Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx

From:	alvise rigo
Subject:	Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx
Date:	Fri, 11 Mar 2016 12:08:49 +0100

Hi Paolo,

On Mon, Mar 7, 2016 at 10:18 PM, Paolo Bonzini <address@hidden> wrote:
>
>
> On 04/03/2016 15:28, alvise rigo wrote:
>> A small update on this. I have a working implementation of the "halted
>> state" mechanism for waiting all the pending flushes to be completed.
>> However, the way I'm going back to the cpus.c loop (the while(1) in
>> qemu_tcg_cpu_thread_fn) is a bit convoluted. In the case of the TLB ops
>> that always end the TB, a simple cpu_exit() allows me to go back to the
>> main loop. I think in this case we can also use the cpu_loop_exit(),
>> though making the code a bit more complicated since the PC would require
>> some adjustments.
>
> I think in both cases the function to use is cpu_loop_exit_restore.  It
> will restart execution of the current instruction so it should be fine
> as long as you don't call it unconditionally.

Indeed, cpu_loop_exit_restore() works just fine for those helpers that
do not return any value, thank you.

>
> If you're not calling it directly from the helper, you need to save
> GETPC() in the helper and propagate it down to the call site.  Then the
> call site can use it as the last argument.  For an example see
> helper_ljmp_protected's call to switch_tss_ra in target-i386/seg_helper.c.
>
>> I wanted then to apply the same "halted state" to the LoadLink helper,
>> since also this one might cause some flush requests.
>
> Interesting, where is this documented in the ARM ARM?

I'm referring to the usual flush requests that a LL(x) operation might
issue in order to have all the VCPUs agreeing on "x is an exclusive
address". Adding the halted state we ensure that the calling VCPU
resumes its execution after all the other VCPUs have set the TLB_EXCL
flag (this should also fix the race condition you were worried about).

>
>> In this case, we
>> can not just call cpu_loop_exit() in that the guest code would miss the
>> returned value. Forcing the LDREX instruction to also end the TB through
>> an empty 'is_jmp' condition did the trick allowing once again to use
>> cpu_exit(). Is there another better solution?
>
> Perhaps cpu_loop_exit_restore()?

For some reason this is not working to exit from helper_ldlink_name in
softmmu_llsc_template.h (the method returns a "WORD_TYPE"). The
execution in the guest is brought to an infinite loop, most likely
because of a deadlock due to an improper emulation of LDREX and STREX.
In any case the cpu_exit() solution still works with the downside of a
slightly bigger overhead in exiting/entering the TB.

Thank you,
alvise

>
> Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx, alvise rigo, 2016/03/04
- Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx, Alex Bennée, 2016/03/07
- Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx, Paolo Bonzini, 2016/03/07
  - Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx, alvise rigo <=

Prev by Date: Re: [Qemu-devel] [PATCH] Replacing (and removing) get_ticks_per_sec() function with NANOSECONDS_PER_SECOND Signed-off-by: Rutuja Shah <address@hidden>
Next by Date: [Qemu-devel] [PATCH v2] hw: fix error reporting for missing option ROMs
Previous by thread: Re: [Qemu-devel] [mttcg] cputlb: Use async tlb_flush_by_mmuidx
Next by thread: [Qemu-devel] [PATCH][Outreachy] Signed-off-by: Sarah Khan <address@hidden>
Index(es):
- Date
- Thread