From 7400d6938c6d455c4eba2b80c06d60c8fa5c5ba3 Mon Sep 17 00:00:00 2001 From: Catherine Ho Date: Wed, 30 Jan 2019 03:59:54 -0500 Subject: [PATCH 1/2] tcg: add early clober modifier in atomic16_cmpxchg on aarch64 Without this patch, gcc might up the Input/Output registers and cause unpredictable error. Fixes: 1ec182c33379 ("target/arm: Convert to HAVE_CMPXCHG128") Signed-off-by: Catherine Ho Message-Id: <1548838794-23757-1-git-send-email-catherine.hecx@gmail.com> Signed-off-by: Richard Henderson --- include/qemu/atomic128.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/qemu/atomic128.h b/include/qemu/atomic128.h index a6af22ff10..ddd0d55d31 100644 --- a/include/qemu/atomic128.h +++ b/include/qemu/atomic128.h @@ -68,7 +68,7 @@ static inline Int128 atomic16_cmpxchg(Int128 *ptr, Int128 cmp, Int128 new) "cbnz %w[tmp], 0b\n" "1:" : [mem] "+m"(*ptr), [tmp] "=&r"(tmp), - [oldl] "=&r"(oldl), [oldh] "=r"(oldh) + [oldl] "=&r"(oldl), [oldh] "=&r"(oldh) : [cmpl] "r"(cmpl), [cmph] "r"(cmph), [newl] "r"(newl), [newh] "r"(newh) : "memory", "cc"); From 9fd9b7de61b24c70a8a82d9627a20ed95433e1b5 Mon Sep 17 00:00:00 2001 From: Peter Maydell Date: Tue, 5 Feb 2019 15:18:10 +0000 Subject: [PATCH 2/2] accel/tcg: Consider cluster index in tb_lookup__cpu_state() In commit f7b78602fdc6c6e4be we added the CPU cluster number to the cflags field of the TB hash; this included adding it to the value kept in tb->cflags, since we pass that field directly into the hash calculation in some places. Unfortunately we forgot to check whether other parts of the code were doing comparisons against tb->cflags that would need to be updated. It turns out that there is exactly one such place: the tb_lookup__cpu_state() function checks whether the TB it has found in the tb_jmp_cache has a tb->cflags matching the cf_mask that is passed in. The tb->cflags has the cluster_index in it but the cf_mask does not. Hoist the "add cluster index to the cf_mask" code up from tb_htable_lookup() to tb_lookup__cpu_state() so it can be considered in the "did this TB match in the jmp cache" condition, as well as when we do the full hash lookup by physical PC, flags, etc. (tb_htable_lookup() is only called from tb_lookup__cpu_state(), so this change doesn't require any further knock-on changes.) Fixes: f7b78602fdc6c6e4be ("accel/tcg: Add cluster number to TCG TB hash") Tested-by: Cleber Rosa Tested-by: Mark Cave-Ayland Reported-by: Howard Spoelstra Reported-by: Cleber Rosa Signed-off-by: Peter Maydell Message-Id: <20190205151810.571-1-peter.maydell@linaro.org> Reviewed-by: Richard Henderson Signed-off-by: Richard Henderson --- accel/tcg/cpu-exec.c | 3 --- include/exec/tb-lookup.h | 4 ++++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c index 7cf1292546..60d87d5a19 100644 --- a/accel/tcg/cpu-exec.c +++ b/accel/tcg/cpu-exec.c @@ -325,9 +325,6 @@ TranslationBlock *tb_htable_lookup(CPUState *cpu, target_ulong pc, struct tb_desc desc; uint32_t h; - cf_mask &= ~CF_CLUSTER_MASK; - cf_mask |= cpu->cluster_index << CF_CLUSTER_SHIFT; - desc.env = (CPUArchState *)cpu->env_ptr; desc.cs_base = cs_base; desc.flags = flags; diff --git a/include/exec/tb-lookup.h b/include/exec/tb-lookup.h index 492cb68289..26921b6daf 100644 --- a/include/exec/tb-lookup.h +++ b/include/exec/tb-lookup.h @@ -28,6 +28,10 @@ tb_lookup__cpu_state(CPUState *cpu, target_ulong *pc, target_ulong *cs_base, cpu_get_tb_cpu_state(env, pc, cs_base, flags); hash = tb_jmp_cache_hash_func(*pc); tb = atomic_rcu_read(&cpu->tb_jmp_cache[hash]); + + cf_mask &= ~CF_CLUSTER_MASK; + cf_mask |= cpu->cluster_index << CF_CLUSTER_SHIFT; + if (likely(tb && tb->pc == *pc && tb->cs_base == *cs_base &&