From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1N87zD-0001mm-E3 for qemu-devel@nongnu.org; Wed, 11 Nov 2009 02:51:27 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1N87z8-0001eS-Mu for qemu-devel@nongnu.org; Wed, 11 Nov 2009 02:51:26 -0500 Received: from [199.232.76.173] (port=33807 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1N87z8-0001eO-Ir for qemu-devel@nongnu.org; Wed, 11 Nov 2009 02:51:22 -0500 Received: from mx20.gnu.org ([199.232.41.8]:12222) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1N87z7-0004qz-Pn for qemu-devel@nongnu.org; Wed, 11 Nov 2009 02:51:22 -0500 Received: from mail-iw0-f180.google.com ([209.85.223.180]) by mx20.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1N87z6-0003kA-8a for qemu-devel@nongnu.org; Wed, 11 Nov 2009 02:51:20 -0500 Received: by iwn10 with SMTP id 10so722957iwn.4 for ; Tue, 10 Nov 2009 23:51:18 -0800 (PST) MIME-Version: 1.0 Date: Tue, 10 Nov 2009 23:51:18 -0800 Message-ID: From: Chad Content-Type: multipart/alternative; boundary=000e0cd4a5b226f542047813b160 Subject: [Qemu-devel] load-store experiment... List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org --000e0cd4a5b226f542047813b160 Content-Type: text/plain; charset=ISO-8859-1 (this is mostly to get some ideas going rather than trying to get anything upstream... yet!) This version of tcg_out_mov for i386's tcg-target.c filters out the mov %ebx, %edx mov %ebx, [some index] mov %edx, %ebx I don't have benchmarks, but it does remove a few mov's and qemu can still load and run a linux kernel ;) It'd be easier to do more optimizations if qemu recorded output at the assembly instruction level. --- static uint8_t *lmovloc = 0; static int lmovret = -1, lmovarg = -1; static inline void tcg_out_mov(TCGContext *s, int ret, int arg) { int ldiff, nowrite = 0; if (arg != ret) { /* Check for a mov, mov->x, mov pattern */ ldiff = s->code_ptr - lmovloc; if (((ldiff == 8) || (ldiff == 5)) && (*(lmovloc + 2) == 0x89) && ((lmovret == ret) && (lmovarg == arg))) nowrite = 1; /* Write */ lmovloc = s->code_ptr; if (!nowrite) { tcg_out_modrm(s, 0x8b, ret, arg); } else { qemu_log("removed\n"); } lmovret = arg; lmovarg = ret; } } --000e0cd4a5b226f542047813b160 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable (this is mostly to get some ideas going rather than trying to get anything = upstream... yet!)

This version of tcg_out_mov for i386's tcg-tar= get.c filters out the

mov %ebx, %edx
mov %ebx, [some index]
mov %edx, %ebx

I don't have benchmarks, but it does remove a few= mov's and qemu can still load and run a linux kernel ;)

It'= d be easier to do more optimizations if qemu recorded output at the assembl= y instruction level.

---

static uint8_t *lmovloc =3D 0;
static int lmovret =3D -1,= lmovarg =3D -1;
static inline void tcg_out_mov(TCGContext *s, int ret, = int arg)
{
=A0=A0=A0 int ldiff, nowrite =3D 0;

=A0=A0=A0 if (a= rg !=3D ret) {
=A0=A0=A0=A0=A0=A0=A0 /* Check for a mov, mov->x, mov pattern */
=A0= =A0=A0=A0=A0=A0=A0 ldiff =3D s->code_ptr - lmovloc;
=A0=A0=A0=A0=A0= =A0=A0 if (((ldiff =3D=3D 8) || (ldiff =3D=3D 5)) &&
=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 (*(lmovloc + 2) =3D=3D 0x89) = &&
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 ((lmov= ret =3D=3D ret) && (lmovarg =3D=3D arg))) nowrite =3D 1;
=A0=A0=A0=A0=A0=A0=A0 /* Write */
=A0=A0=A0=A0=A0=A0=A0 lmovloc =3D s-&g= t;code_ptr;
=A0=A0=A0=A0=A0=A0=A0 if (!nowrite) {
=A0=A0=A0=A0=A0=A0= =A0=A0=A0=A0=A0=A0=A0=A0=A0 tcg_out_modrm(s, 0x8b, ret, arg);
=A0=A0=A0= =A0=A0=A0=A0 } else {
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 qemu= _log("removed\n");
=A0=A0=A0=A0=A0=A0=A0 }
=A0=A0=A0=A0=A0=A0=A0 lmovret =3D arg; lmovarg =3D ret;
=A0=A0=A0 }
}=
--000e0cd4a5b226f542047813b160--