Why QEMU treats each instruction as one translation block?

Wed, 16 Sep 2020 23:13:24 -0700 

Hi all, 
     We try to add DSP architecure to QEMU 4.2. To load the 
COFF format object file, we have added loader code to load content from 
  the object file. The rom_add_blob() function is used. We firstly analyze 
the COFF file to figure out which sections are chained
  together(so each chain forms a "memory blob"), and then allocate the 
memory blobs. 
  
  The psuedo code looks like:
  
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; for(i=0; i<BADTYPE; i++){
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
if(ary_sect_chain[i].exist)&nbsp;&nbsp; //there is a chain of sections to 
allocate 
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
ary_sect_chain[i].mem_region = g_new(MemoryRegion, 1);
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
memory_region_init_ram(...);
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
memory_region_add_subregion(sysmem, ....);
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; 
rom_add_blob(....);
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; }
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp; }
&nbsp; 
&nbsp; The loader works functionally, but we then found that sometimes QEMU is 
down-graded - it treats each instruction as one TB. In version 4.2,&nbsp; 
debugging shows 

that get_page_addr_code_host() from accel/tcg/cputlb.c returns -1, as shown 
below.

accel/tcg/cputlb.c:
tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 void **hostp)
{
&nbsp;&nbsp;&nbsp; uintptr_t mmu_idx = cpu_mmu_index(env, true);
&nbsp;&nbsp;&nbsp; uintptr_t index = tlb_index(env, mmu_idx, addr);
&nbsp;&nbsp;&nbsp; CPUTLBEntry *entry = tlb_entry(env, mmu_idx, addr);
&nbsp;&nbsp;&nbsp; void *p;

&nbsp;&nbsp;&nbsp; //.....
&nbsp;&nbsp;&nbsp; if (unlikely(entry-&gt;addr_code &amp; TLB_MMIO)) {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* The region is not backed by 
RAM.&nbsp; */
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (hostp) {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *hostp = 
NULL;
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return -1;&nbsp;&nbsp;&nbsp; 
&nbsp;&nbsp;&nbsp; /* debugging falls to this branch, after this point QEMU 
translate one instruction to a TB&nbsp; */
&nbsp;&nbsp;&nbsp; }
&nbsp;&nbsp;&nbsp; //.......
}&nbsp;&nbsp;&nbsp; 

&nbsp;&nbsp;&nbsp; One intresting fact is that this somehow depends on the 
linker command file. The object file generated by the following linker command 
file(per_instr.lds)
will "trigger" the problem. But QEMU work well with the object file linked by 
the other linker command file (ok.lds).
&nbsp;&nbsp;&nbsp; What cause get_page_addr_code_hostp() function to return -1? 
I have no clue at all. Any advise is appreciated!!
&nbsp;&nbsp;&nbsp; 
best regards,
xiaolei

------------------------------------------------------&nbsp;&nbsp;&nbsp; 

per_instr.lds file:
// .text is placed at 0x1000 (this is a word address) 
MEMORY
{
&nbsp;&nbsp; ROM:&nbsp;&nbsp;&nbsp; org = 0x0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; len 
= 0x1000&nbsp;&nbsp;&nbsp;&nbsp; /* INTERNAL 4K 
ROM&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; EXT0:&nbsp;&nbsp; org = 0x1000&nbsp;&nbsp; len = 0x7FF000&nbsp; 
/*EXTERNAL 
MEMORY&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; RAM2:&nbsp;&nbsp; org = 0x800000 len = 
0x7fff&nbsp;&nbsp;&nbsp;&nbsp; /* &nbsp;&nbsp;&nbsp; RAM BLOCK 
2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; RAM0:&nbsp;&nbsp; org = 0x809800 len = 
0x400&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /* RAM BLOCK 
0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; */
&nbsp;&nbsp; RAM1:&nbsp;&nbsp; org = 0x809C00 len = 0x3c0&nbsp;&nbsp;&nbsp; /* 
RAM BLOCK 
1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; VECROR: org = 0x809fc1 len = 0x3f /*&nbsp; Interrupt 
Table*/&nbsp;&nbsp;&nbsp; 
&nbsp; 
}
/* SPECIFY THE SECTIONS ALLOCATION INTO MEMORY */
SECTIONS
{&nbsp;&nbsp;&nbsp;&nbsp; 
&nbsp;&nbsp; .cio:&nbsp; &gt; 
RAM2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /* INITIALIZATION 
TABLES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; .const:&nbsp; &gt; 
RAM2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /* 
CONSTANTS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; .cinit:&nbsp;&nbsp;&nbsp; &gt; RAM2
&nbsp;&nbsp; .text{
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; *(.text)
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; } &gt;&nbsp; 
EXT0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /* 
CODE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */&nbsp; 
&nbsp;&nbsp; .bss:&nbsp;&nbsp;&nbsp; &gt; 
EXT0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /* 
VARIABLES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; .data:&nbsp;&nbsp; &gt; RAM2
&nbsp;&nbsp; .stack:&nbsp; &gt; 
RAM2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /* SYSTEM 
STACK&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 */
&nbsp;&nbsp; .sysmem: &gt; 
EXT0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 /*&nbsp;&nbsp;&nbsp; DYNAMIC MEMORY - DELETE IF NOT USED */
&nbsp;&nbsp; 
&nbsp;&nbsp; .vector: &gt; VECROR
}


------------------------------------------------------

ok.lds file:

MEMORY&nbsp;&nbsp; /* MEMORY directive */
{
&nbsp;&nbsp;&nbsp; 
ROM:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; origin = 
000000h&nbsp;&nbsp;&nbsp; length = 001000h&nbsp;&nbsp;&nbsp;&nbsp; /* 4K 32-bit 
words on-chip ROM (C31/VC33) */
&nbsp;&nbsp;&nbsp; /* 256K 32-bit word off-chip SRAM (D.Module.VC33-150-S2) */
&nbsp;&nbsp;&nbsp; BIOS:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; origin = 
001000h&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; length = 000300h
&nbsp;&nbsp;&nbsp; CONF_UTL:&nbsp;&nbsp; origin = 
001300h&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; length = 000800h
&nbsp;&nbsp;&nbsp; FREE:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; origin = 
001B00h&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; length = 03F500h&nbsp; /* 259328 32-bit 
words */
&nbsp;&nbsp;&nbsp; RAM_0_1:&nbsp;&nbsp;&nbsp;&nbsp; origin = 
809800h&nbsp;&nbsp;&nbsp; length = 000800h&nbsp;&nbsp;&nbsp;&nbsp; /* 2 x 1K 
32-bit word on-chip SRAM (C31/VC33) */
&nbsp;&nbsp;&nbsp; RAM_2_3:&nbsp;&nbsp;&nbsp;&nbsp; origin = 
800000h&nbsp;&nbsp;&nbsp; length = 008000h&nbsp;&nbsp;&nbsp;&nbsp; /* 2 x 16K 
32-bit word on-chip SRAM (VC33 only) */
}
SECTIONS&nbsp; /* SECTIONS directive */
{
&nbsp;&nbsp;&nbsp; .firm :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.firm)
&nbsp;&nbsp;&nbsp; } &gt; RAM_2_3

&nbsp;&nbsp;&nbsp; .text :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.text)
&nbsp;&nbsp;&nbsp; } &gt; RAM_2_3

&nbsp;&nbsp;&nbsp; .const :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.const)
&nbsp;&nbsp;&nbsp; } &gt; RAM_0_1

&nbsp;&nbsp;&nbsp; .bss :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.bss)
&nbsp;&nbsp;&nbsp; } &gt; RAM_2_3

&nbsp;&nbsp;&nbsp; .cinit :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.cinit)
&nbsp;&nbsp;&nbsp; } &gt; FREE

&nbsp;&nbsp;&nbsp; .data :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.data)
&nbsp;&nbsp;&nbsp; } &gt; RAM_2_3

&nbsp;&nbsp;&nbsp; .stack :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.stack)
&nbsp;&nbsp;&nbsp; } &gt; RAM_2_3

&nbsp;&nbsp;&nbsp; .sysmem :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.sysmem)
&nbsp;&nbsp;&nbsp; } &gt; FREE

&nbsp;&nbsp;&nbsp; .cio :
&nbsp;&nbsp;&nbsp; {
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *(.cio)
&nbsp;&nbsp;&nbsp; } &gt; FREE
}

Reply via email to