Re: [Qemu-discuss] 答复: Output many return values of some instruction

[Peter Maydell]

On 28 November 2014 at 02:27,  erics...@via-alliance.com wrote:
 Hi，Peter
 Many thanks for you to reply, I am confused here in many days. Thanks you 
 very much.
 Another problem, my instruction “Getsec” want to output 3 return value to 
 eax/ebx/ecx and only one input parameter eax.
 But the return value eax and ecx is correct. The ebx is not correct. It is 
 strange.
 My code is :
 gen_op_mov_v_reg(MO_64, cpu_T[1], R_EAX);// mov 
 input parameter eax to cpu_T[1]
 tcg_gen_getsec_tl(cpu_T[0], cpu_T[2], cpu_T[3], cpu_T[1]);  
 // My instruction: The first 3 is for output and the last is for input

This is broken, because cpu_T[2] and cpu_T[3] don't exist.
You should create and use temporaries yourself, like I suggested,
if you need them. However:

 gen_op_mov_reg_v(MO_64, R_EAX, cpu_T[0]);// mov 
 1st return to eax

A gen_op_mov_reg_v() whose first argument is always
MO_64 is just going to compile to a TCG mov, so you
might as well just say

   tcg_gen_getsec_tl(R_EAX, R_EBX, R_ECX, cpu_T[1]);

and avoid the extra mov ops.

 And From your comment about cpu_T[], I cannot find where
 cpu_T[0]  [1] are freed. Cpu_T[] don't need to free ?

No, because they are created once when the TCG code is initialized,
and last for the lifetime of the translator.

   In Getsec implementation, I set the return value as followings:
ots = s-temps[args[0]];
tcg_out_movi(s, ots-type, ots-reg, 0xC0);
ots = s-temps[args[1]];
tcg_out_movi(s, ots-type, ots-reg, 0xE0);
ots = s-temps[args[2]];
tcg_out_movi(s, ots-type, ots-reg, 0x1D);

I don't know what bit of code you're referring to here, but
this looks wrong. tcg_out_movi is a function used in the
TCG backends (the part of QEMU that generates code for a
particular host CPU). You don't need it at all to add a
new instruction to the TCG target-* frontend (which supports
a particular guest CPU).

-- PMM

[Qemu-discuss] 答复: Output many return values of some instruction

[EricSong]

Hi，Peter
Many thanks for you to reply, I am confused here in many days. Thanks you 
very much.
Another problem, my instruction “Getsec” want to output 3 return value to 
eax/ebx/ecx and only one input parameter eax.
But the return value eax and ecx is correct. The ebx is not correct. It is 
strange.
My code is :
gen_op_mov_v_reg(MO_64, cpu_T[1], R_EAX);// mov 
input parameter eax to cpu_T[1]
tcg_gen_getsec_tl(cpu_T[0], cpu_T[2], cpu_T[3], cpu_T[1]);  // 
My instruction: The first 3 is for output and the last is for input
gen_op_mov_reg_v(MO_64, R_EAX, cpu_T[0]);// mov 1st 
return to eax 
gen_op_mov_reg_v(MO_64, R_EBX, cpu_T[2]);// mov 2nd 
return to ebx
gen_op_mov_reg_v(MO_64, R_ECX, cpu_T[3]);// mov 3rd 
return to ecx

After execution, the eax and ecx is all correct. But ebx is not correct. 
Why? So strange?

And From your comment about cpu_T[], I cannot find where cpu_T[0]  [1] are 
freed. Cpu_T[] don't need to free ?

Thanks
Best wishes,
Eric

-邮件原件-
发件人: Peter Maydell [mailto:peter.mayd...@linaro.org] 
发送时间: 2014年11月27日 18:57
收件人: Eric Song
抄送: qemu-discuss
主题: Re: [Qemu-discuss] Output many return values of some instruction

On 27 November 2014 at 02:47,  erics...@via-alliance.com wrote:
Many instructions can output only one return value by cpu_T[0] 
 parameter, and input parameter is cpu_T[0], there is no other 
 parameter to use for output more return value. How can I do it?

For example:

   Common instruction: ADD, the output return value is eax, so in 
 QEMU the output return value is cpu_T[0], then move it to eax.

 tcg_gen_add_tl(cpu_T[0], cpu_T[0], cpu_T[1]);  //
 cpu_T[0] is return value

 gen_op_mov_reg_v(MO_64, R_EAX, cpu_T[0]); // mov return
 value to eax

 gen_op_update2_cc(); // what means

 set_cc_op(s1, CC_OP_ADDB + ot);   // what means

After this sequence, it can finish “add” instruction for output to eax.
 But when my instruction “Getsec” want to output 3 return value to 
 eax/ebx/ecx. And we have only one parameter cpu_T[0], how to finish 
 it? And what means about the update_cc() and set_cc_op ?


The cpu_T[] are just ordinary TCG temporaries. For historical reasons the x86 
target creates them at startup and then uses them over and over, but you can 
also just create and use your own temporaries if you need more than just the 
two. (Don't forget to free them when you're done.) Some functions in the x86 
translator implicitly take arguments in cpu_T[] rather than as actual function 
arguments; again, this is just historical. (x86 is our oldest translator and 
not very actively maintained; it has a lot of left-over style from very old 
versions of QEMU.)

update_cc() and set_cc_op() are part of the optimisation for handling the CPU 
flags: instead of computing all the flags set by an instruction, we just save 
enough information about the instruction that we can compute the flags later. 
(In this case we save the two inputs to the ADD via gen_op_update2_cc() and the 
information about the operation via set_cc_op()). The idea is that most of the 
time the flags set by an instruction are never read by the guest before some 
following instruction updates the flags again, so it's faster to only calculate 
the flag information at the point where the guest code actually uses it, even 
though it requires more book-keeping. If your instruction affects the flags 
then you'll need to figure out how this works so you can add support for your 
insn.

-- PMM