Re: Question on skip_emulated_instructions()

[Gleb Natapov <gleb@redhat.com>]

On Tue, Apr 06, 2010 at 01:11:23PM +0900, Yoshiaki Tamura wrote:
> Hi.
> 
> When handle_io() is called, rip is currently proceeded *before* actually having
> I/O handled by qemu in userland.  Upon implementing Kemari for
> KVM(http://www.mail-archive.com/kvm@vger.kernel.org/msg25141.html) mainly in
> userland qemu, we encountered a problem that synchronizing the content of VCPU
> before handling I/O in qemu is too late because rip is already proceeded in KVM,
> Although we avoided this issue with temporal hack, I would like to ask a few
> question on skip_emulated_instructions.
> 
> 1. Does rip need to be proceeded before having I/O handled by qemu?
In current kvm.git rip is proceeded before I/O is handled by qemu only
in case of "out" instruction. From architecture point of view I think
it's OK since on real HW you can't guaranty that I/O will take effect
before instruction pointer is advanced. It is done like that because we
want "out" emulation to be real fast so we skip x86 emulator.

> 2. If no, is it possible to divide skip_emulated_instructions(), like
> rec_emulated_instructions() to remember to next_rip, and
> skip_emulated_instructions() to actually proceed the rip.
Currently only emulator can call userspace to do I/O, so after
userspace returns after I/O exit, control is handled back to emulator
unconditionally.  "out" instruction skips emulator, but there is nothing
to do after userspace returns, so regular cpu loop is executed. If we
want to advance rip only after userspace executed I/O done by "out" we
need to distinguish who requested I/O (emulator or kvm_fast_pio_out())
and call different code depending on who that was. It can be done by
having a callback that (if not null) is called on return from userspace.

> 3. svm has next_rip but when it is 0, nop is emulated.  Can this be modified to
> continue without emulating nop when next_rip is 0?
> 
I don't see where nop is emulated if next_rip is 0. As far as I see in
case of next_rip==0 an instruction at rip is decoded to figure out its
length and then rip is advanced by instruction length. Anyway next_rip
is svm thing only.

--
			Gleb.