Say the On Fri, Sep 23, 2011 at 10:50 PM, 陳韋任 <che...@iis.sinica.edu.tw> wrote:
> > I see, so they (jmp_next, jmp_first) are just for finding the tbs when > > unchaining is needed. do they have any other uses? also, does QEMU do > inline > > caching ( when it is a conditional branch)? > > Yes, they are used for unchaining. Please see cpu_unlink_tb -> > tb_reset_jump_recursive. > > What "inline caching" means? When it's a conditional branch, the > Say your are trying to emulate an indirect jump ( i.e. jmp eax). Because eax is unknown at compile time, you will have to return to the mainloop to look it up. However, if you know some likely values, you can do a few cached compare and hope it hits one of them. compare eax = 0x33e3e23 jmp tb 30 compare eax = 0332d2ed jmp tb 30 tb exit > branch target is fixed, and here comes the direct block chaining. > If the branch target is fix, you will still need 2 jmps, one for taken branch another for nottaken branch. can you show me where the code does that is ? > There is another dynamic translation technique called IBTC (indirect > branch translation cache) for indirect branch which has no fixed > branch target. But QEMU doesn't has IBTC. Could you please explain > what "inline caching" is? > > Regards, > chenwj > > -- > Wei-Ren Chen (陳韋任) > Computer Systems Lab, Institute of Information Science, > Academia Sinica, Taiwan (R.O.C.) > Tel:886-2-2788-3799 #1667 >
