Re: [Qemu-devel] qemu softmmu inlined lookup sequence

Mon, 16 Apr 2012 20:35:10 -0700 

On Mon, Apr 16, 2012 at 10:51 PM, 陳韋任 <che...@iis.sinica.edu.tw> wrote:
>> what does the inline sequence look like ? what kind of things (other
>> than refill tlb) performed in callout but not the inlined sequence ?
>
>  What do you mean by the inline sequence, the host binary? If so,
>
> ---
>  ---- 0xe86c8
>  mov_i32 tmp2,edi
>  qemu_ld8u tmp0,tmp2,$0x0
>  ext8u_i32 tmp12,tmp0    int index, shift;
    target_phys_addr_t ioaddr;
    unsigned long addend;
    target_ulong tlb_addr, addr1, addr2;

    index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
 redo:
    tlb_addr = env->tlb_table[mmu_idx][index].ADDR_READ;
    if ((addr & TARGET_PAGE_MASK) == (tlb_addr & (TARGET_PAGE_MASK |
TLB_INVALID_MASK))) {

>  movi_i32 tmp13,$0xffffff00
>  and_i32 edx,edx,tmp13
>  or_i32 edx,edx,tmp12
>
> OUT: [size=172]
> 0x40000ce0:  mov    0x1c(%r14),%ebp
> 0x40000ce4:  mov    %ebp,%esi               <--- (a)
> 0x40000ce6:  mov    %ebp,%edi
> 0x40000ce8:  shr    $0x7,%esi
> 0x40000ceb:  and    $0xfffff000,%edi
> 0x40000cf1:  and    $0x1fe0,%esi
> 0x40000cf7:  lea    0x348(%r14,%rsi,1),%rsi
> 0x40000cff:  cmp    (%rsi),%edi
> 0x40000d01:  mov    %ebp,%edi
> 0x40000d03:  jne    0x40000d0e
> 0x40000d05:  add    0x10(%rsi),%rdi
> 0x40000d09:  movzbl (%rdi),%ebp
> 0x40000d0c:  jmp    0x40000d18
> 0x40000d0e:  xor    %esi,%esi
> 0x40000d10:  callq  0x54cf8e                <--- (b)
> 0x40000d15:  movzbl %al,%ebp
> 0x40000d18:  movzbl %bpl,%ebp
> 0x40000d1c:  mov    0x8(%r14),%ebx
> ---
>
>  The code between (a) and (b) is (almost) what TLB lookup hit/miss looks like.
> If TLB miss, it will call something like __ldb_mmu (b). __ldb_mmu will try to
> walk guest page table, then fill TLB entry if page table hit, or raise a guest
> page fault exception if page table miss.

Yep. that is what i was taught. the sequence of code above is an
inlined assembly for walking the TLB.  In the __ldx_mmu, the tlb is
walked again ? why ?

    int index, shift;
    target_phys_addr_t ioaddr;
    unsigned long addend;
    target_ulong tlb_addr, addr1, addr2;

    index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
 redo:
    tlb_addr = env->tlb_table[mmu_idx][index].ADDR_READ;
    if ((addr & TARGET_PAGE_MASK) == (tlb_addr & (TARGET_PAGE_MASK |
TLB_INVALID_MASK))) {
    ...
 }

  ...
  ...
  fill_tlb()
  ...

}
>
> HTH,
> chenwj
>
> --
> Wei-Ren Chen (陳韋任)
> Computer Systems Lab, Institute of Information Science,
> Academia Sinica, Taiwan (R.O.C.)
> Tel:886-2-2788-3799 #1667
> Homepage: http://people.cs.nctu.edu.tw/~chenwj

Reply via email to