From 0e11f730830f664d7cc8239e95750dd45e39d44e Mon Sep 17 00:00:00 2001
From: Alfredo Mazzinghi <am2419@cl.cam.ac.uk>
Date: Mon, 8 Jul 2024 13:28:58 +0100
Subject: [PATCH 1/2] Fix mismerge that breaks instruction tracing.

A previous merge moved the tcg cflags logic to the tcg_cpu_init_cflags
function. This is only called when a vcpu is started to precompute
cflags. In order to ensure that TB cflags are compared correctly,
curr_cflags must set CF_LOG_INSTR dynamically.
---
 include/exec/exec-all.h | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 4376e65451..124fb404c7 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -541,7 +541,14 @@ static inline uint32_t tb_cflags(const TranslationBlock *tb)
 /* current cflags for hashing/comparison */
 static inline uint32_t curr_cflags(CPUState *cpu)
 {
-    return cpu->tcg_cflags;
+    uint32_t cflags = cpu->tcg_cflags;
+
+#ifdef CONFIG_TCG_LOG_INSTR
+    if (cpu->log_state.loglevel_active && qemu_loglevel_mask(CPU_LOG_INSTR)) {
+        cflags |= CF_LOG_INSTR;
+    }
+#endif
+    return cflags;
 }
 
 /* TranslationBlock invalidate API */

From 6f6f935114053733dd761f9d9fde7dcb75007ea6 Mon Sep 17 00:00:00 2001
From: Alfredo Mazzinghi <am2419@cl.cam.ac.uk>
Date: Mon, 8 Jul 2024 13:30:53 +0100
Subject: [PATCH 2/2] Introduce tracing nops for aarch64.

Use the hlt instruction with a custom set of immediates to issue
tracing commands. This mirrors the behaviour of the ARM FVP Tarmac
trace plugin, which uses the hlt instruction with configurable
immediate values to start and stop tracing.

Introduce the following hlt immediates:
 - 0xff00: start instruction tracing
 - 0xff01: stop instruction tracing
 - 0xff02: start user-mode instruction tracing
---
 target/arm/translate-a64.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/target/arm/translate-a64.c b/target/arm/translate-a64.c
index 2982700c32..d2f95b4763 100644
--- a/target/arm/translate-a64.c
+++ b/target/arm/translate-a64.c
@@ -2697,7 +2697,32 @@ static void disas_exc(DisasContext *s, uint32_t insn)
 #endif
             gen_exception_internal_insn(s, s->pc_curr, EXCP_SEMIHOST);
         } else {
+#ifdef CONFIG_TCG_LOG_INSTR
+            TCGv tpc = tcg_const_tl(s->base.pc_next);
+            switch (imm16) {
+            case 0xff00:
+                gen_helper_qemu_log_instr_start(cpu_env, tpc);
+                s->base.is_jmp = DISAS_EXIT;
+                break;
+            case 0xff01:
+                gen_helper_qemu_log_instr_stop(cpu_env, tpc);
+                s->base.is_jmp = DISAS_EXIT;
+                break;
+            case 0xff02:
+                gen_helper_qemu_log_instr_user_start(cpu_env, tpc);
+                s->base.is_jmp = DISAS_EXIT;
+                break;
+            default:
+                unsupported_encoding(s, insn);
+            }
+            tcg_temp_free(tpc);
+
+            if (s->base.is_jmp != DISAS_NEXT) {
+                gen_a64_set_pc_im(s->base.pc_next);
+            }
+#else
             unsupported_encoding(s, insn);
+#endif
         }
         break;
     case 5: