From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:37987)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jcmvbkbc@gmail.com>) id 1T49hU-0000PL-Qw
	for qemu-devel@nongnu.org; Wed, 22 Aug 2012 08:06:26 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jcmvbkbc@gmail.com>) id 1T49hL-0007nO-4l
	for qemu-devel@nongnu.org; Wed, 22 Aug 2012 08:06:20 -0400
Received: from mail-qa0-f52.google.com ([209.85.216.52]:59337)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jcmvbkbc@gmail.com>) id 1T49hL-0007mq-0O
	for qemu-devel@nongnu.org; Wed, 22 Aug 2012 08:06:11 -0400
Received: by qabg14 with SMTP id g14so645843qab.4
	for <qemu-devel@nongnu.org>; Wed, 22 Aug 2012 05:06:09 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <CAAu8pHsy6WvzE1sCGnZ1e4aYadS2eXVcwsa92j0oTLPG1f5DVw@mail.gmail.com>
References: <20120821072134.GA81486@cs.nctu.edu.tw>
	<CAAu8pHsy6WvzE1sCGnZ1e4aYadS2eXVcwsa92j0oTLPG1f5DVw@mail.gmail.com>
Date: Wed, 22 Aug 2012 16:06:09 +0400
Message-ID: <CAMo8BfLmtwDDOmw0U95zkpH-q7TFfez45WA0y6EagOnRmWVEUQ@mail.gmail.com>
From: Max Filippov <jcmvbkbc@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] Dump guest page table inside QEMU makes system hang
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Blue Swirl <blauwirbel@gmail.com>
Cc: qemu-devel@nongnu.org, =?UTF-8?B?6Zmz6Z+L5Lu7IChXZWktUmVuIENoZW4p?= <chenwj@iis.sinica.edu.tw>

On Tue, Aug 21, 2012 at 10:19 PM, Blue Swirl <blauwirbel@gmail.com> wrote:
> On Tue, Aug 21, 2012 at 7:21 AM, =E9=99=B3=E9=9F=8B=E4=BB=BB (Wei-Ren Che=
n)
> <chenwj@iis.sinica.edu.tw> wrote:
>> Hi all,
>>
>>   I want to dump guest page table when guest writes to cr3,
>> the code snipt below,
>>
>> ---
>> uint32_t pgd[1024][1024]; // guest page table
>> static void dump_guest_pgtable(target_ulong cr3)
>> {
>>     int i, j;
>>     uint32_t phyaddr =3D cr3;
>>     uint32_t val;
>>
>>     for (i =3D 0; i < NUM_ENTRY; ++i)
>>     {
>>         phyaddr +=3D i * 4;
>>         for (j =3D 0; j < NUM_ENTRY; ++j)
>>         {
>>             cpu_physical_memory_read(phyaddr, &val, 4);
>>             pgd[i][j] =3D val;
>>         }
>>     }
>> }
>>
>> void cpu_x86_update_cr3(CPUX86State *env, target_ulong new_cr3)
>> {
>>     env->cr[3] =3D new_cr3; // guest cr3
>>
>>     if (env->cr[0] & CR0_PG_MASK) {
>>         tlb_flush(env, 0);
>>
>>         // dump guest page table by using guest cr3
>>         dump_guest_pgtable(new_cr3);
>>     }
>> }
>> ---
>>
>>   The system will hang while booting. However, if I comment
>> cpu_physical_memory_read in function dump_guest_pgtable, there
>> is no problem. What I am missing here? Thanks.
>
> cpu_physical_memory_read() can cause faults or other side effects like
> MMIO. Using cpu_get_phys_page_debug() may help.
>

Maybe you just need to avoid accessing unsuitable physical addresses?
Or maybe 'if (env->cr[0] & CR0_PG_MASK)' is not strong enough, may
(CR0_PG_MASK | CR0_PE_MASK) be better?

At what stage does it hang? What CR3 value changes are observed before
the hang?

--=20
Thanks.
-- Max