accel/tcg: Cap the translation block when we encounter mmio

Do not allow translation to proceed beyond one insn with mmio,
as we will not be caching the TranslationBlock.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
index 0848026935a07478c204ce4a1f3820201f2955ee..18138c61e19fae83e3ade30e8d6a92ca719d08eb 100644 (file)
--- a/accel/tcg/translator.c
+++ b/accel/tcg/translator.c
@@ -240,6 +240,8 @@ static bool translator_ld(CPUArchState *env, DisasContextBase *db,
 
     /* Use slow path if first page is MMIO. */
     if (unlikely(tb_page_addr0(tb) == -1)) {
+        /* We capped translation with first page MMIO in tb_gen_code. */
+        tcg_debug_assert(db->max_insns == 1);
         return false;
     }
 
@@ -288,6 +290,8 @@ static bool translator_ld(CPUArchState *env, DisasContextBase *db,
         if (unlikely(new_page1 == -1)) {
             tb_unlock_pages(tb);
             tb_set_page_addr0(tb, -1);
+            /* Require that this be the final insn. */
+            db->max_insns = db->num_insns;
             return false;
         }