[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] How address_space_rw works?
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [Qemu-devel] How address_space_rw works? |
|
Date: |
Fri, 10 Apr 2015 08:34:56 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 |
On 10/04/2015 06:47, Kaiyuan wrote:
>> That's because we have a fast-path for RAM accesses that directs
>> them to the bit of host memory we're using as guest RAM:
>> * for KVM, the guest gets the host memory directly mapped and
>> accesses it without trapping out to userspace
>> * for TCG, our TLB data structure caches the guest-virtual-address
>> to host-virtual-address mapping, and the generated TCG code
>> does a fast inline lookup in this cache; if it hits then it
>> can load or store to the host memory without ever having to
>> come out to a C helper function
>
> Thanks for your explanation about fast path. I am reviewing and debugging
> code related to TCG.
>
> Where is the code location that I can set breakpoint to observe the fast path
> for R/W requests to RAM?
Nowhere really, because the fast path is done directly in assembly code
that TCG generates at run-time.
> Whether dose Qemu provide method to disable fast path so that I can set one
> breakpoint to catch all requests both MMIO and RAM?
You can modify the backends (e.g. tcg/i386/tcg-target.c) to do this, but
chances are that there is a better way to do it.
What are you trying to do?
Paolo