[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] How QEMU handle self-modifying code?
From: |
陳韋任 |
Subject: |
[Qemu-devel] How QEMU handle self-modifying code? |
Date: |
Fri, 4 Nov 2011 23:21:20 +0800 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Hi, all
While studying how QEMU handle self-modifying code I took [1] as an example.
Running QEMU under GDB I found tb_invalidate_phys_page is called in two
different call sequences:
1. do_syscall (linux-user/syscall.c) -> target_mprotect (linux-user/mmap.c)
-> page_set_flags (exec.c) -> tb_invalidate_phys_page (exec.c)
2. host_signal_handler (linux-user/signal.c) -> cpu_x86_signal_handler
(user-exec.c)
-> handle_cpu_signal (user-exec.c) -> page_unprotect (exec.c)
-> tb_invalidate_phys_page (exec.c)
Both eventually call tb_invalidate_phys_page. If a guest page is being
modified, I think tb_invalidate_phys_page that page once is sufficient.
But it's apparently not in practice.
After doing some comparisons bwteen those two call sequences (see below),
I can only guess this has something to do with TARGET_HAS_PRECISE_SMC.
--- 1st call sequence ---
#0 tb_invalidate_phys_page (addr=134512640, pc=0, puc=0x0)
#1 page_set_flags (start=134512640, end=134516736, flags=31)
---
--- 2nd call sequence ---
#0 tb_invalidate_phys_page (addr=134512640, pc=1612947916, puc=0x7fffffffd080)
#1 page_unprotect (address=134514145, pc=1612947916, puc=0x7fffffffd080)
---
But what TARGET_HAS_PRECISE_SMC is? *If* we don't have to support
TARGET_HAS_PRECISE_SMC, does it imply there is no need to call
tb_invalidate_phys_page twice?
Thanks!
[1]
http://web.archive.org/web/20080618094733/http://public.carnet.hr/~jbrecak/sm.html
Regards,
chenwj
--
Wei-Ren Chen (陳韋任)
Computer Systems Lab, Institute of Information Science,
Academia Sinica, Taiwan (R.O.C.)
Tel:886-2-2788-3799 #1667
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-devel] How QEMU handle self-modifying code?,
陳韋任 <=