On 11/20/2017 07:08 PM, Peter Maydell wrote: > To do a write to memory that is marked as notdirty, we need > to invalidate any TBs we have cached for that memory, and > update the cpu physical memory dirty flags for VGA and migration. > The slowpath code in notdirty_mem_write() does all this correctly, > but the new atomic handling code in atomic_mmu_lookup() doesn't > do anything at all, it just clears the dirty bit in the TLB. > > The effect of this bug is that if the first write to a notdirty > page for which we have cached TBs is by a guest atomic access, > we fail to invalidate the TBs and subsequently will execute > incorrect code. This can be seen by trying to run 'javac' on AArch64. > > Use the new notdirty_call_before() and notdirty_call_after() > functions to correctly handle the update to notdirty memory > in the atomic codepath. > > Cc: qemu-sta...@nongnu.org > Signed-off-by: Peter Maydell <peter.mayd...@linaro.org> > --- > accel/tcg/atomic_template.h | 12 ++++++++++++ > accel/tcg/cputlb.c | 38 +++++++++++++++++++++++++------------- > accel/tcg/user-exec.c | 1 + > 3 files changed, 38 insertions(+), 13 deletions(-)
Reviewed-by: Richard Henderson <richard.hender...@linaro.org> r~
