From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MNf4T-0001a7-NB
	for qemu-devel@nongnu.org; Sun, 05 Jul 2009 23:40:49 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MNf4O-0001Zv-M0
	for qemu-devel@nongnu.org; Sun, 05 Jul 2009 23:40:48 -0400
Received: from [199.232.76.173] (port=51036 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MNf4O-0001Zs-HW
	for qemu-devel@nongnu.org; Sun, 05 Jul 2009 23:40:44 -0400
Received: from mail-yx0-f188.google.com ([209.85.210.188]:47735)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anbang.ruan@gmail.com>) id 1MNf4O-00062Z-6B
	for qemu-devel@nongnu.org; Sun, 05 Jul 2009 23:40:44 -0400
Received: by yxe26 with SMTP id 26so5136467yxe.4
	for <qemu-devel@nongnu.org>; Sun, 05 Jul 2009 20:40:42 -0700 (PDT)
MIME-Version: 1.0
Date: Mon, 6 Jul 2009 11:40:42 +0800
Message-ID: <488ae4ca0907052040u6b0ac7cdg8a45d50e559c1e97@mail.gmail.com>
From: =?GB2312?B?yO6wsrDu?= <anbang.ruan@gmail.com>
Content-Type: multipart/alternative; boundary=001636af022e421249046e014500
Subject: [Qemu-devel] cpu_exit every time for a jump tb (containing only the
	"b" instruction)
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

--001636af022e421249046e014500
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hi, list

       I am currently profiling qemu-system-arm. I wrote a simple ARM
assembly only to add r0 infinitely:

 *   add_nums:
            add r0, r0, r1
            b add_nums*

       I forced a tb to contain only one instruction, and I got cpu_exit
every time the tb for "*b add_nums"* was executed. It exited the cpu_exec
loop every time, and then reentered it and executed it without cpu_exit.

       Following are the executing sequences. I dumped the "in_asm" for a tb
every time it was executed. And wrapped the *tcg_qemu_tb_exec*() with
qemu_log().


*IN:
0x8001000c:  b    0x80010008

before tcg_qemu_tb_exec
cpu_exit
after tcg_qemu_tb_exec*


*IN:
0x8001000c:  b    0x80010008

before tcg_qemu_tb_exec
after tcg_qemu_tb_exec

IN:
0x80010008:  add    r0, r0, r1

before tcg_qemu_tb_exec
after tcg_qemu_tb_exec


IN:
0x8001000c:  b    0x80010008

before tcg_qemu_tb_exec
cpu_exit
after tcg_qemu_tb_exec

*
      It seems like the cpu_exit was called when * tcg_qemu_tb_exec *was
executing. However,  * tcg_qemu_tb_exec* is only to execute the translated
native code (am i right?), how can it call the qemu func (cpu_exit)? Or it
is called by other func executing simultaneously with  * tcg_qemu_tb_exec*?*
* And why cpu_exit is called everytime, it really comsumes lots of ticks.~

      Any suggestions? Great thanks!


Regards,
Ryan

--001636af022e421249046e014500
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi, list<br><br>=A0=A0=A0=A0=A0=A0 I am currently profiling qemu-system-arm=
. I wrote a simple ARM assembly only to add r0 infinitely:<br><br>=A0<i>=A0=
=A0 add_nums:<br>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 add r0, r0, r1=A0=A0=A0=
=A0=A0 <br>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 b add_nums</i><br><br>=A0=A0=
=A0=A0=A0=A0 I forced a tb to contain only one instruction, and I got cpu_e=
xit every time the tb for &quot;<i>b add_nums&quot;</i> was executed. It ex=
ited the cpu_exec loop every time, and then reentered it and executed it wi=
thout cpu_exit.<br>
<br>=A0=A0=A0=A0=A0=A0 Following are the executing sequences. I dumped the =
&quot;in_asm&quot; for a tb every time it was executed. And wrapped the <i>=
tcg_qemu_tb_exec</i>() with qemu_log(). <br><br><div style=3D"margin-left: =
40px;"><br>
<i>IN: <br>0x8001000c:=A0 b=A0=A0=A0 0x80010008<br><br>before tcg_qemu_tb_e=
xec<br>cpu_exit<br>after tcg_qemu_tb_exec</i><br clear=3D"all"></div><br><b=
r><div style=3D"margin-left: 40px;"><i>IN: <br>0x8001000c:=A0 b=A0=A0=A0 0x=
80010008<br><br>
before tcg_qemu_tb_exec<br>after tcg_qemu_tb_exec<br><br>IN: <br>0x80010008=
:=A0 add=A0=A0=A0 r0, r0, r1<br><br>before tcg_qemu_tb_exec<br>after tcg_qe=
mu_tb_exec<br><br><br>IN: <br>0x8001000c:=A0 b=A0=A0=A0 0x80010008<br><br>b=
efore tcg_qemu_tb_exec<br>
cpu_exit<br>after tcg_qemu_tb_exec<br><br></i></div>=A0=A0=A0=A0=A0 It seem=
s like the cpu_exit was called when <i> tcg_qemu_tb_exec </i>was executing.=
 However,=A0 <i> tcg_qemu_tb_exec</i> is only to execute the translated nat=
ive code (am i right?), how can it call the qemu func (cpu_exit)? Or it is =
called by other func executing simultaneously with=A0 <i> tcg_qemu_tb_exec<=
/i>?<i> </i> And why cpu_exit is called everytime, it really comsumes lots =
of ticks.~<br>
<br>=A0=A0=A0=A0=A0 Any suggestions? Great thanks!<br><br><br>Regards,<br>R=
yan<br>

--001636af022e421249046e014500--