From patchwork Fri Aug 17 06:38:21 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Max Filippov <jcmvbkbc@gmail.com>
X-Patchwork-Id: 178144
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 2E4972C0096
	for <incoming@patchwork.ozlabs.org>;
	Fri, 17 Aug 2012 16:38:32 +1000 (EST)
Received: from localhost ([::1]:58033 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>)
	id 1T2GCU-0004hf-RA
	for incoming@patchwork.ozlabs.org; Fri, 17 Aug 2012 02:38:30 -0400
Received: from eggs.gnu.org ([208.118.235.92]:43270)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jcmvbkbc@gmail.com>) id 1T2GCN-0004hP-Qg
	for qemu-devel@nongnu.org; Fri, 17 Aug 2012 02:38:24 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jcmvbkbc@gmail.com>) id 1T2GCM-0001DD-Nt
	for qemu-devel@nongnu.org; Fri, 17 Aug 2012 02:38:23 -0400
Received: from mail-ob0-f173.google.com ([209.85.214.173]:52623)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jcmvbkbc@gmail.com>) id 1T2GCM-0001D0-En
	for qemu-devel@nongnu.org; Fri, 17 Aug 2012 02:38:22 -0400
Received: by obbta14 with SMTP id ta14so4575639obb.4
	for <qemu-devel@nongnu.org>; Thu, 16 Aug 2012 23:38:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	bh=etxm0lT8J91C5E1ZJreWelut1A0UgOZhNuOE0gUMh1o=;
	b=nVuY+IclO6aoAHNhGYe4dOd4VknsFDTAWojJEN5wTNtTjyCsNtVVTFUYFYC0E+QCwR
	pUo8XbbXmBwNzX8H3W9MCGNLZ2AUYGtxmYDsMrhxoTXBWlVF+i3Yu6yW4U6bjvCylMoD
	LvVW1ZPfONDCMUIXYlOaV8KSR4an9BfhI67usNCb6sjMKZc0sWp+YXITvNEoDPMi4XOr
	Q+gb5YEF1F39hE8Ibx1SveUFPaC8x2sW35+6crygWRVo4VUdH5UYNqtNhNIgxed7mxKm
	i8j5YcNlNE+tFWuBuuqNex3EEJqbpNGKVkRmXy74X8OK9Z/3sZWaS9bvBapAzVi+DvuJ
	zerA==
MIME-Version: 1.0
Received: by 10.60.31.165 with SMTP id b5mr3013469oei.58.1345185501690; Thu,
	16 Aug 2012 23:38:21 -0700 (PDT)
Received: by 10.182.50.102 with HTTP; Thu, 16 Aug 2012 23:38:21 -0700 (PDT)
In-Reply-To: 
 <CAMTrTqWy2BORJ8p+56bRLcqCyGcMo=cGcNsVpte=LHraF=aVRw@mail.gmail.com>
References: 
 <CAMTrTqV71Ki4aVWnKaZHuk=HV95ToPmRsOrTVHTGi1kQf2RrVQ@mail.gmail.com>
	<20120816080243.GA33123@cs.nctu.edu.tw>
	<CAMTrTqWDte0NRerLdb4KFL7hg4zRwMXXJz+b3=aH23ixT5rNQQ@mail.gmail.com>
	<CAMo8Bf+BPuhyr4OtDGqfXcxpjFo-VnCn0qrmGo0Rob4980q+Jw@mail.gmail.com>
	<CAMTrTqXYeLyGdUsarxBEB03e1_WHgAn-40emJ0cz5sLWv6YT0A@mail.gmail.com>
	<CAMo8BfKdncPBxHdjFFVZaBTXDZFTy7wVODJvJreWHOnbu7E=_A@mail.gmail.com>
	<CAMo8BfKMa1aJtFciuyywH9dyW-79=1kpfmT3ORW0ym134K0p7Q@mail.gmail.com>
	<CAMTrTqWY1ZN8U0pcpEC=1bNW45v-sV1mskZ5+xF5Yo_gsjySKg@mail.gmail.com>
	<CAMo8BfLPgCbfRnHCfJpTvgeEie0nhSf5TiCX+xi9Y+LpM-FuZg@mail.gmail.com>
	<CAMo8Bf+xZF41UYs=LUHs_ufqOHwJ6utrj7KTjLcKY5Eje6eDVA@mail.gmail.com>
	<CAMTrTqWy2BORJ8p+56bRLcqCyGcMo=cGcNsVpte=LHraF=aVRw@mail.gmail.com>
Date: Fri, 17 Aug 2012 10:38:21 +0400
Message-ID: 
 <CAMo8BfKqtNUvXE6AGy-jaMGJ_n9iR=1N_5PovHt-Wcq8rLP23g@mail.gmail.com>
From: Max Filippov <jcmvbkbc@gmail.com>
To: Steven <wangwangkang@gmail.com>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 209.85.214.173
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] qemu log function to print out the registers of
	the guest
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

On Fri, Aug 17, 2012 at 9:38 AM, Steven <wangwangkang@gmail.com> wrote:
> Hi, Max,
> I appreciate your help and got some results using your patch. But I
> still have two questions as blow.
>
>>> I see that with the following patch
>>>
>>> diff --git a/softmmu_template.h b/softmmu_template.h
>>> index b8bd700..2d02133 100644
>>> --- a/softmmu_template.h
>>> +++ b/softmmu_template.h
>>> @@ -114,6 +114,7 @@ glue(glue(glue(HELPER_PREFIX, ld), SUFFIX),
>>> MMUSUFFIX)(ENV_PARAM
>>>      target_phys_addr_t ioaddr;
>>>      uintptr_t retaddr;
>>>
>>> +    fprintf(stderr, "%s: %08x\n", __func__, addr);
>>>      /* test if there is match for unaligned or IO access */
>>>      /* XXX: could done more in memory macro in a non portable way */
>>>      index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
>>>
>>> I get some memory accesses logged, but not all. That's due to fast
>>> path in tcg_out_qemu_ld
>>> in case there's TLB hit. I guess you can play with tcg_out_qemu_ld and
>>> make it produce a call
>>> to a helper function, like qemu_ld_helpers, that will print addresses
>>> for all memory access
>>> attempts.
>>
>> Easier solution would be to disable fast path and always go through
>> softmmu helpers, like this (specific for x86 host):
>>
>> diff --git a/softmmu_template.h b/softmmu_template.h
>> index b8bd700..2d02133 100644
>> --- a/softmmu_template.h
>> +++ b/softmmu_template.h
>> @@ -114,6 +114,7 @@ glue(glue(glue(HELPER_PREFIX, ld), SUFFIX),
>> MMUSUFFIX)(ENV_PARAM
>>      target_phys_addr_t ioaddr;
>>      uintptr_t retaddr;
>>
>> +    fprintf(stderr, "%s: %08x\n", __func__, addr);
>>      /* test if there is match for unaligned or IO access */
>>      /* XXX: could done more in memory macro in a non portable way */
>>      index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
>> diff --git a/tcg/i386/tcg-target.c b/tcg/i386/tcg-target.c
>> index da17bba..ec68c19 100644
>> --- a/tcg/i386/tcg-target.c
>> +++ b/tcg/i386/tcg-target.c
>> @@ -1062,7 +1062,7 @@ static inline void tcg_out_tlb_load(TCGContext
>> *s, int addrlo_idx,
>>      tcg_out_mov(s, type, r0, addrlo);
>>
>>      /* jne label1 */
>> -    tcg_out8(s, OPC_JCC_short + JCC_JNE);
>> +    tcg_out8(s, OPC_JMP_short);
>>      label_ptr[0] = s->code_ptr;
>>      s->code_ptr++;
>>
>
> IN:
> 0x00000000c13e3a33:  mov    0x8(%ebp),%ebx (guest code in the tb)
> __ldl_mmu: c13a9fdc
>
> So 0xc13a9fdc is the guest virtual memory address of 0x8(%ebp). Is this correct?

Right.

> IN:
> 0x00000000c13e3a36:  mov    %eax,-0x10(%ebp)
> However, for this instruction, no ldl_mmu is logged.
> Does that mean the patch you provided does not cover this case?

Yes, this is not 'ld', it is 'st'; to see it too I guess you need this:

     index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
@@ -263,6 +264,7 @@ void glue(glue(glue(HELPER_PREFIX, st), SUFFIX),
MMUSUFFIX)(ENV_PARAM
     uintptr_t retaddr;
     int index;

+    fprintf(stderr, "%s: %08x\n", __func__, addr);
     index = (addr >> TARGET_PAGE_BITS) & (CPU_TLB_SIZE - 1);
  redo:
     tlb_addr = env->tlb_table[mmu_idx][index].addr_write;

diff --git a/softmmu_template.h b/softmmu_template.h
index b8bd700..b2ae078 100644
--- a/softmmu_template.h
+++ b/softmmu_template.h
@@ -114,6 +114,7 @@ glue(glue(glue(HELPER_PREFIX, ld), SUFFIX),
MMUSUFFIX)(ENV_PARAM
     target_phys_addr_t ioaddr;
     uintptr_t retaddr;

+    fprintf(stderr, "%s: %08x\n", __func__, addr);
     /* test if there is match for unaligned or IO access */
     /* XXX: could done more in memory macro in a non portable way */