On 09.05.2011, at 12:34, Dushyant Bansal wrote: > On Sunday 08 May 2011 02:22 AM, Alexander Graf wrote: >> On 07.05.2011, at 22:32, Dushyant Bansal wrote: >> >>> Hi, >>> >>> On patching 'mfmsr' instruction with 'lwz', guest exits when it tries to execute that 'lwz' instruction. I am looking for possible causes for this exit. >>> >>> Here are the details: >>> Initially, >>> pc: 0xc0019420, instruction: 0x7c0000a6 [mfmsr r0] >>> As this is a privileged instruction, this causes an exit. >>> >>> qemu-system-ppc-4443 [000] 19733.740013: kvm_book3s_exit: exit=0x700 | pc=0xc0019420 | inst=0x7c0000a6 | msr=0x1032 | dar=0xe1736a00 | srr1=0x100000000004d032 >>> qemu-system-ppc-4443 [000] 19733.740029: kvm_book3s_patch: return=0 | pc=0xc0019420 | inst=0x7c0000a6 | msr=0x1032 | new_inst=0x8000f05c >>> qemu-system-ppc-4443 [000] 19733.740030: kvm_ppc_instr: inst 2080374950 pc 0xc0019420 emulate 0 >>> qemu-system-ppc-4443 [000] 19733.740037: kvm_book3s_reenter: reentry r=1 | pc=0xc0019420 >>> >>> I patched this instruction with: >>> 0x8000f05c: lwz r0, -4096(offset of msr) >>> This instruction reads the 'msr' field of the magic page into register r0. >>> >>> Then, I do not increment the pc value, so the guest starts at the same pc which now points to the new patched instruction. >>> >>> This 'lwz' instruction is causing a exit due to 'BOOK3S_INTERRUPT_PROGRAM' (exit_nr: 0x700). >>> What could be the reason for this exit? As, 'lwz' is not a privileged instruction, I am unable to think of any reason. >> Did you flush the icache after you patched the instruction? See the function flush_icache_range. Without, your CPU still has the old instruction in its cache, making it trap again :). > Thanks. > > I tried flush_icache_range((ulong)pc, (ulong)pc + 4); > The system becomes unresponsive and I have to use force shut down. > > Here, pc will have the address of guest instruction and flush_icache_range is called from host. Maybe, I am not using flush_icache_range in the correct way. > Also, my host os is ppc64 and the guest is ppc32. > > I also tried: flush_cache_all() > But the instruction is still present in the instruction cache. Just patch the _st function to flush the icache on the host virtual address every time it gets invoked :). Alex -- To unsubscribe from this list: send the line "unsubscribe kvm-ppc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
