[Qemu-devel] arm-linux-user, i386-linux-user: Make QEMU act as TCG compi
From:
Rajat Goyal
Subject:
[Qemu-devel] arm-linux-user, i386-linux-user: Make QEMU act as TCG compiler
Date:
Wed, 22 Feb 2012 23:16:45 +0000
QEMU can be made to act as a TCG compiler for x86 and ARM user-level linux binaries. The -tcg configure option is to be used to specify the file into which the compilation has to be dumped. Compilation only works in conjunction with in_asm,op logging.
On ARM, there is the burden of using the -thumb and -arm configure options to force THUMB and ARM instruction set interpretation respectively and then merge the correct portions from both the .tcg files to obtain the perfect TCG compilation for the ARM binary.
The exact command to use QEMU as a TCG compiler is ${path to QEMU binary} -D {log file name} -tcg {.tcg file name} -d in_asm,op {binary to compile}.
This patch breaks QEMU as a dynamic emulator. QEMU can only be used as a TCG compiler after applying this patch.
@@ -2150,64 +2269,87 @@ print_arm_address (bfd_vma pc, struct disassemble_info *info, long given)
being used. Probably a very dangerous thing for the programmer to do, but who are we to argue ? */ - if (given & 0x00200000) + if (given & 0x00200000) {
func (stream, "!"); + func(info->dottcg_stream, "!"); + } } else { /* Post indexed. */ func (stream, "], #%d", offset);
+ func(info->dottcg_stream, "], #%d", offset);
case 'x': - if (ifthen_next_state) + if (ifthen_next_state) { func (stream, "\t; unpredictable branch in IT block\n"); + func(info->dottcg_stream, "\t; unpredictable branch in IT block\n");
+ } break;
case 'X': - if (ifthen_state) + if (ifthen_state) { func (stream, "\t; unpredictable <IT:%s>",
arm_conditional[IFTHEN_COND]); + func(info->dottcg_stream, "\t; unpredictable <IT:%s>", + arm_conditional[IFTHEN_COND]); + }
break;
case 'S': @@ -3102,6 +3443,7 @@ print_insn_thumb16 (bfd_vma pc, struct disassemble_info *info, long given) reg += 8;
/* It would be nice if we could spot ranges, and generate the rS-rE format: */
for (reg = 0; (reg < 8); reg++) if ((given & (1 << reg)) != 0) { - if (started) + if (started) { func (stream, ", ");
+ func(info->dottcg_stream, ", "); + } started = 1; func (stream, "%s", arm_regnames[reg]); + func(info->dottcg_stream, "%s", arm_regnames[reg]);
}
if (domasklr) { - if (started) + if (started) { func (stream, ", "); + func(info->dottcg_stream, ", ");
+ } started = 1; func (stream, "%s", arm_regnames[14] /* "lr" */); + func(info->dottcg_stream, "%s", arm_regnames[14] /* "lr" */);
}
case 'c': - if (ifthen_state)
+ if (ifthen_state) { func (stream, "%s", arm_conditional[IFTHEN_COND]); + func(info->dottcg_stream, "%s", arm_conditional[IFTHEN_COND]); + }
break;
case 'x': - if (ifthen_next_state) + if (ifthen_next_state) { func (stream, "\t; unpredictable branch in IT block\n"); + func(info->dottcg_stream, "\t; unpredictable branch in IT block\n");
+ } break;
case 'X': - if (ifthen_state) + if (ifthen_state) { func (stream, "\t; unpredictable <IT:%s>",
arm_conditional[IFTHEN_COND]); + func(info->dottcg_stream, "\t; unpredictable <IT:%s>", + arm_conditional[IFTHEN_COND]); + }
break;
-/* main execution loop */ - -volatile sig_atomic_t exit_request; +/* main execution loop: makes QEMU act as TCG compiler */
+target_ulong *start_addrs; +target_ulong *end_addrs; +int num_exec_secs; +unsigned int size_of_code; +target_ulong load_addr_global; +#if defined(TARGET_ARM) +int thumb; +#endif
int cpu_exec(CPUState *env)
{ - int ret, interrupt_request; - TranslationBlock *tb; - uint8_t *tc_ptr; - unsigned long next_tb; - - if (env->halted) { - if (!cpu_has_work(env)) { - return EXCP_HALTED;
- } - - env->halted = 0; - } - - cpu_single_env = env; - - if (unlikely(exit_request)) { - env->exit_request = 1; - } - -#if defined(TARGET_I386)
- /* put eflags in CPU temporary format */ - CC_SRC = env->eflags & (CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C); - DF = 1 - (2 * ((env->eflags >> 10) & 1)); - CC_OP = CC_OP_EFLAGS;
- env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C); -#elif defined(TARGET_SPARC) -#elif defined(TARGET_M68K) - env->cc_op = CC_OP_FLAGS; - env->cc_dest = env->sr & 0xf;
- env->cc_x = (env->sr >> 4) & 1; -#elif defined(TARGET_ALPHA) -#elif defined(TARGET_ARM) -#elif defined(TARGET_UNICORE32) -#elif defined(TARGET_PPC) - env->reserve_addr = -1; -#elif defined(TARGET_LM32)
-#elif defined(TARGET_MICROBLAZE) -#elif defined(TARGET_MIPS) -#elif defined(TARGET_SH4) -#elif defined(TARGET_CRIS) -#elif defined(TARGET_S390X) -#elif defined(TARGET_XTENSA) - /* XXXXX */ -#else
-#error unsupported target CPU -#endif - env->exception_index = -1; - - /* prepare setjmp context for exception handling */ - for(;;) { - if (setjmp(env->jmp_env) == 0) { - /* if an exception is pending, we execute it here */
- if (env->exception_index >= 0) { - if (env->exception_index >= EXCP_INTERRUPT) { - /* exit request from the cpu execution loop */ - ret = env->exception_index;
- if (ret == EXCP_DEBUG) { - cpu_handle_debug_exception(env); - } - break; - } else { -#if defined(CONFIG_USER_ONLY)
- /* if user mode only, we simulate a fake exception - which will be handled outside the cpu execution - loop */ -#if defined(TARGET_I386) - do_interrupt(env);
-#endif - ret = env->exception_index; - break; -#else - do_interrupt(env); - env->exception_index = -1; -#endif - }
- } - - next_tb = 0; /* force lookup of first TB */ - for(;;) { - interrupt_request = env->interrupt_request; - if (unlikely(interrupt_request)) {
- if (unlikely(env->singlestep_enabled & SSTEP_NOIRQ)) { - /* Mask out external interrupts for this step. */ - interrupt_request &= ~CPU_INTERRUPT_SSTEP_MASK;
- } - if (interrupt_request & CPU_INTERRUPT_DEBUG) { - env->interrupt_request &= ~CPU_INTERRUPT_DEBUG; - env->exception_index = EXCP_DEBUG;
- cpu_loop_exit(env); - } -#if defined(TARGET_ARM) || defined(TARGET_SPARC) || defined(TARGET_MIPS) || \ - defined(TARGET_PPC) || defined(TARGET_ALPHA) || defined(TARGET_CRIS) || \
- defined(TARGET_MICROBLAZE) || defined(TARGET_LM32) || defined(TARGET_UNICORE32) - if (interrupt_request & CPU_INTERRUPT_HALT) { - env->interrupt_request &= ~CPU_INTERRUPT_HALT;
- env->halted = 1; - env->exception_index = EXCP_HLT; - cpu_loop_exit(env); - } -#endif -#if defined(TARGET_I386)
- if (interrupt_request & CPU_INTERRUPT_INIT) { - svm_check_intercept(env, SVM_EXIT_INIT); - do_cpu_init(env); - env->exception_index = EXCP_HALTED;
- cpu_loop_exit(env); - } else if (interrupt_request & CPU_INTERRUPT_SIPI) { - do_cpu_sipi(env); - } else if (env->hflags2 & HF2_GIF_MASK) {
- if ((interrupt_request & CPU_INTERRUPT_SMI) && - !(env->hflags & HF_SMM_MASK)) { - svm_check_intercept(env, SVM_EXIT_SMI);
- env->interrupt_request &= ~CPU_INTERRUPT_SMI; - do_smm_enter(env); - next_tb = 0; - } else if ((interrupt_request & CPU_INTERRUPT_NMI) &&
- !(env->hflags2 & HF2_NMI_MASK)) { - env->interrupt_request &= ~CPU_INTERRUPT_NMI; - env->hflags2 |= HF2_NMI_MASK;
- do_interrupt_x86_hardirq(env, EXCP02_NMI, 1); - next_tb = 0; - } else if (interrupt_request & CPU_INTERRUPT_MCE) { - env->interrupt_request &= ~CPU_INTERRUPT_MCE;
- do_interrupt_x86_hardirq(env, EXCP12_MCHK, 0); - next_tb = 0; - } else if ((interrupt_request & CPU_INTERRUPT_HARD) && - (((env->hflags2 & HF2_VINTR_MASK) &&
- (env->hflags2 & HF2_HIF_MASK)) || - (!(env->hflags2 & HF2_VINTR_MASK) && - (env->eflags & IF_MASK &&
- !(env->hflags & HF_INHIBIT_IRQ_MASK))))) { - int intno; - svm_check_intercept(env, SVM_EXIT_INTR); - env->interrupt_request &= ~(CPU_INTERRUPT_HARD | CPU_INTERRUPT_VIRQ);
- intno = cpu_get_pic_interrupt(env); - qemu_log_mask(CPU_LOG_TB_IN_ASM, "Servicing hardware INT=0x%02x\n", intno); - do_interrupt_x86_hardirq(env, intno, 1);
- /* ensure that no TB jump will be modified as - the program flow was changed */ - next_tb = 0; -#if !defined(CONFIG_USER_ONLY)
- } else if ((interrupt_request & CPU_INTERRUPT_VIRQ) && - (env->eflags & IF_MASK) && - !(env->hflags & HF_INHIBIT_IRQ_MASK)) {
- int intno; - /* FIXME: this should respect TPR */ - svm_check_intercept(env, SVM_EXIT_VINTR); - intno = ldl_phys(env->vm_vmcb + offsetof(struct vmcb, control.int_vector));
- qemu_log_mask(CPU_LOG_TB_IN_ASM, "Servicing virtual hardware INT=0x%02x\n", intno); - do_interrupt_x86_hardirq(env, intno, 1); - env->interrupt_request &= ~CPU_INTERRUPT_VIRQ;
- next_tb = 0; + target_ulong pc, pc_last = 0, cs_base; + int flags; + TranslationBlock *tb; + target_ulong start_addr, end_addr; +#if defined(TARGET_ARM)
+ env->thumb = thumb; #endif - } - } -#elif defined(TARGET_PPC) -#if 0 - if ((interrupt_request & CPU_INTERRUPT_RESET)) { - cpu_reset(env);
- } -#endif - if (interrupt_request & CPU_INTERRUPT_HARD) { - ppc_hw_interrupt(env); - if (env->pending_interrupts == 0)
- env->interrupt_request &= ~CPU_INTERRUPT_HARD; - next_tb = 0; - } -#elif defined(TARGET_LM32) - if ((interrupt_request & CPU_INTERRUPT_HARD)
- && (env->ie & IE_IE)) { - env->exception_index = EXCP_IRQ; - do_interrupt(env); - next_tb = 0; - }
-#elif defined(TARGET_MICROBLAZE) - if ((interrupt_request & CPU_INTERRUPT_HARD) - && (env->sregs[SR_MSR] & MSR_IE) - && !(env->sregs[SR_MSR] & (MSR_EIP | MSR_BIP))
- && !(env->iflags & (D_FLAG | IMM_FLAG))) { - env->exception_index = EXCP_IRQ; - do_interrupt(env); - next_tb = 0;
- } -#elif defined(TARGET_MIPS) - if ((interrupt_request & CPU_INTERRUPT_HARD) && - cpu_mips_hw_interrupts_pending(env)) { - /* Raise it */
- env->exception_index = EXCP_EXT_INTERRUPT; - env->error_code = 0; - do_interrupt(env); - next_tb = 0; - }
-#elif defined(TARGET_SPARC) - if (interrupt_request & CPU_INTERRUPT_HARD) { - if (cpu_interrupts_enabled(env) && - env->interrupt_index > 0) {
- int pil = env->interrupt_index & 0xf; - int type = env->interrupt_index & 0xf0; - - if (((type == TT_EXTINT) &&
- cpu_pil_allowed(env, pil)) || - type != TT_EXTINT) { - env->exception_index = env->interrupt_index; - do_interrupt(env);
- next_tb = 0; - } - } - } -#elif defined(TARGET_ARM) - if (interrupt_request & CPU_INTERRUPT_FIQ
- && !(env->uncached_cpsr & CPSR_F)) { - env->exception_index = EXCP_FIQ; - do_interrupt(env); - next_tb = 0;
- } - /* ARMv7-M interrupt return works by loading a magic value - into the PC. On real hardware the load causes the - return to occur. The qemu implementation performs the
- jump normally, then does the exception return when the - CPU tries to execute code at the magic address. - This will cause the magic PC value to be pushed to
- the stack if an interrupt occurred at the wrong time. - We avoid this by disabling interrupts when - pc contains a magic address. */ - if (interrupt_request & CPU_INTERRUPT_HARD
- && ((IS_M(env) && env->regs[15] < 0xfffffff0) - || !(env->uncached_cpsr & CPSR_I))) { - env->exception_index = EXCP_IRQ;
- do_interrupt(env); - next_tb = 0; - } -#elif defined(TARGET_UNICORE32) - if (interrupt_request & CPU_INTERRUPT_HARD
- && !(env->uncached_asr & ASR_I)) { - do_interrupt(env); - next_tb = 0; - } -#elif defined(TARGET_SH4)
- if (interrupt_request & CPU_INTERRUPT_HARD) { - do_interrupt(env); - next_tb = 0; - } -#elif defined(TARGET_ALPHA)
- {
- int idx = -1; - /* ??? This hard-codes the OSF/1 interrupt levels. */ - switch (env->pal_mode ? 7 : env->ps & PS_INT_MASK) { - case 0 ... 3:
- if (interrupt_request & CPU_INTERRUPT_HARD) { - idx = EXCP_DEV_INTERRUPT; - } - /* FALLTHRU */
- case 4: - if (interrupt_request & CPU_INTERRUPT_TIMER) { - idx = EXCP_CLK_INTERRUPT; - } - /* FALLTHRU */
- case 5: - if (interrupt_request & CPU_INTERRUPT_SMP) { - idx = EXCP_SMP_INTERRUPT; - } - /* FALLTHRU */
- case 6: - if (interrupt_request & CPU_INTERRUPT_MCHK) { - idx = EXCP_MCHK; - } - }
- if (idx >= 0) { - env->exception_index = idx; - env->error_code = 0; - do_interrupt(env); - next_tb = 0;
- } - } -#elif defined(TARGET_CRIS) - if (interrupt_request & CPU_INTERRUPT_HARD - && (env->pregs[PR_CCS] & I_FLAG)
- && !env->locked_irq) { - env->exception_index = EXCP_IRQ; - do_interrupt(env); - next_tb = 0; - }
- if (interrupt_request & CPU_INTERRUPT_NMI - && (env->pregs[PR_CCS] & M_FLAG)) { - env->exception_index = EXCP_NMI; - do_interrupt(env);
- next_tb = 0; - } -#elif defined(TARGET_M68K) - if (interrupt_request & CPU_INTERRUPT_HARD - && ((env->sr & SR_I) >> SR_I_SHIFT)
- < env->pending_level) { - /* Real hardware gets the interrupt vector via an - IACK cycle at this point. Current emulated - hardware doesn't rely on this, so we
- provide/save the vector when the interrupt is - first signalled. */ - env->exception_index = env->pending_vector; - do_interrupt_m68k_hardirq(env);
- next_tb = 0; - } -#elif defined(TARGET_S390X) && !defined(CONFIG_USER_ONLY) - if ((interrupt_request & CPU_INTERRUPT_HARD) &&
- (env->psw.mask & PSW_MASK_EXT)) { - do_interrupt(env); - next_tb = 0; - } -#elif defined(TARGET_XTENSA) - if (interrupt_request & CPU_INTERRUPT_HARD) {
- env->exception_index = EXC_IRQ; - do_interrupt(env); - next_tb = 0; - } + int i; + for (i = 0; i < num_exec_secs; i++) {
+ start_addr = start_addrs[i]; + end_addr = end_addrs[i]; +#if defined(TARGET_ARM) + env->regs[15] = load_addr_global + start_addr; + if (env->regs[15] < pc_last)
+ env->regs[15] = pc_last; +#elif defined(TARGET_I386) + env->eip = load_addr_global + start_addr; + if (env->eip < pc_last) + env->eip = pc_last;
#endif - /* Don't use the cached interrupt_request value, - do_interrupt may have updated the EXITTB flag. */ - if (env->interrupt_request & CPU_INTERRUPT_EXITTB) {
- env->interrupt_request &= ~CPU_INTERRUPT_EXITTB; - /* ensure that no TB jump will be modified as - the program flow was changed */
- next_tb = 0; - } - } - if (unlikely(env->exit_request)) { - env->exit_request = 0; - env->exception_index = EXCP_INTERRUPT;
- cpu_loop_exit(env); - } -#if defined(DEBUG_DISAS) || defined(CONFIG_DEBUG_EXEC) - if (qemu_loglevel_mask(CPU_LOG_TB_CPU)) { - /* restore flags in standard format */
-#if defined(TARGET_I386) - env->eflags = env->eflags | cpu_cc_compute_all(env, CC_OP) - | (DF & DF_MASK); - log_cpu_state(env, X86_DUMP_CCOP);
- env->eflags &= ~(DF_MASK | CC_O | CC_S | CC_Z | CC_A | CC_P | CC_C); -#elif defined(TARGET_M68K) - cpu_m68k_flush_flags(env, env->cc_op); - env->cc_op = CC_OP_FLAGS;
- env->sr = (env->sr & 0xffe0) - | env->cc_dest | (env->cc_x << 4); - log_cpu_state(env, 0); -#else - log_cpu_state(env, 0);
+ for (;;) { + cpu_get_tb_cpu_state(env, &pc, &cs_base, &flags); + tb = tb_gen_code(env, pc, cs_base, flags, 0); +#if defined(TARGET_ARM) + env->regs[15] += size_of_code;
+ if (env->regs[15] > load_addr_global + end_addr) { + pc_last = env->regs[15]; +#elif defined(TARGET_I386) + env->eip += size_of_code;
+ if (env->eip > load_addr_global + end_addr) { + pc_last = env->eip; #endif - } -#endif /* DEBUG_DISAS || CONFIG_DEBUG_EXEC */ - spin_lock(&tb_lock);
- tb = tb_find_fast(env); - /* Note: we do it here to avoid a gcc bug on Mac OS X when - doing it in tb_find_slow */ - if (tb_invalidated_flag) {
- /* as some TB could have been invalidated because - of memory exceptions while generating the code, we - must recompute the hash index here */ - next_tb = 0;
- tb_invalidated_flag = 0; - } -#ifdef CONFIG_DEBUG_EXEC - qemu_log_mask(CPU_LOG_EXEC, "Trace 0x%08lx [" TARGET_FMT_lx "] %s\n", - (long)tb->tc_ptr, tb->pc,
- lookup_symbol(tb->pc)); -#endif - /* see if we can patch the calling TB. When the TB - spans two pages, we cannot safely do a direct - jump. */
- if (next_tb != 0 && tb->page_addr[1] == -1) { - tb_add_jump((TranslationBlock *)(next_tb & ~3), next_tb & 3, tb); - } - spin_unlock(&tb_lock);
- - /* cpu_interrupt might be called while translating the - TB, but before it is linked into a potentially - infinite loop and becomes env->current_tb. Avoid
- starting execution if there is a pending interrupt. */ - env->current_tb = tb; - barrier(); - if (likely(!env->exit_request)) { - tc_ptr = tb->tc_ptr;
- /* execute the generated code */ - next_tb = tcg_qemu_tb_exec(env, tc_ptr); - if ((next_tb & 3) == 2) { - /* Instruction counter expired. */
- int insns_left; - tb = (TranslationBlock *)(long)(next_tb & ~3); - /* Restore PC. */ - cpu_pc_from_tb(env, tb);
- insns_left = env->icount_decr.u32; - if (env->icount_extra && insns_left >= 0) { - /* Refill decrementer and continue execution. */
- env->icount_extra += insns_left; - if (env->icount_extra > 0xffff) { - insns_left = 0xffff; - } else {
- insns_left = env->icount_extra; - } - env->icount_extra -= insns_left; - env->icount_decr.u16.low = insns_left;
- } else { - if (insns_left > 0) { - /* Execute remaining instructions. */ - cpu_exec_nocache(env, insns_left, tb);
- } - env->exception_index = EXCP_INTERRUPT; - next_tb = 0; - cpu_loop_exit(env); - }
- } - } - env->current_tb = NULL; - /* reset soft MMU for next block (it can currently - only be set by a memory fault) */
- } /* for(;;) */ - } else { - /* Reload env after longjmp - the compiler may have smashed all - * local variables as longjmp is marked 'noreturn'. */ - env = cpu_single_env;
- } - } /* for(;;) */ - - -#if defined(TARGET_I386) - /* restore flags in standard format */ - env->eflags = env->eflags | cpu_cc_compute_all(env, CC_OP) - | (DF & DF_MASK);
-#elif defined(TARGET_ARM) - /* XXX: Save/restore host fpu exception state?. */ -#elif defined(TARGET_UNICORE32) -#elif defined(TARGET_SPARC) -#elif defined(TARGET_PPC) -#elif defined(TARGET_LM32) -#elif defined(TARGET_M68K)
- cpu_m68k_flush_flags(env, env->cc_op); - env->cc_op = CC_OP_FLAGS; - env->sr = (env->sr & 0xffe0) - | env->cc_dest | (env->cc_x << 4); -#elif defined(TARGET_MICROBLAZE)
-#elif defined(TARGET_MIPS) -#elif defined(TARGET_SH4) -#elif defined(TARGET_ALPHA) -#elif defined(TARGET_CRIS) -#elif defined(TARGET_S390X) -#elif defined(TARGET_XTENSA) - /* XXXXX */ -#else -#error unsupported target CPU
-#endif - - /* fail safe : never use cpu_single_env outside cpu_exec() */ - cpu_single_env = NULL; - return ret; + break; + } + }
+ } + return env->exception_index; } diff --git dis-asm.h dis-asm.h index 4f15fad..6f92fed 100644 --- dis-asm.h +++ dis-asm.h @@ -260,6 +260,7 @@ enum dis_insn_type { typedef struct disassemble_info {
fprintf_function fprintf_func; FILE *stream; + FILE *dottcg_stream; PTR application_data;
/* Target description. We could replace this with a pointer to the bfd, @@ -440,6 +441,13 @@ int generic_symbol_at_address(bfd_vma, struct disassemble_info *);
(INFO).endian = BFD_ENDIAN_UNKNOWN, \ INIT_DISASSEMBLE_INFO_NO_ARCH(INFO, STREAM, FPRINTF_FUNC)
+#define INIT_DISASSEMBLE_INFO_DOTTCG(INFO, STREAM, DOTTCG_STREAM, FPRINTF_FUNC) \ + (INFO).flavour = bfd_target_unknown_flavour, \
+ (INFO).arch = bfd_arch_unknown, \ + (INFO).mach = 0, \ + (INFO).endian = BFD_ENDIAN_UNKNOWN, \ + INIT_DISASSEMBLE_INFO_NO_ARCH_DOTTCG(INFO, STREAM, DOTTCG_STREAM, FPRINTF_FUNC) + /* Call this macro to initialize only the internal variables for the
disassembler. Architecture dependent things such as byte order, or machine variant are not touched by this macro. This makes things much easier for @@ -465,6 +473,10 @@ int generic_symbol_at_address(bfd_vma, struct disassemble_info *);
(INFO).disassembler_options = NULL, \ (INFO).insn_info_valid = 0
void monitor_disas(Monitor *mon, CPUState *env, target_ulong pc, int nb_insn, int is_physical, int flags);
diff --git exec.c exec.c index b81677a..7257e18 100644 --- exec.c +++ exec.c @@ -219,7 +219,9 @@ static const char *logfilename = "qemu.log"; #else static const char *logfilename = "/tmp/qemu.log";
#endif +static const char *dottcgfilename; FILE *logfile; +FILE *dottcgfile; int loglevel; static int log_append = 0;
@@ -999,6 +1001,8 @@ TranslationBlock *tb_gen_code(CPUState *env, int code_gen_size;
phys_pc = get_page_addr_code(env, pc); + /* clear the translation code buffer of the TCG code it contains for the last target instruction */ + code_gen_ptr = code_gen_buffer; tb = tb_alloc(pc);
if (!tb) { /* flush must be done */ @@ -1595,6 +1599,29 @@ void cpu_single_step(CPUState *env, int enabled) #endif }
/* The enter and bound instructions are printed with operands in the same order as the intel book; everything else is printed in reverse order. */ @@ -3934,12 +3941,16 @@ print_insn (bfd_vma pc, disassemble_info *info)
for (i = 0; i < MAX_OPERANDS; ++i) if (*op_txt[i]) { - if (needcomma) + if (needcomma) { (*info->fprintf_func) (info->stream, ","); + (*info->fprintf_func) (info->dottcg_stream, ",");
+ } if (op_index[i] != -1 && !op_riprel[i]) (*info->print_address_func) ((bfd_vma) op_address[op_index[i]], info); - else + else { (*info->fprintf_func) (info->stream, "%s", op_txt[i]);
+ (*info->fprintf_func) (info->dottcg_stream, "%s", op_txt[i]); + } needcomma = 1; }
- -static inline int tcg_gen_code_common(TCGContext *s, uint8_t *gen_code_buf, +/* removed 'static inline' from here so that function could be used in translate-all.c */
+int tcg_gen_code_common(TCGContext *s, uint8_t *gen_code_buf, long search_pc) { TCGOpcode opc; @@ -2051,7 +2166,7 @@ static inline int tcg_gen_code_common(TCGContext *s, uint8_t *gen_code_buf,
#ifdef DEBUG_DISAS if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP))) { qemu_log("OP:\n"); - tcg_dump_ops(s, logfile); + tcg_dump_ops(s, logfile, dottcgfile); qemu_log("\n");
} #endif @@ -2072,100 +2187,11 @@ static inline int tcg_gen_code_common(TCGContext *s, uint8_t *gen_code_buf, #ifdef DEBUG_DISAS if (unlikely(qemu_loglevel_mask(CPU_LOG_TB_OP_OPT))) { qemu_log("OP after liveness analysis:\n");
- tcg_dump_ops(s, logfile); + tcg_dump_ops(s, logfile, dottcgfile); qemu_log("\n"); } #endif
- tcg_reg_alloc_start(s); - - s->code_buf = gen_code_buf;
- s->code_ptr = gen_code_buf; - - args = gen_opparam_buf; - op_index = 0; - - for(;;) { - opc = gen_opc_buf[op_index]; -#ifdef CONFIG_PROFILER - tcg_table_op_count[opc]++;
-#endif - def = &tcg_op_defs[opc]; -#if 0 - printf("%s: %d %d %d\n", def->name, - def->nb_oargs, def->nb_iargs, def->nb_cargs); - // dump_regs(s);
-#endif - switch(opc) { - case INDEX_op_mov_i32: -#if TCG_TARGET_REG_BITS == 64 - case INDEX_op_mov_i64: -#endif - dead_args = s->op_dead_args[op_index]; - tcg_reg_alloc_mov(s, def, args, dead_args);
- break; - case INDEX_op_movi_i32: -#if TCG_TARGET_REG_BITS == 64 - case INDEX_op_movi_i64: -#endif - tcg_reg_alloc_movi(s, args); - break; - case INDEX_op_debug_insn_start:
- /* debug instruction */ - break; - case INDEX_op_nop: - case INDEX_op_nop1: - case INDEX_op_nop2: - case INDEX_op_nop3: - break; - case INDEX_op_nopn:
- args += args[0]; - goto next; - case INDEX_op_discard: - { - TCGTemp *ts; - ts = &s->temps[args[0]]; - /* mark the temporary as dead */
- if (!ts->fixed_reg) { - if (ts->val_type == TEMP_VAL_REG) - s->reg_to_temp[ts->reg] = -1; - ts->val_type = TEMP_VAL_DEAD;
- } - } - break; - case INDEX_op_set_label: - tcg_reg_alloc_bb_end(s, s->reserved_regs); - tcg_out_label(s, args[0], (long)s->code_ptr);
- break; - case INDEX_op_call: - dead_args = s->op_dead_args[op_index]; - args += tcg_reg_alloc_call(s, def, opc, args, dead_args); - goto next; - case INDEX_op_end:
- goto the_end; - default: - /* Sanity check that we've not introduced any unhandled opcodes. */ - if (def->flags & TCG_OPF_NOT_PRESENT) { - tcg_abort();
- } - /* Note: in order to speed up the code, it would be much - faster to have specialized register allocator functions for - some common argument patterns */
- dead_args = s->op_dead_args[op_index]; - tcg_reg_alloc_op(s, def, opc, args, dead_args); - break; - } - args += def->nb_args; - next: - if (search_pc >= 0 && search_pc < s->code_ptr - gen_code_buf) {
- return op_index; - } - op_index++; -#ifndef NDEBUG - check_regs(s); -#endif - } - the_end: return -1; }
diff --git tcg/tcg.h tcg/tcg.h index 5c28239..fb8b5b5 100644
--- tcg/tcg.h +++ tcg/tcg.h @@ -430,6 +430,9 @@ void tcg_func_start(TCGContext *s); int tcg_gen_code(TCGContext *s, uint8_t *gen_code_buf); int tcg_gen_code_search_pc(TCGContext *s, uint8_t *gen_code_buf, long offset);
+/* this function is used to log OP code */ +int tcg_gen_code_common(TCGContext *s, uint8_t *gen_code_buf, long search_pc); + void tcg_set_frame(TCGContext *s, int reg, tcg_target_long start, tcg_target_long size);