From: "浩倫 魏" <goberwei@yahoo.com.tw>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] What's the differences betweencld/st and qemu_ld/st in TCG IR?
Date: Sun, 24 May 2015 00:09:58 +0000 (UTC) [thread overview]
Message-ID: <477790825.348663.1432426198996.JavaMail.yahoo@mail.yahoo.com> (raw)
In-Reply-To: <CAFEAcA-jWe907_QBGWbnGS-RN2zd=vXsqWDSnOnADdivBOsNjQ@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2119 bytes --]
Dear Peter:
Now I get it, thanks for the help! :-)
Peter Maydell <peter.maydell@linaro.org> 於 2015/5/24 (週日) 5:17 AM 寫道﹕
On 23 May 2015 at 13:18, 浩倫 魏 <goberwei@yahoo.com.tw> wrote:
> Hi, all:
> I've been trying to understand the process of binary translation inside TCG.
> If I haven't misunderstood, qemu_ld/st are the operations that will call
> helper function(ld_mmu) to let softmmu translate the GVA->GPA for the guest
> load/store instructions.
> So there are some points that I hope you can help me out:
> 1. Is every guest load/store instruction would be translated to qemu_ld/st
> IR?
Yes, as a general rule. There are a few special cases:
* sometimes complicated instructions are just translated into
calls to helper functions which do the guest memory access
at runtime (for instance x86 cmpxchg8b turns into a call to
helper_cmpxchg8b())
* for linux-user some of the atomic instructions (load-lock/
store-conditional pairs) are handled by translating to a
"raise internal exception" call, and the actual load/store
is then dealt with in linux-user/main.c
[This mechanism might change in the near future; we're looking at
multi-threaded TCG emulation, and so might switch the linux-user
atomics to work the same way as a future mechanism for doing atomics
in multi-threaded system emulation]
But almost all guest accesses will turn into qemu_ld/st ops.
> 2. What about another TCG IR "ld/st"? What kind of guest instructions would
> cause TCG generates that IRs and for what purpose?
These just do plain load/store to the *host* address specified.
This is almost always used to read a value from the CPU state
structure (CPUARMState, etc). Generated code always has access
to a pointer to this struct, and uses the ld/st ops to read
or write fields within it. (If you search for tcg_gen_ld
in target-*/ you'll see lots of examples.) The op can be used
for any host load or store, but in practice use for anything
other than "read a value from the CPU state struct" is very rare.
-- PMM
[-- Attachment #2: Type: text/html, Size: 3827 bytes --]
prev parent reply other threads:[~2015-05-24 0:10 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-23 12:18 [Qemu-devel] What's the differences betweencld/st and qemu_ld/st in TCG IR? 浩倫 魏
2015-05-23 21:17 ` Peter Maydell
2015-05-24 0:09 ` 浩倫 魏 [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=477790825.348663.1432426198996.JavaMail.yahoo@mail.yahoo.com \
--to=goberwei@yahoo.com.tw \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.