Commit graph

435 commits

Author SHA1 Message Date
Richard Henderson 1d6c4f1a42
tcg/arm: Implement goto_ptr
Backports commit 085c648bef7301eabe7d4a3301c8d012ae4423b8 from qemu
2018-03-03 14:18:41 -05:00
Richard Henderson 3b02642372
tcg/arm: Clarify tcg_out_bx for arm4 host
In theory this would re-enable usage of QEMU on an armv4 host.
Whether this is worthwhile is debatable -- we've been unconditionally
issuing the armv5t BX instruction in the prologue since 2011 without
complaint. Possibly we should simply require an armv6 host.

Backports commit 702a947484eb3e615183dafc93de590ab0679f60 from qemu
2018-03-03 14:17:13 -05:00
Richard Henderson d496bb6150
tcg/s390: Implement goto_ptr
Backports commit 46644483cae978c734460131bb1d9071f813b287 from qemu
2018-03-03 14:16:03 -05:00
Richard Henderson f0420c3427
tcg/sparc: Implement goto_ptr
Backports commit 38f81dc5938fb7025531c5ed602afd41fef799a7 from qemu
2018-03-03 14:14:32 -05:00
Richard Henderson 81f1aae572
tcg/aarch64: Implement goto_ptr
Measurements:

SPECint06 (test set), x86_64-linux-user. Host: APM 64-bit ARMv8 (Atlas/A57) @ 2.4 GHz

1.45x +-+-------------------------------------------------------------------------------------------------------------+-+
| ***** |
| +++ * * +goto-ptr |
1.4x +-+...*****............................*...*....................................................................+-+
| *+++* * * +++ |
1.35x +-+...*...*............................*...*...........................*****....................................+-+
| * * * * *+++* |
| * * * * * * |
1.3x +-+...*...*............................*...*...........................*...*....................................+-+
| * * * * * * |
| * * * * * * ***** |
1.25x +-+...*...*...........*****............*...*...........................*...*............*****...*...*...........+-+
| * * * * * * * * *+++* * * |
1.2x +-+...*...*...........*...*............*...*...........................*...*............*...*...*...*...........+-+
| * * * * * * * * * * * * |
| * * * * * * * * * * * * ***** |
1.15x +-+...*...*...........*...*............*...*...........................*...*............*...*...*...*...*...*...+-+
| * * * * * * * * +++ * * * * * * |
| * * * * * * * * ***** * * * * * * |
1.1x +-+...*...*...........*...*....*****...*...*...*****...................*...*...*...*....*...*...*...*...*...*...+-+
| * * * * * * * * * * * * * * * * * * * * |
1.05x +-+...*...*...........*...*....*...*...*...*...*...*...................*...*...*...*....*...*...*...*...*...*...+-+
| * * ***** * * * * * * * * * * * * * * * * * * |
| * * * * * * * * * * * * ***** ***** * * * * * * * * * * |
1x +-+---*****---*****---*****----*****---*****---*****---*****---*****---*****---*****----*****---*****---*****---+-+
astar bzip2 gcc gobmk h264ref hmmlibquantum mcf omnetpperlbench sjenxalancbmk hmean
png: http://imgur.com/en9HE8L

Backports commit b19f0c2e7d344d4d62daf554951acdb6c94a34b0 from qemu
2018-03-03 14:13:09 -05:00
Emilio G. Cota e4dfb7f807
tcg/i386: implement goto_ptr
Backports commit 5cb4ef80f65252dd85b86fa7f3c985015423d670 from qemu
2018-03-02 21:08:38 -05:00
Emilio G. Cota 8f4f15e5f5
tcg: Introduce goto_ptr opcode and tcg_gen_lookup_and_goto_ptr
Instead of exporting goto_ptr directly to TCG frontends, export
tcg_gen_lookup_and_goto_ptr(), which calls goto_ptr with the pointer
returned by the lookup_tb_ptr() helper. This is the only use case
we have for goto_ptr and lookup_tb_ptr, so having this function is
very convenient. Furthermore, it trivially allows us to avoid calling
the lookup helper if goto_ptr is not implemented by the backend.

Backports commit cedbcb01529cb6cf9a2289cdbebbc63f6149fc18 from qemu
2018-03-02 21:05:18 -05:00
Aurelien Jarno 00ebbae128
tcg/mips: fix field extraction opcode
The "msb" argument should correspond to (len - 1).

Backports commit 2f5a5f5774d95baacf86c03aa8a77a2d0390f2b2 from qemu
2018-03-02 18:59:12 -05:00
Richard Henderson 69116abafc
tcg: Initialize return value after exit_atomic
Users of tcg_gen_atomic_cmpxchg and do_atomic_op rightfully utilize
the output. Even though this code is dead, it gets translated, and
without the initialization we encounter a tcg_error.

Backports commit 79b1af906245558c30e0a5faf26cb52b63f83cce from qemu
2018-03-02 18:59:11 -05:00
Peter Maydell b8b70dfcd2
Drop QEMU_GNUC_PREREQ() checks for gcc older than 4.1
We already require gcc 4.1 or newer (for the atomic
support), so the fallback codepaths for older gcc
versions than that are now dead code and we can
just delete them.

NB: clang reports itself as gcc 4.2 (regardless of
clang version), so clang won't be using the fallbacks
either.

Backports commit fa54abb8c298f892639ffc4bc2f61448ac3be4a1 from qemu
2018-03-02 18:59:05 -05:00
Peter Maydell 008a235b5e
tcg/sparc: Zero extend address argument to ld/st helpers
The C store helper functions take the address argument as a
target_ulong type; if this is 32 bit but the host is 64 bit
then the SPARC calling convention requires that the caller
must zero extend the value. We weren't doing this, which
meant we could pass values to the caller with high bits set
and QEMU would crash if it was compiled with optimizations.
In particular, the i386 BIOS would not start.

Backports commit 5c32be5baf41aec4f4675d2bf24f9948756abf3c from qemu
2018-03-02 14:25:17 -05:00
Peter Maydell 40718df109
tcg/sparc: Zero extend data argument to store helpers
The C store helper functions take the data argument as a uint8_t,
uint16_t, etc depending on the store size. The SPARC calling
convention requires that data types smaller than the register
size must be extended by the caller. We weren't doing this,
which meant that if QEMU was compiled with optimizations enabled
we could end up storing incorrect values to guest memory.
(In particular the i386 guest BIOS would crash on startup.)

Add code to the trampolines that call the store helpers to
do the zero extension as required.

Backports commit 709a340d679d95a0c6cbb9b5f654498f04345b50 from qemu
2018-03-02 14:24:24 -05:00
Pranith Kumar ee609fa59f
aarch64: Change ext type to TCGType to fix warnings
To fix the following warnings:

In file included from /users/pranith/qemu/tcg/tcg.c:255:
/users/pranith/qemu/tcg/aarch64/tcg-target.inc.c:879:24: warning: implicit conversion from enumeration type 'TCGMemOp' (aka 'enum TCGMemOp') to different enumeration type 'TCGType' (aka 'enum TCGType')
[-Wenum-conversion]
tcg_out_cmp(s, ext, a, b, b_const);
~~~~~~~~~~~ ^~~
/users/pranith/qemu/tcg/aarch64/tcg-target.inc.c:893:36: warning: implicit conversion from enumeration type 'TCGMemOp' (aka 'enum TCGMemOp') to different enumeration type 'TCGType' (aka 'enum TCGType')
[-Wenum-conversion]
tcg_out_insn(s, 3201, CBZ, ext, a, offset);
~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
/users/pranith/qemu/tcg/aarch64/tcg-target.inc.c:389:65: note: expanded from macro 'tcg_out_insn'
glue(tcg_out_insn_,FMT)(S, glue(glue(glue(I,FMT),_),OP), ## __VA_ARGS__)
^
/users/pranith/qemu/tcg/aarch64/tcg-target.inc.c:895:37: warning: implicit conversion from enumeration type 'TCGMemOp' (aka 'enum TCGMemOp') to different enumeration type 'TCGType' (aka 'enum TCGType')
[-Wenum-conversion]
tcg_out_insn(s, 3201, CBNZ, ext, a, offset);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
/users/pranith/qemu/tcg/aarch64/tcg-target.inc.c:389:65: note: expanded from macro 'tcg_out_insn'
glue(tcg_out_insn_,FMT)(S, glue(glue(glue(I,FMT),_),OP), ## __VA_ARGS__)
^
/users/pranith/qemu/tcg/aarch64/tcg-target.inc.c:1610:27: warning: implicit conversion from enumeration type 'TCGType' (aka 'enum TCGType') to different enumeration type 'TCGMemOp' (aka 'enum TCGMemOp')
[-Wenum-conversion]
tcg_out_brcond(s, ext, a2, a0, a1, const_args[1], arg_label(args[3]));
~~~~~~~~~~~~~~ ^~~

backports commit dc1eccd661ada3b746ca4438e444993c36a0f04f from qemu
2018-03-02 10:48:56 -05:00
Alex Bennée caba238b5a
tcg: enable MTTCG by default for ARM on x86 hosts
This enables the multi-threaded system emulation by default for ARMv7
and ARMv8 guests using the x86_64 TCG backend. This is because on the
guest side:

- The ARM translate.c/translate-64.c have been converted to
- use MTTCG safe atomic primitives
- emit the appropriate barrier ops
- The ARM machine has been updated to
- hold the BQL when modifying shared cross-vCPU state
- defer powerctl changes to async safe work

All the host backends support the barrier and atomic primitives but
need to provide same-or-better support for normal load/store
operations.

Backports commit ca759f9e387db87e1719911f019bc60c74be9ed8 from qemu
2018-03-02 10:32:47 -05:00
KONRAD Frederic c5730ff194
tcg: add options for enabling MTTCG
We know there will be cases where MTTCG won't work until additional work
is done in the front/back ends to support. It will however be useful to
be able to turn it on.

As a result MTTCG will default to off unless the combination is
supported. However the user can turn it on for the sake of testing.

Backports commit 8d4e9146b3568022ea5730d92841345d41275d66 from qemu
2018-03-02 09:25:01 -05:00
Alex Bennée 8c89344517
tcg: move TCG_MO/BAR types into own file
We'll be using the memory ordering definitions to define values for
both the host and guest. To avoid fighting with circular header
dependencies just move these types into their own minimal header.

Backports commit 20937143145b8f5a4194e5c407731ba38797864e from qemu
2018-03-02 09:08:44 -05:00
Richard Henderson 4bec129626
tcg/i386: Handle ctpop opcode
Backports commit 993508e43e6d180e9ba9b747a9657eac69aec5bb from qemu
2018-03-01 18:49:43 -05:00
Richard Henderson 3a0fba32f3
tcg/ppc: Handle ctpop opcode
Backports commit 33e75fb9c8cc44165c8dad9093762ba728cc7596 from qemu
2018-03-01 18:46:43 -05:00
Richard Henderson 6d4fc1319a
tcg/ppc: Handle ctz and clz opcodes
Backports commit d0b07481fabb4dc4ed05d56d09718758f5f7a136 from qemu
2018-03-01 18:44:54 -05:00
Richard Henderson ff3512a045
tcg: Use ctpop to generate ctz if needed
Particularly when andc is also available, this is two insns
shorter than using clz to compute ctz.

Backports commit 14e99210f6c6cede461a54b2e0f9b4cd55175f00 from qemu
2018-03-01 18:39:20 -05:00
Richard Henderson 5f6e7bbdbd
tcg: Add opcode for ctpop
The number of actual invocations of ctpop itself does not warrent
an opcode, but it is very helpful for POWER7 to use in generating
an expansion for ctz.

Backports commit a768e4e99247911f00c5c0267c12d4e207d5f6cc from qemu
2018-03-01 18:26:41 -05:00
Richard Henderson fff7ca4617
tcg: Add helpers for clrsb
The number of actual invocations does not warrent an opcode,
and the backends generating it. But at least we can eliminate
redundant helpers.

Backports commit 086920c2c8008f125fd38781072fa25c3ad158ea from qemu
2018-03-01 18:14:11 -05:00
Richard Henderson 246d891668
tcg/i386: Handle ctz and clz opcodes
Backports commit bbf25f90ba802a286fd72be9175a860ae5fec726 from qemu
2018-03-01 16:56:08 -05:00
Richard Henderson 73ab332185
tcg/i386: Allow bmi2 shiftx to have non-matching operands
Previously we could not have different constraints for different ISA levels,
which prevented us from eliding the matching constraint for shifts.

We do now have to make sure that the operands match for constant shifts.
We can also handle some small left shifts via lea.

Backports commit 6a5aed4bdc7078838a8098336588d56c9ce09d1d from qemu
2018-03-01 16:45:04 -05:00
Richard Henderson 9e3feebbfb
tcg/i386: Hoist common arguments in tcg_out_op
Backports commit 42d5b514928a8a0d2f55a4c243d1333f9675815b from qemu
2018-03-01 16:42:30 -05:00
Richard Henderson 142ca07077
tcg/i386: Fuly convert tcg_target_op_def
Use a switch instead of searching a table. Share constraints between
32-bit and 64-bit, when at all possible.

Backports commit cd26449a505f808e479af4fdd539e05767e09c06 from qemu
2018-03-01 16:32:31 -05:00
Richard Henderson 54ca83b900
tcg/s390: Handle clz opcode
Backports commit ce411066f4886cf3a4981fc0a070042a221a5fc8 from qemu
2018-03-01 16:24:29 -05:00
Richard Henderson a90e026c18
tcg/mips: Handle clz opcode
Backports commit 2a1d9d41aedd722d674b2a94d9b7dbea61469cac from qemu
2018-03-01 16:22:52 -05:00
Richard Henderson 303fc987ed
tcg/arm: Handle ctz and clz opcodes
Backports commit cc0fec8a4d2a8546fe236a09bfd80150af9cbe6b from qemu
2018-03-01 16:20:46 -05:00
Richard Henderson 2b87ddda35
tcg/aarch64: Handle ctz and clz opcodes
Backports commit 53c76c19904983d2c81e4f5e77027c241918a479 from qemu
2018-03-01 16:19:34 -05:00
Richard Henderson 2cf34e1b55
tcg: Add clz and ctz opcodes
Backports commit 0e28d0063bbd9e59a981ea2d20f82f30c5d956a8 from qemu
2018-03-01 16:04:11 -05:00
Richard Henderson b4b173615c
tcg: Allow an operand to be matching or a constant
This allows an output operand to match an input operand
only when the input operand needs a register.

Backports commit 17280ff4a5f264e01e55ae514ee6d3586f9577b2 from qemu
2018-03-01 15:49:05 -05:00
Richard Henderson 3f38611159
tcg: Pass the opcode width to target_parse_constraint
This will let us choose how to interpret a given constraint
depending on whether the opcode is 32- or 64-bit. Which will
let us share more constraint combinations between opcodes.

At the same time, change the interface to return the advanced
pointer instead of passing it in/out by reference.

Backports commit 069ea736b50b75fdec99c9b8cc603b97bd98419e from qemu
2018-03-01 15:45:40 -05:00
Richard Henderson b8c93597b4
tcg: Transition flat op_defs array to a target callback
This will allow the target to tailor the constraints to the
auto-detected ISA extensions.

Backports commit f69d277ece43c42c7ab0144c2ff05ba740f6706b from qemu
2018-03-01 15:40:11 -05:00
Richard Henderson 551ef0a9f7
tcg: Add markup for output requires new register
This is the same concept as, and same markup as, the
early clobber markup in gcc.

Backports commit 82790a870992bd87d5fd9e607f40859dcf4f82ac from qemu
2018-03-01 15:24:58 -05:00
Richard Henderson 199b3859c4
tcg/optimize: Fold movcond 0/1 into setcond
Backports commit 333b21b809fc80ce67c8f6a7d1c7cc66437d9791 from qemu
2018-03-01 14:41:38 -05:00
Richard Henderson f0781470b4
tcg/s390: Support deposit into zero
Since we can no longer use matching constraints, this does
mean we must handle that data movement by hand.

Backports commit 752b1be94757de906b9c24ebc8f5e6aa54b96b23 from qemu
2018-03-01 13:47:20 -05:00
Richard Henderson a7462cc7bf
tcg/s390: Implement field extraction opcodes
Backports commit b0bf5fe82df93c180f69d439af59f1f546632f13 from qemu
2018-03-01 13:45:33 -05:00
Richard Henderson ab8871ea82
tcg/s390: Implement field extraction opcodes
Backports commit b0bf5fe82df93c180f69d439af59f1f546632f13 from qemu
2018-03-01 13:43:46 -05:00
Richard Henderson 348802286c
tcg/s390: Expose host facilities to tcg-target.h
This lets us expose facilities to TCG_TARGET_HAS_* defines
directly, rather than hiding behind function calls.

Backports commit b2c98d9d392c87c9b9e975d30f79924719d9cbbe from qemu
2018-03-01 13:43:00 -05:00
Richard Henderson db41c6f1d0
tcg/ppc: Implement field extraction opcodes
Backports commit c05021c3c8d6c976e4677d3010b9ef01488a4434 from qemu
2018-03-01 13:38:42 -05:00
Richard Henderson b10a4a9ee6
tcg/mips: Implement field extraction opcodes
Backports commit befbb3ced5869003ee2e806c4f36e306918d2374 from qemu
2018-03-01 13:37:24 -05:00
Richard Henderson 7a7a5c640d
tcg/i386: Implement field extraction opcodes
Backports commit 78fdbfb94616f0391834d2eccabd16ea29e37da5 from qemu
2018-03-01 13:35:41 -05:00
Richard Henderson cabb6f71a0
tcg/arm: Implement field extraction opcodes
Backports commit ec903af18418e0870af84f6036d7aca1e6a5dc0a from qemu
2018-03-01 13:33:55 -05:00
Richard Henderson c4f56ec541
tcg/arm: Move isa detection to tcg-target.h
This allows us to use this detection within the TCG_TARGET_HAS_*
macros, instead of requiring a function call into tcg-target.inc.c.

Backports commit 40b2ccb156534f5d5f1d110a6ce008d87ee10af1 from qemu
2018-03-01 13:32:39 -05:00
Richard Henderson fbea4130fc
tcg/aarch64: Implement field extraction opcodes
Backports commit e2179f94a17bf0933df29ce1b4f6bc93cbe7dbd3 from qemu
2018-03-01 13:30:55 -05:00
Richard Henderson 9f2fcaaf27
tcg: Add deposit_z expander
While we don't require a new opcode, it is handy to have an expander
that knows the first source is zero.

Backports commit 07cc68d52852bf47dea7c402b46ddd28248d4212 from qemu
2018-03-01 13:29:24 -05:00
Richard Henderson 8e0585dcb1
tcg: Add field extraction primitives
Adds tcg_gen_extract_* and tcg_gen_sextract_* for extraction of
fixed position bitfields, much like we already have for deposit.

Backports commit 7ec8bab3deae643b1ce579c2d65a244f30708330 from qemu
2018-03-01 13:21:30 -05:00
Jin Guojie 4ed2a37f6d
tcg-mips: Adjust qemu_ld/st for mips64
Backports commit f0d703314ecb0415d51425727ed73ad2c6e3238a from qemu
2018-03-01 13:01:05 -05:00
Jin Guojie 25b4e11814
tcg-mips: Adjust calling conventions for mips64
Backports commit 999b941633cabf2487d9bc77ce382b3fde3cd66d from qemu
2018-03-01 12:53:42 -05:00
Jin Guojie 3de761976c
tcg-mips: Adjust prologue for mips64
Take stack frame parameters out from the function body.

Backports commit 0973b1cff8b66f3561befb1f467b2ab4d1a7d55a from qemu
2018-03-01 12:51:36 -05:00
Jin Guojie b55b7403a8
tcg-mips: Adjust load/store functions for mips64
tcg_out_ldst: using a generic ALIAS_PADD to avoid ifdefs
tcg_out_ld: generates LD or LW
tcg_out_st: generates SD or SW

Backports commit 32b69707df3365aadaad1d058044a7704397ec62 from qemu
2018-03-01 12:50:12 -05:00
Jin Guojie 022ff3580e
tcg-mips: Adjust move functions for mips64
tcg_out_mov: using OPC_OR as most mips assemblers do;
tcg_out_movi: extended to 64-bit immediate.

Backports commit 2294d05dab503d11664e73712c7f250fd0bf9e3b from qemu
2018-03-01 12:49:19 -05:00
Jin Guojie 00ccf9cec7
tcg-mips: Add bswap32u and bswap64
Without the mips32r2 instructions to perform swapping, bswap is quite large,
dominating the size of each reverse-endian qemu_ld/qemu_st operation.

Create two subroutines in the prologue block. The subroutines require extra
reserved registers (TCG_TMP[2, 3]). Using these within qemu_ld means that
we need not place additional restrictions on the qemu_ld outputs.

Backports commit 7f54eaa3b78d71cb57e45a719980f9b5ff06d21c from qemu
2018-03-01 12:47:45 -05:00
Jin Guojie 397db1b046
tcg-mips: Support 64-bit opcodes
Bulk patch adding 64-bit opcodes into tcg_out_op. Note that
mips64 is as yet neither complete nor enabled.

Backports commit 0119b1927d531f3fac22b9b4da01dafc23644973 from qemu
2018-03-01 12:46:18 -05:00
Jin Guojie 286f3a9f70
tcg-mips: Add mips64 opcodes
Since the mips manual tables are in octal, reorg all of the opcodes
into that format for clarity. Note that the 64-bit opcodes are as
yet unused.

Backports commit 57a701fc2b34902310d4dbd1411088055616938a from qemu
2018-03-01 12:36:20 -05:00
Jin Guojie d2aa49e9d3
tcg-mips: Move bswap code to a subroutine
Without the mips32r2 instructions to perform swapping, bswap is quite large,
dominating the size of each reverse-endian qemu_ld/qemu_st operation.

Create a subroutine in the prologue block. The subroutine requires extra
reserved registers (TCG_TMP[2, 3]). Using these within qemu_ld means that
we need not place additional restrictions on the qemu_ld outputs.

Backports commit bb08afe9f0aee1a3f5c23508e2511b882ca31e1b from qemu
2018-03-01 12:35:20 -05:00
Laurent Vivier 77b8b2f3b8
target-m68k: add 680x0 divu/divs variants
Update helper to set the throwing location in case of div-by-0.
Cleanup divX.w and add quad word variants of divX.l.

Backports commit 0ccb9c1d8128a020720d5c6abf99a470742a1b94 from qemu
2018-03-01 11:38:53 -05:00
Richard Henderson fcc05dc1ce
tcg/s390: Remove 'R' constraint
Since R0 is reserved, we don't need a special case constraint.

Backports commit e45d4ef6e345831c8d67a5bffe0d057efc20f4ff from qemu
2018-03-01 11:05:57 -05:00
Richard Henderson 7852cc600d
tcg/s390: Fix setcond expansion
We can't use LOAD AND TEST for unsigned data and then expect to
extract the result with ADD LOGICAL WITH CARRY. Fall through to
using COMPARE LOGICAL IMMEDIATE instead.

Backports commit 65839b56b9a740e6b898b5d81afc160502bd2935 from qemu
2018-03-01 11:04:40 -05:00
Richard Henderson 6820964e2f
tcg/aarch64: Fix tcg_out_movi
There were some patterns, like 0x0000_ffff_ffff_00ff, for which we
would select to begin a multi-insn sequence with MOVN, but would
fail to set the 0x0000 lane back from 0xffff.

Backports commit 50b468d42107a2c646b1c566ed17d9ec362c51c4 from qemu
2018-03-01 09:15:34 -05:00
Richard Henderson a03666f2f2
tcg/aarch64: Fix addsub2 for 0+C
When al == xzr, we cannot use addi/subi because that encodes xsp.
Force a zero into the temp register for that (rare) case.

Backports commit 028fbea47713f909d6ea761a457779a82b276247 from qemu
2018-03-01 09:13:54 -05:00
Joseph Myers 7ff441826c
tcg: correct 32-bit tcg_gen_ld8s_i64 sign-extension
The version of tcg_gen_ld8s_i64 for 32-bit systems does a load into
the low part of the return value - then attempts a sign extension into
the high part, but wrongly sets the high part to a sign extension of
itself rather than of the low part. This results in TCG internal
errors from the use of the uninitialized high part (in some GCC tests
of AArch64 NEON shift intrinsics, in particular). This patch corrects
the sign-extension logic, making it match other functions such as
tcg_gen_ld16s_i64.

Backports commit 3ff91d7e85176f8b4b131163d7fd801757a2c949 from qemu
2018-03-01 08:41:23 -05:00
Peter Maydell f9c5c1a604
tcg/tcg.h: Improve documentation of TCGv_i32 etc types
The typedefs we use for the TCGv_i32, TCGv_i64 and TCGv_ptr
types are somewhat confusing, because we define them as
pointers to structs, but the structs themselves are never
defined. Explain in the comments a bit more clearly why
this is OK and what is going on under the hood.

Backports commit a40d4701bc9f6e6a3bbfb7b4fbe756a5b72b5df1 from qemu
2018-03-01 08:40:35 -05:00
Richard Henderson f5a35908da
tcg: Add tcg_gen_mulsu2_{i32,i64,tl}
This multiply has one signed input and one unsigned input,
producing the full double-width result.

Backports commit 5087abfb7dfd1d368ae6939420057036b4d8e509 from qemu
2018-03-01 08:39:37 -05:00
Paolo Bonzini 9d64a89acf
tcg: comment on which functions have to be called with tb_lock held
softmmu requires more functions to be thread-safe, because translation
blocks can be invalidated from e.g. notdirty callbacks. Probably the
same holds for user-mode emulation, it's just that no one has ever
tried to produce a coherent locking there.

This patch will guide the introduction of more tb_lock and tb_unlock
calls for system emulation.

Note that after this patch some (most) of the mentioned functions are
still called outside tb_lock/tb_unlock. The next one will rectify this.

Backports commit 7d7500d99895f888f97397ef32bb536bb0df3b74 from qemu
2018-02-28 10:26:28 -05:00
Richard Henderson b48508a6c1
tcg: Emit barriers with parallel_cpus
Backports commit 91682118aa330aff7e8ef0cc685c32d101f49940 from qemu
2018-02-27 22:28:33 -05:00
Richard Henderson 064543a415
tcg: Add CONFIG_ATOMIC64
Allow qemu to build on 32-bit hosts without 64-bit atomic ops.

Even if we only allow 32-bit hosts to multi-thread emulate 32-bit
guests, we still need some way to handle the 32-bit guest using a
64-bit atomic operation. Do so by dropping back to single-step.

Backports commit df79b996a7b21c6ea7847f7927a2e1a294b86c72 from qemu
2018-02-27 22:25:36 -05:00
Richard Henderson da01e53757
tcg: Add atomic128 helpers
Force the use of cmpxchg16b on x86_64.

Wikipedia suggests that only very old AMD64 (circa 2004) did not have
this instruction. Further, it's required by Windows 8 so no new cpus
will ever omit it.

If we truely care about these, then we could check this at startup time
and then avoid executing paths that use it.

Backports commit 7ebee43ee3e2fcd7b5063058b7ef74bc43216733 from qemu
2018-02-27 21:43:48 -05:00
Richard Henderson 5c0ce1b99c
tcg: Add atomic helpers
Add all of cmpxchg, op_fetch, fetch_op, and xchg.
Handle both endian-ness, and sizes up to 8.
Handle expanding non-atomically, when emulating in serial.

Backports commit c482cb117cc418115ca9c6d21a7a2315414c0a40 from qemu
2018-02-27 15:57:47 -05:00
Richard Henderson 4e498cc54d
target-m68k: Reorg flags handling
Separate all ccr bits. Continue to batch updates via cc_op.

Backports commit 620c6cf66584bfbee90db84a7e87a6eabf230ca9 from qemu
2018-02-27 10:02:02 -05:00
Paolo Bonzini 8734e13a73
tcg: try sti when moving a constant into a dead memory temp
This comes from free from unifying tcg_reg_alloc_mov and
tcg_reg_alloc_movi's handling of TEMP_VAL_CONST. It triggers
often on moves to cc_dst, such as the following translation
of "sub $0x3c,%esp":

before: after:
subl $0x3c,%ebp subl $0x3c,%ebp
movl %ebp,0x10(%r14) movl %ebp,0x10(%r14)
movl $0x3c,%ebx movl $0x3c,0x2c(%r14)
movl %ebx,0x2c(%r14)

Backports commit 0fe4fca4e1a5e06a270127dd80bb753d4dda61c6 from qemu
2018-02-26 10:08:47 -05:00
Alex Bennée bf72733576
tcg/optimize: move default return out of if statement
This is to appease sanitizer builds which complain that:

"error: control reaches end of non-void function"

Backports commit 550276ae0a88851edda2cb7fcdd64256dbb8e314 from qemu
2018-02-26 05:05:21 -05:00
Richard Henderson 2ab4b8fa4d
tcg/i386: Extend TARGET_PAGE_MASK to the proper type
TARGET_PAGE_MASK, as defined, has type "int". We need to extend
that to the proper target width before oring in an "unsigned".

Backports commit ebb90a005da67147245cd38fb04a965a87a961b7 from qemu
2018-02-26 03:32:38 -05:00
Pranith Kumar 16d71f0f10
tcg: Optimize fence instructions
This commit optimizes fence instructions. Two optimizations are
currently implemented: (1) unnecessary duplicate fence instructions,
and (2) merging weaker fences into a stronger fence.

[rth: Merge tcg_optimize_mb back into tcg_optimize, so that we only
loop over the opcode stream once. Merge "unrelated" weaker barriers
into one stronger barrier.]

Backports commit 34f939218ce78163171addd63750e1e0300376ab from qemu
2018-02-26 03:29:59 -05:00
Pranith Kumar 65a73763e3
tcg/sparc: Add support for fence
Backports commit f8f03b3707b49898052fb8cd75ee31d19c8161fc from qemu
2018-02-26 03:20:39 -05:00
Pranith Kumar a6fdc24e28
tcg/s390: Add support for fence
Backports commit c9314d610e0e5da4d2cd5a36f3563d102b3294e0 from qemu
2018-02-26 03:19:41 -05:00
Pranith Kumar bdd9cad15c
tcg/ppc: Add support for fence
Backports commit 7b4af5ee8a1336bc39714b6de47924ee71fba761 from qemu
2018-02-26 03:18:43 -05:00
Pranith Kumar 5f10101245
tcg/mips: Add support for fence
Backports commit 6f0b99104a396905870edc3049310ece29b6b8d6 from qemu
2018-02-26 03:17:34 -05:00
Pranith Kumar e29cbe9640
tcg/arm: Add support for fence
Backports commit 40f191ab8226fdada185efa49c44b60d8f494890 from qemu
2018-02-26 03:13:17 -05:00
Pranith Kumar 907060b865
tcg/aarch64: Add support for fence
Backports commit c7a59c2a92592e556b9361437c9c4229917bd1e3 from qemu
2018-02-26 03:11:03 -05:00
Pranith Kumar d49bd55f52
tcg/i386: Add support for fence
Generate a 'lock orl $0,0(%esp)' instruction for ordering instead of
mfence which has similar ordering semantics.

Backports commit a7d00d4effb58889ac6df64f98ac50c9d1594149 from qemu
2018-02-26 03:10:58 -05:00
Pranith Kumar 5e44ce9be8
Introduce TCGOpcode for memory barrier
This commit introduces the TCGOpcode for memory barrier instruction.

This opcode takes an argument which is the type of memory barrier
which should be generated.

Backports commit f65e19bc2c9e8358e634d309606144ac2a3c2936 from qemu
2018-02-26 03:02:41 -05:00
Richard Henderson 91f5cf0417
tcg: Support arbitrary size + alignment
Previously we allowed fully unaligned operations, but not operations
that are aligned but with less alignment than the operation size.

In addition, arm32, ia64, mips, and sparc had been omitted from the
previous overalignment patch, which would have led to that alignment
being enforced.

Backports commit 85aa80813dd9f5c1f581c743e45678a3bee220f8 from qemu
2018-02-26 02:47:26 -05:00
Ladi Prosek 7acc14da16
Remove unused function declarations
Unused function declarations were found using a simple gcc plugin and
manually verified by grepping the sources.

Backports commit d4b84d564ee3eb7a58e4585d671fb3c220b6c3b9 from qemu
2018-02-26 02:31:46 -05:00
Thomas Huth b581d4033f
tcg: Remove duplicate header includes
host-utils.h and timer.h are included twice in tcg.c.
One time should be enough.

Backports commit 347519eb9d68303a6c23a7663c0fa6c20a225191 from qemu
2018-02-26 02:29:38 -05:00
Richard Henderson ede1cae3dc
tcg: Lower indirect registers in a separate pass
Rather than rely on recursion during the middle of register allocation,
lower indirect registers to loads and stores off the indirect base into
plain temps.

For an x86_64 host, with sufficient registers, this results in identical
code, modulo the actual register assignments.

For an i686 host, with insufficient registers, this means that temps can
be (temporarily) spilled to the stack in order to satisfy an allocation.
This as opposed to the possibility of not being able to spill, to allocate
a register for the indirect base, in order to perform a spill.

Backports commit 5a18407f55ade924aa6397c9a043a9ffd59645fe from qemu
2018-02-25 22:32:28 -05:00
Richard Henderson 8a012ff6d3
tcg: Require liveness analysis
Backports commit c0ef05b5e62ab0c291a94022f14104e61e306f03 from qemu
2018-02-25 22:20:42 -05:00
Richard Henderson 2aa46dd9a1
tcg: Include liveness info in the dumps
Backports commit bdfb460ef77500f7b186759b585f06ff2120929d from qemu
2018-02-25 22:13:08 -05:00
Richard Henderson e973e89a57
tcg: Compress dead_temps and mem_temps into a single array
We only need two bits per temporary. Fold the two bytes into one,
and reduce the memory and cachelines required during compilation.

Backports commit c70fbf0a9938baf3b4f843355a77c17a7e945b98 from qemu
2018-02-25 22:07:08 -05:00
Richard Henderson 690985a582
tcg: Fold life data into TCGOp
Reduce the size of other bitfields to make room.
This reduces the cache footprint of compilation.

Backports commit bee158cb4dde35c41632a3a129c869f14a32f8f0 from qemu
2018-02-25 21:49:42 -05:00
Richard Henderson 1547048a22
tcg: Reorg TCGOp chaining
Instead of using -1 as end of chain, use 0, and link through the 0
entry as a fully circular double-linked list.

Backports commit dcb8e75870e2de199db853697f8839cb603beefe from qemu
2018-02-25 21:44:50 -05:00
Richard Henderson b2e6e351c2
tcg: Compress liveness data to 16 bits
This reduces both memory usage and per-insn cacheline usage
during code generation.

Backports commit a1b3c48d2b23d6eaeb4529d3e1183d2648731bf8 from qemu
2018-02-25 21:27:24 -05:00
Paolo Bonzini a47c68164d
compiler: never omit assertions if using a static analysis tool
Assertions help both Coverity and the clang static analyzer avoid
false positives, but on the other hand both are confused when
the condition is compiled as (void)(x != FOO). Always expand
assertion macros when using Coverity or clang, through a new
QEMU_STATIC_ANALYSIS preprocessor symbol.

This fixes a couple false positives in TCG.

Backports commit 8bff06a0bbf257a2083223534c1607bf87d913e6 from qemu
2018-02-25 19:19:28 -05:00
Richard Henderson 1dcd14d434
target-sparc: Store %asi in TB flags
Knowing the value of %asi at translation time means that we
can handle the common settings without a function call.

The steady state appears to be %asi == ASI_P, so that sparcv9
code can use offset forms of lda/sta. The %asi register gets
pushed and popped on entry to certain functions, but it rarely
takes on values other than ASI_P or ASI_AIUP. Therefore we're
unlikely to be expanding the set of TBs created.

Backports commit a6d567e523ed7e928861f3caa5d49368af3f330d from qemu
2018-02-25 05:17:21 -05:00
Richard Henderson 395e00cdc5
target-sparc: Remove softint as a TCG global
The global is only ever read for one insn; we can just as well
use a load from env instead and generate the same code. This
also allows us to indicate the the associated helpers do not
touch TCG globals.

Backports commit e86ceb0d652baa5738e05a59ee0e7989dafbeaa1 from qemu
2018-02-25 04:49:27 -05:00
Markus Armbruster 25ec9ab016
tcg: Clean up tcg-target.h header guards
These use guard symbols like TCG_TARGET_$target.
scripts/clean-header-guards.pl doesn't like them because they don't
match their file name (they should, to make guard collisions less
likely).

Clean them up: use guard symbol $target_TCG_TARGET_H for
tcg/$target/tcg-target.h.

Backports commit 14e54f8ecfe9c5e17348f456781344737ed10b3b from qemu
2018-02-25 04:15:08 -05:00
Sergey Sorokin e4d123caa9
tcg: Improve the alignment check infrastructure
Some architectures (e.g. ARMv8) need the address which is aligned
to a size more than the size of the memory access.
To support such check it's enough the current costless alignment
check implementation in QEMU, but we need to support
an alignment size specifying.

Backports commit 1f00b27f17518a1bcb4cedca49eaec96a4d560bd from qemu
2018-02-25 02:23:28 -05:00
Richard Henderson 23586e2674
tcg: Optimize spills of constants
While we can store constants via constrants on INDEX_op_st_i32 et al,
we weren't able to spill constants to backing store.

Add a new backend interface, tcg_out_sti, which may store the constant
(and is allowed to fail). Rearrange the temp_* helpers so that we only
attempt to directly store a constant when the temp is becoming dead/free.

Backports commit 59d7c14eeff8d2ad7f61aed86ce5a176113bc153 from qemu
2018-02-25 01:45:29 -05:00
Richard Henderson 64fda683b1
tcg: Fix name for high-half register 2018-02-25 01:36:35 -05:00
Lluís Vilanova 2297527755
exec: [tcg] Track which vCPU is performing translation and execution
Information is tracked inside the TCGContext structure, and later used
by tracing events with the 'tcg' and 'vcpu' properties.

The 'cpu' field is used to check tracing of translation-time
events ("*_trans"). The 'tcg_env' field is used to pass it to
execution-time events ("*_exec").

Backports commit 7c2550432abe62f53e6df878ceba6ceaf71f0e7e from qemu
2018-02-24 19:21:39 -05:00
Emilio G. Cota 8518f55df7
compiler.h: add QEMU_ALIGNED() to enforce struct alignment
Backports commit 911a4d2215b05267b16925503218f49d607c6b29 from qemu
2018-02-24 17:32:43 -05:00
Paolo Bonzini 9485b7c2e1
cpu: move exec-all.h inclusion out of cpu.h
exec-all.h contains TCG-specific definitions. It is not needed outside
TCG-specific files such as translate.c, exec.c or *helper.c.

One generic function had snuck into include/exec/exec-all.h; move it to
include/qom/cpu.h.

Backports commit 63c915526d6a54a95919ebece83fa9ca631b2508 from qemu
2018-02-24 02:39:08 -05:00
Paolo Bonzini 58693409ea
exec: extract exec/tb-context.h
TCG backends do not need most of exec-all.h; extract what they actually
need to a separate file or move it directly to tcg.h. The next patch
will stop including exec-all.h from everywhere.

Backports commit 00f6da6a1a5d1ce085334eccbb50ec899ceed513 from qemu
2018-02-24 02:09:58 -05:00
Paolo Bonzini 37f26922dd
qemu-common: push cpu.h inclusion out of qemu-common.h
Backports commit 33c11879fd422b759483ed25fef133ea900ea8d7 from qemu
2018-02-24 01:50:56 -05:00
Sergey Fedorov c9700af2bd
tcg: Clean up from 'next_tb'
The value returned from tcg_qemu_tb_exec() is the value passed to the
corresponding tcg_gen_exit_tb() at translation time of the last TB
attempted to execute. It is a little confusing to store it in a variable
named 'next_tb'. In fact, it is a combination of 4-byte aligned pointer
and additional information in its two least significant bits. Break it
down right away into two variables named 'last_tb' and 'tb_exit' which
are a pointer to the last TB attempted to execute and the TB exit
reason, correspondingly. This simplifies the code and improves its
readability.

Correct a misleading documentation comment for tcg_qemu_tb_exec() and
fix logging in cpu_tb_exec(). Also rename a misleading 'next_tb' in
another couple of places.

Backports commit 819af24b9c1e95e6576f1cefd32f4d6bf56dfa56 from qemu
2018-02-23 23:29:04 -05:00
Sergey Fedorov ffdc9d6323
tcg: Allow goto_tb to any target PC in user mode
In user mode, there's only a static address translation, TBs are always
invalidated properly and direct jumps are reset when mapping change.
Thus the destination address is always valid for direct jumps and
there's no need to restrict it to the pages the TB resides in.

Backports commit 90aa39a1cc4837360889f0e033ca25cc82100308 from qemu
2018-02-23 23:12:14 -05:00
Sergey Fedorov 73c59faad5
tcg: Clean up direct block chaining safety checks
We don't take care of direct jumps when address mapping changes. Thus we
must be sure to generate direct jumps so that they always keep valid
even if address mapping changes. Luckily, we can only allow to execute a
TB if it was generated from the pages which match with current mapping.

Document tcg_gen_goto_tb() declaration and note the reason for
destination PC limitations.

Some targets with variable length instructions allow TB to straddle a
page boundary. However, we make sure that both of TB pages match the
current address mapping when looking up TBs. So it is safe to do direct
jumps into the both pages. Correct the checks for some of those targets.

Given that, we can safely patch a TB which spans two pages. Remove the
unnecessary check in cpu_exec() and allow such TBs to be patched.

Backports commit 5b053a4a28278bca606eeff7d1c0730df1b047e9 from qemu
2018-02-23 22:26:00 -05:00
Sergey Fedorov e60c24cecf
tcg: Clean up direct block chaining data fields
Briefly describe in a comment how direct block chaining is done. It
should help in understanding of the following data fields.

Rename some fields in TranslationBlock and TCGContext structures to
better reflect their purpose (dropping excessive 'tb_' prefix in
TranslationBlock but keeping it in TCGContext):
tb_next_offset => jmp_reset_offset
tb_jmp_offset => jmp_insn_offset
tb_next => jmp_target_addr
jmp_next => jmp_list_next
jmp_first => jmp_list_first

Avoid using a magic constant as an invalid offset which is used to
indicate that there's no n-th jump generated.

Backports commit f309101c26b59641fc1aa8fb2a98a5441cdaea03 from qemu
2018-02-23 21:28:19 -05:00
Sergey Fedorov 87c3382dc8
tcg/mips: Make direct jump patching thread-safe
Ensure direct jump patching in MIPS is atomic by using
atomic_read()/atomic_set() for code patching.

Backports commit c82460a560176ef69c2f0662bd280612e274db96 from qemu
2018-02-23 21:28:18 -05:00
Sergey Fedorov 7538001da9
tcg/sparc: Make direct jump patching thread-safe
Ensure direct jump patching in SPARC is atomic by using
atomic_read()/atomic_set() for code patching.

Backports commit 84f79fb7c6e857edc807e4a251338243ce0cbac3 from qemu
2018-02-23 21:28:18 -05:00
Sergey Fedorov a45f8cb49d
tcg/aarch64: Make direct jump patching thread-safe
Ensure direct jump patching in AArch64 is atomic by using
atomic_read()/atomic_set() for code patching.

Backports commit 9e269112953be4d670cb0d25042bd6546fcf3e45 from qemu
2018-02-23 21:28:18 -05:00
Sergey Fedorov 52e2972300
tcg/arm: Make direct jump patching thread-safe
Ensure direct jump patching in ARM is atomic by using
atomic_read()/atomic_set() for code patching.

Backports commit 7d14e0e2d661479985197203589c38840e1066df from qemu
2018-02-23 21:28:18 -05:00
Sergey Fedorov 57359fbe6c
tcg/s390: Make direct jump patching thread-safe
Ensure direct jump patching in s390 is atomic by:
* naturally aligning a location of direct jump address;
* using atomic_read()/atomic_set() for code patching.

Backports commit ed3d51ecd7fe248d3959e469d53890ac9ffe0cd2 from qemu
2018-02-23 21:28:18 -05:00
Sergey Fedorov 5eb2d6618f
tcg/i386: Make direct jump patching thread-safe
Ensure direct jump patching in i386 is atomic by:
* naturally aligning a location of direct jump address;
* using atomic_read()/atomic_set() for code patching.

Backports commit 0d07abf05e98903c7faf204a9a90f7d45b7554dc from qemu
2018-02-23 21:28:17 -05:00
Edgar E. Iglesias a30a478538
tcg: Add tcg_set_insn_param
Add tcg_set_insn_param as a mechanism to modify an insn
parameter after emiting the insn. This is useful for icount
and also for embedding fault information for a specific insn.

Backports commit 1d41478fd428e01f057d3248292e4cdcdb048523 from qemu
2018-02-23 19:58:49 -05:00
Aurelien Jarno 6060ab6596
tcg: check for CONFIG_DEBUG_TCG instead of NDEBUG
Check for CONFIG_DEBUG_TCG instead of NDEBUG, drop now useless code.

Backports commit 8d8fdbae010aa75a23f0307172e81034125aba6e from qemu
2018-02-23 13:55:21 -05:00
Aurelien Jarno 355ed7cd08
tcg: use tcg_debug_assert instead of assert (fix performance regression)
The TCG code is quite performance sensitive, but at the same time can
also be quite tricky. That is why asserts that can be enabled with the
--enable-debug-tcg configure option.

This used to work the following way:

| #include "config.h"
|
| ...
|
| #if !defined(CONFIG_DEBUG_TCG) && !defined(NDEBUG)
| /* define it to suppress various consistency checks (faster) */
| #define NDEBUG
| #endif
|
| ...
|
| #include <assert.h>

Since commit 757e725b (tcg: Clean up includes) "config.h" as been
replaced by "qemu/osdep.h" which itself includes <assert.h>. As a
consequence the assertions are always enabled, even when using
--disable-debug-tcg, causing a performance regression, especially on
targets with many registers. For instance on qemu-system-ppc the
speed difference is about 15%.

tcg_debug_assert is controlled directly by CONFIG_DEBUG_TCG and already
uses in some places. This patch replaces all the calls to assert into
calss to tcg_debug_assert.

Backports commit eabb7b91b36b202b4dac2df2d59d698e3aff197a from qemu
2018-02-23 13:52:13 -05:00
James Hogan 41c6079823
tcg/mips: Fix type of tcg_target_reg_alloc_order[]
The MIPS TCG backend is the only one to have
tcg_target_reg_alloc_order[] elements of type TCGReg rather than int.
This resulted in commit 91478cefaaf2 ("tcg: Allocate indirect_base
temporaries in a different order") breaking the build on MIPS since the
type differed from indirect_reg_alloc_order[]:

tcg/tcg.c:1725:44: error: pointer type mismatch in conditional expression [-Werror]
order = rev ? indirect_reg_alloc_order : tcg_target_reg_alloc_order;
^

Make it an array of ints to fix the build and match other architectures.

Backports commit 2dc7553d0c0a3915c649e1a91b0f0be70b4674b3 from qemu
2018-02-23 13:21:44 -05:00
Alex Bennée 3da7d9d9ae
qemu-log: dfilter-ise exec, out_asm, op and opt_op
qemu-log: dfilter-ise exec, out_asm, op and opt_op

This ensures the code generation debug code will honour -dfilter if set.
For the "exec" tracing I've added a new inline macro for efficiency's
sake.

Backports commit d977e1c2dbc9e63454b2000f91954d02543bf43b from qemu
2018-02-22 10:06:19 -05:00
Alex Bennée bc5d7c5e1d
tcg: pass down TranslationBlock to tcg_code_gen
My later debugging patches need access to the origin PC which is held in
the TranslationBlock structure. Pass down the whole structure as it also
holds the information about the code start point.

Backports commit 5bd2ec3d7b47b2252745882795d79aef36380fb7 from qemu
2018-02-22 09:28:06 -05:00
Veronia Bahaa bafc81b1d3
util: move declarations out of qemu-common.h
Move declarations out of qemu-common.h for functions declared in
utils/ files: e.g. include/qemu/path.h for utils/path.c.
Move inline functions out of qemu-common.h and into new files (e.g.
include/qemu/bcd.h)

Backports commit f348b6d1a53e5271cf1c9f9acc4646b4b98c1771 from qemu
2018-02-22 09:25:48 -05:00
Lioncash 1c04024688
tcg: Make cpu_regs_sparc a TCGv array 2018-02-21 01:50:28 -05:00
Lioncash c0210ac8a6
tcg: Make cpu_wim a TCGv 2018-02-21 01:41:53 -05:00
Lioncash 58c5a28893
tcg: Make cpu_ver a TCGv 2018-02-21 01:40:30 -05:00
Lioncash 2beea0db0d
tcg: Make cpu_ssr a TCGv 2018-02-21 01:39:15 -05:00
Lioncash b09a8626f0
tcg: Make cpu_hver a TCGv 2018-02-21 01:38:07 -05:00
Lioncash e161e9dcb4
tcg: Make cpu_htba a TCGv 2018-02-21 01:35:40 -05:00
Lioncash 577386b246
tcg: Make cpu_hintp a TCGv 2018-02-21 01:34:13 -05:00
Lioncash 2df9744bdb
tcg: Make cpu_stick_cmpr and cpu_hstick_cmpr TCGv 2018-02-21 01:32:59 -05:00
Lioncash 2d9d8c5e01
tcg: Make cpu_tick_cmpr a TCGv 2018-02-21 01:30:00 -05:00
Lioncash e5401deb09
tcg: Make cpu_npc a TCGv 2018-02-21 01:25:40 -05:00
Lioncash 6ccd4479d7
tcg: Make sparc_cpu_pc a TCGv 2018-02-21 01:23:58 -05:00
Lioncash e5a776b495
tcg: Make cpu_fsr a TCGv 2018-02-21 01:22:16 -05:00
Lioncash b51f920404
tcg: Make cpu_gsr a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete. Also fixes a leak with sparc
2018-02-21 01:17:01 -05:00
Lioncash 4da2fd6407
tcg: Make cpu_cond a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 01:12:15 -05:00
Lioncash 2f785b11d2
tcg: Make cpu_tbr a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 01:12:11 -05:00
Lioncash bbc8517cd2
tcg: Make cpu_y a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 01:06:36 -05:00
Lioncash a913b3e468
tcg: Make cpu_gpr a TCGv array
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 01:02:46 -05:00
Lioncash 1defc70341
tcg: Make cpu_PC a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 00:47:13 -05:00
Lioncash 372e3307c5
tcg: Make bcond, btarget and cpu_dspctrl TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 00:45:59 -05:00
Lioncash baf25644dd
tcg: Make cpu_HI and cpu_LO a TCGv array
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 00:34:49 -05:00
Lioncash 50b871f523
tcg: Make store_dummy a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 00:24:40 -05:00
Lioncash 53f66f4762
tcg: Make QREG member variables TCGv instances
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete
2018-02-21 00:23:22 -05:00
Lioncash 04b743a26c
tcg: Make cpu_dreg and cpu_areg TCGv arrays
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4
allows making the type concrete.
2018-02-21 00:23:17 -05:00
Lioncash 6b19f43925
tcg: Make cpu_tmp1 and cpu_tmp4 a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4 allows
making the type concrete.
2018-02-21 00:07:23 -05:00
Lioncash 7caca36070
tcg: Make cpu_cc_dst, cpu_cc_src, cpu_cc_src2, and cpu_cc_srcT a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4 allows us to make the types concrete
2018-02-21 00:00:08 -05:00
Lioncash 4062dcc9bc
tcg: Make cpu_T0 and cpu_T1 TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4 allows us
to make the type concrete
2018-02-20 23:51:44 -05:00
Lioncash 72170ae5c0
tcg: Make cpu_A0 a TCGv
Commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4 allows us to make the type concrete.
2018-02-20 23:43:58 -05:00
Lioncash ccbf1ed6ed
tcg: Make cpu_regs a TCGv array
Commit eae07f4767 allows us
to make the type concrete as opposed to using void* and malloc
2018-02-20 23:41:21 -05:00
Lioncash 02b2d3c873
tcg: Make cpu_seg_base a TCGv array
Commit eae07f4767 allows us to
use the type directly instead of casting to void and using malloc
(yay).
2018-02-20 23:34:38 -05:00
Lluís Vilanova eae07f4767
tcg: Move definition of type TCGv
The target-dependant type TCGv must be defined in "tcg/tcg.h" before
including the tracing helper wrappers in "tcg/tcg-op.h".

It also makes more sense to define it here, where other TCG types are
defined too.

Backports commit 5d4e1a1081d3f1ec2908ff0eaebe312389971ab4 from qemu
2018-02-20 23:09:12 -05:00
Lluís Vilanova 7db1bffdee
tcg: Add type for vCPU pointers
Adds the 'TCGv_env' type for pointers to 'CPUArchState' objects. The
tracing infrastructure later needs to differentiate between regular
pointers and pointers to vCPUs.

Also changes all targets to use the new 'TCGv_env' type instead of the
generic 'TCGv_ptr'. As of now, the change is merely cosmetic ('TCGv_env'
translates into 'TCGv_ptr'), but that could change in the future to
enforce the difference.

Note that a 'TCGv_env' type (for 'CPUState') is not added, since all
helpers currently receive the architecture-specific
pointer ('CPUArchState').

Backports commit 1bcea73e13b2b059d0cb3301aeaca43e5656ef57 from qemu
2018-02-20 22:53:58 -05:00
Peter Maydell 764c2d09e5
tcg: Remove unnecessary osdep.h includes from tcg-target.inc.c
Commit 757e725b58c57d added a number of #include "qemu/osdep.h"
files to the tcg-target.c files (as they were named at the time).
These are unnecessary because these files are not standalone C
files, and the tcg/tcg.c file which includes them will have
already included osdep.h on their behalf. Remove the unneeded
include directives.

Backports commit c3b7f66800fbf9f47fddbcf2e2cd30ea932e0aae from qemu
2018-02-20 20:41:00 -05:00
Peter Maydell 7784a25470
tcg: Rename tcg-target.c to tcg-target.inc.c
Rename the per-architecture tcg-target.c files to tcg-target.inc.c.
This makes it clearer that they are not intended to be standalone
C files, but are instead #included into another source file.

Backports commit ce151109813e2770fd3cee2f37bfa2cdd01a12b9 from qemu
2018-02-20 20:39:57 -05:00
Richard Henderson d609ab30c2
target-sparc: Use global registers for the register window
Via indirection off cpu_regwptr.

Backports commit d2dc4069e046deeccc4dca0f73c3077ac22ba43f from qemu
2018-02-20 20:34:42 -05:00
Richard Henderson 3653771265
tcg: Allocate indirect_base temporaries in a different order
Since we've not got liveness analysis for indirect bases,
placing them at the end of the call-saved registers makes
it more likely that it'll stay live.

Backports commit 91478cefaaf2fa678e56df8635b34957f4d5d565 from qemu
2018-02-20 19:46:59 -05:00
Richard Henderson bf385eba3c
tcg: Implement indirect memory registers
That is, global_mem registers whose base is another global_mem
register, rather than a fixed register.

Backports commit b3915dbbdcdb2e04753f3d34a1b0865eea005069 from qemu
2018-02-20 19:20:01 -05:00
Richard Henderson 9299329349
tcg: Work around clang bug wrt enum ranges, part 2
A previous patch patch changed the type of REG from int
to enum TCGReg, which provokes the following bug in clang:

https://llvm.org/bugs/show_bug.cgi?id=16154

Backports commit 869938ae2a284fe730cb6f807ea0f9e324e0f87c from qemu
2018-02-20 19:12:49 -05:00
Richard Henderson 8bc3037864
target-i386: Implement BNDMK
Backports commit 149b427b32de358c3bd5bc064c50acca6e9ff78f from qemu
2018-02-20 14:02:31 -05:00
Richard Henderson 65a78ebb26
target-i386: Deconstruct the cpu_T array
All references to cpu_T are done with a constant index. It aids
readability to decompose the array into two scalar variables.

Backports commit 1d1cc4d0f481b2939c7e9f6606e571b2fc81971a from qemu
2018-02-20 11:02:34 -05:00
Richard Henderson 092c7bea97
target-i386: Access segs via TCG registers
Having segs[].base as a register significantly improves code
generation for real and protected modes, particularly for TBs
that have multiple memory references where the segment base
can be held in a hard register through the TB.

Backports commit 3558f8055f37a34762b7a2a0f02687e6eeab893d from qemu
2018-02-20 10:02:37 -05:00
Richard Henderson 292c67109a
tcg: Introduce temp_load
Unify all of the places that realize a temporary into a register.

Backports commit 40ae5c62ebaaf7d9d3b93b88c2d32bf6342f7889 from qemu
2018-02-19 11:44:01 -05:00
Richard Henderson c821ffd989
tcg: Change temp_save argument to TCGTemp
Backports commit b13eb728d33deaa53efc0dcef557da998e6ec40e from qemu
2018-02-19 11:39:04 -05:00
Richard Henderson 2c3ad57215
tcg: Change temp_sync argument to TCGTemp
Backports commit 12b9b11a2743002232098afb41810f1c0cb211a0 from qemu
2018-02-19 11:37:12 -05:00
Richard Henderson 82a4e93629
tcg: Change temp_dead argument to TCGTemp
Backports commit f8bf00f1028a00a7978e9175da53944de95b9fcb from qemu
2018-02-19 11:34:17 -05:00
Richard Henderson daf837956c
tcg: Change reg_to_temp to TCGTemp pointer
Backports commit f8b2f202344b362b1e676688f838d6b7c08f1975 from qemu
2018-02-19 11:30:26 -05:00
Richard Henderson cf59e51811
tcg: Work around clang bug wrt enum ranges
A subsequent patch patch will change the type of REG from int
to enum TCGReg, which provokes the following bug in clang:

https://llvm.org/bugs/show_bug.cgi?id=16154

Backports commit c8074023204e8e8a213399961ab56e2814aa6116 from qemu
2018-02-19 11:23:19 -05:00
Richard Henderson 7cb5f2fed8
tcg: Tidy temporary allocation
In particular, make sure the memory is memset before use.
Continues the increased use of TCGTemp pointers instead of
integer indices where appropriate.

Backports commit 7ca4b752feaab647b0c1a147bd3815fcdb479a59 from qemu
2018-02-19 11:17:45 -05:00
Richard Henderson 45f9ddf970
tcg: Remove tcg_get_arg_str_i32/64
Backports commit e4ce0d4eb774eb2a8b6a27cd8a6f1d75e05c21ae from qemu
2018-02-19 02:07:04 -05:00
Richard Henderson 12577dfcc0
tcg: More use of TCGReg where appropriate
Backports commit b66386623176e0b0f3bd270640bdb8ac8431c732 from qemu
2018-02-19 02:06:08 -05:00
Emilio G. Cota e7a7d8c508
tcg: optimise memory layout of TCGTemp
This brings down the size of the struct from 56 to 32 bytes on 64-bit,
and to 20 bytes on 32-bit. This leads to memory savings:

Before:
$ find . -name 'tcg.o' | xargs size
   text    data     bss     dec     hex filename
  41131   29800      88   71019   1156b ./aarch64-softmmu/tcg/tcg.o
  37969   29416      96   67481   10799 ./x86_64-linux-user/tcg/tcg.o
  39354   28816      96   68266   10aaa ./arm-linux-user/tcg/tcg.o
  40802   29096      88   69986   11162 ./arm-softmmu/tcg/tcg.o
  39417   29672      88   69177   10e39 ./x86_64-softmmu/tcg/tcg.o

After:
$ find . -name 'tcg.o' | xargs size
   text    data     bss     dec     hex filename
  40883   29800      88   70771   11473 ./aarch64-softmmu/tcg/tcg.o
  37473   29416      96   66985   105a9 ./x86_64-linux-user/tcg/tcg.o
  38858   28816      96   67770   108ba ./arm-linux-user/tcg/tcg.o
  40554   29096      88   69738   1106a ./arm-softmmu/tcg/tcg.o
  39169   29672      88   68929   10d41 ./x86_64-softmmu/tcg/tcg.o

Note that using an entire byte for some enums that need less than
that wastes a few bits (noticeable in 32 bits, where we use
20 bytes instead of 16) but avoids extraction code, which overall
is a win--I've tested several variations of the patch, and the appended
is the best performer for OpenSSL's bntest by a very small margin:

Before:
$ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null
[...]
 Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs):

      10538.479833 task-clock (msec)  # 0.999 CPUs utilized  ( +-  0.38% )
               772 context-switches   # 0.073 K/sec          ( +-  2.03% )
                 0 cpu-migrations     # 0.000 K/sec          ( +-100.00% )
             2,207 page-faults        # 0.209 K/sec          ( +-  0.08% )
      10.552871687 seconds time elapsed                      ( +-  0.39% )

After:
$ taskset -c 0 perf stat -r 15 -- x86_64-linux-user/qemu-x86_64 img/bntest-x86_64 >/dev/null
 Performance counter stats for 'x86_64-linux-user/qemu-x86_64 img/bntest-x86_64' (15 runs):

      10459.968847 task-clock (msec)  # 0.999 CPUs utilized  ( +-  0.30% )
               739 context-switches   # 0.071 K/sec          ( +-  1.71% )
                 0 cpu-migrations     # 0.000 K/sec          ( +- 68.14% )
             2,204 page-faults        # 0.211 K/sec          ( +-  0.10% )
      10.473900411 seconds time elapsed                      ( +-  0.30% )

Backports commit 00c8fa9ffeee7458e5ed62c962faf638156c18da from qemu
2018-02-19 02:03:01 -05:00
Richard Henderson c507f16702
tcg: Remove lingering references to gen_opc_buf
Three in comments and one in code in the stub tcg_liveness_analysis.

Backports commit 201577059331b8b3aef221ee2ed594deb99d6631 from qemu
2018-02-19 01:42:55 -05:00
Richard Henderson 8dbf46ca82
tcg: Respect highwater in tcg_out_tb_finalize
Undo the workaround at b17a6d3390f87620735f7efb03bb1c96682ff449.

If there are lots of memory operations in a TB, the slow path code
can exceed the highwater reservation. Add a check within the loop.

Backports commit 23dceda62a3643f734b7aa474fa6052593ae1a70 from qemu
2018-02-19 01:40:20 -05:00
Peter Maydell 4ca19f2cd6
tcg: Clean up includes
Clean up includes so that osdep.h is included first and headers
which it implies are not included manually.

This commit was created with scripts/clean-includes.

Backports commit 757e725b58c57d3ebb66a31fd2210df977a12154 from qemu
2018-02-19 01:04:30 -05:00
John Clarke 5c57445f08
tcg: Fix highwater check
A simple typo in the variable to use when comparing vs the highwater mark.
Reports are that qemu can in fact segfault occasionally due to this mistake.

Backports commit 644da9b39e477caa80bab69d2847dfcb468f0d33 from qemu
2018-02-17 18:53:18 -05:00
Lioncash a2e7d86ccf
tcg/mips: Support r6 SEL{NE, EQ}Z instead of MOVN/MOVZ
Extend MIPS movcond implementation to support the SELNEZ/SELEQZ
instructions introduced in MIPS r6 (where MOVN/MOVZ have been removed).

Whereas the "MOVN/MOVZ rd, rs, rt" instructions have the following
semantics:
rd = [!]rt ? rs : rd

The "SELNEZ/SELEQZ rd, rs, rt" instructions are slightly different:
rd = [!]rt ? rs : 0

First we ensure that if one of the movcond input values is zero that it
comes last (we can swap the input arguments if we invert the condition).
This is so that it can exactly match one of the SELNEZ/SELEQZ
instructions and avoid the need to emit the other one.

Otherwise we emit the opposite instruction first into a temporary
register, and OR that into the result:
SELNEZ/SELEQZ TMP1, v2, c1
SELEQZ/SELNEZ ret, v1, c1
OR ret, ret, TMP1

Which does the following:
ret = cond ? v1 : v2

Backports commit 137d63902faf4960081856db9242cbaf234a23af from qemu
2018-02-17 15:24:04 -05:00
James Hogan e71d19df81
tcg/mips: Support r6 multiply/divide encodings
MIPSr6 adds several new integer multiply, divide, and modulo
instructions, and removes several pre-r6 encodings, along with the HI/LO
registers which were the implicit operands of some of those
instructions. Update TCG to use the new instructions when built for r6.

The new instructions actually map much more directly to the TCG ops, as
they only provide a single 32-bit half of the result and in a normal
general purpose register instead of HI or LO.

The mulu2_i32 and muls2_i32 operations are no longer appropriate for r6,
so they are removed from the TCG opcode table. This is because they
would need to emit two separate host instructions anyway (for the high
and low half of the result), which TCG can arrange automatically for us
in the absense of mulu2_i32/muls2_i32 by splitting it into mul_i32 and
mul*h_i32 TCG ops.

Backports commit bc6d0c22b09a72897d9db4482076f89e7de97400 from qemu
2018-02-17 15:24:04 -05:00
James Hogan 9dac598855
tcg/mips: Support r6 JR encoding
MIPSr6 encodes JR as JALR with zero as the link register, and the pre-r6
JR encoding is removed. Update TCG to use the new encoding when built
for r6.

We still use the old encoding for pre-r6, so as not to confuse return
prediction stack hardware which may detect only particular encodings of
the return instruction.

Backports commit 6e0d096989be52c2b945fc83a9bd15d887bbdb47 from qemu
2018-02-17 15:24:04 -05:00
James Hogan 7f1bc28513
tcg/mips: Add use_mips32r6_instructions definition
Add definition use_mips32r6_instructions to the MIPS TCG backend which
is constant 1 when built for MIPS release 6. This will be used to decide
between pre-R6 and R6 instruction encodings.

Backports commit ce14bd4d469f3a14f6cbfceb6360aee066a60d72 from qemu
2018-02-17 15:24:04 -05:00
James Hogan 9d3a2feea0
tcg-opc.h: Simplify insn_start def
We already have a TLADDR_ARGS definition, so rearrange the order
slightly and use it in the definition of insn_start, instead of
having an #ifdef.

Backports commit c0e40dbdcc291c85faa289a53be60b7b1b7c7598 from qemu
2018-02-17 15:24:03 -05:00
Richard Henderson d167379211
tcg/ppc: Prefer mask over andi.
Prefer the instruction that isn't required to modify cr0.

Backports commit 1e1df962e325e18a5188c4814cd1a10215a48f79 from qemu
2018-02-17 15:24:03 -05:00
Richard Henderson 3c3dee3747
tcg/ppc: Revise goto_tb implementation
Restrict the size of code_gen_buffer to 2GB on ppc64, which
lets us assert that everything is reachable with addis+addi
from tb_ret_addr. This lets us use a max of 4 insns for goto_tb
instead of 7.

Emit the indirect branch portion of goto_tb up front, which
means we only have to update two insns to update any link.
With a 64-bit store, we can update the link atomically, which
may be required in future.

Backports commit 5bfd75a35c11dd3aa61c73d0d2cd88137c31519c from qemu
2018-02-17 15:24:03 -05:00
Richard Henderson 13ad21a21f
tcg/ppc: Adjust exit_tb for change in prologue placement
Changing the prologue to the beginning of the code_gen_buffer
changes the direction of the "return" branch. Need to change
the logic to match.

Backports commit 70f897bdc4ce4101ec008317d43090f532bfb07d from qemu
2018-02-17 15:24:03 -05:00
Richard Henderson bdf667fd4e
tcg: Check for overflow via highwater mark
We currently pre-compute an worst case code size for any TB, which
works out to be 122kB. Since the average TB size is near 1kB, this
wastes quite a lot of storage.

Instead, check for overflow in between generating code for each opcode.
The overhead of the check isn't measurable and wastage is minimized.

Backports commit b125f9dc7bd68cd4c57189db4da83b0620b28a72 from qemu
2018-02-17 15:24:00 -05:00
Richard Henderson 19a3c7e03f
tcg: Emit prologue to the beginning of code_gen_buffer
By putting the prologue at the end, we risk overwriting the
prologue should our estimate of maximum TB size. Given the
two different placements of the call to tcg_prologue_init,
move the high water mark computation into tcg_prologue_init.

Backports commit 8163b74938d8b7d12e70597c4553dd0dc49443d5 from qemu
2018-02-17 15:24:00 -05:00
Richard Henderson 532877a366
tcg: Remove tcg_gen_code_search_pc
It's no longer used, so tidy up everything reached by it.

Backports commit 04fe64000162c45d8974da9ca4d266f8d0e67eb7 from qemu
2018-02-17 15:24:00 -05:00
Richard Henderson a5ac288135
tcg: Remove gen_intermediate_code_pc
It is no longer used, so tidy up everything reached by it.
This includes the gen_opc_* arrays, the search_pc parameter
and the inline gen_intermediate_code_internal functions.

Backports commit 4e5e1215156662b2b153255c49d4640d82c5568b from qemu
2018-02-17 15:23:59 -05:00
Richard Henderson 66de6cc37c
tcg: Save insn data and use it in cpu_restore_state_from_tb
We can now restore state without retranslation.

Backports commit fca8a500d519a56abeaedf8073167a61d3c6b9c4 from qemu
2018-02-17 15:23:59 -05:00
Richard Henderson 1cbd175736
tcg: Pass data argument to restore_state_to_opc
The gen_opc_* arrays are already redundant with the data stored in
the insn_start arguments. Transition restore_state_to_opc to use
data from the latter.

Backports commit bad729e272387de7dbfa3ec4319036552fc6c107 from qemu
2018-02-17 15:23:58 -05:00
Lioncash b115c5509d
tcg: Add TCG_MAX_INSNS
Adjust all translators to respect it.

Backports commit 190ce7fbc79fd0883a6170d7f30da59d366e6830 from qemu
2018-02-17 15:23:58 -05:00
Richard Henderson 2c1ae7a408
target-sparc: Remove gen_opc_jump_pc
Since jump_pc[1] is always npc + 4, we can infer after incrementing
that jump_pc[1] == pc + 4. Because of that, we can encode the branch
destination into a single word, and store that in npc.

Backports commit 6c42444f9a53b6af39d46008cb9f650b11e96cb9 from qemu
2018-02-17 15:23:56 -05:00
Richard Henderson 500e116581
target-mips: Add delayed branch state to insn_start
Backports commit c20d594e45bc8c4b21be1a7637cba0f279f72879 from qemu
2018-02-17 15:23:56 -05:00
Aurelien Jarno b5f5e2dbc2
tcg/mips: pass oi to tcg_out_tlb_load
Instead of computing mem_index and s_bits in both tcg_out_qemu_ld and
tcg_out_qemu_st function and passing them to tcg_out_tlb_load, directly
pass oi to the tcg_out_tlb_load function and compute mem_index and
s_bits there.

Backports commit 81dfaf1a8f7f95259801da9732472f879023ef77 from qemu
2018-02-17 15:23:54 -05:00
Peter Crosthwaite 2b15db6e12
tcg: split tcg_op_defs to -common
tcg_op_defs (and the _max) are both needed by the TCI disassembler. For
multi-arch, tcg.c will be multiple-compiled (arch-obj) with its symbols
hidden from common code. So split the definition off to new file,
tcg-common.c which will remain a regular obj-y for use by both the TCI
disas as well as the multiple tcg.c's.

Backports commit 7d8f787d9d261d6880b69e35ed682241e3f9242f from qemu
2018-02-17 15:23:51 -05:00
Pavel Dovgalyuk 6cdaaf9b1b
softmmu: add helper function to pass through retaddr
This patch introduces several helpers to pass return address
which points to the TB. Correct return address allows correct
restoring of the guest PC and icount. These functions should be used when
helpers embedded into TB invoke memory operations.

Backports commit 282dffc8a4bfe8724548cabb8a26698bde0a6e18 from qemu
2018-02-17 15:23:38 -05:00
Aurelien Jarno 11cfddad05
tcg/i386: use softmmu fast path for unaligned accesses
Softmmu unaligned load/stores currently goes through through the slow
path for two reasons:
  - to support unaligned access on host with strict alignement
  - to correctly handle accesses crossing pages

x86 is only concerned by the second reason. Unaligned accesses are
avoided by compilers, but are not uncommon. We therefore would like
to see them going through the fast path, if they don't cross pages.

For that we can use the fact that two adjacent TLB entries can't contain
the same page. Therefore accessing the TLB entry corresponding to the
first byte, but comparing its content to page address of the last byte
ensures that we don't cross pages. We can do this check without adding
more instructions in the TLB code (but increasing its length by one
byte) by using the LEA instruction to combine the existing move with the
size addition.

On an x86-64 host, this gives a 3% boot time improvement for a powerpc
guest and 4% for an x86-64 guest.

Backports commit 8cc580f6a0d8c0e2f590c1472cf5cd8e51761760 from qemu
2018-02-17 15:23:33 -05:00
Laurent Vivier ea2ee48d9c
s390: fix softmmu compilation
guest_base must be used only in linux-user mode.

Backports commit 090d0bfd948343d522cd20bc634105b5cfe2483b from qemu
2018-02-17 15:23:32 -05:00
James Hogan dba4828444
tcg/mips: Fix clobbering of qemu_ld inputs
The MIPS TCG backend implements qemu_ld with 64-bit targets using the v0
register (base) as a temporary to load the upper half of the QEMU TLB
comparator (see line 5 below), however this happens before the input
address is used (line 8 to mask off the low bits for the TLB
comparison, and line 12 to add the host-guest offset). If the input
address (addrl) also happens to have been placed in v0 (as in the second
column below), it gets clobbered before it is used.

addrl in t2 addrl in v0

1 srl a0,t2,0x7 srl a0,v0,0x7
2 andi a0,a0,0x1fe0 andi a0,a0,0x1fe0
3 addu a0,a0,s0 addu a0,a0,s0
4 lw at,9136(a0) lw at,9136(a0) set TCG_TMP0 (at)
5 lw v0,9140(a0) lw v0,9140(a0) set base (v0)
6 li t9,-4093 li t9,-4093
7 lw a0,9160(a0) lw a0,9160(a0) set addend (a0)
8 and t9,t9,t2 and t9,t9,v0 use addrl
9 bne at,t9,0x836d8c8 bne at,t9,0x836d838 use TCG_TMP0
10 nop nop
11 bne v0,t8,0x836d8c8 bne v0,a1,0x836d838 use base
12 addu v0,a0,t2 addu v0,a0,v0 use addrl, addend
13 lw t0,0(v0) lw t0,0(v0)

Fix by using TCG_TMP0 (at) as the temporary instead of v0 (base),
pushing the load on line 5 forward into the delay slot of the low
comparison (line 10). The early load of the addend on line 7 also needs
pushing even further for 64-bit targets, or it will clobber a0 before
we're done with it. The output for 32-bit targets is unaffected.

srl a0,v0,0x7
andi a0,a0,0x1fe0
addu a0,a0,s0
lw at,9136(a0)
-lw v0,9140(a0) load high comparator
li t9,-4093
-lw a0,9160(a0) load addend
and t9,t9,v0
bne at,t9,0x836d838
- nop
+ lw at,9140(a0) load high comparator
+lw a0,9160(a0) load addend
-bne v0,a1,0x836d838
+bne at,a1,0x836d838
addu v0,a0,v0
lw t0,0(v0)

Backports commit 33fca8589cf2aa7bf91564e6a8f26b3ba0910541 from qemu
2018-02-17 15:23:24 -05:00
Aurelien Jarno 45927edecf
tcg/mips: fix add2
The add2 code in the tcg_out_addsub2 function doesn't take into account
the case where rl == al == bl. In that case we can't compute the carry
after the addition. As it corresponds to a multiplication by 2, the
carry bit is the bit 31.

While this is a corner case, this prevents x86-64 guests to boot on a
MIPS host.

Backports commit c99d69694af4ed15b33e3f7c2e3ef6972c14358d from qemu
2018-02-17 15:23:23 -05:00