| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
A critical test in the execution loop was missed in the latest huge integration.
Also optimize slightly the basic-block start recording helper interface.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes a really bad bug in the Thumb/Thumb2 ARM emulation related to
conditional instructions execution. The issue was that the previous
implementation did break badly if a page fault occured during the conditional
instruction's emulation. Giving an example if probably the best way to demonstrate
this. Consider the following two instructions:
itt eq
streq r0,[r4, #0]
These two instructions mean, respectively:
- If the Z flag is set, execute the next instruction. Otherwise ignore it
- Store the value of r0 at the address pointed to by r4
In single-step mode (used when debugging the emulator), each instruction is
separately JIT-ed and executed in a different pass. The 'condexec_bits' field
of the CPU state if used to store flags corresponding to the conditional
execution of up to 4 next instructions.
When the first instruction is executed, it simply sets 'condexec_bits' to a
specific value (4).
When the second instruction is executed, things get slightly bit more funky
because what happened was the following:
- the JIT-ed code started by clearing the 'condexec_bits' right at the
start of its sequence (a comment says "to avoid complications trying to
do it at the end of the block", famous last words...)
- a conditional test, based on the current value of the Z flag was added
to skip over the rest of the instruction sequence
- the store itself is implemented through a call to the __stl_mmu helper
function.
The thing is that __stl_mmu may implement a *page fault* (i.e. when the
address in r4 hasn't been commited to memory yet) which requires a switch
to kernel mode (to populate the page), then going back to the instruction's
execution.
This is done in the current implementation by re-running the JIT-er for the
same instruction, however, since 'condexec_bits' was already cleared to 0,
the new JIT-ed code sequence doesn't have the conditional test to skip over
the store. The conditional instruction has been transformed into a
non-conditional one due to the page fault ! This results in either bad behaviour
or, even a crash in the emulator.
The patch fixes the clearing of condexec_bits to happen as it should, i.e.
only when execution has really cleared it.
This is preliminary work to fix the -trace option.
Also, disable the IO Thread when running the standalone emulator. This makes
debugging much easier since everything happens in a single thread.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is used to disable the code generator's liveness analysis pass when we
emulate an ARMv7 CPU. This is required to properly run the dex preoptimization pass
during the build of -user system images.
Also includes:
- a fix for a sad typo in target-arm/translate.c related to NEON instruction emulation
- upstream improvements to the x86 and x86_64 backends to generate better goto branches at runtime
- upstream fixes for 64-bit swap and shift operations in TCG
After this patch is applied, re-enabling the ARMv7 memcpy should allow to run the dex preopt
pass succesfully. Anything else is untested though. WE STILL NEED TO FIX THE CODE GENERATOR.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Disable alignment CPU exceptions to be able to boot an ARMv7 system image.
This is because 4.4.0 emits a machine code sequence that stores an 8-bytes double
on a 4-byte aligned address on the stack in the implementation of cvt() in the C
library (see the disassembly for bionic/libc/stdio/vfprintf.c). It is uncertain
that this is a compiler bug at this point, but the upstream QEMU sources don't have
alignment exceptions enabled for any ARM target anyway.
Also, add a check to force CPU emulation to "cortex-a8" if the kernel file name
ends in "-armv7". This is a poor man's approach to hardware configuration that will
be replaced by a more sophisticated solution in the future. Right now, we just want
to be able to build -user system images with the dex preopt pass running in the
emulator with the minimum amount of fuss.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change integrates many changes from the upstream QEMU sources.
Its main purpose is to enable correct ARMv6 and ARMv7 support to the
Android emulator. Due to the nature of the upstream code base, this
unfortunately also required changes to many other parts of the source.
Note that to ensure easier integrations in the future, some source files
and directories that have heavy Android-specific customization have been
renamed with an -android suffix. The original files are still there for
easier integration tracking, but *never* compiled. For example:
net.c net-android.c
qemu-char.c qemu-char-android.c
slirp/ slirp-android/
etc...
Tested on linux-x86, darwin-x86 and windows host machines.
|
| |
|
|
|
|
|
|
|
|
| |
wrong.
One of the calls to trace_add_insn() was missing a parameter and was passing in
garbage. This parameter "is_thumb" is expected to be 0 or 1 and is OR-ed with
the basic block address to distinguish ARM and Thumb instruction blocks.
|
|
|
|
| |
Exceptions used to be traced but that code was deleted during a large merge.
|
| |
|
| |
|
| |
|
| |
|
|
|