Re: [Qemu-devel] On x86 MMU modes

[Peter Maydell]

On 6 June 2015 at 08:36, Sandhya Kumar <address@hidden> wrote:
> Thanks Peter for your explanation.
>
> [The following question on TLB working could be a deviation from the first
> mail here, but asking here instead of starting new thread.]
>
> I picked up a simple 'Hello world' ELF executable (shown at the end) and
> tried to experiment with QEMU's address translations (i.e. guest VA -> host
> VA in softmmu_template.h) occurring in userland for that process. This is
> the sequence of guest VA (in hexadecimal) being translated:
>
> 401bee
> 401c07
> 401c0e
> 401c13
> 401d23
> 401d39
> 402009
> ...... and so on
>
> The italized ones (first four) belong to _start of my executable and the
> next few can be traced to __libc_start_main in my executable. Can anyone
> please help me understand why the order is appearing like this?

Most code loads don't go through the softmmu_template.h code. The
frontend (target-*/translate.c) calls cpu_ld*_code functions, which
are implemented by macros in include/exec/cpu_ldst_template.h. Those
functions will try to do a direct lookup in QEMU's TLB first, and will
only call the helper functions in softmmu_template.h if they miss.
So you're not going to see a call for every instruction. (My guess is
you're seeing one call every basic block, but it's not possible to tell
from the detail you give.)

-- PMM