diff mbox series

[22/22] plugins: Update the documentation block for plugin-gen.c

Message ID 20240316015720.3661236-23-richard.henderson@linaro.org
State Superseded
Headers show
Series plugins: Rewrite plugin code generation | expand

Commit Message

Richard Henderson March 16, 2024, 1:57 a.m. UTC
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 accel/tcg/plugin-gen.c | 31 ++++---------------------------
 1 file changed, 4 insertions(+), 27 deletions(-)

Comments

Pierrick Bouvier March 19, 2024, 12:56 p.m. UTC | #1
On 3/16/24 05:57, Richard Henderson wrote:
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>   accel/tcg/plugin-gen.c | 31 ++++---------------------------
>   1 file changed, 4 insertions(+), 27 deletions(-)
> 
> diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
> index fd52ea3987..c354825779 100644
> --- a/accel/tcg/plugin-gen.c
> +++ b/accel/tcg/plugin-gen.c
> @@ -14,33 +14,10 @@
>    * Injecting the desired instrumentation could be done with a second
>    * translation pass that combined the instrumentation requests, but that
>    * would be ugly and inefficient since we would decode the guest code twice.
> - * Instead, during TB translation we add "empty" instrumentation calls for all
> - * possible instrumentation events, and then once we collect the instrumentation
> - * requests from plugins, we either "fill in" those empty events or remove them
> - * if they have no requests.
> - *
> - * When "filling in" an event we first copy the empty callback's TCG ops. This
> - * might seem unnecessary, but it is done to support an arbitrary number
> - * of callbacks per event. Take for example a regular instruction callback.
> - * We first generate a callback to an empty helper function. Then, if two
> - * plugins register one callback each for this instruction, we make two copies
> - * of the TCG ops generated for the empty callback, substituting the function
> - * pointer that points to the empty helper function with the plugins' desired
> - * callback functions. After that we remove the empty callback's ops.
> - *
> - * Note that the location in TCGOp.args[] of the pointer to a helper function
> - * varies across different guest and host architectures. Instead of duplicating
> - * the logic that figures this out, we rely on the fact that the empty
> - * callbacks point to empty functions that are unique pointers in the program.
> - * Thus, to find the right location we just have to look for a match in
> - * TCGOp.args[]. This is the main reason why we first copy an empty callback's
> - * TCG ops and then fill them in; regardless of whether we have one or many
> - * callbacks for that event, the logic to add all of them is the same.
> - *
> - * When generating more than one callback per event, we make a small
> - * optimization to avoid generating redundant operations. For instance, for the
> - * second and all subsequent callbacks of an event, we do not need to reload the
> - * CPU's index into a TCG temp, since the first callback did it already.
> + * Instead, during TB translation we add "plugin_cb" marker opcodes
> + * for all possible instrumentation events, and then once we collect the
> + * instrumentation requests from plugins, we generate code for those markers
> + * or remove them if they have no requests.
>    */
>   #include "qemu/osdep.h"
>   #include "qemu/plugin.h"

Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
diff mbox series

Patch

diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
index fd52ea3987..c354825779 100644
--- a/accel/tcg/plugin-gen.c
+++ b/accel/tcg/plugin-gen.c
@@ -14,33 +14,10 @@ 
  * Injecting the desired instrumentation could be done with a second
  * translation pass that combined the instrumentation requests, but that
  * would be ugly and inefficient since we would decode the guest code twice.
- * Instead, during TB translation we add "empty" instrumentation calls for all
- * possible instrumentation events, and then once we collect the instrumentation
- * requests from plugins, we either "fill in" those empty events or remove them
- * if they have no requests.
- *
- * When "filling in" an event we first copy the empty callback's TCG ops. This
- * might seem unnecessary, but it is done to support an arbitrary number
- * of callbacks per event. Take for example a regular instruction callback.
- * We first generate a callback to an empty helper function. Then, if two
- * plugins register one callback each for this instruction, we make two copies
- * of the TCG ops generated for the empty callback, substituting the function
- * pointer that points to the empty helper function with the plugins' desired
- * callback functions. After that we remove the empty callback's ops.
- *
- * Note that the location in TCGOp.args[] of the pointer to a helper function
- * varies across different guest and host architectures. Instead of duplicating
- * the logic that figures this out, we rely on the fact that the empty
- * callbacks point to empty functions that are unique pointers in the program.
- * Thus, to find the right location we just have to look for a match in
- * TCGOp.args[]. This is the main reason why we first copy an empty callback's
- * TCG ops and then fill them in; regardless of whether we have one or many
- * callbacks for that event, the logic to add all of them is the same.
- *
- * When generating more than one callback per event, we make a small
- * optimization to avoid generating redundant operations. For instance, for the
- * second and all subsequent callbacks of an event, we do not need to reload the
- * CPU's index into a TCG temp, since the first callback did it already.
+ * Instead, during TB translation we add "plugin_cb" marker opcodes
+ * for all possible instrumentation events, and then once we collect the
+ * instrumentation requests from plugins, we generate code for those markers
+ * or remove them if they have no requests.
  */
 #include "qemu/osdep.h"
 #include "qemu/plugin.h"