Re: Res: [Qemu-devel] full dynamic instruction trace for MIPS target

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Res: [Qemu-devel] full dynamic instruction trace for MIPS target

From:	Vince Weaver
Subject:	Re: Res: [Qemu-devel] full dynamic instruction trace for MIPS target
Date:	Tue, 6 Apr 2010 22:33:57 -0400 (EDT)

On Tue, 6 Apr 2010, Boris Cámara wrote:

>The aproach you are using on 
>http://www.csl.cornell.edu/~vince/projects/qemu-trace/ to get the PC dump 
>is similar to mine but as you dont disable the TB caches It is not a full 
>execution trace. 

I can assure you that it does in fact work.

> You only dump the PC when they are compiled and inserted 
> on the TB cache.

no, look closer.  My code at instrumentation time inserts a helper-op 
after each instruction.  This is like a virtual instruction that lives in 
the TB and calls my counting function.  So each time the TB is re-executed 
the calls happen again, as they are part of the TB instruction stream.

> Did you get correct values for your counters in bbvs[bb] ?

yes.  And the resuts match valgrind, pin, and hardware performance 
counters.

Vince

________________________________
De: Vince Weaver <address@hidden>
Para: Boris Cámara <address@hidden>
Cc: address@hidden
Enviadas: Segunda-feira, 5 de Abril de 2010 22:41:52
Assunto: Re: [Qemu-devel] full dynamic instruction trace for MIPS target

> I think the correct way to get the full instruction trace on a MIPS 
> emulated processor is:

the way you describe is slow because you are constantly re-generating the 
TBs.  The best way to do this is to add your instrumentation to the TBs.

I have code that does that for a recent version of Qemu here:
  http://www.csl.cornell.edu/~vince/projects/qemusim/

although it outputs Basic-Block vectors, not a full memory trace like you 
want.  It has been validated to match proper instruction counts using 
hardware performnce counters though.

I also have code creating full instruction/memory traces for Qemu MIPS 
that can be found here:
  http://www.csl.cornell.edu/~vince/projects/qemu-trace/

but it's against Qemu from 2007 pre-dating the TCG changeover so of 
limited use probably.  I hvae some code somewhere that updated this to 
work with TCG but I don't know what happened to it.

Vince

____________________________________________________________________________________
Veja quais são os assuntos do momento no Yahoo! +Buscados
http://br.maisbuscados.yahoo.com

-- 
/*  Vince Weaver  address@hidden  http://csl.cornell.edu/~vince  */

main(){char O,o[66]="|\n\\/_  ",*I=o+7,l[]="B!FhhBHCWE9C?cJFKET$+h'Iq*chT"
,i=0,_;while(_=l[i++])for(O=0;O++<_>>5;)*I=*(I++-(_&31));*I=0;puts(o+5);}

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] full dynamic instruction trace for MIPS target, Boris Cámara, 2010/04/05
- Re: [Qemu-devel] full dynamic instruction trace for MIPS target, Richard Henderson, 2010/04/05
  - Res: [Qemu-devel] full dynamic instruction trace for MIPS target, Boris Cámara, 2010/04/05
- Re: [Qemu-devel] full dynamic instruction trace for MIPS target, Vince Weaver, 2010/04/05
  - Res: [Qemu-devel] full dynamic instruction trace for MIPS target, Boris Cámara, 2010/04/06
    - Re: Res: [Qemu-devel] full dynamic instruction trace for MIPS target, Vince Weaver <=
    - Res: Res: [Qemu-devel] full dynamic instruction trace for MIPS target, Boris Cámara, 2010/04/07

Prev by Date: Re: [Qemu-devel] [PATCH 6/9] eepro100: Support compilation without EEPROM
Next by Date: [Qemu-devel] [RFC PATCH 0/7] QEMU patches to generate FDT from qdevs
Previous by thread: Res: [Qemu-devel] full dynamic instruction trace for MIPS target
Next by thread: Res: Res: [Qemu-devel] full dynamic instruction trace for MIPS target
Index(es):
- Date
- Thread