Hi, all While studying how QEMU handle self-modifying code I took [1] as an example. Running QEMU under GDB I found tb_invalidate_phys_page is called in two different call sequences:
1. do_syscall (linux-user/syscall.c) -> target_mprotect (linux-user/mmap.c) -> page_set_flags (exec.c) -> tb_invalidate_phys_page (exec.c) 2. host_signal_handler (linux-user/signal.c) -> cpu_x86_signal_handler (user-exec.c) -> handle_cpu_signal (user-exec.c) -> page_unprotect (exec.c) -> tb_invalidate_phys_page (exec.c) Both eventually call tb_invalidate_phys_page. If a guest page is being modified, I think tb_invalidate_phys_page that page once is sufficient. But it's apparently not in practice. After doing some comparisons bwteen those two call sequences (see below), I can only guess this has something to do with TARGET_HAS_PRECISE_SMC. --- 1st call sequence --- #0 tb_invalidate_phys_page (addr=134512640, pc=0, puc=0x0) #1 page_set_flags (start=134512640, end=134516736, flags=31) --- --- 2nd call sequence --- #0 tb_invalidate_phys_page (addr=134512640, pc=1612947916, puc=0x7fffffffd080) #1 page_unprotect (address=134514145, pc=1612947916, puc=0x7fffffffd080) --- But what TARGET_HAS_PRECISE_SMC is? *If* we don't have to support TARGET_HAS_PRECISE_SMC, does it imply there is no need to call tb_invalidate_phys_page twice? Thanks! [1] http://web.archive.org/web/20080618094733/http://public.carnet.hr/~jbrecak/sm.html Regards, chenwj -- Wei-Ren Chen (陳韋任) Computer Systems Lab, Institute of Information Science, Academia Sinica, Taiwan (R.O.C.) Tel:886-2-2788-3799 #1667