On 24/03/2016 16:01, Alex Bennée wrote:
>>> >> OK I found that tricky to follow. Where does the value of the pointer
>>> >> come from that sets these bottom bits? The TB jumping to this TB sets it?
>
> Where I get confused it what is the point of jmp_list_first? If these
> are two circular lists do we care which the first in the list is? The
> exit condition when coming out of searching seems when ntb with index =
> orig tb with index.
Say you have a list for blocks that jump to TB. The next pointer is in
jmp_list_next[0] for blocks whose first jump is to TB. It is in
jmp_list_next[1] for blocks whose second jump is to TB.
However, because it is a circular list, you also need TB itself to be a
part of the list. For TB, the next pointer is in jmp_list_first.
Because TB probably doesn't jump to itself, the first link of the list
of blocks that jumps to TB is not in jmp_list_next[]. Thus QEMU places
it in tb->jmp_list_first.
Say you have three tbs. TB1's first jump and TB2's second jump lead to
TB0. Then the list starting at tb0->jmp_list_first goes like this:
tb0->jmp_list_first = tb1 | 0;
.--------------------' |
| .--------'
tb1->jmp_list_next[0] = tb2 | 1;
.--------------------' |
| .---------'
tb2->jmp_list_next[1] = tb0 | 2;
There is also a case where a TB jumps to itself; it then appears twice
in the list with different values in the low bits, such as this:
tb->jmp_list_first = tb | 0;
.--------------------' |
| .-------'
tb->jmp_list_next[0] = tb | 2;
Other blocks jumping to TB would appear in the same list, too, either
before or after the tb|0 link.
Paolo
