From: Mikhail Tyutin <m.tyutin@yadro.com>
To: "Alex Bennée" <alex.bennee@linaro.org>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
Richard Henderson <richard.henderson@linaro.org>,
"erdnaxe@crans.org" <erdnaxe@crans.org>,
"ma.mandourr@gmail.com" <ma.mandourr@gmail.com>
Subject: RE: Instruction virtual address in TCG Plugins
Date: Wed, 22 Nov 2023 12:28:40 +0000 [thread overview]
Message-ID: <882447aa33ba409cb3da47c61ddba9a2@yadro.com> (raw)
In-Reply-To: <878r6rf28r.fsf@draig.linaro.org>
> > 1. Memory IO operations force TCG to create special translation blocks to
> > process that memory load/store operation. The plugin gets notification for
> > this translation block as well, but instrumentation callbacks other than
> > memory ones are silently ignored. To make it correct, the plugin has to match
> > instruction execution callback from previous TB to memory callback from that
> > special TB. The fix was to expose internal ‘memOnly’ TB flag to the plugin to
> > handle such TBs differently.
>
> Are you talking about the CF_MEMI_ONLY compile flag? We added this to
> avoid double counting executed instructions. Has there been a clash with
> the other changes to always cpu_recompile_io? This was a change added to
> fix: https://gitlab.com/qemu-project/qemu/-/issues/1866
Yes, that's it. qemu_plugin_tb structure has 'mem_only' field for those block.
I only added API to read this flag by a plugin.
> > 2. Another problem is related to interrupts handling. Since we can insert pre-
> > callback on instructions only, the plugin is not aware if instruction is
> > actually executed or interrupted by an interrupt or exception. In fact, it
> > mistakenly interprets all interrupted instructions as executed. Adding API
> > to receive interrupt notification and appropriate handling of it fixes
> > the problem.
>
> We don't process any interrupts until the start of each block so no
> asynchronous IRQs should interrupt execution. However it is possible
> that any given instruction could generate a synchronous exception so if
> you need a precise count of execution you need to instrument every
> single instruction. With enough knowledge the plugin could avoid
> instrumenting stuff that will never fault but that relies on baking
> additional knowledge into the plugin.
>
> Generally its only memory operations that can fault (although I guess
> FPU and some more esoteric integer ops can).
That matches my observation. I do see interrupts either on TB boundary
(e.g. timers) or memory load instructions.
prev parent reply other threads:[~2023-11-22 12:29 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-13 18:33 Instruction virtual address in TCG Plugins Mikhail Tyutin
2023-11-13 20:58 ` Alex Bennée
2023-11-14 9:14 ` Mikhail Tyutin
2023-11-14 10:57 ` Alex Bennée
2023-11-21 16:39 ` Mikhail Tyutin
2023-11-21 17:24 ` Alex Bennée
2023-11-22 12:28 ` Mikhail Tyutin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=882447aa33ba409cb3da47c61ddba9a2@yadro.com \
--to=m.tyutin@yadro.com \
--cc=alex.bennee@linaro.org \
--cc=erdnaxe@crans.org \
--cc=ma.mandourr@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.