?????? Why QEMU translates one instruction to a TB??

casmac Thu, 17 Sep 2020 23:13:28 -0700

Hello , 

&nbsp; thanks for the hints. I modified one parameter of&nbsp; 
memory_region_init_ram() call ,and the slow-path problem disappeared.


&nbsp; What I did is , change the RAM size from the exact memory size needed to 
hold the object file section(s), to the size that TI C3X user manual memory 
mapping specifies. 

&nbsp; The former size is significantly smaller. But I did not specify the 
memory mapping else where in the program, so still unsure about the cause of 
conflict. 



&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
memory_region_init_ram(ary_sect_chain[i].mem_region, NULL, 
ary_sect_chain[i].s_name,
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
&nbsp;&nbsp;&nbsp; 
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /*ary_sect_chain[i].chain_size*4*/&nbsp; ary_sect_chain[i].region_size,&nbsp; 
&amp;error_fatal);&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; //region_size is fixed as 
specified in CPU manual , region_size&gt;chain_size*4
&nbsp; 

best regards, &nbsp; 

xiaolei


&nbsp;

On 9/17/20 8:25 AM, casmac wrote:
&gt; Hi all,
&gt; &nbsp;&nbsp; &nbsp; We try to add DSP architecure to QEMU 4.2. To load the 
COFF format
&gt; object file, we have added loader code to load content from
&gt; &nbsp; the object file. 
[...]

&gt; &nbsp; &nbsp; The COFF loader works functionally, but we then found that 
sometimes
&gt; QEMU is down-graded - it treats each instruction as one TB. In version
&gt; 4.2,&nbsp; debugging shows
&gt; that get_page_addr_code_host() from accel/tcg/cputlb.c returns -1, as
&gt; shown below.
&gt; 
&gt; accel/tcg/cputlb.c:
&gt; tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong
&gt; addr,
&gt; 
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp; void **hostp)
&gt; {
&gt; &nbsp; &nbsp; uintptr_t mmu_idx = cpu_mmu_index(env, true);
&gt; &nbsp; &nbsp; uintptr_t index = tlb_index(env, mmu_idx, addr);
&gt; &nbsp; &nbsp; CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
&gt; &nbsp; &nbsp; void *p;
&gt; 
&gt; &nbsp; &nbsp; //.....
&gt; &nbsp; &nbsp; if (unlikely(entry-&gt;addr_code &amp; TLB_MMIO)) {
&gt; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; /* The region is not backed by 
RAM.&nbsp; */
&gt; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; if (hostp) {
&gt; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; *hostp = 
NULL;
&gt; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; }
&gt; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; return -1;&nbsp; &nbsp; &nbsp; 
&nbsp; /* debugging falls to this branch, after this
&gt; point QEMU translate one instruction to a TB&nbsp; */
&gt; &nbsp; &nbsp; }
&gt; &nbsp; &nbsp; //.......
&gt; }&nbsp; &nbsp;
&gt; 
&gt; &nbsp; &nbsp; One intresting fact is that this somehow depends on the 
linker
&gt; command file. The object file generated by the following linker command
&gt; file(per_instr.lds)
&gt; will "trigger" the problem. But QEMU work well with the object file
&gt; linked by the other linker command file (ok.lds).
&gt; &nbsp; &nbsp; What cause get_page_addr_code_hostp() function to return -1? 
I have
&gt; no clue at all. Any advise is appreciated!!

Maybe the "execute from small-MMU-region RAM" problem?

See:
https://www.mail-archive.com/qemu-devel@nongnu.org/msg549660.html

?????? Why QEMU translates one instruction to a TB??

Reply via email to