From patchwork Fri Jun 28 11:39:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Luc Michel X-Patchwork-Id: 1124235 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=greensocs.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; secure) header.d=greensocs.com header.i=@greensocs.com header.b="ZCxwxyDu"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45Zyhf39NDz9s3l for ; Fri, 28 Jun 2019 23:45:52 +1000 (AEST) Received: from localhost ([::1]:60106 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hgrCI-0001AV-3L for incoming@patchwork.ozlabs.org; Fri, 28 Jun 2019 09:45:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46050) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hgqRg-0008C4-9J for qemu-devel@nongnu.org; Fri, 28 Jun 2019 08:57:42 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hgqRe-0000a6-Cz for qemu-devel@nongnu.org; Fri, 28 Jun 2019 08:57:40 -0400 Received: from beetle.greensocs.com ([5.135.226.135]:37386) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hgqRb-0000Vs-F6 for qemu-devel@nongnu.org; Fri, 28 Jun 2019 08:57:36 -0400 Received: from michell-laptop.bar.greensocs.com (tiramisu.bar.greensocs.com [172.16.11.100]) by beetle.greensocs.com (Postfix) with ESMTPS id 4458996F50; Fri, 28 Jun 2019 11:39:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=greensocs.com; s=mail; t=1561721966; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=vGJglh702cl6FmRisJGywG+JklkMnabza5AspO4T1mg=; b=ZCxwxyDuFpRcpgO5pMImOmPGRT3u+rAJ9LmfFhxpvp4GUwwWB5ZOolyY1tsfOwaqMo8/wI 7VyovHbgAUMbHtB7mH+2ZYF2hJylKYNS3YV3Q+CrYReGJVBhmRrEiaI9M5Z31J4xNPxxpQ BKuXjadrUBwfeBXZZtcaFlxe6YDnYIc= From: Luc Michel To: qemu-devel@nongnu.org Date: Fri, 28 Jun 2019 13:39:17 +0200 Message-Id: <20190628113917.15869-1-luc.michel@greensocs.com> X-Mailer: git-send-email 2.22.0 MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=greensocs.com; s=mail; t=1561721966; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=vGJglh702cl6FmRisJGywG+JklkMnabza5AspO4T1mg=; b=Cbh/iJS1Ogf1gxxRQ5t8tWL/C5cwTLZVxXKa80/sDFPtCnmc9aQKts3zjxL4izs+v0a83F ckphuYV7eMebR7nE7vBalo95vNqzAr8p95VMEJ7eu71nxPY2eVEKJjikiCUvh5UYaw2jzN 4gz0mpec8ia9Th4HqhKrVjYSjKsERKs= ARC-Seal: i=1; s=mail; d=greensocs.com; t=1561721966; a=rsa-sha256; cv=none; b=Tf4yhS/UERwQVKapa5GJ8PaC5CGCN6JNUAPUq8bSzpHDeXWdyXqxhaLLihEk0pjOZzfu6K KalHXXpjpmg+T6/9t26au9t7kYdz1w+JDNVctusLgKo6Tc7BOlM1bMQdieU3W2UAQK2gMp mH0Qa7tKPa3GWoVjHOZtgYBA0EydXoQ= ARC-Authentication-Results: i=1; beetle.greensocs.com; none X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 5.135.226.135 Subject: [Qemu-devel] [RFC PATCH] accel/tcg/translator: add tb_enter TCG trace X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: damien.hedde@greensocs.com, mark.burton@greensocs.com, sakisp@xilinx.com, edgari@xilinx.com, Paolo Bonzini , Luc Michel , Richard Henderson Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" Add a TCG trace at the begining of a translation block recording the first and last (past-the-end) PC values. Signed-off-by: Luc Michel --- This can be used to trace the execution of the guest quite efficiently. It will report each time a TB is entered (using the tb_enter_exec trace). The traces arguments give the PC start and past-the-end values. It has very little to no performance impact since the trace is actually emitted in the generated code only when it is enabled at run time. It works already quite well on its own to trace guest execution. However it does not handle the case where a TB is exited in the middle of execution. I'm not sure how to properly trace that. A trace could be added when `cpu_loop_exit()' is called to report the current PC, but in most cases the interesting value (the PC of the instruction that caused the exit) is already lost at this stage. I'm not sure there is a generic (i.e. not target specific) way of recovering the last PC executed when cpu_loop_exit() is called. Do you think of a better way? Thanks to the Xilinx's QEMU team who sponsored this work. --- accel/tcg/translator.c | 24 ++++++++++++++++++++++++ trace-events | 3 +++ 2 files changed, 27 insertions(+) diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c index 9226a348a3..c55377aa18 100644 --- a/accel/tcg/translator.c +++ b/accel/tcg/translator.c @@ -14,10 +14,11 @@ #include "tcg/tcg-op.h" #include "exec/exec-all.h" #include "exec/gen-icount.h" #include "exec/log.h" #include "exec/translator.h" +#include "trace-tcg.h" /* Pairs with tcg_clear_temp_count. To be called by #TranslatorOps.{translate_insn,tb_stop} if (1) the target is sufficiently clean to support reporting, (2) as and when all temporaries are known to be consumed. @@ -28,14 +29,31 @@ void translator_loop_temp_check(DisasContextBase *db) qemu_log("warning: TCG temporary leaks before " TARGET_FMT_lx "\n", db->pc_next); } } +static TCGOp *gen_trace_tb_enter(TranslationBlock *tb) +{ + TCGOp *last_pc_op; + + TCGv pc_end = tcg_temp_new(); + + /* The last PC value is not known yet */ + tcg_gen_movi_tl(pc_end, 0xdeadbeef); + last_pc_op = tcg_last_op(); + + trace_tb_enter_tcg(tcg_ctx->cpu, cpu_env, tb->pc, pc_end); + tcg_temp_free(pc_end); + + return last_pc_op; +} + void translator_loop(const TranslatorOps *ops, DisasContextBase *db, CPUState *cpu, TranslationBlock *tb, int max_insns) { int bp_insn = 0; + TCGOp *trace_pc_end; /* Initialize DisasContext */ db->tb = tb; db->pc_first = tb->pc; db->pc_next = db->pc_first; @@ -50,10 +68,13 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db, /* Reset the temp count so that we can identify leaks */ tcg_clear_temp_count(); /* Start translating. */ gen_tb_start(db->tb); + + trace_pc_end = gen_trace_tb_enter(tb); + ops->tb_start(db, cpu); tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */ while (true) { db->num_insns++; @@ -110,10 +131,13 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db, /* Emit code to exit the TB, as indicated by db->is_jmp. */ ops->tb_stop(db, cpu); gen_tb_end(db->tb, db->num_insns - bp_insn); + /* Fixup the last PC value in the tb_enter trace now that we know it */ + tcg_set_insn_param(trace_pc_end, 1, db->pc_next); + /* The disas_log hook may use these values rather than recompute. */ db->tb->size = db->pc_next - db->pc_first; db->tb->icount = db->num_insns; #ifdef DEBUG_DISAS diff --git a/trace-events b/trace-events index aeea3c2bdb..e37fa12ef0 100644 --- a/trace-events +++ b/trace-events @@ -157,10 +157,13 @@ vcpu guest_cpu_reset(void) # # Mode: user, softmmu # Targets: TCG(all) vcpu tcg guest_mem_before(TCGv vaddr, uint8_t info) "info=%d", "vaddr=0x%016"PRIx64" info=%d" +# translator.c +vcpu tcg tb_enter(uint64_t pc_start, TCGv pc_end) "pc_start:0x%"PRIx64, "pc:0x%"PRIx64" pc_end:0x%"PRIx64 + # linux-user/syscall.c # bsd-user/syscall.c # @num: System call number. # @arg*: System call argument value.