Hi, Blue > I don't think it is possible. The only non-device cases for x86 are > tb_invalidate_phys_page_range(), cpu_x86_set_a20() and > do_inject_x86_mce(), none of which should be reachable from user > emulator. > > Maybe these should be #ifdeffed out from user emulator builds.
I am not sure if SMC will use tb_invalidate_phys_page_range. Currently, QEMU defines tcg_handle_interrupt (replace original cpu_interrupt) and cpu_interrupt for system and process mode separately. Perhaps this should leave to x86 experts to judge. > > 2. cpu_exit: > > > > QEMU will register a host SIGALRM handler, host_alarm_handler > > (qemu-timer.c), when initialize the enviroment in system mode. > > Then when host OS delivers SIGALRM to QEMU, host_alarm_handler > > calls qemu_notify_event -> cpu_exit. cpu_exit raise env->exit_request > > , then call cpu_unlink_tb to unlink env's TBs. > > > > There are other places where cpu_exit is called, like > > > > - cpu_signal: I think this is used when IOTHREAD is enabled. > > > > - DMA_init: I guess cpu_exit is called when DMA is done so > > that control is gave back to QEMU from the code > > cache. > > Yes, this is a questionable hack to improve performance. Maybe it's > also not needed anymore since I/O thread was enabled. > > > - gdb_do_syscall: Don't know when it get called. > > > > - vm_stop -> cpu_stop_current: Don't know when it get called. > > grep -r is your friend. I'll dig into it. Thanks. :) Regards, chenwj -- Wei-Ren Chen (陳韋任) Computer Systems Lab, Institute of Information Science, Academia Sinica, Taiwan (R.O.C.) Tel:886-2-2788-3799 #1667