On Tue, Jan 23, 2024 at 11:02 PM Alex Bennée <alex.ben...@linaro.org> wrote:
> However I would note that TranslationBlock has the comment:
>
> * jmp_lock also protects the CF_INVALID cflag; a jump must not be chained
> * to a destination TB that has CF_INVALID set.
>
> which I don't think holds true.
It does, both
/* make sure the destination TB is valid */
if (tb_next->cflags & CF_INVALID) {
goto out_unlock_next;
}
and
qatomic_set(&tb->cflags, tb->cflags | CF_INVALID);
are protected by jmp_lock. And if something is chaining to a
CF_INVALID translation block before tb_phys_invalidate() sets the
flag, it is cleaned up by
tb_remove_from_jmp_list(tb, 0);
tb_remove_from_jmp_list(tb, 1);
tb_jmp_unlink(tb);
before tb_phys_invalidate() returns.
Paolo
