From 80189472303e0209deb1c483915df87c0a8310bf Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 2 Apr 2024 15:13:58 -1000 Subject: accel/tcg: Use vaddr in translator_ld* MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- include/exec/translator.h | 21 +++++++++------------ 1 file changed, 9 insertions(+), 12 deletions(-) (limited to 'include/exec') diff --git a/include/exec/translator.h b/include/exec/translator.h index 6cd937ac5c..51489c181c 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -19,10 +19,7 @@ */ #include "qemu/bswap.h" -#include "exec/cpu-common.h" -#include "exec/cpu-defs.h" -#include "exec/abi_ptr.h" -#include "cpu.h" +#include "exec/vaddr.h" /** * gen_intermediate_code @@ -185,14 +182,14 @@ bool translator_io_start(DisasContextBase *db); * the relevant information at translation time. */ -uint8_t translator_ldub(CPUArchState *env, DisasContextBase *db, abi_ptr pc); -uint16_t translator_lduw(CPUArchState *env, DisasContextBase *db, abi_ptr pc); -uint32_t translator_ldl(CPUArchState *env, DisasContextBase *db, abi_ptr pc); -uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, abi_ptr pc); +uint8_t translator_ldub(CPUArchState *env, DisasContextBase *db, vaddr pc); +uint16_t translator_lduw(CPUArchState *env, DisasContextBase *db, vaddr pc); +uint32_t translator_ldl(CPUArchState *env, DisasContextBase *db, vaddr pc); +uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, vaddr pc); static inline uint16_t translator_lduw_swap(CPUArchState *env, DisasContextBase *db, - abi_ptr pc, bool do_swap) + vaddr pc, bool do_swap) { uint16_t ret = translator_lduw(env, db, pc); if (do_swap) { @@ -203,7 +200,7 @@ translator_lduw_swap(CPUArchState *env, DisasContextBase *db, static inline uint32_t translator_ldl_swap(CPUArchState *env, DisasContextBase *db, - abi_ptr pc, bool do_swap) + vaddr pc, bool do_swap) { uint32_t ret = translator_ldl(env, db, pc); if (do_swap) { @@ -214,7 +211,7 @@ translator_ldl_swap(CPUArchState *env, DisasContextBase *db, static inline uint64_t translator_ldq_swap(CPUArchState *env, DisasContextBase *db, - abi_ptr pc, bool do_swap) + vaddr pc, bool do_swap) { uint64_t ret = translator_ldq(env, db, pc); if (do_swap) { @@ -233,7 +230,7 @@ translator_ldq_swap(CPUArchState *env, DisasContextBase *db, * re-synthesised for s390x "ex"). It ensures we update other areas of * the translator with details of the executed instruction. */ -void translator_fake_ldb(uint8_t insn8, abi_ptr pc); +void translator_fake_ldb(uint8_t insn8, vaddr pc); /* * Return whether addr is on the same page as where disassembly started. -- cgit 1.4.1 From 66f3b79e85149f42465a580c2530638e27c4a4bb Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Thu, 4 Apr 2024 15:56:39 -1000 Subject: accel/tcg: Hide in_same_page outside of a target-specific context MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit While there are other methods that could be used to replace TARGET_PAGE_MASK, the function is not really required outside the context of target-specific translation. This makes the header usable by target independent code. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- include/exec/translator.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/exec') diff --git a/include/exec/translator.h b/include/exec/translator.h index 51489c181c..212362f5a0 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -232,6 +232,7 @@ translator_ldq_swap(CPUArchState *env, DisasContextBase *db, */ void translator_fake_ldb(uint8_t insn8, vaddr pc); +#ifdef COMPILING_PER_TARGET /* * Return whether addr is on the same page as where disassembly started. * Translators can use this to enforce the rule that only single-insn @@ -241,5 +242,6 @@ static inline bool is_same_page(const DisasContextBase *db, vaddr addr) { return ((addr ^ db->pc_first) & TARGET_PAGE_MASK) == 0; } +#endif #endif /* EXEC__TRANSLATOR_H */ -- cgit 1.4.1 From 99977aefd07d85da791e0d851ba2d10d9d5c3094 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 2 Apr 2024 15:27:14 -1000 Subject: accel/tcg: Pass DisasContextBase to translator_fake_ldb MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 2 +- include/exec/translator.h | 5 +++-- target/s390x/tcg/translate.c | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 53225290b1..3456455fa5 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -375,7 +375,7 @@ uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, vaddr pc) return ret; } -void translator_fake_ldb(uint8_t insn8, vaddr pc) +void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8) { plugin_insn_append(pc, &insn8, sizeof(insn8)); } diff --git a/include/exec/translator.h b/include/exec/translator.h index 212362f5a0..348985c3a3 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -222,15 +222,16 @@ translator_ldq_swap(CPUArchState *env, DisasContextBase *db, /** * translator_fake_ldb - fake instruction load - * @insn8: byte of instruction + * @db: Disassembly context * @pc: program counter of instruction + * @insn8: byte of instruction * * This is a special case helper used where the instruction we are * about to translate comes from somewhere else (e.g. being * re-synthesised for s390x "ex"). It ensures we update other areas of * the translator with details of the executed instruction. */ -void translator_fake_ldb(uint8_t insn8, vaddr pc); +void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8); #ifdef COMPILING_PER_TARGET /* diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c index 90a74ee795..6d7f6e7064 100644 --- a/target/s390x/tcg/translate.c +++ b/target/s390x/tcg/translate.c @@ -6203,7 +6203,7 @@ static const DisasInsn *extract_insn(CPUS390XState *env, DisasContext *s) /* Register insn bytes with translator so plugins work. */ for (int i = 0; i < ilen; i++) { uint8_t byte = extract64(insn, 56 - (i * 8), 8); - translator_fake_ldb(byte, pc + i); + translator_fake_ldb(&s->base, pc + i, byte); } op = insn >> 56; } else { -- cgit 1.4.1 From ba3fb2a735963cf3988ef9476d134a8418baa436 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 2 Apr 2024 19:46:33 -1000 Subject: accel/tcg: Record mmio bytes during translation MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This will be able to replace plugin_insn_append, and will be usable for disassembly. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 41 +++++++++++++++++++++++++++++++++++++++++ include/exec/translator.h | 12 ++++++++++++ 2 files changed, 53 insertions(+) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 18138c61e1..86a1fe17a0 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -132,6 +132,8 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, db->insn_start = NULL; db->host_addr[0] = host_pc; db->host_addr[1] = NULL; + db->record_start = 0; + db->record_len = 0; ops->init_disas_context(db, cpu); tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */ @@ -318,6 +320,39 @@ static bool translator_ld(CPUArchState *env, DisasContextBase *db, return true; } +static void record_save(DisasContextBase *db, vaddr pc, + const void *from, int size) +{ + int offset; + + /* Do not record probes before the start of TB. */ + if (pc < db->pc_first) { + return; + } + + /* + * In translator_access, we verified that pc is within 2 pages + * of pc_first, thus this will never overflow. + */ + offset = pc - db->pc_first; + + /* + * Either the first or second page may be I/O. If it is the second, + * then the first byte we need to record will be at a non-zero offset. + * In either case, we should not need to record but a single insn. + */ + if (db->record_len == 0) { + db->record_start = offset; + db->record_len = size; + } else { + assert(offset == db->record_start + db->record_len); + assert(db->record_len + size <= sizeof(db->record)); + db->record_len += size; + } + + memcpy(db->record + (offset - db->record_start), from, size); +} + static void plugin_insn_append(vaddr pc, const void *from, size_t size) { #ifdef CONFIG_PLUGIN @@ -345,6 +380,7 @@ uint8_t translator_ldub(CPUArchState *env, DisasContextBase *db, vaddr pc) if (!translator_ld(env, db, &raw, pc, sizeof(raw))) { raw = cpu_ldub_code(env, pc); + record_save(db, pc, &raw, sizeof(raw)); } plugin_insn_append(pc, &raw, sizeof(raw)); return raw; @@ -359,6 +395,7 @@ uint16_t translator_lduw(CPUArchState *env, DisasContextBase *db, vaddr pc) } else { tgt = cpu_lduw_code(env, pc); raw = tswap16(tgt); + record_save(db, pc, &raw, sizeof(raw)); } plugin_insn_append(pc, &raw, sizeof(raw)); return tgt; @@ -373,6 +410,7 @@ uint32_t translator_ldl(CPUArchState *env, DisasContextBase *db, vaddr pc) } else { tgt = cpu_ldl_code(env, pc); raw = tswap32(tgt); + record_save(db, pc, &raw, sizeof(raw)); } plugin_insn_append(pc, &raw, sizeof(raw)); return tgt; @@ -387,6 +425,7 @@ uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, vaddr pc) } else { tgt = cpu_ldq_code(env, pc); raw = tswap64(tgt); + record_save(db, pc, &raw, sizeof(raw)); } plugin_insn_append(pc, &raw, sizeof(raw)); return tgt; @@ -394,5 +433,7 @@ uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, vaddr pc) void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8) { + assert(pc >= db->pc_first); + record_save(db, pc, &insn8, sizeof(insn8)); plugin_insn_append(pc, &insn8, sizeof(insn8)); } diff --git a/include/exec/translator.h b/include/exec/translator.h index 348985c3a3..4a86907ecc 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -90,6 +90,18 @@ typedef struct DisasContextBase { bool plugin_enabled; struct TCGOp *insn_start; void *host_addr[2]; + + /* + * Record insn data that we cannot read directly from host memory. + * There are only two reasons we cannot use host memory: + * (1) We are executing from I/O, + * (2) We are executing a synthetic instruction (s390x EX). + * In both cases we need record exactly one instruction, + * and thus the maximum amount of data we record is limited. + */ + int record_start; + int record_len; + uint8_t record[32]; } DisasContextBase; /** -- cgit 1.4.1 From b3f05b8ce24a2dae2e37bd6e7910f19652848656 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Wed, 3 Apr 2024 08:26:18 -1000 Subject: accel/tcg: Record when translator_fake_ldb is used MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Remove left-over comment from commit dcd092a063 ("accel/tcg: Improve can_do_io management"). Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 2 ++ include/exec/translator.h | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 86a1fe17a0..aa9f36aaa0 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -130,6 +130,7 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, db->max_insns = *max_insns; db->singlestep_enabled = cflags & CF_SINGLE_STEP; db->insn_start = NULL; + db->fake_insn = false; db->host_addr[0] = host_pc; db->host_addr[1] = NULL; db->record_start = 0; @@ -434,6 +435,7 @@ uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, vaddr pc) void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8) { assert(pc >= db->pc_first); + db->fake_insn = true; record_save(db, pc, &insn8, sizeof(insn8)); plugin_insn_append(pc, &insn8, sizeof(insn8)); } diff --git a/include/exec/translator.h b/include/exec/translator.h index 4a86907ecc..70cef2c0be 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -72,8 +72,8 @@ typedef enum DisasJumpType { * @num_insns: Number of translated instructions (including current). * @max_insns: Maximum number of instructions to be translated in this TB. * @singlestep_enabled: "Hardware" single stepping enabled. - * @saved_can_do_io: Known value of cpu->neg.can_do_io, or -1 for unknown. * @plugin_enabled: TCG plugin enabled in this TB. + * @fake_insn: True if translator_fake_ldb used. * @insn_start: The last op emitted by the insn_start hook, * which is expected to be INDEX_op_insn_start. * @@ -88,6 +88,7 @@ typedef struct DisasContextBase { int max_insns; bool singlestep_enabled; bool plugin_enabled; + bool fake_insn; struct TCGOp *insn_start; void *host_addr[2]; -- cgit 1.4.1 From 3a247368e6fc12304e73451c63254313e2ebd60e Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 2 Apr 2024 22:10:50 -1000 Subject: accel/tcg: Implement translator_st MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Copy data out of a completed translation. This will be used for both plugins and disassembly. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++ include/exec/translator.h | 23 ++++++++++++++++++++ 2 files changed, 78 insertions(+) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index aa9f36aaa0..01e1f0977b 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -354,6 +354,61 @@ static void record_save(DisasContextBase *db, vaddr pc, memcpy(db->record + (offset - db->record_start), from, size); } +size_t translator_st_len(const DisasContextBase *db) +{ + return db->fake_insn ? db->record_len : db->tb->size; +} + +bool translator_st(const DisasContextBase *db, void *dest, + vaddr addr, size_t len) +{ + size_t offset, offset_end; + + if (addr < db->pc_first) { + return false; + } + offset = addr - db->pc_first; + offset_end = offset + len; + if (offset_end > translator_st_len(db)) { + return false; + } + + if (!db->fake_insn) { + size_t offset_page1 = -(db->pc_first | TARGET_PAGE_MASK); + + /* Get all the bytes from the first page. */ + if (db->host_addr[0]) { + if (offset_end <= offset_page1) { + memcpy(dest, db->host_addr[0] + offset, len); + return true; + } + if (offset < offset_page1) { + size_t len0 = offset_page1 - offset; + memcpy(dest, db->host_addr[0] + offset, len0); + offset += len0; + dest += len0; + } + } + + /* Get any bytes from the second page. */ + if (db->host_addr[1] && offset >= offset_page1) { + memcpy(dest, db->host_addr[1] + (offset - offset_page1), + offset_end - offset); + return true; + } + } + + /* Else get recorded bytes. */ + if (db->record_len != 0 && + offset >= db->record_start && + offset_end <= db->record_start + db->record_len) { + memcpy(dest, db->record + (offset - db->record_start), + offset_end - offset); + return true; + } + return false; +} + static void plugin_insn_append(vaddr pc, const void *from, size_t size) { #ifdef CONFIG_PLUGIN diff --git a/include/exec/translator.h b/include/exec/translator.h index 70cef2c0be..fff857a0cc 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -246,6 +246,29 @@ translator_ldq_swap(CPUArchState *env, DisasContextBase *db, */ void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8); +/** + * translator_st + * @db: disassembly context + * @dest: address to copy into + * @addr: virtual address within TB + * @len: length + * + * Copy @len bytes from @addr into @dest. + * All bytes must have been read during translation. + * Return true on success or false on failure. + */ +bool translator_st(const DisasContextBase *db, void *dest, + vaddr addr, size_t len); + +/** + * translator_st_len + * @db: disassembly context + * + * Return the number of bytes available to copy from the + * current translation block with translator_st. + */ +size_t translator_st_len(const DisasContextBase *db); + #ifdef COMPILING_PER_TARGET /* * Return whether addr is on the same page as where disassembly started. -- cgit 1.4.1 From e501325991815e09297a048ffb0be81411bbe34a Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Wed, 3 Apr 2024 09:31:49 -1000 Subject: plugins: Read mem_only directly from TB cflags MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Do not pass around a boolean between multiple structures, just read it from the TranslationBlock in the TCGContext. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/plugin-gen.c | 4 +--- accel/tcg/translator.c | 2 +- include/exec/plugin-gen.h | 7 +++---- include/qemu/plugin.h | 3 --- plugins/api.c | 14 +++++++++----- 5 files changed, 14 insertions(+), 16 deletions(-) (limited to 'include/exec') diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c index 716c8ec753..2aa1e08c17 100644 --- a/accel/tcg/plugin-gen.c +++ b/accel/tcg/plugin-gen.c @@ -303,8 +303,7 @@ static void plugin_gen_inject(struct qemu_plugin_tb *plugin_tb) } } -bool plugin_gen_tb_start(CPUState *cpu, const DisasContextBase *db, - bool mem_only) +bool plugin_gen_tb_start(CPUState *cpu, const DisasContextBase *db) { bool ret = false; @@ -323,7 +322,6 @@ bool plugin_gen_tb_start(CPUState *cpu, const DisasContextBase *db, ptb->vaddr2 = -1; ptb->haddr1 = db->host_addr[0]; ptb->haddr2 = NULL; - ptb->mem_only = mem_only; ptb->mem_helper = false; tcg_gen_plugin_cb(PLUGIN_GEN_FROM_TB); diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 986045154c..157b447810 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -144,7 +144,7 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, ops->tb_start(db, cpu); tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */ - plugin_enabled = plugin_gen_tb_start(cpu, db, cflags & CF_MEMI_ONLY); + plugin_enabled = plugin_gen_tb_start(cpu, db); db->plugin_enabled = plugin_enabled; while (true) { diff --git a/include/exec/plugin-gen.h b/include/exec/plugin-gen.h index f333f33198..cbb2ca2131 100644 --- a/include/exec/plugin-gen.h +++ b/include/exec/plugin-gen.h @@ -18,8 +18,7 @@ struct DisasContextBase; #ifdef CONFIG_PLUGIN -bool plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db, - bool supress); +bool plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db); void plugin_gen_tb_end(CPUState *cpu, size_t num_insns); void plugin_gen_insn_start(CPUState *cpu, const struct DisasContextBase *db); void plugin_gen_insn_end(void); @@ -28,8 +27,8 @@ void plugin_gen_disable_mem_helpers(void); #else /* !CONFIG_PLUGIN */ -static inline bool -plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db, bool sup) +static inline +bool plugin_gen_tb_start(CPUState *cpu, const struct DisasContextBase *db) { return false; } diff --git a/include/qemu/plugin.h b/include/qemu/plugin.h index c8dd2c42fa..c28d0ca31c 100644 --- a/include/qemu/plugin.h +++ b/include/qemu/plugin.h @@ -107,8 +107,6 @@ struct qemu_plugin_insn { /* if set, the instruction calls helpers that might access guest memory */ bool mem_helper; - - bool mem_only; }; /* A scoreboard is an array of values, indexed by vcpu_index */ @@ -125,7 +123,6 @@ struct qemu_plugin_tb { uint64_t vaddr2; void *haddr1; void *haddr2; - bool mem_only; /* if set, the TB calls helpers that might access guest memory */ bool mem_helper; diff --git a/plugins/api.c b/plugins/api.c index 15467acdfd..9e4aa9d2d9 100644 --- a/plugins/api.c +++ b/plugins/api.c @@ -87,12 +87,17 @@ void qemu_plugin_register_vcpu_exit_cb(qemu_plugin_id_t id, plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_EXIT, cb); } +static bool tb_is_mem_only(void) +{ + return tb_cflags(tcg_ctx->gen_tb) & CF_MEMI_ONLY; +} + void qemu_plugin_register_vcpu_tb_exec_cb(struct qemu_plugin_tb *tb, qemu_plugin_vcpu_udata_cb_t cb, enum qemu_plugin_cb_flags flags, void *udata) { - if (!tb->mem_only) { + if (!tb_is_mem_only()) { plugin_register_dyn_cb__udata(&tb->cbs, cb, flags, udata); } } @@ -103,7 +108,7 @@ void qemu_plugin_register_vcpu_tb_exec_inline_per_vcpu( qemu_plugin_u64 entry, uint64_t imm) { - if (!tb->mem_only) { + if (!tb_is_mem_only()) { plugin_register_inline_op_on_entry(&tb->cbs, 0, op, entry, imm); } } @@ -113,7 +118,7 @@ void qemu_plugin_register_vcpu_insn_exec_cb(struct qemu_plugin_insn *insn, enum qemu_plugin_cb_flags flags, void *udata) { - if (!insn->mem_only) { + if (!tb_is_mem_only()) { plugin_register_dyn_cb__udata(&insn->insn_cbs, cb, flags, udata); } } @@ -124,7 +129,7 @@ void qemu_plugin_register_vcpu_insn_exec_inline_per_vcpu( qemu_plugin_u64 entry, uint64_t imm) { - if (!insn->mem_only) { + if (!tb_is_mem_only()) { plugin_register_inline_op_on_entry(&insn->insn_cbs, 0, op, entry, imm); } } @@ -206,7 +211,6 @@ qemu_plugin_tb_get_insn(const struct qemu_plugin_tb *tb, size_t idx) return NULL; } insn = g_ptr_array_index(tb->insns, idx); - insn->mem_only = tb->mem_only; return insn; } -- cgit 1.4.1 From b67c567b79f7f659814d102579d2b503b6d40ed4 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 2 Apr 2024 23:07:53 -1000 Subject: accel/tcg: Return bool from TranslatorOps.disas_log MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We have eliminated most uses of this hook. Reduce further by allowing the hook to handle only the special cases, returning false for normal processing. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 5 ++--- include/exec/translator.h | 2 +- target/hppa/translate.c | 15 ++++++--------- target/s390x/tcg/translate.c | 8 +++----- 4 files changed, 12 insertions(+), 18 deletions(-) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 98d2500c53..ccd22dcd95 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -228,9 +228,8 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, if (logfile) { fprintf(logfile, "----------------\n"); - if (ops->disas_log) { - ops->disas_log(db, cpu, logfile); - } else { + if (!ops->disas_log || + !ops->disas_log(db, cpu, logfile)) { fprintf(logfile, "IN: %s\n", lookup_symbol(db->pc_first)); target_disas(logfile, cpu, db->pc_first, db->tb->size); } diff --git a/include/exec/translator.h b/include/exec/translator.h index fff857a0cc..31c39ab63c 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -135,7 +135,7 @@ typedef struct TranslatorOps { void (*insn_start)(DisasContextBase *db, CPUState *cpu); void (*translate_insn)(DisasContextBase *db, CPUState *cpu); void (*tb_stop)(DisasContextBase *db, CPUState *cpu); - void (*disas_log)(const DisasContextBase *db, CPUState *cpu, FILE *f); + bool (*disas_log)(const DisasContextBase *db, CPUState *cpu, FILE *f); } TranslatorOps; /** diff --git a/target/hppa/translate.c b/target/hppa/translate.c index 1a806a9d09..7287e1debf 100644 --- a/target/hppa/translate.c +++ b/target/hppa/translate.c @@ -19,7 +19,6 @@ #include "qemu/osdep.h" #include "cpu.h" -#include "disas/disas.h" #include "qemu/host-utils.h" #include "exec/exec-all.h" #include "exec/page-protection.h" @@ -4817,7 +4816,7 @@ static void hppa_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs) } #ifdef CONFIG_USER_ONLY -static void hppa_tr_disas_log(const DisasContextBase *dcbase, +static bool hppa_tr_disas_log(const DisasContextBase *dcbase, CPUState *cs, FILE *logfile) { target_ulong pc = dcbase->pc_first; @@ -4825,20 +4824,18 @@ static void hppa_tr_disas_log(const DisasContextBase *dcbase, switch (pc) { case 0x00: fprintf(logfile, "IN:\n0x00000000: (null)\n"); - return; + return true; case 0xb0: fprintf(logfile, "IN:\n0x000000b0: light-weight-syscall\n"); - return; + return true; case 0xe0: fprintf(logfile, "IN:\n0x000000e0: set-thread-pointer-syscall\n"); - return; + return true; case 0x100: fprintf(logfile, "IN:\n0x00000100: syscall\n"); - return; + return true; } - - fprintf(logfile, "IN: %s\n", lookup_symbol(pc)); - target_disas(logfile, cs, pc, dcbase->tb->size); + return false; } #endif diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c index 6d7f6e7064..d74939389a 100644 --- a/target/s390x/tcg/translate.c +++ b/target/s390x/tcg/translate.c @@ -31,7 +31,6 @@ #include "qemu/osdep.h" #include "cpu.h" #include "s390x-internal.h" -#include "disas/disas.h" #include "exec/exec-all.h" #include "tcg/tcg-op.h" #include "tcg/tcg-op-gvec.h" @@ -6520,7 +6519,7 @@ static void s390x_tr_tb_stop(DisasContextBase *dcbase, CPUState *cs) } } -static void s390x_tr_disas_log(const DisasContextBase *dcbase, +static bool s390x_tr_disas_log(const DisasContextBase *dcbase, CPUState *cs, FILE *logfile) { DisasContext *dc = container_of(dcbase, DisasContext, base); @@ -6528,10 +6527,9 @@ static void s390x_tr_disas_log(const DisasContextBase *dcbase, if (unlikely(dc->ex_value)) { /* ??? Unfortunately target_disas can't use host memory. */ fprintf(logfile, "IN: EXECUTE %016" PRIx64, dc->ex_value); - } else { - fprintf(logfile, "IN: %s\n", lookup_symbol(dc->base.pc_first)); - target_disas(logfile, cs, dc->base.pc_first, dc->base.tb->size); + return true; } + return false; } static const TranslatorOps s390x_tr_ops = { -- cgit 1.4.1 From 4c833c60e0479d4eec5384fa9ede11ebab78a304 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Tue, 2 Apr 2024 23:44:53 -1000 Subject: disas: Use translator_st to get disassembly data MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Read from already translated pages, or saved mmio data. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 2 +- disas/disas-common.c | 14 -------------- disas/disas-mon.c | 15 +++++++++++++++ disas/disas-target.c | 19 +++++++++++++++++-- include/disas/disas.h | 5 +++-- include/exec/translator.h | 4 ++-- include/qemu/typedefs.h | 1 + plugins/api.c | 4 ++-- 8 files changed, 41 insertions(+), 23 deletions(-) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index ccd22dcd95..00322c6fd9 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -231,7 +231,7 @@ void translator_loop(CPUState *cpu, TranslationBlock *tb, int *max_insns, if (!ops->disas_log || !ops->disas_log(db, cpu, logfile)) { fprintf(logfile, "IN: %s\n", lookup_symbol(db->pc_first)); - target_disas(logfile, cpu, db->pc_first, db->tb->size); + target_disas(logfile, cpu, db); } fprintf(logfile, "\n"); qemu_log_unlock(logfile); diff --git a/disas/disas-common.c b/disas/disas-common.c index ce9f82b711..de61f6d8a1 100644 --- a/disas/disas-common.c +++ b/disas/disas-common.c @@ -8,25 +8,12 @@ #include "disas/capstone.h" #include "hw/core/cpu.h" #include "exec/tswap.h" -#include "exec/memory.h" #include "disas-internal.h" /* Filled in by elfload.c. Simplistic, but will do for now. */ struct syminfo *syminfos = NULL; -/* - * Get LENGTH bytes from info's buffer, at target address memaddr. - * Transfer them to myaddr. - */ -static int target_read_memory(bfd_vma memaddr, bfd_byte *myaddr, int length, - struct disassemble_info *info) -{ - CPUDebug *s = container_of(info, CPUDebug, info); - int r = cpu_memory_rw_debug(s->cpu, memaddr, myaddr, length, 0); - return r ? EIO : 0; -} - /* * Print an error message. We can assume that this is in response to * an error return from {host,target}_read_memory. @@ -73,7 +60,6 @@ void disas_initialize_debug_target(CPUDebug *s, CPUState *cpu) disas_initialize_debug(s); s->cpu = cpu; - s->info.read_memory_func = target_read_memory; s->info.print_address_func = print_address; if (target_words_bigendian()) { s->info.endian = BFD_ENDIAN_BIG; diff --git a/disas/disas-mon.c b/disas/disas-mon.c index 5d6d9aa02d..37bf16ac79 100644 --- a/disas/disas-mon.c +++ b/disas/disas-mon.c @@ -11,6 +11,19 @@ #include "hw/core/cpu.h" #include "monitor/monitor.h" +/* + * Get LENGTH bytes from info's buffer, at target address memaddr. + * Transfer them to myaddr. + */ +static int +virtual_read_memory(bfd_vma memaddr, bfd_byte *myaddr, int length, + struct disassemble_info *info) +{ + CPUDebug *s = container_of(info, CPUDebug, info); + int r = cpu_memory_rw_debug(s->cpu, memaddr, myaddr, length, 0); + return r ? EIO : 0; +} + static int physical_read_memory(bfd_vma memaddr, bfd_byte *myaddr, int length, struct disassemble_info *info) @@ -38,6 +51,8 @@ void monitor_disas(Monitor *mon, CPUState *cpu, uint64_t pc, if (is_physical) { s.info.read_memory_func = physical_read_memory; + } else { + s.info.read_memory_func = virtual_read_memory; } s.info.buffer_vma = pc; diff --git a/disas/disas-target.c b/disas/disas-target.c index 82313b2a67..48f3a365dc 100644 --- a/disas/disas-target.c +++ b/disas/disas-target.c @@ -6,16 +6,28 @@ #include "qemu/osdep.h" #include "disas/disas.h" #include "disas/capstone.h" +#include "exec/translator.h" #include "disas-internal.h" -void target_disas(FILE *out, CPUState *cpu, uint64_t code, size_t size) +static int translator_read_memory(bfd_vma memaddr, bfd_byte *myaddr, + int length, struct disassemble_info *info) { + const DisasContextBase *db = info->application_data; + return translator_st(db, myaddr, memaddr, length) ? 0 : EIO; +} + +void target_disas(FILE *out, CPUState *cpu, const struct DisasContextBase *db) +{ + uint64_t code = db->pc_first; + size_t size = translator_st_len(db); uint64_t pc; int count; CPUDebug s; disas_initialize_debug_target(&s, cpu); + s.info.read_memory_func = translator_read_memory; + s.info.application_data = (void *)db; s.info.fprintf_func = fprintf; s.info.stream = out; s.info.buffer_vma = code; @@ -58,12 +70,15 @@ static void plugin_print_address(bfd_vma addr, struct disassemble_info *info) * there is left over it usually indicates the front end has read more * bytes than it needed. */ -char *plugin_disas(CPUState *cpu, uint64_t addr, size_t size) +char *plugin_disas(CPUState *cpu, const DisasContextBase *db, + uint64_t addr, size_t size) { CPUDebug s; GString *ds = g_string_new(NULL); disas_initialize_debug_target(&s, cpu); + s.info.read_memory_func = translator_read_memory; + s.info.application_data = (void *)db; s.info.fprintf_func = disas_gstring_printf; s.info.stream = (FILE *)ds; /* abuse this slot */ s.info.buffer_vma = addr; diff --git a/include/disas/disas.h b/include/disas/disas.h index 54a5e68443..c702b1effc 100644 --- a/include/disas/disas.h +++ b/include/disas/disas.h @@ -4,14 +4,15 @@ /* Disassemble this for me please... (debugging). */ #ifdef CONFIG_TCG void disas(FILE *out, const void *code, size_t size); -void target_disas(FILE *out, CPUState *cpu, uint64_t code, size_t size); +void target_disas(FILE *out, CPUState *cpu, const DisasContextBase *db); #endif void monitor_disas(Monitor *mon, CPUState *cpu, uint64_t pc, int nb_insn, bool is_physical); #ifdef CONFIG_PLUGIN -char *plugin_disas(CPUState *cpu, uint64_t addr, size_t size); +char *plugin_disas(CPUState *cpu, const DisasContextBase *db, + uint64_t addr, size_t size); #endif /* Look up symbol for debugging purpose. Returns "" if unknown. */ diff --git a/include/exec/translator.h b/include/exec/translator.h index 31c39ab63c..411ce2b47e 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -79,7 +79,7 @@ typedef enum DisasJumpType { * * Architecture-agnostic disassembly context. */ -typedef struct DisasContextBase { +struct DisasContextBase { TranslationBlock *tb; vaddr pc_first; vaddr pc_next; @@ -103,7 +103,7 @@ typedef struct DisasContextBase { int record_start; int record_len; uint8_t record[32]; -} DisasContextBase; +}; /** * TranslatorOps: diff --git a/include/qemu/typedefs.h b/include/qemu/typedefs.h index b47e7179e2..9d222dc376 100644 --- a/include/qemu/typedefs.h +++ b/include/qemu/typedefs.h @@ -42,6 +42,7 @@ typedef struct CPUPluginState CPUPluginState; typedef struct CPUState CPUState; typedef struct DeviceState DeviceState; typedef struct DirtyBitmapSnapshot DirtyBitmapSnapshot; +typedef struct DisasContextBase DisasContextBase; typedef struct DisplayChangeListener DisplayChangeListener; typedef struct DriveInfo DriveInfo; typedef struct DumpState DumpState; diff --git a/plugins/api.c b/plugins/api.c index 02014d4c6e..b04c5e1928 100644 --- a/plugins/api.c +++ b/plugins/api.c @@ -271,8 +271,8 @@ void *qemu_plugin_insn_haddr(const struct qemu_plugin_insn *insn) char *qemu_plugin_insn_disas(const struct qemu_plugin_insn *insn) { - CPUState *cpu = current_cpu; - return plugin_disas(cpu, insn->vaddr, insn->len); + return plugin_disas(tcg_ctx->cpu, tcg_ctx->plugin_db, + insn->vaddr, insn->len); } const char *qemu_plugin_insn_symbol(const struct qemu_plugin_insn *insn) -- cgit 1.4.1 From 4c6163eaf2ca64391f885ca9625947371a4a4834 Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Wed, 3 Apr 2024 07:29:37 -1000 Subject: accel/tcg: Introduce translator_fake_ld MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace translator_fake_ldb, which required multiple calls, with translator_fake_ld, which can take all data at once. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- accel/tcg/translator.c | 5 ++--- include/exec/translator.h | 8 ++++---- target/s390x/tcg/translate.c | 8 ++++---- 3 files changed, 10 insertions(+), 11 deletions(-) (limited to 'include/exec') diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 00322c6fd9..c56967eecd 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -468,9 +468,8 @@ uint64_t translator_ldq(CPUArchState *env, DisasContextBase *db, vaddr pc) return tgt; } -void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8) +void translator_fake_ld(DisasContextBase *db, const void *data, size_t len) { - assert(pc >= db->pc_first); db->fake_insn = true; - record_save(db, pc, &insn8, sizeof(insn8)); + record_save(db, db->pc_first, data, len); } diff --git a/include/exec/translator.h b/include/exec/translator.h index 411ce2b47e..25004dfb76 100644 --- a/include/exec/translator.h +++ b/include/exec/translator.h @@ -234,17 +234,17 @@ translator_ldq_swap(CPUArchState *env, DisasContextBase *db, } /** - * translator_fake_ldb - fake instruction load + * translator_fake_ld - fake instruction load * @db: Disassembly context - * @pc: program counter of instruction - * @insn8: byte of instruction + * @data: bytes of instruction + * @len: number of bytes * * This is a special case helper used where the instruction we are * about to translate comes from somewhere else (e.g. being * re-synthesised for s390x "ex"). It ensures we update other areas of * the translator with details of the executed instruction. */ -void translator_fake_ldb(DisasContextBase *db, vaddr pc, uint8_t insn8); +void translator_fake_ld(DisasContextBase *db, const void *data, size_t len); /** * translator_st diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c index d74939389a..2eb787e401 100644 --- a/target/s390x/tcg/translate.c +++ b/target/s390x/tcg/translate.c @@ -6191,6 +6191,8 @@ static const DisasInsn *extract_insn(CPUS390XState *env, DisasContext *s) const DisasInsn *info; if (unlikely(s->ex_value)) { + uint64_t be_insn; + /* Drop the EX data now, so that it's clear on exception paths. */ tcg_gen_st_i64(tcg_constant_i64(0), tcg_env, offsetof(CPUS390XState, ex_value)); @@ -6200,10 +6202,8 @@ static const DisasInsn *extract_insn(CPUS390XState *env, DisasContext *s) ilen = s->ex_value & 0xf; /* Register insn bytes with translator so plugins work. */ - for (int i = 0; i < ilen; i++) { - uint8_t byte = extract64(insn, 56 - (i * 8), 8); - translator_fake_ldb(&s->base, pc + i, byte); - } + be_insn = cpu_to_be64(insn); + translator_fake_ld(&s->base, &be_insn, ilen); op = insn >> 56; } else { insn = ld_code2(env, s, pc); -- cgit 1.4.1 From 7c211c1cb47c33f855d3206b46943e6f4d1a3b23 Mon Sep 17 00:00:00 2001 From: Philippe Mathieu-Daudé Date: Fri, 5 Apr 2024 15:15:32 +0200 Subject: accel/tcg: Remove cpu_ldsb_code / cpu_ldsw_code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Previous commits replaced them by translator_ld* calls. Signed-off-by: Philippe Mathieu-Daudé Message-Id: <20240405131532.40913-1-philmd@linaro.org> Signed-off-by: Richard Henderson --- include/exec/cpu_ldst.h | 10 ---------- 1 file changed, 10 deletions(-) (limited to 'include/exec') diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h index 11ba3778ba..71009f84f5 100644 --- a/include/exec/cpu_ldst.h +++ b/include/exec/cpu_ldst.h @@ -355,16 +355,6 @@ uint32_t cpu_lduw_code(CPUArchState *env, abi_ptr addr); uint32_t cpu_ldl_code(CPUArchState *env, abi_ptr addr); uint64_t cpu_ldq_code(CPUArchState *env, abi_ptr addr); -static inline int cpu_ldsb_code(CPUArchState *env, abi_ptr addr) -{ - return (int8_t)cpu_ldub_code(env, addr); -} - -static inline int cpu_ldsw_code(CPUArchState *env, abi_ptr addr) -{ - return (int16_t)cpu_lduw_code(env, addr); -} - /** * tlb_vaddr_to_host: * @env: CPUArchState -- cgit 1.4.1