From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:40345) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rb5Fw-0007oM-Gy for qemu-devel@nongnu.org; Thu, 15 Dec 2011 01:57:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Rb5Fu-0004b6-Tu for qemu-devel@nongnu.org; Thu, 15 Dec 2011 01:57:28 -0500 Received: from csmailer.cs.nctu.edu.tw ([140.113.235.130]:59691) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Rb5Fu-0004ax-5h for qemu-devel@nongnu.org; Thu, 15 Dec 2011 01:57:26 -0500 Received: from csmailer.cs.nctu.edu.tw (localhost [127.0.0.1]) by csmailer.cs.nctu.edu.tw (Postfix) with ESMTP id CC93A2A5 for ; Thu, 15 Dec 2011 14:54:58 +0800 (CST) Received: from alumni.cs.nctu.edu.tw (alumni.cs.nctu.edu.tw [140.113.235.116]) by csmailer.cs.nctu.edu.tw (Postfix) with ESMTP id ACF852A4 for ; Thu, 15 Dec 2011 14:54:58 +0800 (CST) Received: (from chenwj@localhost) by alumni.cs.nctu.edu.tw (8.14.4/8.14.4/Submit) id pBF6vMX4000964 for qemu-devel@nongnu.org; Thu, 15 Dec 2011 14:57:22 +0800 (CST) (envelope-from chenwj) Date: Thu, 15 Dec 2011 14:57:22 +0800 From: =?utf-8?B?6Zmz6Z+L5Lu7?= Message-ID: <20111215065722.GA98733@cs.nctu.edu.tw> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] The reason behind block linking constraint? (Cont.) List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Hi all, I want to continue the discussion about the cross page constraint on bl= ock linking [1][2]. Max explained to me that if we link TBs belong different = guest pages, then QEMU might crash when the memory mapping is changed by tlb_se= t_page (exec.c). Memory mapping changes may be the result of a page swapping or = a task switch. My final goal is to understand why we need to put such constraint= on block linking completely. And if we remove the constraint, in what situat= ion the QEMU crash. The reason that we (our QEMU + LLVM project [3]) want to investigate this is we have a few optimizations which would like to remov= e cross page constraint if possible, say trace building, for example. I use two linux image: (A) is downloaded from the QEMU website, and (B)= is built by using buildroot [4]. I modify QEMU 1.0, only remove the if-else statement in function gen_goto_tb (target-i386/translate.c). So it become= s, static inline void gen_goto_tb(DisasContext *s, int tb_num, target_ulong = eip) { TranslationBlock *tb; target_ulong pc; pc =3D s->cs_base + eip; tb =3D s->tb; /* leave only the if branch */ tcg_gen_goto_tb(tb_num); gen_jmp_im(eip); tcg_gen_exit_tb((tcg_target_long)tb + tb_num); } Below is how I use buildroot to build the kernel image and root file sy= stem. --- $ wget http://buildroot.uclibc.org/downloads/snapshots/buildroot-snapshot= .tar.bz2 $ tar xvf buildroot-snapshot.tar.bz2; cd buildroot # I leave the default config alone $ make qemu_x86_defconfig; make menuconfig; make $ cd output/images/ $ qemu-system-i386 -kernel bzImage -hda rootfs.ext2 -vnc 0.0.0.0:1 --- I get a kernel panic while booting (A), but (B) *works fine*. I am pret= ty sure they both call tlb_set_page. Is it because (B) calls tlb_set_page but doe= sn't modify the same tlb entry or other reasons so that it works fine even we = remove the cross page constraint from block linking? Any comment appreciated. Regards, chenwj [1] http://lists.nongnu.org/archive/html/qemu-devel/2011-08/msg02249.html [2] https://lists.gnu.org/archive/html/qemu-devel/2011-09/msg03065.html [3] http://lists.gnu.org/archive/html/qemu-devel/2011-11/msg03420.html [4] http://buildroot.uclibc.org/ --=20 Wei-Ren Chen (=E9=99=B3=E9=9F=8B=E4=BB=BB) Computer Systems Lab, Institute of Information Science, Academia Sinica, Taiwan (R.O.C.) Tel:886-2-2788-3799 #1667 Homepage: http://people.cs.nctu.edu.tw/~chenwj