Re: [Qemu-devel] Call Trace for QEMU functions

[Naman patel]

On Fri, Jul 31, 2015 at 3:32 PM, Peter Maydell <address@hidden> wrote:

On 31 July 2015 at 10:29, Naman patel <address@hidden> wrote:
> Can someone explain me what happens when a guest OS calls "invlpg" on say
> page swap out or a context switch? What exactly is the call flow and how
> QEMU handles this instruction?

When we see the instruction during translation, we emit code
which will

​In which function does the translation takes place?​

 

 * get the argument to invlpg (extracting it from the
relevant register, adding any constant offset required for
the addressing mode, etc)

​Where exactly is it done?​

 

 * make a call to helper_inlvpg().
(target-i386/translate.c has the C code that does this codegen --
search for invlpg)

​Thanks I got this function.​

 

Later when that generated code is run, we call the helper, which
does what it needs to do (in this case flush a page from QEMU's
TLB cache). When the call returns we'll carry on executing whatever
guest instruction comes next.

> Also is there anyway QEMU can send some data
> back to the guest OS?

​​

INVLPG is just an x86 instruction that performs an operation;
it doesn't modify any registers or flags. So there's no way
for it to tell the guest OS anything.

​True that ​

​

INVLPG only invalidates a TLB entry but in general how can one send a data structure(DS) back to guest OS from QEMU? I want to write my own function that can send a DS back to the guest OS. Are there any similar functions already present that sends back DS to guest? Or is it feasible?

-- PMM

​Thanks a lot for this information. It helped a lot.

Regards,
Naman​