From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LzMX1-000642-GO for qemu-devel@nongnu.org; Wed, 29 Apr 2009 23:01:51 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LzMWw-00061Q-Sm for qemu-devel@nongnu.org; Wed, 29 Apr 2009 23:01:50 -0400 Received: from [199.232.76.173] (port=36235 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LzMWw-00061L-Nx for qemu-devel@nongnu.org; Wed, 29 Apr 2009 23:01:46 -0400 Received: from wf-out-1314.google.com ([209.85.200.175]:22355) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LzMWw-00084s-0N for qemu-devel@nongnu.org; Wed, 29 Apr 2009 23:01:46 -0400 Received: by wf-out-1314.google.com with SMTP id 26so1168233wfd.4 for ; Wed, 29 Apr 2009 20:01:44 -0700 (PDT) MIME-Version: 1.0 Date: Thu, 30 Apr 2009 11:01:44 +0800 Message-ID: <7e6b3e0f0904292001l14cb71ffv9a37e0d306a7cae3@mail.gmail.com> From: =?GB2312?B?xeG9qLn6?= Content-Type: multipart/alternative; boundary=001636e0abbe7f776c0468bcea04 Subject: [Qemu-devel] how does T0 force lookup of first TB? List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org --001636e0abbe7f776c0468bcea04 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hi: I am a student in university science technology china and want to know how to force lookup of first TB in qemu-0.9.1 only by T0 = 0. In cpu-exec.c file,I see #define BREAK_CHAIN T0 = 0. But, i only find that the function called tb_find_fast is lookup of TB is by executed tb = env->tb_jmp_cache[tb_jmp_cache_hash_func(pc)] and where is the code affected by T0. static inline TranslationBlock *tb_find_fast(void) { TranslationBlock *tb; target_ulong cs_base, pc; uint64_t flags; /* we record a subset of the CPU state. It will always be the same before a given translated block is executed. */ #if defined(TARGET_I386) flags = env->hflags; flags |= (env->eflags & (IOPL_MASK | TF_MASK | VM_MASK)); flags |= env->intercept; cs_base = env->segs[R_CS].base; pc = cs_base + env->eip; #elif defined(TARGET_ARM) flags = env->thumb | (env->vfp.vec_len << 1) | (env->vfp.vec_stride << 4); if ((env->uncached_cpsr & CPSR_M) != ARM_CPU_MODE_USR) flags |= (1 << 6); if (env->vfp.xregs[ARM_VFP_FPEXC] & (1 << 30)) flags |= (1 << 7); flags |= (env->condexec_bits << 8); cs_base = 0; pc = env->regs[15]; #elif defined(TARGET_SPARC) #ifdef TARGET_SPARC64 // Combined FPU enable bits . PRIV . DMMU enabled . IMMU enabled flags = (((env->pstate & PS_PEF) >> 1) | ((env->fprs & FPRS_FEF) << 2)) | (env->pstate & PS_PRIV) | ((env->lsu & (DMMU_E | IMMU_E)) >> 2); #else // FPU enable . Supervisor flags = (env->psref << 4) | env->psrs; #endif cs_base = env->npc; pc = env->pc; #elif defined(TARGET_PPC) flags = env->hflags; cs_base = 0; pc = env->nip; #elif defined(TARGET_MIPS) flags = env->hflags & (MIPS_HFLAG_TMASK | MIPS_HFLAG_BMASK); cs_base = 0; pc = env->PC[env->current_tc]; #elif defined(TARGET_M68K) flags = (env->fpcr & M68K_FPCR_PREC) /* Bit 6 */ | (env->sr & SR_S) /* Bit 13 */ | ((env->macsr >> 4) & 0xf); /* Bits 0-3 */ cs_base = 0; pc = env->pc; #elif defined(TARGET_SH4) flags = env->flags; cs_base = 0; pc = env->pc; #elif defined(TARGET_ALPHA) flags = env->ps; cs_base = 0; pc = env->pc; #elif defined(TARGET_CRIS) flags = 0; cs_base = 0; pc = env->pc; #else #error unsupported CPU #endif tb = env->tb_jmp_cache[tb_jmp_cache_hash_func(pc)]; if (__builtin_expect(!tb || tb->pc != pc || tb->cs_base != cs_base || tb->flags != flags, 0)) { tb = tb_find_slow(pc, cs_base, flags); /* Note: we do it here to avoid a gcc bug on Mac OS X when doing it in tb_find_slow */ if (tb_invalidated_flag) { /* as some TB could have been invalidated because of memory exceptions while generating the code, we must recompute the hash index here */ T0 = 0; } } return tb; } --001636e0abbe7f776c0468bcea04 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Hi:
=A0=A0=A0=A0=A0 I am a student in university science technology china = and want to know how=A0to force lookup of first TB in qemu-0.9.1 only by
=A0=A0 T0 =3D 0.
=A0=A0=A0=A0=A0 In cpu-exec.c file,I see #define BREAK_CHAIN T0 =3D 0.= But, i only find that the function called tb_find_fast=A0is lookup of TB i= s by executed
tb =3D env->tb_jmp_cache[tb_jmp_cache_hash_func(pc)] and where is t= he code=A0 affected by T0.
static inline TranslationBlock *tb_find_fast(void)
{
=A0=A0=A0 T= ranslationBlock *tb;
=A0=A0=A0 target_ulong cs_base, pc;
=A0=A0=A0 ui= nt64_t flags;

=A0=A0=A0 /* we record a subset of the CPU state. It will
=A0=A0=A0= =A0=A0=A0 always be the same before a given translated block
=A0=A0=A0= =A0=A0=A0 is executed. */
#if defined(TARGET_I386)
=A0=A0=A0 flags = =3D env->hflags;
=A0=A0=A0 flags |=3D (env->eflags & (IOPL_MAS= K | TF_MASK | VM_MASK));
=A0=A0=A0 flags |=3D env->intercept;
=A0=A0=A0 cs_base =3D env->se= gs[R_CS].base;
=A0=A0=A0 pc =3D cs_base + env->eip;
#elif defined(= TARGET_ARM)
=A0=A0=A0 flags =3D env->thumb | (env->vfp.vec_len <= ;< 1)
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 | (env->vfp.vec_stride <= ;< 4);
=A0=A0=A0 if ((env->uncached_cpsr & CPSR_M) !=3D ARM_CPU_MODE_USR)=A0=A0=A0=A0=A0=A0=A0 flags |=3D (1 << 6);
=A0=A0=A0 if (env->= ;vfp.xregs[ARM_VFP_FPEXC] & (1 << 30))
=A0=A0=A0=A0=A0=A0=A0 f= lags |=3D (1 << 7);
=A0=A0=A0 flags |=3D (env->condexec_bits &l= t;< 8);
=A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc =3D env->regs[15];
#elif def= ined(TARGET_SPARC)
#ifdef TARGET_SPARC64
=A0=A0=A0 // Combined FPU en= able bits . PRIV . DMMU enabled . IMMU enabled
=A0=A0=A0 flags =3D (((en= v->pstate & PS_PEF) >> 1) | ((env->fprs & FPRS_FEF) <= ;< 2))
=A0=A0=A0=A0=A0=A0=A0 | (env->pstate & PS_PRIV) | ((env->lsu &= ; (DMMU_E | IMMU_E)) >> 2);
#else
=A0=A0=A0 // FPU enable . Sup= ervisor
=A0=A0=A0 flags =3D (env->psref << 4) | env->psrs;#endif
=A0=A0=A0 cs_base =3D env->npc;
=A0=A0=A0 pc =3D env->pc;
#elif defined(TARGET_PPC)
=A0=A0=A0 flag= s =3D env->hflags;
=A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc =3D env-&= gt;nip;
#elif defined(TARGET_MIPS)
=A0=A0=A0 flags =3D env->hflags= & (MIPS_HFLAG_TMASK | MIPS_HFLAG_BMASK);
=A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc =3D env->PC[env->current_tc]= ;
#elif defined(TARGET_M68K)
=A0=A0=A0 flags =3D (env->fpcr & = M68K_FPCR_PREC)=A0 /* Bit=A0 6 */
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 | (e= nv->sr & SR_S)=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /* Bit=A0 13 */
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 | ((env->macsr >> 4) & 0xf);= =A0 /* Bits 0-3 */
=A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc =3D env->= pc;
#elif defined(TARGET_SH4)
=A0=A0=A0 flags =3D env->flags;
= =A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc =3D env->pc;
#elif defined(T= ARGET_ALPHA)
=A0=A0=A0 flags =3D env->ps;
=A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc= =3D env->pc;
#elif defined(TARGET_CRIS)
=A0=A0=A0 flags =3D 0;=A0=A0=A0 cs_base =3D 0;
=A0=A0=A0 pc =3D env->pc;
#else
#erro= r unsupported CPU
#endif
=A0=A0=A0 tb =3D env->tb_jmp_cache[tb_jmp= _cache_hash_func(pc)];
=A0=A0=A0 if (__builtin_expect(!tb || tb->pc !=3D pc || tb->cs_base != =3D cs_base ||
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0 tb->flags !=3D flags, 0)) {
=A0=A0=A0=A0=A0=A0=A0 tb = =3D tb_find_slow(pc, cs_base, flags);
=A0=A0=A0=A0=A0=A0=A0 /* Note: we = do it here to avoid a gcc bug on Mac OS X when
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 doing it in tb_find_slow */
=A0=A0=A0=A0= =A0=A0=A0 if (tb_invalidated_flag) {
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /= * as some TB could have been invalidated because
=A0=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0 of memory exceptions while generating the code, we=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 must recompute the hash index h= ere */
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 T0 =3D 0;
=A0=A0=A0=A0=A0=A0=A0 }
= =A0=A0=A0 }
=A0=A0=A0 return tb;
}

=A0=A0=A0=A0
--001636e0abbe7f776c0468bcea04--