Generating a new interrupt in TCG (aarch64)

[Nikolay Nerovnyy]

Hello,

I am doing a concurrency research of OS guests in full system emulation under 
QEMU, namely for AArch64 target.
For my activities, I would like to force yielding of el0 application. If the 
guest is Linux, it is a call to sched_yield syscall (#124).
For some reason, I don't want to directly instrument the guest userspace code 
-- I need to call this syscall for an arbitrary service/application inside the 
guest, not only for instrumented one.

I am trying to directly change the TCG part: when I see an instruction in which 
I want to call guest kernel (e.g. every 100th ld*/st*), I additionally generate 
instructions to save registers on stack, provide needed value to x8 register, 
generate interrupt, and then restore registers.
Sometimes this approach works, but ultimately I always ended up with an illegal 
memory access inside the guest el0.

Now I assume that I cannot simply generate additional instructions after the 
generating of an interrupt; instead, I need to restore the registers from a 
stack on the next program counter that will be hit after return from the svc.
I also have doubts that I must somehow manipulate the translation block, i.e. 
discard/translate again or something similar.

I would like to ask if somebody have experience in that area or if somebody can 
give me useful suggestions.

Nikolay Nerovny