From patchwork Sun Dec 14 23:00:48 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 420921 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 62ABF14010B for ; Mon, 15 Dec 2014 10:02:52 +1100 (AEDT) Received: from localhost ([::1]:37386 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0IBe-0001oR-L1 for incoming@patchwork.ozlabs.org; Sun, 14 Dec 2014 18:02:50 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56153) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0I9u-00077Q-P7 for qemu-devel@nongnu.org; Sun, 14 Dec 2014 18:01:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Y0I9p-0001Y2-KJ for qemu-devel@nongnu.org; Sun, 14 Dec 2014 18:01:02 -0500 Received: from mail-oi0-x233.google.com ([2607:f8b0:4003:c06::233]:46992) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Y0I9p-0001Xu-FB for qemu-devel@nongnu.org; Sun, 14 Dec 2014 18:00:57 -0500 Received: by mail-oi0-f51.google.com with SMTP id e131so7350354oig.24 for ; Sun, 14 Dec 2014 15:00:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:date:message-id:in-reply-to:references; bh=NpaP85gOoxuIT9F+icD9mRnN9XjMr91/KCBfcJmtI68=; b=IjpgNfqQ9GEFeIvu57dlOUP35eCOrlbWowlbUd9+o8K5Do4WS6Z9rI1HCNR3l39I4v XCIfOibf9KDwaRheqYCgIeTDYyrhaq+wc17saCYh+Q21loTLvNE2cbeEnvRg5ZCYMZeW eQ2fKSUcT7VI6RjwaNZpZXriugI8QgxZk6j55TqRn97y2lqDScKsgmNSH+DhCBXHI5hn Gy38l7XeutmeRWCdDIVvhhpft5V3XcssoqKRdQNRUGZPkzE8BqztYNGq6c+tuMANc8dg MYm4NxhVvl7UJ0kHzqINVVYssPlBbSqYj0LW+jJUdR2g+YqhVB4ojVPkEmW9P9/GnADm GbAg== X-Received: by 10.182.105.163 with SMTP id gn3mr17385055obb.9.1418598057000; Sun, 14 Dec 2014 15:00:57 -0800 (PST) Received: from pike.twiddle.home (187-254-17-144-cable.cybercable.net.mx. [187.254.17.144]) by mx.google.com with ESMTPSA id d85sm3837244oic.26.2014.12.14.15.00.54 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 14 Dec 2014 15:00:56 -0800 (PST) From: Richard Henderson To: qemu-devel@nongnu.org Date: Sun, 14 Dec 2014 17:00:48 -0600 Message-Id: <1418598048-21995-4-git-send-email-rth@twiddle.net> X-Mailer: git-send-email 2.1.0 In-Reply-To: <1418598048-21995-1-git-send-email-rth@twiddle.net> References: <1418598048-21995-1-git-send-email-rth@twiddle.net> X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2607:f8b0:4003:c06::233 Cc: peter.maydell@linaro.org, Pavel Dovgalyuk Subject: [Qemu-devel] [PULL 3/3] target-i386: fix icount processing for repz instructions X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org From: Pavel Dovgalyuk TCG generates optimized code for i386 repz instructions in single step mode. It means that when ecx becomes 0, execution of the string instruction breaks immediately without an additional iteration for ecx==0 (which will only check ecx and set the flags). Omitting this iteration leads to different instructions counting in singlestep mode and in normal execution. This patch disables optimization of this last iteration for icount mode which should be deterministic. v2: inverted the condition and formatted the comment Signed-off-by: Pavel Dovgalyuk Signed-off-by: Richard Henderson --- target-i386/translate.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/target-i386/translate.c b/target-i386/translate.c index 782f7d2..6243e36 100644 --- a/target-i386/translate.c +++ b/target-i386/translate.c @@ -115,6 +115,7 @@ typedef struct DisasContext { int tf; /* TF cpu flag */ int singlestep_enabled; /* "hardware" single step enabled */ int jmp_opt; /* use direct block chaining for direct jumps */ + int repz_opt; /* optimize jumps within repz instructions */ int mem_index; /* select memory access functions */ uint64_t flags; /* all execution flags */ struct TranslationBlock *tb; @@ -1215,7 +1216,7 @@ static inline void gen_repz_ ## op(DisasContext *s, TCGMemOp ot, \ gen_op_add_reg_im(s->aflag, R_ECX, -1); \ /* a loop would cause two single step exceptions if ECX = 1 \ before rep string_insn */ \ - if (!s->jmp_opt) \ + if (s->repz_opt) \ gen_op_jz_ecx(s->aflag, l2); \ gen_jmp(s, cur_eip); \ } @@ -1233,7 +1234,7 @@ static inline void gen_repz_ ## op(DisasContext *s, TCGMemOp ot, \ gen_op_add_reg_im(s->aflag, R_ECX, -1); \ gen_update_cc_op(s); \ gen_jcc1(s, (JCC_Z << 1) | (nz ^ 1), l2); \ - if (!s->jmp_opt) \ + if (s->repz_opt) \ gen_op_jz_ecx(s->aflag, l2); \ gen_jmp(s, cur_eip); \ } @@ -7951,6 +7952,17 @@ static inline void gen_intermediate_code_internal(X86CPU *cpu, || (flags & HF_SOFTMMU_MASK) #endif ); + /* Do not optimize repz jumps at all in icount mode, because + rep movsS instructions are execured with different paths + in !repz_opt and repz_opt modes. The first one was used + always except single step mode. And this setting + disables jumps optimization and control paths become + equivalent in run and single step modes. + Now there will be no jump optimization for repz in + record/replay modes and there will always be an + additional step for ecx=0 when icount is enabled. + */ + dc->repz_opt = !dc->jmp_opt && !use_icount; #if 0 /* check addseg logic */ if (!dc->addseg && (dc->vm86 || !dc->pe || !dc->code32))