From: "Raphael Lefevre" <taylor.lefevre@gmail.com>
To: stefboombastic@gmail.com
Cc: blauwirbel@gmail.com, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] TCG flow vs dyngen
Date: Sun, 16 Jan 2011 22:46:13 +0800 [thread overview]
Message-ID: <000001cbb58c$221f5a00$011aa8c0@side35ya3cah0n> (raw)
[-- Attachment #1: Type: text/plain, Size: 2733 bytes --]
On Wed, Dec 15, 2010 at 4:17 AM, Stefano Bonifazi <stefboombastic@gmail.com> wrote:
> On 12/11/2010 03:44 PM, Blue Swirl wrote:
>
> Hi!
> Thank you very much! Knowing exactly where I should check, in a so big
> project helped me very much!!
> Anyway after having spent more than 2 days on that code I still can't
> understand how it works the real execution:
>
> in cpu-exec.c : cpu_exec_nocache i find:
>
>> /* execute the generated code */
>> next_tb = tcg_qemu_tb_exec(tb->tc_ptr);
>
> and in cpu-exec.c : cpu_exec
>
>> /* execute the generated code */
>>
>> next_tb = tcg_qemu_tb_exec(tc_ptr);
>
> so I thought tcg_qemu_tb_exec "function" should do the work of executing the
> translated binary in the host.
> But then I found out it is just a define in tcg.h:
>
>> #define tcg_qemu_tb_exec(tb_ptr) ((long REGPARM (*)(void
>> *))code_gen_prologue)(tb_ptr)
>
> and again in exec.c
>
>> uint8_t code_gen_prologue[1024] code_gen_section;
>
> Maybe I have some problems with that C syntax, but I really don't understand
> what happens there.. how the execution happens!
>
> Here instead with QEMU/TCG I understood that at runtime the target binary
> is translated into host binary (somehow) .. but then.. how can this new host
> binary be run? Shall the host code at runtime do some sort of (assembly
> speaking) branch jump to an area of memory with new host binary instructions
> .. and then jump back to the old process binary code?
1. As I know, the host codes translated from the target instructions exist by the format of object file, that’s why they can be executed directly.
2. I think you catch the right concept in some point of view, one part of the internal of QEMU does such jump & back works certainly.
> If so, can you explain me how this happens in those lines of code?
I only can give a rough profile, the code you listed do a simple thing:
Modify the pointer of the host code execution to point the next address that the host processor should continue to execute.
> I am just a student.. unluckily at university they just tell you that a cpu
> follows some sort of "fetch ->decode->execute" flow .. but then you open
> QEMU.. and wow there is a huge gap for understanding it, and no books where
> to study it! ;)
The QEMU is not used to simulate the every details of the processor should behave, it just try to approximate the necessary operations what a machine should be!
“fetch->decode->execute” flow only need to be concerned when you involve into the hardware design.
Raphaël Lefèvre
[-- Attachment #2: Type: text/html, Size: 11197 bytes --]
next reply other threads:[~2011-01-16 14:46 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-16 14:46 Raphael Lefevre [this message]
2011-01-16 15:21 ` [Qemu-devel] TCG flow vs dyngen Stefano Bonifazi
2011-01-16 16:01 ` Raphaël Lefèvre
2011-01-16 16:43 ` Stefano Bonifazi
2011-01-16 18:29 ` Peter Maydell
2011-01-16 19:02 ` Stefano Bonifazi
2011-01-16 19:24 ` Peter Maydell
2011-01-24 13:20 ` [Qemu-devel] " Stefano Bonifazi
2011-01-16 20:50 ` [Qemu-devel] " Stefano Bonifazi
2011-01-16 21:08 ` Raphaël Lefèvre
2011-01-24 12:35 ` [Qemu-devel] " Stefano Bonifazi
2011-01-17 11:59 ` [Qemu-devel] " Lluís
2011-01-24 12:31 ` [Qemu-devel] " Stefano Bonifazi
2011-01-24 13:36 ` Lluís
2011-01-24 14:00 ` Stefano Bonifazi
2011-01-24 15:06 ` Lluís
2011-01-24 17:23 ` Stefano Bonifazi
2011-01-24 18:12 ` Lluís
2011-01-16 19:16 ` [Qemu-devel] " Raphaël Lefèvre
2011-01-23 21:50 ` Rob Landley
2011-01-23 22:25 ` Stefano Bonifazi
2011-01-23 23:40 ` Rob Landley
2011-01-24 10:17 ` Stefano Bonifazi
2011-01-24 18:20 ` Rob Landley
2011-01-24 21:16 ` Stefano Bonifazi
2011-01-25 1:19 ` Rob Landley
2011-01-25 8:53 ` Stefano Bonifazi
2011-01-24 14:32 ` Peter Maydell
2011-01-24 14:56 ` Stefano Bonifazi
2011-01-24 15:15 ` Lluís
2011-01-24 18:02 ` Dushyant Bansal
2011-01-24 19:38 ` Stefano Bonifazi
2011-01-25 7:56 ` Dushyant Bansal
2011-01-25 9:04 ` Stefano Bonifazi
2011-01-25 9:05 ` Edgar E. Iglesias
2011-01-25 9:28 ` Stefano Bonifazi
-- strict thread matches above, loose matches on Subject: below --
2010-12-10 21:26 Stefano Bonifazi
2010-12-11 11:02 ` Blue Swirl
2010-12-11 12:29 ` Stefano Bonifazi
2010-12-11 13:11 ` Blue Swirl
2010-12-11 14:32 ` Stefano Bonifazi
2010-12-11 14:44 ` Blue Swirl
2010-12-14 20:17 ` Stefano Bonifazi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000001cbb58c$221f5a00$011aa8c0@side35ya3cah0n' \
--to=taylor.lefevre@gmail.com \
--cc=blauwirbel@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=stefboombastic@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).