Update libtcg to QEMU v8.2.1 #5
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 30 commits
July 18, 2024 18:01
These currently have a single `translate` function which sets up QEMU to call `gen_intermediate_code`. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
We now instead read bytecode from a buffer with a specified virtual address. Signed-off-by: Anton Johansson <anjo@rev.ng>
Excludes prologues/epilogues inserted during translation. Signed-off-by: Anton Johansson <anjo@rev.ng>
Don't rely on cached address translations, we always want to fetch memory directly from the user provided buffer, even if we've translated this virtual address previously.
This is a big commit as a lot of code has been pasted and adapted from the `tcg/*` files. A new function to dump a `TinyCodeInstruction` was added that is adapted from `tcg_dump_ops`. Everything exposed in `libtcg.h` was requried for our new dump function to replicate the output of `tcg_dump_ops`. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Expose arguments as 3 separate arrays (input-, output-, and constant args.). Similar to the normal TCG API, but easiers to work with. Signed-off-by: Anton Johansson <anjo@rev.ng>
Also added destroy function for LibTcgInstructionList. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Needed for converting arguments to a string representation for printing. Signed-off-by: Anton Johansson <anjo@rev.ng>
This is not optimal since in terms of memory usage, as repeat use of the same temporary will end up being stored twice, but it is easier to work with. TODO: Why not mimic TCG more closely and have a global temp. array for the entire TB? Signed-off-by: Anton Johansson <anjo@rev.ng>
Commas weren't printed correctly for constants Signed-off-by: Anton Johansson <anjo@rev.ng>
TODO: Is this still needed? Signed-off-by: Anton Johansson <anjo@rev.ng>
Adds another build artifact containing all relevant helper functions for a given target in a LLVM bitcode .bc file. Signed-off-by: Anton Johansson <anjo@rev.ng> Remove QEMU subprojects when `have_libtcg` is set This commits removes a few subprojects from QEMU when libtcg is enabled, with reason to declutter the install directory from non-libtcg-related stuff. Signed-off-by: Anton Johansson <anjo@rev.ng> llvm-helpers: Add more target-specific files Signed-off-by: Anton Johansson <anjo@rev.ng>
size_in_bytes corresponds to the amount of bytes of input code that were lifted to produce the translation block. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Useful when `dlopen`ing by reducing the amount of funnctions needed to be `dlsym`d manually. Also makes sure function prototypes are kept in sync between users of libtcg and libtcg. Signed-off-by: Anton Johansson <anjo@rev.ng>
Exposes a way to the the CPUArchState pointer along with offsets of the stack and program counter registers. Signed-off-by: Anton Johansson <anjo@rev.ng>
Required to compile w. glibc 2.13. Remove when fixed. Signed-off-by: Anton Johansson <anjo@rev.ng>
Adds a function for dumping a given LibTcgInstruction to a string representation. Useful for debugging. Signed-off-by: Anton Johansson <anjo@rev.ng>
The following flags are enabled/disabled with the goal of removing TB
overhead.
CF_NO_GOTO_TB
CF_NO_GOTO_PTR
Disables all forms of translation block chaining and makes sure we
end each TB with an exit_tb.
~CF_USE_ICOUNT
Removes unnecessary overhead due to instruction count tracking.
CF_NOIRQ
Make TBs uninterrubtable, otherwise an extra conditional branch is
inserted to possible skip a TB in the case of an interrupt.
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
added 25 commits
July 18, 2024 21:06
revng will inline and analyze cpu_loop and handling of syscalls therein. Forking in particular trips up CSAA, add an abort forcing dead code elimination to avoid this. Signed-off-by: Anton Johansson <anjo@rev.ng>
Replaces cpu_loop_exit_restore with cpu_loop_exit, as only the latter was handled by the CpuLoopExit analysis. This is no longer the case, and revng properly handles cpu_loop_exit_restore, so this commit should be safe to delete. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Makes sure s390x will correctly exit and not read past the user provided buffer. TODO: This should no longer be necessary, our chech in accel/tcg/translator.c should correctly cover s390x. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Needed for static analyses on x86 in particular. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Expose arch. info such as offsets to common registers through a separate struct instead of through LibTcgInterface. Otherwise this information is inaccessible to the non-LibTcgInterface API. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Only default to using malloc/free if both mem_alloc/mem_free are NULL, needed to support arena allocators and similar where all freeing happens at once. Signed-off-by: Anton Johansson <anjo@rev.ng>
Allows lifted TBs to be lightly optimized, if specified. Also adds a flag to enable usage of automatically generated TCG variants of helper functions (requires libtcg to be rebased on helper-to-tcg). Signed-off-by: Anton Johansson <anjo@rev.ng>
Correctly retry translation with smaller max instruction size if translation failed. Use TCG_MAX_INSNS instead of guessing the maximum size, this triggered asserts in QEMU if size > TCG_MAX_INSNS. Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Anton Johansson <anjo@rev.ng>
This is to avoid retranslating blocks if the previous constant propagtion no longer is valid. Consider a simple loop with an induction variable initialized to 0. Upon first translation the 0 will be propagated to uses of the induction variable. However on subsequent branches to this block it would be retranslated and reoptimized, as the induction variable is no longer constant. This is not ideal for static analyses, so disable constant propagation through registers, we still retain simpler constant propagation through temporaries. Signed-off-by: Anton Johansson <anjo@rev.ng>
Allows static analysis tools to smoothly recover on lifting failures. Signed-off-by: Anton Johansson <anjo@rev.ng>
Allows static analysis tools to smoothly skip e.g. data words which will fail to lift. Signed-off-by: Anton Johansson <anjo@rev.ng>
Adds unnecessary instructions not relevant for static analysis. Signed-off-by: Anton Johansson <anjo@rev.ng>
Separate shared library which acts as a simple wrapper around libtcg compiled for different ISAs. Also handles simoultaneous use of different libtcgs. Signed-off-by: Anton Johansson <anjo@rev.ng>
|
Thank you for your interest in the QEMU project. This repository is a read-only mirror of the project's repostories hosted QEMU welcomes contributions of code (either fixing bugs or adding new |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.