Why QEMU translates one instruction to a TB??

Wed, 16 Sep 2020 23:28:43 -0700 

Hi all, 
     We try to add DSP architecure to QEMU 4.2. To load the  
COFF format object file, we have added loader code to load content from 
   the object file. The rom_add_blob() function is used. We firstly  
analyze the COFF file to figure out which sections are chained
  together(so each chain forms a "memory blob"), and then allocate the 
memory blobs. 
  
  The psuedo code looks like:
  
&nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; for(i=0; i<BADTYPE; i++){
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if(ary_sect_chain[i].exist) &nbsp; 
//there is a chain of sections to allocate 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; {
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 
ary_sect_chain[i].mem_region = g_new(MemoryRegion, 1);
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 
memory_region_init_ram(...);
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 
memory_region_add_subregion(sysmem, ....);
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; rom_add_blob(....);
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }
&nbsp; &nbsp; &nbsp;&nbsp; &nbsp; }
&nbsp; 
&nbsp; &nbsp; The COFF loader works functionally, but we then found that 
sometimes QEMU is  down-graded - it treats each instruction as one TB. In 
version 4.2,&nbsp;  debugging shows 

that get_page_addr_code_host() from accel/tcg/cputlb.c returns -1, as shown 
below.

accel/tcg/cputlb.c:
tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; void **hostp)
{
&nbsp; &nbsp; uintptr_t mmu_idx = cpu_mmu_index(env, true);
&nbsp; &nbsp; uintptr_t index = tlb_index(env, mmu_idx, addr);
&nbsp; &nbsp; CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
&nbsp; &nbsp; void *p;

&nbsp; &nbsp; //.....
&nbsp; &nbsp; if (unlikely(entry-&gt;addr_code &amp; TLB_MMIO)) {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; /* The region is not backed by RAM.&nbsp; 
*/
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; if (hostp) {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *hostp = NULL;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; }
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; return -1;&nbsp; &nbsp; &nbsp; &nbsp; /* 
debugging falls to this branch, after this point QEMU translate one instruction 
to a TB&nbsp; */
&nbsp; &nbsp; }
&nbsp; &nbsp; //.......
}&nbsp; &nbsp; 

&nbsp;  &nbsp; One intresting fact is that this somehow depends on the linker  
command file. The object file generated by the following linker command  
file(per_instr.lds)
will "trigger" the problem. But QEMU work well with the object file linked by 
the other linker command file (ok.lds).
&nbsp; &nbsp; What cause get_page_addr_code_hostp() function to return -1? I 
have no clue at all. Any advise is appreciated!!
&nbsp; &nbsp; 
best regards,
xiaolei

------------------------------------------------------&nbsp; &nbsp; 

per_instr.lds file:
// .text is placed at 0x1000 (this is a word address) 
MEMORY
{
&nbsp;&nbsp; ROM:&nbsp; &nbsp; org = 0x0&nbsp;&nbsp;&nbsp; &nbsp; len = 
0x1000&nbsp;&nbsp; &nbsp; /* INTERNAL 4K 
ROM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; */
&nbsp;&nbsp; EXT0: &nbsp; org = 0x1000 &nbsp; len = 0x7FF000&nbsp; /*EXTERNAL 
MEMORY&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
&nbsp; */
&nbsp;&nbsp; RAM2: &nbsp; org = 0x800000 len = 0x7fff&nbsp;&nbsp; &nbsp; /* 
&nbsp; &nbsp; RAM BLOCK 
2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
&nbsp; */
&nbsp;&nbsp; RAM0: &nbsp; org = 0x809800 len = 0x400&nbsp;&nbsp;&nbsp; &nbsp; 
/* RAM BLOCK 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; */
&nbsp;&nbsp; RAM1: &nbsp; org = 0x809C00 len = 0x3c0&nbsp; &nbsp; /* RAM BLOCK 
1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; */
&nbsp;&nbsp; VECROR: org = 0x809fc1 len = 0x3f /*&nbsp; Interrupt Table*/&nbsp; 
&nbsp; 
&nbsp; 
}
/* SPECIFY THE SECTIONS ALLOCATION INTO MEMORY */
SECTIONS
{&nbsp;&nbsp; &nbsp; 
&nbsp;&nbsp; .cio:&nbsp; &gt; 
RAM2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; /* INITIALIZATION 
TABLES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
&nbsp; */
&nbsp;&nbsp; .const:&nbsp; &gt; 
RAM2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; /* 
CONSTANTS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; */
&nbsp;&nbsp; .cinit:&nbsp; &nbsp; &gt; RAM2
&nbsp;&nbsp; .text{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; &nbsp; &nbsp; *(.text)
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; } &gt;&nbsp; 
EXT0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; /* 
CODE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; */&nbsp; 
&nbsp;&nbsp; .bss:&nbsp; &nbsp; &gt; 
EXT0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; /* 
VARIABLES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; */
&nbsp;&nbsp; .data: &nbsp; &gt; RAM2
&nbsp;&nbsp; .stack:&nbsp; &gt; 
RAM2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; /* SYSTEM 
STACK&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; */
&nbsp;&nbsp; .sysmem: &gt; 
EXT0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; /*&nbsp; &nbsp; DYNAMIC MEMORY - DELETE IF NOT USED */
&nbsp;&nbsp; 
&nbsp;&nbsp; .vector: &gt; VECROR
}


------------------------------------------------------

ok.lds file:

MEMORY &nbsp; /* MEMORY directive */
{
&nbsp; &nbsp; ROM:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; 
origin = 000000h&nbsp; &nbsp; length = 001000h&nbsp;&nbsp; &nbsp; /* 4K 32-bit 
words on-chip ROM (C31/VC33) */
&nbsp; &nbsp; /* 256K 32-bit word off-chip SRAM (D.Module.VC33-150-S2) */
&nbsp; &nbsp; BIOS:&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; origin = 
001000h&nbsp;&nbsp;&nbsp; &nbsp; length = 000300h
&nbsp; &nbsp; CONF_UTL: &nbsp; origin = 001300h&nbsp;&nbsp;&nbsp; &nbsp; length 
= 000800h
&nbsp; &nbsp; FREE:&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; origin = 
001B00h&nbsp;&nbsp;&nbsp; &nbsp; length = 03F500h&nbsp; /* 259328 32-bit words 
*/
&nbsp; &nbsp; RAM_0_1:&nbsp;&nbsp; &nbsp; origin = 809800h&nbsp; &nbsp; length 
= 000800h&nbsp;&nbsp; &nbsp; /* 2 x 1K 32-bit word on-chip SRAM (C31/VC33) */
&nbsp; &nbsp; RAM_2_3:&nbsp;&nbsp; &nbsp; origin = 800000h&nbsp; &nbsp; length 
= 008000h&nbsp;&nbsp; &nbsp; /* 2 x 16K 32-bit word on-chip SRAM (VC33 only) */
}
SECTIONS&nbsp; /* SECTIONS directive */
{
&nbsp; &nbsp; .firm :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.firm)
&nbsp; &nbsp; } &gt; RAM_2_3

&nbsp; &nbsp; .text :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.text)
&nbsp; &nbsp; } &gt; RAM_2_3

&nbsp; &nbsp; .const :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.const)
&nbsp; &nbsp; } &gt; RAM_0_1

&nbsp; &nbsp; .bss :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.bss)
&nbsp; &nbsp; } &gt; RAM_2_3

&nbsp; &nbsp; .cinit :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.cinit)
&nbsp; &nbsp; } &gt; FREE

&nbsp; &nbsp; .data :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.data)
&nbsp; &nbsp; } &gt; RAM_2_3

&nbsp; &nbsp; .stack :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.stack)
&nbsp; &nbsp; } &gt; RAM_2_3

&nbsp; &nbsp; .sysmem :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.sysmem)
&nbsp; &nbsp; } &gt; FREE

&nbsp; &nbsp; .cio :
&nbsp; &nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *(.cio)
&nbsp; &nbsp; } &gt; FREE
}

Reply via email to