Inquiry About PC-Relative Code Generation in QEMU

Inquiry About PC-Relative Code Generation in QEMU

[Yip Coekjan]

Dear QEMU Community,
I hope this message finds you well.
I recently started studying the QEMU TCG code, and I have noticed that QEMU 
seems to support generating PC-Relative Code (`CF_PCREL`), but this feature 
seems currently enabled only for System Emulation in version 9.1.0, while it 
is not available for User Emulation. Could you please clarify if there are 
specific functionality or performance considerations behind this decision?
Additionally, if this feature were to be enabled for User Emulation, could we 
consider the code generated by QEMU as Position-Independent Code (PIC)?
Thank you for your assistance.
Best regards,
Yip Coekjan

Inquiry About PC-Relative Code Generation in QEMU

[Coekjan Yip]

Dear QEMU Community,

I hope this message finds you well.

I recently started studying the QEMU TCG code, and I have noticed that QEMU
seems to support generating PC-Relative Code (`CF_PCREL`), but this feature
seems currently enabled only for System Emulation in version 9.1.0, while it
is not available for User Emulation. Could you please clarify if there are
specific functionality or performance considerations behind this decision?
Additionally, if this feature were to be enabled for User Emulation, could we
consider the code generated by QEMU as Position-Independent Code (PIC)?
Thank you for your assistance.

Best regards,
Yip Coekjan

Re: Inquiry About PC-Relative Code Generation in QEMU

[Richard Henderson]

On 11/2/24 12:05, Coekjan Yip wrote:
> Dear QEMU Community,
> 
> I hope this message finds you well.
> 
> I recently started studying the QEMU TCG code, and I have noticed that QEMU
> seems to support generating PC-Relative Code (`CF_PCREL`), but this feature
> seems currently enabled only for System Emulation in version 9.1.0, while it
> is not available for User Emulation. Could you please clarify if there are
> specific functionality or performance considerations behind this decision?

User emulation does not have multiple mappings of the same physical page like system mode 
does.  This is because in user emulation we have only one process to emulate.

> Additionally, if this feature were to be enabled for User Emulation, could we
> consider the code generated by QEMU as Position-Independent Code (PIC)?

No.  Treating the guest code as PC as a variable instead of a constant is different from 
generating position independent host code.


r~

Re: Inquiry About PC-Relative Code Generation in QEMU

[Yip Coekjan]

Thank you for your response.

On 11/4/24 20:51:40, Richard Henderson wrote:

> User emulation does not have multiple mappings of the same physical page
> like system mode does.  This is because in user emulation we have only one
> process to emulate.

To clarify, is the reason QEMU does not use `CF_PCREL` for user emulation 
because it could potentially generate more opcodes, thus impacting 
performance?

> No.  Treating the guest code as PC as a variable instead of a constant is
> different from generating position independent host code.

I briefly went through `target/i386/tcg/translate.c` and noticed that when 
`CF_PCREL` is enabled, the generated opcodes seem to resemble PIC (Position-
Independent Code). My understanding is that `CF_PCREL` was not originally 
intended for generating PIC, but the host code generated does appear to be 
PIC. As I'm not very familiar with QEMU, please correct me if I'm mistaken.

Best regards,
Yip Coekjan