From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Lglps-0002VY-4A
	for qemu-devel@nongnu.org; Mon, 09 Mar 2009 16:12:28 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Lglpr-0002UM-3f
	for qemu-devel@nongnu.org; Mon, 09 Mar 2009 16:12:27 -0400
Received: from [199.232.76.173] (port=57426 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Lglpq-0002Tx-Kl
	for qemu-devel@nongnu.org; Mon, 09 Mar 2009 16:12:26 -0400
Received: from mx20.gnu.org ([199.232.41.8]:2679)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <gceq-qemu-devel@m.gmane.org>)
	id 1Lglov-0007C7-RI
	for qemu-devel@nongnu.org; Mon, 09 Mar 2009 16:11:30 -0400
Received: from main.gmane.org ([80.91.229.2] helo=ciao.gmane.org)
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <gceq-qemu-devel@m.gmane.org>) id 1LgbxP-0002FR-L6
	for qemu-devel@nongnu.org; Mon, 09 Mar 2009 05:39:35 -0400
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1LgbwQ-0007sR-DX
	for qemu-devel@nongnu.org; Mon, 09 Mar 2009 09:38:34 +0000
Received: from 141.76.6.219 ([141.76.6.219])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <qemu-devel@nongnu.org>; Mon, 09 Mar 2009 09:38:34 +0000
Received: from usenet by 141.76.6.219 with local (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <qemu-devel@nongnu.org>; Mon, 09 Mar 2009 09:38:34 +0000
From: Steffen Liebergeld <usenet@gmx.eu>
Date: Mon, 9 Mar 2009 09:38:24 +0000 (UTC)
Message-ID: <gp2o2g$k18$1@ger.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: news <news@ger.gmane.org>
Subject: [Qemu-devel] Precise guest instruction count.
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Hi Qemu developers,

I am trying to do some measurements in Qemu.

I want to get the precise number of guest instructions at certain points in
the emulation. The output is triggered by a NOP guest instruction with a
special value in two registers (to rule out other NOPs).

I have difficulties getting to know the number of guest instructions. I tried
to use the -icount switch, but this leads to timeout errors whenever the guest
tries to use the network. So I inserted a line into gen_icount_end, which
,regardless of the value use_icount, increments qemu_icount by num_insns. I
assume, that the code of gen_icount_end is appended to all TBs and run
whenever the TB is run (please correct me if I'm wrong).

I have some code in the guest, which does some calculations. I let it do the
calculations several times in a row, always discarding the results of the
previous run. I trigger the NOP always before the calculation and Qemu gives
me the following as values of qemu_icount:
First run:  835032
Second run: 837176
Third run:  837179
Fourth and subsequent runs: 837180

I guess that the behaviour is caused by chaining of TBs. The execution flow
jumps directly to the next TB without running the code of gen_icount_end at
the end of the TB.

I do not use Kqemu for this test.

So my question is how can I get accurate guest instruction count number?

Any help is appreciated.

Steffen Liebergeld