On 25/02/16 18:56, Igor R wrote: > If I understand correctly, the most advanced MMU that QEMU emulates > for MIPS is "R4000-style" MMU - i.e. a "software-managed" TLB, where > on TLB miss QEMU just emulates exception that should be handled by the > guest OS. So, QEMU doesn't walk through the page directory, like it > does when emulating e.g. x86.
Yes, most of QEMU MIPS CPUs support R4000-style MMU. MIPS Hardware Table Walker was introduced in release 5 of MIPS Architecture, and implemented in P5600. However, HTW isn't present in QEMU yet. > While this approach works for the guest code, it results in inability > to read guest virtual memory "externally" - from within a monitor > command, for debugging purposes etc. That is, cpu_memory_rw_debug() > doesn't work reliably for mapped segments - it fails because of TLB > miss, but no one tries to fill the TLB. Indeed, given virtual address (belonging to mapped segments like kseg2) without mapping is quite useless without involving guest's TLB-miss handler. > If all the above correct, is there any work-around that can be used to > read the guest memory in qemu-system-mips? QEMU monitor provides also physical memory dump but obviously you need to know the physical address. Otherwise - if you want to use virtual address from mapped segment - you need to read the memory while there's valid TLB entry. Leon > > Thanks. >
