From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44938) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VuwSW-0007fv-LP for qemu-devel@nongnu.org; Sun, 22 Dec 2013 22:45:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VuwSN-0003cL-48 for qemu-devel@nongnu.org; Sun, 22 Dec 2013 22:45:36 -0500 Received: from mail-we0-f173.google.com ([74.125.82.173]:61047) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VuwSM-0003c4-PD for qemu-devel@nongnu.org; Sun, 22 Dec 2013 22:45:27 -0500 Received: by mail-we0-f173.google.com with SMTP id u57so4433786wes.4 for ; Sun, 22 Dec 2013 19:45:25 -0800 (PST) MIME-Version: 1.0 Date: Sun, 22 Dec 2013 21:45:25 -0600 Message-ID: From: Lauren E Guckert Content-Type: multipart/alternative; boundary=001a11c2195a48a0b804ee2b7573 Subject: [Qemu-devel] Guest Code Instruction Trace List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org --001a11c2195a48a0b804ee2b7573 Content-Type: text/plain; charset=ISO-8859-1 Hi All, I am relatively new to QEMU. I am using the latest version from git and I am trying to add the necessary code to QEMU to perform a dynamic instruction trace of guest code. My basic approach is to add a op call to a function I have created with the parameters PC and opcode into the disassmebly for each instruction. When this function is subsequently called at the beginning of each instruction's execution it should accept these two parameters and simply printf them right now. I am doing this inside of translate.c in the disas_insn function. When i do not pass any parameters to the output function and just simply print a message, everything executes fine. However, If i attempt to add parameters I get a segfault. Specifically, it happens inside of tcg_optimize with the following error: Program received signal SIGSEGV, Segmentation fault. 0x0000555555657aea in tcg_constant_folding (tcg_op_defs=0x5555558e0f80, args=0x5555578f2110, tcg_opc_ptr=, s=0x5555578ea980) at /home/lguckert/qemu/tcg/optimize.c:541 541 if (temps[args[i]].state == TCG_TEMP_COPY) { where i is 1 (the first parameter I pass) and args[i] is the pc value. My first question is why its using the parameter value as an index into temps. It must be something I'm misunderstanding about parameter passing. any help would be greatly appreciated. Here is the code modifications I have made (NOTE i have tried many variations on the sizemask, parameter types, parameter vals, etc. to no avail). IN TRANSLATE.C: DISAS_INSN FUNCTION: ++ TCGv t0 = tcg_temp_new(); ++ TCGv t1 = tcg_temp_new(); ++ t0= pc_start; t1 = b; ++ tcg_gen_helper_fast_trace(t0,t1); /* now check op code */ reswitch: switch(b) { case 0x0f: IN TCG/TCG-OP.H ADDED (here if I pass 0 args, it executes fine and prints dummy message correct number of times): static inline void tcg_gen_helper_fast_trace(target_ulong pc,int op) { int sizemask = 0; TCGArg args[2]; #ifdef TARGET_X86_64 sizemask |= tcg_gen_sizemask(0,0,0); sizemask |= tcg_gen_sizemask(1,1,0); sizemask |= tcg_gen_sizemask(2,1,0); args[0] = GET_TCGV_I64(pc); args[1] = GET_TCGV_I64(op); tcg_gen_helperN(tcg_helper_fast_trace64, 0, sizemask, ((TCGArg)(-1)),2 , args); #else sizemask |= tcg_gen_sizemask(0,0,0); sizemask |= tcg_gen_sizemask(1,0,0); sizemask |= tcg_gen_sizemask(2,0,0); args[0] = GET_TCGV_I32(pc); args[1] = GET_TCGV_I32(op); tcg_gen_helperN(tcg_helper_fast_trace32, 0, sizemask, ((TCGArg)(-1)),2 , args); #endif } i have declared the functions tcg_helper_fast_trace32 and tcg_helper_fast_trace64 in tcg/tcg-runtime.h IN TCG-RUNTIME.H ADDED void tcg_helper_fast_trace64(uint64_t arg1, uint64_t arg2) { printf(PC = %016lx\t OPCODE:%08x\n", (unsigned long int)arg1,(unsigned int)arg2); } void tcg_helper_fast_trace32(uint32_t arg1, uint32_t arg2) { printf("PC = %016lx\t OPCODE = %08x\n", (unsigned long int)arg1,(unsigned int)arg2); } thanks, Lauren --001a11c2195a48a0b804ee2b7573 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Hi All,

I am relatively new to QEMU. I = am using the latest version from git and I am trying to add the necessary c= ode to QEMU to perform a dynamic instruction trace of guest code. =A0My bas= ic approach is to add a op call to a function I have created with the param= eters PC and opcode into the disassmebly for each instruction. =A0When this= function is subsequently called at the beginning of each instruction's= execution it should accept these two parameters and simply printf them rig= ht now. =A0I am doing this inside of translate.c in the disas_insn function= .=A0


When i do not pass any parameters to the= output function and just simply print a message, everything executes fine.= =A0However, If i attempt to add parameters I get a segfault. =A0Specifical= ly, it happens inside of tcg_optimize with the following error:

Program received signal SIGSEGV, Segmentation faul= t.
0x0000555555657aea in tcg_constant_folding (tcg_op_defs=3D0x55= 55558e0f80,
=A0 =A0 args=3D0x5555578f2110, tcg_opc_ptr=3D<opti= mized out>, s=3D0x5555578ea980)
=A0 =A0 at /home/lguckert/qemu/tcg/optimize.c:541
541 =A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 if (temps[args[i]].state =3D=3D TCG_TEM= P_COPY) {
=A0
where i is 1 (the first parameter I= pass) and args[i] is the pc value. =A0My first question is why its using t= he parameter value as an index into temps. =A0It must be something I'm = misunderstanding about parameter passing.

any help would be greatly appreciated.

Here is the code modifications I have made (NOTE i have tried many= variations on the sizemask, parameter types, parameter vals, etc. to no av= ail).=A0

IN TRANSLATE.C:
DISAS_INSN FUNCTION:

++ =A0 =A0TCGv t0 =3D tcg_temp_new();
++ = =A0 =A0TCGv t1 =3D tcg_temp_new();
++ =A0 =A0t0=3D pc_start; t1 = =3D b;
++ =A0 =A0tcg_gen_helper_fast_trace(t0,t1);

=A0 =A0 /* now check op code */
=A0reswitch:<= /div>
=A0 =A0 switch(b) {
=A0 =A0 case 0x0f:


IN TCG/TCG-OP.H ADDED (here if I pass 0 args, it ex= ecutes fine and prints dummy message correct number of times):
static inline void tcg_gen_helper_fast_trace(target_ulong pc,int op)
{
=A0 =A0 =A0 =A0 int sizemask =3D 0;
TCGArg a= rgs[2];
#ifdef TARGET_X86_64
=A0sizemask |=3D tcg_gen_s= izemask(0,0,0);
=A0sizemask |=3D tcg_gen_sizemask(1,1,0);
=A0sizemask |=3D t= cg_gen_sizemask(2,1,0);
=A0 =A0 args[0] =3D GET_TCGV_I64(pc);
=A0 =A0 args[1] =3D GET_TCGV_I64(op);
tcg_gen_helperN(tcg_helper_fast_trace64, 0, = sizemask, ((TCGArg)(-1)),2 , args);=A0
#else
=A0sizemask |=3D tcg_gen_sizemask(0,0,0);
= =A0sizemask |=3D tcg_gen_sizemask(1,0,0);
=A0sizemask |=3D tcg_ge= n_sizemask(2,0,0);
=A0 =A0 args[0] =3D GET_TCGV_I32(pc);
=A0 =A0 args[1] =3D GET_TCGV_I32(op);
tcg_gen_helperN(tcg= _helper_fast_trace32, 0, sizemask, ((TCGArg)(-1)),2 , args);=A0
#= endif
}

i have declared the functions tcg_helper_fast_trace32 and tcg_helper_f= ast_trace64 in tcg/tcg-runtime.h

IN TCG-RUNTIME.H = ADDED
void tcg_helper_fast_trace64(uint64_t arg1, uint64_t arg2)<= /div>
{
=A0 =A0 =A0 =A0 printf(PC =3D %016lx\t OPCODE:%08x\n"= , (unsigned long int)arg1,(unsigned int)arg2);
}
void t= cg_helper_fast_trace32(uint32_t arg1, uint32_t arg2)
{
= =A0 =A0 printf("PC =3D %016lx\t OPCODE =3D %08x\n", (unsigned lon= g int)arg1,(unsigned int)arg2);
}

thanks,
Lauren
--001a11c2195a48a0b804ee2b7573--