Lines Matching +full:address +full:- +full:translation
13 QEMU's dynamic translation backend is called TCG, for "Tiny Code
14 Generator". For more information, please take a look at :ref:`tcg-ops-ref`.
20 -----------------------
24 translation phase considers that some state information of the virtual
25 CPU cannot change in it. The state is recorded in the Translation
34 ---------------------
48 callback to be re-evaluated before executing additional instructions.
63 code address is returned, otherwise the address of the JIT epilogue is
65 opcode, which branches to the returned address. In this way, we either
71 The translation code usually implements branching by performing the
84 3. Call ``tcg_gen_exit_tb()`` passing the address of the current TB and
88 instruction that later on gets translated to a jump to an address
89 associated with the specified jump slot. Initially, this is the address
92 pointer composed of the last executed TB’s address and the jump slot
105 address of the new TB.
119 may change, causing the code at the destination address to change.
122 jump slot index, the address of the TB just executed is also returned.
123 This address corresponds to the TB that will be patched; it may be
127 Self-modifying code and translated code invalidation
128 ----------------------------------------------------
130 Self-modifying code is a special challenge in x86 emulation because no
134 User-mode emulation marks a host page as write-protected (if it is
135 not already read-only) every time translated code is generated for a
152 -----------------
163 memory until the end of the translation block. This is done for internal
165 very often throughout the execution of a translation block---this includes
171 -------------
174 virtual to physical address translation is done at every memory
177 QEMU uses an address translation cache (TLB) to speed up the translation.
180 means that each basic block is indexed with its physical address.
187 areas. Access is faster for RAM and ROM because the translation cache also
188 hosts the offset between guest address and host memory. Accessing MMIO
191 translation blocks.
194 ---------------------
199 limitation you can use the ``-perfmap`` or the ``-jitdump`` option to generate
200 map files. ``-perfmap`` is lightweight and produces only guest-host mappings.
201 ``-jitdump`` additionally saves JITed code and guest debug information (if
207 perf record $QEMU -perfmap $REMAINING_ARGS
210 perf record -k 1 $QEMU -jitdump $REMAINING_ARGS
211 DEBUGINFOD_URLS= perf inject -j -i perf.data -o perf.data.jitted
212 perf report -i perf.data.jitted
214 Note that qemu-system generates mappings only for ``-kernel`` files in ELF