From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MGCCp-0007CS-OZ
	for qemu-devel@nongnu.org; Mon, 15 Jun 2009 09:26:35 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MGCCo-0007Br-IE
	for qemu-devel@nongnu.org; Mon, 15 Jun 2009 09:26:34 -0400
Received: from [199.232.76.173] (port=50139 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MGCCo-0007Bc-BC
	for qemu-devel@nongnu.org; Mon, 15 Jun 2009 09:26:34 -0400
Received: from fg-out-1718.google.com ([72.14.220.157]:5438)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <laurent.desnogues@gmail.com>) id 1MGCCn-00041B-N6
	for qemu-devel@nongnu.org; Mon, 15 Jun 2009 09:26:34 -0400
Received: by fg-out-1718.google.com with SMTP id l27so438698fgb.8
	for <qemu-devel@nongnu.org>; Mon, 15 Jun 2009 06:26:30 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <1244804168.7242.186.camel@dis>
References: <1244804168.7242.186.camel@dis>
Date: Mon, 15 Jun 2009 15:26:30 +0200
Message-ID: <761ea48b0906150626if3c3dc5kc000b0d6ab8bcc6d@mail.gmail.com>
Subject: Re: [Qemu-devel] [PATCH] Instruction counting instrumentation for
	ARM, 2nd version
From: Laurent Desnogues <laurent.desnogues@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Sami Kiminki <sami.kiminki@tkk.fi>
Cc: qemu-devel@nongnu.org

On Fri, Jun 12, 2009 at 12:56 PM, Sami Kiminki<sami.kiminki@tkk.fi> wrote:
[...]
>
> There are also other ways to implement instruction counting (see
> responses to our previous patch [1]). As to our approach, I believe this
> is the cleanest way to implement this specific instrumentation. However,
> from the general point of view, I'm not so sure. I'd like to ask for
> more comments and options.

Apart from the fact your patch doesn't contain instrumentation.[ch]
it is bogus in several places and shows why I think the approach
is probably not the best.

E.g.:

@@ -6300,6 +6809,7 @@ static void disas_arm_insn(CPUState * en
                         if (insn & (1 << 20)) {
                             gen_helper_mark_exclusive(cpu_env, cpu_T[1]);
                             switch (op1) {
+                            instr_count_inc(ARM_INSTRUCTION_LDREX);
                             case 0: /* ldrex */
                                 tmp = gen_ld32(addr, IS_USER(s));
                                 break;

This is misplaced.

-            if (op1 & 2)
+            if (op1 & 2) {
                 gen_helper_double_saturate(tmp2, tmp2);
-            if (op1 & 1)
+                if (op1 & 1) instr_count_inc(ARM_INSTRUCTION_QDSUB);
+                else instr_count_inc(ARM_INSTRUCTION_QDADD);
+            }
+            if (op1 & 1) {
                 gen_helper_sub_saturate(tmp, tmp, tmp2);
-            else
+                instr_count_inc(ARM_INSTRUCTION_QSUB);
+            }
+            else {
                 gen_helper_add_saturate(tmp, tmp, tmp2);
+                instr_count_inc(ARM_INSTRUCTION_QADD);
+            }

Here your two last instr_count_inc will overwrite the first two ones.
So you don't distinguish between QDADD/QDSUB and
QADD/QSUB.

I also would like to see a more general instrumentation framework
but your approach is too intrusive and so it's too easy to introduce
hard to detect bugs.

Cheers,

Laurent