qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] TCG jumping inside translation block

From: Schrober
Subject: [Qemu-devel] TCG jumping inside translation block
Date: Wed, 21 Aug 2013 15:02 +0200
User-agent: KMail/4.10.5 (Linux/3.10-2-amd64; KDE/4.10.5; x86_64; ; ) 
Hi,

I am currently trying to understand how the tcg stuff works from the outside  
based on some real basic, imaginary processor instruction set. So for example 
there is following code (each line is one instruction of the processor):

i1: set r1, 123
i2: add r1, r1, 456
i3: foobar

The foobar instruction is just a magic instruction which checks and then jumps 
to an important place somewhere else. Just assume that it is the end of the 
translation block. The first time this block is encountered, it was started at 
i1. The translation was done for this processor and TCG did its magic job.

I first thought about how QEMU would represent this block on the host system 
using TCG.

My first idea was following (super optimized, no labels were inserted in the 
TCG intermediate code):

t1: target_set mem_r1, 579
-------
t2: target_jump foobar_helper

But now it would be "problematic" to have a jmp to i2 in the guest code. So 
inserting labels before each guest instruction would create something like 
this in the (TCG optimized) target code:

t1: target_set mem_r1, 123
----
t2: target_load target_register1, mem_r1
t3: target_add target_register1, target_register1, 456
t4: target_save mem_r1, target_register1
----
t5: target_jump foobar_helper

This would create a lot more instructions (most likely a lot slower) than the 
first way for the benefit that it may can handle a jump to i2 instead of i1. 
But this still leaves the problem open: how would TCG inform the translator 
that i2 now starts at t2? TCG doesn't seem to inform the translator about this 
kind of things.

So here is the assumption I made which I would like to have corrected:

Is qemu just recompiling the block again when it encounters a different entry 
point to an already translated block? I am currently starring at the code in 
translate-all.c and cpu-exec.c and don't seem to find the right part of the 
code which would help to understand this basic concept. At least it seems to 
me that labels are not used very often because it ruins the code optimization.

Btw. do I understand it correctly and the memory for the TCG compiled code is 
allocated in the "lets hope everything will fit in there or we are all doomed" 
way?

Thanks
reply via email to
[Prev in Thread] Current Thread [Next in Thread]