diff --git a/qemu/cpu-exec.c b/qemu/cpu-exec.c index cbc09d05..f471fdee 100644 --- a/qemu/cpu-exec.c +++ b/qemu/cpu-exec.c @@ -38,7 +38,6 @@ static void cpu_handle_debug_exception(CPUState *cpu); int cpu_exec(struct uc_struct *uc, CPUState *cpu) { CPUArchState *env = cpu->env_ptr; - TCGContext *tcg_ctx = env->uc->tcg_ctx; CPUClass *cc = CPU_GET_CLASS(uc, cpu); #ifdef TARGET_I386 X86CPU *x86_cpu = X86_CPU(uc, cpu); @@ -130,6 +129,7 @@ int cpu_exec(struct uc_struct *uc, CPUState *cpu) } last_tb = NULL; /* forget the last executed TB after exception */ + cpu->tb_flushed = false; /* reset before first TB lookup */ for(;;) { interrupt_request = cpu->interrupt_request; @@ -188,14 +188,12 @@ int cpu_exec(struct uc_struct *uc, CPUState *cpu) ret = EXCP_HLT; break; } - /* Note: we do it here to avoid a gcc bug on Mac OS X when - doing it in tb_find_slow */ - if (tcg_ctx->tb_ctx.tb_invalidated_flag) { - /* as some TB could have been invalidated because - of memory exceptions while generating the code, we - must recompute the hash index here */ + if (cpu->tb_flushed) { + /* Ensure that no TB jump will be modified as the + * translation buffer has been flushed. + */ last_tb = NULL; - tcg_ctx->tb_ctx.tb_invalidated_flag = 0; + cpu->tb_flushed = false; } /* See if we can patch the calling TB. */ if (last_tb && !qemu_loglevel_mask(CPU_LOG_TB_NOCHAIN)) { @@ -337,8 +335,6 @@ static TranslationBlock *tb_find_slow(CPUState *cpu, tb_page_addr_t phys_pc, phys_page1; target_ulong virt_page2; - tcg_ctx->tb_ctx.tb_invalidated_flag = 0; - /* find translated block using physical mappings */ phys_pc = get_page_addr_code(env, pc); // qq if (phys_pc == -1) { // invalid code? diff --git a/qemu/include/exec/exec-all.h b/qemu/include/exec/exec-all.h index 55272ccc..050fce33 100644 --- a/qemu/include/exec/exec-all.h +++ b/qemu/include/exec/exec-all.h @@ -297,8 +297,6 @@ struct TBContext { /* statistics */ int tb_flush_count; int tb_phys_invalidate_count; - - int tb_invalidated_flag; }; void tb_free(struct uc_struct *uc, TranslationBlock *tb); diff --git a/qemu/include/qom/cpu.h b/qemu/include/qom/cpu.h index 5b44e18e..ab8fcf69 100644 --- a/qemu/include/qom/cpu.h +++ b/qemu/include/qom/cpu.h @@ -256,6 +256,7 @@ struct CPUState { bool stop; bool stopped; bool crash_occurred; + bool tb_flushed; volatile sig_atomic_t exit_request; uint32_t interrupt_request; int singlestep_enabled; diff --git a/qemu/translate-all.c b/qemu/translate-all.c index f9b9b922..82d67d1e 100644 --- a/qemu/translate-all.c +++ b/qemu/translate-all.c @@ -919,6 +919,7 @@ void tb_flush(CPUState *cpu) tcg_ctx->tb_ctx.nb_tbs = 0; memset(cpu->tb_jmp_cache, 0, sizeof(cpu->tb_jmp_cache)); + cpu->tb_flushed = true; memset(tcg_ctx->tb_ctx.tb_phys_hash, 0, sizeof(tcg_ctx->tb_ctx.tb_phys_hash)); page_flush_tb(uc); @@ -1089,8 +1090,6 @@ void tb_phys_invalidate(struct uc_struct *uc, invalidate_page_bitmap(p); } - tcg_ctx->tb_ctx.tb_invalidated_flag = 1; - /* remove the TB from the hash list */ h = tb_jmp_cache_hash_func(tb->pc); if (cpu->tb_jmp_cache[h] == tb) { @@ -1279,8 +1278,6 @@ TranslationBlock *tb_gen_code(CPUState *cpu, /* cannot fail at this point */ tb = tb_alloc(env->uc, pc); assert(tb != NULL); - /* Don't forget to invalidate previous TB info. */ - tcg_ctx->tb_ctx.tb_invalidated_flag = 1; } gen_code_buf = tcg_ctx->code_gen_ptr; tb->tc_ptr = gen_code_buf;