[0/1] util/cacheflush: Make first DSB unconditional on aarch64

Message

Joe Komlodi March 10, 2025, 8:36 p.m. UTC

Hi all,

This fixes some TCG TB corruption we would occasionally see on aarch64
hosts in certain situations. Specifically, if the host had CTR_EL0.DIC
and CTR_EL0.IDC set, and if the TBs generated were very small, the
instructions in the TB would sometimes be garbage. This would mostly
result in a SIGILL when executing the TB, or sometimes a SIGSEGV if the
garbage instruction was to branch to a garbage address.

If a host has CTR_EL0.DIC and CTR_EL0.IDC set, the aarch64 cache
maintenance function doesn't execute a DSB, which seems to be the cause
of the corruption. I think it's because the ISB guarantees that the
instructions will be executed, but doesn't guarantee that any
outstanding writes will be fully committed.
This only seemed to happen on very small TBs, which I'm guessing is
because there's much fewer instructions between the TB being generated and
executed, which could lead to writes not being committed before execution.

This function is intended to be a copy of the upstream gcc one, which
does an unconditional DSB, so we can fix this by just doing that as well.

Thanks!
Joe

Joe Komlodi (1):
  util/cacheflush: Make first DSB unconditional on aarch64

 util/cacheflush.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)