Series comparison

-[PULL 0/3] tcg patch queue
+[PULL v2 00/10] tcg patch queue
-The following changes since commit e18e5501d8ac692d32657a3e1ef545b14e72b730:
+V2 replaces the tcg const temp overflow patch.
-  Merge remote-tracking branch 'remotes/dgilbert-gitlab/tags/pull-virtiofs-20200210' into staging (2020-02-10 18:09:14 +0000)
 r~
 The following changes since commit 0e32462630687a18039464511bd0447ada5709c3:
   Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging (2021-01-22 10:35:55 +0000)
 are available in the Git repository at:
-  https://github.com/rth7680/qemu.git tags/pull-tcg-20200212
+  https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20210124
-for you to fetch changes up to 2445971604c1cfd3ec484457159f4ac300fb04d2:
+for you to fetch changes up to ae30e86661b0f48562cd95918d37cbeec5d02262:
-  tcg: Add tcg_gen_gvec_5_ptr (2020-02-12 14:58:36 -0800)
+  tcg: Restart code generation when we run out of temps (2021-01-24 08:03:27 -1000)
 ----------------------------------------------------------------
-Fix breakpoint invalidation.
+Fix tcg constant temp overflow.
-Add support for tcg helpers with 7 arguments.
+Fix running during atomic single-step.
-Add support for gvec helpers with 5 arguments.
+Partial support for apple silicon.
 Cleanups for accel/tcg.
 ----------------------------------------------------------------
-Max Filippov (1):
+Douglas Crosher (1):
-      exec: flush CPU TB cache in breakpoint_invalidate
+      tcg: update the cpu running flag in cpu_exec_step_atomic
-Richard Henderson (1):
+Philippe Mathieu-Daudé (4):
-      tcg: Add tcg_gen_gvec_5_ptr
+      accel/tcg: Make cpu_gen_init() static
       accel/tcg: Restrict tb_gen_code() from other accelerators
       accel/tcg: Declare missing cpu_loop_exit*() stubs
       accel/tcg: Restrict cpu_io_recompile() from other accelerators
-Taylor Simpson (1):
+Richard Henderson (4):
-      tcg: Add support for a helper with 7 arguments
+      qemu/compiler: Split out qemu_build_not_reached_always
       tcg: Optimize inline dup_const for MO_64
       accel/tcg: Move tb_flush_jmp_cache() to cputlb.c
       tcg: Restart code generation when we run out of temps
- include/exec/helper-gen.h   | 13 +++++++++++++
+Roman Bolshakov (1):
- include/exec/helper-head.h  |  2 ++
+      tcg: Toggle page execution for Apple Silicon
  include/exec/helper-proto.h |  6 ++++++
  include/exec/helper-tcg.h   |  7 +++++++
  include/tcg/tcg-op-gvec.h   |  7 +++++++
  exec.c                      | 15 +++++++--------
  tcg/tcg-op-gvec.c           | 32 ++++++++++++++++++++++++++++++++
 files changed, 74 insertions(+), 8 deletions(-)
+ accel/tcg/internal.h      | 20 ++++++++++++++++++++
+ include/exec/exec-all.h   | 11 -----------
+ include/qemu/compiler.h   |  5 +++--
+ include/qemu/osdep.h      | 28 ++++++++++++++++++++++++++++
+ include/tcg/tcg.h         |  6 +++++-
+ accel/stubs/tcg-stub.c    | 10 ++++++++++
+ accel/tcg/cpu-exec.c      |  7 +++++++
+ accel/tcg/cputlb.c        | 19 +++++++++++++++++++
+ accel/tcg/translate-all.c | 38 +++++++++++++++++++-------------------
+ tcg/tcg.c                 | 12 +++++++++---
+files changed, 120 insertions(+), 36 deletions(-)
+ create mode 100644 accel/tcg/internal.h

-[PULL 1/3] exec: flush CPU TB cache in breakpoint_invalidate
+Deleted patch
-From: Max Filippov <jcmvbkbc@gmail.com>
-When a breakpoint is inserted at location for which there's currently no
-virtual to physical translation no action is taken on CPU TB cache. If a
-TB for that virtual address already exists but is not visible ATM the
-breakpoint won't be hit next time an instruction at that address will be
-executed.
-Flush entire CPU TB cache in breakpoint_invalidate to force
-re-translation of all TBs for the breakpoint address.
-This change fixes the following scenario:
-- linux user application is running
-- a breakpoint is inserted from QEMU gdbstub for a user address that is
-  not currently present in the target CPU TLB
-- an instruction at that address is executed, but the external debugger
-  doesn't get control.
-Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
-Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
-Message-Id: <20191127220602.10827-2-jcmvbkbc@gmail.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- exec.c | 15 +++++++--------
-file changed, 7 insertions(+), 8 deletions(-)
-diff --git a/exec.c b/exec.c
-index XXXXXXX..XXXXXXX 100644
---- a/exec.c
-+++ b/exec.c
-@@ -XXX,XX +XXX,XX @@ void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
- static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
- {
--    MemTxAttrs attrs;
--    hwaddr phys = cpu_get_phys_page_attrs_debug(cpu, pc, &attrs);
--    int asidx = cpu_asidx_from_attrs(cpu, attrs);
--    if (phys != -1) {
--        /* Locks grabbed by tb_invalidate_phys_addr */
--        tb_invalidate_phys_addr(cpu->cpu_ases[asidx].as,
--                                phys | (pc & ~TARGET_PAGE_MASK), attrs);
--    }
-+    /*
-+     * There may not be a virtual to physical translation for the pc
-+     * right now, but there may exist cached TB for this pc.
-+     * Flush the whole TB cache to force re-translation of such TBs.
-+     * This is heavyweight, but we're debugging anyway.
-+     */
-+    tb_flush(cpu);
- }
- #endif
---
-.20.1

-[PULL 2/3] tcg: Add support for a helper with 7 arguments
+Deleted patch
-From: Taylor Simpson <tsimpson@quicinc.com>
-Currently, helpers can only take up to 6 arguments.  This patch adds the
-capability for up to 7 arguments.  I have tested it with the Hexagon port
-that I am preparing for submission.
-Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
-Message-Id: <1580942510-2820-1-git-send-email-tsimpson@quicinc.com>
-Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
----
- include/exec/helper-gen.h   | 13 +++++++++++++
- include/exec/helper-head.h  |  2 ++
- include/exec/helper-proto.h |  6 ++++++
- include/exec/helper-tcg.h   |  7 +++++++
-files changed, 28 insertions(+)
-diff --git a/include/exec/helper-gen.h b/include/exec/helper-gen.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/helper-gen.h
-+++ b/include/exec/helper-gen.h
-@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
-   tcg_gen_callN(HELPER(name), dh_retvar(ret), 6, args);                 \
- }
-+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7)\
-+static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
-+    dh_arg_decl(t1, 1),  dh_arg_decl(t2, 2), dh_arg_decl(t3, 3),        \
-+    dh_arg_decl(t4, 4), dh_arg_decl(t5, 5), dh_arg_decl(t6, 6),         \
-+    dh_arg_decl(t7, 7))                                                 \
-+{                                                                       \
-+  TCGTemp *args[7] = { dh_arg(t1, 1), dh_arg(t2, 2), dh_arg(t3, 3),     \
-+                     dh_arg(t4, 4), dh_arg(t5, 5), dh_arg(t6, 6),       \
-+                     dh_arg(t7, 7) };                                   \
-+  tcg_gen_callN(HELPER(name), dh_retvar(ret), 7, args);                 \
-+}
-+
- #include "helper.h"
- #include "trace/generated-helpers.h"
- #include "trace/generated-helpers-wrappers.h"
-@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
- #undef DEF_HELPER_FLAGS_4
- #undef DEF_HELPER_FLAGS_5
- #undef DEF_HELPER_FLAGS_6
-+#undef DEF_HELPER_FLAGS_7
- #undef GEN_HELPER
- #endif /* HELPER_GEN_H */
-diff --git a/include/exec/helper-head.h b/include/exec/helper-head.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/helper-head.h
-+++ b/include/exec/helper-head.h
-@@ -XXX,XX +XXX,XX @@
-     DEF_HELPER_FLAGS_5(name, 0, ret, t1, t2, t3, t4, t5)
- #define DEF_HELPER_6(name, ret, t1, t2, t3, t4, t5, t6) \
-     DEF_HELPER_FLAGS_6(name, 0, ret, t1, t2, t3, t4, t5, t6)
-+#define DEF_HELPER_7(name, ret, t1, t2, t3, t4, t5, t6, t7) \
-+    DEF_HELPER_FLAGS_7(name, 0, ret, t1, t2, t3, t4, t5, t6, t7)
- /* MAX_OPC_PARAM_IARGS must be set to n if last entry is DEF_HELPER_FLAGS_n. */
-diff --git a/include/exec/helper-proto.h b/include/exec/helper-proto.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/helper-proto.h
-+++ b/include/exec/helper-proto.h
-@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
- dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
-                             dh_ctype(t4), dh_ctype(t5), dh_ctype(t6));
-+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7) \
-+dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
-+                            dh_ctype(t4), dh_ctype(t5), dh_ctype(t6), \
-+                            dh_ctype(t7));
-+
- #include "helper.h"
- #include "trace/generated-helpers.h"
- #include "tcg-runtime.h"
-@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
- #undef DEF_HELPER_FLAGS_4
- #undef DEF_HELPER_FLAGS_5
- #undef DEF_HELPER_FLAGS_6
-+#undef DEF_HELPER_FLAGS_7
- #endif /* HELPER_PROTO_H */
-diff --git a/include/exec/helper-tcg.h b/include/exec/helper-tcg.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/exec/helper-tcg.h
-+++ b/include/exec/helper-tcg.h
-@@ -XXX,XX +XXX,XX @@
-     | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
-     | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) },
-+#define DEF_HELPER_FLAGS_7(NAME, FLAGS, ret, t1, t2, t3, t4, t5, t6, t7) \
-+  { .func = HELPER(NAME), .name = str(NAME), .flags = FLAGS, \
-+    .sizemask = dh_sizemask(ret, 0) | dh_sizemask(t1, 1) \
-+    | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
-+    | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) | dh_sizemask(t7, 7) },
-+
- #include "helper.h"
- #include "trace/generated-helpers.h"
- #include "tcg-runtime.h"
-@@ -XXX,XX +XXX,XX @@
- #undef DEF_HELPER_FLAGS_4
- #undef DEF_HELPER_FLAGS_5
- #undef DEF_HELPER_FLAGS_6
-+#undef DEF_HELPER_FLAGS_7
- #endif /* HELPER_TCG_H */
---
-.20.1

-[PULL 3/3] tcg: Add tcg_gen_gvec_5_ptr
+[PULL v2 10/10] tcg: Restart code generation when we run out of temps
-Extend the vector generator infrastructure to handle
+Some large translation blocks can generate so many unique
-vector arguments.
+constants that we run out of temps to hold them.  In this
 case, longjmp back to the start of code generation and
 restart with a smaller translation block.
-Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
+Buglink: https://bugs.launchpad.net/bugs/1912065
-Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
+Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
-Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
+Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
 Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
 ---
- include/tcg/tcg-op-gvec.h |  7 +++++++
+ include/tcg/tcg.h         |  3 +++
- tcg/tcg-op-gvec.c         | 32 ++++++++++++++++++++++++++++++++
+ accel/tcg/translate-all.c | 15 ++++++++++++++-
-files changed, 39 insertions(+)
+ tcg/tcg.c                 | 11 ++++++++---
 files changed, 25 insertions(+), 4 deletions(-)
-diff --git a/include/tcg/tcg-op-gvec.h b/include/tcg/tcg-op-gvec.h
+diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
 index XXXXXXX..XXXXXXX 100644
---- a/include/tcg/tcg-op-gvec.h
+--- a/include/tcg/tcg.h
-+++ b/include/tcg/tcg-op-gvec.h
++++ b/include/tcg/tcg.h
-@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+@@ -XXX,XX +XXX,XX @@ struct TCGContext {
-                         uint32_t maxsz, int32_t data,
-                         gen_helper_gvec_4_ptr *fn);
+     uint16_t gen_insn_end_off[TCG_MAX_INSNS];
+     target_ulong gen_insn_data[TCG_MAX_INSNS][TARGET_INSN_START_WORDS];
 +typedef void gen_helper_gvec_5_ptr(TCGv_ptr, TCGv_ptr, TCGv_ptr, TCGv_ptr,
 +                                   TCGv_ptr, TCGv_ptr, TCGv_i32);
 +void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
 +                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
 +                        uint32_t oprsz, uint32_t maxsz, int32_t data,
 +                        gen_helper_gvec_5_ptr *fn);
 +
- /* Expand a gvec operation.  Either inline or out-of-line depending on
++    /* Exit to translator on overflow. */
-    the actual vector size and the operations supported by the host.  */
++    sigjmp_buf jmp_trans;
- typedef struct {
+ };
-diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
  static inline bool temp_readonly(TCGTemp *ts)
 diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
 index XXXXXXX..XXXXXXX 100644
---- a/tcg/tcg-op-gvec.c
+--- a/accel/tcg/translate-all.c
-+++ b/tcg/tcg-op-gvec.c
++++ b/accel/tcg/translate-all.c
-@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
-     tcg_temp_free_i32(desc);
+     ti = profile_getclock();
  #endif
 +    gen_code_size = sigsetjmp(tcg_ctx->jmp_trans, 0);
 +    if (unlikely(gen_code_size != 0)) {
 +        goto error_return;
 +    }
 +
      tcg_func_start(tcg_ctx);
      tcg_ctx->cpu = env_cpu(env);
      gen_intermediate_code(cpu, tb, max_insns);
      tcg_ctx->cpu = NULL;
 +    max_insns = tb->icount;
      trace_translate_block(tb, tb->pc, tb->tc.ptr);
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
      gen_code_size = tcg_gen_code(tcg_ctx, tb);
      if (unlikely(gen_code_size < 0)) {
 + error_return:
          switch (gen_code_size) {
          case -1:
              /*
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
               * flush the TBs, allocate a new TB, re-initialize it per
               * above, and re-do the actual code generation.
               */
 +            qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
 +                          "Restarting code generation for "
 +                          "code_gen_buffer overflow\n");
              goto buffer_overflow;
          case -2:
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
               * Try again with half as many insns as we attempted this time.
               * If a single insn overflows, there's a bug somewhere...
               */
 -            max_insns = tb->icount;
              assert(max_insns > 1);
              max_insns /= 2;
 +            qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
 +                          "Restarting code generation with "
 +                          "smaller translation block (max %d insns)\n",
 +                          max_insns);
              goto tb_overflow;
          default:
 diff --git a/tcg/tcg.c b/tcg/tcg.c
 index XXXXXXX..XXXXXXX 100644
 --- a/tcg/tcg.c
 +++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ void tcg_func_start(TCGContext *s)
      QSIMPLEQ_INIT(&s->labels);
  }
-+/* Generate a call to a gvec-style helper with five vector operands
+-static inline TCGTemp *tcg_temp_alloc(TCGContext *s)
-+   and an extra pointer operand.  */
++static TCGTemp *tcg_temp_alloc(TCGContext *s)
-+void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+ {
-+                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
+     int n = s->nb_temps++;
-+                        uint32_t oprsz, uint32_t maxsz, int32_t data,
+-    tcg_debug_assert(n < TCG_MAX_TEMPS);
 +                        gen_helper_gvec_5_ptr *fn)
 +{
 +    TCGv_ptr a0, a1, a2, a3, a4;
 +    TCGv_i32 desc = tcg_const_i32(simd_desc(oprsz, maxsz, data));
 +
-+    a0 = tcg_temp_new_ptr();
++    if (n >= TCG_MAX_TEMPS) {
-+    a1 = tcg_temp_new_ptr();
++        /* Signal overflow, starting over with fewer guest insns. */
-+    a2 = tcg_temp_new_ptr();
++        siglongjmp(s->jmp_trans, -2);
-+    a3 = tcg_temp_new_ptr();
++    }
-+    a4 = tcg_temp_new_ptr();
+     return memset(&s->temps[n], 0, sizeof(TCGTemp));
-+
+ }
-+    tcg_gen_addi_ptr(a0, cpu_env, dofs);
-+    tcg_gen_addi_ptr(a1, cpu_env, aofs);
+-static inline TCGTemp *tcg_global_alloc(TCGContext *s)
-+    tcg_gen_addi_ptr(a2, cpu_env, bofs);
++static TCGTemp *tcg_global_alloc(TCGContext *s)
-+    tcg_gen_addi_ptr(a3, cpu_env, cofs);
+ {
-+    tcg_gen_addi_ptr(a4, cpu_env, eofs);
+     TCGTemp *ts;
-+
-+    fn(a0, a1, a2, a3, a4, ptr, desc);
+     tcg_debug_assert(s->nb_globals == s->nb_temps);
-+
++    tcg_debug_assert(s->nb_globals < TCG_MAX_TEMPS);
-+    tcg_temp_free_ptr(a0);
+     s->nb_globals++;
-+    tcg_temp_free_ptr(a1);
+     ts = tcg_temp_alloc(s);
-+    tcg_temp_free_ptr(a2);
+     ts->kind = TEMP_GLOBAL;
 +    tcg_temp_free_ptr(a3);
 +    tcg_temp_free_ptr(a4);
 +    tcg_temp_free_i32(desc);
 +}
 +
  /* Return true if we want to implement something of OPRSZ bytes
     in units of LNSZ.  This limits the expansion of inline code.  */
  static inline bool check_size_impl(uint32_t oprsz, uint32_t lnsz)
 --
-.20.1
+.25.1

The following changes since commit e18e5501d8ac692d32657a3e1ef545b14e72b730:

Merge remote-tracking branch 'remotes/dgilbert-gitlab/tags/pull-virtiofs-20200210' into staging (2020-02-10 18:09:14 +0000)

are available in the Git repository at:

https://github.com/rth7680/qemu.git tags/pull-tcg-20200212

for you to fetch changes up to 2445971604c1cfd3ec484457159f4ac300fb04d2:

tcg: Add tcg_gen_gvec_5_ptr (2020-02-12 14:58:36 -0800)

----------------------------------------------------------------
Fix breakpoint invalidation.
Add support for tcg helpers with 7 arguments.
Add support for gvec helpers with 5 arguments.

----------------------------------------------------------------
Max Filippov (1):
      exec: flush CPU TB cache in breakpoint_invalidate

Richard Henderson (1):
      tcg: Add tcg_gen_gvec_5_ptr

Taylor Simpson (1):
      tcg: Add support for a helper with 7 arguments

From: Max Filippov <jcmvbkbc@gmail.com>

When a breakpoint is inserted at location for which there's currently no
virtual to physical translation no action is taken on CPU TB cache. If a
TB for that virtual address already exists but is not visible ATM the
breakpoint won't be hit next time an instruction at that address will be
executed.

Flush entire CPU TB cache in breakpoint_invalidate to force
re-translation of all TBs for the breakpoint address.

This change fixes the following scenario:
- linux user application is running
- a breakpoint is inserted from QEMU gdbstub for a user address that is
  not currently present in the target CPU TLB
- an instruction at that address is executed, but the external debugger
  doesn't get control.

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Message-Id: <20191127220602.10827-2-jcmvbkbc@gmail.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 exec.c | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/exec.c b/exec.c
index XXXXXXX..XXXXXXX 100644
--- a/exec.c
+++ b/exec.c
@@ -XXX,XX +XXX,XX @@ void tb_invalidate_phys_addr(AddressSpace *as, hwaddr addr, MemTxAttrs attrs)
 
 static void breakpoint_invalidate(CPUState *cpu, target_ulong pc)
 {
-    MemTxAttrs attrs;
-    hwaddr phys = cpu_get_phys_page_attrs_debug(cpu, pc, &attrs);
-    int asidx = cpu_asidx_from_attrs(cpu, attrs);
-    if (phys != -1) {
-        /* Locks grabbed by tb_invalidate_phys_addr */
-        tb_invalidate_phys_addr(cpu->cpu_ases[asidx].as,
-                                phys | (pc & ~TARGET_PAGE_MASK), attrs);
-    }
+    /*
+     * There may not be a virtual to physical translation for the pc
+     * right now, but there may exist cached TB for this pc.
+     * Flush the whole TB cache to force re-translation of such TBs.
+     * This is heavyweight, but we're debugging anyway.
+     */
+    tb_flush(cpu);
 }
 #endif
 
-- 
2.20.1

From: Taylor Simpson <tsimpson@quicinc.com>

Currently, helpers can only take up to 6 arguments.  This patch adds the
capability for up to 7 arguments.  I have tested it with the Hexagon port
that I am preparing for submission.

Signed-off-by: Taylor Simpson <tsimpson@quicinc.com>
Message-Id: <1580942510-2820-1-git-send-email-tsimpson@quicinc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/exec/helper-gen.h   | 13 +++++++++++++
 include/exec/helper-head.h  |  2 ++
 include/exec/helper-proto.h |  6 ++++++
 include/exec/helper-tcg.h   |  7 +++++++
 4 files changed, 28 insertions(+)

diff --git a/include/exec/helper-gen.h b/include/exec/helper-gen.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-gen.h
+++ b/include/exec/helper-gen.h
@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
   tcg_gen_callN(HELPER(name), dh_retvar(ret), 6, args);                 \
 }
 
+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7)\
+static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
+    dh_arg_decl(t1, 1),  dh_arg_decl(t2, 2), dh_arg_decl(t3, 3),        \
+    dh_arg_decl(t4, 4), dh_arg_decl(t5, 5), dh_arg_decl(t6, 6),         \
+    dh_arg_decl(t7, 7))                                                 \
+{                                                                       \
+  TCGTemp *args[7] = { dh_arg(t1, 1), dh_arg(t2, 2), dh_arg(t3, 3),     \
+                     dh_arg(t4, 4), dh_arg(t5, 5), dh_arg(t6, 6),       \
+                     dh_arg(t7, 7) };                                   \
+  tcg_gen_callN(HELPER(name), dh_retvar(ret), 7, args);                 \
+}
+
 #include "helper.h"
 #include "trace/generated-helpers.h"
 #include "trace/generated-helpers-wrappers.h"
@@ -XXX,XX +XXX,XX @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret)          \
 #undef DEF_HELPER_FLAGS_4
 #undef DEF_HELPER_FLAGS_5
 #undef DEF_HELPER_FLAGS_6
+#undef DEF_HELPER_FLAGS_7
 #undef GEN_HELPER
 
 #endif /* HELPER_GEN_H */
diff --git a/include/exec/helper-head.h b/include/exec/helper-head.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-head.h
+++ b/include/exec/helper-head.h
@@ -XXX,XX +XXX,XX @@
     DEF_HELPER_FLAGS_5(name, 0, ret, t1, t2, t3, t4, t5)
 #define DEF_HELPER_6(name, ret, t1, t2, t3, t4, t5, t6) \
     DEF_HELPER_FLAGS_6(name, 0, ret, t1, t2, t3, t4, t5, t6)
+#define DEF_HELPER_7(name, ret, t1, t2, t3, t4, t5, t6, t7) \
+    DEF_HELPER_FLAGS_7(name, 0, ret, t1, t2, t3, t4, t5, t6, t7)
 
 /* MAX_OPC_PARAM_IARGS must be set to n if last entry is DEF_HELPER_FLAGS_n. */
 
diff --git a/include/exec/helper-proto.h b/include/exec/helper-proto.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-proto.h
+++ b/include/exec/helper-proto.h
@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
 dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
                             dh_ctype(t4), dh_ctype(t5), dh_ctype(t6));
 
+#define DEF_HELPER_FLAGS_7(name, flags, ret, t1, t2, t3, t4, t5, t6, t7) \
+dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
+                            dh_ctype(t4), dh_ctype(t5), dh_ctype(t6), \
+                            dh_ctype(t7));
+
 #include "helper.h"
 #include "trace/generated-helpers.h"
 #include "tcg-runtime.h"
@@ -XXX,XX +XXX,XX @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
 #undef DEF_HELPER_FLAGS_4
 #undef DEF_HELPER_FLAGS_5
 #undef DEF_HELPER_FLAGS_6
+#undef DEF_HELPER_FLAGS_7
 
 #endif /* HELPER_PROTO_H */
diff --git a/include/exec/helper-tcg.h b/include/exec/helper-tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/include/exec/helper-tcg.h
+++ b/include/exec/helper-tcg.h
@@ -XXX,XX +XXX,XX @@
     | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
     | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) },
 
+#define DEF_HELPER_FLAGS_7(NAME, FLAGS, ret, t1, t2, t3, t4, t5, t6, t7) \
+  { .func = HELPER(NAME), .name = str(NAME), .flags = FLAGS, \
+    .sizemask = dh_sizemask(ret, 0) | dh_sizemask(t1, 1) \
+    | dh_sizemask(t2, 2) | dh_sizemask(t3, 3) | dh_sizemask(t4, 4) \
+    | dh_sizemask(t5, 5) | dh_sizemask(t6, 6) | dh_sizemask(t7, 7) },
+
 #include "helper.h"
 #include "trace/generated-helpers.h"
 #include "tcg-runtime.h"
@@ -XXX,XX +XXX,XX @@
 #undef DEF_HELPER_FLAGS_4
 #undef DEF_HELPER_FLAGS_5
 #undef DEF_HELPER_FLAGS_6
+#undef DEF_HELPER_FLAGS_7
 
 #endif /* HELPER_TCG_H */
-- 
2.20.1

Extend the vector generator infrastructure to handle
5 vector arguments.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Taylor Simpson <tsimpson@quicinc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg-op-gvec.h |  7 +++++++
 tcg/tcg-op-gvec.c         | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/include/tcg/tcg-op-gvec.h b/include/tcg/tcg-op-gvec.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg-op-gvec.h
+++ b/include/tcg/tcg-op-gvec.h
@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
                         uint32_t maxsz, int32_t data,
                         gen_helper_gvec_4_ptr *fn);
 
+typedef void gen_helper_gvec_5_ptr(TCGv_ptr, TCGv_ptr, TCGv_ptr, TCGv_ptr,
+                                   TCGv_ptr, TCGv_ptr, TCGv_i32);
+void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
+                        uint32_t oprsz, uint32_t maxsz, int32_t data,
+                        gen_helper_gvec_5_ptr *fn);
+
 /* Expand a gvec operation.  Either inline or out-of-line depending on
    the actual vector size and the operations supported by the host.  */
 typedef struct {
diff --git a/tcg/tcg-op-gvec.c b/tcg/tcg-op-gvec.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg-op-gvec.c
+++ b/tcg/tcg-op-gvec.c
@@ -XXX,XX +XXX,XX @@ void tcg_gen_gvec_4_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
     tcg_temp_free_i32(desc);
 }
 
+/* Generate a call to a gvec-style helper with five vector operands
+   and an extra pointer operand.  */
+void tcg_gen_gvec_5_ptr(uint32_t dofs, uint32_t aofs, uint32_t bofs,
+                        uint32_t cofs, uint32_t eofs, TCGv_ptr ptr,
+                        uint32_t oprsz, uint32_t maxsz, int32_t data,
+                        gen_helper_gvec_5_ptr *fn)
+{
+    TCGv_ptr a0, a1, a2, a3, a4;
+    TCGv_i32 desc = tcg_const_i32(simd_desc(oprsz, maxsz, data));
+
+    a0 = tcg_temp_new_ptr();
+    a1 = tcg_temp_new_ptr();
+    a2 = tcg_temp_new_ptr();
+    a3 = tcg_temp_new_ptr();
+    a4 = tcg_temp_new_ptr();
+
+    tcg_gen_addi_ptr(a0, cpu_env, dofs);
+    tcg_gen_addi_ptr(a1, cpu_env, aofs);
+    tcg_gen_addi_ptr(a2, cpu_env, bofs);
+    tcg_gen_addi_ptr(a3, cpu_env, cofs);
+    tcg_gen_addi_ptr(a4, cpu_env, eofs);
+
+    fn(a0, a1, a2, a3, a4, ptr, desc);
+
+    tcg_temp_free_ptr(a0);
+    tcg_temp_free_ptr(a1);
+    tcg_temp_free_ptr(a2);
+    tcg_temp_free_ptr(a3);
+    tcg_temp_free_ptr(a4);
+    tcg_temp_free_i32(desc);
+}
+
 /* Return true if we want to implement something of OPRSZ bytes
    in units of LNSZ.  This limits the expansion of inline code.  */
 static inline bool check_size_impl(uint32_t oprsz, uint32_t lnsz)
-- 
2.20.1

V2 replaces the tcg const temp overflow patch.

The following changes since commit 0e32462630687a18039464511bd0447ada5709c3:

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-6.0-pull-request' into staging (2021-01-22 10:35:55 +0000)

are available in the Git repository at:

https://gitlab.com/rth7680/qemu.git tags/pull-tcg-20210124

for you to fetch changes up to ae30e86661b0f48562cd95918d37cbeec5d02262:

tcg: Restart code generation when we run out of temps (2021-01-24 08:03:27 -1000)

----------------------------------------------------------------
Fix tcg constant temp overflow.
Fix running during atomic single-step.
Partial support for apple silicon.
Cleanups for accel/tcg.

----------------------------------------------------------------
Douglas Crosher (1):
      tcg: update the cpu running flag in cpu_exec_step_atomic

Philippe Mathieu-Daudé (4):
      accel/tcg: Make cpu_gen_init() static
      accel/tcg: Restrict tb_gen_code() from other accelerators
      accel/tcg: Declare missing cpu_loop_exit*() stubs
      accel/tcg: Restrict cpu_io_recompile() from other accelerators

Richard Henderson (4):
      qemu/compiler: Split out qemu_build_not_reached_always
      tcg: Optimize inline dup_const for MO_64
      accel/tcg: Move tb_flush_jmp_cache() to cputlb.c
      tcg: Restart code generation when we run out of temps

Roman Bolshakov (1):
      tcg: Toggle page execution for Apple Silicon

accel/tcg/internal.h      | 20 ++++++++++++++++++++
 include/exec/exec-all.h   | 11 -----------
 include/qemu/compiler.h   |  5 +++--
 include/qemu/osdep.h      | 28 ++++++++++++++++++++++++++++
 include/tcg/tcg.h         |  6 +++++-
 accel/stubs/tcg-stub.c    | 10 ++++++++++
 accel/tcg/cpu-exec.c      |  7 +++++++
 accel/tcg/cputlb.c        | 19 +++++++++++++++++++
 accel/tcg/translate-all.c | 38 +++++++++++++++++++-------------------
 tcg/tcg.c                 | 12 +++++++++---
 10 files changed, 120 insertions(+), 36 deletions(-)
 create mode 100644 accel/tcg/internal.h

Some large translation blocks can generate so many unique
constants that we run out of temps to hold them.  In this
case, longjmp back to the start of code generation and
restart with a smaller translation block.

Buglink: https://bugs.launchpad.net/bugs/1912065
Tested-by: BALATON Zoltan <balaton@eik.bme.hu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 include/tcg/tcg.h         |  3 +++
 accel/tcg/translate-all.c | 15 ++++++++++++++-
 tcg/tcg.c                 | 11 ++++++++---
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/include/tcg/tcg.h b/include/tcg/tcg.h
index XXXXXXX..XXXXXXX 100644
--- a/include/tcg/tcg.h
+++ b/include/tcg/tcg.h
@@ -XXX,XX +XXX,XX @@ struct TCGContext {
 
     uint16_t gen_insn_end_off[TCG_MAX_INSNS];
     target_ulong gen_insn_data[TCG_MAX_INSNS][TARGET_INSN_START_WORDS];
+
+    /* Exit to translator on overflow. */
+    sigjmp_buf jmp_trans;
 };
 
 static inline bool temp_readonly(TCGTemp *ts)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index XXXXXXX..XXXXXXX 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
     ti = profile_getclock();
 #endif
 
+    gen_code_size = sigsetjmp(tcg_ctx->jmp_trans, 0);
+    if (unlikely(gen_code_size != 0)) {
+        goto error_return;
+    }
+
     tcg_func_start(tcg_ctx);
 
     tcg_ctx->cpu = env_cpu(env);
     gen_intermediate_code(cpu, tb, max_insns);
     tcg_ctx->cpu = NULL;
+    max_insns = tb->icount;
 
     trace_translate_block(tb, tb->pc, tb->tc.ptr);
 
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
 
     gen_code_size = tcg_gen_code(tcg_ctx, tb);
     if (unlikely(gen_code_size < 0)) {
+ error_return:
         switch (gen_code_size) {
         case -1:
             /*
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
              * flush the TBs, allocate a new TB, re-initialize it per
              * above, and re-do the actual code generation.
              */
+            qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
+                          "Restarting code generation for "
+                          "code_gen_buffer overflow\n");
             goto buffer_overflow;
 
         case -2:
@@ -XXX,XX +XXX,XX @@ TranslationBlock *tb_gen_code(CPUState *cpu,
              * Try again with half as many insns as we attempted this time.
              * If a single insn overflows, there's a bug somewhere...
              */
-            max_insns = tb->icount;
             assert(max_insns > 1);
             max_insns /= 2;
+            qemu_log_mask(CPU_LOG_TB_OP | CPU_LOG_TB_OP_OPT,
+                          "Restarting code generation with "
+                          "smaller translation block (max %d insns)\n",
+                          max_insns);
             goto tb_overflow;
 
         default:
diff --git a/tcg/tcg.c b/tcg/tcg.c
index XXXXXXX..XXXXXXX 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -XXX,XX +XXX,XX @@ void tcg_func_start(TCGContext *s)
     QSIMPLEQ_INIT(&s->labels);
 }
 
-static inline TCGTemp *tcg_temp_alloc(TCGContext *s)
+static TCGTemp *tcg_temp_alloc(TCGContext *s)
 {
     int n = s->nb_temps++;
-    tcg_debug_assert(n < TCG_MAX_TEMPS);
+
+    if (n >= TCG_MAX_TEMPS) {
+        /* Signal overflow, starting over with fewer guest insns. */
+        siglongjmp(s->jmp_trans, -2);
+    }
     return memset(&s->temps[n], 0, sizeof(TCGTemp));
 }
 
-static inline TCGTemp *tcg_global_alloc(TCGContext *s)
+static TCGTemp *tcg_global_alloc(TCGContext *s)
 {
     TCGTemp *ts;
 
     tcg_debug_assert(s->nb_globals == s->nb_temps);
+    tcg_debug_assert(s->nb_globals < TCG_MAX_TEMPS);
     s->nb_globals++;
     ts = tcg_temp_alloc(s);
     ts->kind = TEMP_GLOBAL;
-- 
2.25.1