* [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL
@ 2022-09-30 21:26 Richard Henderson
2022-09-30 21:26 ` [PATCH v6 01/18] cpu: cache CPUClass in CPUState for hot code paths Richard Henderson
` (19 more replies)
0 siblings, 20 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee
Changes for v6:
* CPUTLBEntryFull is now completely reviewed.
* Incorporated the CPUClass caching patches,
as I will add a new use of the cached value.
* Move CPUJumpCache out of include/hw/core.h. While looking at
Alex's review of the patch, I realized that adding the virtual
pc value unconditionally would consume 64kB per cpu on targets
that do not require it. Further, making it dynamically allocated
(a consequence of core.h not having the structure definition to
add to CPUState), means that we save 64kB per cpu when running
with hardware virtualization (kvm, xen, etc).
* Add CPUClass.get_pc, so that we can always use or filter on the
virtual address when logging.
Patches needing review:
13-accel-tcg-Do-not-align-tb-page_addr-0.patch
14-accel-tcg-Inline-tb_flush_jmp_cache.patch (new)
16-hw-core-Add-CPUClass.get_pc.patch (new)
17-accel-tcg-Introduce-tb_pc-and-log_pc.patch (mostly new)
18-accel-tcg-Introduce-TARGET_TB_PCREL.patch
r~
Alex Bennée (3):
cpu: cache CPUClass in CPUState for hot code paths
hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs
cputlb: used cached CPUClass in our hot-paths
Richard Henderson (15):
accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull
accel/tcg: Drop addr member from SavedIOTLB
accel/tcg: Suppress auto-invalidate in probe_access_internal
accel/tcg: Introduce probe_access_full
accel/tcg: Introduce tlb_set_page_full
include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA
accel/tcg: Remove PageDesc code_bitmap
accel/tcg: Use bool for page_find_alloc
accel/tcg: Use DisasContextBase in plugin_gen_tb_start
accel/tcg: Do not align tb->page_addr[0]
accel/tcg: Inline tb_flush_jmp_cache
include/hw/core: Create struct CPUJumpCache
hw/core: Add CPUClass.get_pc
accel/tcg: Introduce tb_pc and log_pc
accel/tcg: Introduce TARGET_TB_PCREL
accel/tcg/internal.h | 10 +
accel/tcg/tb-hash.h | 1 +
accel/tcg/tb-jmp-cache.h | 29 +++
include/exec/cpu-common.h | 1 +
include/exec/cpu-defs.h | 48 ++++-
include/exec/exec-all.h | 75 ++++++-
include/exec/plugin-gen.h | 7 +-
include/hw/core/cpu.h | 28 ++-
include/qemu/typedefs.h | 1 +
include/tcg/tcg.h | 2 +-
accel/tcg/cpu-exec.c | 122 +++++++----
accel/tcg/cputlb.c | 259 ++++++++++++++----------
accel/tcg/plugin-gen.c | 22 +-
accel/tcg/translate-all.c | 200 ++++++++----------
accel/tcg/translator.c | 2 +-
cpu.c | 9 +-
hw/core/cpu-common.c | 3 +-
hw/core/cpu-sysemu.c | 5 +-
plugins/core.c | 2 +-
target/alpha/cpu.c | 9 +
target/arm/cpu.c | 17 +-
target/arm/mte_helper.c | 14 +-
target/arm/sve_helper.c | 4 +-
target/arm/translate-a64.c | 2 +-
target/avr/cpu.c | 10 +-
target/cris/cpu.c | 8 +
target/hexagon/cpu.c | 10 +-
target/hppa/cpu.c | 12 +-
target/i386/cpu.c | 9 +
target/i386/tcg/tcg-cpu.c | 2 +-
target/loongarch/cpu.c | 11 +-
target/m68k/cpu.c | 8 +
target/microblaze/cpu.c | 10 +-
target/mips/cpu.c | 8 +
target/mips/tcg/exception.c | 2 +-
target/mips/tcg/sysemu/special_helper.c | 2 +-
target/nios2/cpu.c | 9 +
target/openrisc/cpu.c | 10 +-
target/ppc/cpu_init.c | 8 +
target/riscv/cpu.c | 17 +-
target/rx/cpu.c | 10 +-
target/s390x/cpu.c | 8 +
target/s390x/tcg/mem_helper.c | 4 -
target/sh4/cpu.c | 12 +-
target/sparc/cpu.c | 10 +-
target/tricore/cpu.c | 11 +-
target/xtensa/cpu.c | 8 +
tcg/tcg.c | 8 +-
trace/control-target.c | 2 +-
49 files changed, 723 insertions(+), 358 deletions(-)
create mode 100644 accel/tcg/tb-jmp-cache.h
--
2.34.1
^ permalink raw reply [flat|nested] 30+ messages in thread
* [PATCH v6 01/18] cpu: cache CPUClass in CPUState for hot code paths
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 02/18] hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs Richard Henderson
` (18 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Cédric Le Goater
From: Alex Bennée <alex.bennee@linaro.org>
The class cast checkers are quite expensive and always on (unlike the
dynamic case who's checks are gated by CONFIG_QOM_CAST_DEBUG). To
avoid the overhead of repeatedly checking something which should never
change we cache the CPUClass reference for use in the hot code paths.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220811151413.3350684-3-alex.bennee@linaro.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220923084803.498337-3-clg@kaod.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/hw/core/cpu.h | 9 +++++++++
cpu.c | 9 ++++-----
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 500503da13..1a7e1a9380 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -51,6 +51,13 @@ typedef int (*WriteCoreDumpFunction)(const void *buf, size_t size,
*/
#define CPU(obj) ((CPUState *)(obj))
+/*
+ * The class checkers bring in CPU_GET_CLASS() which is potentially
+ * expensive given the eventual call to
+ * object_class_dynamic_cast_assert(). Because of this the CPUState
+ * has a cached value for the class in cs->cc which is set up in
+ * cpu_exec_realizefn() for use in hot code paths.
+ */
typedef struct CPUClass CPUClass;
DECLARE_CLASS_CHECKERS(CPUClass, CPU,
TYPE_CPU)
@@ -317,6 +324,8 @@ struct qemu_work_item;
struct CPUState {
/*< private >*/
DeviceState parent_obj;
+ /* cache to avoid expensive CPU_GET_CLASS */
+ CPUClass *cc;
/*< public >*/
int nr_cores;
diff --git a/cpu.c b/cpu.c
index 584ac78baf..14365e36f3 100644
--- a/cpu.c
+++ b/cpu.c
@@ -131,9 +131,8 @@ const VMStateDescription vmstate_cpu_common = {
void cpu_exec_realizefn(CPUState *cpu, Error **errp)
{
-#ifndef CONFIG_USER_ONLY
- CPUClass *cc = CPU_GET_CLASS(cpu);
-#endif
+ /* cache the cpu class for the hotpath */
+ cpu->cc = CPU_GET_CLASS(cpu);
cpu_list_add(cpu);
if (!accel_cpu_realizefn(cpu, errp)) {
@@ -151,8 +150,8 @@ void cpu_exec_realizefn(CPUState *cpu, Error **errp)
if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
vmstate_register(NULL, cpu->cpu_index, &vmstate_cpu_common, cpu);
}
- if (cc->sysemu_ops->legacy_vmsd != NULL) {
- vmstate_register(NULL, cpu->cpu_index, cc->sysemu_ops->legacy_vmsd, cpu);
+ if (cpu->cc->sysemu_ops->legacy_vmsd != NULL) {
+ vmstate_register(NULL, cpu->cpu_index, cpu->cc->sysemu_ops->legacy_vmsd, cpu);
}
#endif /* CONFIG_USER_ONLY */
}
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 02/18] hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
2022-09-30 21:26 ` [PATCH v6 01/18] cpu: cache CPUClass in CPUState for hot code paths Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 03/18] cputlb: used cached CPUClass in our hot-paths Richard Henderson
` (17 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Cédric Le Goater
From: Alex Bennée <alex.bennee@linaro.org>
This is a heavily used function so lets avoid the cost of
CPU_GET_CLASS. On the romulus-bmc run it has a modest effect:
Before: 36.812 s ± 0.506 s
After: 35.912 s ± 0.168 s
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220811151413.3350684-4-alex.bennee@linaro.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220923084803.498337-4-clg@kaod.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
hw/core/cpu-sysemu.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/hw/core/cpu-sysemu.c b/hw/core/cpu-sysemu.c
index 00253f8929..5eaf2e79e6 100644
--- a/hw/core/cpu-sysemu.c
+++ b/hw/core/cpu-sysemu.c
@@ -69,11 +69,10 @@ hwaddr cpu_get_phys_page_debug(CPUState *cpu, vaddr addr)
int cpu_asidx_from_attrs(CPUState *cpu, MemTxAttrs attrs)
{
- CPUClass *cc = CPU_GET_CLASS(cpu);
int ret = 0;
- if (cc->sysemu_ops->asidx_from_attrs) {
- ret = cc->sysemu_ops->asidx_from_attrs(cpu, attrs);
+ if (cpu->cc->sysemu_ops->asidx_from_attrs) {
+ ret = cpu->cc->sysemu_ops->asidx_from_attrs(cpu, attrs);
assert(ret < cpu->num_ases && ret >= 0);
}
return ret;
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 03/18] cputlb: used cached CPUClass in our hot-paths
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
2022-09-30 21:26 ` [PATCH v6 01/18] cpu: cache CPUClass in CPUState for hot code paths Richard Henderson
2022-09-30 21:26 ` [PATCH v6 02/18] hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 04/18] accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull Richard Henderson
` (16 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Cédric Le Goater
From: Alex Bennée <alex.bennee@linaro.org>
Before: 35.912 s ± 0.168 s
After: 35.565 s ± 0.087 s
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220811151413.3350684-5-alex.bennee@linaro.org>
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Message-Id: <20220923084803.498337-5-clg@kaod.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/cputlb.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 8fad2d9b83..193bfc1cfc 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1291,15 +1291,14 @@ void tlb_set_page(CPUState *cpu, target_ulong vaddr,
static void tlb_fill(CPUState *cpu, target_ulong addr, int size,
MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
- CPUClass *cc = CPU_GET_CLASS(cpu);
bool ok;
/*
* This is not a probe, so only valid return is success; failure
* should result in exception + longjmp to the cpu loop.
*/
- ok = cc->tcg_ops->tlb_fill(cpu, addr, size,
- access_type, mmu_idx, false, retaddr);
+ ok = cpu->cc->tcg_ops->tlb_fill(cpu, addr, size,
+ access_type, mmu_idx, false, retaddr);
assert(ok);
}
@@ -1307,9 +1306,8 @@ static inline void cpu_unaligned_access(CPUState *cpu, vaddr addr,
MMUAccessType access_type,
int mmu_idx, uintptr_t retaddr)
{
- CPUClass *cc = CPU_GET_CLASS(cpu);
-
- cc->tcg_ops->do_unaligned_access(cpu, addr, access_type, mmu_idx, retaddr);
+ cpu->cc->tcg_ops->do_unaligned_access(cpu, addr, access_type,
+ mmu_idx, retaddr);
}
static inline void cpu_transaction_failed(CPUState *cpu, hwaddr physaddr,
@@ -1539,10 +1537,9 @@ static int probe_access_internal(CPUArchState *env, target_ulong addr,
if (!tlb_hit_page(tlb_addr, page_addr)) {
if (!victim_tlb_hit(env, mmu_idx, index, elt_ofs, page_addr)) {
CPUState *cs = env_cpu(env);
- CPUClass *cc = CPU_GET_CLASS(cs);
- if (!cc->tcg_ops->tlb_fill(cs, addr, fault_size, access_type,
- mmu_idx, nonfault, retaddr)) {
+ if (!cs->cc->tcg_ops->tlb_fill(cs, addr, fault_size, access_type,
+ mmu_idx, nonfault, retaddr)) {
/* Non-faulting page table read failed. */
*phost = NULL;
return TLB_INVALID_MASK;
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 04/18] accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (2 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 03/18] cputlb: used cached CPUClass in our hot-paths Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 05/18] accel/tcg: Drop addr member from SavedIOTLB Richard Henderson
` (15 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Peter Maydell,
Philippe Mathieu-Daudé
This structure will shortly contain more than just
data for accessing MMIO. Rename the 'addr' member
to 'xlat_section' to more clearly indicate its purpose.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/cpu-defs.h | 22 ++++----
accel/tcg/cputlb.c | 102 +++++++++++++++++++------------------
target/arm/mte_helper.c | 14 ++---
target/arm/sve_helper.c | 4 +-
target/arm/translate-a64.c | 2 +-
5 files changed, 73 insertions(+), 71 deletions(-)
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index ba3cd32a1e..f70f54d850 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -108,6 +108,7 @@ typedef uint64_t target_ulong;
# endif
# endif
+/* Minimalized TLB entry for use by TCG fast path. */
typedef struct CPUTLBEntry {
/* bit TARGET_LONG_BITS to TARGET_PAGE_BITS : virtual address
bit TARGET_PAGE_BITS-1..4 : Nonzero for accesses that should not
@@ -131,14 +132,14 @@ typedef struct CPUTLBEntry {
QEMU_BUILD_BUG_ON(sizeof(CPUTLBEntry) != (1 << CPU_TLB_ENTRY_BITS));
-/* The IOTLB is not accessed directly inline by generated TCG code,
- * so the CPUIOTLBEntry layout is not as critical as that of the
- * CPUTLBEntry. (This is also why we don't want to combine the two
- * structs into one.)
+/*
+ * The full TLB entry, which is not accessed by generated TCG code,
+ * so the layout is not as critical as that of CPUTLBEntry. This is
+ * also why we don't want to combine the two structs.
*/
-typedef struct CPUIOTLBEntry {
+typedef struct CPUTLBEntryFull {
/*
- * @addr contains:
+ * @xlat_section contains:
* - in the lower TARGET_PAGE_BITS, a physical section number
* - with the lower TARGET_PAGE_BITS masked off, an offset which
* must be added to the virtual address to obtain:
@@ -146,9 +147,9 @@ typedef struct CPUIOTLBEntry {
* number is PHYS_SECTION_NOTDIRTY or PHYS_SECTION_ROM)
* + the offset within the target MemoryRegion (otherwise)
*/
- hwaddr addr;
+ hwaddr xlat_section;
MemTxAttrs attrs;
-} CPUIOTLBEntry;
+} CPUTLBEntryFull;
/*
* Data elements that are per MMU mode, minus the bits accessed by
@@ -172,9 +173,8 @@ typedef struct CPUTLBDesc {
size_t vindex;
/* The tlb victim table, in two parts. */
CPUTLBEntry vtable[CPU_VTLB_SIZE];
- CPUIOTLBEntry viotlb[CPU_VTLB_SIZE];
- /* The iotlb. */
- CPUIOTLBEntry *iotlb;
+ CPUTLBEntryFull vfulltlb[CPU_VTLB_SIZE];
+ CPUTLBEntryFull *fulltlb;
} CPUTLBDesc;
/*
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 193bfc1cfc..aa22f578cb 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -200,13 +200,13 @@ static void tlb_mmu_resize_locked(CPUTLBDesc *desc, CPUTLBDescFast *fast,
}
g_free(fast->table);
- g_free(desc->iotlb);
+ g_free(desc->fulltlb);
tlb_window_reset(desc, now, 0);
/* desc->n_used_entries is cleared by the caller */
fast->mask = (new_size - 1) << CPU_TLB_ENTRY_BITS;
fast->table = g_try_new(CPUTLBEntry, new_size);
- desc->iotlb = g_try_new(CPUIOTLBEntry, new_size);
+ desc->fulltlb = g_try_new(CPUTLBEntryFull, new_size);
/*
* If the allocations fail, try smaller sizes. We just freed some
@@ -215,7 +215,7 @@ static void tlb_mmu_resize_locked(CPUTLBDesc *desc, CPUTLBDescFast *fast,
* allocations to fail though, so we progressively reduce the allocation
* size, aborting if we cannot even allocate the smallest TLB we support.
*/
- while (fast->table == NULL || desc->iotlb == NULL) {
+ while (fast->table == NULL || desc->fulltlb == NULL) {
if (new_size == (1 << CPU_TLB_DYN_MIN_BITS)) {
error_report("%s: %s", __func__, strerror(errno));
abort();
@@ -224,9 +224,9 @@ static void tlb_mmu_resize_locked(CPUTLBDesc *desc, CPUTLBDescFast *fast,
fast->mask = (new_size - 1) << CPU_TLB_ENTRY_BITS;
g_free(fast->table);
- g_free(desc->iotlb);
+ g_free(desc->fulltlb);
fast->table = g_try_new(CPUTLBEntry, new_size);
- desc->iotlb = g_try_new(CPUIOTLBEntry, new_size);
+ desc->fulltlb = g_try_new(CPUTLBEntryFull, new_size);
}
}
@@ -258,7 +258,7 @@ static void tlb_mmu_init(CPUTLBDesc *desc, CPUTLBDescFast *fast, int64_t now)
desc->n_used_entries = 0;
fast->mask = (n_entries - 1) << CPU_TLB_ENTRY_BITS;
fast->table = g_new(CPUTLBEntry, n_entries);
- desc->iotlb = g_new(CPUIOTLBEntry, n_entries);
+ desc->fulltlb = g_new(CPUTLBEntryFull, n_entries);
tlb_mmu_flush_locked(desc, fast);
}
@@ -299,7 +299,7 @@ void tlb_destroy(CPUState *cpu)
CPUTLBDescFast *fast = &env_tlb(env)->f[i];
g_free(fast->table);
- g_free(desc->iotlb);
+ g_free(desc->fulltlb);
}
}
@@ -1219,7 +1219,7 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
/* Evict the old entry into the victim tlb. */
copy_tlb_helper_locked(tv, te);
- desc->viotlb[vidx] = desc->iotlb[index];
+ desc->vfulltlb[vidx] = desc->fulltlb[index];
tlb_n_used_entries_dec(env, mmu_idx);
}
@@ -1236,8 +1236,8 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
* subtract here is that of the page base, and not the same as the
* vaddr we add back in io_readx()/io_writex()/get_page_addr_code().
*/
- desc->iotlb[index].addr = iotlb - vaddr_page;
- desc->iotlb[index].attrs = attrs;
+ desc->fulltlb[index].xlat_section = iotlb - vaddr_page;
+ desc->fulltlb[index].attrs = attrs;
/* Now calculate the new entry */
tn.addend = addend - vaddr_page;
@@ -1327,7 +1327,7 @@ static inline void cpu_transaction_failed(CPUState *cpu, hwaddr physaddr,
}
}
-static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
+static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
int mmu_idx, target_ulong addr, uintptr_t retaddr,
MMUAccessType access_type, MemOp op)
{
@@ -1339,9 +1339,9 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
bool locked = false;
MemTxResult r;
- section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
+ section = iotlb_to_section(cpu, full->xlat_section, full->attrs);
mr = section->mr;
- mr_offset = (iotlbentry->addr & TARGET_PAGE_MASK) + addr;
+ mr_offset = (full->xlat_section & TARGET_PAGE_MASK) + addr;
cpu->mem_io_pc = retaddr;
if (!cpu->can_do_io) {
cpu_io_recompile(cpu, retaddr);
@@ -1351,14 +1351,14 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
qemu_mutex_lock_iothread();
locked = true;
}
- r = memory_region_dispatch_read(mr, mr_offset, &val, op, iotlbentry->attrs);
+ r = memory_region_dispatch_read(mr, mr_offset, &val, op, full->attrs);
if (r != MEMTX_OK) {
hwaddr physaddr = mr_offset +
section->offset_within_address_space -
section->offset_within_region;
cpu_transaction_failed(cpu, physaddr, addr, memop_size(op), access_type,
- mmu_idx, iotlbentry->attrs, r, retaddr);
+ mmu_idx, full->attrs, r, retaddr);
}
if (locked) {
qemu_mutex_unlock_iothread();
@@ -1368,8 +1368,8 @@ static uint64_t io_readx(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
}
/*
- * Save a potentially trashed IOTLB entry for later lookup by plugin.
- * This is read by tlb_plugin_lookup if the iotlb entry doesn't match
+ * Save a potentially trashed CPUTLBEntryFull for later lookup by plugin.
+ * This is read by tlb_plugin_lookup if the fulltlb entry doesn't match
* because of the side effect of io_writex changing memory layout.
*/
static void save_iotlb_data(CPUState *cs, hwaddr addr,
@@ -1383,7 +1383,7 @@ static void save_iotlb_data(CPUState *cs, hwaddr addr,
#endif
}
-static void io_writex(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
+static void io_writex(CPUArchState *env, CPUTLBEntryFull *full,
int mmu_idx, uint64_t val, target_ulong addr,
uintptr_t retaddr, MemOp op)
{
@@ -1394,9 +1394,9 @@ static void io_writex(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
bool locked = false;
MemTxResult r;
- section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
+ section = iotlb_to_section(cpu, full->xlat_section, full->attrs);
mr = section->mr;
- mr_offset = (iotlbentry->addr & TARGET_PAGE_MASK) + addr;
+ mr_offset = (full->xlat_section & TARGET_PAGE_MASK) + addr;
if (!cpu->can_do_io) {
cpu_io_recompile(cpu, retaddr);
}
@@ -1406,20 +1406,20 @@ static void io_writex(CPUArchState *env, CPUIOTLBEntry *iotlbentry,
* The memory_region_dispatch may trigger a flush/resize
* so for plugins we save the iotlb_data just in case.
*/
- save_iotlb_data(cpu, iotlbentry->addr, section, mr_offset);
+ save_iotlb_data(cpu, full->xlat_section, section, mr_offset);
if (!qemu_mutex_iothread_locked()) {
qemu_mutex_lock_iothread();
locked = true;
}
- r = memory_region_dispatch_write(mr, mr_offset, val, op, iotlbentry->attrs);
+ r = memory_region_dispatch_write(mr, mr_offset, val, op, full->attrs);
if (r != MEMTX_OK) {
hwaddr physaddr = mr_offset +
section->offset_within_address_space -
section->offset_within_region;
cpu_transaction_failed(cpu, physaddr, addr, memop_size(op),
- MMU_DATA_STORE, mmu_idx, iotlbentry->attrs, r,
+ MMU_DATA_STORE, mmu_idx, full->attrs, r,
retaddr);
}
if (locked) {
@@ -1466,9 +1466,10 @@ static bool victim_tlb_hit(CPUArchState *env, size_t mmu_idx, size_t index,
copy_tlb_helper_locked(vtlb, &tmptlb);
qemu_spin_unlock(&env_tlb(env)->c.lock);
- CPUIOTLBEntry tmpio, *io = &env_tlb(env)->d[mmu_idx].iotlb[index];
- CPUIOTLBEntry *vio = &env_tlb(env)->d[mmu_idx].viotlb[vidx];
- tmpio = *io; *io = *vio; *vio = tmpio;
+ CPUTLBEntryFull *f1 = &env_tlb(env)->d[mmu_idx].fulltlb[index];
+ CPUTLBEntryFull *f2 = &env_tlb(env)->d[mmu_idx].vfulltlb[vidx];
+ CPUTLBEntryFull tmpf;
+ tmpf = *f1; *f1 = *f2; *f2 = tmpf;
return true;
}
}
@@ -1481,9 +1482,9 @@ static bool victim_tlb_hit(CPUArchState *env, size_t mmu_idx, size_t index,
(ADDR) & TARGET_PAGE_MASK)
static void notdirty_write(CPUState *cpu, vaddr mem_vaddr, unsigned size,
- CPUIOTLBEntry *iotlbentry, uintptr_t retaddr)
+ CPUTLBEntryFull *full, uintptr_t retaddr)
{
- ram_addr_t ram_addr = mem_vaddr + iotlbentry->addr;
+ ram_addr_t ram_addr = mem_vaddr + full->xlat_section;
trace_memory_notdirty_write_access(mem_vaddr, ram_addr, size);
@@ -1575,9 +1576,9 @@ int probe_access_flags(CPUArchState *env, target_ulong addr,
/* Handle clean RAM pages. */
if (unlikely(flags & TLB_NOTDIRTY)) {
uintptr_t index = tlb_index(env, mmu_idx, addr);
- CPUIOTLBEntry *iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ CPUTLBEntryFull *full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
- notdirty_write(env_cpu(env), addr, 1, iotlbentry, retaddr);
+ notdirty_write(env_cpu(env), addr, 1, full, retaddr);
flags &= ~TLB_NOTDIRTY;
}
@@ -1602,19 +1603,19 @@ void *probe_access(CPUArchState *env, target_ulong addr, int size,
if (unlikely(flags & (TLB_NOTDIRTY | TLB_WATCHPOINT))) {
uintptr_t index = tlb_index(env, mmu_idx, addr);
- CPUIOTLBEntry *iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ CPUTLBEntryFull *full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
/* Handle watchpoints. */
if (flags & TLB_WATCHPOINT) {
int wp_access = (access_type == MMU_DATA_STORE
? BP_MEM_WRITE : BP_MEM_READ);
cpu_check_watchpoint(env_cpu(env), addr, size,
- iotlbentry->attrs, wp_access, retaddr);
+ full->attrs, wp_access, retaddr);
}
/* Handle clean RAM pages. */
if (flags & TLB_NOTDIRTY) {
- notdirty_write(env_cpu(env), addr, 1, iotlbentry, retaddr);
+ notdirty_write(env_cpu(env), addr, 1, full, retaddr);
}
}
@@ -1671,7 +1672,7 @@ tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
* should have just filled the TLB. The one corner case is io_writex
* which can cause TLB flushes and potential resizing of the TLBs
* losing the information we need. In those cases we need to recover
- * data from a copy of the iotlbentry. As long as this always occurs
+ * data from a copy of the CPUTLBEntryFull. As long as this always occurs
* from the same thread (which a mem callback will be) this is safe.
*/
@@ -1686,11 +1687,12 @@ bool tlb_plugin_lookup(CPUState *cpu, target_ulong addr, int mmu_idx,
if (likely(tlb_hit(tlb_addr, addr))) {
/* We must have an iotlb entry for MMIO */
if (tlb_addr & TLB_MMIO) {
- CPUIOTLBEntry *iotlbentry;
- iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ CPUTLBEntryFull *full;
+ full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
data->is_io = true;
- data->v.io.section = iotlb_to_section(cpu, iotlbentry->addr, iotlbentry->attrs);
- data->v.io.offset = (iotlbentry->addr & TARGET_PAGE_MASK) + addr;
+ data->v.io.section =
+ iotlb_to_section(cpu, full->xlat_section, full->attrs);
+ data->v.io.offset = (full->xlat_section & TARGET_PAGE_MASK) + addr;
} else {
data->is_io = false;
data->v.ram.hostaddr = (void *)((uintptr_t)addr + tlbe->addend);
@@ -1798,7 +1800,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
if (unlikely(tlb_addr & TLB_NOTDIRTY)) {
notdirty_write(env_cpu(env), addr, size,
- &env_tlb(env)->d[mmu_idx].iotlb[index], retaddr);
+ &env_tlb(env)->d[mmu_idx].fulltlb[index], retaddr);
}
return hostaddr;
@@ -1906,7 +1908,7 @@ load_helper(CPUArchState *env, target_ulong addr, MemOpIdx oi,
/* Handle anything that isn't just a straight memory access. */
if (unlikely(tlb_addr & ~TARGET_PAGE_MASK)) {
- CPUIOTLBEntry *iotlbentry;
+ CPUTLBEntryFull *full;
bool need_swap;
/* For anything that is unaligned, recurse through full_load. */
@@ -1914,20 +1916,20 @@ load_helper(CPUArchState *env, target_ulong addr, MemOpIdx oi,
goto do_unaligned_access;
}
- iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
/* Handle watchpoints. */
if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
/* On watchpoint hit, this will longjmp out. */
cpu_check_watchpoint(env_cpu(env), addr, size,
- iotlbentry->attrs, BP_MEM_READ, retaddr);
+ full->attrs, BP_MEM_READ, retaddr);
}
need_swap = size > 1 && (tlb_addr & TLB_BSWAP);
/* Handle I/O access. */
if (likely(tlb_addr & TLB_MMIO)) {
- return io_readx(env, iotlbentry, mmu_idx, addr, retaddr,
+ return io_readx(env, full, mmu_idx, addr, retaddr,
access_type, op ^ (need_swap * MO_BSWAP));
}
@@ -2242,12 +2244,12 @@ store_helper_unaligned(CPUArchState *env, target_ulong addr, uint64_t val,
*/
if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
cpu_check_watchpoint(env_cpu(env), addr, size - size2,
- env_tlb(env)->d[mmu_idx].iotlb[index].attrs,
+ env_tlb(env)->d[mmu_idx].fulltlb[index].attrs,
BP_MEM_WRITE, retaddr);
}
if (unlikely(tlb_addr2 & TLB_WATCHPOINT)) {
cpu_check_watchpoint(env_cpu(env), page2, size2,
- env_tlb(env)->d[mmu_idx].iotlb[index2].attrs,
+ env_tlb(env)->d[mmu_idx].fulltlb[index2].attrs,
BP_MEM_WRITE, retaddr);
}
@@ -2311,7 +2313,7 @@ store_helper(CPUArchState *env, target_ulong addr, uint64_t val,
/* Handle anything that isn't just a straight memory access. */
if (unlikely(tlb_addr & ~TARGET_PAGE_MASK)) {
- CPUIOTLBEntry *iotlbentry;
+ CPUTLBEntryFull *full;
bool need_swap;
/* For anything that is unaligned, recurse through byte stores. */
@@ -2319,20 +2321,20 @@ store_helper(CPUArchState *env, target_ulong addr, uint64_t val,
goto do_unaligned_access;
}
- iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
+ full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
/* Handle watchpoints. */
if (unlikely(tlb_addr & TLB_WATCHPOINT)) {
/* On watchpoint hit, this will longjmp out. */
cpu_check_watchpoint(env_cpu(env), addr, size,
- iotlbentry->attrs, BP_MEM_WRITE, retaddr);
+ full->attrs, BP_MEM_WRITE, retaddr);
}
need_swap = size > 1 && (tlb_addr & TLB_BSWAP);
/* Handle I/O access. */
if (tlb_addr & TLB_MMIO) {
- io_writex(env, iotlbentry, mmu_idx, val, addr, retaddr,
+ io_writex(env, full, mmu_idx, val, addr, retaddr,
op ^ (need_swap * MO_BSWAP));
return;
}
@@ -2344,7 +2346,7 @@ store_helper(CPUArchState *env, target_ulong addr, uint64_t val,
/* Handle clean RAM pages. */
if (tlb_addr & TLB_NOTDIRTY) {
- notdirty_write(env_cpu(env), addr, size, iotlbentry, retaddr);
+ notdirty_write(env_cpu(env), addr, size, full, retaddr);
}
haddr = (void *)((uintptr_t)addr + entry->addend);
diff --git a/target/arm/mte_helper.c b/target/arm/mte_helper.c
index d11a8c70d0..fdd23ab3f8 100644
--- a/target/arm/mte_helper.c
+++ b/target/arm/mte_helper.c
@@ -106,7 +106,7 @@ static uint8_t *allocation_tag_mem(CPUARMState *env, int ptr_mmu_idx,
return tags + index;
#else
uintptr_t index;
- CPUIOTLBEntry *iotlbentry;
+ CPUTLBEntryFull *full;
int in_page, flags;
ram_addr_t ptr_ra;
hwaddr ptr_paddr, tag_paddr, xlat;
@@ -129,7 +129,7 @@ static uint8_t *allocation_tag_mem(CPUARMState *env, int ptr_mmu_idx,
assert(!(flags & TLB_INVALID_MASK));
/*
- * Find the iotlbentry for ptr. This *must* be present in the TLB
+ * Find the CPUTLBEntryFull for ptr. This *must* be present in the TLB
* because we just found the mapping.
* TODO: Perhaps there should be a cputlb helper that returns a
* matching tlb entry + iotlb entry.
@@ -144,10 +144,10 @@ static uint8_t *allocation_tag_mem(CPUARMState *env, int ptr_mmu_idx,
g_assert(tlb_hit(comparator, ptr));
}
# endif
- iotlbentry = &env_tlb(env)->d[ptr_mmu_idx].iotlb[index];
+ full = &env_tlb(env)->d[ptr_mmu_idx].fulltlb[index];
/* If the virtual page MemAttr != Tagged, access unchecked. */
- if (!arm_tlb_mte_tagged(&iotlbentry->attrs)) {
+ if (!arm_tlb_mte_tagged(&full->attrs)) {
return NULL;
}
@@ -181,7 +181,7 @@ static uint8_t *allocation_tag_mem(CPUARMState *env, int ptr_mmu_idx,
int wp = ptr_access == MMU_DATA_LOAD ? BP_MEM_READ : BP_MEM_WRITE;
assert(ra != 0);
cpu_check_watchpoint(env_cpu(env), ptr, ptr_size,
- iotlbentry->attrs, wp, ra);
+ full->attrs, wp, ra);
}
/*
@@ -202,11 +202,11 @@ static uint8_t *allocation_tag_mem(CPUARMState *env, int ptr_mmu_idx,
tag_paddr = ptr_paddr >> (LOG2_TAG_GRANULE + 1);
/* Look up the address in tag space. */
- tag_asi = iotlbentry->attrs.secure ? ARMASIdx_TagS : ARMASIdx_TagNS;
+ tag_asi = full->attrs.secure ? ARMASIdx_TagS : ARMASIdx_TagNS;
tag_as = cpu_get_address_space(env_cpu(env), tag_asi);
mr = address_space_translate(tag_as, tag_paddr, &xlat, NULL,
tag_access == MMU_DATA_STORE,
- iotlbentry->attrs);
+ full->attrs);
/*
* Note that @mr will never be NULL. If there is nothing in the address
diff --git a/target/arm/sve_helper.c b/target/arm/sve_helper.c
index d6f7ef94fe..9cae8fd352 100644
--- a/target/arm/sve_helper.c
+++ b/target/arm/sve_helper.c
@@ -5384,8 +5384,8 @@ bool sve_probe_page(SVEHostPage *info, bool nofault, CPUARMState *env,
g_assert(tlb_hit(comparator, addr));
# endif
- CPUIOTLBEntry *iotlbentry = &env_tlb(env)->d[mmu_idx].iotlb[index];
- info->attrs = iotlbentry->attrs;
+ CPUTLBEntryFull *full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
+ info->attrs = full->attrs;
}
#endif
diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index 9bed336b47..78b2d91ed4 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -14624,7 +14624,7 @@ static bool is_guarded_page(CPUARMState *env, DisasContext *s)
* table entry even for that case.
*/
return (tlb_hit(entry->addr_code, addr) &&
- arm_tlb_bti_gp(&env_tlb(env)->d[mmu_idx].iotlb[index].attrs));
+ arm_tlb_bti_gp(&env_tlb(env)->d[mmu_idx].fulltlb[index].attrs));
#endif
}
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 05/18] accel/tcg: Drop addr member from SavedIOTLB
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (3 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 04/18] accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 06/18] accel/tcg: Suppress auto-invalidate in probe_access_internal Richard Henderson
` (14 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Peter Maydell,
Philippe Mathieu-Daudé
This field is only written, not read; remove it.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/hw/core/cpu.h | 1 -
accel/tcg/cputlb.c | 7 +++----
2 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 1a7e1a9380..009dc0d336 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -225,7 +225,6 @@ struct CPUWatchpoint {
* the memory regions get moved around by io_writex.
*/
typedef struct SavedIOTLB {
- hwaddr addr;
MemoryRegionSection *section;
hwaddr mr_offset;
} SavedIOTLB;
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index aa22f578cb..d06ff44ce9 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1372,12 +1372,11 @@ static uint64_t io_readx(CPUArchState *env, CPUTLBEntryFull *full,
* This is read by tlb_plugin_lookup if the fulltlb entry doesn't match
* because of the side effect of io_writex changing memory layout.
*/
-static void save_iotlb_data(CPUState *cs, hwaddr addr,
- MemoryRegionSection *section, hwaddr mr_offset)
+static void save_iotlb_data(CPUState *cs, MemoryRegionSection *section,
+ hwaddr mr_offset)
{
#ifdef CONFIG_PLUGIN
SavedIOTLB *saved = &cs->saved_iotlb;
- saved->addr = addr;
saved->section = section;
saved->mr_offset = mr_offset;
#endif
@@ -1406,7 +1405,7 @@ static void io_writex(CPUArchState *env, CPUTLBEntryFull *full,
* The memory_region_dispatch may trigger a flush/resize
* so for plugins we save the iotlb_data just in case.
*/
- save_iotlb_data(cpu, full->xlat_section, section, mr_offset);
+ save_iotlb_data(cpu, section, mr_offset);
if (!qemu_mutex_iothread_locked()) {
qemu_mutex_lock_iothread();
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 06/18] accel/tcg: Suppress auto-invalidate in probe_access_internal
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (4 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 05/18] accel/tcg: Drop addr member from SavedIOTLB Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 07/18] accel/tcg: Introduce probe_access_full Richard Henderson
` (13 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, David Hildenbrand,
Peter Maydell
When PAGE_WRITE_INV is set when calling tlb_set_page,
we immediately set TLB_INVALID_MASK in order to force
tlb_fill to be called on the next lookup. Here in
probe_access_internal, we have just called tlb_fill
and eliminated true misses, thus the lookup must be valid.
This allows us to remove a warning comment from s390x.
There doesn't seem to be a reason to change the code though.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/cputlb.c | 10 +++++++++-
target/s390x/tcg/mem_helper.c | 4 ----
2 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index d06ff44ce9..264f84a248 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1533,6 +1533,7 @@ static int probe_access_internal(CPUArchState *env, target_ulong addr,
}
tlb_addr = tlb_read_ofs(entry, elt_ofs);
+ flags = TLB_FLAGS_MASK;
page_addr = addr & TARGET_PAGE_MASK;
if (!tlb_hit_page(tlb_addr, page_addr)) {
if (!victim_tlb_hit(env, mmu_idx, index, elt_ofs, page_addr)) {
@@ -1547,10 +1548,17 @@ static int probe_access_internal(CPUArchState *env, target_ulong addr,
/* TLB resize via tlb_fill may have moved the entry. */
entry = tlb_entry(env, mmu_idx, addr);
+
+ /*
+ * With PAGE_WRITE_INV, we set TLB_INVALID_MASK immediately,
+ * to force the next access through tlb_fill. We've just
+ * called tlb_fill, so we know that this entry *is* valid.
+ */
+ flags &= ~TLB_INVALID_MASK;
}
tlb_addr = tlb_read_ofs(entry, elt_ofs);
}
- flags = tlb_addr & TLB_FLAGS_MASK;
+ flags &= tlb_addr;
/* Fold all "mmio-like" bits into TLB_MMIO. This is not RAM. */
if (unlikely(flags & ~(TLB_WATCHPOINT | TLB_NOTDIRTY))) {
diff --git a/target/s390x/tcg/mem_helper.c b/target/s390x/tcg/mem_helper.c
index fc52aa128b..3758b9e688 100644
--- a/target/s390x/tcg/mem_helper.c
+++ b/target/s390x/tcg/mem_helper.c
@@ -148,10 +148,6 @@ static int s390_probe_access(CPUArchState *env, target_ulong addr, int size,
#else
int flags;
- /*
- * For !CONFIG_USER_ONLY, we cannot rely on TLB_INVALID_MASK or haddr==NULL
- * to detect if there was an exception during tlb_fill().
- */
env->tlb_fill_exc = 0;
flags = probe_access_flags(env, addr, access_type, mmu_idx, nonfault, phost,
ra);
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 07/18] accel/tcg: Introduce probe_access_full
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (5 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 06/18] accel/tcg: Suppress auto-invalidate in probe_access_internal Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 08/18] accel/tcg: Introduce tlb_set_page_full Richard Henderson
` (12 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Peter Maydell,
Philippe Mathieu-Daudé
Add an interface to return the CPUTLBEntryFull struct
that goes with the lookup. The result is not intended
to be valid across multiple lookups, so the user must
use the results immediately.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/exec-all.h | 15 +++++++++++++
accel/tcg/cputlb.c | 47 +++++++++++++++++++++++++----------------
2 files changed, 44 insertions(+), 18 deletions(-)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index bcad607c4e..d255d69bc1 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -434,6 +434,21 @@ int probe_access_flags(CPUArchState *env, target_ulong addr,
MMUAccessType access_type, int mmu_idx,
bool nonfault, void **phost, uintptr_t retaddr);
+#ifndef CONFIG_USER_ONLY
+/**
+ * probe_access_full:
+ * Like probe_access_flags, except also return into @pfull.
+ *
+ * The CPUTLBEntryFull structure returned via @pfull is transient
+ * and must be consumed or copied immediately, before any further
+ * access or changes to TLB @mmu_idx.
+ */
+int probe_access_full(CPUArchState *env, target_ulong addr,
+ MMUAccessType access_type, int mmu_idx,
+ bool nonfault, void **phost,
+ CPUTLBEntryFull **pfull, uintptr_t retaddr);
+#endif
+
#define CODE_GEN_ALIGN 16 /* must be >= of the size of a icache line */
/* Estimated block size for TB allocation. */
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 264f84a248..e3ee4260bd 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1510,7 +1510,8 @@ static void notdirty_write(CPUState *cpu, vaddr mem_vaddr, unsigned size,
static int probe_access_internal(CPUArchState *env, target_ulong addr,
int fault_size, MMUAccessType access_type,
int mmu_idx, bool nonfault,
- void **phost, uintptr_t retaddr)
+ void **phost, CPUTLBEntryFull **pfull,
+ uintptr_t retaddr)
{
uintptr_t index = tlb_index(env, mmu_idx, addr);
CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
@@ -1543,10 +1544,12 @@ static int probe_access_internal(CPUArchState *env, target_ulong addr,
mmu_idx, nonfault, retaddr)) {
/* Non-faulting page table read failed. */
*phost = NULL;
+ *pfull = NULL;
return TLB_INVALID_MASK;
}
/* TLB resize via tlb_fill may have moved the entry. */
+ index = tlb_index(env, mmu_idx, addr);
entry = tlb_entry(env, mmu_idx, addr);
/*
@@ -1560,6 +1563,8 @@ static int probe_access_internal(CPUArchState *env, target_ulong addr,
}
flags &= tlb_addr;
+ *pfull = &env_tlb(env)->d[mmu_idx].fulltlb[index];
+
/* Fold all "mmio-like" bits into TLB_MMIO. This is not RAM. */
if (unlikely(flags & ~(TLB_WATCHPOINT | TLB_NOTDIRTY))) {
*phost = NULL;
@@ -1571,37 +1576,44 @@ static int probe_access_internal(CPUArchState *env, target_ulong addr,
return flags;
}
-int probe_access_flags(CPUArchState *env, target_ulong addr,
- MMUAccessType access_type, int mmu_idx,
- bool nonfault, void **phost, uintptr_t retaddr)
+int probe_access_full(CPUArchState *env, target_ulong addr,
+ MMUAccessType access_type, int mmu_idx,
+ bool nonfault, void **phost, CPUTLBEntryFull **pfull,
+ uintptr_t retaddr)
{
- int flags;
-
- flags = probe_access_internal(env, addr, 0, access_type, mmu_idx,
- nonfault, phost, retaddr);
+ int flags = probe_access_internal(env, addr, 0, access_type, mmu_idx,
+ nonfault, phost, pfull, retaddr);
/* Handle clean RAM pages. */
if (unlikely(flags & TLB_NOTDIRTY)) {
- uintptr_t index = tlb_index(env, mmu_idx, addr);
- CPUTLBEntryFull *full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
-
- notdirty_write(env_cpu(env), addr, 1, full, retaddr);
+ notdirty_write(env_cpu(env), addr, 1, *pfull, retaddr);
flags &= ~TLB_NOTDIRTY;
}
return flags;
}
+int probe_access_flags(CPUArchState *env, target_ulong addr,
+ MMUAccessType access_type, int mmu_idx,
+ bool nonfault, void **phost, uintptr_t retaddr)
+{
+ CPUTLBEntryFull *full;
+
+ return probe_access_full(env, addr, access_type, mmu_idx,
+ nonfault, phost, &full, retaddr);
+}
+
void *probe_access(CPUArchState *env, target_ulong addr, int size,
MMUAccessType access_type, int mmu_idx, uintptr_t retaddr)
{
+ CPUTLBEntryFull *full;
void *host;
int flags;
g_assert(-(addr | TARGET_PAGE_MASK) >= size);
flags = probe_access_internal(env, addr, size, access_type, mmu_idx,
- false, &host, retaddr);
+ false, &host, &full, retaddr);
/* Per the interface, size == 0 merely faults the access. */
if (size == 0) {
@@ -1609,9 +1621,6 @@ void *probe_access(CPUArchState *env, target_ulong addr, int size,
}
if (unlikely(flags & (TLB_NOTDIRTY | TLB_WATCHPOINT))) {
- uintptr_t index = tlb_index(env, mmu_idx, addr);
- CPUTLBEntryFull *full = &env_tlb(env)->d[mmu_idx].fulltlb[index];
-
/* Handle watchpoints. */
if (flags & TLB_WATCHPOINT) {
int wp_access = (access_type == MMU_DATA_STORE
@@ -1632,11 +1641,12 @@ void *probe_access(CPUArchState *env, target_ulong addr, int size,
void *tlb_vaddr_to_host(CPUArchState *env, abi_ptr addr,
MMUAccessType access_type, int mmu_idx)
{
+ CPUTLBEntryFull *full;
void *host;
int flags;
flags = probe_access_internal(env, addr, 0, access_type,
- mmu_idx, true, &host, 0);
+ mmu_idx, true, &host, &full, 0);
/* No combination of flags are expected by the caller. */
return flags ? NULL : host;
@@ -1655,10 +1665,11 @@ void *tlb_vaddr_to_host(CPUArchState *env, abi_ptr addr,
tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
void **hostp)
{
+ CPUTLBEntryFull *full;
void *p;
(void)probe_access_internal(env, addr, 1, MMU_INST_FETCH,
- cpu_mmu_index(env, true), false, &p, 0);
+ cpu_mmu_index(env, true), false, &p, &full, 0);
if (p == NULL) {
return -1;
}
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 08/18] accel/tcg: Introduce tlb_set_page_full
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (6 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 07/18] accel/tcg: Introduce probe_access_full Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 09/18] include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA Richard Henderson
` (11 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Peter Maydell,
Philippe Mathieu-Daudé
Now that we have collected all of the page data into
CPUTLBEntryFull, provide an interface to record that
all in one go, instead of using 4 arguments. This interface
allows CPUTLBEntryFull to be extended without having to
change the number of arguments.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/cpu-defs.h | 14 +++++++++++
include/exec/exec-all.h | 22 ++++++++++++++++++
accel/tcg/cputlb.c | 51 ++++++++++++++++++++++++++---------------
3 files changed, 69 insertions(+), 18 deletions(-)
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index f70f54d850..5e12cc1854 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -148,7 +148,21 @@ typedef struct CPUTLBEntryFull {
* + the offset within the target MemoryRegion (otherwise)
*/
hwaddr xlat_section;
+
+ /*
+ * @phys_addr contains the physical address in the address space
+ * given by cpu_asidx_from_attrs(cpu, @attrs).
+ */
+ hwaddr phys_addr;
+
+ /* @attrs contains the memory transaction attributes for the page. */
MemTxAttrs attrs;
+
+ /* @prot contains the complete protections for the page. */
+ uint8_t prot;
+
+ /* @lg_page_size contains the log2 of the page size. */
+ uint8_t lg_page_size;
} CPUTLBEntryFull;
/*
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index d255d69bc1..b1b920a713 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -257,6 +257,28 @@ void tlb_flush_range_by_mmuidx_all_cpus_synced(CPUState *cpu,
uint16_t idxmap,
unsigned bits);
+/**
+ * tlb_set_page_full:
+ * @cpu: CPU context
+ * @mmu_idx: mmu index of the tlb to modify
+ * @vaddr: virtual address of the entry to add
+ * @full: the details of the tlb entry
+ *
+ * Add an entry to @cpu tlb index @mmu_idx. All of the fields of
+ * @full must be filled, except for xlat_section, and constitute
+ * the complete description of the translated page.
+ *
+ * This is generally called by the target tlb_fill function after
+ * having performed a successful page table walk to find the physical
+ * address and attributes for the translation.
+ *
+ * At most one entry for a given virtual address is permitted. Only a
+ * single TARGET_PAGE_SIZE region is mapped; @full->lg_page_size is only
+ * used by tlb_flush_page.
+ */
+void tlb_set_page_full(CPUState *cpu, int mmu_idx, target_ulong vaddr,
+ CPUTLBEntryFull *full);
+
/**
* tlb_set_page_with_attrs:
* @cpu: CPU to add this TLB entry for
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index e3ee4260bd..361078471b 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1095,16 +1095,16 @@ static void tlb_add_large_page(CPUArchState *env, int mmu_idx,
env_tlb(env)->d[mmu_idx].large_page_mask = lp_mask;
}
-/* Add a new TLB entry. At most one entry for a given virtual address
+/*
+ * Add a new TLB entry. At most one entry for a given virtual address
* is permitted. Only a single TARGET_PAGE_SIZE region is mapped, the
* supplied size is only used by tlb_flush_page.
*
* Called from TCG-generated code, which is under an RCU read-side
* critical section.
*/
-void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
- hwaddr paddr, MemTxAttrs attrs, int prot,
- int mmu_idx, target_ulong size)
+void tlb_set_page_full(CPUState *cpu, int mmu_idx,
+ target_ulong vaddr, CPUTLBEntryFull *full)
{
CPUArchState *env = cpu->env_ptr;
CPUTLB *tlb = env_tlb(env);
@@ -1117,35 +1117,36 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
CPUTLBEntry *te, tn;
hwaddr iotlb, xlat, sz, paddr_page;
target_ulong vaddr_page;
- int asidx = cpu_asidx_from_attrs(cpu, attrs);
- int wp_flags;
+ int asidx, wp_flags, prot;
bool is_ram, is_romd;
assert_cpu_is_self(cpu);
- if (size <= TARGET_PAGE_SIZE) {
+ if (full->lg_page_size <= TARGET_PAGE_BITS) {
sz = TARGET_PAGE_SIZE;
} else {
- tlb_add_large_page(env, mmu_idx, vaddr, size);
- sz = size;
+ sz = (hwaddr)1 << full->lg_page_size;
+ tlb_add_large_page(env, mmu_idx, vaddr, sz);
}
vaddr_page = vaddr & TARGET_PAGE_MASK;
- paddr_page = paddr & TARGET_PAGE_MASK;
+ paddr_page = full->phys_addr & TARGET_PAGE_MASK;
+ prot = full->prot;
+ asidx = cpu_asidx_from_attrs(cpu, full->attrs);
section = address_space_translate_for_iotlb(cpu, asidx, paddr_page,
- &xlat, &sz, attrs, &prot);
+ &xlat, &sz, full->attrs, &prot);
assert(sz >= TARGET_PAGE_SIZE);
tlb_debug("vaddr=" TARGET_FMT_lx " paddr=0x" TARGET_FMT_plx
" prot=%x idx=%d\n",
- vaddr, paddr, prot, mmu_idx);
+ vaddr, full->phys_addr, prot, mmu_idx);
address = vaddr_page;
- if (size < TARGET_PAGE_SIZE) {
+ if (full->lg_page_size < TARGET_PAGE_BITS) {
/* Repeat the MMU check and TLB fill on every access. */
address |= TLB_INVALID_MASK;
}
- if (attrs.byte_swap) {
+ if (full->attrs.byte_swap) {
address |= TLB_BSWAP;
}
@@ -1236,8 +1237,10 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
* subtract here is that of the page base, and not the same as the
* vaddr we add back in io_readx()/io_writex()/get_page_addr_code().
*/
+ desc->fulltlb[index] = *full;
desc->fulltlb[index].xlat_section = iotlb - vaddr_page;
- desc->fulltlb[index].attrs = attrs;
+ desc->fulltlb[index].phys_addr = paddr_page;
+ desc->fulltlb[index].prot = prot;
/* Now calculate the new entry */
tn.addend = addend - vaddr_page;
@@ -1272,9 +1275,21 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
qemu_spin_unlock(&tlb->c.lock);
}
-/* Add a new TLB entry, but without specifying the memory
- * transaction attributes to be used.
- */
+void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
+ hwaddr paddr, MemTxAttrs attrs, int prot,
+ int mmu_idx, target_ulong size)
+{
+ CPUTLBEntryFull full = {
+ .phys_addr = paddr,
+ .attrs = attrs,
+ .prot = prot,
+ .lg_page_size = ctz64(size)
+ };
+
+ assert(is_power_of_2(size));
+ tlb_set_page_full(cpu, mmu_idx, vaddr, &full);
+}
+
void tlb_set_page(CPUState *cpu, target_ulong vaddr,
hwaddr paddr, int prot,
int mmu_idx, target_ulong size)
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 09/18] include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (7 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 08/18] accel/tcg: Introduce tlb_set_page_full Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 10/18] accel/tcg: Remove PageDesc code_bitmap Richard Henderson
` (10 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée, Peter Maydell,
Philippe Mathieu-Daudé
Allow the target to cache items from the guest page tables.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/cpu-defs.h | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index 5e12cc1854..67239b4e5e 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -163,6 +163,15 @@ typedef struct CPUTLBEntryFull {
/* @lg_page_size contains the log2 of the page size. */
uint8_t lg_page_size;
+
+ /*
+ * Allow target-specific additions to this structure.
+ * This may be used to cache items from the guest cpu
+ * page tables for later use by the implementation.
+ */
+#ifdef TARGET_PAGE_ENTRY_EXTRA
+ TARGET_PAGE_ENTRY_EXTRA
+#endif
} CPUTLBEntryFull;
/*
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 10/18] accel/tcg: Remove PageDesc code_bitmap
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (8 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 09/18] include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 11/18] accel/tcg: Use bool for page_find_alloc Richard Henderson
` (9 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee, Alex Bennée
This bitmap is created and discarded immediately.
We gain nothing by its existence.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20220822232338.1727934-2-richard.henderson@linaro.org>
---
accel/tcg/translate-all.c | 78 ++-------------------------------------
1 file changed, 4 insertions(+), 74 deletions(-)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index d71d04d338..59432dc558 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -102,21 +102,14 @@
#define assert_memory_lock() tcg_debug_assert(have_mmap_lock())
#endif
-#define SMC_BITMAP_USE_THRESHOLD 10
-
typedef struct PageDesc {
/* list of TBs intersecting this ram page */
uintptr_t first_tb;
-#ifdef CONFIG_SOFTMMU
- /* in order to optimize self modifying code, we count the number
- of lookups we do to a given page to use a bitmap */
- unsigned long *code_bitmap;
- unsigned int code_write_count;
-#else
+#ifdef CONFIG_USER_ONLY
unsigned long flags;
void *target_data;
#endif
-#ifndef CONFIG_USER_ONLY
+#ifdef CONFIG_SOFTMMU
QemuSpin lock;
#endif
} PageDesc;
@@ -907,17 +900,6 @@ void tb_htable_init(void)
qht_init(&tb_ctx.htable, tb_cmp, CODE_GEN_HTABLE_SIZE, mode);
}
-/* call with @p->lock held */
-static inline void invalidate_page_bitmap(PageDesc *p)
-{
- assert_page_locked(p);
-#ifdef CONFIG_SOFTMMU
- g_free(p->code_bitmap);
- p->code_bitmap = NULL;
- p->code_write_count = 0;
-#endif
-}
-
/* Set to NULL all the 'first_tb' fields in all PageDescs. */
static void page_flush_tb_1(int level, void **lp)
{
@@ -932,7 +914,6 @@ static void page_flush_tb_1(int level, void **lp)
for (i = 0; i < V_L2_SIZE; ++i) {
page_lock(&pd[i]);
pd[i].first_tb = (uintptr_t)NULL;
- invalidate_page_bitmap(pd + i);
page_unlock(&pd[i]);
}
} else {
@@ -1197,11 +1178,9 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
if (rm_from_page_list) {
p = page_find(tb->page_addr[0] >> TARGET_PAGE_BITS);
tb_page_remove(p, tb);
- invalidate_page_bitmap(p);
if (tb->page_addr[1] != -1) {
p = page_find(tb->page_addr[1] >> TARGET_PAGE_BITS);
tb_page_remove(p, tb);
- invalidate_page_bitmap(p);
}
}
@@ -1246,35 +1225,6 @@ void tb_phys_invalidate(TranslationBlock *tb, tb_page_addr_t page_addr)
}
}
-#ifdef CONFIG_SOFTMMU
-/* call with @p->lock held */
-static void build_page_bitmap(PageDesc *p)
-{
- int n, tb_start, tb_end;
- TranslationBlock *tb;
-
- assert_page_locked(p);
- p->code_bitmap = bitmap_new(TARGET_PAGE_SIZE);
-
- PAGE_FOR_EACH_TB(p, tb, n) {
- /* NOTE: this is subtle as a TB may span two physical pages */
- if (n == 0) {
- /* NOTE: tb_end may be after the end of the page, but
- it is not a problem */
- tb_start = tb->pc & ~TARGET_PAGE_MASK;
- tb_end = tb_start + tb->size;
- if (tb_end > TARGET_PAGE_SIZE) {
- tb_end = TARGET_PAGE_SIZE;
- }
- } else {
- tb_start = 0;
- tb_end = ((tb->pc + tb->size) & ~TARGET_PAGE_MASK);
- }
- bitmap_set(p->code_bitmap, tb_start, tb_end - tb_start);
- }
-}
-#endif
-
/* add the tb in the target page and protect it if necessary
*
* Called with mmap_lock held for user-mode emulation.
@@ -1295,7 +1245,6 @@ static inline void tb_page_add(PageDesc *p, TranslationBlock *tb,
page_already_protected = p->first_tb != (uintptr_t)NULL;
#endif
p->first_tb = (uintptr_t)tb | n;
- invalidate_page_bitmap(p);
#if defined(CONFIG_USER_ONLY)
/* translator_loop() must have made all TB pages non-writable */
@@ -1357,10 +1306,8 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
/* remove TB from the page(s) if we couldn't insert it */
if (unlikely(existing_tb)) {
tb_page_remove(p, tb);
- invalidate_page_bitmap(p);
if (p2) {
tb_page_remove(p2, tb);
- invalidate_page_bitmap(p2);
}
tb = existing_tb;
}
@@ -1731,7 +1678,6 @@ tb_invalidate_phys_page_range__locked(struct page_collection *pages,
#if !defined(CONFIG_USER_ONLY)
/* if no code remaining, no need to continue to use slow writes */
if (!p->first_tb) {
- invalidate_page_bitmap(p);
tlb_unprotect_code(start);
}
#endif
@@ -1827,24 +1773,8 @@ void tb_invalidate_phys_page_fast(struct page_collection *pages,
}
assert_page_locked(p);
- if (!p->code_bitmap &&
- ++p->code_write_count >= SMC_BITMAP_USE_THRESHOLD) {
- build_page_bitmap(p);
- }
- if (p->code_bitmap) {
- unsigned int nr;
- unsigned long b;
-
- nr = start & ~TARGET_PAGE_MASK;
- b = p->code_bitmap[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG - 1));
- if (b & ((1 << len) - 1)) {
- goto do_invalidate;
- }
- } else {
- do_invalidate:
- tb_invalidate_phys_page_range__locked(pages, p, start, start + len,
- retaddr);
- }
+ tb_invalidate_phys_page_range__locked(pages, p, start, start + len,
+ retaddr);
}
#else
/* Called with mmap_lock held. If pc is not 0 then it indicates the
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 11/18] accel/tcg: Use bool for page_find_alloc
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (9 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 10/18] accel/tcg: Remove PageDesc code_bitmap Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 12/18] accel/tcg: Use DisasContextBase in plugin_gen_tb_start Richard Henderson
` (8 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Alex Bennée,
Philippe Mathieu-Daudé
Bool is more appropriate type for the alloc parameter.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/translate-all.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 59432dc558..ca685f6ede 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -465,7 +465,7 @@ void page_init(void)
#endif
}
-static PageDesc *page_find_alloc(tb_page_addr_t index, int alloc)
+static PageDesc *page_find_alloc(tb_page_addr_t index, bool alloc)
{
PageDesc *pd;
void **lp;
@@ -533,11 +533,11 @@ static PageDesc *page_find_alloc(tb_page_addr_t index, int alloc)
static inline PageDesc *page_find(tb_page_addr_t index)
{
- return page_find_alloc(index, 0);
+ return page_find_alloc(index, false);
}
static void page_lock_pair(PageDesc **ret_p1, tb_page_addr_t phys1,
- PageDesc **ret_p2, tb_page_addr_t phys2, int alloc);
+ PageDesc **ret_p2, tb_page_addr_t phys2, bool alloc);
/* In user-mode page locks aren't used; mmap_lock is enough */
#ifdef CONFIG_USER_ONLY
@@ -651,7 +651,7 @@ static inline void page_unlock(PageDesc *pd)
/* lock the page(s) of a TB in the correct acquisition order */
static inline void page_lock_tb(const TranslationBlock *tb)
{
- page_lock_pair(NULL, tb->page_addr[0], NULL, tb->page_addr[1], 0);
+ page_lock_pair(NULL, tb->page_addr[0], NULL, tb->page_addr[1], false);
}
static inline void page_unlock_tb(const TranslationBlock *tb)
@@ -840,7 +840,7 @@ void page_collection_unlock(struct page_collection *set)
#endif /* !CONFIG_USER_ONLY */
static void page_lock_pair(PageDesc **ret_p1, tb_page_addr_t phys1,
- PageDesc **ret_p2, tb_page_addr_t phys2, int alloc)
+ PageDesc **ret_p2, tb_page_addr_t phys2, bool alloc)
{
PageDesc *p1, *p2;
tb_page_addr_t page1;
@@ -1290,7 +1290,7 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
* Note that inserting into the hash table first isn't an option, since
* we can only insert TBs that are fully initialized.
*/
- page_lock_pair(&p, phys_pc, &p2, phys_page2, 1);
+ page_lock_pair(&p, phys_pc, &p2, phys_page2, true);
tb_page_add(p, tb, 0, phys_pc & TARGET_PAGE_MASK);
if (p2) {
tb_page_add(p2, tb, 1, phys_page2);
@@ -2219,7 +2219,7 @@ void page_set_flags(target_ulong start, target_ulong end, int flags)
for (addr = start, len = end - start;
len != 0;
len -= TARGET_PAGE_SIZE, addr += TARGET_PAGE_SIZE) {
- PageDesc *p = page_find_alloc(addr >> TARGET_PAGE_BITS, 1);
+ PageDesc *p = page_find_alloc(addr >> TARGET_PAGE_BITS, true);
/* If the write protection bit is set, then we invalidate
the code inside. */
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 12/18] accel/tcg: Use DisasContextBase in plugin_gen_tb_start
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (10 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 11/18] accel/tcg: Use bool for page_find_alloc Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0] Richard Henderson
` (7 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee, Alex Bennée
Use the pc coming from db->pc_first rather than the TB.
Use the cached host_addr rather than re-computing for the
first page. We still need a separate lookup for the second
page because it won't be computed for DisasContextBase until
the translator actually performs a read from the page.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/plugin-gen.h | 7 ++++---
accel/tcg/plugin-gen.c | 22 +++++++++++-----------
accel/tcg/translator.c | 2 +-
3 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/include/exec/plugin-gen.h b/include/exec/plugin-gen.h
index f92f169739..5004728c61 100644
--- a/include/exec/plugin-gen.h
+++ b/include/exec/plugin-gen.h
@@ -19,7 +19,8 @@ struct DisasContextBase;
#ifdef CONFIG_PLUGIN
-bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool supress);
+bool plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db,
+ bool supress);
void plugin_gen_tb_end(CPUState *cpu);
void plugin_gen_insn_start(CPUState *cpu, const struct DisasContextBase *db);
void plugin_gen_insn_end(void);
@@ -48,8 +49,8 @@ static inline void plugin_insn_append(abi_ptr pc, const void *from, size_t size)
#else /* !CONFIG_PLUGIN */
-static inline
-bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool supress)
+static inline bool
+plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db, bool sup)
{
return false;
}
diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
index 3d0b101e34..80dff68934 100644
--- a/accel/tcg/plugin-gen.c
+++ b/accel/tcg/plugin-gen.c
@@ -852,7 +852,8 @@ static void plugin_gen_inject(const struct qemu_plugin_tb *plugin_tb)
pr_ops();
}
-bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool mem_only)
+bool plugin_gen_tb_start(CPUState *cpu, const DisasContextBase *db,
+ bool mem_only)
{
bool ret = false;
@@ -870,9 +871,9 @@ bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb, bool mem_onl
ret = true;
- ptb->vaddr = tb->pc;
+ ptb->vaddr = db->pc_first;
ptb->vaddr2 = -1;
- get_page_addr_code_hostp(cpu->env_ptr, tb->pc, &ptb->haddr1);
+ ptb->haddr1 = db->host_addr[0];
ptb->haddr2 = NULL;
ptb->mem_only = mem_only;
@@ -898,16 +899,15 @@ void plugin_gen_insn_start(CPUState *cpu, const DisasContextBase *db)
* Note that we skip this when haddr1 == NULL, e.g. when we're
* fetching instructions from a region not backed by RAM.
*/
- if (likely(ptb->haddr1 != NULL && ptb->vaddr2 == -1) &&
- unlikely((db->pc_next & TARGET_PAGE_MASK) !=
- (db->pc_first & TARGET_PAGE_MASK))) {
- get_page_addr_code_hostp(cpu->env_ptr, db->pc_next,
- &ptb->haddr2);
- ptb->vaddr2 = db->pc_next;
- }
- if (likely(ptb->vaddr2 == -1)) {
+ if (ptb->haddr1 == NULL) {
+ pinsn->haddr = NULL;
+ } else if (is_same_page(db, db->pc_next)) {
pinsn->haddr = ptb->haddr1 + pinsn->vaddr - ptb->vaddr;
} else {
+ if (ptb->vaddr2 == -1) {
+ ptb->vaddr2 = TARGET_PAGE_ALIGN(db->pc_first);
+ get_page_addr_code_hostp(cpu->env_ptr, ptb->vaddr2, &ptb->haddr2);
+ }
pinsn->haddr = ptb->haddr2 + pinsn->vaddr - ptb->vaddr2;
}
}
diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
index ca8a5f2d83..8e78fd7a9c 100644
--- a/accel/tcg/translator.c
+++ b/accel/tcg/translator.c
@@ -75,7 +75,7 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int max_insns,
ops->tb_start(db, cpu);
tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */
- plugin_enabled = plugin_gen_tb_start(cpu, tb, cflags & CF_MEMI_ONLY);
+ plugin_enabled = plugin_gen_tb_start(cpu, db, cflags & CF_MEMI_ONLY);
while (true) {
db->num_insns++;
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0]
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (11 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 12/18] accel/tcg: Use DisasContextBase in plugin_gen_tb_start Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-10-03 12:47 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 14/18] accel/tcg: Inline tb_flush_jmp_cache Richard Henderson
` (6 subsequent siblings)
19 siblings, 1 reply; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee
Let tb->page_addr[0] contain the offset within the page of the
start of the translation block. We need to recover this value
anyway at various points, and it is easier to discard the page
offset when it's not needed, which happens naturally via the
existing find_page shift.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/cpu-exec.c | 16 ++++++++--------
accel/tcg/cputlb.c | 3 ++-
accel/tcg/translate-all.c | 9 +++++----
3 files changed, 15 insertions(+), 13 deletions(-)
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 5f43b9769a..dd58a144a8 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -174,7 +174,7 @@ struct tb_desc {
target_ulong pc;
target_ulong cs_base;
CPUArchState *env;
- tb_page_addr_t phys_page1;
+ tb_page_addr_t page_addr0;
uint32_t flags;
uint32_t cflags;
uint32_t trace_vcpu_dstate;
@@ -186,7 +186,7 @@ static bool tb_lookup_cmp(const void *p, const void *d)
const struct tb_desc *desc = d;
if (tb->pc == desc->pc &&
- tb->page_addr[0] == desc->phys_page1 &&
+ tb->page_addr[0] == desc->page_addr0 &&
tb->cs_base == desc->cs_base &&
tb->flags == desc->flags &&
tb->trace_vcpu_dstate == desc->trace_vcpu_dstate &&
@@ -195,8 +195,8 @@ static bool tb_lookup_cmp(const void *p, const void *d)
if (tb->page_addr[1] == -1) {
return true;
} else {
- tb_page_addr_t phys_page2;
- target_ulong virt_page2;
+ tb_page_addr_t phys_page1;
+ target_ulong virt_page1;
/*
* We know that the first page matched, and an otherwise valid TB
@@ -207,9 +207,9 @@ static bool tb_lookup_cmp(const void *p, const void *d)
* is different for the new TB. Therefore any exception raised
* here by the faulting lookup is not premature.
*/
- virt_page2 = TARGET_PAGE_ALIGN(desc->pc);
- phys_page2 = get_page_addr_code(desc->env, virt_page2);
- if (tb->page_addr[1] == phys_page2) {
+ virt_page1 = TARGET_PAGE_ALIGN(desc->pc);
+ phys_page1 = get_page_addr_code(desc->env, virt_page1);
+ if (tb->page_addr[1] == phys_page1) {
return true;
}
}
@@ -235,7 +235,7 @@ static TranslationBlock *tb_htable_lookup(CPUState *cpu, target_ulong pc,
if (phys_pc == -1) {
return NULL;
}
- desc.phys_page1 = phys_pc & TARGET_PAGE_MASK;
+ desc.page_addr0 = phys_pc;
h = tb_hash_func(phys_pc, pc, flags, cflags, *cpu->trace_dstate);
return qht_lookup_custom(&tb_ctx.htable, &desc, h, tb_lookup_cmp);
}
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 361078471b..a0db2d32a8 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -951,7 +951,8 @@ void tlb_flush_page_bits_by_mmuidx_all_cpus_synced(CPUState *src_cpu,
can be detected */
void tlb_protect_code(ram_addr_t ram_addr)
{
- cpu_physical_memory_test_and_clear_dirty(ram_addr, TARGET_PAGE_SIZE,
+ cpu_physical_memory_test_and_clear_dirty(ram_addr & TARGET_PAGE_MASK,
+ TARGET_PAGE_SIZE,
DIRTY_MEMORY_CODE);
}
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index ca685f6ede..3a63113c41 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1167,7 +1167,7 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
qemu_spin_unlock(&tb->jmp_lock);
/* remove the TB from the hash list */
- phys_pc = tb->page_addr[0] + (tb->pc & ~TARGET_PAGE_MASK);
+ phys_pc = tb->page_addr[0];
h = tb_hash_func(phys_pc, tb->pc, tb->flags, orig_cflags,
tb->trace_vcpu_dstate);
if (!qht_remove(&tb_ctx.htable, tb, h)) {
@@ -1291,7 +1291,7 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
* we can only insert TBs that are fully initialized.
*/
page_lock_pair(&p, phys_pc, &p2, phys_page2, true);
- tb_page_add(p, tb, 0, phys_pc & TARGET_PAGE_MASK);
+ tb_page_add(p, tb, 0, phys_pc);
if (p2) {
tb_page_add(p2, tb, 1, phys_page2);
} else {
@@ -1644,11 +1644,12 @@ tb_invalidate_phys_page_range__locked(struct page_collection *pages,
if (n == 0) {
/* NOTE: tb_end may be after the end of the page, but
it is not a problem */
- tb_start = tb->page_addr[0] + (tb->pc & ~TARGET_PAGE_MASK);
+ tb_start = tb->page_addr[0];
tb_end = tb_start + tb->size;
} else {
tb_start = tb->page_addr[1];
- tb_end = tb_start + ((tb->pc + tb->size) & ~TARGET_PAGE_MASK);
+ tb_end = tb_start + ((tb->page_addr[0] + tb->size)
+ & ~TARGET_PAGE_MASK);
}
if (!(tb_end <= start || tb_start >= end)) {
#ifdef TARGET_HAS_PRECISE_SMC
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 14/18] accel/tcg: Inline tb_flush_jmp_cache
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (12 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0] Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-10-03 12:51 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 15/18] include/hw/core: Create struct CPUJumpCache Richard Henderson
` (5 subsequent siblings)
19 siblings, 1 reply; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee
This function has two users, who use it incompatibly.
In tlb_flush_page_by_mmuidx_async_0, when flushing a
single page, we need to flush exactly two pages.
In tlb_flush_range_by_mmuidx_async_0, when flushing a
range of pages, we need to flush N+1 pages.
This avoids double-flushing of jmp cache pages in a range.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/cputlb.c | 25 ++++++++++++++-----------
1 file changed, 14 insertions(+), 11 deletions(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index a0db2d32a8..c7909fb619 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -107,14 +107,6 @@ static void tb_jmp_cache_clear_page(CPUState *cpu, target_ulong page_addr)
}
}
-static void tb_flush_jmp_cache(CPUState *cpu, target_ulong addr)
-{
- /* Discard jump cache entries for any tb which might potentially
- overlap the flushed page. */
- tb_jmp_cache_clear_page(cpu, addr - TARGET_PAGE_SIZE);
- tb_jmp_cache_clear_page(cpu, addr);
-}
-
/**
* tlb_mmu_resize_locked() - perform TLB resize bookkeeping; resize if necessary
* @desc: The CPUTLBDesc portion of the TLB
@@ -541,7 +533,12 @@ static void tlb_flush_page_by_mmuidx_async_0(CPUState *cpu,
}
qemu_spin_unlock(&env_tlb(env)->c.lock);
- tb_flush_jmp_cache(cpu, addr);
+ /*
+ * Discard jump cache entries for any tb which might potentially
+ * overlap the flushed page, which includes the previous.
+ */
+ tb_jmp_cache_clear_page(cpu, addr - TARGET_PAGE_SIZE);
+ tb_jmp_cache_clear_page(cpu, addr);
}
/**
@@ -792,8 +789,14 @@ static void tlb_flush_range_by_mmuidx_async_0(CPUState *cpu,
return;
}
- for (target_ulong i = 0; i < d.len; i += TARGET_PAGE_SIZE) {
- tb_flush_jmp_cache(cpu, d.addr + i);
+ /*
+ * Discard jump cache entries for any tb which might potentially
+ * overlap the flushed pages, which includes the previous.
+ */
+ d.addr -= TARGET_PAGE_SIZE;
+ for (target_ulong i = 0, n = d.len / TARGET_PAGE_SIZE + 1; i < n; i++) {
+ tb_jmp_cache_clear_page(cpu, d.addr);
+ d.addr += TARGET_PAGE_SIZE;
}
}
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 15/18] include/hw/core: Create struct CPUJumpCache
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (13 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 14/18] accel/tcg: Inline tb_flush_jmp_cache Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-10-03 12:57 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 16/18] hw/core: Add CPUClass.get_pc Richard Henderson
` (4 subsequent siblings)
19 siblings, 1 reply; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee, Philippe Mathieu-Daudé
Wrap the bare TranslationBlock pointer into a structure.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/tb-hash.h | 1 +
accel/tcg/tb-jmp-cache.h | 24 ++++++++++++++++++++++++
include/exec/cpu-common.h | 1 +
include/hw/core/cpu.h | 15 +--------------
include/qemu/typedefs.h | 1 +
accel/tcg/cpu-exec.c | 10 +++++++---
accel/tcg/cputlb.c | 9 +++++----
accel/tcg/translate-all.c | 28 +++++++++++++++++++++++++---
hw/core/cpu-common.c | 3 +--
plugins/core.c | 2 +-
trace/control-target.c | 2 +-
11 files changed, 68 insertions(+), 28 deletions(-)
create mode 100644 accel/tcg/tb-jmp-cache.h
diff --git a/accel/tcg/tb-hash.h b/accel/tcg/tb-hash.h
index 0a273d9605..83dc610e4c 100644
--- a/accel/tcg/tb-hash.h
+++ b/accel/tcg/tb-hash.h
@@ -23,6 +23,7 @@
#include "exec/cpu-defs.h"
#include "exec/exec-all.h"
#include "qemu/xxhash.h"
+#include "tb-jmp-cache.h"
#ifdef CONFIG_SOFTMMU
diff --git a/accel/tcg/tb-jmp-cache.h b/accel/tcg/tb-jmp-cache.h
new file mode 100644
index 0000000000..2d8fbb1bfe
--- /dev/null
+++ b/accel/tcg/tb-jmp-cache.h
@@ -0,0 +1,24 @@
+/*
+ * The per-CPU TranslationBlock jump cache.
+ *
+ * Copyright (c) 2003 Fabrice Bellard
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef ACCEL_TCG_TB_JMP_CACHE_H
+#define ACCEL_TCG_TB_JMP_CACHE_H
+
+#define TB_JMP_CACHE_BITS 12
+#define TB_JMP_CACHE_SIZE (1 << TB_JMP_CACHE_BITS)
+
+/*
+ * Accessed in parallel; all accesses to 'tb' must be atomic.
+ */
+struct CPUJumpCache {
+ struct {
+ TranslationBlock *tb;
+ } array[TB_JMP_CACHE_SIZE];
+};
+
+#endif /* ACCEL_TCG_TB_JMP_CACHE_H */
diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
index d909429427..c493510ee9 100644
--- a/include/exec/cpu-common.h
+++ b/include/exec/cpu-common.h
@@ -38,6 +38,7 @@ void cpu_list_unlock(void);
unsigned int cpu_list_generation_id_get(void);
void tcg_flush_softmmu_tlb(CPUState *cs);
+void tcg_flush_jmp_cache(CPUState *cs);
void tcg_iommu_init_notifier_list(CPUState *cpu);
void tcg_iommu_free_notifier_list(CPUState *cpu);
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 009dc0d336..18ca701b44 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -236,9 +236,6 @@ struct kvm_run;
struct hax_vcpu_state;
struct hvf_vcpu_state;
-#define TB_JMP_CACHE_BITS 12
-#define TB_JMP_CACHE_SIZE (1 << TB_JMP_CACHE_BITS)
-
/* work queue */
/* The union type allows passing of 64 bit target pointers on 32 bit
@@ -369,8 +366,7 @@ struct CPUState {
CPUArchState *env_ptr;
IcountDecr *icount_decr_ptr;
- /* Accessed in parallel; all accesses must be atomic */
- TranslationBlock *tb_jmp_cache[TB_JMP_CACHE_SIZE];
+ CPUJumpCache *tb_jmp_cache;
struct GDBRegisterState *gdb_regs;
int gdb_num_regs;
@@ -456,15 +452,6 @@ extern CPUTailQ cpus;
extern __thread CPUState *current_cpu;
-static inline void cpu_tb_jmp_cache_clear(CPUState *cpu)
-{
- unsigned int i;
-
- for (i = 0; i < TB_JMP_CACHE_SIZE; i++) {
- qatomic_set(&cpu->tb_jmp_cache[i], NULL);
- }
-}
-
/**
* qemu_tcg_mttcg_enabled:
* Check whether we are running MultiThread TCG or not.
diff --git a/include/qemu/typedefs.h b/include/qemu/typedefs.h
index 42f4ceb701..5449aaf483 100644
--- a/include/qemu/typedefs.h
+++ b/include/qemu/typedefs.h
@@ -41,6 +41,7 @@ typedef struct CoMutex CoMutex;
typedef struct ConfidentialGuestSupport ConfidentialGuestSupport;
typedef struct CPUAddressSpace CPUAddressSpace;
typedef struct CPUArchState CPUArchState;
+typedef struct CPUJumpCache CPUJumpCache;
typedef struct CPUState CPUState;
typedef struct DeviceListener DeviceListener;
typedef struct DeviceState DeviceState;
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index dd58a144a8..2d7e610ee2 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -42,6 +42,7 @@
#include "sysemu/replay.h"
#include "sysemu/tcg.h"
#include "exec/helper-proto.h"
+#include "tb-jmp-cache.h"
#include "tb-hash.h"
#include "tb-context.h"
#include "internal.h"
@@ -252,7 +253,7 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
tcg_debug_assert(!(cflags & CF_INVALID));
hash = tb_jmp_cache_hash_func(pc);
- tb = qatomic_rcu_read(&cpu->tb_jmp_cache[hash]);
+ tb = qatomic_rcu_read(&cpu->tb_jmp_cache->array[hash].tb);
if (likely(tb &&
tb->pc == pc &&
@@ -266,7 +267,7 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
if (tb == NULL) {
return NULL;
}
- qatomic_set(&cpu->tb_jmp_cache[hash], tb);
+ qatomic_set(&cpu->tb_jmp_cache->array[hash].tb, tb);
return tb;
}
@@ -987,6 +988,8 @@ int cpu_exec(CPUState *cpu)
tb = tb_lookup(cpu, pc, cs_base, flags, cflags);
if (tb == NULL) {
+ uint32_t h;
+
mmap_lock();
tb = tb_gen_code(cpu, pc, cs_base, flags, cflags);
mmap_unlock();
@@ -994,7 +997,8 @@ int cpu_exec(CPUState *cpu)
* We add the TB in the virtual pc hash table
* for the fast lookup
*/
- qatomic_set(&cpu->tb_jmp_cache[tb_jmp_cache_hash_func(pc)], tb);
+ h = tb_jmp_cache_hash_func(pc);
+ qatomic_set(&cpu->tb_jmp_cache->array[h].tb, tb);
}
#ifndef CONFIG_USER_ONLY
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index c7909fb619..6f1c00682b 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -100,10 +100,11 @@ static void tlb_window_reset(CPUTLBDesc *desc, int64_t ns,
static void tb_jmp_cache_clear_page(CPUState *cpu, target_ulong page_addr)
{
- unsigned int i, i0 = tb_jmp_cache_hash_page(page_addr);
+ int i, i0 = tb_jmp_cache_hash_page(page_addr);
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
for (i = 0; i < TB_JMP_PAGE_SIZE; i++) {
- qatomic_set(&cpu->tb_jmp_cache[i0 + i], NULL);
+ qatomic_set(&jc->array[i0 + i].tb, NULL);
}
}
@@ -356,7 +357,7 @@ static void tlb_flush_by_mmuidx_async_work(CPUState *cpu, run_on_cpu_data data)
qemu_spin_unlock(&env_tlb(env)->c.lock);
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
if (to_clean == ALL_MMUIDX_BITS) {
qatomic_set(&env_tlb(env)->c.full_flush_count,
@@ -785,7 +786,7 @@ static void tlb_flush_range_by_mmuidx_async_0(CPUState *cpu,
* longer to clear each entry individually than it will to clear it all.
*/
if (d.len >= (TARGET_PAGE_SIZE * TB_JMP_CACHE_SIZE)) {
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
return;
}
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 3a63113c41..63ecc15236 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -58,6 +58,7 @@
#include "sysemu/tcg.h"
#include "qapi/error.h"
#include "hw/core/tcg-cpu-ops.h"
+#include "tb-jmp-cache.h"
#include "tb-hash.h"
#include "tb-context.h"
#include "internal.h"
@@ -967,7 +968,7 @@ static void do_tb_flush(CPUState *cpu, run_on_cpu_data tb_flush_count)
}
CPU_FOREACH(cpu) {
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
}
qht_reset_size(&tb_ctx.htable, CODE_GEN_HTABLE_SIZE);
@@ -1187,8 +1188,9 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
/* remove the TB from the hash list */
h = tb_jmp_cache_hash_func(tb->pc);
CPU_FOREACH(cpu) {
- if (qatomic_read(&cpu->tb_jmp_cache[h]) == tb) {
- qatomic_set(&cpu->tb_jmp_cache[h], NULL);
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
+ if (qatomic_read(&jc->array[h].tb) == tb) {
+ qatomic_set(&jc->array[h].tb, NULL);
}
}
@@ -2443,6 +2445,26 @@ int page_unprotect(target_ulong address, uintptr_t pc)
}
#endif /* CONFIG_USER_ONLY */
+/*
+ * Called by generic code at e.g. cpu reset after cpu creation,
+ * therefore we must be prepared to allocate the jump cache.
+ */
+void tcg_flush_jmp_cache(CPUState *cpu)
+{
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
+
+ if (likely(jc)) {
+ for (int i = 0; i < TB_JMP_CACHE_SIZE; i++) {
+ qatomic_set(&jc->array[i].tb, NULL);
+ }
+ } else {
+ /* This should happen once during realize, and thus never race. */
+ jc = g_new0(CPUJumpCache, 1);
+ jc = qatomic_xchg(&cpu->tb_jmp_cache, jc);
+ assert(jc == NULL);
+ }
+}
+
/* This is a wrapper for common code that can not use CONFIG_SOFTMMU */
void tcg_flush_softmmu_tlb(CPUState *cs)
{
diff --git a/hw/core/cpu-common.c b/hw/core/cpu-common.c
index 9e3241b430..f9fdd46b9d 100644
--- a/hw/core/cpu-common.c
+++ b/hw/core/cpu-common.c
@@ -137,8 +137,7 @@ static void cpu_common_reset(DeviceState *dev)
cpu->cflags_next_tb = -1;
if (tcg_enabled()) {
- cpu_tb_jmp_cache_clear(cpu);
-
+ tcg_flush_jmp_cache(cpu);
tcg_flush_softmmu_tlb(cpu);
}
}
diff --git a/plugins/core.c b/plugins/core.c
index 792262da08..c3ae284994 100644
--- a/plugins/core.c
+++ b/plugins/core.c
@@ -56,7 +56,7 @@ struct qemu_plugin_ctx *plugin_id_to_ctx_locked(qemu_plugin_id_t id)
static void plugin_cpu_update__async(CPUState *cpu, run_on_cpu_data data)
{
bitmap_copy(cpu->plugin_mask, &data.host_ulong, QEMU_PLUGIN_EV_MAX);
- cpu_tb_jmp_cache_clear(cpu);
+ tcg_flush_jmp_cache(cpu);
}
static void plugin_cpu_update__locked(gpointer k, gpointer v, gpointer udata)
diff --git a/trace/control-target.c b/trace/control-target.c
index 8418673c18..232c97a4a1 100644
--- a/trace/control-target.c
+++ b/trace/control-target.c
@@ -65,7 +65,7 @@ static void trace_event_synchronize_vcpu_state_dynamic(
{
bitmap_copy(vcpu->trace_dstate, vcpu->trace_dstate_delayed,
CPU_TRACE_DSTATE_MAX_EVENTS);
- cpu_tb_jmp_cache_clear(vcpu);
+ tcg_flush_jmp_cache(vcpu);
}
void trace_event_set_vcpu_state_dynamic(CPUState *vcpu,
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 16/18] hw/core: Add CPUClass.get_pc
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (14 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 15/18] include/hw/core: Create struct CPUJumpCache Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:56 ` Taylor Simpson
` (2 more replies)
2022-09-30 21:26 ` [PATCH v6 17/18] accel/tcg: Introduce tb_pc and log_pc Richard Henderson
` (3 subsequent siblings)
19 siblings, 3 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, alex.bennee, Eduardo Habkost, Marcel Apfelbaum,
Philippe Mathieu-Daudé,
Yanan Wang, Michael Rolnik, Edgar E. Iglesias, Taylor Simpson,
Song Gao, Xiaojuan Yang, Laurent Vivier, Jiaxun Yang,
Aleksandar Rikalo, Chris Wulff, Marek Vasut, Stafford Horne,
Yoshinori Sato, Mark Cave-Ayland, Bastian Koppelmann,
Max Filippov, qemu-arm, qemu-ppc, qemu-riscv, qemu-s390x
Populate this new method for all targets. Always match
the result that would be given by cpu_get_tb_cpu_state,
as we will want these values to correspond in the logs.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
Cc: Eduardo Habkost <eduardo@habkost.net> (supporter:Machine core)
Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com> (supporter:Machine core)
Cc: "Philippe Mathieu-Daudé" <f4bug@amsat.org> (reviewer:Machine core)
Cc: Yanan Wang <wangyanan55@huawei.com> (reviewer:Machine core)
Cc: Michael Rolnik <mrolnik@gmail.com> (maintainer:AVR TCG CPUs)
Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> (maintainer:CRIS TCG CPUs)
Cc: Taylor Simpson <tsimpson@quicinc.com> (supporter:Hexagon TCG CPUs)
Cc: Song Gao <gaosong@loongson.cn> (maintainer:LoongArch TCG CPUs)
Cc: Xiaojuan Yang <yangxiaojuan@loongson.cn> (maintainer:LoongArch TCG CPUs)
Cc: Laurent Vivier <laurent@vivier.eu> (maintainer:M68K TCG CPUs)
Cc: Jiaxun Yang <jiaxun.yang@flygoat.com> (reviewer:MIPS TCG CPUs)
Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com> (reviewer:MIPS TCG CPUs)
Cc: Chris Wulff <crwulff@gmail.com> (maintainer:NiosII TCG CPUs)
Cc: Marek Vasut <marex@denx.de> (maintainer:NiosII TCG CPUs)
Cc: Stafford Horne <shorne@gmail.com> (odd fixer:OpenRISC TCG CPUs)
Cc: Yoshinori Sato <ysato@users.sourceforge.jp> (reviewer:RENESAS RX CPUs)
Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> (maintainer:SPARC TCG CPUs)
Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> (maintainer:TriCore TCG CPUs)
Cc: Max Filippov <jcmvbkbc@gmail.com> (maintainer:Xtensa TCG CPUs)
Cc: qemu-arm@nongnu.org (open list:ARM TCG CPUs)
Cc: qemu-ppc@nongnu.org (open list:PowerPC TCG CPUs)
Cc: qemu-riscv@nongnu.org (open list:RISC-V TCG CPUs)
Cc: qemu-s390x@nongnu.org (open list:S390 TCG CPUs)
---
include/hw/core/cpu.h | 3 +++
target/alpha/cpu.c | 9 +++++++++
target/arm/cpu.c | 13 +++++++++++++
target/avr/cpu.c | 8 ++++++++
target/cris/cpu.c | 8 ++++++++
target/hexagon/cpu.c | 8 ++++++++
target/hppa/cpu.c | 8 ++++++++
target/i386/cpu.c | 9 +++++++++
target/loongarch/cpu.c | 9 +++++++++
target/m68k/cpu.c | 8 ++++++++
target/microblaze/cpu.c | 8 ++++++++
target/mips/cpu.c | 8 ++++++++
target/nios2/cpu.c | 9 +++++++++
target/openrisc/cpu.c | 8 ++++++++
target/ppc/cpu_init.c | 8 ++++++++
target/riscv/cpu.c | 13 +++++++++++++
target/rx/cpu.c | 8 ++++++++
target/s390x/cpu.c | 8 ++++++++
target/sh4/cpu.c | 8 ++++++++
target/sparc/cpu.c | 8 ++++++++
target/tricore/cpu.c | 9 +++++++++
target/xtensa/cpu.c | 8 ++++++++
22 files changed, 186 insertions(+)
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 18ca701b44..f9b58773f7 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -115,6 +115,8 @@ struct SysemuCPUOps;
* If the target behaviour here is anything other than "set
* the PC register to the value passed in" then the target must
* also implement the synchronize_from_tb hook.
+ * @get_pc: Callback for getting the Program Counter register.
+ * As above, with the semantics of the target architecture.
* @gdb_read_register: Callback for letting GDB read a register.
* @gdb_write_register: Callback for letting GDB write a register.
* @gdb_adjust_breakpoint: Callback for adjusting the address of a
@@ -151,6 +153,7 @@ struct CPUClass {
void (*dump_state)(CPUState *cpu, FILE *, int flags);
int64_t (*get_arch_id)(CPUState *cpu);
void (*set_pc)(CPUState *cpu, vaddr value);
+ vaddr (*get_pc)(CPUState *cpu);
int (*gdb_read_register)(CPUState *cpu, GByteArray *buf, int reg);
int (*gdb_write_register)(CPUState *cpu, uint8_t *buf, int reg);
vaddr (*gdb_adjust_breakpoint)(CPUState *cpu, vaddr addr);
diff --git a/target/alpha/cpu.c b/target/alpha/cpu.c
index a8990d401b..979a629d59 100644
--- a/target/alpha/cpu.c
+++ b/target/alpha/cpu.c
@@ -33,6 +33,14 @@ static void alpha_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc = value;
}
+static vaddr alpha_cpu_get_pc(CPUState *cs)
+{
+ AlphaCPU *cpu = ALPHA_CPU(cs);
+
+ return cpu->env.pc;
+}
+
+
static bool alpha_cpu_has_work(CPUState *cs)
{
/* Here we are checking to see if the CPU should wake up from HALT.
@@ -244,6 +252,7 @@ static void alpha_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = alpha_cpu_has_work;
cc->dump_state = alpha_cpu_dump_state;
cc->set_pc = alpha_cpu_set_pc;
+ cc->get_pc = alpha_cpu_get_pc;
cc->gdb_read_register = alpha_cpu_gdb_read_register;
cc->gdb_write_register = alpha_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index 7ec3281da9..fa67ba6647 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -60,6 +60,18 @@ static void arm_cpu_set_pc(CPUState *cs, vaddr value)
}
}
+static vaddr arm_cpu_get_pc(CPUState *cs)
+{
+ ARMCPU *cpu = ARM_CPU(cs);
+ CPUARMState *env = &cpu->env;
+
+ if (is_a64(env)) {
+ return env->pc;
+ } else {
+ return env->regs[15];
+ }
+}
+
#ifdef CONFIG_TCG
void arm_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
@@ -2172,6 +2184,7 @@ static void arm_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = arm_cpu_has_work;
cc->dump_state = arm_cpu_dump_state;
cc->set_pc = arm_cpu_set_pc;
+ cc->get_pc = arm_cpu_get_pc;
cc->gdb_read_register = arm_cpu_gdb_read_register;
cc->gdb_write_register = arm_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/avr/cpu.c b/target/avr/cpu.c
index 05b992ff73..6900444d03 100644
--- a/target/avr/cpu.c
+++ b/target/avr/cpu.c
@@ -32,6 +32,13 @@ static void avr_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc_w = value / 2; /* internally PC points to words */
}
+static vaddr avr_cpu_get_pc(CPUState *cs)
+{
+ AVRCPU *cpu = AVR_CPU(cs);
+
+ return cpu->env.pc_w * 2;
+}
+
static bool avr_cpu_has_work(CPUState *cs)
{
AVRCPU *cpu = AVR_CPU(cs);
@@ -214,6 +221,7 @@ static void avr_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = avr_cpu_has_work;
cc->dump_state = avr_cpu_dump_state;
cc->set_pc = avr_cpu_set_pc;
+ cc->get_pc = avr_cpu_get_pc;
dc->vmsd = &vms_avr_cpu;
cc->sysemu_ops = &avr_sysemu_ops;
cc->disas_set_info = avr_cpu_disas_set_info;
diff --git a/target/cris/cpu.c b/target/cris/cpu.c
index ed6c781342..22f5c70f39 100644
--- a/target/cris/cpu.c
+++ b/target/cris/cpu.c
@@ -35,6 +35,13 @@ static void cris_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc = value;
}
+static vaddr cris_cpu_get_pc(CPUState *cs)
+{
+ CRISCPU *cpu = CRIS_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static bool cris_cpu_has_work(CPUState *cs)
{
return cs->interrupt_request & (CPU_INTERRUPT_HARD | CPU_INTERRUPT_NMI);
@@ -297,6 +304,7 @@ static void cris_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = cris_cpu_has_work;
cc->dump_state = cris_cpu_dump_state;
cc->set_pc = cris_cpu_set_pc;
+ cc->get_pc = cris_cpu_get_pc;
cc->gdb_read_register = cris_cpu_gdb_read_register;
cc->gdb_write_register = cris_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c
index fa9bd702d6..04a497db5e 100644
--- a/target/hexagon/cpu.c
+++ b/target/hexagon/cpu.c
@@ -251,6 +251,13 @@ static void hexagon_cpu_set_pc(CPUState *cs, vaddr value)
env->gpr[HEX_REG_PC] = value;
}
+static vaddr hexagon_cpu_get_pc(CPUState *cs)
+{
+ HexagonCPU *cpu = HEXAGON_CPU(cs);
+ CPUHexagonState *env = &cpu->env;
+ return env->gpr[HEX_REG_PC];
+}
+
static void hexagon_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -337,6 +344,7 @@ static void hexagon_cpu_class_init(ObjectClass *c, void *data)
cc->has_work = hexagon_cpu_has_work;
cc->dump_state = hexagon_dump_state;
cc->set_pc = hexagon_cpu_set_pc;
+ cc->get_pc = hexagon_cpu_get_pc;
cc->gdb_read_register = hexagon_gdb_read_register;
cc->gdb_write_register = hexagon_gdb_write_register;
cc->gdb_num_core_regs = TOTAL_PER_THREAD_REGS + NUM_VREGS + NUM_QREGS;
diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
index a6f52caf14..e25d3db6d5 100644
--- a/target/hppa/cpu.c
+++ b/target/hppa/cpu.c
@@ -36,6 +36,13 @@ static void hppa_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.iaoq_b = value + 4;
}
+static vaddr hppa_cpu_get_pc(CPUState *cs)
+{
+ HPPACPU *cpu = HPPA_CPU(cs);
+
+ return cpu->env.iaoq_f;
+}
+
static void hppa_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -168,6 +175,7 @@ static void hppa_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = hppa_cpu_has_work;
cc->dump_state = hppa_cpu_dump_state;
cc->set_pc = hppa_cpu_set_pc;
+ cc->get_pc = hppa_cpu_get_pc;
cc->gdb_read_register = hppa_cpu_gdb_read_register;
cc->gdb_write_register = hppa_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/i386/cpu.c b/target/i386/cpu.c
index 1db1278a59..ad623d91e4 100644
--- a/target/i386/cpu.c
+++ b/target/i386/cpu.c
@@ -6824,6 +6824,14 @@ static void x86_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.eip = value;
}
+static vaddr x86_cpu_get_pc(CPUState *cs)
+{
+ X86CPU *cpu = X86_CPU(cs);
+
+ /* Match cpu_get_tb_cpu_state. */
+ return cpu->env.eip + cpu->env.segs[R_CS].base;
+}
+
int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
{
X86CPU *cpu = X86_CPU(cs);
@@ -7106,6 +7114,7 @@ static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
cc->has_work = x86_cpu_has_work;
cc->dump_state = x86_cpu_dump_state;
cc->set_pc = x86_cpu_set_pc;
+ cc->get_pc = x86_cpu_get_pc;
cc->gdb_read_register = x86_cpu_gdb_read_register;
cc->gdb_write_register = x86_cpu_gdb_write_register;
cc->get_arch_id = x86_cpu_get_arch_id;
diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
index 941e2772bc..20a92ea56c 100644
--- a/target/loongarch/cpu.c
+++ b/target/loongarch/cpu.c
@@ -82,6 +82,14 @@ static void loongarch_cpu_set_pc(CPUState *cs, vaddr value)
env->pc = value;
}
+static vaddr loongarch_cpu_get_pc(CPUState *cs)
+{
+ LoongArchCPU *cpu = LOONGARCH_CPU(cs);
+ CPULoongArchState *env = &cpu->env;
+
+ return env->pc;
+}
+
#ifndef CONFIG_USER_ONLY
#include "hw/loongarch/virt.h"
@@ -680,6 +688,7 @@ static void loongarch_cpu_class_init(ObjectClass *c, void *data)
cc->has_work = loongarch_cpu_has_work;
cc->dump_state = loongarch_cpu_dump_state;
cc->set_pc = loongarch_cpu_set_pc;
+ cc->get_pc = loongarch_cpu_get_pc;
#ifndef CONFIG_USER_ONLY
dc->vmsd = &vmstate_loongarch_cpu;
cc->sysemu_ops = &loongarch_sysemu_ops;
diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
index 25d610db21..1e902e1ef0 100644
--- a/target/m68k/cpu.c
+++ b/target/m68k/cpu.c
@@ -31,6 +31,13 @@ static void m68k_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc = value;
}
+static vaddr m68k_cpu_get_pc(CPUState *cs)
+{
+ M68kCPU *cpu = M68K_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static bool m68k_cpu_has_work(CPUState *cs)
{
return cs->interrupt_request & CPU_INTERRUPT_HARD;
@@ -540,6 +547,7 @@ static void m68k_cpu_class_init(ObjectClass *c, void *data)
cc->has_work = m68k_cpu_has_work;
cc->dump_state = m68k_cpu_dump_state;
cc->set_pc = m68k_cpu_set_pc;
+ cc->get_pc = m68k_cpu_get_pc;
cc->gdb_read_register = m68k_cpu_gdb_read_register;
cc->gdb_write_register = m68k_cpu_gdb_write_register;
#if defined(CONFIG_SOFTMMU)
diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
index aed200dcff..73af51769e 100644
--- a/target/microblaze/cpu.c
+++ b/target/microblaze/cpu.c
@@ -84,6 +84,13 @@ static void mb_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.iflags = 0;
}
+static vaddr mb_cpu_get_pc(CPUState *cs)
+{
+ MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void mb_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -391,6 +398,7 @@ static void mb_cpu_class_init(ObjectClass *oc, void *data)
cc->dump_state = mb_cpu_dump_state;
cc->set_pc = mb_cpu_set_pc;
+ cc->get_pc = mb_cpu_get_pc;
cc->gdb_read_register = mb_cpu_gdb_read_register;
cc->gdb_write_register = mb_cpu_gdb_write_register;
diff --git a/target/mips/cpu.c b/target/mips/cpu.c
index c15c955367..da58eb8892 100644
--- a/target/mips/cpu.c
+++ b/target/mips/cpu.c
@@ -128,6 +128,13 @@ static void mips_cpu_set_pc(CPUState *cs, vaddr value)
mips_env_set_pc(&cpu->env, value);
}
+static vaddr mips_cpu_get_pc(CPUState *cs)
+{
+ MIPSCPU *cpu = MIPS_CPU(cs);
+
+ return cpu->env.active_tc.PC;
+}
+
static bool mips_cpu_has_work(CPUState *cs)
{
MIPSCPU *cpu = MIPS_CPU(cs);
@@ -557,6 +564,7 @@ static void mips_cpu_class_init(ObjectClass *c, void *data)
cc->has_work = mips_cpu_has_work;
cc->dump_state = mips_cpu_dump_state;
cc->set_pc = mips_cpu_set_pc;
+ cc->get_pc = mips_cpu_get_pc;
cc->gdb_read_register = mips_cpu_gdb_read_register;
cc->gdb_write_register = mips_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/nios2/cpu.c b/target/nios2/cpu.c
index 19b2409974..2b28429c08 100644
--- a/target/nios2/cpu.c
+++ b/target/nios2/cpu.c
@@ -34,6 +34,14 @@ static void nios2_cpu_set_pc(CPUState *cs, vaddr value)
env->pc = value;
}
+static vaddr nios2_cpu_get_pc(CPUState *cs)
+{
+ Nios2CPU *cpu = NIOS2_CPU(cs);
+ CPUNios2State *env = &cpu->env;
+
+ return env->pc;
+}
+
static bool nios2_cpu_has_work(CPUState *cs)
{
return cs->interrupt_request & CPU_INTERRUPT_HARD;
@@ -362,6 +370,7 @@ static void nios2_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = nios2_cpu_has_work;
cc->dump_state = nios2_cpu_dump_state;
cc->set_pc = nios2_cpu_set_pc;
+ cc->get_pc = nios2_cpu_get_pc;
cc->disas_set_info = nios2_cpu_disas_set_info;
#ifndef CONFIG_USER_ONLY
cc->sysemu_ops = &nios2_sysemu_ops;
diff --git a/target/openrisc/cpu.c b/target/openrisc/cpu.c
index cb9f35f408..33cf717210 100644
--- a/target/openrisc/cpu.c
+++ b/target/openrisc/cpu.c
@@ -31,6 +31,13 @@ static void openrisc_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.dflag = 0;
}
+static vaddr openrisc_cpu_get_pc(CPUState *cs)
+{
+ OpenRISCCPU *cpu = OPENRISC_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void openrisc_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -218,6 +225,7 @@ static void openrisc_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = openrisc_cpu_has_work;
cc->dump_state = openrisc_cpu_dump_state;
cc->set_pc = openrisc_cpu_set_pc;
+ cc->get_pc = openrisc_cpu_get_pc;
cc->gdb_read_register = openrisc_cpu_gdb_read_register;
cc->gdb_write_register = openrisc_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
index 6e080ebda0..763a8431be 100644
--- a/target/ppc/cpu_init.c
+++ b/target/ppc/cpu_init.c
@@ -7214,6 +7214,13 @@ static void ppc_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.nip = value;
}
+static vaddr ppc_cpu_get_pc(CPUState *cs)
+{
+ PowerPCCPU *cpu = POWERPC_CPU(cs);
+
+ return cpu->env.nip;
+}
+
static bool ppc_cpu_has_work(CPUState *cs)
{
PowerPCCPU *cpu = POWERPC_CPU(cs);
@@ -7472,6 +7479,7 @@ static void ppc_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = ppc_cpu_has_work;
cc->dump_state = ppc_cpu_dump_state;
cc->set_pc = ppc_cpu_set_pc;
+ cc->get_pc = ppc_cpu_get_pc;
cc->gdb_read_register = ppc_cpu_gdb_read_register;
cc->gdb_write_register = ppc_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index b29c88b9f0..6ca05c6eaf 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -462,6 +462,18 @@ static void riscv_cpu_set_pc(CPUState *cs, vaddr value)
}
}
+static vaddr riscv_cpu_get_pc(CPUState *cs)
+{
+ RISCVCPU *cpu = RISCV_CPU(cs);
+ CPURISCVState *env = &cpu->env;
+
+ /* Match cpu_get_tb_cpu_state. */
+ if (env->xl == MXL_RV32) {
+ return env->pc & UINT32_MAX;
+ }
+ return env->pc;
+}
+
static void riscv_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -1154,6 +1166,7 @@ static void riscv_cpu_class_init(ObjectClass *c, void *data)
cc->has_work = riscv_cpu_has_work;
cc->dump_state = riscv_cpu_dump_state;
cc->set_pc = riscv_cpu_set_pc;
+ cc->get_pc = riscv_cpu_get_pc;
cc->gdb_read_register = riscv_cpu_gdb_read_register;
cc->gdb_write_register = riscv_cpu_gdb_write_register;
cc->gdb_num_core_regs = 33;
diff --git a/target/rx/cpu.c b/target/rx/cpu.c
index fb30080ac4..134b4b6bb6 100644
--- a/target/rx/cpu.c
+++ b/target/rx/cpu.c
@@ -32,6 +32,13 @@ static void rx_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc = value;
}
+static vaddr rx_cpu_get_pc(CPUState *cs)
+{
+ RXCPU *cpu = RX_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void rx_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -208,6 +215,7 @@ static void rx_cpu_class_init(ObjectClass *klass, void *data)
cc->has_work = rx_cpu_has_work;
cc->dump_state = rx_cpu_dump_state;
cc->set_pc = rx_cpu_set_pc;
+ cc->get_pc = rx_cpu_get_pc;
#ifndef CONFIG_USER_ONLY
cc->sysemu_ops = &rx_sysemu_ops;
diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c
index c31bb2351f..df00040e95 100644
--- a/target/s390x/cpu.c
+++ b/target/s390x/cpu.c
@@ -88,6 +88,13 @@ static void s390_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.psw.addr = value;
}
+static vaddr s390_cpu_get_pc(CPUState *cs)
+{
+ S390CPU *cpu = S390_CPU(cs);
+
+ return cpu->env.psw.addr;
+}
+
static bool s390_cpu_has_work(CPUState *cs)
{
S390CPU *cpu = S390_CPU(cs);
@@ -297,6 +304,7 @@ static void s390_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = s390_cpu_has_work;
cc->dump_state = s390_cpu_dump_state;
cc->set_pc = s390_cpu_set_pc;
+ cc->get_pc = s390_cpu_get_pc;
cc->gdb_read_register = s390_cpu_gdb_read_register;
cc->gdb_write_register = s390_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/sh4/cpu.c b/target/sh4/cpu.c
index 06b2691dc4..4bafbf8596 100644
--- a/target/sh4/cpu.c
+++ b/target/sh4/cpu.c
@@ -34,6 +34,13 @@ static void superh_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc = value;
}
+static vaddr superh_cpu_get_pc(CPUState *cs)
+{
+ SuperHCPU *cpu = SUPERH_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void superh_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -261,6 +268,7 @@ static void superh_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = superh_cpu_has_work;
cc->dump_state = superh_cpu_dump_state;
cc->set_pc = superh_cpu_set_pc;
+ cc->get_pc = superh_cpu_get_pc;
cc->gdb_read_register = superh_cpu_gdb_read_register;
cc->gdb_write_register = superh_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/sparc/cpu.c b/target/sparc/cpu.c
index 55268ed2a1..1b2afb0cb8 100644
--- a/target/sparc/cpu.c
+++ b/target/sparc/cpu.c
@@ -693,6 +693,13 @@ static void sparc_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.npc = value + 4;
}
+static vaddr sparc_cpu_get_pc(CPUState *cs)
+{
+ SPARCCPU *cpu = SPARC_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static void sparc_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -896,6 +903,7 @@ static void sparc_cpu_class_init(ObjectClass *oc, void *data)
cc->memory_rw_debug = sparc_cpu_memory_rw_debug;
#endif
cc->set_pc = sparc_cpu_set_pc;
+ cc->get_pc = sparc_cpu_get_pc;
cc->gdb_read_register = sparc_cpu_gdb_read_register;
cc->gdb_write_register = sparc_cpu_gdb_write_register;
#ifndef CONFIG_USER_ONLY
diff --git a/target/tricore/cpu.c b/target/tricore/cpu.c
index b95682b7f0..91b16bdefc 100644
--- a/target/tricore/cpu.c
+++ b/target/tricore/cpu.c
@@ -41,6 +41,14 @@ static void tricore_cpu_set_pc(CPUState *cs, vaddr value)
env->PC = value & ~(target_ulong)1;
}
+static vaddr tricore_cpu_get_pc(CPUState *cs)
+{
+ TriCoreCPU *cpu = TRICORE_CPU(cs);
+ CPUTriCoreState *env = &cpu->env;
+
+ return env->PC;
+}
+
static void tricore_cpu_synchronize_from_tb(CPUState *cs,
const TranslationBlock *tb)
{
@@ -176,6 +184,7 @@ static void tricore_cpu_class_init(ObjectClass *c, void *data)
cc->dump_state = tricore_cpu_dump_state;
cc->set_pc = tricore_cpu_set_pc;
+ cc->get_pc = tricore_cpu_get_pc;
cc->sysemu_ops = &tricore_sysemu_ops;
cc->tcg_ops = &tricore_tcg_ops;
}
diff --git a/target/xtensa/cpu.c b/target/xtensa/cpu.c
index fd553fdfb5..cbbe0e84a2 100644
--- a/target/xtensa/cpu.c
+++ b/target/xtensa/cpu.c
@@ -44,6 +44,13 @@ static void xtensa_cpu_set_pc(CPUState *cs, vaddr value)
cpu->env.pc = value;
}
+static vaddr xtensa_cpu_get_pc(CPUState *cs)
+{
+ XtensaCPU *cpu = XTENSA_CPU(cs);
+
+ return cpu->env.pc;
+}
+
static bool xtensa_cpu_has_work(CPUState *cs)
{
#ifndef CONFIG_USER_ONLY
@@ -233,6 +240,7 @@ static void xtensa_cpu_class_init(ObjectClass *oc, void *data)
cc->has_work = xtensa_cpu_has_work;
cc->dump_state = xtensa_cpu_dump_state;
cc->set_pc = xtensa_cpu_set_pc;
+ cc->get_pc = xtensa_cpu_get_pc;
cc->gdb_read_register = xtensa_cpu_gdb_read_register;
cc->gdb_write_register = xtensa_cpu_gdb_write_register;
cc->gdb_stop_before_watchpoint = true;
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 17/18] accel/tcg: Introduce tb_pc and log_pc
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (15 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 16/18] hw/core: Add CPUClass.get_pc Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-09-30 21:26 ` [PATCH v6 18/18] accel/tcg: Introduce TARGET_TB_PCREL Richard Henderson
` (2 subsequent siblings)
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee
The availability of tb->pc will shortly be conditional.
Introduce accessor functions to minimize ifdefs.
Pass around a known pc to places like tcg_gen_code,
where the caller must already have the value.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/internal.h | 6 ++++
include/exec/exec-all.h | 6 ++++
include/tcg/tcg.h | 2 +-
accel/tcg/cpu-exec.c | 46 ++++++++++++++-----------
accel/tcg/translate-all.c | 37 +++++++++++---------
target/arm/cpu.c | 4 +--
target/avr/cpu.c | 2 +-
target/hexagon/cpu.c | 2 +-
target/hppa/cpu.c | 4 +--
target/i386/tcg/tcg-cpu.c | 2 +-
target/loongarch/cpu.c | 2 +-
target/microblaze/cpu.c | 2 +-
target/mips/tcg/exception.c | 2 +-
target/mips/tcg/sysemu/special_helper.c | 2 +-
target/openrisc/cpu.c | 2 +-
target/riscv/cpu.c | 4 +--
target/rx/cpu.c | 2 +-
target/sh4/cpu.c | 4 +--
target/sparc/cpu.c | 2 +-
target/tricore/cpu.c | 2 +-
tcg/tcg.c | 8 ++---
21 files changed, 82 insertions(+), 61 deletions(-)
diff --git a/accel/tcg/internal.h b/accel/tcg/internal.h
index 3092bfa964..a3875a3b5a 100644
--- a/accel/tcg/internal.h
+++ b/accel/tcg/internal.h
@@ -18,4 +18,10 @@ G_NORETURN void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr);
void page_init(void);
void tb_htable_init(void);
+/* Return the current PC from CPU, which may be cached in TB. */
+static inline target_ulong log_pc(CPUState *cpu, const TranslationBlock *tb)
+{
+ return tb_pc(tb);
+}
+
#endif /* ACCEL_TCG_INTERNAL_H */
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index b1b920a713..7ea6026ba9 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -570,6 +570,12 @@ struct TranslationBlock {
uintptr_t jmp_dest[2];
};
+/* Hide the read to avoid ifdefs for TARGET_TB_PCREL. */
+static inline target_ulong tb_pc(const TranslationBlock *tb)
+{
+ return tb->pc;
+}
+
/* Hide the qatomic_read to make code a little easier on the eyes */
static inline uint32_t tb_cflags(const TranslationBlock *tb)
{
diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index 26a70526f1..d84bae6e3f 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -840,7 +840,7 @@ void tcg_register_thread(void);
void tcg_prologue_init(TCGContext *s);
void tcg_func_start(TCGContext *s);
-int tcg_gen_code(TCGContext *s, TranslationBlock *tb);
+int tcg_gen_code(TCGContext *s, TranslationBlock *tb, target_ulong pc_start);
void tcg_set_frame(TCGContext *s, TCGReg reg, intptr_t start, intptr_t size);
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 2d7e610ee2..8b3f8435fb 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -186,7 +186,7 @@ static bool tb_lookup_cmp(const void *p, const void *d)
const TranslationBlock *tb = p;
const struct tb_desc *desc = d;
- if (tb->pc == desc->pc &&
+ if (tb_pc(tb) == desc->pc &&
tb->page_addr[0] == desc->page_addr0 &&
tb->cs_base == desc->cs_base &&
tb->flags == desc->flags &&
@@ -271,12 +271,10 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
return tb;
}
-static inline void log_cpu_exec(target_ulong pc, CPUState *cpu,
- const TranslationBlock *tb)
+static void log_cpu_exec(target_ulong pc, CPUState *cpu,
+ const TranslationBlock *tb)
{
- if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_CPU | CPU_LOG_EXEC))
- && qemu_log_in_addr_range(pc)) {
-
+ if (qemu_log_in_addr_range(pc)) {
qemu_log_mask(CPU_LOG_EXEC,
"Trace %d: %p [" TARGET_FMT_lx
"/" TARGET_FMT_lx "/%08x/%08x] %s\n",
@@ -400,7 +398,9 @@ const void *HELPER(lookup_tb_ptr)(CPUArchState *env)
return tcg_code_gen_epilogue;
}
- log_cpu_exec(pc, cpu, tb);
+ if (qemu_loglevel_mask(CPU_LOG_TB_CPU | CPU_LOG_EXEC)) {
+ log_cpu_exec(pc, cpu, tb);
+ }
return tb->tc.ptr;
}
@@ -423,7 +423,9 @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int *tb_exit)
TranslationBlock *last_tb;
const void *tb_ptr = itb->tc.ptr;
- log_cpu_exec(itb->pc, cpu, itb);
+ if (qemu_loglevel_mask(CPU_LOG_TB_CPU | CPU_LOG_EXEC)) {
+ log_cpu_exec(log_pc(cpu, itb), cpu, itb);
+ }
qemu_thread_jit_execute();
ret = tcg_qemu_tb_exec(env, tb_ptr);
@@ -447,16 +449,20 @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int *tb_exit)
* of the start of the TB.
*/
CPUClass *cc = CPU_GET_CLASS(cpu);
- qemu_log_mask_and_addr(CPU_LOG_EXEC, last_tb->pc,
- "Stopped execution of TB chain before %p ["
- TARGET_FMT_lx "] %s\n",
- last_tb->tc.ptr, last_tb->pc,
- lookup_symbol(last_tb->pc));
+
if (cc->tcg_ops->synchronize_from_tb) {
cc->tcg_ops->synchronize_from_tb(cpu, last_tb);
} else {
assert(cc->set_pc);
- cc->set_pc(cpu, last_tb->pc);
+ cc->set_pc(cpu, tb_pc(last_tb));
+ }
+ if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
+ target_ulong pc = log_pc(cpu, last_tb);
+ if (qemu_log_in_addr_range(pc)) {
+ qemu_log("Stopped execution of TB chain before %p ["
+ TARGET_FMT_lx "] %s\n",
+ last_tb->tc.ptr, pc, lookup_symbol(pc));
+ }
}
}
@@ -598,11 +604,8 @@ static inline void tb_add_jump(TranslationBlock *tb, int n,
qemu_spin_unlock(&tb_next->jmp_lock);
- qemu_log_mask_and_addr(CPU_LOG_EXEC, tb->pc,
- "Linking TBs %p [" TARGET_FMT_lx
- "] index %d -> %p [" TARGET_FMT_lx "]\n",
- tb->tc.ptr, tb->pc, n,
- tb_next->tc.ptr, tb_next->pc);
+ qemu_log_mask(CPU_LOG_EXEC, "Linking TBs %p index %d -> %p\n",
+ tb->tc.ptr, n, tb_next->tc.ptr);
return;
out_unlock_next:
@@ -848,11 +851,12 @@ static inline bool cpu_handle_interrupt(CPUState *cpu,
}
static inline void cpu_loop_exec_tb(CPUState *cpu, TranslationBlock *tb,
+ target_ulong pc,
TranslationBlock **last_tb, int *tb_exit)
{
int32_t insns_left;
- trace_exec_tb(tb, tb->pc);
+ trace_exec_tb(tb, pc);
tb = cpu_tb_exec(cpu, tb, tb_exit);
if (*tb_exit != TB_EXIT_REQUESTED) {
*last_tb = tb;
@@ -1017,7 +1021,7 @@ int cpu_exec(CPUState *cpu)
tb_add_jump(last_tb, tb_exit, tb);
}
- cpu_loop_exec_tb(cpu, tb, &last_tb, &tb_exit);
+ cpu_loop_exec_tb(cpu, tb, pc, &last_tb, &tb_exit);
/* Try to align the host and virtual clocks
if the guest is in advance */
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 63ecc15236..13c964dcd8 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -299,7 +299,7 @@ static int encode_search(TranslationBlock *tb, uint8_t *block)
for (j = 0; j < TARGET_INSN_START_WORDS; ++j) {
if (i == 0) {
- prev = (j == 0 ? tb->pc : 0);
+ prev = (j == 0 ? tb_pc(tb) : 0);
} else {
prev = tcg_ctx->gen_insn_data[i - 1][j];
}
@@ -327,7 +327,7 @@ static int encode_search(TranslationBlock *tb, uint8_t *block)
static int cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
uintptr_t searched_pc, bool reset_icount)
{
- target_ulong data[TARGET_INSN_START_WORDS] = { tb->pc };
+ target_ulong data[TARGET_INSN_START_WORDS] = { tb_pc(tb) };
uintptr_t host_pc = (uintptr_t)tb->tc.ptr;
CPUArchState *env = cpu->env_ptr;
const uint8_t *p = tb->tc.ptr + tb->tc.size;
@@ -885,7 +885,7 @@ static bool tb_cmp(const void *ap, const void *bp)
const TranslationBlock *a = ap;
const TranslationBlock *b = bp;
- return a->pc == b->pc &&
+ return tb_pc(a) == tb_pc(b) &&
a->cs_base == b->cs_base &&
a->flags == b->flags &&
(tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
@@ -1013,9 +1013,10 @@ static void do_tb_invalidate_check(void *p, uint32_t hash, void *userp)
TranslationBlock *tb = p;
target_ulong addr = *(target_ulong *)userp;
- if (!(addr + TARGET_PAGE_SIZE <= tb->pc || addr >= tb->pc + tb->size)) {
+ if (!(addr + TARGET_PAGE_SIZE <= tb_pc(tb) ||
+ addr >= tb_pc(tb) + tb->size)) {
printf("ERROR invalidate: address=" TARGET_FMT_lx
- " PC=%08lx size=%04x\n", addr, (long)tb->pc, tb->size);
+ " PC=%08lx size=%04x\n", addr, (long)tb_pc(tb), tb->size);
}
}
@@ -1034,11 +1035,11 @@ static void do_tb_page_check(void *p, uint32_t hash, void *userp)
TranslationBlock *tb = p;
int flags1, flags2;
- flags1 = page_get_flags(tb->pc);
- flags2 = page_get_flags(tb->pc + tb->size - 1);
+ flags1 = page_get_flags(tb_pc(tb));
+ flags2 = page_get_flags(tb_pc(tb) + tb->size - 1);
if ((flags1 & PAGE_WRITE) || (flags2 & PAGE_WRITE)) {
printf("ERROR page flags: PC=%08lx size=%04x f1=%x f2=%x\n",
- (long)tb->pc, tb->size, flags1, flags2);
+ (long)tb_pc(tb), tb->size, flags1, flags2);
}
}
@@ -1169,7 +1170,7 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
/* remove the TB from the hash list */
phys_pc = tb->page_addr[0];
- h = tb_hash_func(phys_pc, tb->pc, tb->flags, orig_cflags,
+ h = tb_hash_func(phys_pc, tb_pc(tb), tb->flags, orig_cflags,
tb->trace_vcpu_dstate);
if (!qht_remove(&tb_ctx.htable, tb, h)) {
return;
@@ -1301,7 +1302,7 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
}
/* add in the hash table */
- h = tb_hash_func(phys_pc, tb->pc, tb->flags, tb->cflags,
+ h = tb_hash_func(phys_pc, tb_pc(tb), tb->flags, tb->cflags,
tb->trace_vcpu_dstate);
qht_insert(&tb_ctx.htable, tb, h, &existing_tb);
@@ -1401,7 +1402,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
tcg_ctx->cpu = NULL;
max_insns = tb->icount;
- trace_translate_block(tb, tb->pc, tb->tc.ptr);
+ trace_translate_block(tb, pc, tb->tc.ptr);
/* generate machine code */
tb->jmp_reset_offset[0] = TB_JMP_RESET_OFFSET_INVALID;
@@ -1422,7 +1423,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
ti = profile_getclock();
#endif
- gen_code_size = tcg_gen_code(tcg_ctx, tb);
+ gen_code_size = tcg_gen_code(tcg_ctx, tb, pc);
if (unlikely(gen_code_size < 0)) {
error_return:
switch (gen_code_size) {
@@ -1478,7 +1479,7 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
#ifdef DEBUG_DISAS
if (qemu_loglevel_mask(CPU_LOG_TB_OUT_ASM) &&
- qemu_log_in_addr_range(tb->pc)) {
+ qemu_log_in_addr_range(pc)) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
int code_size, data_size;
@@ -1918,9 +1919,13 @@ void cpu_io_recompile(CPUState *cpu, uintptr_t retaddr)
*/
cpu->cflags_next_tb = curr_cflags(cpu) | CF_MEMI_ONLY | CF_LAST_IO | n;
- qemu_log_mask_and_addr(CPU_LOG_EXEC, tb->pc,
- "cpu_io_recompile: rewound execution of TB to "
- TARGET_FMT_lx "\n", tb->pc);
+ if (qemu_loglevel_mask(CPU_LOG_EXEC)) {
+ target_ulong pc = log_pc(cpu, tb);
+ if (qemu_log_in_addr_range(pc)) {
+ qemu_log("cpu_io_recompile: rewound execution of TB to "
+ TARGET_FMT_lx "\n", pc);
+ }
+ }
cpu_loop_exit_noexc(cpu);
}
diff --git a/target/arm/cpu.c b/target/arm/cpu.c
index fa67ba6647..94ca6f163f 100644
--- a/target/arm/cpu.c
+++ b/target/arm/cpu.c
@@ -84,9 +84,9 @@ void arm_cpu_synchronize_from_tb(CPUState *cs,
* never possible for an AArch64 TB to chain to an AArch32 TB.
*/
if (is_a64(env)) {
- env->pc = tb->pc;
+ env->pc = tb_pc(tb);
} else {
- env->regs[15] = tb->pc;
+ env->regs[15] = tb_pc(tb);
}
}
#endif /* CONFIG_TCG */
diff --git a/target/avr/cpu.c b/target/avr/cpu.c
index 6900444d03..0d2861179d 100644
--- a/target/avr/cpu.c
+++ b/target/avr/cpu.c
@@ -54,7 +54,7 @@ static void avr_cpu_synchronize_from_tb(CPUState *cs,
AVRCPU *cpu = AVR_CPU(cs);
CPUAVRState *env = &cpu->env;
- env->pc_w = tb->pc / 2; /* internally PC points to words */
+ env->pc_w = tb_pc(tb) / 2; /* internally PC points to words */
}
static void avr_cpu_reset(DeviceState *ds)
diff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c
index 04a497db5e..fa6d722555 100644
--- a/target/hexagon/cpu.c
+++ b/target/hexagon/cpu.c
@@ -263,7 +263,7 @@ static void hexagon_cpu_synchronize_from_tb(CPUState *cs,
{
HexagonCPU *cpu = HEXAGON_CPU(cs);
CPUHexagonState *env = &cpu->env;
- env->gpr[HEX_REG_PC] = tb->pc;
+ env->gpr[HEX_REG_PC] = tb_pc(tb);
}
static bool hexagon_cpu_has_work(CPUState *cs)
diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
index e25d3db6d5..e677ca09d4 100644
--- a/target/hppa/cpu.c
+++ b/target/hppa/cpu.c
@@ -49,7 +49,7 @@ static void hppa_cpu_synchronize_from_tb(CPUState *cs,
HPPACPU *cpu = HPPA_CPU(cs);
#ifdef CONFIG_USER_ONLY
- cpu->env.iaoq_f = tb->pc;
+ cpu->env.iaoq_f = tb_pc(tb);
cpu->env.iaoq_b = tb->cs_base;
#else
/* Recover the IAOQ values from the GVA + PRIV. */
@@ -59,7 +59,7 @@ static void hppa_cpu_synchronize_from_tb(CPUState *cs,
int32_t diff = cs_base;
cpu->env.iasq_f = iasq_f;
- cpu->env.iaoq_f = (tb->pc & ~iasq_f) + priv;
+ cpu->env.iaoq_f = (tb_pc(tb) & ~iasq_f) + priv;
if (diff) {
cpu->env.iaoq_b = cpu->env.iaoq_f + diff;
}
diff --git a/target/i386/tcg/tcg-cpu.c b/target/i386/tcg/tcg-cpu.c
index d3c2b8fb49..6cf14c83ff 100644
--- a/target/i386/tcg/tcg-cpu.c
+++ b/target/i386/tcg/tcg-cpu.c
@@ -51,7 +51,7 @@ static void x86_cpu_synchronize_from_tb(CPUState *cs,
{
X86CPU *cpu = X86_CPU(cs);
- cpu->env.eip = tb->pc - tb->cs_base;
+ cpu->env.eip = tb_pc(tb) - tb->cs_base;
}
#ifndef CONFIG_USER_ONLY
diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
index 20a92ea56c..1722ed2a4d 100644
--- a/target/loongarch/cpu.c
+++ b/target/loongarch/cpu.c
@@ -317,7 +317,7 @@ static void loongarch_cpu_synchronize_from_tb(CPUState *cs,
LoongArchCPU *cpu = LOONGARCH_CPU(cs);
CPULoongArchState *env = &cpu->env;
- env->pc = tb->pc;
+ env->pc = tb_pc(tb);
}
#endif /* CONFIG_TCG */
diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
index 73af51769e..c10b8ac029 100644
--- a/target/microblaze/cpu.c
+++ b/target/microblaze/cpu.c
@@ -96,7 +96,7 @@ static void mb_cpu_synchronize_from_tb(CPUState *cs,
{
MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
cpu->env.iflags = tb->flags & IFLAGS_TB_MASK;
}
diff --git a/target/mips/tcg/exception.c b/target/mips/tcg/exception.c
index 2bd77a61de..96e61170e6 100644
--- a/target/mips/tcg/exception.c
+++ b/target/mips/tcg/exception.c
@@ -82,7 +82,7 @@ void mips_cpu_synchronize_from_tb(CPUState *cs, const TranslationBlock *tb)
MIPSCPU *cpu = MIPS_CPU(cs);
CPUMIPSState *env = &cpu->env;
- env->active_tc.PC = tb->pc;
+ env->active_tc.PC = tb_pc(tb);
env->hflags &= ~MIPS_HFLAG_BMASK;
env->hflags |= tb->flags & MIPS_HFLAG_BMASK;
}
diff --git a/target/mips/tcg/sysemu/special_helper.c b/target/mips/tcg/sysemu/special_helper.c
index f4f8fe8afc..3c5f35c759 100644
--- a/target/mips/tcg/sysemu/special_helper.c
+++ b/target/mips/tcg/sysemu/special_helper.c
@@ -94,7 +94,7 @@ bool mips_io_recompile_replay_branch(CPUState *cs, const TranslationBlock *tb)
CPUMIPSState *env = &cpu->env;
if ((env->hflags & MIPS_HFLAG_BMASK) != 0
- && env->active_tc.PC != tb->pc) {
+ && env->active_tc.PC != tb_pc(tb)) {
env->active_tc.PC -= (env->hflags & MIPS_HFLAG_B16 ? 2 : 4);
env->hflags &= ~MIPS_HFLAG_BMASK;
return true;
diff --git a/target/openrisc/cpu.c b/target/openrisc/cpu.c
index 33cf717210..f6fd437785 100644
--- a/target/openrisc/cpu.c
+++ b/target/openrisc/cpu.c
@@ -43,7 +43,7 @@ static void openrisc_cpu_synchronize_from_tb(CPUState *cs,
{
OpenRISCCPU *cpu = OPENRISC_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
}
diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
index 6ca05c6eaf..e6d9c706bb 100644
--- a/target/riscv/cpu.c
+++ b/target/riscv/cpu.c
@@ -482,9 +482,9 @@ static void riscv_cpu_synchronize_from_tb(CPUState *cs,
RISCVMXL xl = FIELD_EX32(tb->flags, TB_FLAGS, XL);
if (xl == MXL_RV32) {
- env->pc = (int32_t)tb->pc;
+ env->pc = (int32_t)tb_pc(tb);
} else {
- env->pc = tb->pc;
+ env->pc = tb_pc(tb);
}
}
diff --git a/target/rx/cpu.c b/target/rx/cpu.c
index 134b4b6bb6..2f28099723 100644
--- a/target/rx/cpu.c
+++ b/target/rx/cpu.c
@@ -44,7 +44,7 @@ static void rx_cpu_synchronize_from_tb(CPUState *cs,
{
RXCPU *cpu = RX_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
}
static bool rx_cpu_has_work(CPUState *cs)
diff --git a/target/sh4/cpu.c b/target/sh4/cpu.c
index 4bafbf8596..a65a66de43 100644
--- a/target/sh4/cpu.c
+++ b/target/sh4/cpu.c
@@ -46,7 +46,7 @@ static void superh_cpu_synchronize_from_tb(CPUState *cs,
{
SuperHCPU *cpu = SUPERH_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
cpu->env.flags = tb->flags & TB_FLAG_ENVFLAGS_MASK;
}
@@ -58,7 +58,7 @@ static bool superh_io_recompile_replay_branch(CPUState *cs,
CPUSH4State *env = &cpu->env;
if ((env->flags & ((DELAY_SLOT | DELAY_SLOT_CONDITIONAL))) != 0
- && env->pc != tb->pc) {
+ && env->pc != tb_pc(tb)) {
env->pc -= 2;
env->flags &= ~(DELAY_SLOT | DELAY_SLOT_CONDITIONAL);
return true;
diff --git a/target/sparc/cpu.c b/target/sparc/cpu.c
index 1b2afb0cb8..1f9ef7afd8 100644
--- a/target/sparc/cpu.c
+++ b/target/sparc/cpu.c
@@ -705,7 +705,7 @@ static void sparc_cpu_synchronize_from_tb(CPUState *cs,
{
SPARCCPU *cpu = SPARC_CPU(cs);
- cpu->env.pc = tb->pc;
+ cpu->env.pc = tb_pc(tb);
cpu->env.npc = tb->cs_base;
}
diff --git a/target/tricore/cpu.c b/target/tricore/cpu.c
index 91b16bdefc..ab7a1e3a6d 100644
--- a/target/tricore/cpu.c
+++ b/target/tricore/cpu.c
@@ -55,7 +55,7 @@ static void tricore_cpu_synchronize_from_tb(CPUState *cs,
TriCoreCPU *cpu = TRICORE_CPU(cs);
CPUTriCoreState *env = &cpu->env;
- env->PC = tb->pc;
+ env->PC = tb_pc(tb);
}
static void tricore_cpu_reset(DeviceState *dev)
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 0f9cfe96f2..612a12f58f 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -4188,7 +4188,7 @@ int64_t tcg_cpu_exec_time(void)
#endif
-int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
+int tcg_gen_code(TCGContext *s, TranslationBlock *tb, target_ulong pc_start)
{
#ifdef CONFIG_PROFILER
TCGProfile *prof = &s->prof;
@@ -4218,7 +4218,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
#ifdef DEBUG_DISAS
if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP)
- && qemu_log_in_addr_range(tb->pc))) {
+ && qemu_log_in_addr_range(pc_start))) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
fprintf(logfile, "OP:\n");
@@ -4265,7 +4265,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
if (s->nb_indirects > 0) {
#ifdef DEBUG_DISAS
if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP_IND)
- && qemu_log_in_addr_range(tb->pc))) {
+ && qemu_log_in_addr_range(pc_start))) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
fprintf(logfile, "OP before indirect lowering:\n");
@@ -4288,7 +4288,7 @@ int tcg_gen_code(TCGContext *s, TranslationBlock *tb)
#ifdef DEBUG_DISAS
if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP_OPT)
- && qemu_log_in_addr_range(tb->pc))) {
+ && qemu_log_in_addr_range(pc_start))) {
FILE *logfile = qemu_log_trylock();
if (logfile) {
fprintf(logfile, "OP after optimization and liveness analysis:\n");
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* [PATCH v6 18/18] accel/tcg: Introduce TARGET_TB_PCREL
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (16 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 17/18] accel/tcg: Introduce tb_pc and log_pc Richard Henderson
@ 2022-09-30 21:26 ` Richard Henderson
2022-10-03 13:46 ` Alex Bennée
2022-09-30 21:29 ` [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
2022-10-03 16:22 ` Alex Bennée
19 siblings, 1 reply; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:26 UTC (permalink / raw)
To: qemu-devel; +Cc: peter.maydell, alex.bennee
Prepare for targets to be able to produce TBs that can
run in more than one virtual context.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/internal.h | 4 +++
accel/tcg/tb-jmp-cache.h | 5 ++++
include/exec/cpu-defs.h | 3 +++
include/exec/exec-all.h | 32 ++++++++++++++++++++--
accel/tcg/cpu-exec.c | 56 +++++++++++++++++++++++++++++++--------
accel/tcg/translate-all.c | 50 +++++++++++++++++++++-------------
6 files changed, 119 insertions(+), 31 deletions(-)
diff --git a/accel/tcg/internal.h b/accel/tcg/internal.h
index a3875a3b5a..dc800fd485 100644
--- a/accel/tcg/internal.h
+++ b/accel/tcg/internal.h
@@ -21,7 +21,11 @@ void tb_htable_init(void);
/* Return the current PC from CPU, which may be cached in TB. */
static inline target_ulong log_pc(CPUState *cpu, const TranslationBlock *tb)
{
+#if TARGET_TB_PCREL
+ return cpu->cc->get_pc(cpu);
+#else
return tb_pc(tb);
+#endif
}
#endif /* ACCEL_TCG_INTERNAL_H */
diff --git a/accel/tcg/tb-jmp-cache.h b/accel/tcg/tb-jmp-cache.h
index 2d8fbb1bfe..a7288150bc 100644
--- a/accel/tcg/tb-jmp-cache.h
+++ b/accel/tcg/tb-jmp-cache.h
@@ -14,10 +14,15 @@
/*
* Accessed in parallel; all accesses to 'tb' must be atomic.
+ * For TARGET_TB_PCREL, accesses to 'pc' must be protected by
+ * a load_acquire/store_release to 'tb'.
*/
struct CPUJumpCache {
struct {
TranslationBlock *tb;
+#if TARGET_TB_PCREL
+ target_ulong pc;
+#endif
} array[TB_JMP_CACHE_SIZE];
};
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index 67239b4e5e..21309cf567 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -54,6 +54,9 @@
# error TARGET_PAGE_BITS must be defined in cpu-param.h
# endif
#endif
+#ifndef TARGET_TB_PCREL
+# define TARGET_TB_PCREL 0
+#endif
#define TARGET_LONG_SIZE (TARGET_LONG_BITS / 8)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 7ea6026ba9..e5f8b224a5 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -496,8 +496,32 @@ struct tb_tc {
};
struct TranslationBlock {
- target_ulong pc; /* simulated PC corresponding to this block (EIP + CS base) */
- target_ulong cs_base; /* CS base for this block */
+#if !TARGET_TB_PCREL
+ /*
+ * Guest PC corresponding to this block. This must be the true
+ * virtual address. Therefore e.g. x86 stores EIP + CS_BASE, and
+ * targets like Arm, MIPS, HP-PA, which reuse low bits for ISA or
+ * privilege, must store those bits elsewhere.
+ *
+ * If TARGET_TB_PCREL, the opcodes for the TranslationBlock are
+ * written such that the TB is associated only with the physical
+ * page and may be run in any virtual address context. In this case,
+ * PC must always be taken from ENV in a target-specific manner.
+ * Unwind information is taken as offsets from the page, to be
+ * deposited into the "current" PC.
+ */
+ target_ulong pc;
+#endif
+
+ /*
+ * Target-specific data associated with the TranslationBlock, e.g.:
+ * x86: the original user, the Code Segment virtual base,
+ * arm: an extension of tb->flags,
+ * s390x: instruction data for EXECUTE,
+ * sparc: the next pc of the instruction queue (for delay slots).
+ */
+ target_ulong cs_base;
+
uint32_t flags; /* flags defining in which context the code was generated */
uint32_t cflags; /* compile flags */
@@ -573,7 +597,11 @@ struct TranslationBlock {
/* Hide the read to avoid ifdefs for TARGET_TB_PCREL. */
static inline target_ulong tb_pc(const TranslationBlock *tb)
{
+#if TARGET_TB_PCREL
+ qemu_build_not_reached();
+#else
return tb->pc;
+#endif
}
/* Hide the qatomic_read to make code a little easier on the eyes */
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 8b3f8435fb..acb5646b03 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -186,7 +186,7 @@ static bool tb_lookup_cmp(const void *p, const void *d)
const TranslationBlock *tb = p;
const struct tb_desc *desc = d;
- if (tb_pc(tb) == desc->pc &&
+ if ((TARGET_TB_PCREL || tb_pc(tb) == desc->pc) &&
tb->page_addr[0] == desc->page_addr0 &&
tb->cs_base == desc->cs_base &&
tb->flags == desc->flags &&
@@ -237,7 +237,8 @@ static TranslationBlock *tb_htable_lookup(CPUState *cpu, target_ulong pc,
return NULL;
}
desc.page_addr0 = phys_pc;
- h = tb_hash_func(phys_pc, pc, flags, cflags, *cpu->trace_dstate);
+ h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : pc),
+ flags, cflags, *cpu->trace_dstate);
return qht_lookup_custom(&tb_ctx.htable, &desc, h, tb_lookup_cmp);
}
@@ -247,27 +248,52 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
uint32_t flags, uint32_t cflags)
{
TranslationBlock *tb;
+ CPUJumpCache *jc;
uint32_t hash;
/* we should never be trying to look up an INVALID tb */
tcg_debug_assert(!(cflags & CF_INVALID));
hash = tb_jmp_cache_hash_func(pc);
- tb = qatomic_rcu_read(&cpu->tb_jmp_cache->array[hash].tb);
+ jc = cpu->tb_jmp_cache;
+#if TARGET_TB_PCREL
+ /* Use acquire to ensure current load of pc from jc. */
+ tb = qatomic_load_acquire(&jc->array[hash].tb);
+#else
+ /* Use rcu_read to ensure current load of pc from *tb. */
+ tb = qatomic_rcu_read(&jc->array[hash].tb);
+#endif
- if (likely(tb &&
- tb->pc == pc &&
- tb->cs_base == cs_base &&
- tb->flags == flags &&
- tb->trace_vcpu_dstate == *cpu->trace_dstate &&
- tb_cflags(tb) == cflags)) {
- return tb;
+ if (likely(tb)) {
+ target_ulong jmp_pc;
+
+#if TARGET_TB_PCREL
+ jmp_pc = jc->array[hash].pc;
+#else
+ jmp_pc = tb_pc(tb);
+#endif
+ if (jmp_pc == pc &&
+ tb->cs_base == cs_base &&
+ tb->flags == flags &&
+ tb->trace_vcpu_dstate == *cpu->trace_dstate &&
+ tb_cflags(tb) == cflags) {
+ return tb;
+ }
}
+
tb = tb_htable_lookup(cpu, pc, cs_base, flags, cflags);
if (tb == NULL) {
return NULL;
}
- qatomic_set(&cpu->tb_jmp_cache->array[hash].tb, tb);
+
+#if TARGET_TB_PCREL
+ jc->array[hash].pc = pc;
+ /* Use store_release on tb to ensure pc is written first. */
+ qatomic_store_release(&jc->array[hash].tb, tb);
+#else
+ qatomic_set(&jc->array[hash].tb, tb);
+#endif
+
return tb;
}
@@ -453,6 +479,7 @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int *tb_exit)
if (cc->tcg_ops->synchronize_from_tb) {
cc->tcg_ops->synchronize_from_tb(cpu, last_tb);
} else {
+ assert(!TARGET_TB_PCREL);
assert(cc->set_pc);
cc->set_pc(cpu, tb_pc(last_tb));
}
@@ -1002,7 +1029,14 @@ int cpu_exec(CPUState *cpu)
* for the fast lookup
*/
h = tb_jmp_cache_hash_func(pc);
+
+#if TARGET_TB_PCREL
+ cpu->tb_jmp_cache->array[h].pc = pc;
+ /* Use store_release on tb to ensure pc is current. */
+ qatomic_store_release(&cpu->tb_jmp_cache->array[h].tb, tb);
+#else
qatomic_set(&cpu->tb_jmp_cache->array[h].tb, tb);
+#endif
}
#ifndef CONFIG_USER_ONLY
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 13c964dcd8..776ac9efe4 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -299,7 +299,7 @@ static int encode_search(TranslationBlock *tb, uint8_t *block)
for (j = 0; j < TARGET_INSN_START_WORDS; ++j) {
if (i == 0) {
- prev = (j == 0 ? tb_pc(tb) : 0);
+ prev = (!TARGET_TB_PCREL && j == 0 ? tb_pc(tb) : 0);
} else {
prev = tcg_ctx->gen_insn_data[i - 1][j];
}
@@ -327,7 +327,7 @@ static int encode_search(TranslationBlock *tb, uint8_t *block)
static int cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
uintptr_t searched_pc, bool reset_icount)
{
- target_ulong data[TARGET_INSN_START_WORDS] = { tb_pc(tb) };
+ target_ulong data[TARGET_INSN_START_WORDS];
uintptr_t host_pc = (uintptr_t)tb->tc.ptr;
CPUArchState *env = cpu->env_ptr;
const uint8_t *p = tb->tc.ptr + tb->tc.size;
@@ -343,6 +343,11 @@ static int cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
return -1;
}
+ memset(data, 0, sizeof(data));
+ if (!TARGET_TB_PCREL) {
+ data[0] = tb_pc(tb);
+ }
+
/* Reconstruct the stored insn data while looking for the point at
which the end of the insn exceeds the searched_pc. */
for (i = 0; i < num_insns; ++i) {
@@ -885,13 +890,13 @@ static bool tb_cmp(const void *ap, const void *bp)
const TranslationBlock *a = ap;
const TranslationBlock *b = bp;
- return tb_pc(a) == tb_pc(b) &&
- a->cs_base == b->cs_base &&
- a->flags == b->flags &&
- (tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
- a->trace_vcpu_dstate == b->trace_vcpu_dstate &&
- a->page_addr[0] == b->page_addr[0] &&
- a->page_addr[1] == b->page_addr[1];
+ return ((TARGET_TB_PCREL || tb_pc(a) == tb_pc(b)) &&
+ a->cs_base == b->cs_base &&
+ a->flags == b->flags &&
+ (tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
+ a->trace_vcpu_dstate == b->trace_vcpu_dstate &&
+ a->page_addr[0] == b->page_addr[0] &&
+ a->page_addr[1] == b->page_addr[1]);
}
void tb_htable_init(void)
@@ -1170,8 +1175,8 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
/* remove the TB from the hash list */
phys_pc = tb->page_addr[0];
- h = tb_hash_func(phys_pc, tb_pc(tb), tb->flags, orig_cflags,
- tb->trace_vcpu_dstate);
+ h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : tb_pc(tb)),
+ tb->flags, orig_cflags, tb->trace_vcpu_dstate);
if (!qht_remove(&tb_ctx.htable, tb, h)) {
return;
}
@@ -1187,11 +1192,18 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
}
/* remove the TB from the hash list */
- h = tb_jmp_cache_hash_func(tb->pc);
- CPU_FOREACH(cpu) {
- CPUJumpCache *jc = cpu->tb_jmp_cache;
- if (qatomic_read(&jc->array[h].tb) == tb) {
- qatomic_set(&jc->array[h].tb, NULL);
+ if (TARGET_TB_PCREL) {
+ /* A TB may be at any virtual address */
+ CPU_FOREACH(cpu) {
+ tcg_flush_jmp_cache(cpu);
+ }
+ } else {
+ h = tb_jmp_cache_hash_func(tb_pc(tb));
+ CPU_FOREACH(cpu) {
+ CPUJumpCache *jc = cpu->tb_jmp_cache;
+ if (qatomic_read(&jc->array[h].tb) == tb) {
+ qatomic_set(&jc->array[h].tb, NULL);
+ }
}
}
@@ -1302,8 +1314,8 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
}
/* add in the hash table */
- h = tb_hash_func(phys_pc, tb_pc(tb), tb->flags, tb->cflags,
- tb->trace_vcpu_dstate);
+ h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : tb_pc(tb)),
+ tb->flags, tb->cflags, tb->trace_vcpu_dstate);
qht_insert(&tb_ctx.htable, tb, h, &existing_tb);
/* remove TB from the page(s) if we couldn't insert it */
@@ -1373,7 +1385,9 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
gen_code_buf = tcg_ctx->code_gen_ptr;
tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf);
+#if !TARGET_TB_PCREL
tb->pc = pc;
+#endif
tb->cs_base = cs_base;
tb->flags = flags;
tb->cflags = cflags;
--
2.34.1
^ permalink raw reply related [flat|nested] 30+ messages in thread
* Re: [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (17 preceding siblings ...)
2022-09-30 21:26 ` [PATCH v6 18/18] accel/tcg: Introduce TARGET_TB_PCREL Richard Henderson
@ 2022-09-30 21:29 ` Richard Henderson
2022-10-03 16:22 ` Alex Bennée
19 siblings, 0 replies; 30+ messages in thread
From: Richard Henderson @ 2022-09-30 21:29 UTC (permalink / raw)
To: qemu-devel; +Cc: Peter Maydell, Alex Bennée
Good grief: typo in the cc list, twice.
You'd think I'd know where I work by now...
r~
On 9/30/22 14:26, Richard Henderson wrote:
> Changes for v6:
> * CPUTLBEntryFull is now completely reviewed.
>
> * Incorporated the CPUClass caching patches,
> as I will add a new use of the cached value.
>
> * Move CPUJumpCache out of include/hw/core.h. While looking at
> Alex's review of the patch, I realized that adding the virtual
> pc value unconditionally would consume 64kB per cpu on targets
> that do not require it. Further, making it dynamically allocated
> (a consequence of core.h not having the structure definition to
> add to CPUState), means that we save 64kB per cpu when running
> with hardware virtualization (kvm, xen, etc).
>
> * Add CPUClass.get_pc, so that we can always use or filter on the
> virtual address when logging.
>
> Patches needing review:
>
> 13-accel-tcg-Do-not-align-tb-page_addr-0.patch
> 14-accel-tcg-Inline-tb_flush_jmp_cache.patch (new)
> 16-hw-core-Add-CPUClass.get_pc.patch (new)
> 17-accel-tcg-Introduce-tb_pc-and-log_pc.patch (mostly new)
> 18-accel-tcg-Introduce-TARGET_TB_PCREL.patch
>
>
> r~
>
>
> Alex Bennée (3):
> cpu: cache CPUClass in CPUState for hot code paths
> hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs
> cputlb: used cached CPUClass in our hot-paths
>
> Richard Henderson (15):
> accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull
> accel/tcg: Drop addr member from SavedIOTLB
> accel/tcg: Suppress auto-invalidate in probe_access_internal
> accel/tcg: Introduce probe_access_full
> accel/tcg: Introduce tlb_set_page_full
> include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA
> accel/tcg: Remove PageDesc code_bitmap
> accel/tcg: Use bool for page_find_alloc
> accel/tcg: Use DisasContextBase in plugin_gen_tb_start
> accel/tcg: Do not align tb->page_addr[0]
> accel/tcg: Inline tb_flush_jmp_cache
> include/hw/core: Create struct CPUJumpCache
> hw/core: Add CPUClass.get_pc
> accel/tcg: Introduce tb_pc and log_pc
> accel/tcg: Introduce TARGET_TB_PCREL
>
> accel/tcg/internal.h | 10 +
> accel/tcg/tb-hash.h | 1 +
> accel/tcg/tb-jmp-cache.h | 29 +++
> include/exec/cpu-common.h | 1 +
> include/exec/cpu-defs.h | 48 ++++-
> include/exec/exec-all.h | 75 ++++++-
> include/exec/plugin-gen.h | 7 +-
> include/hw/core/cpu.h | 28 ++-
> include/qemu/typedefs.h | 1 +
> include/tcg/tcg.h | 2 +-
> accel/tcg/cpu-exec.c | 122 +++++++----
> accel/tcg/cputlb.c | 259 ++++++++++++++----------
> accel/tcg/plugin-gen.c | 22 +-
> accel/tcg/translate-all.c | 200 ++++++++----------
> accel/tcg/translator.c | 2 +-
> cpu.c | 9 +-
> hw/core/cpu-common.c | 3 +-
> hw/core/cpu-sysemu.c | 5 +-
> plugins/core.c | 2 +-
> target/alpha/cpu.c | 9 +
> target/arm/cpu.c | 17 +-
> target/arm/mte_helper.c | 14 +-
> target/arm/sve_helper.c | 4 +-
> target/arm/translate-a64.c | 2 +-
> target/avr/cpu.c | 10 +-
> target/cris/cpu.c | 8 +
> target/hexagon/cpu.c | 10 +-
> target/hppa/cpu.c | 12 +-
> target/i386/cpu.c | 9 +
> target/i386/tcg/tcg-cpu.c | 2 +-
> target/loongarch/cpu.c | 11 +-
> target/m68k/cpu.c | 8 +
> target/microblaze/cpu.c | 10 +-
> target/mips/cpu.c | 8 +
> target/mips/tcg/exception.c | 2 +-
> target/mips/tcg/sysemu/special_helper.c | 2 +-
> target/nios2/cpu.c | 9 +
> target/openrisc/cpu.c | 10 +-
> target/ppc/cpu_init.c | 8 +
> target/riscv/cpu.c | 17 +-
> target/rx/cpu.c | 10 +-
> target/s390x/cpu.c | 8 +
> target/s390x/tcg/mem_helper.c | 4 -
> target/sh4/cpu.c | 12 +-
> target/sparc/cpu.c | 10 +-
> target/tricore/cpu.c | 11 +-
> target/xtensa/cpu.c | 8 +
> tcg/tcg.c | 8 +-
> trace/control-target.c | 2 +-
> 49 files changed, 723 insertions(+), 358 deletions(-)
> create mode 100644 accel/tcg/tb-jmp-cache.h
>
^ permalink raw reply [flat|nested] 30+ messages in thread
* RE: [PATCH v6 16/18] hw/core: Add CPUClass.get_pc
2022-09-30 21:26 ` [PATCH v6 16/18] hw/core: Add CPUClass.get_pc Richard Henderson
@ 2022-09-30 21:56 ` Taylor Simpson
2022-10-03 7:58 ` Mark Cave-Ayland
2022-10-03 13:03 ` Alex Bennée
2 siblings, 0 replies; 30+ messages in thread
From: Taylor Simpson @ 2022-09-30 21:56 UTC (permalink / raw)
To: Richard Henderson, qemu-devel
Cc: peter.maydell, alex.bennee, Eduardo Habkost, Marcel Apfelbaum,
Philippe Mathieu-Daudé,
Yanan Wang, Michael Rolnik, Edgar E. Iglesias, Song Gao,
Xiaojuan Yang, Laurent Vivier, Jiaxun Yang, Aleksandar Rikalo,
Chris Wulff, Marek Vasut, Stafford Horne, Yoshinori Sato,
Mark Cave-Ayland, Bastian Koppelmann, Max Filippov, qemu-arm,
qemu-ppc, qemu-riscv, qemu-s390x
> -----Original Message-----
> From: Richard Henderson <richard.henderson@linaro.org>
> Sent: Friday, September 30, 2022 4:26 PM
> To: qemu-devel@nongnu.org
> Cc: peter.maydell@linux.org; alex.bennee@linux.org; Eduardo Habkost
> <eduardo@habkost.net>; Marcel Apfelbaum
> <marcel.apfelbaum@gmail.com>; Philippe Mathieu-Daudé
> <f4bug@amsat.org>; Yanan Wang <wangyanan55@huawei.com>; Michael
> Rolnik <mrolnik@gmail.com>; Edgar E. Iglesias <edgar.iglesias@gmail.com>;
> Taylor Simpson <tsimpson@quicinc.com>; Song Gao
> <gaosong@loongson.cn>; Xiaojuan Yang <yangxiaojuan@loongson.cn>;
> Laurent Vivier <laurent@vivier.eu>; Jiaxun Yang <jiaxun.yang@flygoat.com>;
> Aleksandar Rikalo <aleksandar.rikalo@syrmia.com>; Chris Wulff
> <crwulff@gmail.com>; Marek Vasut <marex@denx.de>; Stafford Horne
> <shorne@gmail.com>; Yoshinori Sato <ysato@users.sourceforge.jp>; Mark
> Cave-Ayland <mark.cave-ayland@ilande.co.uk>; Bastian Koppelmann
> <kbastian@mail.uni-paderborn.de>; Max Filippov <jcmvbkbc@gmail.com>;
> qemu-arm@nongnu.org; qemu-ppc@nongnu.org; qemu-riscv@nongnu.org;
> qemu-s390x@nongnu.org
> Subject: [PATCH v6 16/18] hw/core: Add CPUClass.get_pc
>
> diff --git a/target/hexagon/cpu.c
> b/target/hexagon/cpu.c index fa9bd702d6..04a497db5e 100644
> --- a/target/hexagon/cpu.c
> +++ b/target/hexagon/cpu.c
> @@ -251,6 +251,13 @@ static void hexagon_cpu_set_pc(CPUState *cs,
> vaddr value)
> env->gpr[HEX_REG_PC] = value;
> }
>
> +static vaddr hexagon_cpu_get_pc(CPUState *cs) {
> + HexagonCPU *cpu = HEXAGON_CPU(cs);
> + CPUHexagonState *env = &cpu->env;
> + return env->gpr[HEX_REG_PC];
> +}
> +
> static void hexagon_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb) { @@ -337,6 +344,7 @@
> static void hexagon_cpu_class_init(ObjectClass *c, void *data)
> cc->has_work = hexagon_cpu_has_work;
> cc->dump_state = hexagon_dump_state;
> cc->set_pc = hexagon_cpu_set_pc;
> + cc->get_pc = hexagon_cpu_get_pc;
> cc->gdb_read_register = hexagon_gdb_read_register;
> cc->gdb_write_register = hexagon_gdb_write_register;
> cc->gdb_num_core_regs = TOTAL_PER_THREAD_REGS + NUM_VREGS +
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 16/18] hw/core: Add CPUClass.get_pc
2022-09-30 21:26 ` [PATCH v6 16/18] hw/core: Add CPUClass.get_pc Richard Henderson
2022-09-30 21:56 ` Taylor Simpson
@ 2022-10-03 7:58 ` Mark Cave-Ayland
2022-10-03 13:03 ` Alex Bennée
2 siblings, 0 replies; 30+ messages in thread
From: Mark Cave-Ayland @ 2022-10-03 7:58 UTC (permalink / raw)
To: Richard Henderson, qemu-devel
Cc: peter.maydell, alex.bennee, Eduardo Habkost, Marcel Apfelbaum,
Philippe Mathieu-Daudé,
Yanan Wang, Michael Rolnik, Edgar E. Iglesias, Taylor Simpson,
Song Gao, Xiaojuan Yang, Laurent Vivier, Jiaxun Yang,
Aleksandar Rikalo, Chris Wulff, Marek Vasut, Stafford Horne,
Yoshinori Sato, Bastian Koppelmann, Max Filippov, qemu-arm,
qemu-ppc, qemu-riscv, qemu-s390x
On 30/09/2022 22:26, Richard Henderson wrote:
> Populate this new method for all targets. Always match
> the result that would be given by cpu_get_tb_cpu_state,
> as we will want these values to correspond in the logs.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> Cc: Eduardo Habkost <eduardo@habkost.net> (supporter:Machine core)
> Cc: Marcel Apfelbaum <marcel.apfelbaum@gmail.com> (supporter:Machine core)
> Cc: "Philippe Mathieu-Daudé" <f4bug@amsat.org> (reviewer:Machine core)
> Cc: Yanan Wang <wangyanan55@huawei.com> (reviewer:Machine core)
> Cc: Michael Rolnik <mrolnik@gmail.com> (maintainer:AVR TCG CPUs)
> Cc: "Edgar E. Iglesias" <edgar.iglesias@gmail.com> (maintainer:CRIS TCG CPUs)
> Cc: Taylor Simpson <tsimpson@quicinc.com> (supporter:Hexagon TCG CPUs)
> Cc: Song Gao <gaosong@loongson.cn> (maintainer:LoongArch TCG CPUs)
> Cc: Xiaojuan Yang <yangxiaojuan@loongson.cn> (maintainer:LoongArch TCG CPUs)
> Cc: Laurent Vivier <laurent@vivier.eu> (maintainer:M68K TCG CPUs)
> Cc: Jiaxun Yang <jiaxun.yang@flygoat.com> (reviewer:MIPS TCG CPUs)
> Cc: Aleksandar Rikalo <aleksandar.rikalo@syrmia.com> (reviewer:MIPS TCG CPUs)
> Cc: Chris Wulff <crwulff@gmail.com> (maintainer:NiosII TCG CPUs)
> Cc: Marek Vasut <marex@denx.de> (maintainer:NiosII TCG CPUs)
> Cc: Stafford Horne <shorne@gmail.com> (odd fixer:OpenRISC TCG CPUs)
> Cc: Yoshinori Sato <ysato@users.sourceforge.jp> (reviewer:RENESAS RX CPUs)
> Cc: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk> (maintainer:SPARC TCG CPUs)
> Cc: Bastian Koppelmann <kbastian@mail.uni-paderborn.de> (maintainer:TriCore TCG CPUs)
> Cc: Max Filippov <jcmvbkbc@gmail.com> (maintainer:Xtensa TCG CPUs)
> Cc: qemu-arm@nongnu.org (open list:ARM TCG CPUs)
> Cc: qemu-ppc@nongnu.org (open list:PowerPC TCG CPUs)
> Cc: qemu-riscv@nongnu.org (open list:RISC-V TCG CPUs)
> Cc: qemu-s390x@nongnu.org (open list:S390 TCG CPUs)
> ---
> include/hw/core/cpu.h | 3 +++
> target/alpha/cpu.c | 9 +++++++++
> target/arm/cpu.c | 13 +++++++++++++
> target/avr/cpu.c | 8 ++++++++
> target/cris/cpu.c | 8 ++++++++
> target/hexagon/cpu.c | 8 ++++++++
> target/hppa/cpu.c | 8 ++++++++
> target/i386/cpu.c | 9 +++++++++
> target/loongarch/cpu.c | 9 +++++++++
> target/m68k/cpu.c | 8 ++++++++
> target/microblaze/cpu.c | 8 ++++++++
> target/mips/cpu.c | 8 ++++++++
> target/nios2/cpu.c | 9 +++++++++
> target/openrisc/cpu.c | 8 ++++++++
> target/ppc/cpu_init.c | 8 ++++++++
> target/riscv/cpu.c | 13 +++++++++++++
> target/rx/cpu.c | 8 ++++++++
> target/s390x/cpu.c | 8 ++++++++
> target/sh4/cpu.c | 8 ++++++++
> target/sparc/cpu.c | 8 ++++++++
> target/tricore/cpu.c | 9 +++++++++
> target/xtensa/cpu.c | 8 ++++++++
> 22 files changed, 186 insertions(+)
>
> diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
> index 18ca701b44..f9b58773f7 100644
> --- a/include/hw/core/cpu.h
> +++ b/include/hw/core/cpu.h
> @@ -115,6 +115,8 @@ struct SysemuCPUOps;
> * If the target behaviour here is anything other than "set
> * the PC register to the value passed in" then the target must
> * also implement the synchronize_from_tb hook.
> + * @get_pc: Callback for getting the Program Counter register.
> + * As above, with the semantics of the target architecture.
> * @gdb_read_register: Callback for letting GDB read a register.
> * @gdb_write_register: Callback for letting GDB write a register.
> * @gdb_adjust_breakpoint: Callback for adjusting the address of a
> @@ -151,6 +153,7 @@ struct CPUClass {
> void (*dump_state)(CPUState *cpu, FILE *, int flags);
> int64_t (*get_arch_id)(CPUState *cpu);
> void (*set_pc)(CPUState *cpu, vaddr value);
> + vaddr (*get_pc)(CPUState *cpu);
> int (*gdb_read_register)(CPUState *cpu, GByteArray *buf, int reg);
> int (*gdb_write_register)(CPUState *cpu, uint8_t *buf, int reg);
> vaddr (*gdb_adjust_breakpoint)(CPUState *cpu, vaddr addr);
> diff --git a/target/alpha/cpu.c b/target/alpha/cpu.c
> index a8990d401b..979a629d59 100644
> --- a/target/alpha/cpu.c
> +++ b/target/alpha/cpu.c
> @@ -33,6 +33,14 @@ static void alpha_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc = value;
> }
>
> +static vaddr alpha_cpu_get_pc(CPUState *cs)
> +{
> + AlphaCPU *cpu = ALPHA_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> +
> static bool alpha_cpu_has_work(CPUState *cs)
> {
> /* Here we are checking to see if the CPU should wake up from HALT.
> @@ -244,6 +252,7 @@ static void alpha_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = alpha_cpu_has_work;
> cc->dump_state = alpha_cpu_dump_state;
> cc->set_pc = alpha_cpu_set_pc;
> + cc->get_pc = alpha_cpu_get_pc;
> cc->gdb_read_register = alpha_cpu_gdb_read_register;
> cc->gdb_write_register = alpha_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/arm/cpu.c b/target/arm/cpu.c
> index 7ec3281da9..fa67ba6647 100644
> --- a/target/arm/cpu.c
> +++ b/target/arm/cpu.c
> @@ -60,6 +60,18 @@ static void arm_cpu_set_pc(CPUState *cs, vaddr value)
> }
> }
>
> +static vaddr arm_cpu_get_pc(CPUState *cs)
> +{
> + ARMCPU *cpu = ARM_CPU(cs);
> + CPUARMState *env = &cpu->env;
> +
> + if (is_a64(env)) {
> + return env->pc;
> + } else {
> + return env->regs[15];
> + }
> +}
> +
> #ifdef CONFIG_TCG
> void arm_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> @@ -2172,6 +2184,7 @@ static void arm_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = arm_cpu_has_work;
> cc->dump_state = arm_cpu_dump_state;
> cc->set_pc = arm_cpu_set_pc;
> + cc->get_pc = arm_cpu_get_pc;
> cc->gdb_read_register = arm_cpu_gdb_read_register;
> cc->gdb_write_register = arm_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/avr/cpu.c b/target/avr/cpu.c
> index 05b992ff73..6900444d03 100644
> --- a/target/avr/cpu.c
> +++ b/target/avr/cpu.c
> @@ -32,6 +32,13 @@ static void avr_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc_w = value / 2; /* internally PC points to words */
> }
>
> +static vaddr avr_cpu_get_pc(CPUState *cs)
> +{
> + AVRCPU *cpu = AVR_CPU(cs);
> +
> + return cpu->env.pc_w * 2;
> +}
> +
> static bool avr_cpu_has_work(CPUState *cs)
> {
> AVRCPU *cpu = AVR_CPU(cs);
> @@ -214,6 +221,7 @@ static void avr_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = avr_cpu_has_work;
> cc->dump_state = avr_cpu_dump_state;
> cc->set_pc = avr_cpu_set_pc;
> + cc->get_pc = avr_cpu_get_pc;
> dc->vmsd = &vms_avr_cpu;
> cc->sysemu_ops = &avr_sysemu_ops;
> cc->disas_set_info = avr_cpu_disas_set_info;
> diff --git a/target/cris/cpu.c b/target/cris/cpu.c
> index ed6c781342..22f5c70f39 100644
> --- a/target/cris/cpu.c
> +++ b/target/cris/cpu.c
> @@ -35,6 +35,13 @@ static void cris_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc = value;
> }
>
> +static vaddr cris_cpu_get_pc(CPUState *cs)
> +{
> + CRISCPU *cpu = CRIS_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static bool cris_cpu_has_work(CPUState *cs)
> {
> return cs->interrupt_request & (CPU_INTERRUPT_HARD | CPU_INTERRUPT_NMI);
> @@ -297,6 +304,7 @@ static void cris_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = cris_cpu_has_work;
> cc->dump_state = cris_cpu_dump_state;
> cc->set_pc = cris_cpu_set_pc;
> + cc->get_pc = cris_cpu_get_pc;
> cc->gdb_read_register = cris_cpu_gdb_read_register;
> cc->gdb_write_register = cris_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/hexagon/cpu.c b/target/hexagon/cpu.c
> index fa9bd702d6..04a497db5e 100644
> --- a/target/hexagon/cpu.c
> +++ b/target/hexagon/cpu.c
> @@ -251,6 +251,13 @@ static void hexagon_cpu_set_pc(CPUState *cs, vaddr value)
> env->gpr[HEX_REG_PC] = value;
> }
>
> +static vaddr hexagon_cpu_get_pc(CPUState *cs)
> +{
> + HexagonCPU *cpu = HEXAGON_CPU(cs);
> + CPUHexagonState *env = &cpu->env;
> + return env->gpr[HEX_REG_PC];
> +}
> +
> static void hexagon_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -337,6 +344,7 @@ static void hexagon_cpu_class_init(ObjectClass *c, void *data)
> cc->has_work = hexagon_cpu_has_work;
> cc->dump_state = hexagon_dump_state;
> cc->set_pc = hexagon_cpu_set_pc;
> + cc->get_pc = hexagon_cpu_get_pc;
> cc->gdb_read_register = hexagon_gdb_read_register;
> cc->gdb_write_register = hexagon_gdb_write_register;
> cc->gdb_num_core_regs = TOTAL_PER_THREAD_REGS + NUM_VREGS + NUM_QREGS;
> diff --git a/target/hppa/cpu.c b/target/hppa/cpu.c
> index a6f52caf14..e25d3db6d5 100644
> --- a/target/hppa/cpu.c
> +++ b/target/hppa/cpu.c
> @@ -36,6 +36,13 @@ static void hppa_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.iaoq_b = value + 4;
> }
>
> +static vaddr hppa_cpu_get_pc(CPUState *cs)
> +{
> + HPPACPU *cpu = HPPA_CPU(cs);
> +
> + return cpu->env.iaoq_f;
> +}
> +
> static void hppa_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -168,6 +175,7 @@ static void hppa_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = hppa_cpu_has_work;
> cc->dump_state = hppa_cpu_dump_state;
> cc->set_pc = hppa_cpu_set_pc;
> + cc->get_pc = hppa_cpu_get_pc;
> cc->gdb_read_register = hppa_cpu_gdb_read_register;
> cc->gdb_write_register = hppa_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/i386/cpu.c b/target/i386/cpu.c
> index 1db1278a59..ad623d91e4 100644
> --- a/target/i386/cpu.c
> +++ b/target/i386/cpu.c
> @@ -6824,6 +6824,14 @@ static void x86_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.eip = value;
> }
>
> +static vaddr x86_cpu_get_pc(CPUState *cs)
> +{
> + X86CPU *cpu = X86_CPU(cs);
> +
> + /* Match cpu_get_tb_cpu_state. */
> + return cpu->env.eip + cpu->env.segs[R_CS].base;
> +}
> +
> int x86_cpu_pending_interrupt(CPUState *cs, int interrupt_request)
> {
> X86CPU *cpu = X86_CPU(cs);
> @@ -7106,6 +7114,7 @@ static void x86_cpu_common_class_init(ObjectClass *oc, void *data)
> cc->has_work = x86_cpu_has_work;
> cc->dump_state = x86_cpu_dump_state;
> cc->set_pc = x86_cpu_set_pc;
> + cc->get_pc = x86_cpu_get_pc;
> cc->gdb_read_register = x86_cpu_gdb_read_register;
> cc->gdb_write_register = x86_cpu_gdb_write_register;
> cc->get_arch_id = x86_cpu_get_arch_id;
> diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
> index 941e2772bc..20a92ea56c 100644
> --- a/target/loongarch/cpu.c
> +++ b/target/loongarch/cpu.c
> @@ -82,6 +82,14 @@ static void loongarch_cpu_set_pc(CPUState *cs, vaddr value)
> env->pc = value;
> }
>
> +static vaddr loongarch_cpu_get_pc(CPUState *cs)
> +{
> + LoongArchCPU *cpu = LOONGARCH_CPU(cs);
> + CPULoongArchState *env = &cpu->env;
> +
> + return env->pc;
> +}
> +
> #ifndef CONFIG_USER_ONLY
> #include "hw/loongarch/virt.h"
>
> @@ -680,6 +688,7 @@ static void loongarch_cpu_class_init(ObjectClass *c, void *data)
> cc->has_work = loongarch_cpu_has_work;
> cc->dump_state = loongarch_cpu_dump_state;
> cc->set_pc = loongarch_cpu_set_pc;
> + cc->get_pc = loongarch_cpu_get_pc;
> #ifndef CONFIG_USER_ONLY
> dc->vmsd = &vmstate_loongarch_cpu;
> cc->sysemu_ops = &loongarch_sysemu_ops;
> diff --git a/target/m68k/cpu.c b/target/m68k/cpu.c
> index 25d610db21..1e902e1ef0 100644
> --- a/target/m68k/cpu.c
> +++ b/target/m68k/cpu.c
> @@ -31,6 +31,13 @@ static void m68k_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc = value;
> }
>
> +static vaddr m68k_cpu_get_pc(CPUState *cs)
> +{
> + M68kCPU *cpu = M68K_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static bool m68k_cpu_has_work(CPUState *cs)
> {
> return cs->interrupt_request & CPU_INTERRUPT_HARD;
> @@ -540,6 +547,7 @@ static void m68k_cpu_class_init(ObjectClass *c, void *data)
> cc->has_work = m68k_cpu_has_work;
> cc->dump_state = m68k_cpu_dump_state;
> cc->set_pc = m68k_cpu_set_pc;
> + cc->get_pc = m68k_cpu_get_pc;
> cc->gdb_read_register = m68k_cpu_gdb_read_register;
> cc->gdb_write_register = m68k_cpu_gdb_write_register;
> #if defined(CONFIG_SOFTMMU)
> diff --git a/target/microblaze/cpu.c b/target/microblaze/cpu.c
> index aed200dcff..73af51769e 100644
> --- a/target/microblaze/cpu.c
> +++ b/target/microblaze/cpu.c
> @@ -84,6 +84,13 @@ static void mb_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.iflags = 0;
> }
>
> +static vaddr mb_cpu_get_pc(CPUState *cs)
> +{
> + MicroBlazeCPU *cpu = MICROBLAZE_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static void mb_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -391,6 +398,7 @@ static void mb_cpu_class_init(ObjectClass *oc, void *data)
>
> cc->dump_state = mb_cpu_dump_state;
> cc->set_pc = mb_cpu_set_pc;
> + cc->get_pc = mb_cpu_get_pc;
> cc->gdb_read_register = mb_cpu_gdb_read_register;
> cc->gdb_write_register = mb_cpu_gdb_write_register;
>
> diff --git a/target/mips/cpu.c b/target/mips/cpu.c
> index c15c955367..da58eb8892 100644
> --- a/target/mips/cpu.c
> +++ b/target/mips/cpu.c
> @@ -128,6 +128,13 @@ static void mips_cpu_set_pc(CPUState *cs, vaddr value)
> mips_env_set_pc(&cpu->env, value);
> }
>
> +static vaddr mips_cpu_get_pc(CPUState *cs)
> +{
> + MIPSCPU *cpu = MIPS_CPU(cs);
> +
> + return cpu->env.active_tc.PC;
> +}
> +
> static bool mips_cpu_has_work(CPUState *cs)
> {
> MIPSCPU *cpu = MIPS_CPU(cs);
> @@ -557,6 +564,7 @@ static void mips_cpu_class_init(ObjectClass *c, void *data)
> cc->has_work = mips_cpu_has_work;
> cc->dump_state = mips_cpu_dump_state;
> cc->set_pc = mips_cpu_set_pc;
> + cc->get_pc = mips_cpu_get_pc;
> cc->gdb_read_register = mips_cpu_gdb_read_register;
> cc->gdb_write_register = mips_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/nios2/cpu.c b/target/nios2/cpu.c
> index 19b2409974..2b28429c08 100644
> --- a/target/nios2/cpu.c
> +++ b/target/nios2/cpu.c
> @@ -34,6 +34,14 @@ static void nios2_cpu_set_pc(CPUState *cs, vaddr value)
> env->pc = value;
> }
>
> +static vaddr nios2_cpu_get_pc(CPUState *cs)
> +{
> + Nios2CPU *cpu = NIOS2_CPU(cs);
> + CPUNios2State *env = &cpu->env;
> +
> + return env->pc;
> +}
> +
> static bool nios2_cpu_has_work(CPUState *cs)
> {
> return cs->interrupt_request & CPU_INTERRUPT_HARD;
> @@ -362,6 +370,7 @@ static void nios2_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = nios2_cpu_has_work;
> cc->dump_state = nios2_cpu_dump_state;
> cc->set_pc = nios2_cpu_set_pc;
> + cc->get_pc = nios2_cpu_get_pc;
> cc->disas_set_info = nios2_cpu_disas_set_info;
> #ifndef CONFIG_USER_ONLY
> cc->sysemu_ops = &nios2_sysemu_ops;
> diff --git a/target/openrisc/cpu.c b/target/openrisc/cpu.c
> index cb9f35f408..33cf717210 100644
> --- a/target/openrisc/cpu.c
> +++ b/target/openrisc/cpu.c
> @@ -31,6 +31,13 @@ static void openrisc_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.dflag = 0;
> }
>
> +static vaddr openrisc_cpu_get_pc(CPUState *cs)
> +{
> + OpenRISCCPU *cpu = OPENRISC_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static void openrisc_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -218,6 +225,7 @@ static void openrisc_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = openrisc_cpu_has_work;
> cc->dump_state = openrisc_cpu_dump_state;
> cc->set_pc = openrisc_cpu_set_pc;
> + cc->get_pc = openrisc_cpu_get_pc;
> cc->gdb_read_register = openrisc_cpu_gdb_read_register;
> cc->gdb_write_register = openrisc_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/ppc/cpu_init.c b/target/ppc/cpu_init.c
> index 6e080ebda0..763a8431be 100644
> --- a/target/ppc/cpu_init.c
> +++ b/target/ppc/cpu_init.c
> @@ -7214,6 +7214,13 @@ static void ppc_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.nip = value;
> }
>
> +static vaddr ppc_cpu_get_pc(CPUState *cs)
> +{
> + PowerPCCPU *cpu = POWERPC_CPU(cs);
> +
> + return cpu->env.nip;
> +}
> +
> static bool ppc_cpu_has_work(CPUState *cs)
> {
> PowerPCCPU *cpu = POWERPC_CPU(cs);
> @@ -7472,6 +7479,7 @@ static void ppc_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = ppc_cpu_has_work;
> cc->dump_state = ppc_cpu_dump_state;
> cc->set_pc = ppc_cpu_set_pc;
> + cc->get_pc = ppc_cpu_get_pc;
> cc->gdb_read_register = ppc_cpu_gdb_read_register;
> cc->gdb_write_register = ppc_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/riscv/cpu.c b/target/riscv/cpu.c
> index b29c88b9f0..6ca05c6eaf 100644
> --- a/target/riscv/cpu.c
> +++ b/target/riscv/cpu.c
> @@ -462,6 +462,18 @@ static void riscv_cpu_set_pc(CPUState *cs, vaddr value)
> }
> }
>
> +static vaddr riscv_cpu_get_pc(CPUState *cs)
> +{
> + RISCVCPU *cpu = RISCV_CPU(cs);
> + CPURISCVState *env = &cpu->env;
> +
> + /* Match cpu_get_tb_cpu_state. */
> + if (env->xl == MXL_RV32) {
> + return env->pc & UINT32_MAX;
> + }
> + return env->pc;
> +}
> +
> static void riscv_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -1154,6 +1166,7 @@ static void riscv_cpu_class_init(ObjectClass *c, void *data)
> cc->has_work = riscv_cpu_has_work;
> cc->dump_state = riscv_cpu_dump_state;
> cc->set_pc = riscv_cpu_set_pc;
> + cc->get_pc = riscv_cpu_get_pc;
> cc->gdb_read_register = riscv_cpu_gdb_read_register;
> cc->gdb_write_register = riscv_cpu_gdb_write_register;
> cc->gdb_num_core_regs = 33;
> diff --git a/target/rx/cpu.c b/target/rx/cpu.c
> index fb30080ac4..134b4b6bb6 100644
> --- a/target/rx/cpu.c
> +++ b/target/rx/cpu.c
> @@ -32,6 +32,13 @@ static void rx_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc = value;
> }
>
> +static vaddr rx_cpu_get_pc(CPUState *cs)
> +{
> + RXCPU *cpu = RX_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static void rx_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -208,6 +215,7 @@ static void rx_cpu_class_init(ObjectClass *klass, void *data)
> cc->has_work = rx_cpu_has_work;
> cc->dump_state = rx_cpu_dump_state;
> cc->set_pc = rx_cpu_set_pc;
> + cc->get_pc = rx_cpu_get_pc;
>
> #ifndef CONFIG_USER_ONLY
> cc->sysemu_ops = &rx_sysemu_ops;
> diff --git a/target/s390x/cpu.c b/target/s390x/cpu.c
> index c31bb2351f..df00040e95 100644
> --- a/target/s390x/cpu.c
> +++ b/target/s390x/cpu.c
> @@ -88,6 +88,13 @@ static void s390_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.psw.addr = value;
> }
>
> +static vaddr s390_cpu_get_pc(CPUState *cs)
> +{
> + S390CPU *cpu = S390_CPU(cs);
> +
> + return cpu->env.psw.addr;
> +}
> +
> static bool s390_cpu_has_work(CPUState *cs)
> {
> S390CPU *cpu = S390_CPU(cs);
> @@ -297,6 +304,7 @@ static void s390_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = s390_cpu_has_work;
> cc->dump_state = s390_cpu_dump_state;
> cc->set_pc = s390_cpu_set_pc;
> + cc->get_pc = s390_cpu_get_pc;
> cc->gdb_read_register = s390_cpu_gdb_read_register;
> cc->gdb_write_register = s390_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/sh4/cpu.c b/target/sh4/cpu.c
> index 06b2691dc4..4bafbf8596 100644
> --- a/target/sh4/cpu.c
> +++ b/target/sh4/cpu.c
> @@ -34,6 +34,13 @@ static void superh_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc = value;
> }
>
> +static vaddr superh_cpu_get_pc(CPUState *cs)
> +{
> + SuperHCPU *cpu = SUPERH_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static void superh_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -261,6 +268,7 @@ static void superh_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = superh_cpu_has_work;
> cc->dump_state = superh_cpu_dump_state;
> cc->set_pc = superh_cpu_set_pc;
> + cc->get_pc = superh_cpu_get_pc;
> cc->gdb_read_register = superh_cpu_gdb_read_register;
> cc->gdb_write_register = superh_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/sparc/cpu.c b/target/sparc/cpu.c
> index 55268ed2a1..1b2afb0cb8 100644
> --- a/target/sparc/cpu.c
> +++ b/target/sparc/cpu.c
> @@ -693,6 +693,13 @@ static void sparc_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.npc = value + 4;
> }
>
> +static vaddr sparc_cpu_get_pc(CPUState *cs)
> +{
> + SPARCCPU *cpu = SPARC_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static void sparc_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -896,6 +903,7 @@ static void sparc_cpu_class_init(ObjectClass *oc, void *data)
> cc->memory_rw_debug = sparc_cpu_memory_rw_debug;
> #endif
> cc->set_pc = sparc_cpu_set_pc;
> + cc->get_pc = sparc_cpu_get_pc;
> cc->gdb_read_register = sparc_cpu_gdb_read_register;
> cc->gdb_write_register = sparc_cpu_gdb_write_register;
> #ifndef CONFIG_USER_ONLY
> diff --git a/target/tricore/cpu.c b/target/tricore/cpu.c
> index b95682b7f0..91b16bdefc 100644
> --- a/target/tricore/cpu.c
> +++ b/target/tricore/cpu.c
> @@ -41,6 +41,14 @@ static void tricore_cpu_set_pc(CPUState *cs, vaddr value)
> env->PC = value & ~(target_ulong)1;
> }
>
> +static vaddr tricore_cpu_get_pc(CPUState *cs)
> +{
> + TriCoreCPU *cpu = TRICORE_CPU(cs);
> + CPUTriCoreState *env = &cpu->env;
> +
> + return env->PC;
> +}
> +
> static void tricore_cpu_synchronize_from_tb(CPUState *cs,
> const TranslationBlock *tb)
> {
> @@ -176,6 +184,7 @@ static void tricore_cpu_class_init(ObjectClass *c, void *data)
>
> cc->dump_state = tricore_cpu_dump_state;
> cc->set_pc = tricore_cpu_set_pc;
> + cc->get_pc = tricore_cpu_get_pc;
> cc->sysemu_ops = &tricore_sysemu_ops;
> cc->tcg_ops = &tricore_tcg_ops;
> }
> diff --git a/target/xtensa/cpu.c b/target/xtensa/cpu.c
> index fd553fdfb5..cbbe0e84a2 100644
> --- a/target/xtensa/cpu.c
> +++ b/target/xtensa/cpu.c
> @@ -44,6 +44,13 @@ static void xtensa_cpu_set_pc(CPUState *cs, vaddr value)
> cpu->env.pc = value;
> }
>
> +static vaddr xtensa_cpu_get_pc(CPUState *cs)
> +{
> + XtensaCPU *cpu = XTENSA_CPU(cs);
> +
> + return cpu->env.pc;
> +}
> +
> static bool xtensa_cpu_has_work(CPUState *cs)
> {
> #ifndef CONFIG_USER_ONLY
> @@ -233,6 +240,7 @@ static void xtensa_cpu_class_init(ObjectClass *oc, void *data)
> cc->has_work = xtensa_cpu_has_work;
> cc->dump_state = xtensa_cpu_dump_state;
> cc->set_pc = xtensa_cpu_set_pc;
> + cc->get_pc = xtensa_cpu_get_pc;
> cc->gdb_read_register = xtensa_cpu_gdb_read_register;
> cc->gdb_write_register = xtensa_cpu_gdb_write_register;
> cc->gdb_stop_before_watchpoint = true;
For target/sparc:
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
ATB,
Mark.
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0]
2022-09-30 21:26 ` [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0] Richard Henderson
@ 2022-10-03 12:47 ` Alex Bennée
2022-10-03 13:54 ` Richard Henderson
0 siblings, 1 reply; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 12:47 UTC (permalink / raw)
To: Richard Henderson; +Cc: peter.maydell, alex.bennee, qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> Let tb->page_addr[0] contain the offset within the page of the
> start of the translation block. We need to recover this value
> anyway at various points, and it is easier to discard the page
> offset when it's not needed, which happens naturally via the
> existing find_page shift.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> accel/tcg/cpu-exec.c | 16 ++++++++--------
> accel/tcg/cputlb.c | 3 ++-
> accel/tcg/translate-all.c | 9 +++++----
> 3 files changed, 15 insertions(+), 13 deletions(-)
>
> diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
> index 5f43b9769a..dd58a144a8 100644
> --- a/accel/tcg/cpu-exec.c
> +++ b/accel/tcg/cpu-exec.c
> @@ -174,7 +174,7 @@ struct tb_desc {
> target_ulong pc;
> target_ulong cs_base;
> CPUArchState *env;
> - tb_page_addr_t phys_page1;
> + tb_page_addr_t page_addr0;
We don't actually document that this is an offset here (or indeed in
TranslationBlock) and the definition of tb_page_addr_t:
/* Page tracking code uses ram addresses in system mode, and virtual
addresses in userspace mode. Define tb_page_addr_t to be an appropriate
type. */
#if defined(CONFIG_USER_ONLY)
typedef abi_ulong tb_page_addr_t;
#define TB_PAGE_ADDR_FMT TARGET_ABI_FMT_lx
#else
typedef ram_addr_t tb_page_addr_t;
#define TB_PAGE_ADDR_FMT RAM_ADDR_FMT
#endif
implies these are full size pointers into the guests address space.
Either we need a new type (tb_page_offset_t) or to properly comment the
structures with what they mean.
Otherwise:
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 14/18] accel/tcg: Inline tb_flush_jmp_cache
2022-09-30 21:26 ` [PATCH v6 14/18] accel/tcg: Inline tb_flush_jmp_cache Richard Henderson
@ 2022-10-03 12:51 ` Alex Bennée
0 siblings, 0 replies; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 12:51 UTC (permalink / raw)
To: Richard Henderson; +Cc: peter.maydell, alex.bennee, qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> This function has two users, who use it incompatibly.
> In tlb_flush_page_by_mmuidx_async_0, when flushing a
> single page, we need to flush exactly two pages.
> In tlb_flush_range_by_mmuidx_async_0, when flushing a
> range of pages, we need to flush N+1 pages.
>
> This avoids double-flushing of jmp cache pages in a range.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 15/18] include/hw/core: Create struct CPUJumpCache
2022-09-30 21:26 ` [PATCH v6 15/18] include/hw/core: Create struct CPUJumpCache Richard Henderson
@ 2022-10-03 12:57 ` Alex Bennée
0 siblings, 0 replies; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 12:57 UTC (permalink / raw)
To: Richard Henderson
Cc: peter.maydell, alex.bennee, Philippe Mathieu-Daudé, qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> Wrap the bare TranslationBlock pointer into a structure.
>
> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> accel/tcg/tb-hash.h | 1 +
> accel/tcg/tb-jmp-cache.h | 24 ++++++++++++++++++++++++
> include/exec/cpu-common.h | 1 +
> include/hw/core/cpu.h | 15 +--------------
> include/qemu/typedefs.h | 1 +
> accel/tcg/cpu-exec.c | 10 +++++++---
> accel/tcg/cputlb.c | 9 +++++----
> accel/tcg/translate-all.c | 28 +++++++++++++++++++++++++---
> hw/core/cpu-common.c | 3 +--
> plugins/core.c | 2 +-
> trace/control-target.c | 2 +-
> 11 files changed, 68 insertions(+), 28 deletions(-)
> create mode 100644 accel/tcg/tb-jmp-cache.h
>
> diff --git a/accel/tcg/tb-hash.h b/accel/tcg/tb-hash.h
> index 0a273d9605..83dc610e4c 100644
> --- a/accel/tcg/tb-hash.h
> +++ b/accel/tcg/tb-hash.h
> @@ -23,6 +23,7 @@
> #include "exec/cpu-defs.h"
> #include "exec/exec-all.h"
> #include "qemu/xxhash.h"
> +#include "tb-jmp-cache.h"
>
> #ifdef CONFIG_SOFTMMU
>
> diff --git a/accel/tcg/tb-jmp-cache.h b/accel/tcg/tb-jmp-cache.h
> new file mode 100644
> index 0000000000..2d8fbb1bfe
> --- /dev/null
> +++ b/accel/tcg/tb-jmp-cache.h
> @@ -0,0 +1,24 @@
> +/*
> + * The per-CPU TranslationBlock jump cache.
> + *
> + * Copyright (c) 2003 Fabrice Bellard
> + *
> + * SPDX-License-Identifier: GPL-2.0-or-later
> + */
> +
> +#ifndef ACCEL_TCG_TB_JMP_CACHE_H
> +#define ACCEL_TCG_TB_JMP_CACHE_H
> +
> +#define TB_JMP_CACHE_BITS 12
> +#define TB_JMP_CACHE_SIZE (1 << TB_JMP_CACHE_BITS)
> +
> +/*
> + * Accessed in parallel; all accesses to 'tb' must be atomic.
> + */
> +struct CPUJumpCache {
> + struct {
> + TranslationBlock *tb;
> + } array[TB_JMP_CACHE_SIZE];
> +};
> +
> +#endif /* ACCEL_TCG_TB_JMP_CACHE_H */
When I saw this I wondered if...
> diff --git a/include/exec/cpu-common.h b/include/exec/cpu-common.h
> index d909429427..c493510ee9 100644
> --- a/include/exec/cpu-common.h
> +++ b/include/exec/cpu-common.h
> @@ -38,6 +38,7 @@ void cpu_list_unlock(void);
> unsigned int cpu_list_generation_id_get(void);
>
> void tcg_flush_softmmu_tlb(CPUState *cs);
> +void tcg_flush_jmp_cache(CPUState *cs);
this helper and ....
<snip>
> diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
> index 3a63113c41..63ecc15236 100644
> --- a/accel/tcg/translate-all.c
> +++ b/accel/tcg/translate-all.c
<snip>
.. this one should be moved into accel/tcg/tb-jmp-cache.c so we can keep
all the jmp cache stuff nicely contained (and cut down the grab bag of
content to translate-all a bit)?
>
> +/*
> + * Called by generic code at e.g. cpu reset after cpu creation,
> + * therefore we must be prepared to allocate the jump cache.
> + */
> +void tcg_flush_jmp_cache(CPUState *cpu)
> +{
> + CPUJumpCache *jc = cpu->tb_jmp_cache;
> +
> + if (likely(jc)) {
> + for (int i = 0; i < TB_JMP_CACHE_SIZE; i++) {
> + qatomic_set(&jc->array[i].tb, NULL);
> + }
> + } else {
> + /* This should happen once during realize, and thus never race. */
> + jc = g_new0(CPUJumpCache, 1);
> + jc = qatomic_xchg(&cpu->tb_jmp_cache, jc);
> + assert(jc == NULL);
> + }
> +}
> +
<snip>
Anyway:
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 16/18] hw/core: Add CPUClass.get_pc
2022-09-30 21:26 ` [PATCH v6 16/18] hw/core: Add CPUClass.get_pc Richard Henderson
2022-09-30 21:56 ` Taylor Simpson
2022-10-03 7:58 ` Mark Cave-Ayland
@ 2022-10-03 13:03 ` Alex Bennée
2 siblings, 0 replies; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 13:03 UTC (permalink / raw)
To: Richard Henderson
Cc: peter.maydell, alex.bennee, Eduardo Habkost, Marcel Apfelbaum,
Philippe Mathieu-Daudé,
Yanan Wang, Michael Rolnik, Edgar E. Iglesias, Taylor Simpson,
Song Gao, Xiaojuan Yang, Laurent Vivier, Jiaxun Yang,
Aleksandar Rikalo, Chris Wulff, Marek Vasut, Stafford Horne,
Yoshinori Sato, Mark Cave-Ayland, Bastian Koppelmann,
Max Filippov, qemu-arm, qemu-ppc, qemu-riscv, qemu-s390x,
qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> Populate this new method for all targets. Always match
> the result that would be given by cpu_get_tb_cpu_state,
> as we will want these values to correspond in the logs.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 18/18] accel/tcg: Introduce TARGET_TB_PCREL
2022-09-30 21:26 ` [PATCH v6 18/18] accel/tcg: Introduce TARGET_TB_PCREL Richard Henderson
@ 2022-10-03 13:46 ` Alex Bennée
0 siblings, 0 replies; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 13:46 UTC (permalink / raw)
To: Richard Henderson; +Cc: peter.maydell, alex.bennee, qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> Prepare for targets to be able to produce TBs that can
> run in more than one virtual context.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> accel/tcg/internal.h | 4 +++
> accel/tcg/tb-jmp-cache.h | 5 ++++
> include/exec/cpu-defs.h | 3 +++
> include/exec/exec-all.h | 32 ++++++++++++++++++++--
> accel/tcg/cpu-exec.c | 56 +++++++++++++++++++++++++++++++--------
> accel/tcg/translate-all.c | 50 +++++++++++++++++++++-------------
> 6 files changed, 119 insertions(+), 31 deletions(-)
>
> diff --git a/accel/tcg/internal.h b/accel/tcg/internal.h
> index a3875a3b5a..dc800fd485 100644
> --- a/accel/tcg/internal.h
> +++ b/accel/tcg/internal.h
> @@ -21,7 +21,11 @@ void tb_htable_init(void);
> /* Return the current PC from CPU, which may be cached in TB. */
> static inline target_ulong log_pc(CPUState *cpu, const TranslationBlock *tb)
> {
> +#if TARGET_TB_PCREL
> + return cpu->cc->get_pc(cpu);
> +#else
> return tb_pc(tb);
> +#endif
> }
>
> #endif /* ACCEL_TCG_INTERNAL_H */
> diff --git a/accel/tcg/tb-jmp-cache.h b/accel/tcg/tb-jmp-cache.h
> index 2d8fbb1bfe..a7288150bc 100644
> --- a/accel/tcg/tb-jmp-cache.h
> +++ b/accel/tcg/tb-jmp-cache.h
> @@ -14,10 +14,15 @@
>
> /*
> * Accessed in parallel; all accesses to 'tb' must be atomic.
> + * For TARGET_TB_PCREL, accesses to 'pc' must be protected by
> + * a load_acquire/store_release to 'tb'.
> */
> struct CPUJumpCache {
> struct {
> TranslationBlock *tb;
> +#if TARGET_TB_PCREL
> + target_ulong pc;
> +#endif
> } array[TB_JMP_CACHE_SIZE];
> };
>
> diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
> index 67239b4e5e..21309cf567 100644
> --- a/include/exec/cpu-defs.h
> +++ b/include/exec/cpu-defs.h
> @@ -54,6 +54,9 @@
> # error TARGET_PAGE_BITS must be defined in cpu-param.h
> # endif
> #endif
> +#ifndef TARGET_TB_PCREL
> +# define TARGET_TB_PCREL 0
> +#endif
>
> #define TARGET_LONG_SIZE (TARGET_LONG_BITS / 8)
>
> diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
> index 7ea6026ba9..e5f8b224a5 100644
> --- a/include/exec/exec-all.h
> +++ b/include/exec/exec-all.h
> @@ -496,8 +496,32 @@ struct tb_tc {
> };
>
> struct TranslationBlock {
> - target_ulong pc; /* simulated PC corresponding to this block (EIP + CS base) */
> - target_ulong cs_base; /* CS base for this block */
> +#if !TARGET_TB_PCREL
> + /*
> + * Guest PC corresponding to this block. This must be the true
> + * virtual address. Therefore e.g. x86 stores EIP + CS_BASE, and
> + * targets like Arm, MIPS, HP-PA, which reuse low bits for ISA or
> + * privilege, must store those bits elsewhere.
> + *
> + * If TARGET_TB_PCREL, the opcodes for the TranslationBlock are
> + * written such that the TB is associated only with the physical
> + * page and may be run in any virtual address context. In this case,
> + * PC must always be taken from ENV in a target-specific manner.
> + * Unwind information is taken as offsets from the page, to be
> + * deposited into the "current" PC.
> + */
> + target_ulong pc;
> +#endif
> +
> + /*
> + * Target-specific data associated with the TranslationBlock, e.g.:
> + * x86: the original user, the Code Segment virtual base,
> + * arm: an extension of tb->flags,
> + * s390x: instruction data for EXECUTE,
> + * sparc: the next pc of the instruction queue (for delay slots).
> + */
> + target_ulong cs_base;
> +
> uint32_t flags; /* flags defining in which context the code was generated */
> uint32_t cflags; /* compile flags */
>
> @@ -573,7 +597,11 @@ struct TranslationBlock {
> /* Hide the read to avoid ifdefs for TARGET_TB_PCREL. */
> static inline target_ulong tb_pc(const TranslationBlock *tb)
> {
> +#if TARGET_TB_PCREL
> + qemu_build_not_reached();
> +#else
> return tb->pc;
> +#endif
> }
>
> /* Hide the qatomic_read to make code a little easier on the eyes */
> diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
> index 8b3f8435fb..acb5646b03 100644
> --- a/accel/tcg/cpu-exec.c
> +++ b/accel/tcg/cpu-exec.c
> @@ -186,7 +186,7 @@ static bool tb_lookup_cmp(const void *p, const void *d)
> const TranslationBlock *tb = p;
> const struct tb_desc *desc = d;
>
> - if (tb_pc(tb) == desc->pc &&
> + if ((TARGET_TB_PCREL || tb_pc(tb) == desc->pc) &&
> tb->page_addr[0] == desc->page_addr0 &&
> tb->cs_base == desc->cs_base &&
> tb->flags == desc->flags &&
> @@ -237,7 +237,8 @@ static TranslationBlock *tb_htable_lookup(CPUState *cpu, target_ulong pc,
> return NULL;
> }
> desc.page_addr0 = phys_pc;
> - h = tb_hash_func(phys_pc, pc, flags, cflags, *cpu->trace_dstate);
> + h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : pc),
> + flags, cflags, *cpu->trace_dstate);
> return qht_lookup_custom(&tb_ctx.htable, &desc, h, tb_lookup_cmp);
> }
>
> @@ -247,27 +248,52 @@ static inline TranslationBlock *tb_lookup(CPUState *cpu, target_ulong pc,
> uint32_t flags, uint32_t cflags)
> {
> TranslationBlock *tb;
> + CPUJumpCache *jc;
> uint32_t hash;
>
> /* we should never be trying to look up an INVALID tb */
> tcg_debug_assert(!(cflags & CF_INVALID));
>
> hash = tb_jmp_cache_hash_func(pc);
> - tb = qatomic_rcu_read(&cpu->tb_jmp_cache->array[hash].tb);
> + jc = cpu->tb_jmp_cache;
> +#if TARGET_TB_PCREL
> + /* Use acquire to ensure current load of pc from jc. */
> + tb = qatomic_load_acquire(&jc->array[hash].tb);
> +#else
> + /* Use rcu_read to ensure current load of pc from *tb. */
> + tb = qatomic_rcu_read(&jc->array[hash].tb);
> +#endif
You could further hide the #ifdef nastiness by wrapping this load and
the store further down into appropriate inline helpers in tb-jmp-cache.h.
>
> - if (likely(tb &&
> - tb->pc == pc &&
> - tb->cs_base == cs_base &&
> - tb->flags == flags &&
> - tb->trace_vcpu_dstate == *cpu->trace_dstate &&
> - tb_cflags(tb) == cflags)) {
> - return tb;
> + if (likely(tb)) {
> + target_ulong jmp_pc;
> +
> +#if TARGET_TB_PCREL
> + jmp_pc = jc->array[hash].pc;
> +#else
> + jmp_pc = tb_pc(tb);
> +#endif
> + if (jmp_pc == pc &&
> + tb->cs_base == cs_base &&
> + tb->flags == flags &&
> + tb->trace_vcpu_dstate == *cpu->trace_dstate &&
> + tb_cflags(tb) == cflags) {
> + return tb;
> + }
> }
> +
> tb = tb_htable_lookup(cpu, pc, cs_base, flags, cflags);
> if (tb == NULL) {
> return NULL;
> }
> - qatomic_set(&cpu->tb_jmp_cache->array[hash].tb, tb);
> +
> +#if TARGET_TB_PCREL
> + jc->array[hash].pc = pc;
> + /* Use store_release on tb to ensure pc is written first. */
> + qatomic_store_release(&jc->array[hash].tb, tb);
> +#else
> + qatomic_set(&jc->array[hash].tb, tb);
> +#endif
> +
> return tb;
> }
>
> @@ -453,6 +479,7 @@ cpu_tb_exec(CPUState *cpu, TranslationBlock *itb, int *tb_exit)
> if (cc->tcg_ops->synchronize_from_tb) {
> cc->tcg_ops->synchronize_from_tb(cpu, last_tb);
> } else {
> + assert(!TARGET_TB_PCREL);
> assert(cc->set_pc);
> cc->set_pc(cpu, tb_pc(last_tb));
> }
> @@ -1002,7 +1029,14 @@ int cpu_exec(CPUState *cpu)
> * for the fast lookup
> */
> h = tb_jmp_cache_hash_func(pc);
And re-use the helper here as well.
> +
> +#if TARGET_TB_PCREL
> + cpu->tb_jmp_cache->array[h].pc = pc;
> + /* Use store_release on tb to ensure pc is current. */
> + qatomic_store_release(&cpu->tb_jmp_cache->array[h].tb, tb);
> +#else
> qatomic_set(&cpu->tb_jmp_cache->array[h].tb, tb);
> +#endif
> }
>
> #ifndef CONFIG_USER_ONLY
> diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
> index 13c964dcd8..776ac9efe4 100644
> --- a/accel/tcg/translate-all.c
> +++ b/accel/tcg/translate-all.c
> @@ -299,7 +299,7 @@ static int encode_search(TranslationBlock *tb, uint8_t *block)
>
> for (j = 0; j < TARGET_INSN_START_WORDS; ++j) {
> if (i == 0) {
> - prev = (j == 0 ? tb_pc(tb) : 0);
> + prev = (!TARGET_TB_PCREL && j == 0 ? tb_pc(tb) : 0);
> } else {
> prev = tcg_ctx->gen_insn_data[i - 1][j];
> }
> @@ -327,7 +327,7 @@ static int encode_search(TranslationBlock *tb, uint8_t *block)
> static int cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
> uintptr_t searched_pc, bool reset_icount)
> {
> - target_ulong data[TARGET_INSN_START_WORDS] = { tb_pc(tb) };
> + target_ulong data[TARGET_INSN_START_WORDS];
> uintptr_t host_pc = (uintptr_t)tb->tc.ptr;
> CPUArchState *env = cpu->env_ptr;
> const uint8_t *p = tb->tc.ptr + tb->tc.size;
> @@ -343,6 +343,11 @@ static int cpu_restore_state_from_tb(CPUState *cpu, TranslationBlock *tb,
> return -1;
> }
>
> + memset(data, 0, sizeof(data));
> + if (!TARGET_TB_PCREL) {
> + data[0] = tb_pc(tb);
> + }
> +
> /* Reconstruct the stored insn data while looking for the point at
> which the end of the insn exceeds the searched_pc. */
> for (i = 0; i < num_insns; ++i) {
> @@ -885,13 +890,13 @@ static bool tb_cmp(const void *ap, const void *bp)
> const TranslationBlock *a = ap;
> const TranslationBlock *b = bp;
>
> - return tb_pc(a) == tb_pc(b) &&
> - a->cs_base == b->cs_base &&
> - a->flags == b->flags &&
> - (tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
> - a->trace_vcpu_dstate == b->trace_vcpu_dstate &&
> - a->page_addr[0] == b->page_addr[0] &&
> - a->page_addr[1] == b->page_addr[1];
> + return ((TARGET_TB_PCREL || tb_pc(a) == tb_pc(b)) &&
> + a->cs_base == b->cs_base &&
> + a->flags == b->flags &&
> + (tb_cflags(a) & ~CF_INVALID) == (tb_cflags(b) & ~CF_INVALID) &&
> + a->trace_vcpu_dstate == b->trace_vcpu_dstate &&
> + a->page_addr[0] == b->page_addr[0] &&
> + a->page_addr[1] == b->page_addr[1]);
> }
>
> void tb_htable_init(void)
> @@ -1170,8 +1175,8 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
>
> /* remove the TB from the hash list */
> phys_pc = tb->page_addr[0];
> - h = tb_hash_func(phys_pc, tb_pc(tb), tb->flags, orig_cflags,
> - tb->trace_vcpu_dstate);
> + h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : tb_pc(tb)),
> + tb->flags, orig_cflags, tb->trace_vcpu_dstate);
> if (!qht_remove(&tb_ctx.htable, tb, h)) {
> return;
> }
> @@ -1187,11 +1192,18 @@ static void do_tb_phys_invalidate(TranslationBlock *tb, bool rm_from_page_list)
> }
>
> /* remove the TB from the hash list */
> - h = tb_jmp_cache_hash_func(tb->pc);
> - CPU_FOREACH(cpu) {
> - CPUJumpCache *jc = cpu->tb_jmp_cache;
> - if (qatomic_read(&jc->array[h].tb) == tb) {
> - qatomic_set(&jc->array[h].tb, NULL);
> + if (TARGET_TB_PCREL) {
> + /* A TB may be at any virtual address */
> + CPU_FOREACH(cpu) {
> + tcg_flush_jmp_cache(cpu);
> + }
> + } else {
> + h = tb_jmp_cache_hash_func(tb_pc(tb));
> + CPU_FOREACH(cpu) {
> + CPUJumpCache *jc = cpu->tb_jmp_cache;
> + if (qatomic_read(&jc->array[h].tb) == tb) {
> + qatomic_set(&jc->array[h].tb, NULL);
> + }
> }
This code should also be a inline helper.
> }
>
> @@ -1302,8 +1314,8 @@ tb_link_page(TranslationBlock *tb, tb_page_addr_t phys_pc,
> }
>
> /* add in the hash table */
> - h = tb_hash_func(phys_pc, tb_pc(tb), tb->flags, tb->cflags,
> - tb->trace_vcpu_dstate);
> + h = tb_hash_func(phys_pc, (TARGET_TB_PCREL ? 0 : tb_pc(tb)),
> + tb->flags, tb->cflags, tb->trace_vcpu_dstate);
> qht_insert(&tb_ctx.htable, tb, h, &existing_tb);
>
> /* remove TB from the page(s) if we couldn't insert it */
> @@ -1373,7 +1385,9 @@ TranslationBlock *tb_gen_code(CPUState *cpu,
>
> gen_code_buf = tcg_ctx->code_gen_ptr;
> tb->tc.ptr = tcg_splitwx_to_rx(gen_code_buf);
> +#if !TARGET_TB_PCREL
> tb->pc = pc;
> +#endif
> tb->cs_base = cs_base;
> tb->flags = flags;
> tb->cflags = cflags;
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0]
2022-10-03 12:47 ` Alex Bennée
@ 2022-10-03 13:54 ` Richard Henderson
2022-10-03 14:59 ` Alex Bennée
0 siblings, 1 reply; 30+ messages in thread
From: Richard Henderson @ 2022-10-03 13:54 UTC (permalink / raw)
To: Alex Bennée; +Cc: peter.maydell, alex.bennee, qemu-devel
On 10/3/22 05:47, Alex Bennée wrote:
>
> Richard Henderson <richard.henderson@linaro.org> writes:
>
>> Let tb->page_addr[0] contain the offset within the page of the
>> start of the translation block. We need to recover this value
>> anyway at various points, and it is easier to discard the page
>> offset when it's not needed, which happens naturally via the
>> existing find_page shift.
>>
>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>> ---
>> accel/tcg/cpu-exec.c | 16 ++++++++--------
>> accel/tcg/cputlb.c | 3 ++-
>> accel/tcg/translate-all.c | 9 +++++----
>> 3 files changed, 15 insertions(+), 13 deletions(-)
>>
>> diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
>> index 5f43b9769a..dd58a144a8 100644
>> --- a/accel/tcg/cpu-exec.c
>> +++ b/accel/tcg/cpu-exec.c
>> @@ -174,7 +174,7 @@ struct tb_desc {
>> target_ulong pc;
>> target_ulong cs_base;
>> CPUArchState *env;
>> - tb_page_addr_t phys_page1;
>> + tb_page_addr_t page_addr0;
>
> We don't actually document that this is an offset here (or indeed in
> TranslationBlock) and the definition of tb_page_addr_t:
>
> /* Page tracking code uses ram addresses in system mode, and virtual
> addresses in userspace mode. Define tb_page_addr_t to be an appropriate
> type. */
> #if defined(CONFIG_USER_ONLY)
> typedef abi_ulong tb_page_addr_t;
> #define TB_PAGE_ADDR_FMT TARGET_ABI_FMT_lx
> #else
> typedef ram_addr_t tb_page_addr_t;
> #define TB_PAGE_ADDR_FMT RAM_ADDR_FMT
> #endif
>
> implies these are full size pointers into the guests address space.
And that's what I've got. What we we were storing in phys_page1 before was a full size
pointer that was page aligned. I'm now dropping the page alignment and having a full size
pointer to the exact first byte of the translated code.
Is that clearer? How would you improve the wording?
r~
> Either we need a new type (tb_page_offset_t) or to properly comment the
> structures with what they mean.
>
> Otherwise:
>
> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
>
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0]
2022-10-03 13:54 ` Richard Henderson
@ 2022-10-03 14:59 ` Alex Bennée
0 siblings, 0 replies; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 14:59 UTC (permalink / raw)
To: Richard Henderson; +Cc: peter.maydell, alex.bennee, qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> On 10/3/22 05:47, Alex Bennée wrote:
>> Richard Henderson <richard.henderson@linaro.org> writes:
>>
>>> Let tb->page_addr[0] contain the offset within the page of the
>>> start of the translation block. We need to recover this value
>>> anyway at various points, and it is easier to discard the page
>>> offset when it's not needed, which happens naturally via the
>>> existing find_page shift.
>>>
>>> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
>>> ---
>>> accel/tcg/cpu-exec.c | 16 ++++++++--------
>>> accel/tcg/cputlb.c | 3 ++-
>>> accel/tcg/translate-all.c | 9 +++++----
>>> 3 files changed, 15 insertions(+), 13 deletions(-)
>>>
>>> diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
>>> index 5f43b9769a..dd58a144a8 100644
>>> --- a/accel/tcg/cpu-exec.c
>>> +++ b/accel/tcg/cpu-exec.c
>>> @@ -174,7 +174,7 @@ struct tb_desc {
>>> target_ulong pc;
>>> target_ulong cs_base;
>>> CPUArchState *env;
>>> - tb_page_addr_t phys_page1;
>>> + tb_page_addr_t page_addr0;
>> We don't actually document that this is an offset here (or indeed in
>> TranslationBlock) and the definition of tb_page_addr_t:
>> /* Page tracking code uses ram addresses in system mode, and
>> virtual
>> addresses in userspace mode. Define tb_page_addr_t to be an appropriate
>> type. */
>> #if defined(CONFIG_USER_ONLY)
>> typedef abi_ulong tb_page_addr_t;
>> #define TB_PAGE_ADDR_FMT TARGET_ABI_FMT_lx
>> #else
>> typedef ram_addr_t tb_page_addr_t;
>> #define TB_PAGE_ADDR_FMT RAM_ADDR_FMT
>> #endif
>> implies these are full size pointers into the guests address space.
>
> And that's what I've got. What we we were storing in phys_page1
> before was a full size pointer that was page aligned. I'm now
> dropping the page alignment and having a full size pointer to the
> exact first byte of the translated code.
OK then I'm confused by the commit message which says:
Let tb->page_addr[0] contain the offset within the page of the
start of the translation block
> Is that clearer? How would you improve the wording?
>
>
> r~
>
>> Either we need a new type (tb_page_offset_t) or to properly comment the
>> structures with what they mean.
>> Otherwise:
>> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
>>
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
* Re: [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
` (18 preceding siblings ...)
2022-09-30 21:29 ` [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
@ 2022-10-03 16:22 ` Alex Bennée
19 siblings, 0 replies; 30+ messages in thread
From: Alex Bennée @ 2022-10-03 16:22 UTC (permalink / raw)
To: Richard Henderson; +Cc: peter.maydell, alex.bennee, qemu-devel
Richard Henderson <richard.henderson@linaro.org> writes:
> Changes for v6:
> * CPUTLBEntryFull is now completely reviewed.
You should try a --disable-tcg build because I saw that failing in CI.
--
Alex Bennée
^ permalink raw reply [flat|nested] 30+ messages in thread
end of thread, other threads:[~2022-10-03 16:37 UTC | newest]
Thread overview: 30+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-30 21:26 [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
2022-09-30 21:26 ` [PATCH v6 01/18] cpu: cache CPUClass in CPUState for hot code paths Richard Henderson
2022-09-30 21:26 ` [PATCH v6 02/18] hw/core/cpu-sysemu: used cached class in cpu_asidx_from_attrs Richard Henderson
2022-09-30 21:26 ` [PATCH v6 03/18] cputlb: used cached CPUClass in our hot-paths Richard Henderson
2022-09-30 21:26 ` [PATCH v6 04/18] accel/tcg: Rename CPUIOTLBEntry to CPUTLBEntryFull Richard Henderson
2022-09-30 21:26 ` [PATCH v6 05/18] accel/tcg: Drop addr member from SavedIOTLB Richard Henderson
2022-09-30 21:26 ` [PATCH v6 06/18] accel/tcg: Suppress auto-invalidate in probe_access_internal Richard Henderson
2022-09-30 21:26 ` [PATCH v6 07/18] accel/tcg: Introduce probe_access_full Richard Henderson
2022-09-30 21:26 ` [PATCH v6 08/18] accel/tcg: Introduce tlb_set_page_full Richard Henderson
2022-09-30 21:26 ` [PATCH v6 09/18] include/exec: Introduce TARGET_PAGE_ENTRY_EXTRA Richard Henderson
2022-09-30 21:26 ` [PATCH v6 10/18] accel/tcg: Remove PageDesc code_bitmap Richard Henderson
2022-09-30 21:26 ` [PATCH v6 11/18] accel/tcg: Use bool for page_find_alloc Richard Henderson
2022-09-30 21:26 ` [PATCH v6 12/18] accel/tcg: Use DisasContextBase in plugin_gen_tb_start Richard Henderson
2022-09-30 21:26 ` [PATCH v6 13/18] accel/tcg: Do not align tb->page_addr[0] Richard Henderson
2022-10-03 12:47 ` Alex Bennée
2022-10-03 13:54 ` Richard Henderson
2022-10-03 14:59 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 14/18] accel/tcg: Inline tb_flush_jmp_cache Richard Henderson
2022-10-03 12:51 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 15/18] include/hw/core: Create struct CPUJumpCache Richard Henderson
2022-10-03 12:57 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 16/18] hw/core: Add CPUClass.get_pc Richard Henderson
2022-09-30 21:56 ` Taylor Simpson
2022-10-03 7:58 ` Mark Cave-Ayland
2022-10-03 13:03 ` Alex Bennée
2022-09-30 21:26 ` [PATCH v6 17/18] accel/tcg: Introduce tb_pc and log_pc Richard Henderson
2022-09-30 21:26 ` [PATCH v6 18/18] accel/tcg: Introduce TARGET_TB_PCREL Richard Henderson
2022-10-03 13:46 ` Alex Bennée
2022-09-30 21:29 ` [PATCH v6 00/18] tcg: CPUTLBEntryFull and TARGET_TB_PCREL Richard Henderson
2022-10-03 16:22 ` Alex Bennée
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.