags, cflags);
if (tb == NULL) { if (tb == NULL) {
CPUJumpCache *jc;
uint32_t h; uint32_t h;
mmap_lock(); mmap_lock();
tb = tb_gen_code(cpu, pc, cs_base, flags, cflags); tb = tb_gen_code(cpu, pc, cs_base, flags, cflags);
mmap_unlock(); mmap_unlock();
/* /*
* We add the TB in the virtual pc hash table * We add the TB in the virtual pc hash table
* for the fast lookup * for the fast lookup
*/ */
h = tb_jmp_cache_hash_func(pc); h = tb_jmp_cache_hash_func(pc);
/* Use the pc value already stored in tb->pc. */ jc = cpu->tb_jmp_cache;
qatomic_set(&cpu->tb_jmp_cache->array[h].tb, tb); if (cflags & CF_PCREL) {
jc->array[h].pc = pc;
/* Ensure pc is written first. */
qatomic_store_release(&jc->array[h].tb, tb);
} else {
/* Use the pc value already stored in tb->pc. */
qatomic_set(&jc->array[h].tb, tb);
}
} }
#ifndef CONFIG_USER_ONLY #ifndef CONFIG_USER_ONLY