SYS-OSS/FRET-qemu
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tcg/arm: remove fixed map code buffer restriction

Browse Source 
On ARM, don't map the code buffer at a fixed location, and fix up the
call/goto tcg routines to let it do long jumps.

Mapping the code buffer at a fixed address could sometimes result in it being
mapped over the top of the heap with pretty random results.

Signed-off-by: Dr. David Alan Gilbert <david.gilbert@linaro.org>
Signed-off-by: Andrzej Zaborowski <andrew.zaborowski@intel.com>
This commit is contained in:
Dr. David Alan Gilbert 2011-12-12 16:37:31 +01:00 committed by Andrzej Zaborowski
parent 23ce84b1bb
commit 222f23f508
2 changed files with 13 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
exec.c
View File

@ -497,9 +497,7 @@ static void code_gen_alloc(unsigned long tb_size)
if (code_gen_buffer_size > (512 * 1024 * 1024)) if (code_gen_buffer_size > (512 * 1024 * 1024))
code_gen_buffer_size = (512 * 1024 * 1024); code_gen_buffer_size = (512 * 1024 * 1024);
#elif defined(__arm__) #elif defined(__arm__)
/* Map the buffer below 32M, so we can use direct calls and branches */ /* Keep the buffer no bigger than 16GB to branch between blocks */
flags |= MAP_FIXED;
start = (void *) 0x01000000UL;
if (code_gen_buffer_size > 16 * 1024 * 1024) if (code_gen_buffer_size > 16 * 1024 * 1024)
code_gen_buffer_size = 16 * 1024 * 1024; code_gen_buffer_size = 16 * 1024 * 1024;
#elif defined(__s390x__) #elif defined(__s390x__)

31
tcg/arm/tcg-target.c
View File

@ -842,6 +842,12 @@ static inline void tcg_out_st8(TCGContext *s, int cond,
tcg_out_st8_12(s, cond, rd, rn, offset); tcg_out_st8_12(s, cond, rd, rn, offset);
} }
/* The _goto case is normally between TBs within the same code buffer,
* and with the code buffer limited to 16GB we shouldn't need the long
* case.
*
* .... except to the prologue that is in its own buffer.
*/
static inline void tcg_out_goto(TCGContext *s, int cond, uint32_t addr) static inline void tcg_out_goto(TCGContext *s, int cond, uint32_t addr)
{ {
int32_t val; int32_t val;
@ -855,22 +861,20 @@ static inline void tcg_out_goto(TCGContext *s, int cond, uint32_t addr)
if (val - 8 < 0x01fffffd && val - 8 > -0x01fffffd) if (val - 8 < 0x01fffffd && val - 8 > -0x01fffffd)
tcg_out_b(s, cond, val); tcg_out_b(s, cond, val);
else { else {
#if 1
tcg_abort();
#else
if (cond == COND_AL) { if (cond == COND_AL) {
tcg_out_ld32_12(s, COND_AL, TCG_REG_PC, TCG_REG_PC, -4); tcg_out_ld32_12(s, COND_AL, TCG_REG_PC, TCG_REG_PC, -4);
tcg_out32(s, addr); /* XXX: This is l->u.value, can we use it? */ tcg_out32(s, addr);
} else { } else {
tcg_out_movi32(s, cond, TCG_REG_R8, val - 8); tcg_out_movi32(s, cond, TCG_REG_R8, val - 8);
tcg_out_dat_reg(s, cond, ARITH_ADD, tcg_out_dat_reg(s, cond, ARITH_ADD,
TCG_REG_PC, TCG_REG_PC, TCG_REG_PC, TCG_REG_PC,
TCG_REG_R8, SHIFT_IMM_LSL(0)); TCG_REG_R8, SHIFT_IMM_LSL(0));
} }
#endif
} }
} }
/* The call case is mostly used for helpers - so it's not unreasonable
* for them to be beyond branch range */
static inline void tcg_out_call(TCGContext *s, uint32_t addr) static inline void tcg_out_call(TCGContext *s, uint32_t addr)
{ {
int32_t val; int32_t val;
@ -887,20 +891,9 @@ static inline void tcg_out_call(TCGContext *s, uint32_t addr)
tcg_out_bl(s, COND_AL, val); tcg_out_bl(s, COND_AL, val);
} }
} else { } else {
#if 1 tcg_out_dat_imm(s, COND_AL, ARITH_ADD, TCG_REG_R14, TCG_REG_PC, 4);
tcg_abort(); tcg_out_ld32_12(s, COND_AL, TCG_REG_PC, TCG_REG_PC, -4);
#else tcg_out32(s, addr);
if (cond == COND_AL) {
tcg_out_dat_imm(s, cond, ARITH_ADD, TCG_REG_R14, TCG_REG_PC, 4);
tcg_out_ld32_12(s, COND_AL, TCG_REG_PC, TCG_REG_PC, -4);
tcg_out32(s, addr); /* XXX: This is l->u.value, can we use it? */
} else {
tcg_out_movi32(s, cond, TCG_REG_R9, addr);
tcg_out_dat_reg(s, cond, ARITH_MOV, TCG_REG_R14, 0,
TCG_REG_PC, SHIFT_IMM_LSL(0));
tcg_out_bx(s, cond, TCG_REG_R9);
}
#endif
} }
} }