accel/tcg: Init tb size and icount before plugin_gen_tb_end

When passing disassembly data to plugin callbacks,
translator_st_len relies on db->tb->size having been set.

Fixes: 4c833c60e047 ("disas:

accel/tcg: Init tb size and icount before plugin_gen_tb_end

When passing disassembly data to plugin callbacks,
translator_st_len relies on db->tb->size having been set.

Fixes: 4c833c60e047 ("disas: Use translator_st to get disassembly data")
Reported-by: Bernhard Beschow <shentey@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Bernhard Beschow <shentey@gmail.com>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>

show more ...

accel/tcg: Introduce translator_fake_ld

Replace translator_fake_ldb, which required multiple calls,
with translator_fake_ld, which can take all data at once.

Reviewed-by: Philippe Mathieu-Daudé <ph

accel/tcg: Introduce translator_fake_ld

Replace translator_fake_ldb, which required multiple calls,
with translator_fake_ld, which can take all data at once.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

disas: Use translator_st to get disassembly data

Read from already translated pages, or saved mmio data.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <ri

disas: Use translator_st to get disassembly data

Read from already translated pages, or saved mmio data.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Return bool from TranslatorOps.disas_log

We have eliminated most uses of this hook. Reduce
further by allowing the hook to handle only the
special cases, returning false for normal proce

accel/tcg: Return bool from TranslatorOps.disas_log

We have eliminated most uses of this hook. Reduce
further by allowing the hook to handle only the
special cases, returning false for normal processing.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Provide default implementation of disas_log

Almost all of the disas_log implementations are identical.
Unify them within translator_loop.

Drop extra Priv/Virt logging from target/riscv.

accel/tcg: Provide default implementation of disas_log

Almost all of the disas_log implementations are identical.
Unify them within translator_loop.

Drop extra Priv/Virt logging from target/riscv.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

plugins: Read mem_only directly from TB cflags

Do not pass around a boolean between multiple structures,
just read it from the TranslationBlock in the TCGContext.

Reviewed-by: Philippe Mathieu-Daud

plugins: Read mem_only directly from TB cflags

Do not pass around a boolean between multiple structures,
just read it from the TranslationBlock in the TCGContext.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

plugins: Use translator_st for qemu_plugin_insn_data

Use the bytes that we record for the entire TB, rather than
a per-insn GByteArray. Record the length of the insn in
plugin_gen_insn_end rather t

plugins: Use translator_st for qemu_plugin_insn_data

Use the bytes that we record for the entire TB, rather than
a per-insn GByteArray. Record the length of the insn in
plugin_gen_insn_end rather than infering from the length
of the array.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Implement translator_st

Copy data out of a completed translation. This will be used
for both plugins and disassembly.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-

accel/tcg: Implement translator_st

Copy data out of a completed translation. This will be used
for both plugins and disassembly.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Record when translator_fake_ldb is used

Remove left-over comment from commit dcd092a063
("accel/tcg: Improve can_do_io management").

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.or

accel/tcg: Record when translator_fake_ldb is used

Remove left-over comment from commit dcd092a063
("accel/tcg: Improve can_do_io management").

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Record mmio bytes during translation

This will be able to replace plugin_insn_append, and will
be usable for disassembly.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-o

accel/tcg: Record mmio bytes during translation

This will be able to replace plugin_insn_append, and will
be usable for disassembly.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Cap the translation block when we encounter mmio

Do not allow translation to proceed beyond one insn with mmio,
as we will not be caching the TranslationBlock.

Reviewed-by: Philippe Math

accel/tcg: Cap the translation block when we encounter mmio

Do not allow translation to proceed beyond one insn with mmio,
as we will not be caching the TranslationBlock.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Reorg translator_ld*

Reorg translator_access into translator_ld, with a more
memcpy-ish interface. If both pages are in ram, do not
go through the caller's slow path.

Assert that the ac

accel/tcg: Reorg translator_ld*

Reorg translator_access into translator_ld, with a more
memcpy-ish interface. If both pages are in ram, do not
go through the caller's slow path.

Assert that the access is within the two pages that we are
prepared to protect, per TranslationBlock. Allow access
prior to pc_first, so long as it is within the first page.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Pass DisasContextBase to translator_fake_ldb

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

accel/tcg: Use vaddr in translator_ld*

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

accel: Include missing 'exec/cpu_ldst.h' header

Theses files call cpu_ldl_code() which is declared
in "exec/cpu_ldst.h".

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richa

accel: Include missing 'exec/cpu_ldst.h' header

Theses files call cpu_ldl_code() which is declared
in "exec/cpu_ldst.h".

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20231211212003.21686-5-philmd@linaro.org>

show more ...

accel/tcg: Improve can_do_io management

We already attempted to set and clear can_do_io before the first
and last insns, but only used the initial value of max_insns and
the call to translator_io_st

accel/tcg: Improve can_do_io management

We already attempted to set and clear can_do_io before the first
and last insns, but only used the initial value of max_insns and
the call to translator_io_start to find those insns.

Now that we track insn_start in DisasContextBase, and now that
we have emit_before_op, we can wait until we have finished
translation to identify the true first and last insns and emit
the sets of can_do_io at that time.

This fixes the case of a translation block which crossed a page
boundary, and for which the second page turned out to be mmio.
In this case we truncate the block, and the previous logic for
can_do_io could leave a block with a single insn with can_do_io
set to false, which would fail an assertion in cpu_io_recompile.

Reported-by: Jørgen Hansen <Jorgen.Hansen@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Jørgen Hansen <Jorgen.Hansen@wdc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Add insn_start to DisasContextBase

This is currently target-specific for many; begin making it
target independent.

Tested-by: Jørgen Hansen <Jorgen.Hansen@wdc.com>
Reviewed-by: Philippe

accel/tcg: Add insn_start to DisasContextBase

This is currently target-specific for many; begin making it
target independent.

Tested-by: Jørgen Hansen <Jorgen.Hansen@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Remove CF_LAST_IO

In cpu_exec_step_atomic, we did not set CF_LAST_IO, which lead
to a loop with cpu_io_recompile.

But since 18a536f1f8 ("Always require can_do_io") we no longer
need a fl

accel/tcg: Remove CF_LAST_IO

In cpu_exec_step_atomic, we did not set CF_LAST_IO, which lead
to a loop with cpu_io_recompile.

But since 18a536f1f8 ("Always require can_do_io") we no longer
need a flag to indicate when the last insn should have can_do_io set,
so remove the flag entirely.

Reported-by: Clément Chigot <chigot@adacore.com>
Tested-by: Clément Chigot <chigot@adacore.com>
Reviewed-by: Claudio Fontana <cfontana@suse.de>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1961
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

plugins: Set final instruction count in plugin_gen_tb_end

Translation logic may partially decode an instruction, then abort and
remove the instruction from the TB. This can happen for example when a

plugins: Set final instruction count in plugin_gen_tb_end

Translation logic may partially decode an instruction, then abort and
remove the instruction from the TB. This can happen for example when an
instruction spans two pages. In this case, plugins may get an incorrect
result when calling qemu_plugin_tb_n_insns to query for the number of
instructions in the TB. This patch updates plugin_gen_tb_end to set the
final instruction count.

Signed-off-by: Matt Borgerson <contact@mborgerson.com>
[AJB: added g_assert to defed API]
Message-Id: <CADc=-s5RwGViNTR-h5cq3np673W3RRFfhr4vCGJp0EoDUxvhog@mail.gmail.com>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20231009164104.369749-23-alex.bennee@linaro.org>

show more ...

accel/tcg: Add plugin_enabled to DisasContextBase

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230824181233.1568795-2-richard.henderson@linaro.org>
Signed-off-by: A

accel/tcg: Add plugin_enabled to DisasContextBase

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230824181233.1568795-2-richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20231009164104.369749-21-alex.bennee@linaro.org>

show more ...

accel/tcg: Rename target-specific 'internal.h' -> 'internal-target.h'

accel/tcg/internal.h contains target specific declarations.
Unit files including it become "target tainted": they can not
be com

accel/tcg: Rename target-specific 'internal.h' -> 'internal-target.h'

accel/tcg/internal.h contains target specific declarations.
Unit files including it become "target tainted": they can not
be compiled as target agnostic. Rename using the '-target'
suffix to make this explicit.

Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Anton Johansson <anjo@rev.ng>
Message-Id: <20230914185718.76241-9-philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

tcg: Rename cpu_env to tcg_env

Allow the name 'cpu_env' to be used for something else.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@li

tcg: Rename cpu_env to tcg_env

Allow the name 'cpu_env' to be used for something else.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Move can_do_io to CPUNegativeOffsetState

Minimize the displacement to can_do_io, since it may
be touched at the start of each TranslationBlock.
It fits into other padding within the subst

accel/tcg: Move can_do_io to CPUNegativeOffsetState

Minimize the displacement to can_do_io, since it may
be touched at the start of each TranslationBlock.
It fits into other padding within the substructure.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Move CPUNegativeOffsetState into CPUState

Retain the separate structure to emphasize its importance.
Enforce CPUArchState always follows CPUState without padding.

Reviewed-by: Anton Joha

accel/tcg: Move CPUNegativeOffsetState into CPUState

Retain the separate structure to emphasize its importance.
Enforce CPUArchState always follows CPUState without padding.

Reviewed-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Always require can_do_io

Require i/o as the last insn of a TranslationBlock always,
not only with icount. This is required for i/o that alters
the address space, such as a pci config spa

accel/tcg: Always require can_do_io

Require i/o as the last insn of a TranslationBlock always,
not only with icount. This is required for i/o that alters
the address space, such as a pci config space write.

Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1866
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...