Emilio G. Cota <c...@braap.org> writes:
> The appended fixes it for me. Can you please test?
> [ apply with `git am --scissors' ]
>
> Thanks,
>
> Emilio
>
> ---- 8< ----
>
> Commit e75449a3 ("target/aarch64: optimize indirect branches") causes
> a regression by which aarch64 guests freeze under TCG with -smp > 1,
> even with `-accel accel=tcg,thread=single' (i.e. MTTCG disabled).
>
> I isolated the problem to the MSR handler. This patch forces an exit
> after the handler is executed, which fixes the regression.
>
> Signed-off-by: Emilio G. Cota <c...@braap.org>
Tested-by: Alex Bennée <alex.ben...@linaro.org>
But what exactly is the mechanism here? DISAS_UPDATE should have ensured
that the PC was updated before we get to the helper. Is this a case of
msr_i_pstate somehow getting missed or not causing a flag update which
confuses the next TB calculation?
> ---
> target/arm/translate-a64.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
> index 860e279..5a609a0 100644
> --- a/target/arm/translate-a64.c
> +++ b/target/arm/translate-a64.c
> @@ -1422,7 +1422,7 @@ static void handle_msr_i(DisasContext *s, uint32_t insn,
> gen_helper_msr_i_pstate(cpu_env, tcg_op, tcg_imm);
> tcg_temp_free_i32(tcg_imm);
> tcg_temp_free_i32(tcg_op);
> - s->is_jmp = DISAS_UPDATE;
> + s->is_jmp = DISAS_EXIT;
> break;
> }
> default:
> @@ -11362,6 +11362,10 @@ void gen_intermediate_code_a64(ARMCPU *cpu,
> TranslationBlock *tb)
> case DISAS_NEXT:
> gen_goto_tb(dc, 1, dc->pc);
> break;
> + case DISAS_EXIT:
> + gen_a64_set_pc_im(dc->pc);
> + tcg_gen_exit_tb(0);
> + break;
> default:
> case DISAS_UPDATE:
> gen_a64_set_pc_im(dc->pc);
--
Alex Bennée
