On Thu, 14 May 2020 at 11:32, Jakob Bohm <jb-gnumli...@wisemo.com> wrote: > The one exception to this lack was instruction decoding, where certain > commonly used branch instructions were defined as implicitly picking up > any changes in instruction memory. This of cause corresponds to the TCG > checking for needed retranslation of buffers at those points.
As it happens, QEMU will force retranslation of a buffer for x86 guests even if they modify the immediately next insn, rather than only picking up the change at the next branch. The x86 target sets TARGET_HAS_PRECISE_SMC, which enables some extra code that stops execution of the CPU when a write to the current TB is detected; all other targets don't set this, because architecturally it's OK for them to finish execution of the current TB before picking up the changed code. More generally, we detect self-modifying code by trapping writes to areas of memory which we've translated code from, rather than by doing things on the guest CPU events like icache-flush which the h/w uses to handle SMC. thanks -- PMM