[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why QEMU translates one instruction to a TB?
From: |
Alex Bennée |
Subject: |
Re: Why QEMU translates one instruction to a TB? |
Date: |
Thu, 17 Sep 2020 09:41:14 +0100 |
User-agent: |
mu4e 1.5.5; emacs 28.0.50 |
casmac <climber.cui@qq.com> writes:
> Hi all,
> We try to add DSP architecure to QEMU 4.2. To load the
> COFF format object file, we have added loader code to load content from
> the object file. The rom_add_blob() function is used. We firstly
> analyze the COFF file to figure out which sections are chained
> together(so each chain forms a "memory blob"), and then allocate the
> memory blobs.
>
> The psuedo code looks like:
>
> for(i=0; i<BADTYPE; i++){
> if(ary_sect_chain[i].exist)
> //there is a chain of sections to allocate
> {
>
> ary_sect_chain[i].mem_region = g_new(MemoryRegion, 1);
>
> memory_region_init_ram(...);
>
> memory_region_add_subregion(sysmem, ....);
> rom_add_blob(....);
> }
> }
>
<snip>
> if (unlikely(entry->addr_code & TLB_MMIO)) {
> /* The region is not backed by
> RAM. */
This is the crux of it. If the address looked up isn't in a RAM region
then the TLB code can't assume a contiguous page of instructions or that
the instruction executed on one read will be the same on the next so it
will only execute a single instruction at a time and not cache the
resulting TB either forcing a fresh re-translation each time.
All TLB_MMIO access basically force the slow path.
I suspect there is something wrong in your memory region mappings.
--
Alex Bennée