From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57006)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <peter.maydell@linaro.org>) id 1Vd2s1-0005x1-Sd
	for qemu-devel@nongnu.org; Sun, 03 Nov 2013 13:58:03 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <peter.maydell@linaro.org>) id 1Vd2rv-0001sa-U9
	for qemu-devel@nongnu.org; Sun, 03 Nov 2013 13:57:57 -0500
Received: from mail-lb0-f173.google.com ([209.85.217.173]:51241)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <peter.maydell@linaro.org>) id 1Vd2rv-0001sR-Mh
	for qemu-devel@nongnu.org; Sun, 03 Nov 2013 13:57:51 -0500
Received: by mail-lb0-f173.google.com with SMTP id w7so4813356lbi.18
	for <qemu-devel@nongnu.org>; Sun, 03 Nov 2013 10:57:50 -0800 (PST)
MIME-Version: 1.0
In-Reply-To: <CA+JLOisH8HuNfTfddxomEa4Wg5ioiRELZY8zR7BL-qpfRaC7qw@mail.gmail.com>
References: <CA+JLOisH8HuNfTfddxomEa4Wg5ioiRELZY8zR7BL-qpfRaC7qw@mail.gmail.com>
From: Peter Maydell <peter.maydell@linaro.org>
Date: Sun, 3 Nov 2013 18:57:30 +0000
Message-ID: <CAFEAcA-DZ9TGzkf9YoZuvrHVqA7eu4aNj4omHjfdUXwTFRq7Hw@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [Qemu-devel] Trace ARM PC
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Xin Tong <trent.tong@gmail.com>
Cc: QEMU Developers <qemu-devel@nongnu.org>

On 3 November 2013 10:31, Xin Tong <trent.tong@gmail.com> wrote:
> I would like to trace all the executed instruction PC in QEMU ARM. Because
> ARM has conditional execution, we do not know whether an instruction will
> execute or not at translation time.

This is a rather odd way to look at conditional execution. It's better
to think of it as "the instruction executes but may execute as a NOP".
(In particular, it's architecturally valid for an instruction which fails
its condition check to take an UNDEF exception, though QEMU
chooses not to do this.)

> Therefore the PC tracing code can not be
> generated before the instruction is disassembled. (i.e. before
> disas_thumb_insn/disas_arm_insn ). Then, is it correct to generate the PC
> tracing code after the disas_XXX_insn  functions are called ? I can keep the
> old value of the PC before the PC in the disassemble context is updated by
> the disas_XXX_insn.

The more usual way to trace this kind of thing if you care about
ccpass/ccfail status would be to always trace the PC of the
instruction about to be executed, and then also trace ccpass/ccfail
indications when the instruction is conditional.

-- PMM