[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] qemu softmmu inlined lookup sequence
|
From: |
Xin Tong |
|
Subject: |
Re: [Qemu-devel] qemu softmmu inlined lookup sequence |
|
Date: |
Sat, 21 Apr 2012 17:28:36 -0400 |
On Mon, Apr 16, 2012 at 10:51 PM, 陳韋任 <address@hidden> wrote:
>> what does the inline sequence look like ? what kind of things (other
>> than refill tlb) performed in callout but not the inlined sequence ?
>
> What do you mean by the inline sequence, the host binary? If so,
>
> ---
> ---- 0xe86c8
> mov_i32 tmp2,edi
> qemu_ld8u tmp0,tmp2,$0x0
> ext8u_i32 tmp12,tmp0
> movi_i32 tmp13,$0xffffff00
> and_i32 edx,edx,tmp13
> or_i32 edx,edx,tmp12
>
> OUT: [size=172]
> 0x40000ce0: mov 0x1c(%r14),%ebp
> 0x40000ce4: mov %ebp,%esi <--- (a)
> 0x40000ce6: mov %ebp,%edi
> 0x40000ce8: shr $0x7,%esi
> 0x40000ceb: and $0xfffff000,%edi
> 0x40000cf1: and $0x1fe0,%esi
> 0x40000cf7: lea 0x348(%r14,%rsi,1),%rsi
> 0x40000cff: cmp (%rsi),%edi
> 0x40000d01: mov %ebp,%edi
> 0x40000d03: jne 0x40000d0e
> 0x40000d05: add 0x10(%rsi),%rdi
> 0x40000d09: movzbl (%rdi),%ebp
> 0x40000d0c: jmp 0x40000d18
> 0x40000d0e: xor %esi,%esi
> 0x40000d10: callq 0x54cf8e <--- (b)
> 0x40000d15: movzbl %al,%ebp
> 0x40000d18: movzbl %bpl,%ebp
> 0x40000d1c: mov 0x8(%r14),%ebx
> ---
>
I had anotated the inlined TLB lookup sequence. can you please help me
verify whether it is correct ? I am putting this in a paper... must
make sure it is correct ...
# %ebp is the guest virtual address.
0x40000ce4: mov %ebp,%esi
# %ebp is the guest virtual address.
0x40000ce6: mov %ebp,%edi
# take the page address of the guest virtual address.
# take the bit 12 - 19 of the guest virtual address.
0x40000ce8: shr $0x7,%esi
0x40000ceb: and $0xfffff000,%edi
0x40000cf1: and $0x1fe0,%esi
# index into the software tlb using the bit 12 - 19.
0x40000cf7: lea 0x348(%r14,%rsi,1),%rsi
# check for a possible match
0x40000cff: cmp (%rsi),%edi
0x40000d01: mov %ebp,%edi
0x40000d03: jne 0x40000d0e
# there is a match, calculate the translated address.
0x40000d05: add 0x10(%rsi),%rdi
0x40000d09: movzbl (%rdi),%ebp
0x40000d0c: jmp 0x40000d18
# can not find a match, perform the callout.
0x40000d0e: xor %esi,%esi
0x40000d10: callq callout_TLBLookup
# other emulation code
0x40000d18: movzbl %bpl,%ebp
0x40000d1c: mov 0x8(%r14),%ebx
> The code between (a) and (b) is (almost) what TLB lookup hit/miss looks like.
> If TLB miss, it will call something like __ldb_mmu (b). __ldb_mmu will try to
> walk guest page table, then fill TLB entry if page table hit, or raise a guest
> page fault exception if page table miss.
>
> HTH,
> chenwj
>
> --
> Wei-Ren Chen (陳韋任)
> Computer Systems Lab, Institute of Information Science,
> Academia Sinica, Taiwan (R.O.C.)
> Tel:886-2-2788-3799 #1667
> Homepage: http://people.cs.nctu.edu.tw/~chenwj
- [Qemu-devel] qemu softmmu inlined lookup sequence, Xin Tong, 2012/04/16
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, 陳韋任, 2012/04/17
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, Xin Tong, 2012/04/16
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, 陳韋任, 2012/04/17
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, Xin Tong, 2012/04/17
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, Blue Swirl, 2012/04/17
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, 陳韋任, 2012/04/18
- Re: [Qemu-devel] qemu softmmu inlined lookup sequence, Blue Swirl, 2012/04/18
Re: [Qemu-devel] qemu softmmu inlined lookup sequence,
Xin Tong <=