Previously we allowed fully unaligned operations, but not operations
that are aligned but with less alignment than the operation size.
In addition, arm32, ia64, mips, and sparc had been omitted from the
previous overalignment patch, which would have led to that alignment
being enforced.
Backports commit 85aa80813dd9f5c1f581c743e45678a3bee220f8 from qemu
Unused function declarations were found using a simple gcc plugin and
manually verified by grepping the sources.
Backports commit d4b84d564ee3eb7a58e4585d671fb3c220b6c3b9 from qemu
Rather than rely on recursion during the middle of register allocation,
lower indirect registers to loads and stores off the indirect base into
plain temps.
For an x86_64 host, with sufficient registers, this results in identical
code, modulo the actual register assignments.
For an i686 host, with insufficient registers, this means that temps can
be (temporarily) spilled to the stack in order to satisfy an allocation.
This as opposed to the possibility of not being able to spill, to allocate
a register for the indirect base, in order to perform a spill.
Backports commit 5a18407f55ade924aa6397c9a043a9ffd59645fe from qemu
We only need two bits per temporary. Fold the two bytes into one,
and reduce the memory and cachelines required during compilation.
Backports commit c70fbf0a9938baf3b4f843355a77c17a7e945b98 from qemu
Reduce the size of other bitfields to make room.
This reduces the cache footprint of compilation.
Backports commit bee158cb4dde35c41632a3a129c869f14a32f8f0 from qemu
Instead of using -1 as end of chain, use 0, and link through the 0
entry as a fully circular double-linked list.
Backports commit dcb8e75870e2de199db853697f8839cb603beefe from qemu
This reduces both memory usage and per-insn cacheline usage
during code generation.
Backports commit a1b3c48d2b23d6eaeb4529d3e1183d2648731bf8 from qemu
Assertions help both Coverity and the clang static analyzer avoid
false positives, but on the other hand both are confused when
the condition is compiled as (void)(x != FOO). Always expand
assertion macros when using Coverity or clang, through a new
QEMU_STATIC_ANALYSIS preprocessor symbol.
This fixes a couple false positives in TCG.
Backports commit 8bff06a0bbf257a2083223534c1607bf87d913e6 from qemu
Knowing the value of %asi at translation time means that we
can handle the common settings without a function call.
The steady state appears to be %asi == ASI_P, so that sparcv9
code can use offset forms of lda/sta. The %asi register gets
pushed and popped on entry to certain functions, but it rarely
takes on values other than ASI_P or ASI_AIUP. Therefore we're
unlikely to be expanding the set of TBs created.
Backports commit a6d567e523ed7e928861f3caa5d49368af3f330d from qemu
The global is only ever read for one insn; we can just as well
use a load from env instead and generate the same code. This
also allows us to indicate the the associated helpers do not
touch TCG globals.
Backports commit e86ceb0d652baa5738e05a59ee0e7989dafbeaa1 from qemu
These use guard symbols like TCG_TARGET_$target.
scripts/clean-header-guards.pl doesn't like them because they don't
match their file name (they should, to make guard collisions less
likely).
Clean them up: use guard symbol $target_TCG_TARGET_H for
tcg/$target/tcg-target.h.
Backports commit 14e54f8ecfe9c5e17348f456781344737ed10b3b from qemu
Some architectures (e.g. ARMv8) need the address which is aligned
to a size more than the size of the memory access.
To support such check it's enough the current costless alignment
check implementation in QEMU, but we need to support
an alignment size specifying.
Backports commit 1f00b27f17518a1bcb4cedca49eaec96a4d560bd from qemu
While we can store constants via constrants on INDEX_op_st_i32 et al,
we weren't able to spill constants to backing store.
Add a new backend interface, tcg_out_sti, which may store the constant
(and is allowed to fail). Rearrange the temp_* helpers so that we only
attempt to directly store a constant when the temp is becoming dead/free.
Backports commit 59d7c14eeff8d2ad7f61aed86ce5a176113bc153 from qemu
Information is tracked inside the TCGContext structure, and later used
by tracing events with the 'tcg' and 'vcpu' properties.
The 'cpu' field is used to check tracing of translation-time
events ("*_trans"). The 'tcg_env' field is used to pass it to
execution-time events ("*_exec").
Backports commit 7c2550432abe62f53e6df878ceba6ceaf71f0e7e from qemu
exec-all.h contains TCG-specific definitions. It is not needed outside
TCG-specific files such as translate.c, exec.c or *helper.c.
One generic function had snuck into include/exec/exec-all.h; move it to
include/qom/cpu.h.
Backports commit 63c915526d6a54a95919ebece83fa9ca631b2508 from qemu
TCG backends do not need most of exec-all.h; extract what they actually
need to a separate file or move it directly to tcg.h. The next patch
will stop including exec-all.h from everywhere.
Backports commit 00f6da6a1a5d1ce085334eccbb50ec899ceed513 from qemu
The value returned from tcg_qemu_tb_exec() is the value passed to the
corresponding tcg_gen_exit_tb() at translation time of the last TB
attempted to execute. It is a little confusing to store it in a variable
named 'next_tb'. In fact, it is a combination of 4-byte aligned pointer
and additional information in its two least significant bits. Break it
down right away into two variables named 'last_tb' and 'tb_exit' which
are a pointer to the last TB attempted to execute and the TB exit
reason, correspondingly. This simplifies the code and improves its
readability.
Correct a misleading documentation comment for tcg_qemu_tb_exec() and
fix logging in cpu_tb_exec(). Also rename a misleading 'next_tb' in
another couple of places.
Backports commit 819af24b9c1e95e6576f1cefd32f4d6bf56dfa56 from qemu
In user mode, there's only a static address translation, TBs are always
invalidated properly and direct jumps are reset when mapping change.
Thus the destination address is always valid for direct jumps and
there's no need to restrict it to the pages the TB resides in.
Backports commit 90aa39a1cc4837360889f0e033ca25cc82100308 from qemu
We don't take care of direct jumps when address mapping changes. Thus we
must be sure to generate direct jumps so that they always keep valid
even if address mapping changes. Luckily, we can only allow to execute a
TB if it was generated from the pages which match with current mapping.
Document tcg_gen_goto_tb() declaration and note the reason for
destination PC limitations.
Some targets with variable length instructions allow TB to straddle a
page boundary. However, we make sure that both of TB pages match the
current address mapping when looking up TBs. So it is safe to do direct
jumps into the both pages. Correct the checks for some of those targets.
Given that, we can safely patch a TB which spans two pages. Remove the
unnecessary check in cpu_exec() and allow such TBs to be patched.
Backports commit 5b053a4a28278bca606eeff7d1c0730df1b047e9 from qemu
Briefly describe in a comment how direct block chaining is done. It
should help in understanding of the following data fields.
Rename some fields in TranslationBlock and TCGContext structures to
better reflect their purpose (dropping excessive 'tb_' prefix in
TranslationBlock but keeping it in TCGContext):
tb_next_offset => jmp_reset_offset
tb_jmp_offset => jmp_insn_offset
tb_next => jmp_target_addr
jmp_next => jmp_list_next
jmp_first => jmp_list_first
Avoid using a magic constant as an invalid offset which is used to
indicate that there's no n-th jump generated.
Backports commit f309101c26b59641fc1aa8fb2a98a5441cdaea03 from qemu
Ensure direct jump patching in MIPS is atomic by using
atomic_read()/atomic_set() for code patching.
Backports commit c82460a560176ef69c2f0662bd280612e274db96 from qemu
Ensure direct jump patching in SPARC is atomic by using
atomic_read()/atomic_set() for code patching.
Backports commit 84f79fb7c6e857edc807e4a251338243ce0cbac3 from qemu
Ensure direct jump patching in AArch64 is atomic by using
atomic_read()/atomic_set() for code patching.
Backports commit 9e269112953be4d670cb0d25042bd6546fcf3e45 from qemu
Ensure direct jump patching in ARM is atomic by using
atomic_read()/atomic_set() for code patching.
Backports commit 7d14e0e2d661479985197203589c38840e1066df from qemu
Ensure direct jump patching in s390 is atomic by:
* naturally aligning a location of direct jump address;
* using atomic_read()/atomic_set() for code patching.
Backports commit ed3d51ecd7fe248d3959e469d53890ac9ffe0cd2 from qemu
Ensure direct jump patching in i386 is atomic by:
* naturally aligning a location of direct jump address;
* using atomic_read()/atomic_set() for code patching.
Backports commit 0d07abf05e98903c7faf204a9a90f7d45b7554dc from qemu
Add tcg_set_insn_param as a mechanism to modify an insn
parameter after emiting the insn. This is useful for icount
and also for embedding fault information for a specific insn.
Backports commit 1d41478fd428e01f057d3248292e4cdcdb048523 from qemu
The TCG code is quite performance sensitive, but at the same time can
also be quite tricky. That is why asserts that can be enabled with the
--enable-debug-tcg configure option.
This used to work the following way:
| #include "config.h"
|
| ...
|
| #if !defined(CONFIG_DEBUG_TCG) && !defined(NDEBUG)
| /* define it to suppress various consistency checks (faster) */
| #define NDEBUG
| #endif
|
| ...
|
| #include <assert.h>
Since commit 757e725b (tcg: Clean up includes) "config.h" as been
replaced by "qemu/osdep.h" which itself includes <assert.h>. As a
consequence the assertions are always enabled, even when using
--disable-debug-tcg, causing a performance regression, especially on
targets with many registers. For instance on qemu-system-ppc the
speed difference is about 15%.
tcg_debug_assert is controlled directly by CONFIG_DEBUG_TCG and already
uses in some places. This patch replaces all the calls to assert into
calss to tcg_debug_assert.
Backports commit eabb7b91b36b202b4dac2df2d59d698e3aff197a from qemu
The MIPS TCG backend is the only one to have
tcg_target_reg_alloc_order[] elements of type TCGReg rather than int.
This resulted in commit 91478cefaaf2 ("tcg: Allocate indirect_base
temporaries in a different order") breaking the build on MIPS since the
type differed from indirect_reg_alloc_order[]:
tcg/tcg.c:1725:44: error: pointer type mismatch in conditional expression [-Werror]
order = rev ? indirect_reg_alloc_order : tcg_target_reg_alloc_order;
^
Make it an array of ints to fix the build and match other architectures.
Backports commit 2dc7553d0c0a3915c649e1a91b0f0be70b4674b3 from qemu
qemu-log: dfilter-ise exec, out_asm, op and opt_op
This ensures the code generation debug code will honour -dfilter if set.
For the "exec" tracing I've added a new inline macro for efficiency's
sake.
Backports commit d977e1c2dbc9e63454b2000f91954d02543bf43b from qemu
My later debugging patches need access to the origin PC which is held in
the TranslationBlock structure. Pass down the whole structure as it also
holds the information about the code start point.
Backports commit 5bd2ec3d7b47b2252745882795d79aef36380fb7 from qemu
Move declarations out of qemu-common.h for functions declared in
utils/ files: e.g. include/qemu/path.h for utils/path.c.
Move inline functions out of qemu-common.h and into new files (e.g.
include/qemu/bcd.h)
Backports commit f348b6d1a53e5271cf1c9f9acc4646b4b98c1771 from qemu
