From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:53130) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZL6dB-0001S9-Ce for qemu-devel@nongnu.org; Fri, 31 Jul 2015 05:29:34 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZL6d9-0003db-WB for qemu-devel@nongnu.org; Fri, 31 Jul 2015 05:29:33 -0400 Received: from mail-io0-x230.google.com ([2607:f8b0:4001:c06::230]:34035) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZL6d9-0003dW-Q2 for qemu-devel@nongnu.org; Fri, 31 Jul 2015 05:29:31 -0400 Received: by ioea135 with SMTP id a135so79772611ioe.1 for ; Fri, 31 Jul 2015 02:29:31 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <878u9xhel1.fsf@linaro.org> References: <878u9xhel1.fsf@linaro.org> From: Naman patel Date: Fri, 31 Jul 2015 14:59:10 +0530 Message-ID: Content-Type: multipart/alternative; boundary=001a1141f392f7fefc051c2874e4 Subject: Re: [Qemu-devel] Call Trace for QEMU functions List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: =?UTF-8?B?QWxleCBCZW5uw6ll?= , peter.maydell@linaro.org Cc: qemu-devel@nongnu.org --001a1141f392f7fefc051c2874e4 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable =E2=80=8BThanks Alex and Peter for this useful information. Looks like the = stack information is not available for this functions in QEMU 2.0. Can someone explain me what happens when a guest OS calls "invlpg" on say page swap out or a context switch? What exactly is the call flow and how QEMU handles this instruction? Also is there anyway QEMU can send some data back to the guest OS? P.S. : Sorry if my questions look like generic queries but I am kinda of stuck here. On Thu, Jul 30, 2015 at 8:34 PM, Alex Benn=C3=A9e = wrote: > > Peter Maydell writes: > > > On 30 July 2015 at 13:20, Naman patel wrote: > >> Hi, > >> > >> I have compiled QEMU (2.0) for x86_64 on Fedora 22 with tracing > enabled > >> and the tracing option I chose was dtrace. I have this script called > >> callTrace.stp in which I try and get the Call Trace of the function > >> helper_invlpg and later tlb_flush. But I am not able to get the > function > >> name of the caller function and the call trace depth is only limited t= o > 2. > > > > The helper_invlpg function is called directly from code generated > > by QEMU's built-in JIT, not from any other C function. > > > > If you use a newer version of QEMU than 2.0 then I think we have > > fixed some of the stack frame information up so that you can > > get a backtrace that looks like: > > * helper function > > * [generated code] > > * QEMU execution loop code that handles executing guest code > > * other QEMU functions > > > > This is not likely to be very useful for profiling why or when > > we're calling a particular helper function, though. > > With the perf JIT patch you can get a better handle on the profile. I'll > see if I can re-spin them tomorrow for the latest tree. > > > > > thanks > > -- PMM > > -- > Alex Benn=C3=A9e > --001a1141f392f7fefc051c2874e4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
=E2=80=8BThanks Alex and Peter for this useful = information. Looks like the stack information is not available for this fun= ctions in QEMU 2.0.

Can someone explai= n me what happens when a guest OS calls "invlpg= " on say page swap out or a context switch? What exactly is the call f= low and how QEMU handles this instruction? Also is there anyway QEMU can se= nd some data back to the guest OS?=C2=A0

P.S. : Sorry if my questions look like generic queries but I am kinda of = stuck here.=C2=A0

On Thu, Jul 30, 2015 at 8:34 PM, Alex Benn=C3=A9e <alex.bennee@linaro.org> wrote:

Peter Maydell <peter.maydell@linaro.org> writes:

> On 30 July 2015 at 13:20, Naman patel <naman321@gmail.com> wrote:
>> Hi,
>>
>>=C2=A0 =C2=A0 =C2=A0 I have compiled QEMU (2.0) for x86_64 on Fedor= a 22 with tracing enabled
>> and the tracing option I chose was dtrace. I have this script call= ed
>> callTrace.stp in which I try and get the Call Trace of the functio= n
>> helper_invlpg and later tlb_flush.=C2=A0 But I am not able to get = the function
>> name of the caller function and the call trace depth is only limit= ed to 2.
>
> The helper_invlpg function is called directly from code generated
> by QEMU's built-in JIT, not from any other C function.
>
> If you use a newer version of QEMU than 2.0 then I think we have
> fixed some of the stack frame information up so that you can
> get a backtrace that looks like:
>=C2=A0 * helper function
>=C2=A0 * [generated code]
>=C2=A0 * QEMU execution loop code that handles executing guest code
>=C2=A0 * other QEMU functions
>
> This is not likely to be very useful for profiling why or when
> we're calling a particular helper function, though.

With the perf JIT patch you can get a better handle on the profile. = I'll
see if I can re-spin them tomorrow for the latest tree.

>
> thanks
> -- PMM

--
Alex Benn=C3=A9e

--001a1141f392f7fefc051c2874e4--