[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] TCG jumping inside translation block
From: |
Schrober |
Subject: |
[Qemu-devel] TCG jumping inside translation block |
Date: |
Wed, 21 Aug 2013 15:02 +0200 |
User-agent: |
KMail/4.10.5 (Linux/3.10-2-amd64; KDE/4.10.5; x86_64; ; ) |
Hi,
I am currently trying to understand how the tcg stuff works from the outside
based on some real basic, imaginary processor instruction set. So for example
there is following code (each line is one instruction of the processor):
i1: set r1, 123
i2: add r1, r1, 456
i3: foobar
The foobar instruction is just a magic instruction which checks and then jumps
to an important place somewhere else. Just assume that it is the end of the
translation block. The first time this block is encountered, it was started at
i1. The translation was done for this processor and TCG did its magic job.
I first thought about how QEMU would represent this block on the host system
using TCG.
My first idea was following (super optimized, no labels were inserted in the
TCG intermediate code):
t1: target_set mem_r1, 579
-------
t2: target_jump foobar_helper
But now it would be "problematic" to have a jmp to i2 in the guest code. So
inserting labels before each guest instruction would create something like
this in the (TCG optimized) target code:
t1: target_set mem_r1, 123
----
t2: target_load target_register1, mem_r1
t3: target_add target_register1, target_register1, 456
t4: target_save mem_r1, target_register1
----
t5: target_jump foobar_helper
This would create a lot more instructions (most likely a lot slower) than the
first way for the benefit that it may can handle a jump to i2 instead of i1.
But this still leaves the problem open: how would TCG inform the translator
that i2 now starts at t2? TCG doesn't seem to inform the translator about this
kind of things.
So here is the assumption I made which I would like to have corrected:
Is qemu just recompiling the block again when it encounters a different entry
point to an already translated block? I am currently starring at the code in
translate-all.c and cpu-exec.c and don't seem to find the right part of the
code which would help to understand this basic concept. At least it seems to
me that labels are not used very often because it ruins the code optimization.
Btw. do I understand it correctly and the memory for the TCG compiled code is
allocated in the "lets hope everything will fit in there or we are all doomed"
way?
Thanks
- [Qemu-devel] TCG jumping inside translation block,
Schrober <=