Re: [Qemu-devel] qemu dynamic translation (system design) question

Re: [Qemu-devel] qemu dynamic translation (system design) question

[Laurent DESNOGUES]

> b. Once a block is generated some ID should be assigned to it right ?
> in which src file it is stored ?
> c. The next time a src block with the same signature is encountered
> the cached host binary is used right ?  -- How does qemu detect that
> is the same guest block ? md5sum or other fingerprinting methods ?

Look in qemu-exec.c/tb_find_fast


Laurent

Re: [Qemu-devel] qemu dynamic translation (system design) question

[S.P.T.Krishnan]

Hi Laurent,

Thanks for the direction.

I am just thinking.  If I run a guest OS once and observe the blocks
that are translated and may be reused.  Then I again re-run the OS,
can I expect the same blocks are translated ?  i.e., is qemu
consistent on how it partitions the asm into blocks on successive runs
or the guest OS ?

Note: in both cases the user doesn't interact with the Guest OS.  It
is up for, say 1 min and then shutdown in both runs.

regards,
Krishnan

On 8/19/06, Laurent DESNOGUES <laurent.desnogues@wanadoo.fr> wrote:
> > b. Once a block is generated some ID should be assigned to it right ?
> > in which src file it is stored ?
> > c. The next time a src block with the same signature is encountered
> > the cached host binary is used right ?  -- How does qemu detect that
> > is the same guest block ? md5sum or other fingerprinting methods ?
>
> Look in qemu-exec.c/tb_find_fast
>
>
> Laurent
>
>
> _______________________________________________
> Qemu-devel mailing list
> Qemu-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/qemu-devel
>

Re[2]: [Qemu-devel] qemu dynamic translation (system design) question

[Paul Sokolovsky]

Hello S.P.T.Krishnan,

Sunday, August 20, 2006, 6:23:11 PM, you wrote:

> Hi Laurent,

> Thanks for the direction.

> I am just thinking.  If I run a guest OS once and observe the blocks
> that are translated and may be reused.  Then I again re-run the OS,
> can I expect the same blocks are translated ?  i.e., is qemu
> consistent on how it partitions the asm into blocks on successive runs
> or the guest OS ?

> Note: in both cases the user doesn't interact with the Guest OS.  It
> is up for, say 1 min and then shutdown in both runs.

  My 2 cents of pure scholastic reasoning:
  
  Let's assume that QEMU uses deterministic rules for block
translation. Then, it just translates what CPU goes thru. Does any
contemporary OS leads CPU in deterministic ways? No. It largely
depends on various environment parameters, of which user interaction
is not the last. There're interrupts occuring in rather random places
with respect to mainline execution, I/O delays, etc. As these
parameters in guest OS depend on QEMU's interaction with host OS, they
are not deterministic in it either. Well, but does QEMU's translation
itself deterministic? Not really, as it uses caches, and thus depend on
memory parameters in host OS.

> regards,
> Krishnan


-- 
Best regards,
 Paul                            mailto:pmiscml@gmail.com

[Qemu-devel] qemu dynamic translation (system design) question

[S.P.T.Krishnan]

Hi,

I would like to understand certain aspects of dynamic translation
which Qemu employs to run the guest OS.  I have read the qemu paper
and this query is beyond that.

My understanding is as follows:
1. Qemu slices the guest os binary into blocks and then asks the Host
OS to execute it and return the result
2. In the above, without the accelerator module, Qemu does dynamic
translation of guest_asm -> c_func -> host_asm.  With the accelerator
this conversion doesn't happen as the guest_asm and host_asm are the
same.
3. Now before a block is executed the cpu_clock_ticks is updated in
main_loop_wait and after the block is executed the cpu_clock_ticks is
again updated based on the number of ticks that have gone by in the
host_os during the execution.  Is my understanding correct ? I think
the qemu system works like this because qemu is still a process under
the host os and hence cannot guarantee to the guest os how long it
will take for qemu to execute guest_os instructions.  One simple
scenario could be the user in the host os suspends the qemu process
for a while...
4. The interesting part happens when qemu encourters an already
translated block.  I understand that for efficiency qemu caches block
based on some kind of signature and when the same block appears qemu
simply uses the translated binary instead of re-translating it

I have two questions here.

a. How does qemu slice the guest binary into blocks ? any rational or
rule of thumb here ?
b. Once a block is generated some ID should be assigned to it right ?
in which src file it is stored ?
c. The next time a src block with the same signature is encountered
the cached host binary is used right ?  -- How does qemu detect that
is the same guest block ? md5sum or other fingerprinting methods ?
d. Does this caching happen even with accelerator module running ?

I understand my questions are deep into the design of qemu itself.
Can I request Fabrice or the core team to help me out here ?

regards,
Krishnan

Re: [Qemu-devel] qemu dynamic translation (system design) question

[ByteRage]

--- "S.P.T.Krishnan" <sptkrishnan@gmail.com> wrote:

> a. How does qemu slice the guest binary into blocks
> ? any rational or rule of thumb here ?

As far as I understand the source code, the end of
every translated block is at a control transfer
instruction or when a maximum translation block length
has been reached. You can grep for "gen_eob" in the
translate.c source code of any particular target (fe
i386/translate.c) to see the points at which an end of
block is generated and the blocks are sliced. It may
also be helpful to let qemu write the input & output
asm code of translated blocks to a log file (qemu -d
in_asm, out_asm) for better understanding how it works
under the hood, by watching how the blocks are being
generated/sliced on the fly.

cheers,

Joachim De Zutter

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com