On 31/03/16 17:06, Sergey Fedorov wrote: > It should be safe to invalidate a TB while some other CPU is executing > its translated code.
Probably it's not safe to invalidate a TB while some other thread is executing the translated code. Direct jumps to the TB being invalidated should be reset. In case of using direct jump method, native jump instruction should be patched in the translated code. There are some restrictions on modification of concurrently executing code, e.g. see section "3.4 Atomic Modification of Machine-Code Instructions" in [1]. For instance, only aligned, 8-byte atomic code modification are safe on AMD processors, otherwise we can wind up executing a corrupted instruction stream. I can't see i386 TCG backend does some alignment of the jump target when translating goto_tb TCG op. I suspect other TCG targets also have their limitations. Looks like we have to ensure all vCPUs are out of translated code when doing TB patching either doing tb_add_jump() or tb_phys_invalidate(). Did I missed something? [1] http://static.googleusercontent.com/media/research.google.com/en//pubs/archive/37204.pdf Kind regards, Sergey
