From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56434) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZB4hY-0000eJ-Vg for qemu-devel@nongnu.org; Fri, 03 Jul 2015 13:24:38 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZB4hX-0001Rl-Qn for qemu-devel@nongnu.org; Fri, 03 Jul 2015 13:24:36 -0400 Received: from mail-wi0-x22a.google.com ([2a00:1450:400c:c05::22a]:38246) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZB4hX-0001RP-Gd for qemu-devel@nongnu.org; Fri, 03 Jul 2015 13:24:35 -0400 Received: by wibdq8 with SMTP id dq8so105411459wib.1 for ; Fri, 03 Jul 2015 10:24:34 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: From: Jun Koi Date: Sat, 4 Jul 2015 01:24:15 +0800 Message-ID: Content-Type: multipart/alternative; boundary=089e013d14ac6c44030519fbd486 Subject: Re: [Qemu-devel] How to break cpu_tb_exec()? List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Peter Maydell Cc: "qemu-devel@nongnu.org" --089e013d14ac6c44030519fbd486 Content-Type: text/plain; charset=UTF-8 On Sat, Jul 4, 2015 at 1:12 AM, Peter Maydell wrote: > On 3 July 2015 at 18:10, Jun Koi wrote: > > On Sat, Jul 4, 2015 at 1:06 AM, Peter Maydell > > wrote: > >> On 3 July 2015 at 18:02, Jun Koi wrote: > >> > If this is true, then what if this TB is running infinitely, and do > not > >> > return, or it is in a very long loop? In this case, TCG thread cannot > be > >> > interrupted? > >> > >> Every TB starts with a little bit of generated code that checks > >> the 'tcg_exit_req' flag in the CPUState for the CPU (see the > >> gen_tb_start() function). If some other part of QEMU wants the > >> CPU to stop running guest code and return to the top level loop, > >> it calls cpu_exit() which sets this flag. > > > > > > But this does not answer my question yet: if we the flag is only > > enable when TB already enters the "long loop", then nothing can break > > this TB execution? > > We check the flag for every TB we execute. Therefore in any > loop we must check the flag each time round the loop. So > if another thread sets the flag, we will exit. > > (A TB is always ended by any kind of branch instruction, > so you can't have a loop within a single TB. A tight loop > turns into a TB that ends with "branch back to the start > of this TB", but that will re-execute the flag-check code.) > Oh right, this tight loop is my main concern. It makes sense now. Thanks!! --089e013d14ac6c44030519fbd486 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


On Sat, Jul 4, 2015 at 1:12 AM, Peter Maydell <peter.maydell@li= naro.org> wrote:
On 3 July 2015 at 18:10, Jun Koi <junkoi2004@gmail.com> wrote:
> On Sat, Jul 4, 2015 at 1:06 AM, Peter Maydell <peter.maydell@linaro.org>
> wrote:
>> On 3 July 2015 at 18:02, Jun Koi <junkoi2004@gmail.com> wrote:
>> > If this is true, then what if this TB= is running infinitely, and do not
>> > return, or it is in a very long loop? In this case, TCG threa= d cannot be
>> > interrupted?
>>
>> Every TB starts with a little bit of generated code that checks >> the 'tcg_exit_req' flag in the CPUState for the CPU (see t= he
>> gen_tb_start() function). If some other part of QEMU wants the
>> CPU to stop running guest code and return to the top level loop, >> it calls cpu_exit() which sets this flag.
>
>
> But this does not answer my question yet: if we the flag is only
> enable when TB already enters the "long loop", then nothing = can break
> this TB execution?

We check the flag for every TB we execute. Therefore in any
loop we must check the flag each time round the loop. So
if another thread sets the flag, we will exit.

(A TB is always ended by any kind of branch instruction,
so you can't have a loop within a single TB. A tight loop
turns into a TB that ends with "branch back to the start
of this TB", but that will re-execute the flag-check code.)

Oh right, this tight loop is my main concern. It = makes sense now.

Thanks!!
--089e013d14ac6c44030519fbd486--