On Wed, Mar 16, 2022 at 5:26 AM Idan Horowitz <idan.horow...@gmail.com> wrote:
>
> If the pages which control the translation of the currently executing
> instructions are changed, and then the TLB is flushed using sfence.vma
> we have to exit the current TB early, to ensure we don't execute stale
> instructions.
>
> Signed-off-by: Idan Horowitz <idan.horow...@gmail.com>
Thanks!
Applied to riscv-to-apply.next
Alistair
> ---
> target/riscv/insn_trans/trans_privileged.c.inc | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/target/riscv/insn_trans/trans_privileged.c.inc
> b/target/riscv/insn_trans/trans_privileged.c.inc
> index 53613682e8..f265e8202d 100644
> --- a/target/riscv/insn_trans/trans_privileged.c.inc
> +++ b/target/riscv/insn_trans/trans_privileged.c.inc
> @@ -114,6 +114,13 @@ static bool trans_sfence_vma(DisasContext *ctx,
> arg_sfence_vma *a)
> {
> #ifndef CONFIG_USER_ONLY
> gen_helper_tlb_flush(cpu_env);
> + /*
> + * The flush might have changed the backing physical memory of
> + * the instructions we're currently executing
> + */
> + gen_set_pc_imm(ctx, ctx->pc_succ_insn);
> + tcg_gen_exit_tb(NULL, 0);
> + ctx->base.is_jmp = DISAS_NORETURN;
> return true;
> #endif
> return false;
> --
> 2.35.1
>
>
