From: owen <owenustc@gmail.com>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] a problem about translate tb
Date: Mon, 11 May 2009 00:44:51 +0800 [thread overview]
Message-ID: <7e6b3e0f0905100944n4f0a5e0v87d24bdad1e755f2@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 2234 bytes --]
Dear Mr Fabrice:
I am a graduate student of university in china. I major in computer.
Recently,I found " When QEMU first encounters a piece of target code, it
translate it to host code up to
the next jump or instruction modifying the static CPU state in a way that
cannot be deduced at translation
time " in your paper called QEMU, a Fast and portable Dynamic Translator.
So do I think that the size of
some translate block is big. I want to print the tb which contains two or
more powerpc code.
I modifying the function called cpu_exec as list:
tb = tb_find_fast();
639 if(tb->size>4)
640 { printf("tb size:%d\n",tb->size);
641 exit(0);
642 }// in cpu-exec.c
I let the ppc emulator reset address is 0x100. And my testbench code
is as list:
00000100 <_start>:
100: 3c 60 00 00 lis r3,0
104: 60 63 00 00 ori r3,r3,0
108: 7c 60 01 24 mtmsr r3
10c: 7c 7b 03 a6 mtsrr1 r3
110: 3c 60 00 00 lis r3,0
114: 60 63 00 00 ori r3,r3,0
118: 7c 70 8b a6 mtspr 560,r3
11c: 3c 60 00 00 lis r3,0
120: 60 63 08 00 ori r3,r3,2048
124: 7c 7e 9b a6 mtspr 638,r3
128: 3c 20 00 40 lis r1,64
12c: 60 21 00 00 ori r1,r1,0
130: 7c 00 02 78 xor r0,r0,r0
134: 94 01 ff fc stwu r0,-4(r1)
138: 94 01 ff fc stwu r0,-4(r1)
13c: 3c 60 00 00 lis r3,0
140: 60 63 00 00 ori r3,r3,0
144: 48 00 5c 09 bl 5d4c <cpu_init_f>
148: 3c 40 00 50 lis r2,80
14c: 7c 56 03 a6 mtdec r2
150: 3c 60 00 2f lis r3,47
154: 60 63 c0 14 ori r3,r3,49172
158: 3c 80 ff ff lis r4,-1
15c: 60 84 ff ff ori r4,r4,65535
160: 90 83 00 00 stw r4,0(r3)
164: 3c 60 00 00 lis r3,0
168: 60 63 20 8c ori r3,r3,8332
16c: 7c 68 03 a6 mtlr r3
170: 4e 80 00 21 blrl
.......
I expect that QEMU would exit because one tb is more than 4(tb only
contains one ppc code).
But I can not find this thing take place in the test. I don't understand why
QEMU is not encounters a big tb.
I wonder if you would tell me the reason by Email.
Thank you for your kind consideration of this
request.
[-- Attachment #2: Type: text/html, Size: 2472 bytes --]
reply other threads:[~2009-05-10 16:44 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7e6b3e0f0905100944n4f0a5e0v87d24bdad1e755f2@mail.gmail.com \
--to=owenustc@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).