1 /* 2 * Host code generation 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * 6 * This library is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU Lesser General Public 8 * License as published by the Free Software Foundation; either 9 * version 2.1 of the License, or (at your option) any later version. 10 * 11 * This library is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 * Lesser General Public License for more details. 15 * 16 * You should have received a copy of the GNU Lesser General Public 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #include "qemu/osdep.h" 21 22 #include "trace.h" 23 #include "disas/disas.h" 24 #include "exec/exec-all.h" 25 #include "tcg/tcg.h" 26 #if defined(CONFIG_USER_ONLY) 27 #include "qemu.h" 28 #if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) 29 #include <sys/param.h> 30 #if __FreeBSD_version >= 700104 31 #define HAVE_KINFO_GETVMMAP 32 #define sigqueue sigqueue_freebsd /* avoid redefinition */ 33 #include <sys/proc.h> 34 #include <machine/profile.h> 35 #define _KERNEL 36 #include <sys/user.h> 37 #undef _KERNEL 38 #undef sigqueue 39 #include <libutil.h> 40 #endif 41 #endif 42 #else 43 #include "system/ram_addr.h" 44 #endif 45 46 #include "exec/cputlb.h" 47 #include "exec/page-protection.h" 48 #include "exec/mmap-lock.h" 49 #include "tb-internal.h" 50 #include "tlb-bounds.h" 51 #include "exec/translator.h" 52 #include "exec/tb-flush.h" 53 #include "qemu/bitmap.h" 54 #include "qemu/qemu-print.h" 55 #include "qemu/main-loop.h" 56 #include "qemu/cacheinfo.h" 57 #include "qemu/timer.h" 58 #include "exec/log.h" 59 #include "exec/icount.h" 60 #include "system/tcg.h" 61 #include "qapi/error.h" 62 #include "accel/tcg/cpu-ops.h" 63 #include "tb-jmp-cache.h" 64 #include "tb-hash.h" 65 #include "tb-context.h" 66 #include "tb-internal.h" 67 #include "internal-common.h" 68 #include "internal-target.h" 69 #include "tcg/perf.h" 70 #include "tcg/insn-start-words.h" 71 72 TBContext tb_ctx; 73 74 /* 75 * Encode VAL as a signed leb128 sequence at P. 76 * Return P incremented past the encoded value. 77 */ 78 static uint8_t *encode_sleb128(uint8_t *p, int64_t val) 79 { 80 int more, byte; 81 82 do { 83 byte = val & 0x7f; 84 val >>= 7; 85 more = !((val == 0 && (byte & 0x40) == 0) 86 || (val == -1 && (byte & 0x40) != 0)); 87 if (more) { 88 byte |= 0x80; 89 } 90 *p++ = byte; 91 } while (more); 92 93 return p; 94 } 95 96 /* 97 * Decode a signed leb128 sequence at *PP; increment *PP past the 98 * decoded value. Return the decoded value. 99 */ 100 static int64_t decode_sleb128(const uint8_t **pp) 101 { 102 const uint8_t *p = *pp; 103 int64_t val = 0; 104 int byte, shift = 0; 105 106 do { 107 byte = *p++; 108 val |= (int64_t)(byte & 0x7f) << shift; 109 shift += 7; 110 } while (byte & 0x80); 111 if (shift < TARGET_LONG_BITS && (byte & 0x40)) { 112 val |= -(int64_t)1 << shift; 113 } 114 115 *pp = p; 116 return val; 117 } 118 119 /* Encode the data collected about the instructions while compiling TB. 120 Place the data at BLOCK, and return the number of bytes consumed. 121 122 The logical table consists of TARGET_INSN_START_WORDS target_ulong's, 123 which come from the target's insn_start data, followed by a uintptr_t 124 which comes from the host pc of the end of the code implementing the insn. 125 126 Each line of the table is encoded as sleb128 deltas from the previous 127 line. The seed for the first line is { tb->pc, 0..., tb->tc.ptr }. 128 That is, the first column is seeded with the guest pc, the last column 129 with the host pc, and the middle columns with zeros. */ 130 131 static int encode_search(TranslationBlock *tb, uint8_t *block) 132 { 133 uint8_t *highwater = tcg_ctx->code_gen_highwater; 134 uint64_t *insn_data = tcg_ctx->gen_insn_data; 135 uint16_t *insn_end_off = tcg_ctx->gen_insn_end_off; 136 uint8_t *p = block; 137 int i, j, n; 138 139 for (i = 0, n = tb->icount; i < n; ++i) { 140 uint64_t prev, curr; 141 142 for (j = 0; j < TARGET_INSN_START_WORDS; ++j) { 143 if (i == 0) { 144 prev = (!(tb_cflags(tb) & CF_PCREL) && j == 0 ? tb->pc : 0); 145 } else { 146 prev = insn_data[(i - 1) * TARGET_INSN_START_WORDS + j]; 147 } 148 curr = insn_data[i * TARGET_INSN_START_WORDS + j]; 149 p = encode_sleb128(p, curr - prev); 150 } 151 prev = (i == 0 ? 0 : insn_end_off[i - 1]); 152 curr = insn_end_off[i]; 153 p = encode_sleb128(p, curr - prev); 154 155 /* Test for (pending) buffer overflow. The assumption is that any 156 one row beginning below the high water mark cannot overrun 157 the buffer completely. Thus we can test for overflow after 158 encoding a row without having to check during encoding. */ 159 if (unlikely(p > highwater)) { 160 return -1; 161 } 162 } 163 164 return p - block; 165 } 166 167 static int cpu_unwind_data_from_tb(TranslationBlock *tb, uintptr_t host_pc, 168 uint64_t *data) 169 { 170 uintptr_t iter_pc = (uintptr_t)tb->tc.ptr; 171 const uint8_t *p = tb->tc.ptr + tb->tc.size; 172 int i, j, num_insns = tb->icount; 173 174 host_pc -= GETPC_ADJ; 175 176 if (host_pc < iter_pc) { 177 return -1; 178 } 179 180 memset(data, 0, sizeof(uint64_t) * TARGET_INSN_START_WORDS); 181 if (!(tb_cflags(tb) & CF_PCREL)) { 182 data[0] = tb->pc; 183 } 184 185 /* 186 * Reconstruct the stored insn data while looking for the point 187 * at which the end of the insn exceeds host_pc. 188 */ 189 for (i = 0; i < num_insns; ++i) { 190 for (j = 0; j < TARGET_INSN_START_WORDS; ++j) { 191 data[j] += decode_sleb128(&p); 192 } 193 iter_pc += decode_sleb128(&p); 194 if (iter_pc > host_pc) { 195 return num_insns - i; 196 } 197 } 198 return -1; 199 } 200 201 /* 202 * The cpu state corresponding to 'host_pc' is restored in 203 * preparation for exiting the TB. 204 */ 205 void cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb, 206 uintptr_t host_pc) 207 { 208 uint64_t data[TARGET_INSN_START_WORDS]; 209 int insns_left = cpu_unwind_data_from_tb(tb, host_pc, data); 210 211 if (insns_left < 0) { 212 return; 213 } 214 215 if (tb_cflags(tb) & CF_USE_ICOUNT) { 216 assert(icount_enabled()); 217 /* 218 * Reset the cycle counter to the start of the block and 219 * shift if to the number of actually executed instructions. 220 */ 221 cpu->neg.icount_decr.u16.low += insns_left; 222 } 223 224 cpu->cc->tcg_ops->restore_state_to_opc(cpu, tb, data); 225 } 226 227 bool cpu_restore_state(CPUState *cpu, uintptr_t host_pc) 228 { 229 /* 230 * The host_pc has to be in the rx region of the code buffer. 231 * If it is not we will not be able to resolve it here. 232 * The two cases where host_pc will not be correct are: 233 * 234 * - fault during translation (instruction fetch) 235 * - fault from helper (not using GETPC() macro) 236 * 237 * Either way we need return early as we can't resolve it here. 238 */ 239 if (in_code_gen_buffer((const void *)(host_pc - tcg_splitwx_diff))) { 240 TranslationBlock *tb = tcg_tb_lookup(host_pc); 241 if (tb) { 242 cpu_restore_state_from_tb(cpu, tb, host_pc); 243 return true; 244 } 245 } 246 return false; 247 } 248 249 bool cpu_unwind_state_data(CPUState *cpu, uintptr_t host_pc, uint64_t *data) 250 { 251 if (in_code_gen_buffer((const void *)(host_pc - tcg_splitwx_diff))) { 252 TranslationBlock *tb = tcg_tb_lookup(host_pc); 253 if (tb) { 254 return cpu_unwind_data_from_tb(tb, host_pc, data) >= 0; 255 } 256 } 257 return false; 258 } 259 260 void page_init(void) 261 { 262 page_table_config_init(); 263 } 264 265 /* 266 * Isolate the portion of code gen which can setjmp/longjmp. 267 * Return the size of the generated code, or negative on error. 268 */ 269 static int setjmp_gen_code(CPUArchState *env, TranslationBlock *tb, 270 vaddr pc, void *host_pc, 271 int *max_insns, int64_t *ti) 272 { 273 int ret = sigsetjmp(tcg_ctx->jmp_trans, 0); 274 if (unlikely(ret != 0)) { 275 return ret; 276 } 277 278 tcg_func_start(tcg_ctx); 279 280 CPUState *cs = env_cpu(env); 281 tcg_ctx->cpu = cs; 282 cs->cc->tcg_ops->translate_code(cs, tb, max_insns, pc, host_pc); 283 284 assert(tb->size != 0); 285 tcg_ctx->cpu = NULL; 286 *max_insns = tb->icount; 287 288 return tcg_gen_code(tcg_ctx, tb, pc); 289 } 290 291 /* Called with mmap_lock held for user mode emulation. */ 292 TranslationBlock *tb_gen_code(CPUState *cpu, 293 vaddr pc, uint64_t cs_base, 294 uint32_t flags, int cflags) 295 { 296 CPUArchState *env = cpu_env(cpu); 297 TranslationBlock *tb, *existing_tb; 298 tb_page_addr_t phys_pc, phys_p2; 299 tcg_insn_unit *gen_code_buf; 300 int gen_code_size, search_size, max_insns; 301 int64_t ti; 302 void *host_pc; 303 304 assert_memory_lock(); 305 qemu_thread_jit_write(); 306 307 phys_pc = get_page_addr_code_hostp(env, pc, &host_pc); 308 309 if (phys_pc == -1) { 310 /* Generate a one-shot TB with 1 insn in it */ 311 cflags = (cflags & ~CF_COUNT_MASK) | 1; 312 } 313 314 max_insns = cflags & CF_COUNT_MASK; 315 if (max_insns == 0) { 316 max_insns = TCG_MAX_INSNS; 317 } 318 QEMU_BUILD_BUG_ON(CF_COUNT_MASK + 1 != TCG_MAX_INSNS); 319 320 buffer_overflow: 321 assert_no_pages_locked(); 322 tb = tcg_tb_alloc(tcg_ctx); 323 if (unlikely(!tb)) { 324 /* flush must be done */ 325 tb_flush(cpu); 326 mmap_unlock(); 327 /* Make the execution loop process the flush as soon as possible. */ 328 cpu->exception_index = EXCP_INTERRUPT; 329 cpu_loop_exit(cpu); 330 } 331 332 gen_code_buf = tcg_ctx->code_gen_ptr; 333 tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf); 334 if (!(cflags & CF_PCREL)) { 335 tb->pc = pc; 336 } 337 tb->cs_base = cs_base; 338 tb->flags = flags; 339 tb->cflags = cflags; 340 tb_set_page_addr0(tb, phys_pc); 341 tb_set_page_addr1(tb, -1); 342 if (phys_pc != -1) { 343 tb_lock_page0(phys_pc); 344 } 345 346 tcg_ctx->gen_tb = tb; 347 tcg_ctx->addr_type = TARGET_LONG_BITS == 32 ? TCG_TYPE_I32 : TCG_TYPE_I64; 348 #ifdef CONFIG_SOFTMMU 349 tcg_ctx->page_bits = TARGET_PAGE_BITS; 350 tcg_ctx->page_mask = TARGET_PAGE_MASK; 351 tcg_ctx->tlb_dyn_max_bits = CPU_TLB_DYN_MAX_BITS; 352 #endif 353 tcg_ctx->insn_start_words = TARGET_INSN_START_WORDS; 354 #ifdef TCG_GUEST_DEFAULT_MO 355 tcg_ctx->guest_mo = TCG_GUEST_DEFAULT_MO; 356 #else 357 tcg_ctx->guest_mo = TCG_MO_ALL; 358 #endif 359 360 restart_translate: 361 trace_translate_block(tb, pc, tb->tc.ptr); 362 363 gen_code_size = setjmp_gen_code(env, tb, pc, host_pc, &max_insns, &ti); 364 if (unlikely(gen_code_size < 0)) { 365 switch (gen_code_size) { 366 case -1: 367 /* 368 * Overflow of code_gen_buffer, or the current slice of it. 369 * 370 * TODO: We don't need to re-do tcg_ops->translate_code, nor 371 * should we re-do the tcg optimization currently hidden 372 * inside tcg_gen_code. All that should be required is to 373 * flush the TBs, allocate a new TB, re-initialize it per 374 * above, and re-do the actual code generation. 375 */ 376 qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT, 377 "Restarting code generation for " 378 "code_gen_buffer overflow\n"); 379 tb_unlock_pages(tb); 380 tcg_ctx->gen_tb = NULL; 381 goto buffer_overflow; 382 383 case -2: 384 /* 385 * The code generated for the TranslationBlock is too large. 386 * The maximum size allowed by the unwind info is 64k. 387 * There may be stricter constraints from relocations 388 * in the tcg backend. 389 * 390 * Try again with half as many insns as we attempted this time. 391 * If a single insn overflows, there's a bug somewhere... 392 */ 393 assert(max_insns > 1); 394 max_insns /= 2; 395 qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT, 396 "Restarting code generation with " 397 "smaller translation block (max %d insns)\n", 398 max_insns); 399 400 /* 401 * The half-sized TB may not cross pages. 402 * TODO: Fix all targets that cross pages except with 403 * the first insn, at which point this can't be reached. 404 */ 405 phys_p2 = tb_page_addr1(tb); 406 if (unlikely(phys_p2 != -1)) { 407 tb_unlock_page1(phys_pc, phys_p2); 408 tb_set_page_addr1(tb, -1); 409 } 410 goto restart_translate; 411 412 case -3: 413 /* 414 * We had a page lock ordering problem. In order to avoid 415 * deadlock we had to drop the lock on page0, which means 416 * that everything we translated so far is compromised. 417 * Restart with locks held on both pages. 418 */ 419 qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT, 420 "Restarting code generation with re-locked pages"); 421 goto restart_translate; 422 423 default: 424 g_assert_not_reached(); 425 } 426 } 427 tcg_ctx->gen_tb = NULL; 428 429 search_size = encode_search(tb, (void *)gen_code_buf + gen_code_size); 430 if (unlikely(search_size < 0)) { 431 tb_unlock_pages(tb); 432 goto buffer_overflow; 433 } 434 tb->tc.size = gen_code_size; 435 436 /* 437 * For CF_PCREL, attribute all executions of the generated code 438 * to its first mapping. 439 */ 440 perf_report_code(pc, tb, tcg_splitwx_to_rx(gen_code_buf)); 441 442 if (qemu_loglevel_mask(CPU_LOG_TB_OUT_ASM) && 443 qemu_log_in_addr_range(pc)) { 444 FILE *logfile = qemu_log_trylock(); 445 if (logfile) { 446 int code_size, data_size; 447 const tcg_target_ulong *rx_data_gen_ptr; 448 size_t chunk_start; 449 int insn = 0; 450 451 if (tcg_ctx->data_gen_ptr) { 452 rx_data_gen_ptr = tcg_splitwx_to_rx(tcg_ctx->data_gen_ptr); 453 code_size = (const void *)rx_data_gen_ptr - tb->tc.ptr; 454 data_size = gen_code_size - code_size; 455 } else { 456 rx_data_gen_ptr = 0; 457 code_size = gen_code_size; 458 data_size = 0; 459 } 460 461 /* Dump header and the first instruction */ 462 fprintf(logfile, "OUT: [size=%d]\n", gen_code_size); 463 fprintf(logfile, 464 " -- guest addr 0x%016" PRIx64 " + tb prologue\n", 465 tcg_ctx->gen_insn_data[insn * TARGET_INSN_START_WORDS]); 466 chunk_start = tcg_ctx->gen_insn_end_off[insn]; 467 disas(logfile, tb->tc.ptr, chunk_start); 468 469 /* 470 * Dump each instruction chunk, wrapping up empty chunks into 471 * the next instruction. The whole array is offset so the 472 * first entry is the beginning of the 2nd instruction. 473 */ 474 while (insn < tb->icount) { 475 size_t chunk_end = tcg_ctx->gen_insn_end_off[insn]; 476 if (chunk_end > chunk_start) { 477 fprintf(logfile, " -- guest addr 0x%016" PRIx64 "\n", 478 tcg_ctx->gen_insn_data[insn * TARGET_INSN_START_WORDS]); 479 disas(logfile, tb->tc.ptr + chunk_start, 480 chunk_end - chunk_start); 481 chunk_start = chunk_end; 482 } 483 insn++; 484 } 485 486 if (chunk_start < code_size) { 487 fprintf(logfile, " -- tb slow paths + alignment\n"); 488 disas(logfile, tb->tc.ptr + chunk_start, 489 code_size - chunk_start); 490 } 491 492 /* Finally dump any data we may have after the block */ 493 if (data_size) { 494 int i; 495 fprintf(logfile, " data: [size=%d]\n", data_size); 496 for (i = 0; i < data_size / sizeof(tcg_target_ulong); i++) { 497 if (sizeof(tcg_target_ulong) == 8) { 498 fprintf(logfile, 499 "0x%08" PRIxPTR ": .quad 0x%016" TCG_PRIlx "\n", 500 (uintptr_t)&rx_data_gen_ptr[i], rx_data_gen_ptr[i]); 501 } else if (sizeof(tcg_target_ulong) == 4) { 502 fprintf(logfile, 503 "0x%08" PRIxPTR ": .long 0x%08" TCG_PRIlx "\n", 504 (uintptr_t)&rx_data_gen_ptr[i], rx_data_gen_ptr[i]); 505 } else { 506 qemu_build_not_reached(); 507 } 508 } 509 } 510 fprintf(logfile, "\n"); 511 qemu_log_unlock(logfile); 512 } 513 } 514 515 qatomic_set(&tcg_ctx->code_gen_ptr, (void *) 516 ROUND_UP((uintptr_t)gen_code_buf + gen_code_size + search_size, 517 CODE_GEN_ALIGN)); 518 519 /* init jump list */ 520 qemu_spin_init(&tb->jmp_lock); 521 tb->jmp_list_head = (uintptr_t)NULL; 522 tb->jmp_list_next[0] = (uintptr_t)NULL; 523 tb->jmp_list_next[1] = (uintptr_t)NULL; 524 tb->jmp_dest[0] = (uintptr_t)NULL; 525 tb->jmp_dest[1] = (uintptr_t)NULL; 526 527 /* init original jump addresses which have been set during tcg_gen_code() */ 528 if (tb->jmp_reset_offset[0] != TB_JMP_OFFSET_INVALID) { 529 tb_reset_jump(tb, 0); 530 } 531 if (tb->jmp_reset_offset[1] != TB_JMP_OFFSET_INVALID) { 532 tb_reset_jump(tb, 1); 533 } 534 535 /* 536 * Insert TB into the corresponding region tree before publishing it 537 * through QHT. Otherwise rewinding happened in the TB might fail to 538 * lookup itself using host PC. 539 */ 540 tcg_tb_insert(tb); 541 542 /* 543 * If the TB is not associated with a physical RAM page then it must be 544 * a temporary one-insn TB. 545 * 546 * Such TBs must be added to region trees in order to make sure that 547 * restore_state_to_opc() - which on some architectures is not limited to 548 * rewinding, but also affects exception handling! - is called when such a 549 * TB causes an exception. 550 * 551 * At the same time, temporary one-insn TBs must be executed at most once, 552 * because subsequent reads from, e.g., I/O memory may return different 553 * values. So return early before attempting to link to other TBs or add 554 * to the QHT. 555 */ 556 if (tb_page_addr0(tb) == -1) { 557 assert_no_pages_locked(); 558 return tb; 559 } 560 561 /* 562 * No explicit memory barrier is required -- tb_link_page() makes the 563 * TB visible in a consistent state. 564 */ 565 existing_tb = tb_link_page(tb); 566 assert_no_pages_locked(); 567 568 /* if the TB already exists, discard what we just translated */ 569 if (unlikely(existing_tb != tb)) { 570 uintptr_t orig_aligned = (uintptr_t)gen_code_buf; 571 572 orig_aligned -= ROUND_UP(sizeof(*tb), qemu_icache_linesize); 573 qatomic_set(&tcg_ctx->code_gen_ptr, (void *)orig_aligned); 574 tcg_tb_remove(tb); 575 return existing_tb; 576 } 577 return tb; 578 } 579 580 /* user-mode: call with mmap_lock held */ 581 void tb_check_watchpoint(CPUState *cpu, uintptr_t retaddr) 582 { 583 TranslationBlock *tb; 584 585 assert_memory_lock(); 586 587 tb = tcg_tb_lookup(retaddr); 588 if (tb) { 589 /* We can use retranslation to find the PC. */ 590 cpu_restore_state_from_tb(cpu, tb, retaddr); 591 tb_phys_invalidate(tb, -1); 592 } else { 593 /* The exception probably happened in a helper. The CPU state should 594 have been saved before calling it. Fetch the PC from there. */ 595 CPUArchState *env = cpu_env(cpu); 596 vaddr pc; 597 uint64_t cs_base; 598 tb_page_addr_t addr; 599 uint32_t flags; 600 601 cpu_get_tb_cpu_state(env, &pc, &cs_base, &flags); 602 addr = get_page_addr_code(env, pc); 603 if (addr != -1) { 604 tb_invalidate_phys_range(addr, addr); 605 } 606 } 607 } 608 609 #ifndef CONFIG_USER_ONLY 610 /* 611 * In deterministic execution mode, instructions doing device I/Os 612 * must be at the end of the TB. 613 * 614 * Called by softmmu_template.h, with iothread mutex not held. 615 */ 616 void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr) 617 { 618 TranslationBlock *tb; 619 CPUClass *cc; 620 uint32_t n; 621 622 tb = tcg_tb_lookup(retaddr); 623 if (!tb) { 624 cpu_abort(cpu, "cpu_io_recompile: could not find TB for pc=%p", 625 (void *)retaddr); 626 } 627 cpu_restore_state_from_tb(cpu, tb, retaddr); 628 629 /* 630 * Some guests must re-execute the branch when re-executing a delay 631 * slot instruction. When this is the case, adjust icount and N 632 * to account for the re-execution of the branch. 633 */ 634 n = 1; 635 cc = cpu->cc; 636 if (cc->tcg_ops->io_recompile_replay_branch && 637 cc->tcg_ops->io_recompile_replay_branch(cpu, tb)) { 638 cpu->neg.icount_decr.u16.low++; 639 n = 2; 640 } 641 642 /* 643 * Exit the loop and potentially generate a new TB executing the 644 * just the I/O insns. We also limit instrumentation to memory 645 * operations only (which execute after completion) so we don't 646 * double instrument the instruction. Also don't let an IRQ sneak 647 * in before we execute it. 648 */ 649 cpu->cflags_next_tb = curr_cflags(cpu) | CF_MEMI_ONLY | CF_NOIRQ | n; 650 651 if (qemu_loglevel_mask(CPU_LOG_EXEC)) { 652 vaddr pc = cpu->cc->get_pc(cpu); 653 if (qemu_log_in_addr_range(pc)) { 654 qemu_log("cpu_io_recompile: rewound execution of TB to %016" 655 VADDR_PRIx "\n", pc); 656 } 657 } 658 659 cpu_loop_exit_noexc(cpu); 660 } 661 662 #endif /* CONFIG_USER_ONLY */ 663 664 /* 665 * Called by generic code at e.g. cpu reset after cpu creation, 666 * therefore we must be prepared to allocate the jump cache. 667 */ 668 void tcg_flush_jmp_cache(CPUState *cpu) 669 { 670 CPUJumpCache *jc = cpu->tb_jmp_cache; 671 672 /* During early initialization, the cache may not yet be allocated. */ 673 if (unlikely(jc == NULL)) { 674 return; 675 } 676 677 for (int i = 0; i < TB_JMP_CACHE_SIZE; i++) { 678 qatomic_set(&jc->array[i].tb, NULL); 679 } 680 } 681