* [Qemu-devel] Trace ARM PC
@ 2013-11-03 10:31 Xin Tong
2013-11-03 18:57 ` Peter Maydell
0 siblings, 1 reply; 2+ messages in thread
From: Xin Tong @ 2013-11-03 10:31 UTC (permalink / raw)
To: qemu-devel
[-- Attachment #1: Type: text/plain, Size: 750 bytes --]
Hi.
I would like to trace all the executed instruction PC in QEMU ARM. Because
ARM has conditional execution, we do not know whether an instruction will
execute or not at translation time. Therefore the PC tracing code can not
be generated before the instruction is disassembled. (i.e. before
disas_thumb_insn/disas_arm_insn ). Then, is it correct to generate the PC
tracing code after the disas_XXX_insn functions are called ? I can keep
the old value of the PC before the PC in the disassemble context is updated
by the disas_XXX_insn.
I think this would work for normal instructions, but probably not for
branches, so the PC tracing has to be done before the branch in the
disas_XXX_insn functions ? can anyone please confirm ?
Thank you,
Xin
[-- Attachment #2: Type: text/html, Size: 1465 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [Qemu-devel] Trace ARM PC
2013-11-03 10:31 [Qemu-devel] Trace ARM PC Xin Tong
@ 2013-11-03 18:57 ` Peter Maydell
0 siblings, 0 replies; 2+ messages in thread
From: Peter Maydell @ 2013-11-03 18:57 UTC (permalink / raw)
To: Xin Tong; +Cc: QEMU Developers
On 3 November 2013 10:31, Xin Tong <trent.tong@gmail.com> wrote:
> I would like to trace all the executed instruction PC in QEMU ARM. Because
> ARM has conditional execution, we do not know whether an instruction will
> execute or not at translation time.
This is a rather odd way to look at conditional execution. It's better
to think of it as "the instruction executes but may execute as a NOP".
(In particular, it's architecturally valid for an instruction which fails
its condition check to take an UNDEF exception, though QEMU
chooses not to do this.)
> Therefore the PC tracing code can not be
> generated before the instruction is disassembled. (i.e. before
> disas_thumb_insn/disas_arm_insn ). Then, is it correct to generate the PC
> tracing code after the disas_XXX_insn functions are called ? I can keep the
> old value of the PC before the PC in the disassemble context is updated by
> the disas_XXX_insn.
The more usual way to trace this kind of thing if you care about
ccpass/ccfail status would be to always trace the PC of the
instruction about to be executed, and then also trace ccpass/ccfail
indications when the instruction is conditional.
-- PMM
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-11-03 18:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-11-03 10:31 [Qemu-devel] Trace ARM PC Xin Tong
2013-11-03 18:57 ` Peter Maydell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).