From: Paolo Bonzini <pbonzini@redhat.com>
To: Kaiyuan <kaiyuanl@tju.edu.cn>
Cc: Peter Maydell <peter.maydell@linaro.org>,
qemu-devel <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] How address_space_rw works?
Date: Fri, 10 Apr 2015 10:14:15 +0200 [thread overview]
Message-ID: <55278657.8080306@redhat.com> (raw)
In-Reply-To: <ALMAMACsALML4EoqmXlQNqqZ.3.1428652065140.Hmail.2014218038@tju.edu.cn>
On 10/04/2015 09:47, Kaiyuan wrote:
>>> Where is the code location that I can set breakpoint to observe
>>> the fast path for R/W requests to RAM?
>>
>> Nowhere really, because the fast path is done directly in assembly
>> code that TCG generates at run-time.
>>
>>> Whether dose Qemu provide method to disable fast path so that I
>>> can set one breakpoint to catch all requests both MMIO and RAM?
>>
>> You can modify the backends (e.g. tcg/i386/tcg-target.c) to do
>> this, but chances are that there is a better way to do it.
>
> The request address I get from backends is host virtual address. But,
> only guest physical address is useful to me.
The backends are passed guest virtual addresses for the qemu_ld and
qemu_st TCG opcodes.
>> What are you trying to do?
>
> Thanks for your answer. I need to implement a checker that locates
> logically between bus and memory. This checker will catch all access
> requests, check if the address of requests are in a table I maintain.
> If address is in table, checker will forwards request to memory. If
> address is not in table, request will be discarded. You can think it
> as a firewall for addresses of R/W access requests.
If that's the case, you could also add your check to
memory_region_section_get_iotlb. Search for PHYS_SECTION_WATCH,
watch_mem_ops and io_mem_watch, and do the same for your new special
case. This is where QEMU decides between using the slow path or the
fast path.
However this will not catch instruction fetches. How to do that depends
on the details of what you are doing. In particular, if you need to
trap on _all_ instruction fetches and not just the first, it's likely
that QEMU is not the best project to base your changes on. A simulator
would be more appropriate.
Paolo
next prev parent reply other threads:[~2015-04-10 8:14 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-10 7:47 [Qemu-devel] How address_space_rw works? Kaiyuan
2015-04-10 8:14 ` Paolo Bonzini [this message]
2015-04-13 3:41 ` Kaiyuan
-- strict thread matches above, loose matches on Subject: below --
2015-04-09 8:34 Kaiyuan
2015-04-09 8:57 ` Peter Maydell
2015-04-10 4:47 ` Kaiyuan
2015-04-10 6:34 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55278657.8080306@redhat.com \
--to=pbonzini@redhat.com \
--cc=kaiyuanl@tju.edu.cn \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.