* [PATCH v5 01/55] trace: expand mem_info:size_shift to 4 bits
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
@ 2019-10-14 10:48 ` Alex Bennée
2019-10-14 14:35 ` Richard Henderson
2019-10-14 10:48 ` [PATCH v5 02/55] trace: add mmu_index to mem_info Alex Bennée
` (54 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:48 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Stefan Hajnoczi,
Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
This will allow us to trace 32k-long memory accesses (although our
maximum is something like 256 bytes at the moment).
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: expanded to 3->4 bits]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v5
- return the tweaks to mem-internal.h
---
trace-events | 2 +-
trace/mem-internal.h | 8 ++++----
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/trace-events b/trace-events
index 20821ba545..22133dfd3f 100644
--- a/trace-events
+++ b/trace-events
@@ -149,7 +149,7 @@ vcpu guest_cpu_reset(void)
# Access information can be parsed as:
#
# struct mem_info {
-# uint8_t size_shift : 2; /* interpreted as "1 << size_shift" bytes */
+# uint8_t size_shift : 4; /* interpreted as "1 << size_shift" bytes */
# bool sign_extend: 1; /* sign-extended */
# uint8_t endianness : 1; /* 0: little, 1: big */
# bool store : 1; /* wheter it's a store operation */
diff --git a/trace/mem-internal.h b/trace/mem-internal.h
index 3444fbc596..1a010c1b27 100644
--- a/trace/mem-internal.h
+++ b/trace/mem-internal.h
@@ -10,10 +10,10 @@
#ifndef TRACE__MEM_INTERNAL_H
#define TRACE__MEM_INTERNAL_H
-#define TRACE_MEM_SZ_SHIFT_MASK 0x7 /* size shift mask */
-#define TRACE_MEM_SE (1ULL << 3) /* sign extended (y/n) */
-#define TRACE_MEM_BE (1ULL << 4) /* big endian (y/n) */
-#define TRACE_MEM_ST (1ULL << 5) /* store (y/n) */
+#define TRACE_MEM_SZ_SHIFT_MASK 0xf /* size shift mask */
+#define TRACE_MEM_SE (1ULL << 4) /* sign extended (y/n) */
+#define TRACE_MEM_BE (1ULL << 5) /* big endian (y/n) */
+#define TRACE_MEM_ST (1ULL << 6) /* store (y/n) */
static inline uint8_t trace_mem_build_info(
int size_shift, bool sign_extend, MemOp endianness, bool store)
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 01/55] trace: expand mem_info:size_shift to 4 bits
2019-10-14 10:48 ` [PATCH v5 01/55] trace: expand mem_info:size_shift to 4 bits Alex Bennée
@ 2019-10-14 14:35 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 14:35 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, cota, Stefan Hajnoczi, aaron, peter.puhov
On 10/14/19 3:48 AM, Alex Bennée wrote:
> From: "Emilio G. Cota" <cota@braap.org>
>
> This will allow us to trace 32k-long memory accesses (although our
> maximum is something like 256 bytes at the moment).
>
> Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> [AJB: expanded to 3->4 bits]
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v5
> - return the tweaks to mem-internal.h
> ---
> trace-events | 2 +-
> trace/mem-internal.h | 8 ++++----
> 2 files changed, 5 insertions(+), 5 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 02/55] trace: add mmu_index to mem_info
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
2019-10-14 10:48 ` [PATCH v5 01/55] trace: expand mem_info:size_shift to 4 bits Alex Bennée
@ 2019-10-14 10:48 ` Alex Bennée
2019-10-14 14:53 ` Richard Henderson
2019-10-14 10:48 ` [PATCH v5 03/55] cpu: introduce cpu_in_exclusive_context() Alex Bennée
` (53 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:48 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Riku Voipio, peter.puhov, aaron, cota,
Stefan Hajnoczi, Paolo Bonzini, Alex Bennée,
Richard Henderson
We are going to re-use mem_info later for plugins and will need to
track the mmu_idx for softmmu code.
[TODO: convert everything to use TCGMemOpIdx?]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v5
- fix up shifts
---
accel/tcg/atomic_template.h | 6 ++---
accel/tcg/cputlb.c | 2 ++
accel/tcg/user-exec.c | 1 +
include/exec/cpu_ldst_template.h | 15 +++++------
include/exec/cpu_ldst_useronly_template.h | 6 ++---
scripts/tracetool/transform.py | 1 +
tcg/tcg-op.c | 8 +++---
trace-events | 6 +++--
trace/mem-internal.h | 31 ++++++++++++++++-------
trace/mem.h | 7 ++---
10 files changed, 50 insertions(+), 33 deletions(-)
diff --git a/accel/tcg/atomic_template.h b/accel/tcg/atomic_template.h
index 287433d809..dfeddf6a54 100644
--- a/accel/tcg/atomic_template.h
+++ b/accel/tcg/atomic_template.h
@@ -60,7 +60,7 @@
#endif
#define ATOMIC_TRACE_RMW do { \
- uint8_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false); \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false, ATOMIC_MMU_IDX); \
\
trace_guest_mem_before_exec(env_cpu(env), addr, info); \
trace_guest_mem_before_exec(env_cpu(env), addr, \
@@ -68,13 +68,13 @@
} while (0)
#define ATOMIC_TRACE_LD do { \
- uint8_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false); \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false, ATOMIC_MMU_IDX); \
\
trace_guest_mem_before_exec(env_cpu(env), addr, info); \
} while (0)
# define ATOMIC_TRACE_ST do { \
- uint8_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, true); \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, true, ATOMIC_MMU_IDX); \
\
trace_guest_mem_before_exec(env_cpu(env), addr, info); \
} while (0)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index defc8d5929..1210d8f243 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1811,6 +1811,7 @@ void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
#define ATOMIC_MMU_DECLS
#define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, oi, retaddr)
#define ATOMIC_MMU_CLEANUP
+#define ATOMIC_MMU_IDX oi
#define DATA_SIZE 1
#include "atomic_template.h"
@@ -1853,6 +1854,7 @@ void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
#define DATA_SIZE 8
#include "atomic_template.h"
#endif
+#undef ATOMIC_MMU_IDX
/* Code access functions. */
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index 71c4bf6477..e9a58c5331 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -751,6 +751,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
#define ATOMIC_MMU_DECLS do {} while (0)
#define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, DATA_SIZE, GETPC())
#define ATOMIC_MMU_CLEANUP do { clear_helper_retaddr(); } while (0)
+#define ATOMIC_MMU_IDX 0
#define ATOMIC_NAME(X) HELPER(glue(glue(atomic_ ## X, SUFFIX), END))
#define EXTRA_ARGS
diff --git a/include/exec/cpu_ldst_template.h b/include/exec/cpu_ldst_template.h
index af7e0b49f2..5750a26b9e 100644
--- a/include/exec/cpu_ldst_template.h
+++ b/include/exec/cpu_ldst_template.h
@@ -84,17 +84,16 @@ glue(glue(glue(cpu_ld, USUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
CPUTLBEntry *entry;
RES_TYPE res;
target_ulong addr;
- int mmu_idx;
+ int mmu_idx = CPU_MMU_INDEX;
TCGMemOpIdx oi;
#if !defined(SOFTMMU_CODE_ACCESS)
trace_guest_mem_before_exec(
env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, false));
+ trace_mem_build_info(SHIFT, false, MO_TE, false, mmu_idx));
#endif
addr = ptr;
- mmu_idx = CPU_MMU_INDEX;
entry = tlb_entry(env, mmu_idx, addr);
if (unlikely(entry->ADDR_READ !=
(addr & (TARGET_PAGE_MASK | (DATA_SIZE - 1))))) {
@@ -123,17 +122,16 @@ glue(glue(glue(cpu_lds, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
CPUTLBEntry *entry;
int res;
target_ulong addr;
- int mmu_idx;
+ int mmu_idx = CPU_MMU_INDEX;
TCGMemOpIdx oi;
#if !defined(SOFTMMU_CODE_ACCESS)
trace_guest_mem_before_exec(
env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, true, MO_TE, false));
+ trace_mem_build_info(SHIFT, true, MO_TE, false, mmu_idx));
#endif
addr = ptr;
- mmu_idx = CPU_MMU_INDEX;
entry = tlb_entry(env, mmu_idx, addr);
if (unlikely(entry->ADDR_READ !=
(addr & (TARGET_PAGE_MASK | (DATA_SIZE - 1))))) {
@@ -165,17 +163,16 @@ glue(glue(glue(cpu_st, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
{
CPUTLBEntry *entry;
target_ulong addr;
- int mmu_idx;
+ int mmu_idx = CPU_MMU_INDEX;
TCGMemOpIdx oi;
#if !defined(SOFTMMU_CODE_ACCESS)
trace_guest_mem_before_exec(
env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, true));
+ trace_mem_build_info(SHIFT, false, MO_TE, true, mmu_idx));
#endif
addr = ptr;
- mmu_idx = CPU_MMU_INDEX;
entry = tlb_entry(env, mmu_idx, addr);
if (unlikely(tlb_addr_write(entry) !=
(addr & (TARGET_PAGE_MASK | (DATA_SIZE - 1))))) {
diff --git a/include/exec/cpu_ldst_useronly_template.h b/include/exec/cpu_ldst_useronly_template.h
index 2378f2958c..8f7f117ad4 100644
--- a/include/exec/cpu_ldst_useronly_template.h
+++ b/include/exec/cpu_ldst_useronly_template.h
@@ -73,7 +73,7 @@ glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr)
#else
trace_guest_mem_before_exec(
env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, false));
+ trace_mem_build_info(SHIFT, false, MO_TE, false, 0));
return glue(glue(ld, USUFFIX), _p)(g2h(ptr));
#endif
}
@@ -105,7 +105,7 @@ glue(glue(cpu_lds, SUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr)
#else
trace_guest_mem_before_exec(
env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, true, MO_TE, false));
+ trace_mem_build_info(SHIFT, true, MO_TE, false, 0));
return glue(glue(lds, SUFFIX), _p)(g2h(ptr));
#endif
}
@@ -132,7 +132,7 @@ glue(glue(cpu_st, SUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr,
{
trace_guest_mem_before_exec(
env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, true));
+ trace_mem_build_info(SHIFT, false, MO_TE, true, 0));
glue(glue(st, SUFFIX), _p)(g2h(ptr), v);
}
diff --git a/scripts/tracetool/transform.py b/scripts/tracetool/transform.py
index e18b05315e..2ca9286046 100644
--- a/scripts/tracetool/transform.py
+++ b/scripts/tracetool/transform.py
@@ -83,6 +83,7 @@ TCG_2_HOST = {
HOST_2_TCG_COMPAT = {
"uint8_t": "uint32_t",
+ "uint16_t": "uint32_t",
}
diff --git a/tcg/tcg-op.c b/tcg/tcg-op.c
index e87c327fbf..1388bd344d 100644
--- a/tcg/tcg-op.c
+++ b/tcg/tcg-op.c
@@ -2795,7 +2795,7 @@ void tcg_gen_qemu_ld_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
tcg_gen_req_mo(TCG_MO_LD_LD | TCG_MO_ST_LD);
memop = tcg_canonicalize_memop(memop, 0, 0);
trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, 0));
+ addr, trace_mem_get_info(memop, idx, 0));
orig_memop = memop;
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
@@ -2832,7 +2832,7 @@ void tcg_gen_qemu_st_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
tcg_gen_req_mo(TCG_MO_LD_ST | TCG_MO_ST_ST);
memop = tcg_canonicalize_memop(memop, 0, 1);
trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, 1));
+ addr, trace_mem_get_info(memop, idx, 1));
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
swap = tcg_temp_new_i32();
@@ -2875,7 +2875,7 @@ void tcg_gen_qemu_ld_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
tcg_gen_req_mo(TCG_MO_LD_LD | TCG_MO_ST_LD);
memop = tcg_canonicalize_memop(memop, 1, 0);
trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, 0));
+ addr, trace_mem_get_info(memop, idx, 0));
orig_memop = memop;
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
@@ -2923,7 +2923,7 @@ void tcg_gen_qemu_st_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
tcg_gen_req_mo(TCG_MO_LD_ST | TCG_MO_ST_ST);
memop = tcg_canonicalize_memop(memop, 1, 1);
trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, 1));
+ addr, trace_mem_get_info(memop, idx, 1));
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
swap = tcg_temp_new_i64();
diff --git a/trace-events b/trace-events
index 22133dfd3f..42107ebc69 100644
--- a/trace-events
+++ b/trace-events
@@ -152,12 +152,14 @@ vcpu guest_cpu_reset(void)
# uint8_t size_shift : 4; /* interpreted as "1 << size_shift" bytes */
# bool sign_extend: 1; /* sign-extended */
# uint8_t endianness : 1; /* 0: little, 1: big */
-# bool store : 1; /* wheter it's a store operation */
+# bool store : 1; /* whether it is a store operation */
+# pad : 1;
+# uint8_t mmuidx : 4; /* mmuidx (softmmu only) */
# };
#
# Mode: user, softmmu
# Targets: TCG(all)
-vcpu tcg guest_mem_before(TCGv vaddr, uint8_t info) "info=%d", "vaddr=0x%016"PRIx64" info=%d"
+vcpu tcg guest_mem_before(TCGv vaddr, uint16_t info) "info=%d", "vaddr=0x%016"PRIx64" info=%d"
# linux-user/syscall.c
# bsd-user/syscall.c
diff --git a/trace/mem-internal.h b/trace/mem-internal.h
index 1a010c1b27..0a32aa22ca 100644
--- a/trace/mem-internal.h
+++ b/trace/mem-internal.h
@@ -14,11 +14,13 @@
#define TRACE_MEM_SE (1ULL << 4) /* sign extended (y/n) */
#define TRACE_MEM_BE (1ULL << 5) /* big endian (y/n) */
#define TRACE_MEM_ST (1ULL << 6) /* store (y/n) */
+#define TRACE_MEM_MMU_SHIFT 8 /* mmu idx */
-static inline uint8_t trace_mem_build_info(
- int size_shift, bool sign_extend, MemOp endianness, bool store)
+static inline uint16_t trace_mem_build_info(
+ int size_shift, bool sign_extend, MemOp endianness,
+ bool store, unsigned int mmu_idx)
{
- uint8_t res;
+ uint16_t res;
res = size_shift & TRACE_MEM_SZ_SHIFT_MASK;
if (sign_extend) {
@@ -30,25 +32,36 @@ static inline uint8_t trace_mem_build_info(
if (store) {
res |= TRACE_MEM_ST;
}
+#ifdef CONFIG_SOFTMMU
+ res |= mmu_idx << TRACE_MEM_MMU_SHIFT;
+#endif
return res;
}
-static inline uint8_t trace_mem_get_info(MemOp op, bool store)
+static inline uint16_t trace_mem_get_info(MemOp op,
+ unsigned int mmu_idx,
+ bool store)
{
return trace_mem_build_info(op & MO_SIZE, !!(op & MO_SIGN),
- op & MO_BSWAP, store);
+ op & MO_BSWAP, store,
+ mmu_idx);
}
+/* Used by the atomic helpers */
static inline
-uint8_t trace_mem_build_info_no_se_be(int size_shift, bool store)
+uint16_t trace_mem_build_info_no_se_be(int size_shift, bool store,
+ TCGMemOpIdx oi)
{
- return trace_mem_build_info(size_shift, false, MO_BE, store);
+ return trace_mem_build_info(size_shift, false, MO_BE, store,
+ get_mmuidx(oi));
}
static inline
-uint8_t trace_mem_build_info_no_se_le(int size_shift, bool store)
+uint16_t trace_mem_build_info_no_se_le(int size_shift, bool store,
+ TCGMemOpIdx oi)
{
- return trace_mem_build_info(size_shift, false, MO_LE, store);
+ return trace_mem_build_info(size_shift, false, MO_LE, store,
+ get_mmuidx(oi));
}
#endif /* TRACE__MEM_INTERNAL_H */
diff --git a/trace/mem.h b/trace/mem.h
index 8cf213d85b..9644f592b4 100644
--- a/trace/mem.h
+++ b/trace/mem.h
@@ -18,15 +18,16 @@
*
* Return a value for the 'info' argument in guest memory access traces.
*/
-static uint8_t trace_mem_get_info(MemOp op, bool store);
+static uint16_t trace_mem_get_info(MemOp op, unsigned int mmu_idx, bool store);
/**
* trace_mem_build_info:
*
* Return a value for the 'info' argument in guest memory access traces.
*/
-static uint8_t trace_mem_build_info(int size_shift, bool sign_extend,
- MemOp endianness, bool store);
+static uint16_t trace_mem_build_info(int size_shift, bool sign_extend,
+ MemOp endianness, bool store,
+ unsigned int mmuidx);
#include "trace/mem-internal.h"
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 02/55] trace: add mmu_index to mem_info
2019-10-14 10:48 ` [PATCH v5 02/55] trace: add mmu_index to mem_info Alex Bennée
@ 2019-10-14 14:53 ` Richard Henderson
2019-10-15 11:15 ` Alex Bennée
0 siblings, 1 reply; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 14:53 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, Riku Voipio, peter.puhov, aaron, cota,
Stefan Hajnoczi, Paolo Bonzini, Richard Henderson
On 10/14/19 3:48 AM, Alex Bennée wrote:
> diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
> index defc8d5929..1210d8f243 100644
> --- a/accel/tcg/cputlb.c
> +++ b/accel/tcg/cputlb.c
> @@ -1811,6 +1811,7 @@ void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
> #define ATOMIC_MMU_DECLS
> #define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, oi, retaddr)
> #define ATOMIC_MMU_CLEANUP
> +#define ATOMIC_MMU_IDX oi
That is not the mmu_idx. That's the whole mmu_idx + MemOp combo.
Use get_mmuidx(oi).
> --- a/accel/tcg/user-exec.c
> +++ b/accel/tcg/user-exec.c
> @@ -751,6 +751,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
> #define ATOMIC_MMU_DECLS do {} while (0)
> #define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, DATA_SIZE, GETPC())
> #define ATOMIC_MMU_CLEANUP do { clear_helper_retaddr(); } while (0)
> +#define ATOMIC_MMU_IDX 0
MMU_USER_IDX. Best to be consistent, even if this is user-only and it isn't
really used.
> --- a/include/exec/cpu_ldst_useronly_template.h
> +++ b/include/exec/cpu_ldst_useronly_template.h
> @@ -73,7 +73,7 @@ glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr)
> #else
> trace_guest_mem_before_exec(
> env_cpu(env), ptr,
> - trace_mem_build_info(SHIFT, false, MO_TE, false));
> + trace_mem_build_info(SHIFT, false, MO_TE, false, 0));
Likewise for the other uses in this file.
r~
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 02/55] trace: add mmu_index to mem_info
2019-10-14 14:53 ` Richard Henderson
@ 2019-10-15 11:15 ` Alex Bennée
0 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-15 11:15 UTC (permalink / raw)
To: Richard Henderson
Cc: robert.foley, Riku Voipio, qemu-devel, peter.puhov, aaron, cota,
Stefan Hajnoczi, Paolo Bonzini, Richard Henderson
Richard Henderson <richard.henderson@linaro.org> writes:
> On 10/14/19 3:48 AM, Alex Bennée wrote:
>> diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
>> index defc8d5929..1210d8f243 100644
>> --- a/accel/tcg/cputlb.c
>> +++ b/accel/tcg/cputlb.c
>> @@ -1811,6 +1811,7 @@ void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
>> #define ATOMIC_MMU_DECLS
>> #define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, oi, retaddr)
>> #define ATOMIC_MMU_CLEANUP
>> +#define ATOMIC_MMU_IDX oi
>
> That is not the mmu_idx. That's the whole mmu_idx + MemOp combo.
> Use get_mmuidx(oi).
Oops I missed that from last time. Fixing it for real now!
>
>> --- a/accel/tcg/user-exec.c
>> +++ b/accel/tcg/user-exec.c
>> @@ -751,6 +751,7 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
>> #define ATOMIC_MMU_DECLS do {} while (0)
>> #define ATOMIC_MMU_LOOKUP atomic_mmu_lookup(env, addr, DATA_SIZE, GETPC())
>> #define ATOMIC_MMU_CLEANUP do { clear_helper_retaddr(); } while (0)
>> +#define ATOMIC_MMU_IDX 0
>
> MMU_USER_IDX. Best to be consistent, even if this is user-only and it isn't
> really used.
>
>> --- a/include/exec/cpu_ldst_useronly_template.h
>> +++ b/include/exec/cpu_ldst_useronly_template.h
>> @@ -73,7 +73,7 @@ glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr)
>> #else
>> trace_guest_mem_before_exec(
>> env_cpu(env), ptr,
>> - trace_mem_build_info(SHIFT, false, MO_TE, false));
>> + trace_mem_build_info(SHIFT, false, MO_TE, false, 0));
>
> Likewise for the other uses in this file.
Fixed.
>
>
> r~
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 03/55] cpu: introduce cpu_in_exclusive_context()
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
2019-10-14 10:48 ` [PATCH v5 01/55] trace: expand mem_info:size_shift to 4 bits Alex Bennée
2019-10-14 10:48 ` [PATCH v5 02/55] trace: add mmu_index to mem_info Alex Bennée
@ 2019-10-14 10:48 ` Alex Bennée
2019-10-14 10:48 ` [PATCH v5 04/55] translate-all: use cpu_in_exclusive_work_context() in tb_flush Alex Bennée
` (52 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:48 UTC (permalink / raw)
To: qemu-devel
Cc: Eduardo Habkost, robert.foley, Richard Henderson, peter.puhov,
aaron, cota, Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Suggested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: moved inside start/end_exclusive fns + cleanup]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v4
- -> cpu_in_exclusive_context
- moved inside start/end exclusive
- fixed up cpu_exec_step_atomic
---
accel/tcg/cpu-exec.c | 5 +----
cpus-common.c | 4 ++++
include/hw/core/cpu.h | 13 +++++++++++++
3 files changed, 18 insertions(+), 4 deletions(-)
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 48272c781b..81c33d6475 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -238,8 +238,6 @@ void cpu_exec_step_atomic(CPUState *cpu)
uint32_t flags;
uint32_t cflags = 1;
uint32_t cf_mask = cflags & CF_HASH_MASK;
- /* volatile because we modify it between setjmp and longjmp */
- volatile bool in_exclusive_region = false;
if (sigsetjmp(cpu->jmp_env, 0) == 0) {
tb = tb_lookup__cpu_state(cpu, &pc, &cs_base, &flags, cf_mask);
@@ -253,7 +251,6 @@ void cpu_exec_step_atomic(CPUState *cpu)
/* Since we got here, we know that parallel_cpus must be true. */
parallel_cpus = false;
- in_exclusive_region = true;
cc->cpu_exec_enter(cpu);
/* execute the generated code */
trace_exec_tb(tb, pc);
@@ -273,7 +270,7 @@ void cpu_exec_step_atomic(CPUState *cpu)
assert_no_pages_locked();
}
- if (in_exclusive_region) {
+ if (cpu_in_exclusive_context(cpu)) {
/* We might longjump out of either the codegen or the
* execution, so must make sure we only end the exclusive
* region if we started it.
diff --git a/cpus-common.c b/cpus-common.c
index af3385a296..eaf590cb38 100644
--- a/cpus-common.c
+++ b/cpus-common.c
@@ -200,11 +200,15 @@ void start_exclusive(void)
* section until end_exclusive resets pending_cpus to 0.
*/
qemu_mutex_unlock(&qemu_cpu_list_lock);
+
+ current_cpu->in_exclusive_context = true;
}
/* Finish an exclusive operation. */
void end_exclusive(void)
{
+ current_cpu->in_exclusive_context = false;
+
qemu_mutex_lock(&qemu_cpu_list_lock);
atomic_set(&pending_cpus, 0);
qemu_cond_broadcast(&exclusive_resume);
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 031f587e51..07f2ab0590 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -372,6 +372,7 @@ struct CPUState {
bool unplug;
bool crash_occurred;
bool exit_request;
+ bool in_exclusive_context;
uint32_t cflags_next_tb;
/* updates protected by BQL */
uint32_t interrupt_request;
@@ -783,6 +784,18 @@ void async_run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data data)
*/
void async_safe_run_on_cpu(CPUState *cpu, run_on_cpu_func func, run_on_cpu_data data);
+/**
+ * cpu_in_exclusive_context()
+ * @cpu: The vCPU to check
+ *
+ * Returns true if @cpu is an exclusive context, for example running
+ * something which has previously been queued via async_safe_run_on_cpu().
+ */
+static inline bool cpu_in_exclusive_context(const CPUState *cpu)
+{
+ return cpu->in_exclusive_context;
+}
+
/**
* qemu_get_cpu:
* @index: The CPUState@cpu_index value of the CPU to obtain.
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 04/55] translate-all: use cpu_in_exclusive_work_context() in tb_flush
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (2 preceding siblings ...)
2019-10-14 10:48 ` [PATCH v5 03/55] cpu: introduce cpu_in_exclusive_context() Alex Bennée
@ 2019-10-14 10:48 ` Alex Bennée
2019-10-14 10:48 ` [PATCH v5 05/55] docs/devel: add plugins.rst design document Alex Bennée
` (51 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:48 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
tb_flush will be called by the plugin module from a safe
work environment. Prepare for that.
Suggested-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/translate-all.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 66d4bc4341..0a08fcda3e 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1268,8 +1268,13 @@ void tb_flush(CPUState *cpu)
{
if (tcg_enabled()) {
unsigned tb_flush_count = atomic_mb_read(&tb_ctx.tb_flush_count);
- async_safe_run_on_cpu(cpu, do_tb_flush,
- RUN_ON_CPU_HOST_INT(tb_flush_count));
+
+ if (cpu_in_exclusive_context(cpu)) {
+ do_tb_flush(cpu, RUN_ON_CPU_HOST_INT(tb_flush_count));
+ } else {
+ async_safe_run_on_cpu(cpu, do_tb_flush,
+ RUN_ON_CPU_HOST_INT(tb_flush_count));
+ }
}
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 05/55] docs/devel: add plugins.rst design document
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (3 preceding siblings ...)
2019-10-14 10:48 ` [PATCH v5 04/55] translate-all: use cpu_in_exclusive_work_context() in tb_flush Alex Bennée
@ 2019-10-14 10:48 ` Alex Bennée
2019-10-14 10:48 ` [PATCH v5 06/55] configure: add --enable-plugins (MOVE TO END) Alex Bennée
` (50 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:48 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
This is mostly extracted from Emilio's more verbose commit comments
with some additional verbiage from me.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v4
- some rewording and tweaks
- made non-atomicity of inline ops more explicit
- expanded description of plugin unload
v5
- more explicit statements:
- cannot modify system state, only observer
- call to action to upstream plugins
---
docs/devel/index.rst | 1 +
docs/devel/plugins.rst | 112 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 113 insertions(+)
create mode 100644 docs/devel/plugins.rst
diff --git a/docs/devel/index.rst b/docs/devel/index.rst
index 1ec61fcfed..2ff058bae3 100644
--- a/docs/devel/index.rst
+++ b/docs/devel/index.rst
@@ -22,3 +22,4 @@ Contents:
decodetree
secure-coding-practices
tcg
+ plugins
diff --git a/docs/devel/plugins.rst b/docs/devel/plugins.rst
new file mode 100644
index 0000000000..b18fb6729e
--- /dev/null
+++ b/docs/devel/plugins.rst
@@ -0,0 +1,112 @@
+..
+ Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ Copyright (c) 2019, Linaro Limited
+ Written by Emilio Cota and Alex Bennée
+
+================
+QEMU TCG Plugins
+================
+
+QEMU TCG plugins provide a way for users to run experiments taking
+advantage of the total system control emulation can have over a guest.
+It provides a mechanism for plugins to subscribe to events during
+translation and execution and optionally callback into the plugin
+during these events. TCG plugins are unable to change the system state
+only monitor it passively. However they can do this down to an
+individual instruction granularity including potentially subscribing
+to all load and store operations.
+
+API Stability
+=============
+
+This is a new feature for QEMU and it does allow people to develop
+out-of-tree plugins that can be dynamically linked into a running QEMU
+process. However the project reserves the right to change or break the
+API should it need to do so. The best way to avoid this is to submit
+your plugin upstream so they can be updated if/when the API changes.
+
+
+Exposure of QEMU internals
+--------------------------
+
+The plugin architecture actively avoids leaking implementation details
+about how QEMU's translation works to the plugins. While there are
+conceptions such as translation time and translation blocks the
+details are opaque to plugins. The plugin is able to query select
+details of instructions and system configuration only through the
+exported *qemu_plugin* functions. The types used to describe
+instructions and events are opaque to the plugins themselves.
+
+Usage
+=====
+
+The QEMU binary needs to be compiled for plugin support:
+
+::
+ configure --enable-plugins
+
+Once built a program can be run with multiple plugins loaded each with
+their own arguments:
+
+::
+ $QEMU $OTHER_QEMU_ARGS \
+ -plugin tests/plugin/libhowvec.so,arg=inline,arg=hint \
+ -plugin tests/plugin/libhotblocks.so
+
+Arguments are plugin specific and can be used to modify their
+behaviour. In this case the howvec plugin is being asked to use inline
+ops to count and break down the hint instructions by type.
+
+Plugin Life cycle
+=================
+
+First the plugin is loaded and the public qemu_plugin_install function
+is called. The plugin will then register callbacks for various plugin
+events. Generally plugins will register a handler for the *atexit*
+if they want to dump a summary of collected information once the
+program/system has finished running.
+
+When a registered event occurs the plugin callback is invoked. The
+callbacks may provide additional information. In the case of a
+translation event the plugin has an option to enumerate the
+instructions in a block of instructions and optionally register
+callbacks to some or all instructions when they are executed.
+
+There is also a facility to add an inline event where code to
+increment a counter can be directly inlined with the translation.
+Currently only a simple increment is supported. This is not atomic so
+can miss counts. If you want absolute precision you should use a
+callback which can then ensure atomicity itself.
+
+Finally when QEMU exits all the registered *atexit* callbacks are
+invoked.
+
+Internals
+=========
+
+Locking
+-------
+
+We have to ensure we cannot deadlock, particularly under MTTCG. For
+this we acquire a lock when called from plugin code. We also keep the
+list of callbacks under RCU so that we do not have to hold the lock
+when calling the callbacks. This is also for performance, since some
+callbacks (e.g. memory access callbacks) might be called very
+frequently.
+
+ * A consequence of this is that we keep our own list of CPUs, so that
+ we do not have to worry about locking order wrt cpu_list_lock.
+ * Use a recursive lock, since we can get registration calls from
+ callbacks.
+
+As a result registering/unregistering callbacks is "slow", since it
+takes a lock. But this is very infrequent; we want performance when
+calling (or not calling) callbacks, not when registering them. Using
+RCU is great for this.
+
+We support the uninstallation of a plugin at any time (e.g. from
+plugin callbacks). This allows plugins to remove themselves if they no
+longer want to instrument the code. This operation is asynchronous
+which means callbacks may still occur after the uninstall operation is
+requested. The plugin isn't completely uninstalled until the safe work
+has executed while all vCPUs are quiescent.
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 06/55] configure: add --enable-plugins (MOVE TO END)
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (4 preceding siblings ...)
2019-10-14 10:48 ` [PATCH v5 05/55] docs/devel: add plugins.rst design document Alex Bennée
@ 2019-10-14 10:48 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 07/55] plugin: add user-facing API Alex Bennée
` (49 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:48 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
This adds the basic boilerplate feature enable option for the build.
We shall expand it later.
XXX: currently this patch is included at the start of development to
aid with incremental building. It should be moved to the end once the
plugins are feature complete.
[AJB: split from larger patch]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
configure | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/configure b/configure
index 08ca4bcb46..485a9837c9 100755
--- a/configure
+++ b/configure
@@ -497,6 +497,7 @@ libxml2=""
debug_mutex="no"
libpmem=""
default_devices="yes"
+plugins="no"
supported_cpu="no"
supported_os="no"
@@ -1524,6 +1525,10 @@ for opt do
;;
--disable-xkbcommon) xkbcommon=no
;;
+ --enable-plugins) plugins="yes"
+ ;;
+ --disable-plugins) plugins="no"
+ ;;
*)
echo "ERROR: unknown option $opt"
echo "Try '$0 --help' for more information"
@@ -1705,6 +1710,8 @@ Advanced options (experts only):
--enable-profiler profiler support
--enable-debug-stack-usage
track the maximum stack usage of stacks created by qemu_alloc_stack
+ --enable-plugins
+ enable plugins via shared library loading
Optional features, enabled with --enable-FEATURE and
disabled with --disable-FEATURE, default is enabled if available:
@@ -6429,6 +6436,7 @@ echo "capstone $capstone"
echo "libpmem support $libpmem"
echo "libudev $libudev"
echo "default devices $default_devices"
+echo "plugin support $plugins"
if test "$supported_cpu" = "no"; then
echo
@@ -7256,6 +7264,11 @@ if test "$sheepdog" = "yes" ; then
echo "CONFIG_SHEEPDOG=y" >> $config_host_mak
fi
+if test "$plugins" = "yes" ; then
+ echo "CONFIG_PLUGIN=y" >> $config_host_mak
+ LIBS="-ldl $LIBS"
+fi
+
if test "$tcg_interpreter" = "yes"; then
QEMU_INCLUDES="-iquote \$(SRC_PATH)/tcg/tci $QEMU_INCLUDES"
elif test "$ARCH" = "sparc64" ; then
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 07/55] plugin: add user-facing API
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (5 preceding siblings ...)
2019-10-14 10:48 ` [PATCH v5 06/55] configure: add --enable-plugins (MOVE TO END) Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 08/55] plugin: add core code Alex Bennée
` (48 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Add the API first to ease review.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v3
- merge in changes to plugin install/reset/uninstall
- split api file
v4
- s/is/it/
- more docstrings
- remove qemu_plugin_register_vcpu_mem_haddr_cb and related bits
- add qemu_plugin_get_hwaddr and related bits
- drop vcpu_index from tb_trans_cb_t
---
include/qemu/qemu-plugin.h | 351 +++++++++++++++++++++++++++++++++++++
1 file changed, 351 insertions(+)
create mode 100644 include/qemu/qemu-plugin.h
diff --git a/include/qemu/qemu-plugin.h b/include/qemu/qemu-plugin.h
new file mode 100644
index 0000000000..d9c1ca3b4c
--- /dev/null
+++ b/include/qemu/qemu-plugin.h
@@ -0,0 +1,351 @@
+/*
+ * Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ * Copyright (C) 2019, Linaro
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#ifndef QEMU_PLUGIN_API_H
+#define QEMU_PLUGIN_API_H
+
+#include <inttypes.h>
+#include <stdbool.h>
+
+/*
+ * For best performance, build the plugin with -fvisibility=hidden so that
+ * QEMU_PLUGIN_LOCAL is implicit. Then, just mark qemu_plugin_install with
+ * QEMU_PLUGIN_EXPORT. For more info, see
+ * https://gcc.gnu.org/wiki/Visibility
+ */
+#if defined _WIN32 || defined __CYGWIN__
+ #ifdef BUILDING_DLL
+ #define QEMU_PLUGIN_EXPORT __declspec(dllexport)
+ #else
+ #define QEMU_PLUGIN_EXPORT __declspec(dllimport)
+ #endif
+ #define QEMU_PLUGIN_LOCAL
+#else
+ #if __GNUC__ >= 4
+ #define QEMU_PLUGIN_EXPORT __attribute__((visibility("default")))
+ #define QEMU_PLUGIN_LOCAL __attribute__((visibility("hidden")))
+ #else
+ #define QEMU_PLUGIN_EXPORT
+ #define QEMU_PLUGIN_LOCAL
+ #endif
+#endif
+
+typedef uint64_t qemu_plugin_id_t;
+
+/**
+ * qemu_plugin_install() - Install a plugin
+ * @id: this plugin's opaque ID
+ * @argc: number of arguments
+ * @argv: array of arguments (@argc elements)
+ *
+ * All plugins must export this symbol.
+ *
+ * Note: Calling qemu_plugin_uninstall() from this function is a bug. To raise
+ * an error during install, return !0.
+ *
+ * Note: @argv remains valid throughout the lifetime of the loaded plugin.
+ */
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv);
+
+/*
+ * Prototypes for the various callback styles we will be registering
+ * in the following functions.
+ */
+typedef void (*qemu_plugin_simple_cb_t)(qemu_plugin_id_t id);
+
+typedef void (*qemu_plugin_udata_cb_t)(qemu_plugin_id_t id, void *userdata);
+
+typedef void (*qemu_plugin_vcpu_simple_cb_t)(qemu_plugin_id_t id,
+ unsigned int vcpu_index);
+
+typedef void (*qemu_plugin_vcpu_udata_cb_t)(unsigned int vcpu_index,
+ void *userdata);
+
+/**
+ * qemu_plugin_uninstall() - Uninstall a plugin
+ * @id: this plugin's opaque ID
+ * @cb: callback to be called once the plugin has been removed
+ *
+ * Do NOT assume that the plugin has been uninstalled once this function
+ * returns. Plugins are uninstalled asynchronously, and therefore the given
+ * plugin receives callbacks until @cb is called.
+ *
+ * Note: Calling this function from qemu_plugin_install() is a bug.
+ */
+void qemu_plugin_uninstall(qemu_plugin_id_t id, qemu_plugin_simple_cb_t cb);
+
+/**
+ * qemu_plugin_reset() - Reset a plugin
+ * @id: this plugin's opaque ID
+ * @cb: callback to be called once the plugin has been reset
+ *
+ * Unregisters all callbacks for the plugin given by @id.
+ *
+ * Do NOT assume that the plugin has been reset once this function returns.
+ * Plugins are reset asynchronously, and therefore the given plugin receives
+ * callbacks until @cb is called.
+ */
+void qemu_plugin_reset(qemu_plugin_id_t id, qemu_plugin_simple_cb_t cb);
+
+/**
+ * qemu_plugin_register_vcpu_init_cb() - register a vCPU initialization callback
+ * @id: plugin ID
+ * @cb: callback function
+ *
+ * The @cb function is called every time a vCPU is initialized.
+ *
+ * See also: qemu_plugin_register_vcpu_exit_cb()
+ */
+void qemu_plugin_register_vcpu_init_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb);
+
+/**
+ * qemu_plugin_register_vcpu_exit_cb() - register a vCPU exit callback
+ * @id: plugin ID
+ * @cb: callback function
+ *
+ * The @cb function is called every time a vCPU exits.
+ *
+ * See also: qemu_plugin_register_vcpu_init_cb()
+ */
+void qemu_plugin_register_vcpu_exit_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb);
+
+/**
+ * qemu_plugin_register_vcpu_idle_cb() - register a vCPU idle callback
+ * @id: plugin ID
+ * @cb: callback function
+ *
+ * The @cb function is called every time a vCPU idles.
+ */
+void qemu_plugin_register_vcpu_idle_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb);
+
+/**
+ * qemu_plugin_register_vcpu_resume_cb() - register a vCPU resume callback
+ * @id: plugin ID
+ * @cb: callback function
+ *
+ * The @cb function is called every time a vCPU resumes execution.
+ */
+void qemu_plugin_register_vcpu_resume_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb);
+
+/*
+ * Opaque types that the plugin is given during the translation and
+ * instrumentation phase.
+ */
+struct qemu_plugin_tb;
+struct qemu_plugin_insn;
+
+enum qemu_plugin_cb_flags {
+ QEMU_PLUGIN_CB_NO_REGS, /* callback does not access the CPU's regs */
+ QEMU_PLUGIN_CB_R_REGS, /* callback reads the CPU's regs */
+ QEMU_PLUGIN_CB_RW_REGS, /* callback reads and writes the CPU's regs */
+};
+
+enum qemu_plugin_mem_rw {
+ QEMU_PLUGIN_MEM_R = 1,
+ QEMU_PLUGIN_MEM_W,
+ QEMU_PLUGIN_MEM_RW,
+};
+
+/**
+ * qemu_plugin_register_vcpu_tb_trans_cb() - register a translate cb
+ * @id: plugin ID
+ * @cb: callback function
+ *
+ * The @cb function is called every time a translation occurs. The @cb
+ * function is passed an opaque qemu_plugin_type which it can query
+ * for additional information including the list of translated
+ * instructions. At this point the plugin can register further
+ * callbacks to be triggered when the block or individual instruction
+ * executes.
+ */
+typedef void (*qemu_plugin_vcpu_tb_trans_cb_t)(qemu_plugin_id_t id,
+ struct qemu_plugin_tb *tb);
+
+void qemu_plugin_register_vcpu_tb_trans_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_tb_trans_cb_t cb);
+
+/**
+ * qemu_plugin_register_vcpu_tb_trans_exec_cb() - register execution callback
+ * @tb: the opaque qemu_plugin_tb handle for the translation
+ * @cb: callback function
+ * @flags: does the plugin read or write the CPU's registers?
+ * @userdata: any plugin data to pass to the @cb?
+ *
+ * The @cb function is called every time a translated unit executes.
+ */
+void qemu_plugin_register_vcpu_tb_exec_cb(struct qemu_plugin_tb *tb,
+ qemu_plugin_vcpu_udata_cb_t cb,
+ enum qemu_plugin_cb_flags flags,
+ void *userdata);
+
+enum qemu_plugin_op {
+ QEMU_PLUGIN_INLINE_ADD_U64,
+};
+
+/**
+ * qemu_plugin_register_vcpu_tb_trans_exec_inline() - execution inline op
+ * @tb: the opaque qemu_plugin_tb handle for the translation
+ * @op: the type of qemu_plugin_op (e.g. ADD_U64)
+ * @ptr: the target memory location for the op
+ * @imm: the op data (e.g. 1)
+ *
+ * Insert an inline op to every time a translated unit executes.
+ * Useful if you just want to increment a single counter somewhere in
+ * memory.
+ */
+void qemu_plugin_register_vcpu_tb_exec_inline(struct qemu_plugin_tb *tb,
+ enum qemu_plugin_op op,
+ void *ptr, uint64_t imm);
+
+/**
+ * qemu_plugin_register_vcpu_insn_exec_cb() - register insn execution cb
+ * @insn: the opaque qemu_plugin_insn handle for an instruction
+ * @cb: callback function
+ * @flags: does the plugin read or write the CPU's registers?
+ * @userdata: any plugin data to pass to the @cb?
+ *
+ * The @cb function is called every time an instruction is executed
+ */
+void qemu_plugin_register_vcpu_insn_exec_cb(struct qemu_plugin_insn *insn,
+ qemu_plugin_vcpu_udata_cb_t cb,
+ enum qemu_plugin_cb_flags flags,
+ void *userdata);
+
+/**
+ * qemu_plugin_register_vcpu_insn_exec_inline() - insn execution inline op
+ * @insn: the opaque qemu_plugin_insn handle for an instruction
+ * @cb: callback function
+ * @op: the type of qemu_plugin_op (e.g. ADD_U64)
+ * @ptr: the target memory location for the op
+ * @imm: the op data (e.g. 1)
+ *
+ * Insert an inline op to every time an instruction executes. Useful
+ * if you just want to increment a single counter somewhere in memory.
+ */
+void qemu_plugin_register_vcpu_insn_exec_inline(struct qemu_plugin_insn *insn,
+ enum qemu_plugin_op op,
+ void *ptr, uint64_t imm);
+
+/*
+ * Helpers to query information about the instructions in a block
+ */
+size_t qemu_plugin_tb_n_insns(const struct qemu_plugin_tb *tb);
+
+uint64_t qemu_plugin_tb_vaddr(const struct qemu_plugin_tb *tb);
+
+struct qemu_plugin_insn *
+qemu_plugin_tb_get_insn(const struct qemu_plugin_tb *tb, size_t idx);
+
+const void *qemu_plugin_insn_data(const struct qemu_plugin_insn *insn);
+
+size_t qemu_plugin_insn_size(const struct qemu_plugin_insn *insn);
+
+uint64_t qemu_plugin_insn_vaddr(const struct qemu_plugin_insn *insn);
+void *qemu_plugin_insn_haddr(const struct qemu_plugin_insn *insn);
+
+/*
+ * Memory Instrumentation
+ *
+ * The anonymous qemu_plugin_meminfo_t and qemu_plugin_hwaddr types
+ * can be used in queries to QEMU to get more information about a
+ * given memory access.
+ */
+typedef uint32_t qemu_plugin_meminfo_t;
+struct qemu_plugin_hwaddr;
+
+/* meminfo queries */
+unsigned int qemu_plugin_mem_size_shift(qemu_plugin_meminfo_t info);
+bool qemu_plugin_mem_is_sign_extended(qemu_plugin_meminfo_t info);
+bool qemu_plugin_mem_is_big_endian(qemu_plugin_meminfo_t info);
+bool qemu_plugin_mem_is_store(qemu_plugin_meminfo_t info);
+
+/*
+ * qemu_plugin_get_hwaddr():
+ * @vaddr: the virtual address of the memory operation
+ *
+ * For system emulation returns a qemu_plugin_hwaddr handle to query
+ * details about the actual physical address backing the virtual
+ * address. For linux-user guests it just returns NULL.
+ *
+ * This handle is *only* valid for the duration of the callback. Any
+ * information about the handle should be recovered before the
+ * callback returns.
+ */
+struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
+ uint64_t vaddr);
+
+bool qemu_plugin_hwaddr_is_io(struct qemu_plugin_hwaddr *hwaddr);
+uint64_t qemu_plugin_hwaddr_to_raddr(const struct qemu_plugin_hwaddr *haddr);
+
+typedef void
+(*qemu_plugin_vcpu_mem_cb_t)(unsigned int vcpu_index,
+ qemu_plugin_meminfo_t info, uint64_t vaddr,
+ void *userdata);
+
+void qemu_plugin_register_vcpu_mem_cb(struct qemu_plugin_insn *insn,
+ qemu_plugin_vcpu_mem_cb_t cb,
+ enum qemu_plugin_cb_flags flags,
+ enum qemu_plugin_mem_rw rw,
+ void *userdata);
+
+void qemu_plugin_register_vcpu_mem_inline(struct qemu_plugin_insn *insn,
+ enum qemu_plugin_mem_rw rw,
+ enum qemu_plugin_op op, void *ptr,
+ uint64_t imm);
+
+
+
+typedef void
+(*qemu_plugin_vcpu_syscall_cb_t)(qemu_plugin_id_t id, unsigned int vcpu_index,
+ int64_t num, uint64_t a1, uint64_t a2,
+ uint64_t a3, uint64_t a4, uint64_t a5,
+ uint64_t a6, uint64_t a7, uint64_t a8);
+
+void qemu_plugin_register_vcpu_syscall_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_syscall_cb_t cb);
+
+typedef void
+(*qemu_plugin_vcpu_syscall_ret_cb_t)(qemu_plugin_id_t id, unsigned int vcpu_idx,
+ int64_t num, int64_t ret);
+
+void
+qemu_plugin_register_vcpu_syscall_ret_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_syscall_ret_cb_t cb);
+
+
+/**
+ * qemu_plugin_vcpu_for_each() - iterate over the existing vCPU
+ * @id: plugin ID
+ * @cb: callback function
+ *
+ * The @cb function is called once for each existing vCPU.
+ *
+ * See also: qemu_plugin_register_vcpu_init_cb()
+ */
+void qemu_plugin_vcpu_for_each(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb);
+
+void qemu_plugin_register_flush_cb(qemu_plugin_id_t id,
+ qemu_plugin_simple_cb_t cb);
+
+void qemu_plugin_register_atexit_cb(qemu_plugin_id_t id,
+ qemu_plugin_udata_cb_t cb, void *userdata);
+
+/* returns -1 in user-mode */
+int qemu_plugin_n_vcpus(void);
+
+/* returns -1 in user-mode */
+int qemu_plugin_n_max_vcpus(void);
+
+#endif /* QEMU_PLUGIN_API_H */
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 08/55] plugin: add core code
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (6 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 07/55] plugin: add user-facing API Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 09/55] plugin: add implementation of the api Alex Bennée
` (47 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Eduardo Habkost, robert.foley, Richard Henderson, peter.puhov,
aaron, cota, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: moved directory and merged various fixes]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v3
- moved to plugins/
- merged
plugin: remove uninstall_cb_t and just use simple_cb_t
plugin: handle uninstall when !current_cpu
plugin: introduce qemu_plugin_reset
- split into core/loader
- use GArray/GByteArray/GPtrArray instead of homegrown funcs
v4
- document QEMU_PLUGIN_EV_MAX
- move qemu_plugin_ram_addr_from_host to api
- drop vcpu_index from trans cb
- s/plugin_dyn_cb_type/plugin_dyn_cb_subtype/ in qemu_plugin_dyn_cb
- remove haddr from memory hooks
- checkpatch fixes
v5
- fix up includes of hw/cpu.h
- added proper license and copyright headers
- restore commented out uninstall
---
Makefile | 9 +-
Makefile.target | 2 +
include/hw/core/cpu.h | 6 +
include/qemu/plugin.h | 255 +++++++++++++++++++++
plugins/Makefile.objs | 6 +
plugins/core.c | 504 ++++++++++++++++++++++++++++++++++++++++++
plugins/loader.c | 370 +++++++++++++++++++++++++++++++
plugins/plugin.h | 95 ++++++++
8 files changed, 1246 insertions(+), 1 deletion(-)
create mode 100644 include/qemu/plugin.h
create mode 100644 plugins/Makefile.objs
create mode 100644 plugins/core.c
create mode 100644 plugins/loader.c
create mode 100644 plugins/plugin.h
diff --git a/Makefile b/Makefile
index 30f0abfb42..15f4745cf3 100644
--- a/Makefile
+++ b/Makefile
@@ -846,7 +846,11 @@ endif
ICON_SIZES=16x16 24x24 32x32 48x48 64x64 128x128 256x256 512x512
-install: all $(if $(BUILD_DOCS),install-doc) install-datadir install-localstatedir \
+install-includedir:
+ $(INSTALL_DIR) "$(DESTDIR)$(includedir)"
+
+install: all $(if $(BUILD_DOCS),install-doc) \
+ install-datadir install-localstatedir install-includedir \
$(if $(INSTALL_BLOBS),$(edk2-decompressed)) \
recurse-install
ifneq ($(TOOLS),)
@@ -908,6 +912,9 @@ endif
"$(DESTDIR)$(qemu_desktopdir)/qemu.desktop"
ifdef CONFIG_GTK
$(MAKE) -C po $@
+endif
+ifeq ($(CONFIG_PLUGIN),y)
+ $(INSTALL_DATA) $(SRC_PATH)/include/qemu/qemu-plugin.h "$(DESTDIR)$(includedir)/qemu-plugin.h"
endif
$(INSTALL_DIR) "$(DESTDIR)$(qemu_datadir)/keymaps"
set -e; for x in $(KEYMAPS); do \
diff --git a/Makefile.target b/Makefile.target
index 5e916230c4..5de6c95efb 100644
--- a/Makefile.target
+++ b/Makefile.target
@@ -119,6 +119,8 @@ obj-y += disas.o
obj-$(call notempty,$(TARGET_XML_FILES)) += gdbstub-xml.o
LIBS := $(libs_cpu) $(LIBS)
+obj-$(CONFIG_PLUGIN) += plugins/
+
#########################################################
# Linux user emulator target
diff --git a/include/hw/core/cpu.h b/include/hw/core/cpu.h
index 07f2ab0590..e1c383ba84 100644
--- a/include/hw/core/cpu.h
+++ b/include/hw/core/cpu.h
@@ -29,6 +29,7 @@
#include "qemu/rcu_queue.h"
#include "qemu/queue.h"
#include "qemu/thread.h"
+#include "qemu/plugin.h"
typedef int (*WriteCoreDumpFunction)(const void *buf, size_t size,
void *opaque);
@@ -344,6 +345,7 @@ struct qemu_work_item;
* @trace_dstate_delayed: Delayed changes to trace_dstate (includes all changes
* to @trace_dstate).
* @trace_dstate: Dynamic tracing state of events for this vCPU (bitmask).
+ * @plugin_mask: Plugin event bitmap. Modified only via async work.
* @ignore_memory_transaction_failures: Cached copy of the MachineState
* flag of the same name: allows the board to suppress calling of the
* CPU do_transaction_failed hook function.
@@ -428,6 +430,10 @@ struct CPUState {
DECLARE_BITMAP(trace_dstate_delayed, CPU_TRACE_DSTATE_MAX_EVENTS);
DECLARE_BITMAP(trace_dstate, CPU_TRACE_DSTATE_MAX_EVENTS);
+ DECLARE_BITMAP(plugin_mask, QEMU_PLUGIN_EV_MAX);
+
+ GArray *plugin_mem_cbs;
+
/* TODO Move common fields from CPUArchState here. */
int cpu_index;
int cluster_index;
diff --git a/include/qemu/plugin.h b/include/qemu/plugin.h
new file mode 100644
index 0000000000..3c46a24166
--- /dev/null
+++ b/include/qemu/plugin.h
@@ -0,0 +1,255 @@
+/*
+ * Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#ifndef QEMU_PLUGIN_H
+#define QEMU_PLUGIN_H
+
+#include "qemu/config-file.h"
+#include "qemu/qemu-plugin.h"
+#include "qemu/error-report.h"
+#include "qemu/queue.h"
+#include "qemu/option.h"
+
+/*
+ * Option parsing/processing.
+ * Note that we can load an arbitrary number of plugins.
+ */
+struct qemu_plugin_desc;
+typedef QTAILQ_HEAD(, qemu_plugin_desc) QemuPluginList;
+
+#ifdef CONFIG_PLUGIN
+extern QemuOptsList qemu_plugin_opts;
+
+static inline void qemu_plugin_add_opts(void)
+{
+ qemu_add_opts(&qemu_plugin_opts);
+}
+
+void qemu_plugin_opt_parse(const char *optarg, QemuPluginList *head);
+int qemu_plugin_load_list(QemuPluginList *head);
+#else /* !CONFIG_PLUGIN */
+static inline void qemu_plugin_add_opts(void)
+{ }
+
+static inline void qemu_plugin_opt_parse(const char *optarg,
+ QemuPluginList *head)
+{
+ error_report("plugin interface not enabled in this build");
+ exit(1);
+}
+
+static inline int qemu_plugin_load_list(QemuPluginList *head)
+{
+ return 0;
+}
+#endif /* !CONFIG_PLUGIN */
+
+/*
+ * Events that plugins can subscribe to.
+ */
+enum qemu_plugin_event {
+ QEMU_PLUGIN_EV_VCPU_INIT,
+ QEMU_PLUGIN_EV_VCPU_EXIT,
+ QEMU_PLUGIN_EV_VCPU_TB_TRANS,
+ QEMU_PLUGIN_EV_VCPU_IDLE,
+ QEMU_PLUGIN_EV_VCPU_RESUME,
+ QEMU_PLUGIN_EV_VCPU_SYSCALL,
+ QEMU_PLUGIN_EV_VCPU_SYSCALL_RET,
+ QEMU_PLUGIN_EV_FLUSH,
+ QEMU_PLUGIN_EV_ATEXIT,
+ QEMU_PLUGIN_EV_MAX, /* total number of plugin events we support */
+};
+
+union qemu_plugin_cb_sig {
+ qemu_plugin_simple_cb_t simple;
+ qemu_plugin_udata_cb_t udata;
+ qemu_plugin_vcpu_simple_cb_t vcpu_simple;
+ qemu_plugin_vcpu_udata_cb_t vcpu_udata;
+ qemu_plugin_vcpu_tb_trans_cb_t vcpu_tb_trans;
+ qemu_plugin_vcpu_mem_cb_t vcpu_mem;
+ qemu_plugin_vcpu_syscall_cb_t vcpu_syscall;
+ qemu_plugin_vcpu_syscall_ret_cb_t vcpu_syscall_ret;
+ void *generic;
+};
+
+enum plugin_dyn_cb_type {
+ PLUGIN_CB_INSN,
+ PLUGIN_CB_MEM,
+ PLUGIN_N_CB_TYPES,
+};
+
+enum plugin_dyn_cb_subtype {
+ PLUGIN_CB_REGULAR,
+ PLUGIN_CB_INLINE,
+ PLUGIN_N_CB_SUBTYPES,
+};
+
+/*
+ * A dynamic callback has an insertion point that is determined at run-time.
+ * Usually the insertion point is somewhere in the code cache; think for
+ * instance of a callback to be called upon the execution of a particular TB.
+ */
+struct qemu_plugin_dyn_cb {
+ union qemu_plugin_cb_sig f;
+ void *userp;
+ unsigned tcg_flags;
+ enum plugin_dyn_cb_subtype type;
+ /* @rw applies to mem callbacks only (both regular and inline) */
+ enum qemu_plugin_mem_rw rw;
+ /* fields specific to each dyn_cb type go here */
+ union {
+ struct {
+ enum qemu_plugin_op op;
+ uint64_t imm;
+ } inline_insn;
+ };
+};
+
+struct qemu_plugin_insn {
+ GByteArray *data;
+ uint64_t vaddr;
+ void *haddr;
+ GArray *cbs[PLUGIN_N_CB_TYPES][PLUGIN_N_CB_SUBTYPES];
+ bool calls_helpers;
+ bool mem_helper;
+};
+
+/*
+ * qemu_plugin_insn allocate and cleanup functions. We don't expect to
+ * cleanup many of these structures. They are reused for each fresh
+ * translation.
+ */
+
+static inline void qemu_plugin_insn_cleanup_fn(gpointer data)
+{
+ struct qemu_plugin_insn *insn = (struct qemu_plugin_insn *) data;
+ g_byte_array_free(insn->data, true);
+}
+
+static inline struct qemu_plugin_insn * qemu_plugin_insn_alloc(void)
+{
+ int i, j;
+ struct qemu_plugin_insn *insn = g_new0(struct qemu_plugin_insn, 1);
+ insn->data = g_byte_array_sized_new(4);
+
+ for (i = 0; i < PLUGIN_N_CB_TYPES; i++) {
+ for (j = 0; j < PLUGIN_N_CB_SUBTYPES; j++) {
+ insn->cbs[i][j] = g_array_new(false, false,
+ sizeof(struct qemu_plugin_dyn_cb));
+ }
+ }
+ return insn;
+}
+
+struct qemu_plugin_tb {
+ GPtrArray *insns;
+ size_t n;
+ uint64_t vaddr;
+ uint64_t vaddr2;
+ void *haddr1;
+ void *haddr2;
+ GArray *cbs[PLUGIN_N_CB_SUBTYPES];
+};
+
+/**
+ * qemu_plugin_tb_insn_get(): get next plugin record for translation.
+ *
+ */
+static inline
+struct qemu_plugin_insn *qemu_plugin_tb_insn_get(struct qemu_plugin_tb *tb)
+{
+ struct qemu_plugin_insn *insn;
+ int i, j;
+
+ if (unlikely(tb->n == tb->insns->len)) {
+ struct qemu_plugin_insn *new_insn = qemu_plugin_insn_alloc();
+ g_ptr_array_add(tb->insns, new_insn);
+ }
+ insn = g_ptr_array_index(tb->insns, tb->n++);
+ g_byte_array_set_size(insn->data, 0);
+ insn->calls_helpers = false;
+ insn->mem_helper = false;
+
+ for (i = 0; i < PLUGIN_N_CB_TYPES; i++) {
+ for (j = 0; j < PLUGIN_N_CB_SUBTYPES; j++) {
+ g_array_set_size(insn->cbs[i][j], 0);
+ }
+ }
+
+ return insn;
+}
+
+#ifdef CONFIG_PLUGIN
+
+void qemu_plugin_vcpu_init_hook(CPUState *cpu);
+void qemu_plugin_vcpu_exit_hook(CPUState *cpu);
+void qemu_plugin_tb_trans_cb(CPUState *cpu, struct qemu_plugin_tb *tb);
+void qemu_plugin_vcpu_idle_cb(CPUState *cpu);
+void qemu_plugin_vcpu_resume_cb(CPUState *cpu);
+void
+qemu_plugin_vcpu_syscall(CPUState *cpu, int64_t num, uint64_t a1,
+ uint64_t a2, uint64_t a3, uint64_t a4, uint64_t a5,
+ uint64_t a6, uint64_t a7, uint64_t a8);
+void qemu_plugin_vcpu_syscall_ret(CPUState *cpu, int64_t num, int64_t ret);
+
+void qemu_plugin_vcpu_mem_cb(CPUState *cpu, uint64_t vaddr, uint32_t meminfo);
+
+void qemu_plugin_flush_cb(void);
+
+void qemu_plugin_atexit_cb(void);
+
+void qemu_plugin_add_dyn_cb_arr(GArray *arr);
+
+void qemu_plugin_disable_mem_helpers(CPUState *cpu);
+
+#else /* !CONFIG_PLUGIN */
+
+static inline void qemu_plugin_vcpu_init_hook(CPUState *cpu)
+{ }
+
+static inline void qemu_plugin_vcpu_exit_hook(CPUState *cpu)
+{ }
+
+static inline void qemu_plugin_tb_trans_cb(CPUState *cpu,
+ struct qemu_plugin_tb *tb)
+{ }
+
+static inline void qemu_plugin_vcpu_idle_cb(CPUState *cpu)
+{ }
+
+static inline void qemu_plugin_vcpu_resume_cb(CPUState *cpu)
+{ }
+
+static inline void
+qemu_plugin_vcpu_syscall(CPUState *cpu, int64_t num, uint64_t a1, uint64_t a2,
+ uint64_t a3, uint64_t a4, uint64_t a5, uint64_t a6,
+ uint64_t a7, uint64_t a8)
+{ }
+
+static inline
+void qemu_plugin_vcpu_syscall_ret(CPUState *cpu, int64_t num, int64_t ret)
+{ }
+
+static inline void qemu_plugin_vcpu_mem_cb(CPUState *cpu, uint64_t vaddr,
+ uint32_t meminfo)
+{ }
+
+static inline void qemu_plugin_flush_cb(void)
+{ }
+
+static inline void qemu_plugin_atexit_cb(void)
+{ }
+
+static inline
+void qemu_plugin_add_dyn_cb_arr(GArray *arr)
+{ }
+
+static inline void qemu_plugin_disable_mem_helpers(CPUState *cpu)
+{ }
+
+#endif /* !CONFIG_PLUGIN */
+
+#endif /* QEMU_PLUGIN_H */
diff --git a/plugins/Makefile.objs b/plugins/Makefile.objs
new file mode 100644
index 0000000000..58940335bc
--- /dev/null
+++ b/plugins/Makefile.objs
@@ -0,0 +1,6 @@
+#
+# Plugin Support
+#
+
+obj-y += loader.o
+obj-y += core.o
diff --git a/plugins/core.c b/plugins/core.c
new file mode 100644
index 0000000000..168f673bc9
--- /dev/null
+++ b/plugins/core.c
@@ -0,0 +1,504 @@
+/*
+ * QEMU Plugin Core code
+ *
+ * This is the core code that deals with injecting instrumentation into the code
+ *
+ * Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ * Copyright (C) 2019, Linaro
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "qemu/config-file.h"
+#include "qapi/error.h"
+#include "qemu/option.h"
+#include "qemu/rcu_queue.h"
+#include "qemu/xxhash.h"
+#include "qemu/rcu.h"
+#include "hw/core/cpu.h"
+#include "exec/cpu-common.h"
+#include <dlfcn.h>
+
+#include "cpu.h"
+#include "exec/exec-all.h"
+#include "exec/helper-proto.h"
+#include "sysemu/sysemu.h"
+#include "tcg/tcg.h"
+#include "tcg/tcg-op.h"
+#include "trace/mem-internal.h" /* mem_info macros */
+#include "plugin.h"
+
+struct qemu_plugin_cb {
+ struct qemu_plugin_ctx *ctx;
+ union qemu_plugin_cb_sig f;
+ void *udata;
+ QLIST_ENTRY(qemu_plugin_cb) entry;
+};
+
+QLIST_HEAD(qemu_plugin_cb_head, qemu_plugin_cb);
+
+struct qemu_plugin_state plugin;
+
+struct qemu_plugin_ctx *plugin_id_to_ctx_locked(qemu_plugin_id_t id)
+{
+ struct qemu_plugin_ctx *ctx;
+ qemu_plugin_id_t *id_p;
+
+ id_p = g_hash_table_lookup(plugin.id_ht, &id);
+ ctx = container_of(id_p, struct qemu_plugin_ctx, id);
+ if (ctx == NULL) {
+ error_report("plugin: invalid plugin id %" PRIu64, id);
+ abort();
+ }
+ return ctx;
+}
+
+static void plugin_cpu_update__async(CPUState *cpu, run_on_cpu_data data)
+{
+ bitmap_copy(cpu->plugin_mask, &data.host_ulong, QEMU_PLUGIN_EV_MAX);
+ cpu_tb_jmp_cache_clear(cpu);
+}
+
+static void plugin_cpu_update__locked(gpointer k, gpointer v, gpointer udata)
+{
+ CPUState *cpu = container_of(k, CPUState, cpu_index);
+ run_on_cpu_data mask = RUN_ON_CPU_HOST_ULONG(*plugin.mask);
+
+ if (cpu->created) {
+ async_run_on_cpu(cpu, plugin_cpu_update__async, mask);
+ } else {
+ plugin_cpu_update__async(cpu, mask);
+ }
+}
+
+void plugin_unregister_cb__locked(struct qemu_plugin_ctx *ctx,
+ enum qemu_plugin_event ev)
+{
+ struct qemu_plugin_cb *cb = ctx->callbacks[ev];
+
+ if (cb == NULL) {
+ return;
+ }
+ QLIST_REMOVE_RCU(cb, entry);
+ g_free(cb);
+ ctx->callbacks[ev] = NULL;
+ if (QLIST_EMPTY_RCU(&plugin.cb_lists[ev])) {
+ clear_bit(ev, plugin.mask);
+ g_hash_table_foreach(plugin.cpu_ht, plugin_cpu_update__locked, NULL);
+ }
+}
+
+static void plugin_vcpu_cb__simple(CPUState *cpu, enum qemu_plugin_event ev)
+{
+ struct qemu_plugin_cb *cb, *next;
+
+ switch (ev) {
+ case QEMU_PLUGIN_EV_VCPU_INIT:
+ case QEMU_PLUGIN_EV_VCPU_EXIT:
+ case QEMU_PLUGIN_EV_VCPU_IDLE:
+ case QEMU_PLUGIN_EV_VCPU_RESUME:
+ /* iterate safely; plugins might uninstall themselves at any time */
+ QLIST_FOREACH_SAFE_RCU(cb, &plugin.cb_lists[ev], entry, next) {
+ qemu_plugin_vcpu_simple_cb_t func = cb->f.vcpu_simple;
+
+ func(cb->ctx->id, cpu->cpu_index);
+ }
+ break;
+ default:
+ g_assert_not_reached();
+ }
+}
+
+static void plugin_cb__simple(enum qemu_plugin_event ev)
+{
+ struct qemu_plugin_cb *cb, *next;
+
+ switch (ev) {
+ case QEMU_PLUGIN_EV_FLUSH:
+ QLIST_FOREACH_SAFE_RCU(cb, &plugin.cb_lists[ev], entry, next) {
+ qemu_plugin_simple_cb_t func = cb->f.simple;
+
+ func(cb->ctx->id);
+ }
+ break;
+ default:
+ g_assert_not_reached();
+ }
+}
+
+static void plugin_cb__udata(enum qemu_plugin_event ev)
+{
+ struct qemu_plugin_cb *cb, *next;
+
+ switch (ev) {
+ case QEMU_PLUGIN_EV_ATEXIT:
+ QLIST_FOREACH_SAFE_RCU(cb, &plugin.cb_lists[ev], entry, next) {
+ qemu_plugin_udata_cb_t func = cb->f.udata;
+
+ func(cb->ctx->id, cb->udata);
+ }
+ break;
+ default:
+ g_assert_not_reached();
+ }
+}
+
+static void
+do_plugin_register_cb(qemu_plugin_id_t id, enum qemu_plugin_event ev,
+ void *func, void *udata)
+{
+ struct qemu_plugin_ctx *ctx;
+
+ qemu_rec_mutex_lock(&plugin.lock);
+ ctx = plugin_id_to_ctx_locked(id);
+ /* if the plugin is on its way out, ignore this request */
+ if (unlikely(ctx->uninstalling)) {
+ goto out_unlock;
+ }
+ if (func) {
+ struct qemu_plugin_cb *cb = ctx->callbacks[ev];
+
+ if (cb) {
+ cb->f.generic = func;
+ cb->udata = udata;
+ } else {
+ cb = g_new(struct qemu_plugin_cb, 1);
+ cb->ctx = ctx;
+ cb->f.generic = func;
+ cb->udata = udata;
+ ctx->callbacks[ev] = cb;
+ QLIST_INSERT_HEAD_RCU(&plugin.cb_lists[ev], cb, entry);
+ if (!test_bit(ev, plugin.mask)) {
+ set_bit(ev, plugin.mask);
+ g_hash_table_foreach(plugin.cpu_ht, plugin_cpu_update__locked,
+ NULL);
+ }
+ }
+ } else {
+ plugin_unregister_cb__locked(ctx, ev);
+ }
+ out_unlock:
+ qemu_rec_mutex_unlock(&plugin.lock);
+}
+
+void plugin_register_cb(qemu_plugin_id_t id, enum qemu_plugin_event ev,
+ void *func)
+{
+ do_plugin_register_cb(id, ev, func, NULL);
+}
+
+void
+plugin_register_cb_udata(qemu_plugin_id_t id, enum qemu_plugin_event ev,
+ void *func, void *udata)
+{
+ do_plugin_register_cb(id, ev, func, udata);
+}
+
+void qemu_plugin_vcpu_init_hook(CPUState *cpu)
+{
+ bool success;
+
+ qemu_rec_mutex_lock(&plugin.lock);
+ plugin_cpu_update__locked(&cpu->cpu_index, NULL, NULL);
+ success = g_hash_table_insert(plugin.cpu_ht, &cpu->cpu_index,
+ &cpu->cpu_index);
+ g_assert(success);
+ qemu_rec_mutex_unlock(&plugin.lock);
+
+ plugin_vcpu_cb__simple(cpu, QEMU_PLUGIN_EV_VCPU_INIT);
+}
+
+void qemu_plugin_vcpu_exit_hook(CPUState *cpu)
+{
+ bool success;
+
+ plugin_vcpu_cb__simple(cpu, QEMU_PLUGIN_EV_VCPU_EXIT);
+
+ qemu_rec_mutex_lock(&plugin.lock);
+ success = g_hash_table_remove(plugin.cpu_ht, &cpu->cpu_index);
+ g_assert(success);
+ qemu_rec_mutex_unlock(&plugin.lock);
+}
+
+struct plugin_for_each_args {
+ struct qemu_plugin_ctx *ctx;
+ qemu_plugin_vcpu_simple_cb_t cb;
+};
+
+static void plugin_vcpu_for_each(gpointer k, gpointer v, gpointer udata)
+{
+ struct plugin_for_each_args *args = udata;
+ int cpu_index = *(int *)k;
+
+ args->cb(args->ctx->id, cpu_index);
+}
+
+void qemu_plugin_vcpu_for_each(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb)
+{
+ struct plugin_for_each_args args;
+
+ if (cb == NULL) {
+ return;
+ }
+ qemu_rec_mutex_lock(&plugin.lock);
+ args.ctx = plugin_id_to_ctx_locked(id);
+ args.cb = cb;
+ g_hash_table_foreach(plugin.cpu_ht, plugin_vcpu_for_each, &args);
+ qemu_rec_mutex_unlock(&plugin.lock);
+}
+
+/* Allocate and return a callback record */
+static struct qemu_plugin_dyn_cb *plugin_get_dyn_cb(GArray **arr)
+{
+ GArray *cbs = *arr;
+
+ if (!cbs) {
+ cbs = g_array_sized_new(false, false, sizeof(struct qemu_plugin_dyn_cb), 1);
+ *arr = cbs;
+ }
+
+ g_array_set_size(cbs, cbs->len + 1);
+ return &g_array_index(cbs, struct qemu_plugin_dyn_cb, cbs->len - 1);
+}
+
+void plugin_register_inline_op(GArray **arr,
+ enum qemu_plugin_mem_rw rw,
+ enum qemu_plugin_op op, void *ptr,
+ uint64_t imm)
+{
+ struct qemu_plugin_dyn_cb *dyn_cb;
+
+ dyn_cb = plugin_get_dyn_cb(arr);
+ dyn_cb->userp = ptr;
+ dyn_cb->type = PLUGIN_CB_INLINE;
+ dyn_cb->rw = rw;
+ dyn_cb->inline_insn.op = op;
+ dyn_cb->inline_insn.imm = imm;
+}
+
+static inline uint32_t cb_to_tcg_flags(enum qemu_plugin_cb_flags flags)
+{
+ uint32_t ret;
+
+ switch (flags) {
+ case QEMU_PLUGIN_CB_RW_REGS:
+ ret = 0;
+ case QEMU_PLUGIN_CB_R_REGS:
+ ret = TCG_CALL_NO_WG;
+ break;
+ case QEMU_PLUGIN_CB_NO_REGS:
+ default:
+ ret = TCG_CALL_NO_RWG;
+ }
+ return ret;
+}
+
+inline void
+plugin_register_dyn_cb__udata(GArray **arr,
+ qemu_plugin_vcpu_udata_cb_t cb,
+ enum qemu_plugin_cb_flags flags, void *udata)
+{
+ struct qemu_plugin_dyn_cb *dyn_cb = plugin_get_dyn_cb(arr);
+
+ dyn_cb->userp = udata;
+ dyn_cb->tcg_flags = cb_to_tcg_flags(flags);
+ dyn_cb->f.vcpu_udata = cb;
+ dyn_cb->type = PLUGIN_CB_REGULAR;
+}
+
+void plugin_register_vcpu_mem_cb(GArray **arr,
+ void *cb,
+ enum qemu_plugin_cb_flags flags,
+ enum qemu_plugin_mem_rw rw,
+ void *udata)
+{
+ struct qemu_plugin_dyn_cb *dyn_cb;
+
+ dyn_cb = plugin_get_dyn_cb(arr);
+ dyn_cb->userp = udata;
+ dyn_cb->tcg_flags = cb_to_tcg_flags(flags);
+ dyn_cb->type = PLUGIN_CB_REGULAR;
+ dyn_cb->rw = rw;
+ dyn_cb->f.generic = cb;
+}
+
+void qemu_plugin_tb_trans_cb(CPUState *cpu, struct qemu_plugin_tb *tb)
+{
+ struct qemu_plugin_cb *cb, *next;
+ enum qemu_plugin_event ev = QEMU_PLUGIN_EV_VCPU_TB_TRANS;
+
+ /* no plugin_mask check here; caller should have checked */
+
+ QLIST_FOREACH_SAFE_RCU(cb, &plugin.cb_lists[ev], entry, next) {
+ qemu_plugin_vcpu_tb_trans_cb_t func = cb->f.vcpu_tb_trans;
+
+ func(cb->ctx->id, tb);
+ }
+}
+
+void
+qemu_plugin_vcpu_syscall(CPUState *cpu, int64_t num, uint64_t a1, uint64_t a2,
+ uint64_t a3, uint64_t a4, uint64_t a5,
+ uint64_t a6, uint64_t a7, uint64_t a8)
+{
+ struct qemu_plugin_cb *cb, *next;
+ enum qemu_plugin_event ev = QEMU_PLUGIN_EV_VCPU_SYSCALL;
+
+ if (!test_bit(ev, cpu->plugin_mask)) {
+ return;
+ }
+
+ QLIST_FOREACH_SAFE_RCU(cb, &plugin.cb_lists[ev], entry, next) {
+ qemu_plugin_vcpu_syscall_cb_t func = cb->f.vcpu_syscall;
+
+ func(cb->ctx->id, cpu->cpu_index, num, a1, a2, a3, a4, a5, a6, a7, a8);
+ }
+}
+
+void qemu_plugin_vcpu_syscall_ret(CPUState *cpu, int64_t num, int64_t ret)
+{
+ struct qemu_plugin_cb *cb, *next;
+ enum qemu_plugin_event ev = QEMU_PLUGIN_EV_VCPU_SYSCALL_RET;
+
+ if (!test_bit(ev, cpu->plugin_mask)) {
+ return;
+ }
+
+ QLIST_FOREACH_SAFE_RCU(cb, &plugin.cb_lists[ev], entry, next) {
+ qemu_plugin_vcpu_syscall_ret_cb_t func = cb->f.vcpu_syscall_ret;
+
+ func(cb->ctx->id, cpu->cpu_index, num, ret);
+ }
+}
+
+void qemu_plugin_vcpu_idle_cb(CPUState *cpu)
+{
+ plugin_vcpu_cb__simple(cpu, QEMU_PLUGIN_EV_VCPU_IDLE);
+}
+
+void qemu_plugin_vcpu_resume_cb(CPUState *cpu)
+{
+ plugin_vcpu_cb__simple(cpu, QEMU_PLUGIN_EV_VCPU_RESUME);
+}
+
+void qemu_plugin_register_vcpu_idle_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_IDLE, cb);
+}
+
+void qemu_plugin_register_vcpu_resume_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_RESUME, cb);
+}
+
+void qemu_plugin_register_flush_cb(qemu_plugin_id_t id,
+ qemu_plugin_simple_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_FLUSH, cb);
+}
+
+static bool free_dyn_cb_arr(void *p, uint32_t h, void *userp)
+{
+ g_array_free((GArray *) p, true);
+ return true;
+}
+
+void qemu_plugin_flush_cb(void)
+{
+ qht_iter_remove(&plugin.dyn_cb_arr_ht, free_dyn_cb_arr, NULL);
+ qht_reset(&plugin.dyn_cb_arr_ht);
+
+ plugin_cb__simple(QEMU_PLUGIN_EV_FLUSH);
+}
+
+void exec_inline_op(struct qemu_plugin_dyn_cb *cb)
+{
+ uint64_t *val = cb->userp;
+
+ switch (cb->inline_insn.op) {
+ case QEMU_PLUGIN_INLINE_ADD_U64:
+ *val += cb->inline_insn.imm;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+}
+
+void qemu_plugin_vcpu_mem_cb(CPUState *cpu, uint64_t vaddr, uint32_t info)
+{
+ GArray *arr = cpu->plugin_mem_cbs;
+ size_t i;
+
+ if (arr == NULL) {
+ return;
+ }
+ for (i = 0; i < arr->len; i++) {
+ struct qemu_plugin_dyn_cb *cb =
+ &g_array_index(arr, struct qemu_plugin_dyn_cb, i);
+ int w = !!(info & TRACE_MEM_ST) + 1;
+
+ if (!(w & cb->rw)) {
+ break;
+ }
+ switch (cb->type) {
+ case PLUGIN_CB_REGULAR:
+ cb->f.vcpu_mem(cpu->cpu_index, info, vaddr, cb->userp);
+ break;
+ case PLUGIN_CB_INLINE:
+ exec_inline_op(cb);
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ }
+}
+
+void qemu_plugin_atexit_cb(void)
+{
+ plugin_cb__udata(QEMU_PLUGIN_EV_ATEXIT);
+}
+
+void qemu_plugin_register_atexit_cb(qemu_plugin_id_t id,
+ qemu_plugin_udata_cb_t cb,
+ void *udata)
+{
+ plugin_register_cb_udata(id, QEMU_PLUGIN_EV_ATEXIT, cb, udata);
+}
+
+/*
+ * Call this function after longjmp'ing to the main loop. It's possible that the
+ * last instruction of a TB might have used helpers, and therefore the
+ * "disable" instruction will never execute because it ended up as dead code.
+ */
+void qemu_plugin_disable_mem_helpers(CPUState *cpu)
+{
+ cpu->plugin_mem_cbs = NULL;
+}
+
+static bool plugin_dyn_cb_arr_cmp(const void *ap, const void *bp)
+{
+ return ap == bp;
+}
+
+static void __attribute__((__constructor__)) plugin_init(void)
+{
+ int i;
+
+ for (i = 0; i < QEMU_PLUGIN_EV_MAX; i++) {
+ QLIST_INIT(&plugin.cb_lists[i]);
+ }
+ qemu_rec_mutex_init(&plugin.lock);
+ plugin.id_ht = g_hash_table_new(g_int64_hash, g_int64_equal);
+ plugin.cpu_ht = g_hash_table_new(g_int_hash, g_int_equal);
+ QTAILQ_INIT(&plugin.ctxs);
+ qht_init(&plugin.dyn_cb_arr_ht, plugin_dyn_cb_arr_cmp, 16,
+ QHT_MODE_AUTO_RESIZE);
+ atexit(qemu_plugin_atexit_cb);
+}
diff --git a/plugins/loader.c b/plugins/loader.c
new file mode 100644
index 0000000000..5de5cff8e3
--- /dev/null
+++ b/plugins/loader.c
@@ -0,0 +1,370 @@
+/*
+ * QEMU Plugin Core Loader Code
+ *
+ * This is the code responsible for loading and unloading the plugins.
+ * Aside from the basic housekeeping tasks we also need to ensure any
+ * generated code is flushed when we remove a plugin so we cannot end
+ * up calling and unloaded helper function.
+ *
+ * Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ * Copyright (C) 2019, Linaro
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/error-report.h"
+#include "qemu/config-file.h"
+#include "qapi/error.h"
+#include "qemu/option.h"
+#include "qemu/rcu_queue.h"
+#include "qemu/qht.h"
+#include "qemu/bitmap.h"
+#include "qemu/xxhash.h"
+#include "qemu/plugin.h"
+#include <dlfcn.h>
+#include "hw/core/cpu.h"
+#include "cpu.h"
+#include "exec/exec-all.h"
+
+#include "plugin.h"
+
+/*
+ * For convenience we use a bitmap for plugin.mask, but really all we need is a
+ * u32, which is what we store in TranslationBlock.
+ */
+QEMU_BUILD_BUG_ON(QEMU_PLUGIN_EV_MAX > 32);
+
+struct qemu_plugin_desc {
+ char *path;
+ char **argv;
+ QTAILQ_ENTRY(qemu_plugin_desc) entry;
+ int argc;
+};
+
+struct qemu_plugin_parse_arg {
+ QemuPluginList *head;
+ struct qemu_plugin_desc *curr;
+};
+
+QemuOptsList qemu_plugin_opts = {
+ .name = "plugin",
+ .implied_opt_name = "file",
+ .head = QTAILQ_HEAD_INITIALIZER(qemu_plugin_opts.head),
+ .desc = {
+ /* do our own parsing to support multiple plugins */
+ { /* end of list */ }
+ },
+};
+
+typedef int (*qemu_plugin_install_func_t)(qemu_plugin_id_t, int, char **);
+
+extern struct qemu_plugin_state plugin;
+
+void qemu_plugin_add_dyn_cb_arr(GArray *arr)
+{
+ uint32_t hash = qemu_xxhash2((uint64_t)(uintptr_t)arr);
+ bool inserted;
+
+ inserted = qht_insert(&plugin.dyn_cb_arr_ht, arr, hash, NULL);
+ g_assert(inserted);
+}
+
+static struct qemu_plugin_desc *plugin_find_desc(QemuPluginList *head,
+ const char *path)
+{
+ struct qemu_plugin_desc *desc;
+
+ QTAILQ_FOREACH(desc, head, entry) {
+ if (strcmp(desc->path, path) == 0) {
+ return desc;
+ }
+ }
+ return NULL;
+}
+
+static int plugin_add(void *opaque, const char *name, const char *value,
+ Error **errp)
+{
+ struct qemu_plugin_parse_arg *arg = opaque;
+ struct qemu_plugin_desc *p;
+
+ if (strcmp(name, "file") == 0) {
+ if (strcmp(value, "") == 0) {
+ error_setg(errp, "requires a non-empty argument");
+ return 1;
+ }
+ p = plugin_find_desc(arg->head, value);
+ if (p == NULL) {
+ p = g_new0(struct qemu_plugin_desc, 1);
+ p->path = g_strdup(value);
+ QTAILQ_INSERT_TAIL(arg->head, p, entry);
+ }
+ arg->curr = p;
+ } else if (strcmp(name, "arg") == 0) {
+ if (arg->curr == NULL) {
+ error_setg(errp, "missing earlier '-plugin file=' option");
+ return 1;
+ }
+ p = arg->curr;
+ p->argc++;
+ p->argv = g_realloc_n(p->argv, p->argc, sizeof(char *));
+ p->argv[p->argc - 1] = g_strdup(value);
+ } else {
+ error_setg(errp, "-plugin: unexpected parameter '%s'; ignored", name);
+ }
+ return 0;
+}
+
+void qemu_plugin_opt_parse(const char *optarg, QemuPluginList *head)
+{
+ struct qemu_plugin_parse_arg arg;
+ QemuOpts *opts;
+
+ opts = qemu_opts_parse_noisily(qemu_find_opts("plugin"), optarg, true);
+ if (opts == NULL) {
+ exit(1);
+ }
+ arg.head = head;
+ arg.curr = NULL;
+ qemu_opt_foreach(opts, plugin_add, &arg, &error_fatal);
+ qemu_opts_del(opts);
+}
+
+/*
+ * From: https://en.wikipedia.org/wiki/Xorshift
+ * This is faster than rand_r(), and gives us a wider range (RAND_MAX is only
+ * guaranteed to be >= INT_MAX).
+ */
+static uint64_t xorshift64star(uint64_t x)
+{
+ x ^= x >> 12; /* a */
+ x ^= x << 25; /* b */
+ x ^= x >> 27; /* c */
+ return x * UINT64_C(2685821657736338717);
+}
+
+static int plugin_load(struct qemu_plugin_desc *desc)
+{
+ qemu_plugin_install_func_t install;
+ struct qemu_plugin_ctx *ctx;
+ char *err;
+ int rc;
+
+ ctx = qemu_memalign(qemu_dcache_linesize, sizeof(*ctx));
+ memset(ctx, 0, sizeof(*ctx));
+ ctx->desc = desc;
+
+ ctx->handle = dlopen(desc->path, RTLD_NOW);
+ if (ctx->handle == NULL) {
+ error_report("%s: %s", __func__, dlerror());
+ goto err_dlopen;
+ }
+
+ /* clear any previous dlerror, call dlsym, then check dlerror */
+ dlerror();
+ install = dlsym(ctx->handle, "qemu_plugin_install");
+ err = dlerror();
+ if (err) {
+ error_report("%s: %s", __func__, err);
+ goto err_symbol;
+ }
+ /* symbol was found; it could be NULL though */
+ if (install == NULL) {
+ error_report("%s: %s: qemu_plugin_install is NULL",
+ __func__, desc->path);
+ goto err_symbol;
+ }
+
+ qemu_rec_mutex_lock(&plugin.lock);
+
+ /* find an unused random id with &ctx as the seed */
+ ctx->id = (uint64_t)(uintptr_t)ctx;
+ for (;;) {
+ void *existing;
+
+ ctx->id = xorshift64star(ctx->id);
+ existing = g_hash_table_lookup(plugin.id_ht, &ctx->id);
+ if (likely(existing == NULL)) {
+ bool success;
+
+ success = g_hash_table_insert(plugin.id_ht, &ctx->id, &ctx->id);
+ g_assert(success);
+ break;
+ }
+ }
+ QTAILQ_INSERT_TAIL(&plugin.ctxs, ctx, entry);
+ ctx->installing = true;
+ rc = install(ctx->id, desc->argc, desc->argv);
+ ctx->installing = false;
+ if (rc) {
+ error_report("%s: qemu_plugin_install returned error code %d",
+ __func__, rc);
+ /*
+ * we cannot rely on the plugin doing its own cleanup, so
+ * call a full uninstall if the plugin did not yet call it.
+ */
+ if (!ctx->uninstalling) {
+ qemu_plugin_uninstall(ctx->id, NULL);
+ }
+ }
+
+ qemu_rec_mutex_unlock(&plugin.lock);
+ return rc;
+
+ err_symbol:
+ if (dlclose(ctx->handle)) {
+ warn_report("%s: %s", __func__, dlerror());
+ }
+ err_dlopen:
+ qemu_vfree(ctx);
+ return 1;
+}
+
+/* call after having removed @desc from the list */
+static void plugin_desc_free(struct qemu_plugin_desc *desc)
+{
+ int i;
+
+ for (i = 0; i < desc->argc; i++) {
+ g_free(desc->argv[i]);
+ }
+ g_free(desc->argv);
+ g_free(desc->path);
+ g_free(desc);
+}
+
+/**
+ * qemu_plugin_load_list - load a list of plugins
+ * @head: head of the list of descriptors of the plugins to be loaded
+ *
+ * Returns 0 if all plugins in the list are installed, !0 otherwise.
+ *
+ * Note: the descriptor of each successfully installed plugin is removed
+ * from the list given by @head.
+ */
+int qemu_plugin_load_list(QemuPluginList *head)
+{
+ struct qemu_plugin_desc *desc, *next;
+
+ QTAILQ_FOREACH_SAFE(desc, head, entry, next) {
+ int err;
+
+ err = plugin_load(desc);
+ if (err) {
+ return err;
+ }
+ QTAILQ_REMOVE(head, desc, entry);
+ }
+ return 0;
+}
+
+struct qemu_plugin_reset_data {
+ struct qemu_plugin_ctx *ctx;
+ qemu_plugin_simple_cb_t cb;
+ bool reset;
+};
+
+static void plugin_reset_destroy__locked(struct qemu_plugin_reset_data *data)
+{
+ struct qemu_plugin_ctx *ctx = data->ctx;
+ enum qemu_plugin_event ev;
+ bool success;
+
+ /*
+ * After updating the subscription lists there is no need to wait for an RCU
+ * grace period to elapse, because right now we either are in a "safe async"
+ * work environment (i.e. all vCPUs are asleep), or no vCPUs have yet been
+ * created.
+ */
+ for (ev = 0; ev < QEMU_PLUGIN_EV_MAX; ev++) {
+ plugin_unregister_cb__locked(ctx, ev);
+ }
+
+ if (data->reset) {
+ g_assert(ctx->resetting);
+ if (data->cb) {
+ data->cb(ctx->id);
+ }
+ ctx->resetting = false;
+ g_free(data);
+ return;
+ }
+
+ g_assert(ctx->uninstalling);
+ /* we cannot dlclose if we are going to return to plugin code */
+ if (ctx->installing) {
+ error_report("Calling qemu_plugin_uninstall from the install function "
+ "is a bug. Instead, return !0 from the install function.");
+ abort();
+ }
+
+ success = g_hash_table_remove(plugin.id_ht, &ctx->id);
+ g_assert(success);
+ QTAILQ_REMOVE(&plugin.ctxs, ctx, entry);
+ if (data->cb) {
+ data->cb(ctx->id);
+ }
+ if (dlclose(ctx->handle)) {
+ warn_report("%s: %s", __func__, dlerror());
+ }
+ plugin_desc_free(ctx->desc);
+ qemu_vfree(ctx);
+ g_free(data);
+}
+
+static void plugin_reset_destroy(struct qemu_plugin_reset_data *data)
+{
+ qemu_rec_mutex_lock(&plugin.lock);
+ plugin_reset_destroy__locked(data);
+ qemu_rec_mutex_lock(&plugin.lock);
+}
+
+static void plugin_flush_destroy(CPUState *cpu, run_on_cpu_data arg)
+{
+ struct qemu_plugin_reset_data *data = arg.host_ptr;
+
+ g_assert(cpu_in_exclusive_context(cpu));
+ tb_flush(cpu);
+ plugin_reset_destroy(data);
+}
+
+void plugin_reset_uninstall(qemu_plugin_id_t id,
+ qemu_plugin_simple_cb_t cb,
+ bool reset)
+{
+ struct qemu_plugin_reset_data *data;
+ struct qemu_plugin_ctx *ctx;
+
+ qemu_rec_mutex_lock(&plugin.lock);
+ ctx = plugin_id_to_ctx_locked(id);
+ if (ctx->uninstalling || (reset && ctx->resetting)) {
+ qemu_rec_mutex_unlock(&plugin.lock);
+ return;
+ }
+ ctx->resetting = reset;
+ ctx->uninstalling = !reset;
+ qemu_rec_mutex_unlock(&plugin.lock);
+
+ data = g_new(struct qemu_plugin_reset_data, 1);
+ data->ctx = ctx;
+ data->cb = cb;
+ data->reset = reset;
+ /*
+ * Only flush the code cache if the vCPUs have been created. If so,
+ * current_cpu must be non-NULL.
+ */
+ if (current_cpu) {
+ async_safe_run_on_cpu(current_cpu, plugin_flush_destroy,
+ RUN_ON_CPU_HOST_PTR(data));
+ } else {
+ /*
+ * If current_cpu isn't set, then we don't have yet any vCPU threads
+ * and we therefore can remove the callbacks synchronously.
+ */
+ plugin_reset_destroy(data);
+ }
+}
diff --git a/plugins/plugin.h b/plugins/plugin.h
new file mode 100644
index 0000000000..641f006dd7
--- /dev/null
+++ b/plugins/plugin.h
@@ -0,0 +1,95 @@
+/*
+ * Plugin Shared Internal Functions
+ *
+ * Copyright (C) 2019, Linaro
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef _PLUGIN_INTERNAL_H_
+#define _PLUGIN_INTERNAL_H_
+
+/* global state */
+struct qemu_plugin_state {
+ QTAILQ_HEAD(, qemu_plugin_ctx) ctxs;
+ QLIST_HEAD(, qemu_plugin_cb) cb_lists[QEMU_PLUGIN_EV_MAX];
+ /*
+ * Use the HT as a hash map by inserting k == v, which saves memory as
+ * documented by GLib. The parent struct is obtained with container_of().
+ */
+ GHashTable *id_ht;
+ /*
+ * Use the HT as a hash map. Note that we could use a list here,
+ * but with the HT we avoid adding a field to CPUState.
+ */
+ GHashTable *cpu_ht;
+ DECLARE_BITMAP(mask, QEMU_PLUGIN_EV_MAX);
+ /*
+ * @lock protects the struct as well as ctx->uninstalling.
+ * The lock must be acquired by all API ops.
+ * The lock is recursive, which greatly simplifies things, e.g.
+ * callback registration from qemu_plugin_vcpu_for_each().
+ */
+ QemuRecMutex lock;
+ /*
+ * HT of callbacks invoked from helpers. All entries are freed when
+ * the code cache is flushed.
+ */
+ struct qht dyn_cb_arr_ht;
+};
+
+
+struct qemu_plugin_ctx {
+ void *handle; /* dlopen */
+ qemu_plugin_id_t id;
+ struct qemu_plugin_cb *callbacks[QEMU_PLUGIN_EV_MAX];
+ QTAILQ_ENTRY(qemu_plugin_ctx) entry;
+ /*
+ * keep a reference to @desc until uninstall, so that plugins do not have
+ * to strdup plugin args.
+ */
+ struct qemu_plugin_desc *desc;
+ bool installing;
+ bool uninstalling;
+ bool resetting;
+};
+
+struct qemu_plugin_ctx *plugin_id_to_ctx_locked(qemu_plugin_id_t id);
+
+void plugin_register_inline_op(GArray **arr,
+ enum qemu_plugin_mem_rw rw,
+ enum qemu_plugin_op op, void *ptr,
+ uint64_t imm);
+
+void plugin_reset_uninstall(qemu_plugin_id_t id,
+ qemu_plugin_simple_cb_t cb,
+ bool reset);
+
+void plugin_register_cb(qemu_plugin_id_t id, enum qemu_plugin_event ev,
+ void *func);
+
+void plugin_unregister_cb__locked(struct qemu_plugin_ctx *ctx,
+ enum qemu_plugin_event ev);
+
+void
+plugin_register_cb_udata(qemu_plugin_id_t id, enum qemu_plugin_event ev,
+ void *func, void *udata);
+
+void
+plugin_register_dyn_cb__udata(GArray **arr,
+ qemu_plugin_vcpu_udata_cb_t cb,
+ enum qemu_plugin_cb_flags flags, void *udata);
+
+
+void plugin_register_vcpu_mem_cb(GArray **arr,
+ void *cb,
+ enum qemu_plugin_cb_flags flags,
+ enum qemu_plugin_mem_rw rw,
+ void *udata);
+
+void exec_inline_op(struct qemu_plugin_dyn_cb *cb);
+
+#endif /* _PLUGIN_INTERNAL_H_ */
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 09/55] plugin: add implementation of the api
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (7 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 08/55] plugin: add core code Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 10/55] queue: add QTAILQ_REMOVE_SEVERAL Alex Bennée
` (46 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
[AJB: split from the core code commit]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v4
- add qemu_plugin_ram_addr_from_host
- remove _haddr api calls
v5
- remove stray #if 0
---
plugins/Makefile.objs | 1 +
plugins/api.c | 287 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 288 insertions(+)
create mode 100644 plugins/api.c
diff --git a/plugins/Makefile.objs b/plugins/Makefile.objs
index 58940335bc..95baabf3d2 100644
--- a/plugins/Makefile.objs
+++ b/plugins/Makefile.objs
@@ -4,3 +4,4 @@
obj-y += loader.o
obj-y += core.o
+obj-y += api.o
diff --git a/plugins/api.c b/plugins/api.c
new file mode 100644
index 0000000000..3de05719a8
--- /dev/null
+++ b/plugins/api.c
@@ -0,0 +1,287 @@
+/*
+ * QEMU Plugin API
+ *
+ * This provides the API that is available to the plugins to interact
+ * with QEMU. We have to be careful not to expose internal details of
+ * how QEMU works so we abstract out things like translation and
+ * instructions to anonymous data types:
+ *
+ * qemu_plugin_tb
+ * qemu_plugin_insn
+ *
+ * Which can then be passed back into the API to do additional things.
+ * As such all the public functions in here are exported in
+ * qemu-plugin.h.
+ *
+ * The general life-cycle of a plugin is:
+ *
+ * - plugin is loaded, public qemu_plugin_install called
+ * - the install func registers callbacks for events
+ * - usually an atexit_cb is registered to dump info at the end
+ * - when a registered event occurs the plugin is called
+ * - some events pass additional info
+ * - during translation the plugin can decide to instrument any
+ * instruction
+ * - when QEMU exits all the registered atexit callbacks are called
+ *
+ * Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ * Copyright (C) 2019, Linaro
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qemu/plugin.h"
+#include "cpu.h"
+#include "sysemu/sysemu.h"
+#include "tcg/tcg.h"
+#include "trace/mem-internal.h" /* mem_info macros */
+#include "plugin.h"
+#ifndef CONFIG_USER_ONLY
+#include "hw/boards.h"
+#endif
+
+/* Uninstall and Reset handlers */
+
+void qemu_plugin_uninstall(qemu_plugin_id_t id, qemu_plugin_simple_cb_t cb)
+{
+ plugin_reset_uninstall(id, cb, false);
+}
+
+void qemu_plugin_reset(qemu_plugin_id_t id, qemu_plugin_simple_cb_t cb)
+{
+ plugin_reset_uninstall(id, cb, true);
+}
+
+/*
+ * Plugin Register Functions
+ *
+ * This allows the plugin to register callbacks for various events
+ * during the translation.
+ */
+
+void qemu_plugin_register_vcpu_init_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_INIT, cb);
+}
+
+void qemu_plugin_register_vcpu_exit_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_simple_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_EXIT, cb);
+}
+
+void qemu_plugin_register_vcpu_tb_exec_cb(struct qemu_plugin_tb *tb,
+ qemu_plugin_vcpu_udata_cb_t cb,
+ enum qemu_plugin_cb_flags flags,
+ void *udata)
+{
+ plugin_register_dyn_cb__udata(&tb->cbs[PLUGIN_CB_REGULAR],
+ cb, flags, udata);
+}
+
+void qemu_plugin_register_vcpu_tb_exec_inline(struct qemu_plugin_tb *tb,
+ enum qemu_plugin_op op,
+ void *ptr, uint64_t imm)
+{
+ plugin_register_inline_op(&tb->cbs[PLUGIN_CB_INLINE], 0, op, ptr, imm);
+}
+
+void qemu_plugin_register_vcpu_insn_exec_cb(struct qemu_plugin_insn *insn,
+ qemu_plugin_vcpu_udata_cb_t cb,
+ enum qemu_plugin_cb_flags flags,
+ void *udata)
+{
+ plugin_register_dyn_cb__udata(&insn->cbs[PLUGIN_CB_INSN][PLUGIN_CB_REGULAR],
+ cb, flags, udata);
+}
+
+void qemu_plugin_register_vcpu_insn_exec_inline(struct qemu_plugin_insn *insn,
+ enum qemu_plugin_op op,
+ void *ptr, uint64_t imm)
+{
+ plugin_register_inline_op(&insn->cbs[PLUGIN_CB_INSN][PLUGIN_CB_INLINE],
+ 0, op, ptr, imm);
+}
+
+
+
+void qemu_plugin_register_vcpu_mem_cb(struct qemu_plugin_insn *insn,
+ qemu_plugin_vcpu_mem_cb_t cb,
+ enum qemu_plugin_cb_flags flags,
+ enum qemu_plugin_mem_rw rw,
+ void *udata)
+{
+ plugin_register_vcpu_mem_cb(&insn->cbs[PLUGIN_CB_MEM][PLUGIN_CB_REGULAR],
+ cb, flags, rw, udata);
+}
+
+void qemu_plugin_register_vcpu_mem_inline(struct qemu_plugin_insn *insn,
+ enum qemu_plugin_mem_rw rw,
+ enum qemu_plugin_op op, void *ptr,
+ uint64_t imm)
+{
+ plugin_register_inline_op(&insn->cbs[PLUGIN_CB_MEM][PLUGIN_CB_INLINE],
+ rw, op, ptr, imm);
+}
+
+void qemu_plugin_register_vcpu_tb_trans_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_tb_trans_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_TB_TRANS, cb);
+}
+
+void qemu_plugin_register_vcpu_syscall_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_syscall_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_SYSCALL, cb);
+}
+
+void
+qemu_plugin_register_vcpu_syscall_ret_cb(qemu_plugin_id_t id,
+ qemu_plugin_vcpu_syscall_ret_cb_t cb)
+{
+ plugin_register_cb(id, QEMU_PLUGIN_EV_VCPU_SYSCALL_RET, cb);
+}
+
+/*
+ * Plugin Queries
+ *
+ * These are queries that the plugin can make to gauge information
+ * from our opaque data types. We do not want to leak internal details
+ * here just information useful to the plugin.
+ */
+
+/*
+ * Translation block information:
+ *
+ * A plugin can query the virtual address of the start of the block
+ * and the number of instructions in it. It can also get access to
+ * each translated instruction.
+ */
+
+size_t qemu_plugin_tb_n_insns(const struct qemu_plugin_tb *tb)
+{
+ return tb->n;
+}
+
+uint64_t qemu_plugin_tb_vaddr(const struct qemu_plugin_tb *tb)
+{
+ return tb->vaddr;
+}
+
+struct qemu_plugin_insn *
+qemu_plugin_tb_get_insn(const struct qemu_plugin_tb *tb, size_t idx)
+{
+ if (unlikely(idx >= tb->n)) {
+ return NULL;
+ }
+ return g_ptr_array_index(tb->insns, idx);
+}
+
+/*
+ * Instruction information
+ *
+ * These queries allow the plugin to retrieve information about each
+ * instruction being translated.
+ */
+
+const void *qemu_plugin_insn_data(const struct qemu_plugin_insn *insn)
+{
+ return insn->data->data;
+}
+
+size_t qemu_plugin_insn_size(const struct qemu_plugin_insn *insn)
+{
+ return insn->data->len;
+}
+
+uint64_t qemu_plugin_insn_vaddr(const struct qemu_plugin_insn *insn)
+{
+ return insn->vaddr;
+}
+
+void *qemu_plugin_insn_haddr(const struct qemu_plugin_insn *insn)
+{
+ return insn->haddr;
+}
+
+/*
+ * The memory queries allow the plugin to query information about a
+ * memory access.
+ */
+
+unsigned qemu_plugin_mem_size_shift(qemu_plugin_meminfo_t info)
+{
+ return info & TRACE_MEM_SZ_SHIFT_MASK;
+}
+
+bool qemu_plugin_mem_is_sign_extended(qemu_plugin_meminfo_t info)
+{
+ return !!(info & TRACE_MEM_SE);
+}
+
+bool qemu_plugin_mem_is_big_endian(qemu_plugin_meminfo_t info)
+{
+ return !!(info & TRACE_MEM_BE);
+}
+
+bool qemu_plugin_mem_is_store(qemu_plugin_meminfo_t info)
+{
+ return !!(info & TRACE_MEM_ST);
+}
+
+/*
+ * Virtual Memory queries
+ */
+
+struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
+ uint64_t vaddr)
+{
+ return NULL;
+}
+
+bool qemu_plugin_hwaddr_is_io(struct qemu_plugin_hwaddr *hwaddr)
+{
+ return false;
+}
+
+uint64_t qemu_plugin_hwaddr_to_raddr(const struct qemu_plugin_hwaddr *haddr)
+{
+ return 0;
+}
+
+/*
+ * Queries to the number and potential maximum number of vCPUs there
+ * will be. This helps the plugin dimension per-vcpu arrays.
+ */
+
+#ifndef CONFIG_USER_ONLY
+static MachineState * get_ms(void)
+{
+ return MACHINE(qdev_get_machine());
+}
+#endif
+
+int qemu_plugin_n_vcpus(void)
+{
+#ifdef CONFIG_USER_ONLY
+ return -1;
+#else
+ return get_ms()->smp.cpus;
+#endif
+}
+
+int qemu_plugin_n_max_vcpus(void)
+{
+#ifdef CONFIG_USER_ONLY
+ return -1;
+#else
+ return get_ms()->smp.max_cpus;
+#endif
+}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 10/55] queue: add QTAILQ_REMOVE_SEVERAL
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (8 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 09/55] plugin: add implementation of the api Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 11/55] cputlb: document get_page_addr_code Alex Bennée
` (45 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
This is faster than removing elements one by one.
Will gain a user soon.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
include/qemu/queue.h | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/include/qemu/queue.h b/include/qemu/queue.h
index 73bf4a984d..4764d93ea3 100644
--- a/include/qemu/queue.h
+++ b/include/qemu/queue.h
@@ -420,6 +420,16 @@ union { \
(elm)->field.tqe_circ.tql_prev = NULL; \
} while (/*CONSTCOND*/0)
+/* remove @left, @right and all elements in between from @head */
+#define QTAILQ_REMOVE_SEVERAL(head, left, right, field) do { \
+ if (((right)->field.tqe_next) != NULL) \
+ (right)->field.tqe_next->field.tqe_circ.tql_prev = \
+ (left)->field.tqe_circ.tql_prev; \
+ else \
+ (head)->tqh_circ.tql_prev = (left)->field.tqe_circ.tql_prev; \
+ (left)->field.tqe_circ.tql_prev->tql_next = (right)->field.tqe_next; \
+ } while (/*CONSTCOND*/0)
+
#define QTAILQ_FOREACH(var, head, field) \
for ((var) = ((head)->tqh_first); \
(var); \
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 11/55] cputlb: document get_page_addr_code
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (9 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 10/55] queue: add QTAILQ_REMOVE_SEVERAL Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 12/55] cputlb: introduce get_page_addr_code_hostp Alex Bennée
` (44 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Suggested-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/exec-all.h | 24 +++++++++++++++++++++---
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 49db07ba0b..6352316de1 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -487,7 +487,15 @@ void mmap_lock(void);
void mmap_unlock(void);
bool have_mmap_lock(void);
-static inline tb_page_addr_t get_page_addr_code(CPUArchState *env1, target_ulong addr)
+/**
+ * get_page_addr_code() - user-mode version
+ * @env: CPUArchState
+ * @addr: guest virtual address of guest code
+ *
+ * Returns @addr.
+ */
+static inline tb_page_addr_t get_page_addr_code(CPUArchState *env,
+ target_ulong addr)
{
return addr;
}
@@ -495,8 +503,18 @@ static inline tb_page_addr_t get_page_addr_code(CPUArchState *env1, target_ulong
static inline void mmap_lock(void) {}
static inline void mmap_unlock(void) {}
-/* cputlb.c */
-tb_page_addr_t get_page_addr_code(CPUArchState *env1, target_ulong addr);
+/**
+ * get_page_addr_code() - full-system version
+ * @env: CPUArchState
+ * @addr: guest virtual address of guest code
+ *
+ * If we cannot translate and execute from the entire RAM page, or if
+ * the region is not backed by RAM, returns -1. Otherwise, returns the
+ * ram_addr_t corresponding to the guest code at @addr.
+ *
+ * Note: this function can trigger an exception.
+ */
+tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr);
void tlb_reset_dirty(CPUState *cpu, ram_addr_t start1, ram_addr_t length);
void tlb_set_dirty(CPUState *cpu, target_ulong vaddr);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 12/55] cputlb: introduce get_page_addr_code_hostp
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (10 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 11/55] cputlb: document get_page_addr_code Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 13/55] tcg: add tcg_gen_st_ptr Alex Bennée
` (43 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
This will be used by plugins to get the host address
of instructions.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/tcg/cputlb.c | 14 +++++++++++++-
include/exec/exec-all.h | 38 ++++++++++++++++++++++++++++++++++++++
2 files changed, 51 insertions(+), 1 deletion(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 1210d8f243..9cf9e6455e 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1051,7 +1051,8 @@ static bool victim_tlb_hit(CPUArchState *env, size_t mmu_idx, size_t index,
* NOTE: This function will trigger an exception if the page is
* not executable.
*/
-tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr)
+tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
+ void **hostp)
{
uintptr_t mmu_idx = cpu_mmu_index(env, true);
uintptr_t index = tlb_index(env, mmu_idx, addr);
@@ -1077,13 +1078,24 @@ tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr)
if (unlikely(entry->addr_code & TLB_MMIO)) {
/* The region is not backed by RAM. */
+ if (hostp) {
+ *hostp = NULL;
+ }
return -1;
}
p = (void *)((uintptr_t)addr + entry->addend);
+ if (hostp) {
+ *hostp = p;
+ }
return qemu_ram_addr_from_host_nofail(p);
}
+tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr)
+{
+ return get_page_addr_code_hostp(env, addr, NULL);
+}
+
static void notdirty_write(CPUState *cpu, vaddr mem_vaddr, unsigned size,
CPUIOTLBEntry *iotlbentry, uintptr_t retaddr)
{
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 6352316de1..ba2f501f0f 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -22,6 +22,7 @@
#include "cpu.h"
#include "exec/tb-context.h"
+#include "exec/cpu_ldst.h"
#include "sysemu/cpus.h"
/* allow to see translation results - the slowdown should be negligible, so we leave it */
@@ -499,6 +500,26 @@ static inline tb_page_addr_t get_page_addr_code(CPUArchState *env,
{
return addr;
}
+
+/**
+ * get_page_addr_code_hostp() - user-mode version
+ * @env: CPUArchState
+ * @addr: guest virtual address of guest code
+ *
+ * Returns @addr.
+ *
+ * If @hostp is non-NULL, sets *@hostp to the host address where @addr's content
+ * is kept.
+ */
+static inline tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env,
+ target_ulong addr,
+ void **hostp)
+{
+ if (hostp) {
+ *hostp = g2h(addr);
+ }
+ return addr;
+}
#else
static inline void mmap_lock(void) {}
static inline void mmap_unlock(void) {}
@@ -516,6 +537,23 @@ static inline void mmap_unlock(void) {}
*/
tb_page_addr_t get_page_addr_code(CPUArchState *env, target_ulong addr);
+/**
+ * get_page_addr_code_hostp() - full-system version
+ * @env: CPUArchState
+ * @addr: guest virtual address of guest code
+ *
+ * See get_page_addr_code() (full-system version) for documentation on the
+ * return value.
+ *
+ * Sets *@hostp (when @hostp is non-NULL) as follows.
+ * If the return value is -1, sets *@hostp to NULL. Otherwise, sets *@hostp
+ * to the host address where @addr's content is kept.
+ *
+ * Note: this function can trigger an exception.
+ */
+tb_page_addr_t get_page_addr_code_hostp(CPUArchState *env, target_ulong addr,
+ void **hostp);
+
void tlb_reset_dirty(CPUState *cpu, ram_addr_t start1, ram_addr_t length);
void tlb_set_dirty(CPUState *cpu, target_ulong vaddr);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 13/55] tcg: add tcg_gen_st_ptr
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (11 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 12/55] cputlb: introduce get_page_addr_code_hostp Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 14/55] plugin-gen: add module for TCG-related code Alex Bennée
` (42 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Will gain a user soon.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tcg/tcg-op.h | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tcg/tcg-op.h b/tcg/tcg-op.h
index e9cf172762..7c778f96f3 100644
--- a/tcg/tcg-op.h
+++ b/tcg/tcg-op.h
@@ -1249,6 +1249,11 @@ static inline void tcg_gen_ld_ptr(TCGv_ptr r, TCGv_ptr a, intptr_t o)
glue(tcg_gen_ld_,PTR)((NAT)r, a, o);
}
+static inline void tcg_gen_st_ptr(TCGv_ptr r, TCGv_ptr a, intptr_t o)
+{
+ glue(tcg_gen_st_, PTR)((NAT)r, a, o);
+}
+
static inline void tcg_gen_discard_ptr(TCGv_ptr a)
{
glue(tcg_gen_discard_,PTR)((NAT)a);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 14/55] plugin-gen: add module for TCG-related code
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (12 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 13/55] tcg: add tcg_gen_st_ptr Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 15:23 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 15/55] atomic_template: add inline trace/plugin helpers Alex Bennée
` (41 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Paolo Bonzini,
Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
We first inject empty instrumentation from translator_loop.
After translation, we go through the plugins to see what
they want to register for, filling in the empty instrumentation.
If if turns out that some instrumentation remains unused, we
remove it.
This approach supports the following features:
- Inlining TCG code for simple operations. Note that we do not
export TCG ops to plugins. Instead, we give them a C API to
insert inlined ops. So far we only support adding an immediate
to a u64, e.g. to count events.
- "Direct" callbacks. These are callbacks that do not go via
a helper. Instead, the helper is defined at run-time, so that
the plugin code is directly called from TCG. This makes direct
callbacks as efficient as possible; they are therefore used
for very frequent events, e.g. memory callbacks.
- Passing the host address to memory callbacks. Most of this
is implemented in a later patch though.
- Instrumentation of memory accesses performed from helpers.
See the corresponding comment, as well as a later patch.
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: add alloc_tcg_plugin_context, use glib, rm hwaddr]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v3
- introduce alloc_tcg_plugin_context
- allocate GPtrArray for tracking insns
v4
- remove hwaddr variants of callbacks
- pass full 32bit meminfo
- remove now unused code
- move plugin_gen_from into .c file
v5
- fix offsets when storing mem callbacks.
- remove #if 0 code no longer needed
---
accel/tcg/Makefile.objs | 1 +
accel/tcg/plugin-gen.c | 932 ++++++++++++++++++++++++++++++++++++
accel/tcg/plugin-helpers.h | 5 +
include/exec/helper-gen.h | 1 +
include/exec/helper-proto.h | 1 +
include/exec/helper-tcg.h | 1 +
include/exec/plugin-gen.h | 57 +++
tcg/tcg-op.h | 11 +
tcg/tcg-opc.h | 3 +
tcg/tcg.c | 22 +
tcg/tcg.h | 20 +
11 files changed, 1054 insertions(+)
create mode 100644 accel/tcg/plugin-gen.c
create mode 100644 accel/tcg/plugin-helpers.h
create mode 100644 include/exec/plugin-gen.h
diff --git a/accel/tcg/Makefile.objs b/accel/tcg/Makefile.objs
index d381a02f34..a92f2c454b 100644
--- a/accel/tcg/Makefile.objs
+++ b/accel/tcg/Makefile.objs
@@ -6,3 +6,4 @@ obj-y += translator.o
obj-$(CONFIG_USER_ONLY) += user-exec.o
obj-$(call lnot,$(CONFIG_SOFTMMU)) += user-exec-stub.o
+obj-$(CONFIG_PLUGIN) += plugin-gen.o
diff --git a/accel/tcg/plugin-gen.c b/accel/tcg/plugin-gen.c
new file mode 100644
index 0000000000..51580d51a0
--- /dev/null
+++ b/accel/tcg/plugin-gen.c
@@ -0,0 +1,932 @@
+/*
+ * plugin-gen.c - TCG-related bits of plugin infrastructure
+ *
+ * Copyright (C) 2018, Emilio G. Cota <cota@braap.org>
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * We support instrumentation at an instruction granularity. That is,
+ * if a plugin wants to instrument the memory accesses performed by a
+ * particular instruction, it can just do that instead of instrumenting
+ * all memory accesses. Thus, in order to do this we first have to
+ * translate a TB, so that plugins can decide what/where to instrument.
+ *
+ * Injecting the desired instrumentation could be done with a second
+ * translation pass that combined the instrumentation requests, but that
+ * would be ugly and inefficient since we would decode the guest code twice.
+ * Instead, during TB translation we add "empty" instrumentation calls for all
+ * possible instrumentation events, and then once we collect the instrumentation
+ * requests from plugins, we either "fill in" those empty events or remove them
+ * if they have no requests.
+ *
+ * When "filling in" an event we first copy the empty callback's TCG ops. This
+ * might seem unnecessary, but it is done to support an arbitrary number
+ * of callbacks per event. Take for example a regular instruction callback.
+ * We first generate a callback to an empty helper function. Then, if two
+ * plugins register one callback each for this instruction, we make two copies
+ * of the TCG ops generated for the empty callback, substituting the function
+ * pointer that points to the empty helper function with the plugins' desired
+ * callback functions. After that we remove the empty callback's ops.
+ *
+ * Note that the location in TCGOp.args[] of the pointer to a helper function
+ * varies across different guest and host architectures. Instead of duplicating
+ * the logic that figures this out, we rely on the fact that the empty
+ * callbacks point to empty functions that are unique pointers in the program.
+ * Thus, to find the right location we just have to look for a match in
+ * TCGOp.args[]. This is the main reason why we first copy an empty callback's
+ * TCG ops and then fill them in; regardless of whether we have one or many
+ * callbacks for that event, the logic to add all of them is the same.
+ *
+ * When generating more than one callback per event, we make a small
+ * optimization to avoid generating redundant operations. For instance, for the
+ * second and all subsequent callbacks of an event, we do not need to reload the
+ * CPU's index into a TCG temp, since the first callback did it already.
+ */
+#include "qemu/osdep.h"
+#include "cpu.h"
+#include "tcg/tcg.h"
+#include "tcg/tcg-op.h"
+#include "trace/mem.h"
+#include "exec/exec-all.h"
+#include "exec/plugin-gen.h"
+#include "exec/translator.h"
+
+#ifdef CONFIG_SOFTMMU
+# define CONFIG_SOFTMMU_GATE 1
+#else
+# define CONFIG_SOFTMMU_GATE 0
+#endif
+
+/*
+ * plugin_cb_start TCG op args[]:
+ * 0: enum plugin_gen_from
+ * 1: enum plugin_gen_cb
+ * 2: set to 1 for mem callback that is a write, 0 otherwise.
+ */
+
+enum plugin_gen_from {
+ PLUGIN_GEN_FROM_TB,
+ PLUGIN_GEN_FROM_INSN,
+ PLUGIN_GEN_FROM_MEM,
+ PLUGIN_GEN_AFTER_INSN,
+ PLUGIN_GEN_N_FROMS,
+};
+
+enum plugin_gen_cb {
+ PLUGIN_GEN_CB_UDATA,
+ PLUGIN_GEN_CB_INLINE,
+ PLUGIN_GEN_CB_MEM,
+ PLUGIN_GEN_ENABLE_MEM_HELPER,
+ PLUGIN_GEN_DISABLE_MEM_HELPER,
+ PLUGIN_GEN_N_CBS,
+};
+
+/*
+ * These helpers are stubs that get dynamically switched out for calls
+ * direct to the plugin if they are subscribed to.
+ */
+void HELPER(plugin_vcpu_udata_cb)(uint32_t cpu_index, void *udata)
+{ }
+
+void HELPER(plugin_vcpu_mem_cb)(unsigned int vcpu_index,
+ qemu_plugin_meminfo_t info, uint64_t vaddr,
+ void *userdata)
+{ }
+
+static void do_gen_mem_cb(TCGv vaddr, uint32_t info)
+{
+ TCGv_i32 cpu_index = tcg_temp_new_i32();
+ TCGv_i32 meminfo = tcg_const_i32(info);
+ TCGv_i64 vaddr64 = tcg_temp_new_i64();
+ TCGv_ptr udata = tcg_const_ptr(NULL);
+
+ tcg_gen_ld_i32(cpu_index, cpu_env,
+ -offsetof(ArchCPU, env) + offsetof(CPUState, cpu_index));
+ tcg_gen_extu_tl_i64(vaddr64, vaddr);
+
+ gen_helper_plugin_vcpu_mem_cb(cpu_index, meminfo, vaddr64, udata);
+
+ tcg_temp_free_ptr(udata);
+ tcg_temp_free_i64(vaddr64);
+ tcg_temp_free_i32(meminfo);
+ tcg_temp_free_i32(cpu_index);
+}
+
+static void gen_empty_udata_cb(void)
+{
+ TCGv_i32 cpu_index = tcg_temp_new_i32();
+ TCGv_ptr udata = tcg_const_ptr(NULL); /* will be overwritten later */
+
+ tcg_gen_ld_i32(cpu_index, cpu_env,
+ -offsetof(ArchCPU, env) + offsetof(CPUState, cpu_index));
+ gen_helper_plugin_vcpu_udata_cb(cpu_index, udata);
+
+ tcg_temp_free_ptr(udata);
+ tcg_temp_free_i32(cpu_index);
+}
+
+/*
+ * For now we only support addi_i64.
+ * When we support more ops, we can generate one empty inline cb for each.
+ */
+static void gen_empty_inline_cb(void)
+{
+ TCGv_i64 val = tcg_temp_new_i64();
+ TCGv_ptr ptr = tcg_const_ptr(NULL); /* overwritten later */
+
+ tcg_gen_ld_i64(val, ptr, 0);
+ /* pass an immediate != 0 so that it doesn't get optimized away */
+ tcg_gen_addi_i64(val, val, 0xdeadface);
+ tcg_gen_st_i64(val, ptr, 0);
+ tcg_temp_free_ptr(ptr);
+ tcg_temp_free_i64(val);
+}
+
+static void gen_empty_mem_cb(TCGv addr, uint32_t info)
+{
+ do_gen_mem_cb(addr, info);
+}
+
+/*
+ * Share the same function for enable/disable. When enabling, the NULL
+ * pointer will be overwritten later.
+ */
+static void gen_empty_mem_helper(void)
+{
+ TCGv_ptr ptr;
+
+ ptr = tcg_const_ptr(NULL);
+ tcg_gen_st_ptr(ptr, cpu_env, offsetof(CPUState, plugin_mem_cbs) -
+ offsetof(ArchCPU, env));
+ tcg_temp_free_ptr(ptr);
+}
+
+static inline
+void gen_plugin_cb_start(enum plugin_gen_from from,
+ enum plugin_gen_cb type, unsigned wr)
+{
+ TCGOp *op;
+
+ tcg_gen_plugin_cb_start(from, type, wr);
+ op = tcg_last_op();
+ QSIMPLEQ_INSERT_TAIL(&tcg_ctx->plugin_ops, op, plugin_link);
+}
+
+static void gen_wrapped(enum plugin_gen_from from,
+ enum plugin_gen_cb type, void (*func)(void))
+{
+ gen_plugin_cb_start(from, type, 0);
+ func();
+ tcg_gen_plugin_cb_end();
+}
+
+static inline void plugin_gen_empty_callback(enum plugin_gen_from from)
+{
+ switch (from) {
+ case PLUGIN_GEN_AFTER_INSN:
+ gen_wrapped(from, PLUGIN_GEN_DISABLE_MEM_HELPER,
+ gen_empty_mem_helper);
+ break;
+ case PLUGIN_GEN_FROM_INSN:
+ /*
+ * Note: plugin_gen_inject() relies on ENABLE_MEM_HELPER being
+ * the first callback of an instruction
+ */
+ gen_wrapped(from, PLUGIN_GEN_ENABLE_MEM_HELPER,
+ gen_empty_mem_helper);
+ /* fall through */
+ case PLUGIN_GEN_FROM_TB:
+ gen_wrapped(from, PLUGIN_GEN_CB_UDATA, gen_empty_udata_cb);
+ gen_wrapped(from, PLUGIN_GEN_CB_INLINE, gen_empty_inline_cb);
+ break;
+ default:
+ g_assert_not_reached();
+ }
+}
+
+union mem_gen_fn {
+ void (*mem_fn)(TCGv, uint32_t);
+ void (*inline_fn)(void);
+};
+
+static void gen_mem_wrapped(enum plugin_gen_cb type,
+ const union mem_gen_fn *f, TCGv addr,
+ uint32_t info, bool is_mem)
+{
+ int wr = !!(info & TRACE_MEM_ST);
+
+ gen_plugin_cb_start(PLUGIN_GEN_FROM_MEM, type, wr);
+ if (is_mem) {
+ f->mem_fn(addr, info);
+ } else {
+ f->inline_fn();
+ }
+ tcg_gen_plugin_cb_end();
+}
+
+void plugin_gen_empty_mem_callback(TCGv addr, uint32_t info)
+{
+ union mem_gen_fn fn;
+
+ fn.mem_fn = gen_empty_mem_cb;
+ gen_mem_wrapped(PLUGIN_GEN_CB_MEM, &fn, addr, info, true);
+
+ fn.inline_fn = gen_empty_inline_cb;
+ gen_mem_wrapped(PLUGIN_GEN_CB_INLINE, &fn, 0, info, false);
+}
+
+static TCGOp *find_op(TCGOp *op, TCGOpcode opc)
+{
+ while (op) {
+ if (op->opc == opc) {
+ return op;
+ }
+ op = QTAILQ_NEXT(op, link);
+ }
+ return NULL;
+}
+
+static TCGOp *rm_ops_range(TCGOp *begin, TCGOp *end)
+{
+ TCGOp *ret = QTAILQ_NEXT(end, link);
+
+ QTAILQ_REMOVE_SEVERAL(&tcg_ctx->ops, begin, end, link);
+ return ret;
+}
+
+/* remove all ops until (and including) plugin_cb_end */
+static TCGOp *rm_ops(TCGOp *op)
+{
+ TCGOp *end_op = find_op(op, INDEX_op_plugin_cb_end);
+
+ tcg_debug_assert(end_op);
+ return rm_ops_range(op, end_op);
+}
+
+static TCGOp *copy_op_nocheck(TCGOp **begin_op, TCGOp *op)
+{
+ *begin_op = QTAILQ_NEXT(*begin_op, link);
+ tcg_debug_assert(*begin_op);
+ op = tcg_op_insert_after(tcg_ctx, op, (*begin_op)->opc);
+ memcpy(op->args, (*begin_op)->args, sizeof(op->args));
+ return op;
+}
+
+static TCGOp *copy_op(TCGOp **begin_op, TCGOp *op, TCGOpcode opc)
+{
+ op = copy_op_nocheck(begin_op, op);
+ tcg_debug_assert((*begin_op)->opc == opc);
+ return op;
+}
+
+static TCGOp *copy_extu_i32_i64(TCGOp **begin_op, TCGOp *op)
+{
+ if (TCG_TARGET_REG_BITS == 32) {
+ /* mov_i32 */
+ op = copy_op(begin_op, op, INDEX_op_mov_i32);
+ /* movi_i32 */
+ op = copy_op(begin_op, op, INDEX_op_movi_i32);
+ } else {
+ /* extu_i32_i64 */
+ op = copy_op(begin_op, op, INDEX_op_extu_i32_i64);
+ }
+ return op;
+}
+
+static TCGOp *copy_mov_i64(TCGOp **begin_op, TCGOp *op)
+{
+ if (TCG_TARGET_REG_BITS == 32) {
+ /* 2x mov_i32 */
+ op = copy_op(begin_op, op, INDEX_op_mov_i32);
+ op = copy_op(begin_op, op, INDEX_op_mov_i32);
+ } else {
+ /* mov_i64 */
+ op = copy_op(begin_op, op, INDEX_op_mov_i64);
+ }
+ return op;
+}
+
+static TCGOp *copy_movi_i64(TCGOp **begin_op, TCGOp *op, uint64_t v)
+{
+ if (TCG_TARGET_REG_BITS == 32) {
+ /* 2x movi_i32 */
+ op = copy_op(begin_op, op, INDEX_op_movi_i32);
+ op->args[1] = v;
+
+ op = copy_op(begin_op, op, INDEX_op_movi_i32);
+ op->args[1] = v >> 32;
+ } else {
+ /* movi_i64 */
+ op = copy_op(begin_op, op, INDEX_op_movi_i64);
+ op->args[1] = v;
+ }
+ return op;
+}
+
+static TCGOp *copy_const_ptr(TCGOp **begin_op, TCGOp *op, void *ptr)
+{
+ if (UINTPTR_MAX == UINT32_MAX) {
+ /* movi_i32 */
+ op = copy_op(begin_op, op, INDEX_op_movi_i32);
+ op->args[1] = (uintptr_t)ptr;
+ } else {
+ /* movi_i64 */
+ op = copy_movi_i64(begin_op, op, (uint64_t)(uintptr_t)ptr);
+ }
+ return op;
+}
+
+static TCGOp *copy_const_i64(TCGOp **begin_op, TCGOp *op, uint64_t v)
+{
+ return copy_movi_i64(begin_op, op, v);
+}
+
+static TCGOp *copy_extu_tl_i64(TCGOp **begin_op, TCGOp *op)
+{
+ if (TARGET_LONG_BITS == 32) {
+ /* extu_i32_i64 */
+ op = copy_extu_i32_i64(begin_op, op);
+ } else {
+ /* mov_i64 */
+ op = copy_mov_i64(begin_op, op);
+ }
+ return op;
+}
+
+static TCGOp *copy_ld_i64(TCGOp **begin_op, TCGOp *op)
+{
+ if (TCG_TARGET_REG_BITS == 32) {
+ /* 2x ld_i32 */
+ op = copy_op(begin_op, op, INDEX_op_ld_i32);
+ op = copy_op(begin_op, op, INDEX_op_ld_i32);
+ } else {
+ /* ld_i64 */
+ op = copy_op(begin_op, op, INDEX_op_ld_i64);
+ }
+ return op;
+}
+
+static TCGOp *copy_st_i64(TCGOp **begin_op, TCGOp *op)
+{
+ if (TCG_TARGET_REG_BITS == 32) {
+ /* 2x st_i32 */
+ op = copy_op(begin_op, op, INDEX_op_st_i32);
+ op = copy_op(begin_op, op, INDEX_op_st_i32);
+ } else {
+ /* st_i64 */
+ op = copy_op(begin_op, op, INDEX_op_st_i64);
+ }
+ return op;
+}
+
+static TCGOp *copy_add_i64(TCGOp **begin_op, TCGOp *op)
+{
+ if (TCG_TARGET_REG_BITS == 32) {
+ /* all 32-bit backends must implement add2_i32 */
+ g_assert(TCG_TARGET_HAS_add2_i32);
+ op = copy_op(begin_op, op, INDEX_op_add2_i32);
+ } else {
+ op = copy_op(begin_op, op, INDEX_op_add_i64);
+ }
+ return op;
+}
+
+static TCGOp *copy_st_ptr(TCGOp **begin_op, TCGOp *op)
+{
+ if (UINTPTR_MAX == UINT32_MAX) {
+ /* st_i32 */
+ op = copy_op(begin_op, op, INDEX_op_st_i32);
+ } else {
+ /* st_i64 */
+ op = copy_st_i64(begin_op, op);
+ }
+ return op;
+}
+
+static TCGOp *copy_call(TCGOp **begin_op, TCGOp *op, void *empty_func,
+ void *func, unsigned tcg_flags, int *cb_idx)
+{
+ /* copy all ops until the call */
+ do {
+ op = copy_op_nocheck(begin_op, op);
+ } while (op->opc != INDEX_op_call);
+
+ /* fill in the op call */
+ op->param1 = (*begin_op)->param1;
+ op->param2 = (*begin_op)->param2;
+ tcg_debug_assert(op->life == 0);
+ if (*cb_idx == -1) {
+ int i;
+
+ /*
+ * Instead of working out the position of the callback in args[], just
+ * look for @empty_func, since it should be a unique pointer.
+ */
+ for (i = 0; i < MAX_OPC_PARAM_ARGS; i++) {
+ if ((uintptr_t)(*begin_op)->args[i] == (uintptr_t)empty_func) {
+ *cb_idx = i;
+ break;
+ }
+ }
+ tcg_debug_assert(i < MAX_OPC_PARAM_ARGS);
+ }
+ op->args[*cb_idx] = (uintptr_t)func;
+ op->args[*cb_idx + 1] = tcg_flags;
+
+ return op;
+}
+
+static TCGOp *append_udata_cb(const struct qemu_plugin_dyn_cb *cb,
+ TCGOp *begin_op, TCGOp *op, int *cb_idx)
+{
+ /* const_ptr */
+ op = copy_const_ptr(&begin_op, op, cb->userp);
+
+ /* copy the ld_i32, but note that we only have to copy it once */
+ begin_op = QTAILQ_NEXT(begin_op, link);
+ tcg_debug_assert(begin_op && begin_op->opc == INDEX_op_ld_i32);
+ if (*cb_idx == -1) {
+ op = tcg_op_insert_after(tcg_ctx, op, INDEX_op_ld_i32);
+ memcpy(op->args, begin_op->args, sizeof(op->args));
+ }
+
+ /* call */
+ op = copy_call(&begin_op, op, HELPER(plugin_vcpu_udata_cb),
+ cb->f.vcpu_udata, cb->tcg_flags, cb_idx);
+
+ return op;
+}
+
+static TCGOp *append_inline_cb(const struct qemu_plugin_dyn_cb *cb,
+ TCGOp *begin_op, TCGOp *op,
+ int *unused)
+{
+ /* const_ptr */
+ op = copy_const_ptr(&begin_op, op, cb->userp);
+
+ /* ld_i64 */
+ op = copy_ld_i64(&begin_op, op);
+
+ /* const_i64 */
+ op = copy_const_i64(&begin_op, op, cb->inline_insn.imm);
+
+ /* add_i64 */
+ op = copy_add_i64(&begin_op, op);
+
+ /* st_i64 */
+ op = copy_st_i64(&begin_op, op);
+
+ return op;
+}
+
+static TCGOp *append_mem_cb(const struct qemu_plugin_dyn_cb *cb,
+ TCGOp *begin_op, TCGOp *op, int *cb_idx)
+{
+ enum plugin_gen_cb type = begin_op->args[1];
+
+ tcg_debug_assert(type == PLUGIN_GEN_CB_MEM);
+
+ /* const_i32 == movi_i32 ("info", so it remains as is) */
+ op = copy_op(&begin_op, op, INDEX_op_movi_i32);
+
+ /* const_ptr */
+ op = copy_const_ptr(&begin_op, op, cb->userp);
+
+ /* copy the ld_i32, but note that we only have to copy it once */
+ begin_op = QTAILQ_NEXT(begin_op, link);
+ tcg_debug_assert(begin_op && begin_op->opc == INDEX_op_ld_i32);
+ if (*cb_idx == -1) {
+ op = tcg_op_insert_after(tcg_ctx, op, INDEX_op_ld_i32);
+ memcpy(op->args, begin_op->args, sizeof(op->args));
+ }
+
+ /* extu_tl_i64 */
+ op = copy_extu_tl_i64(&begin_op, op);
+
+ if (type == PLUGIN_GEN_CB_MEM) {
+ /* call */
+ op = copy_call(&begin_op, op, HELPER(plugin_vcpu_mem_cb),
+ cb->f.vcpu_udata, cb->tcg_flags, cb_idx);
+ }
+
+ return op;
+}
+
+typedef TCGOp *(*inject_fn)(const struct qemu_plugin_dyn_cb *cb,
+ TCGOp *begin_op, TCGOp *op, int *intp);
+typedef bool (*op_ok_fn)(const TCGOp *op, const struct qemu_plugin_dyn_cb *cb);
+
+static bool op_ok(const TCGOp *op, const struct qemu_plugin_dyn_cb *cb)
+{
+ return true;
+}
+
+static bool op_rw(const TCGOp *op, const struct qemu_plugin_dyn_cb *cb)
+{
+ int w;
+
+ w = op->args[2];
+ return !!(cb->rw & (w + 1));
+}
+
+static inline
+void inject_cb_type(const GArray *cbs, TCGOp *begin_op, inject_fn inject,
+ op_ok_fn ok)
+{
+ TCGOp *end_op;
+ TCGOp *op;
+ int cb_idx = -1;
+ int i;
+
+ if (!cbs || cbs->len == 0) {
+ rm_ops(begin_op);
+ return;
+ }
+
+ end_op = find_op(begin_op, INDEX_op_plugin_cb_end);
+ tcg_debug_assert(end_op);
+
+ op = end_op;
+ for (i = 0; i < cbs->len; i++) {
+ struct qemu_plugin_dyn_cb *cb =
+ &g_array_index(cbs, struct qemu_plugin_dyn_cb, i);
+
+ if (!ok(begin_op, cb)) {
+ continue;
+ }
+ op = inject(cb, begin_op, op, &cb_idx);
+ }
+ rm_ops_range(begin_op, end_op);
+}
+
+static void
+inject_udata_cb(const GArray *cbs, TCGOp *begin_op)
+{
+ inject_cb_type(cbs, begin_op, append_udata_cb, op_ok);
+}
+
+static void
+inject_inline_cb(const GArray *cbs, TCGOp *begin_op, op_ok_fn ok)
+{
+ inject_cb_type(cbs, begin_op, append_inline_cb, ok);
+}
+
+static void
+inject_mem_cb(const GArray *cbs, TCGOp *begin_op)
+{
+ inject_cb_type(cbs, begin_op, append_mem_cb, op_rw);
+}
+
+/* we could change the ops in place, but we can reuse more code by copying */
+static void inject_mem_helper(TCGOp *begin_op, GArray *arr)
+{
+ TCGOp *orig_op = begin_op;
+ TCGOp *end_op;
+ TCGOp *op;
+
+ end_op = find_op(begin_op, INDEX_op_plugin_cb_end);
+ tcg_debug_assert(end_op);
+
+ /* const ptr */
+ op = copy_const_ptr(&begin_op, end_op, arr);
+
+ /* st_ptr */
+ op = copy_st_ptr(&begin_op, op);
+
+ rm_ops_range(orig_op, end_op);
+}
+
+/*
+ * Tracking memory accesses performed from helpers requires extra work.
+ * If an instruction is emulated with helpers, we do two things:
+ * (1) copy the CB descriptors, and keep track of it so that they can be
+ * freed later on, and (2) point CPUState.plugin_mem_cbs to the descriptors, so
+ * that we can read them at run-time (i.e. when the helper executes).
+ * This run-time access is performed from qemu_plugin_vcpu_mem_cb.
+ *
+ * Note that plugin_gen_disable_mem_helpers undoes (2). Since it
+ * is possible that the code we generate after the instruction is
+ * dead, we also add checks before generating tb_exit etc.
+ */
+static void inject_mem_enable_helper(struct qemu_plugin_insn *plugin_insn,
+ TCGOp *begin_op)
+{
+ GArray *cbs[2];
+ GArray *arr;
+ size_t n_cbs, i;
+
+ cbs[0] = plugin_insn->cbs[PLUGIN_CB_MEM][PLUGIN_CB_REGULAR];
+ cbs[1] = plugin_insn->cbs[PLUGIN_CB_MEM][PLUGIN_CB_INLINE];
+
+ n_cbs = 0;
+ for (i = 0; i < ARRAY_SIZE(cbs); i++) {
+ n_cbs += cbs[i]->len;
+ }
+
+ plugin_insn->mem_helper = plugin_insn->calls_helpers && n_cbs;
+ if (likely(!plugin_insn->mem_helper)) {
+ rm_ops(begin_op);
+ return;
+ }
+
+ arr = g_array_sized_new(false, false,
+ sizeof(struct qemu_plugin_dyn_cb), n_cbs);
+
+ for (i = 0; i < ARRAY_SIZE(cbs); i++) {
+ g_array_append_vals(arr, cbs[i]->data, cbs[i]->len);
+ }
+
+ qemu_plugin_add_dyn_cb_arr(arr);
+ inject_mem_helper(begin_op, arr);
+}
+
+static void inject_mem_disable_helper(struct qemu_plugin_insn *plugin_insn,
+ TCGOp *begin_op)
+{
+ if (likely(!plugin_insn->mem_helper)) {
+ rm_ops(begin_op);
+ return;
+ }
+ inject_mem_helper(begin_op, NULL);
+}
+
+/* called before finishing a TB with exit_tb, goto_tb or goto_ptr */
+void plugin_gen_disable_mem_helpers(void)
+{
+ TCGv_ptr ptr;
+
+ if (likely(tcg_ctx->plugin_insn == NULL ||
+ !tcg_ctx->plugin_insn->mem_helper)) {
+ return;
+ }
+ ptr = tcg_const_ptr(NULL);
+ tcg_gen_st_ptr(ptr, cpu_env, offsetof(CPUState, plugin_mem_cbs) -
+ offsetof(ArchCPU, env));
+ tcg_temp_free_ptr(ptr);
+ tcg_ctx->plugin_insn->mem_helper = false;
+}
+
+static void plugin_gen_tb_udata(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op)
+{
+ inject_udata_cb(ptb->cbs[PLUGIN_CB_REGULAR], begin_op);
+}
+
+static void plugin_gen_tb_inline(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op)
+{
+ inject_inline_cb(ptb->cbs[PLUGIN_CB_INLINE], begin_op, op_ok);
+}
+
+static void plugin_gen_insn_udata(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op, int insn_idx)
+{
+ struct qemu_plugin_insn *insn = g_ptr_array_index(ptb->insns, insn_idx);
+
+ inject_udata_cb(insn->cbs[PLUGIN_CB_INSN][PLUGIN_CB_REGULAR], begin_op);
+}
+
+static void plugin_gen_insn_inline(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op, int insn_idx)
+{
+ struct qemu_plugin_insn *insn = g_ptr_array_index(ptb->insns, insn_idx);
+ inject_inline_cb(insn->cbs[PLUGIN_CB_INSN][PLUGIN_CB_INLINE],
+ begin_op, op_ok);
+}
+
+static void plugin_gen_mem_regular(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op, int insn_idx)
+{
+ struct qemu_plugin_insn *insn = g_ptr_array_index(ptb->insns, insn_idx);
+ inject_mem_cb(insn->cbs[PLUGIN_CB_MEM][PLUGIN_CB_REGULAR], begin_op);
+}
+
+static void plugin_gen_mem_inline(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op, int insn_idx)
+{
+ const GArray *cbs;
+ struct qemu_plugin_insn *insn = g_ptr_array_index(ptb->insns, insn_idx);
+
+ cbs = insn->cbs[PLUGIN_CB_MEM][PLUGIN_CB_INLINE];
+ inject_inline_cb(cbs, begin_op, op_rw);
+}
+
+static void plugin_gen_enable_mem_helper(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op, int insn_idx)
+{
+ struct qemu_plugin_insn *insn = g_ptr_array_index(ptb->insns, insn_idx);
+ inject_mem_enable_helper(insn, begin_op);
+}
+
+static void plugin_gen_disable_mem_helper(const struct qemu_plugin_tb *ptb,
+ TCGOp *begin_op, int insn_idx)
+{
+ struct qemu_plugin_insn *insn = g_ptr_array_index(ptb->insns, insn_idx);
+ inject_mem_disable_helper(insn, begin_op);
+}
+
+static void plugin_inject_cb(const struct qemu_plugin_tb *ptb, TCGOp *begin_op,
+ int insn_idx)
+{
+ enum plugin_gen_from from = begin_op->args[0];
+ enum plugin_gen_cb type = begin_op->args[1];
+
+ switch (from) {
+ case PLUGIN_GEN_FROM_TB:
+ switch (type) {
+ case PLUGIN_GEN_CB_UDATA:
+ plugin_gen_tb_udata(ptb, begin_op);
+ return;
+ case PLUGIN_GEN_CB_INLINE:
+ plugin_gen_tb_inline(ptb, begin_op);
+ return;
+ default:
+ g_assert_not_reached();
+ }
+ case PLUGIN_GEN_FROM_INSN:
+ switch (type) {
+ case PLUGIN_GEN_CB_UDATA:
+ plugin_gen_insn_udata(ptb, begin_op, insn_idx);
+ return;
+ case PLUGIN_GEN_CB_INLINE:
+ plugin_gen_insn_inline(ptb, begin_op, insn_idx);
+ return;
+ case PLUGIN_GEN_ENABLE_MEM_HELPER:
+ plugin_gen_enable_mem_helper(ptb, begin_op, insn_idx);
+ return;
+ default:
+ g_assert_not_reached();
+ }
+ case PLUGIN_GEN_FROM_MEM:
+ switch (type) {
+ case PLUGIN_GEN_CB_MEM:
+ plugin_gen_mem_regular(ptb, begin_op, insn_idx);
+ return;
+ case PLUGIN_GEN_CB_INLINE:
+ plugin_gen_mem_inline(ptb, begin_op, insn_idx);
+ return;
+ default:
+ g_assert_not_reached();
+ }
+ case PLUGIN_GEN_AFTER_INSN:
+ switch (type) {
+ case PLUGIN_GEN_DISABLE_MEM_HELPER:
+ plugin_gen_disable_mem_helper(ptb, begin_op, insn_idx);
+ return;
+ default:
+ g_assert_not_reached();
+ }
+ default:
+ g_assert_not_reached();
+ }
+}
+
+/* #define DEBUG_PLUGIN_GEN_OPS */
+static void pr_ops(void)
+{
+#ifdef DEBUG_PLUGIN_GEN_OPS
+ TCGOp *op;
+ int i = 0;
+
+ QTAILQ_FOREACH(op, &tcg_ctx->ops, link) {
+ const char *name = "";
+ const char *type = "";
+
+ if (op->opc == INDEX_op_plugin_cb_start) {
+ switch (op->args[0]) {
+ case PLUGIN_GEN_FROM_TB:
+ name = "tb";
+ break;
+ case PLUGIN_GEN_FROM_INSN:
+ name = "insn";
+ break;
+ case PLUGIN_GEN_FROM_MEM:
+ name = "mem";
+ break;
+ case PLUGIN_GEN_AFTER_INSN:
+ name = "after insn";
+ break;
+ default:
+ break;
+ }
+ switch (op->args[1]) {
+ case PLUGIN_GEN_CB_UDATA:
+ type = "udata";
+ break;
+ case PLUGIN_GEN_CB_INLINE:
+ type = "inline";
+ break;
+ case PLUGIN_GEN_CB_MEM:
+ type = "mem";
+ break;
+ case PLUGIN_GEN_ENABLE_MEM_HELPER:
+ type = "enable mem helper";
+ break;
+ case PLUGIN_GEN_DISABLE_MEM_HELPER:
+ type = "disable mem helper";
+ break;
+ default:
+ break;
+ }
+ }
+ printf("op[%2i]: %s %s %s\n", i, tcg_op_defs[op->opc].name, name, type);
+ i++;
+ }
+#endif
+}
+
+static void plugin_gen_inject(const struct qemu_plugin_tb *plugin_tb)
+{
+ TCGOp *op;
+ int insn_idx;
+
+ pr_ops();
+ insn_idx = -1;
+ QSIMPLEQ_FOREACH(op, &tcg_ctx->plugin_ops, plugin_link) {
+ enum plugin_gen_from from = op->args[0];
+ enum plugin_gen_cb type = op->args[1];
+
+ tcg_debug_assert(op->opc == INDEX_op_plugin_cb_start);
+ /* ENABLE_MEM_HELPER is the first callback of an instruction */
+ if (from == PLUGIN_GEN_FROM_INSN &&
+ type == PLUGIN_GEN_ENABLE_MEM_HELPER) {
+ insn_idx++;
+ }
+ plugin_inject_cb(plugin_tb, op, insn_idx);
+ }
+ pr_ops();
+}
+
+bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb)
+{
+ struct qemu_plugin_tb *ptb = tcg_ctx->plugin_tb;
+ bool ret = false;
+
+ if (test_bit(QEMU_PLUGIN_EV_VCPU_TB_TRANS, cpu->plugin_mask)) {
+ ret = true;
+
+ QSIMPLEQ_INIT(&tcg_ctx->plugin_ops);
+ ptb->vaddr = tb->pc;
+ ptb->vaddr2 = -1;
+ get_page_addr_code_hostp(cpu->env_ptr, tb->pc, &ptb->haddr1);
+ ptb->haddr2 = NULL;
+
+ plugin_gen_empty_callback(PLUGIN_GEN_FROM_TB);
+ }
+ return ret;
+}
+
+void plugin_gen_insn_start(CPUState *cpu, const DisasContextBase *db)
+{
+ struct qemu_plugin_tb *ptb = tcg_ctx->plugin_tb;
+ struct qemu_plugin_insn *pinsn;
+
+ pinsn = qemu_plugin_tb_insn_get(ptb);
+ tcg_ctx->plugin_insn = pinsn;
+ pinsn->vaddr = db->pc_next;
+ plugin_gen_empty_callback(PLUGIN_GEN_FROM_INSN);
+
+ /*
+ * Detect page crossing to get the new host address.
+ * Note that we skip this when haddr1 == NULL, e.g. when we're
+ * fetching instructions from a region not backed by RAM.
+ */
+ if (likely(ptb->haddr1 != NULL && ptb->vaddr2 == -1) &&
+ unlikely((db->pc_next & TARGET_PAGE_MASK) !=
+ (db->pc_first & TARGET_PAGE_MASK))) {
+ get_page_addr_code_hostp(cpu->env_ptr, db->pc_next,
+ &ptb->haddr2);
+ ptb->vaddr2 = db->pc_next;
+ }
+ if (likely(ptb->vaddr2 == -1)) {
+ pinsn->haddr = ptb->haddr1 + pinsn->vaddr - ptb->vaddr;
+ } else {
+ pinsn->haddr = ptb->haddr2 + pinsn->vaddr - ptb->vaddr2;
+ }
+}
+
+void plugin_gen_insn_end(void)
+{
+ plugin_gen_empty_callback(PLUGIN_GEN_AFTER_INSN);
+}
+
+void plugin_gen_tb_end(CPUState *cpu)
+{
+ struct qemu_plugin_tb *ptb = tcg_ctx->plugin_tb;
+ int i;
+
+ /* collect instrumentation requests */
+ qemu_plugin_tb_trans_cb(cpu, ptb);
+
+ /* inject the instrumentation at the appropriate places */
+ plugin_gen_inject(ptb);
+
+ /* clean up */
+ for (i = 0; i < PLUGIN_N_CB_SUBTYPES; i++) {
+ if (ptb->cbs[i]) {
+ g_array_set_size(ptb->cbs[i], 0);
+ }
+ }
+ ptb->n = 0;
+ tcg_ctx->plugin_insn = NULL;
+}
diff --git a/accel/tcg/plugin-helpers.h b/accel/tcg/plugin-helpers.h
new file mode 100644
index 0000000000..1916ee7920
--- /dev/null
+++ b/accel/tcg/plugin-helpers.h
@@ -0,0 +1,5 @@
+#ifdef CONFIG_PLUGIN
+/* Note: no TCG flags because those are overwritten later */
+DEF_HELPER_2(plugin_vcpu_udata_cb, void, i32, ptr)
+DEF_HELPER_4(plugin_vcpu_mem_cb, void, i32, i32, i64, ptr)
+#endif
diff --git a/include/exec/helper-gen.h b/include/exec/helper-gen.h
index 22381a1708..236ff40524 100644
--- a/include/exec/helper-gen.h
+++ b/include/exec/helper-gen.h
@@ -70,6 +70,7 @@ static inline void glue(gen_helper_, name)(dh_retvar_decl(ret) \
#include "trace/generated-helpers.h"
#include "trace/generated-helpers-wrappers.h"
#include "tcg-runtime.h"
+#include "plugin-helpers.h"
#undef DEF_HELPER_FLAGS_0
#undef DEF_HELPER_FLAGS_1
diff --git a/include/exec/helper-proto.h b/include/exec/helper-proto.h
index 74943edb13..1c4ba9bc78 100644
--- a/include/exec/helper-proto.h
+++ b/include/exec/helper-proto.h
@@ -33,6 +33,7 @@ dh_ctype(ret) HELPER(name) (dh_ctype(t1), dh_ctype(t2), dh_ctype(t3), \
#include "helper.h"
#include "trace/generated-helpers.h"
#include "tcg-runtime.h"
+#include "plugin-helpers.h"
#undef DEF_HELPER_FLAGS_0
#undef DEF_HELPER_FLAGS_1
diff --git a/include/exec/helper-tcg.h b/include/exec/helper-tcg.h
index 268e0f804b..573c2ce2e9 100644
--- a/include/exec/helper-tcg.h
+++ b/include/exec/helper-tcg.h
@@ -55,6 +55,7 @@
#include "helper.h"
#include "trace/generated-helpers.h"
#include "tcg-runtime.h"
+#include "plugin-helpers.h"
#undef str
#undef DEF_HELPER_FLAGS_0
diff --git a/include/exec/plugin-gen.h b/include/exec/plugin-gen.h
new file mode 100644
index 0000000000..de519883b1
--- /dev/null
+++ b/include/exec/plugin-gen.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2017, Emilio G. Cota <cota@braap.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ *
+ * plugin-gen.h - TCG-dependent definitions for generating plugin code
+ *
+ * This header should be included only from plugin.c and C files that emit
+ * TCG code.
+ */
+#ifndef QEMU_PLUGIN_GEN_H
+#define QEMU_PLUGIN_GEN_H
+
+#include "qemu/plugin.h"
+#include "tcg/tcg.h"
+
+struct DisasContextBase;
+
+#ifdef CONFIG_PLUGIN
+
+bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb);
+void plugin_gen_tb_end(CPUState *cpu);
+void plugin_gen_insn_start(CPUState *cpu, const struct DisasContextBase *db);
+void plugin_gen_insn_end(void);
+
+void plugin_gen_disable_mem_helpers(void);
+void plugin_gen_empty_mem_callback(TCGv addr, uint32_t info);
+
+#else /* !CONFIG_PLUGIN */
+
+static inline
+bool plugin_gen_tb_start(CPUState *cpu, const TranslationBlock *tb)
+{
+ return false;
+}
+
+static inline
+void plugin_gen_insn_start(CPUState *cpu, const struct DisasContextBase *db)
+{ }
+
+static inline void plugin_gen_insn_end(void)
+{ }
+
+static inline void plugin_gen_tb_end(CPUState *cpu)
+{ }
+
+static inline void plugin_gen_disable_mem_helpers(void)
+{ }
+
+static inline void plugin_gen_empty_mem_callback(TCGv addr, uint32_t info)
+{ }
+
+#endif /* CONFIG_PLUGIN */
+
+#endif /* QEMU_PLUGIN_GEN_H */
+
diff --git a/tcg/tcg-op.h b/tcg/tcg-op.h
index 7c778f96f3..4af272daa5 100644
--- a/tcg/tcg-op.h
+++ b/tcg/tcg-op.h
@@ -833,6 +833,17 @@ void tcg_gen_goto_tb(unsigned idx);
*/
void tcg_gen_lookup_and_goto_ptr(void);
+static inline void tcg_gen_plugin_cb_start(unsigned from, unsigned type,
+ unsigned wr)
+{
+ tcg_gen_op3(INDEX_op_plugin_cb_start, from, type, wr);
+}
+
+static inline void tcg_gen_plugin_cb_end(void)
+{
+ tcg_emit_op(INDEX_op_plugin_cb_end);
+}
+
#if TARGET_LONG_BITS == 32
#define tcg_temp_new() tcg_temp_new_i32()
#define tcg_global_reg_new tcg_global_reg_new_i32
diff --git a/tcg/tcg-opc.h b/tcg/tcg-opc.h
index 242d608e6d..9288a04946 100644
--- a/tcg/tcg-opc.h
+++ b/tcg/tcg-opc.h
@@ -198,6 +198,9 @@ DEF(goto_tb, 0, 0, 1, TCG_OPF_BB_EXIT | TCG_OPF_BB_END)
DEF(goto_ptr, 0, 1, 0,
TCG_OPF_BB_EXIT | TCG_OPF_BB_END | IMPL(TCG_TARGET_HAS_goto_ptr))
+DEF(plugin_cb_start, 0, 0, 3, TCG_OPF_NOT_PRESENT)
+DEF(plugin_cb_end, 0, 0, 0, TCG_OPF_NOT_PRESENT)
+
DEF(qemu_ld_i32, 1, TLADDR_ARGS, 1,
TCG_OPF_CALL_CLOBBER | TCG_OPF_SIDE_EFFECTS)
DEF(qemu_st_i32, 0, TLADDR_ARGS + 1, 1,
diff --git a/tcg/tcg.c b/tcg/tcg.c
index 16b2d0e0ec..5475d49ed1 100644
--- a/tcg/tcg.c
+++ b/tcg/tcg.c
@@ -736,6 +736,15 @@ void tcg_region_init(void)
#endif
}
+static void alloc_tcg_plugin_context(TCGContext *s)
+{
+#ifdef CONFIG_PLUGIN
+ s->plugin_tb = g_new0(struct qemu_plugin_tb, 1);
+ s->plugin_tb->insns =
+ g_ptr_array_new_with_free_func(qemu_plugin_insn_cleanup_fn);
+#endif
+}
+
/*
* All TCG threads except the parent (i.e. the one that called tcg_context_init
* and registered the target's TCG globals) must register with this function
@@ -780,6 +789,10 @@ void tcg_register_thread(void)
g_assert(n < ms->smp.max_cpus);
atomic_set(&tcg_ctxs[n], s);
+ if (n > 0) {
+ alloc_tcg_plugin_context(s);
+ }
+
tcg_ctx = s;
qemu_mutex_lock(®ion.lock);
err = tcg_region_initial_alloc__locked(tcg_ctx);
@@ -976,6 +989,8 @@ void tcg_context_init(TCGContext *s)
indirect_reg_alloc_order[i] = tcg_target_reg_alloc_order[i];
}
+ alloc_tcg_plugin_context(s);
+
tcg_ctx = s;
/*
* In user-mode we simply share the init context among threads, since we
@@ -1681,6 +1696,13 @@ void tcg_gen_callN(void *func, TCGTemp *ret, int nargs, TCGTemp **args)
flags = info->flags;
sizemask = info->sizemask;
+#ifdef CONFIG_PLUGIN
+ /* detect non-plugin helpers */
+ if (tcg_ctx->plugin_insn && unlikely(strncmp(info->name, "plugin_", 7))) {
+ tcg_ctx->plugin_insn->calls_helpers = true;
+ }
+#endif
+
#if defined(__sparc__) && !defined(__arch64__) \
&& !defined(CONFIG_TCG_INTERPRETER)
/* We have 64-bit values in one register, but need to pass as two
diff --git a/tcg/tcg.h b/tcg/tcg.h
index a37181c899..d234b4c9a5 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -538,6 +538,9 @@ typedef struct TCGOp {
/* Next and previous opcodes. */
QTAILQ_ENTRY(TCGOp) link;
+#ifdef CONFIG_PLUGIN
+ QSIMPLEQ_ENTRY(TCGOp) plugin_link;
+#endif
/* Arguments for the opcode. */
TCGArg args[MAX_OPC_PARAM];
@@ -639,6 +642,23 @@ struct TCGContext {
TCGLabel *exitreq_label;
+#ifdef CONFIG_PLUGIN
+ /*
+ * We keep one plugin_tb struct per TCGContext. Note that on every TB
+ * translation we clear but do not free its contents; this way we
+ * avoid a lot of malloc/free churn, since after a few TB's it's
+ * unlikely that we'll need to allocate either more instructions or more
+ * space for instructions (for variable-instruction-length ISAs).
+ */
+ struct qemu_plugin_tb *plugin_tb;
+
+ /* descriptor of the instruction being translated */
+ struct qemu_plugin_insn *plugin_insn;
+
+ /* list to quickly access the injected ops */
+ QSIMPLEQ_HEAD(, TCGOp) plugin_ops;
+#endif
+
TCGTempSet free_temps[TCG_TYPE_COUNT * 2];
TCGTemp temps[TCG_MAX_TEMPS]; /* globals first, temps after */
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 14/55] plugin-gen: add module for TCG-related code
2019-10-14 10:49 ` [PATCH v5 14/55] plugin-gen: add module for TCG-related code Alex Bennée
@ 2019-10-14 15:23 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 15:23 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Paolo Bonzini, Richard Henderson
On 10/14/19 3:49 AM, Alex Bennée wrote:
> From: "Emilio G. Cota" <cota@braap.org>
>
> We first inject empty instrumentation from translator_loop.
> After translation, we go through the plugins to see what
> they want to register for, filling in the empty instrumentation.
> If if turns out that some instrumentation remains unused, we
> remove it.
>
> This approach supports the following features:
>
> - Inlining TCG code for simple operations. Note that we do not
> export TCG ops to plugins. Instead, we give them a C API to
> insert inlined ops. So far we only support adding an immediate
> to a u64, e.g. to count events.
>
> - "Direct" callbacks. These are callbacks that do not go via
> a helper. Instead, the helper is defined at run-time, so that
> the plugin code is directly called from TCG. This makes direct
> callbacks as efficient as possible; they are therefore used
> for very frequent events, e.g. memory callbacks.
>
> - Passing the host address to memory callbacks. Most of this
> is implemented in a later patch though.
>
> - Instrumentation of memory accesses performed from helpers.
> See the corresponding comment, as well as a later patch.
>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> [AJB: add alloc_tcg_plugin_context, use glib, rm hwaddr]
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v3
> - introduce alloc_tcg_plugin_context
> - allocate GPtrArray for tracking insns
> v4
> - remove hwaddr variants of callbacks
> - pass full 32bit meminfo
> - remove now unused code
> - move plugin_gen_from into .c file
> v5
> - fix offsets when storing mem callbacks.
> - remove #if 0 code no longer needed
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 15/55] atomic_template: add inline trace/plugin helpers
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (13 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 14/55] plugin-gen: add module for TCG-related code Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 16/55] tcg: let plugins instrument virtual memory accesses Alex Bennée
` (40 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Riku Voipio, Richard Henderson, peter.puhov, aaron,
cota, Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
In preparation for plugin support.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v4
- move common stuff to atomic_common.inc.c
- fix ups for widened uint16_t info
- drop haddr in helpers
- fix wide lines
---
accel/tcg/atomic_common.inc.c | 50 +++++++++++++++++++
accel/tcg/atomic_template.h | 93 +++++++++++++++++++++--------------
accel/tcg/cputlb.c | 2 +
accel/tcg/user-exec.c | 2 +
4 files changed, 111 insertions(+), 36 deletions(-)
create mode 100644 accel/tcg/atomic_common.inc.c
diff --git a/accel/tcg/atomic_common.inc.c b/accel/tcg/atomic_common.inc.c
new file mode 100644
index 0000000000..a86098fb2d
--- /dev/null
+++ b/accel/tcg/atomic_common.inc.c
@@ -0,0 +1,50 @@
+/*
+ * Common Atomic Helper Functions
+ *
+ * This file should be included before the various instantiations of
+ * the atomic_template.h helpers.
+ *
+ * Copyright (c) 2019 Linaro
+ * Written by Alex Bennée <alex.bennee@linaro.org>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+static inline
+void atomic_trace_rmw_pre(CPUArchState *env, target_ulong addr, uint16_t info)
+{
+ CPUState *cpu = env_cpu(env);
+
+ trace_guest_mem_before_exec(cpu, addr, info);
+ trace_guest_mem_before_exec(cpu, addr, info | TRACE_MEM_ST);
+}
+
+static inline void
+atomic_trace_rmw_post(CPUArchState *env, target_ulong addr, uint16_t info)
+{
+}
+
+static inline
+void atomic_trace_ld_pre(CPUArchState *env, target_ulong addr, uint16_t info)
+{
+ trace_guest_mem_before_exec(env_cpu(env), addr, info);
+}
+
+static inline
+void atomic_trace_ld_post(CPUArchState *env, target_ulong addr, uint16_t info)
+{
+}
+
+static inline
+void atomic_trace_st_pre(CPUArchState *env, target_ulong addr, uint16_t info)
+{
+ trace_guest_mem_before_exec(env_cpu(env), addr, info);
+}
+
+static inline
+void atomic_trace_st_post(CPUArchState *env, target_ulong addr, uint16_t info)
+{
+}
diff --git a/accel/tcg/atomic_template.h b/accel/tcg/atomic_template.h
index dfeddf6a54..84d3370bf0 100644
--- a/accel/tcg/atomic_template.h
+++ b/accel/tcg/atomic_template.h
@@ -59,26 +59,6 @@
# define ABI_TYPE uint32_t
#endif
-#define ATOMIC_TRACE_RMW do { \
- uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false, ATOMIC_MMU_IDX); \
- \
- trace_guest_mem_before_exec(env_cpu(env), addr, info); \
- trace_guest_mem_before_exec(env_cpu(env), addr, \
- info | TRACE_MEM_ST); \
- } while (0)
-
-#define ATOMIC_TRACE_LD do { \
- uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false, ATOMIC_MMU_IDX); \
- \
- trace_guest_mem_before_exec(env_cpu(env), addr, info); \
- } while (0)
-
-# define ATOMIC_TRACE_ST do { \
- uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, true, ATOMIC_MMU_IDX); \
- \
- trace_guest_mem_before_exec(env_cpu(env), addr, info); \
- } while (0)
-
/* Define host-endian atomic operations. Note that END is used within
the ATOMIC_NAME macro, and redefined below. */
#if DATA_SIZE == 1
@@ -98,14 +78,17 @@ ABI_TYPE ATOMIC_NAME(cmpxchg)(CPUArchState *env, target_ulong addr,
ATOMIC_MMU_DECLS;
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
DATA_TYPE ret;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_RMW;
+ atomic_trace_rmw_pre(env, addr, info);
#if DATA_SIZE == 16
ret = atomic16_cmpxchg(haddr, cmpv, newv);
#else
ret = atomic_cmpxchg__nocheck(haddr, cmpv, newv);
#endif
ATOMIC_MMU_CLEANUP;
+ atomic_trace_rmw_post(env, addr, info);
return ret;
}
@@ -115,10 +98,13 @@ ABI_TYPE ATOMIC_NAME(ld)(CPUArchState *env, target_ulong addr EXTRA_ARGS)
{
ATOMIC_MMU_DECLS;
DATA_TYPE val, *haddr = ATOMIC_MMU_LOOKUP;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_LD;
+ atomic_trace_ld_pre(env, addr, info);
val = atomic16_read(haddr);
ATOMIC_MMU_CLEANUP;
+ atomic_trace_ld_post(env, addr, info);
return val;
}
@@ -127,10 +113,13 @@ void ATOMIC_NAME(st)(CPUArchState *env, target_ulong addr,
{
ATOMIC_MMU_DECLS;
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, true,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_ST;
+ atomic_trace_st_pre(env, addr, info);
atomic16_set(haddr, val);
ATOMIC_MMU_CLEANUP;
+ atomic_trace_st_post(env, addr, info);
}
#endif
#else
@@ -140,10 +129,13 @@ ABI_TYPE ATOMIC_NAME(xchg)(CPUArchState *env, target_ulong addr,
ATOMIC_MMU_DECLS;
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
DATA_TYPE ret;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_RMW;
+ atomic_trace_rmw_pre(env, addr, info);
ret = atomic_xchg__nocheck(haddr, val);
ATOMIC_MMU_CLEANUP;
+ atomic_trace_rmw_post(env, addr, info);
return ret;
}
@@ -154,10 +146,14 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr, \
ATOMIC_MMU_DECLS; \
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP; \
DATA_TYPE ret; \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, \
+ false, \
+ ATOMIC_MMU_IDX); \
\
- ATOMIC_TRACE_RMW; \
+ atomic_trace_rmw_pre(env, addr, info); \
ret = atomic_##X(haddr, val); \
ATOMIC_MMU_CLEANUP; \
+ atomic_trace_rmw_post(env, addr, info); \
return ret; \
}
@@ -186,8 +182,11 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr, \
ATOMIC_MMU_DECLS; \
XDATA_TYPE *haddr = ATOMIC_MMU_LOOKUP; \
XDATA_TYPE cmp, old, new, val = xval; \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, \
+ false, \
+ ATOMIC_MMU_IDX); \
\
- ATOMIC_TRACE_RMW; \
+ atomic_trace_rmw_pre(env, addr, info); \
smp_mb(); \
cmp = atomic_read__nocheck(haddr); \
do { \
@@ -195,6 +194,7 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr, \
cmp = atomic_cmpxchg__nocheck(haddr, old, new); \
} while (cmp != old); \
ATOMIC_MMU_CLEANUP; \
+ atomic_trace_rmw_post(env, addr, info); \
return RET; \
}
@@ -232,14 +232,18 @@ ABI_TYPE ATOMIC_NAME(cmpxchg)(CPUArchState *env, target_ulong addr,
ATOMIC_MMU_DECLS;
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
DATA_TYPE ret;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT,
+ false,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_RMW;
+ atomic_trace_rmw_pre(env, addr, info);
#if DATA_SIZE == 16
ret = atomic16_cmpxchg(haddr, BSWAP(cmpv), BSWAP(newv));
#else
ret = atomic_cmpxchg__nocheck(haddr, BSWAP(cmpv), BSWAP(newv));
#endif
ATOMIC_MMU_CLEANUP;
+ atomic_trace_rmw_post(env, addr, info);
return BSWAP(ret);
}
@@ -249,10 +253,14 @@ ABI_TYPE ATOMIC_NAME(ld)(CPUArchState *env, target_ulong addr EXTRA_ARGS)
{
ATOMIC_MMU_DECLS;
DATA_TYPE val, *haddr = ATOMIC_MMU_LOOKUP;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT,
+ false,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_LD;
+ atomic_trace_ld_pre(env, addr, info);
val = atomic16_read(haddr);
ATOMIC_MMU_CLEANUP;
+ atomic_trace_ld_post(env, addr, info);
return BSWAP(val);
}
@@ -261,11 +269,16 @@ void ATOMIC_NAME(st)(CPUArchState *env, target_ulong addr,
{
ATOMIC_MMU_DECLS;
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT,
+ true,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_ST;
+ val = BSWAP(val);
+ atomic_trace_st_pre(env, addr, info);
val = BSWAP(val);
atomic16_set(haddr, val);
ATOMIC_MMU_CLEANUP;
+ atomic_trace_st_post(env, addr, info);
}
#endif
#else
@@ -275,10 +288,14 @@ ABI_TYPE ATOMIC_NAME(xchg)(CPUArchState *env, target_ulong addr,
ATOMIC_MMU_DECLS;
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP;
ABI_TYPE ret;
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT,
+ false,
+ ATOMIC_MMU_IDX);
- ATOMIC_TRACE_RMW;
+ atomic_trace_rmw_pre(env, addr, info);
ret = atomic_xchg__nocheck(haddr, BSWAP(val));
ATOMIC_MMU_CLEANUP;
+ atomic_trace_rmw_post(env, addr, info);
return BSWAP(ret);
}
@@ -289,10 +306,14 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr, \
ATOMIC_MMU_DECLS; \
DATA_TYPE *haddr = ATOMIC_MMU_LOOKUP; \
DATA_TYPE ret; \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, \
+ false, \
+ ATOMIC_MMU_IDX); \
\
- ATOMIC_TRACE_RMW; \
+ atomic_trace_rmw_pre(env, addr, info); \
ret = atomic_##X(haddr, BSWAP(val)); \
ATOMIC_MMU_CLEANUP; \
+ atomic_trace_rmw_post(env, addr, info); \
return BSWAP(ret); \
}
@@ -319,8 +340,11 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr, \
ATOMIC_MMU_DECLS; \
XDATA_TYPE *haddr = ATOMIC_MMU_LOOKUP; \
XDATA_TYPE ldo, ldn, old, new, val = xval; \
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, \
+ false, \
+ ATOMIC_MMU_IDX); \
\
- ATOMIC_TRACE_RMW; \
+ atomic_trace_rmw_pre(env, addr, info); \
smp_mb(); \
ldn = atomic_read__nocheck(haddr); \
do { \
@@ -328,6 +352,7 @@ ABI_TYPE ATOMIC_NAME(X)(CPUArchState *env, target_ulong addr, \
ldn = atomic_cmpxchg__nocheck(haddr, ldo, BSWAP(new)); \
} while (ldo != ldn); \
ATOMIC_MMU_CLEANUP; \
+ atomic_trace_rmw_post(env, addr, info); \
return RET; \
}
@@ -355,10 +380,6 @@ GEN_ATOMIC_HELPER_FN(add_fetch, ADD, DATA_TYPE, new)
#undef MEND
#endif /* DATA_SIZE > 1 */
-#undef ATOMIC_TRACE_ST
-#undef ATOMIC_TRACE_LD
-#undef ATOMIC_TRACE_RMW
-
#undef BSWAP
#undef ABI_TYPE
#undef DATA_TYPE
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index 9cf9e6455e..b587d910f8 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1825,6 +1825,8 @@ void helper_be_stq_mmu(CPUArchState *env, target_ulong addr, uint64_t val,
#define ATOMIC_MMU_CLEANUP
#define ATOMIC_MMU_IDX oi
+#include "atomic_common.inc.c"
+
#define DATA_SIZE 1
#include "atomic_template.h"
diff --git a/accel/tcg/user-exec.c b/accel/tcg/user-exec.c
index e9a58c5331..6b20510994 100644
--- a/accel/tcg/user-exec.c
+++ b/accel/tcg/user-exec.c
@@ -756,6 +756,8 @@ static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
#define ATOMIC_NAME(X) HELPER(glue(glue(atomic_ ## X, SUFFIX), END))
#define EXTRA_ARGS
+#include "atomic_common.inc.c"
+
#define DATA_SIZE 1
#include "atomic_template.h"
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 16/55] tcg: let plugins instrument virtual memory accesses
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (14 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 15/55] atomic_template: add inline trace/plugin helpers Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr Alex Bennée
` (39 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
To capture all memory accesses we need hook into all the various
helper functions that are involved in memory operations as well as the
injected inline helper calls. A later commit will allow us to resolve
the actual guest HW addresses by replaying the lookup.
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: drop haddr handling, just deal in vaddr]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v3
- fixes for cpu_neg()
v4
- rebase fixups, moved cpu_neg() fixes down the stack
- drop haddr support - will be restored with later helper
- reword commit
---
accel/tcg/atomic_common.inc.c | 4 +++
accel/tcg/atomic_template.h | 1 +
accel/tcg/cpu-exec.c | 3 ++
include/exec/cpu-defs.h | 1 +
include/exec/cpu_ldst_template.h | 28 +++++++++-------
include/exec/cpu_ldst_useronly_template.h | 29 ++++++++--------
tcg/tcg-op.c | 40 ++++++++++++++++++-----
tcg/tcg.h | 1 +
8 files changed, 71 insertions(+), 36 deletions(-)
diff --git a/accel/tcg/atomic_common.inc.c b/accel/tcg/atomic_common.inc.c
index a86098fb2d..344525b0bb 100644
--- a/accel/tcg/atomic_common.inc.c
+++ b/accel/tcg/atomic_common.inc.c
@@ -25,6 +25,8 @@ void atomic_trace_rmw_pre(CPUArchState *env, target_ulong addr, uint16_t info)
static inline void
atomic_trace_rmw_post(CPUArchState *env, target_ulong addr, uint16_t info)
{
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), addr, info);
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), addr, info | TRACE_MEM_ST);
}
static inline
@@ -36,6 +38,7 @@ void atomic_trace_ld_pre(CPUArchState *env, target_ulong addr, uint16_t info)
static inline
void atomic_trace_ld_post(CPUArchState *env, target_ulong addr, uint16_t info)
{
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), addr, info);
}
static inline
@@ -47,4 +50,5 @@ void atomic_trace_st_pre(CPUArchState *env, target_ulong addr, uint16_t info)
static inline
void atomic_trace_st_post(CPUArchState *env, target_ulong addr, uint16_t info)
{
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), addr, info);
}
diff --git a/accel/tcg/atomic_template.h b/accel/tcg/atomic_template.h
index 84d3370bf0..837676231f 100644
--- a/accel/tcg/atomic_template.h
+++ b/accel/tcg/atomic_template.h
@@ -18,6 +18,7 @@
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
+#include "qemu/plugin.h"
#include "trace/mem.h"
#if DATA_SIZE == 16
diff --git a/accel/tcg/cpu-exec.c b/accel/tcg/cpu-exec.c
index 81c33d6475..c01f59c743 100644
--- a/accel/tcg/cpu-exec.c
+++ b/accel/tcg/cpu-exec.c
@@ -268,6 +268,7 @@ void cpu_exec_step_atomic(CPUState *cpu)
qemu_mutex_unlock_iothread();
}
assert_no_pages_locked();
+ qemu_plugin_disable_mem_helpers(cpu);
}
if (cpu_in_exclusive_context(cpu)) {
@@ -701,6 +702,8 @@ int cpu_exec(CPUState *cpu)
if (qemu_mutex_iothread_locked()) {
qemu_mutex_unlock_iothread();
}
+ qemu_plugin_disable_mem_helpers(cpu);
+
assert_no_pages_locked();
}
diff --git a/include/exec/cpu-defs.h b/include/exec/cpu-defs.h
index be946ba1ce..8c44abefa2 100644
--- a/include/exec/cpu-defs.h
+++ b/include/exec/cpu-defs.h
@@ -214,6 +214,7 @@ typedef struct CPUTLBCommon {
* Since this is placed within CPUNegativeOffsetState, the smallest
* negative offsets are at the end of the struct.
*/
+
typedef struct CPUTLB {
CPUTLBCommon c;
CPUTLBDesc d[NB_MMU_MODES];
diff --git a/include/exec/cpu_ldst_template.h b/include/exec/cpu_ldst_template.h
index 5750a26b9e..6f0d340797 100644
--- a/include/exec/cpu_ldst_template.h
+++ b/include/exec/cpu_ldst_template.h
@@ -28,6 +28,7 @@
#include "trace-root.h"
#endif
+#include "qemu/plugin.h"
#include "trace/mem.h"
#if DATA_SIZE == 8
@@ -86,11 +87,9 @@ glue(glue(glue(cpu_ld, USUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
target_ulong addr;
int mmu_idx = CPU_MMU_INDEX;
TCGMemOpIdx oi;
-
#if !defined(SOFTMMU_CODE_ACCESS)
- trace_guest_mem_before_exec(
- env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, false, mmu_idx));
+ uint16_t meminfo = trace_mem_build_info(SHIFT, false, MO_TE, false, mmu_idx);
+ trace_guest_mem_before_exec(env_cpu(env), ptr, meminfo);
#endif
addr = ptr;
@@ -104,6 +103,9 @@ glue(glue(glue(cpu_ld, USUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
uintptr_t hostaddr = addr + entry->addend;
res = glue(glue(ld, USUFFIX), _p)((uint8_t *)hostaddr);
}
+#ifndef SOFTMMU_CODE_ACCESS
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), ptr, meminfo);
+#endif
return res;
}
@@ -124,11 +126,9 @@ glue(glue(glue(cpu_lds, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
target_ulong addr;
int mmu_idx = CPU_MMU_INDEX;
TCGMemOpIdx oi;
-
#if !defined(SOFTMMU_CODE_ACCESS)
- trace_guest_mem_before_exec(
- env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, true, MO_TE, false, mmu_idx));
+ uint16_t meminfo = trace_mem_build_info(SHIFT, true, MO_TE, false, mmu_idx);
+ trace_guest_mem_before_exec(env_cpu(env), ptr, meminfo);
#endif
addr = ptr;
@@ -142,6 +142,9 @@ glue(glue(glue(cpu_lds, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
uintptr_t hostaddr = addr + entry->addend;
res = glue(glue(lds, SUFFIX), _p)((uint8_t *)hostaddr);
}
+#ifndef SOFTMMU_CODE_ACCESS
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), ptr, meminfo);
+#endif
return res;
}
@@ -165,11 +168,9 @@ glue(glue(glue(cpu_st, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
target_ulong addr;
int mmu_idx = CPU_MMU_INDEX;
TCGMemOpIdx oi;
-
#if !defined(SOFTMMU_CODE_ACCESS)
- trace_guest_mem_before_exec(
- env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, true, mmu_idx));
+ uint16_t meminfo = trace_mem_build_info(SHIFT, false, MO_TE, true, mmu_idx);
+ trace_guest_mem_before_exec(env_cpu(env), ptr, meminfo);
#endif
addr = ptr;
@@ -183,6 +184,9 @@ glue(glue(glue(cpu_st, SUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
uintptr_t hostaddr = addr + entry->addend;
glue(glue(st, SUFFIX), _p)((uint8_t *)hostaddr, v);
}
+#ifndef SOFTMMU_CODE_ACCESS
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), ptr, meminfo);
+#endif
}
static inline void
diff --git a/include/exec/cpu_ldst_useronly_template.h b/include/exec/cpu_ldst_useronly_template.h
index 8f7f117ad4..5cd0fa3b99 100644
--- a/include/exec/cpu_ldst_useronly_template.h
+++ b/include/exec/cpu_ldst_useronly_template.h
@@ -64,18 +64,17 @@
static inline RES_TYPE
glue(glue(cpu_ld, USUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr)
{
-#ifdef CODE_ACCESS
RES_TYPE ret;
+#ifdef CODE_ACCESS
set_helper_retaddr(1);
ret = glue(glue(ld, USUFFIX), _p)(g2h(ptr));
clear_helper_retaddr();
- return ret;
#else
- trace_guest_mem_before_exec(
- env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, false, 0));
- return glue(glue(ld, USUFFIX), _p)(g2h(ptr));
+ uint16_t meminfo = trace_mem_build_info(SHIFT, false, MO_TE, false, 0);
+ trace_guest_mem_before_exec(env_cpu(env), ptr, meminfo);
+ ret = glue(glue(ld, USUFFIX), _p)(g2h(ptr));
#endif
+ return ret;
}
#ifndef CODE_ACCESS
@@ -96,18 +95,18 @@ glue(glue(glue(cpu_ld, USUFFIX), MEMSUFFIX), _ra)(CPUArchState *env,
static inline int
glue(glue(cpu_lds, SUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr)
{
-#ifdef CODE_ACCESS
int ret;
+#ifdef CODE_ACCESS
set_helper_retaddr(1);
ret = glue(glue(lds, SUFFIX), _p)(g2h(ptr));
clear_helper_retaddr();
- return ret;
#else
- trace_guest_mem_before_exec(
- env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, true, MO_TE, false, 0));
- return glue(glue(lds, SUFFIX), _p)(g2h(ptr));
+ uint16_t meminfo = trace_mem_build_info(SHIFT, true, MO_TE, false, 0);
+ trace_guest_mem_before_exec(env_cpu(env), ptr, meminfo);
+ ret = glue(glue(lds, SUFFIX), _p)(g2h(ptr));
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), ptr, meminfo);
#endif
+ return ret;
}
#ifndef CODE_ACCESS
@@ -130,10 +129,10 @@ static inline void
glue(glue(cpu_st, SUFFIX), MEMSUFFIX)(CPUArchState *env, abi_ptr ptr,
RES_TYPE v)
{
- trace_guest_mem_before_exec(
- env_cpu(env), ptr,
- trace_mem_build_info(SHIFT, false, MO_TE, true, 0));
+ uint16_t meminfo = trace_mem_build_info(SHIFT, false, MO_TE, true, 0);
+ trace_guest_mem_before_exec(env_cpu(env), ptr, meminfo);
glue(glue(st, SUFFIX), _p)(g2h(ptr), v);
+ qemu_plugin_vcpu_mem_cb(env_cpu(env), ptr, meminfo);
}
static inline void
diff --git a/tcg/tcg-op.c b/tcg/tcg-op.c
index 1388bd344d..c245126f98 100644
--- a/tcg/tcg-op.c
+++ b/tcg/tcg-op.c
@@ -30,6 +30,7 @@
#include "tcg-mo.h"
#include "trace-tcg.h"
#include "trace/mem.h"
+#include "exec/plugin-gen.h"
/* Reduce the number of ifdefs below. This assumes that all uses of
TCGV_HIGH and TCGV_LOW are properly protected by a conditional that
@@ -2684,6 +2685,7 @@ void tcg_gen_exit_tb(TranslationBlock *tb, unsigned idx)
tcg_debug_assert(idx == TB_EXIT_REQUESTED);
}
+ plugin_gen_disable_mem_helpers();
tcg_gen_op1i(INDEX_op_exit_tb, val);
}
@@ -2696,6 +2698,7 @@ void tcg_gen_goto_tb(unsigned idx)
tcg_debug_assert((tcg_ctx->goto_tb_issue_mask & (1 << idx)) == 0);
tcg_ctx->goto_tb_issue_mask |= 1 << idx;
#endif
+ plugin_gen_disable_mem_helpers();
/* When not chaining, we simply fall through to the "fallback" exit. */
if (!qemu_loglevel_mask(CPU_LOG_TB_NOCHAIN)) {
tcg_gen_op1i(INDEX_op_goto_tb, idx);
@@ -2705,7 +2708,10 @@ void tcg_gen_goto_tb(unsigned idx)
void tcg_gen_lookup_and_goto_ptr(void)
{
if (TCG_TARGET_HAS_goto_ptr && !qemu_loglevel_mask(CPU_LOG_TB_NOCHAIN)) {
- TCGv_ptr ptr = tcg_temp_new_ptr();
+ TCGv_ptr ptr;
+
+ plugin_gen_disable_mem_helpers();
+ ptr = tcg_temp_new_ptr();
gen_helper_lookup_tb_ptr(ptr, cpu_env);
tcg_gen_op1i(INDEX_op_goto_ptr, tcgv_ptr_arg(ptr));
tcg_temp_free_ptr(ptr);
@@ -2788,14 +2794,24 @@ static void tcg_gen_req_mo(TCGBar type)
}
}
+static inline void plugin_gen_mem_callbacks(TCGv vaddr, uint16_t info)
+{
+#ifdef CONFIG_PLUGIN
+ if (tcg_ctx->plugin_insn == NULL) {
+ return;
+ }
+ plugin_gen_empty_mem_callback(vaddr, info);
+#endif
+}
+
void tcg_gen_qemu_ld_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
{
MemOp orig_memop;
+ uint16_t info = trace_mem_get_info(memop, idx, 0);
tcg_gen_req_mo(TCG_MO_LD_LD | TCG_MO_ST_LD);
memop = tcg_canonicalize_memop(memop, 0, 0);
- trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, idx, 0));
+ trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env, addr, info);
orig_memop = memop;
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
@@ -2807,6 +2823,7 @@ void tcg_gen_qemu_ld_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
}
gen_ldst_i32(INDEX_op_qemu_ld_i32, val, addr, memop, idx);
+ plugin_gen_mem_callbacks(addr, info);
if ((orig_memop ^ memop) & MO_BSWAP) {
switch (orig_memop & MO_SIZE) {
@@ -2828,11 +2845,11 @@ void tcg_gen_qemu_ld_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
void tcg_gen_qemu_st_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
{
TCGv_i32 swap = NULL;
+ uint16_t info = trace_mem_get_info(memop, idx, 1);
tcg_gen_req_mo(TCG_MO_LD_ST | TCG_MO_ST_ST);
memop = tcg_canonicalize_memop(memop, 0, 1);
- trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, idx, 1));
+ trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env, addr, info);
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
swap = tcg_temp_new_i32();
@@ -2852,6 +2869,7 @@ void tcg_gen_qemu_st_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
}
gen_ldst_i32(INDEX_op_qemu_st_i32, val, addr, memop, idx);
+ plugin_gen_mem_callbacks(addr, info);
if (swap) {
tcg_temp_free_i32(swap);
@@ -2861,6 +2879,7 @@ void tcg_gen_qemu_st_i32(TCGv_i32 val, TCGv addr, TCGArg idx, MemOp memop)
void tcg_gen_qemu_ld_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
{
MemOp orig_memop;
+ uint16_t info;
if (TCG_TARGET_REG_BITS == 32 && (memop & MO_SIZE) < MO_64) {
tcg_gen_qemu_ld_i32(TCGV_LOW(val), addr, idx, memop);
@@ -2874,8 +2893,8 @@ void tcg_gen_qemu_ld_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
tcg_gen_req_mo(TCG_MO_LD_LD | TCG_MO_ST_LD);
memop = tcg_canonicalize_memop(memop, 1, 0);
- trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, idx, 0));
+ info = trace_mem_get_info(memop, idx, 0);
+ trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env, addr, info);
orig_memop = memop;
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
@@ -2887,6 +2906,7 @@ void tcg_gen_qemu_ld_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
}
gen_ldst_i64(INDEX_op_qemu_ld_i64, val, addr, memop, idx);
+ plugin_gen_mem_callbacks(addr, info);
if ((orig_memop ^ memop) & MO_BSWAP) {
switch (orig_memop & MO_SIZE) {
@@ -2914,6 +2934,7 @@ void tcg_gen_qemu_ld_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
void tcg_gen_qemu_st_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
{
TCGv_i64 swap = NULL;
+ uint16_t info;
if (TCG_TARGET_REG_BITS == 32 && (memop & MO_SIZE) < MO_64) {
tcg_gen_qemu_st_i32(TCGV_LOW(val), addr, idx, memop);
@@ -2922,8 +2943,8 @@ void tcg_gen_qemu_st_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
tcg_gen_req_mo(TCG_MO_LD_ST | TCG_MO_ST_ST);
memop = tcg_canonicalize_memop(memop, 1, 1);
- trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env,
- addr, trace_mem_get_info(memop, idx, 1));
+ info = trace_mem_get_info(memop, idx, 1);
+ trace_guest_mem_before_tcg(tcg_ctx->cpu, cpu_env, addr, info);
if (!TCG_TARGET_HAS_MEMORY_BSWAP && (memop & MO_BSWAP)) {
swap = tcg_temp_new_i64();
@@ -2947,6 +2968,7 @@ void tcg_gen_qemu_st_i64(TCGv_i64 val, TCGv addr, TCGArg idx, MemOp memop)
}
gen_ldst_i64(INDEX_op_qemu_st_i64, val, addr, memop, idx);
+ plugin_gen_mem_callbacks(addr, info);
if (swap) {
tcg_temp_free_i64(swap);
diff --git a/tcg/tcg.h b/tcg/tcg.h
index d234b4c9a5..a38659ea5b 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -29,6 +29,7 @@
#include "exec/memop.h"
#include "exec/tb-context.h"
#include "qemu/bitops.h"
+#include "qemu/plugin.h"
#include "qemu/queue.h"
#include "tcg-mo.h"
#include "tcg-target.h"
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (15 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 16/55] tcg: let plugins instrument virtual memory accesses Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 15:45 ` Richard Henderson
2019-10-14 15:54 ` Peter Maydell
2019-10-14 10:49 ` [PATCH v5 18/55] translate-all: notify plugin code of tb_flush Alex Bennée
` (38 subsequent siblings)
55 siblings, 2 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Paolo Bonzini,
Alex Bennée, Richard Henderson
We need to keep a local per-cpu copy of the data as other threads may
be running. We use a automatically growing array and re-use the space
for subsequent queries.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v5
- use TLS instead of racy GArray
- add more commentary regarding success
- error_report if we fail
---
accel/tcg/cputlb.c | 35 +++++++++++++++++++++++++++++++++++
include/exec/exec-all.h | 20 ++++++++++++++++++++
include/qemu/plugin.h | 6 ++++++
plugins/api.c | 34 +++++++++++++++++++++++++++++++++-
4 files changed, 94 insertions(+), 1 deletion(-)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index b587d910f8..2937dac7a5 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1247,6 +1247,41 @@ void *tlb_vaddr_to_host(CPUArchState *env, abi_ptr addr,
return (void *)((uintptr_t)addr + entry->addend);
}
+
+#ifdef CONFIG_PLUGIN
+/*
+ * Perform a TLB lookup and populate the qemu_plugin_hwaddr structure.
+ * This should be a hot path as we will have just looked this path up
+ * in the softmmu lookup code (or helper). We don't handle re-fills or
+ * checking the victim table. This is purely informational.
+ *
+ * This should never fail as the memory access being instrumented
+ * should have just filled the TLB.
+ */
+
+bool tlb_plugin_lookup(CPUState *cpu, target_ulong addr, int mmu_idx,
+ bool is_store, struct qemu_plugin_hwaddr *data)
+{
+ CPUArchState *env = cpu->env_ptr;
+ CPUTLBEntry *tlbe = tlb_entry(env, mmu_idx, addr);
+ target_ulong tlb_addr = is_store ? tlb_addr_write(tlbe) : tlbe->addr_read;
+
+ if (likely(tlb_hit(tlb_addr, addr))) {
+ if (tlb_addr & TLB_MMIO) {
+ data->hostaddr = 0;
+ data->is_io = true;
+ /* XXX: lookup device */
+ } else {
+ data->hostaddr = addr + tlbe->addend;
+ data->is_io = false;
+ }
+ return true;
+ }
+ return false;
+}
+
+#endif
+
/* Probe for a read-modify-write atomic operation. Do not allow unaligned
* operations, or io operations to proceed. Return the host address. */
static void *atomic_mmu_lookup(CPUArchState *env, target_ulong addr,
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index ba2f501f0f..47a071fee0 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -261,6 +261,20 @@ void tlb_set_page_with_attrs(CPUState *cpu, target_ulong vaddr,
void tlb_set_page(CPUState *cpu, target_ulong vaddr,
hwaddr paddr, int prot,
int mmu_idx, target_ulong size);
+
+/**
+ * tlb_plugin_lookup: query last TLB lookup
+ * @cpu: cpu environment
+ *
+ * This function can be used directly after a memory operation to
+ * query information about the access. It is used by the plugin
+ * infrastructure to expose more information about the address.
+ *
+ * It would only fail if not called from an instrumented memory access
+ * which would be an abuse of the API.
+ */
+bool tlb_plugin_lookup(CPUState *cpu, target_ulong addr, int mmu_idx,
+ bool is_store, struct qemu_plugin_hwaddr *data);
#else
static inline void tlb_init(CPUState *cpu)
{
@@ -310,6 +324,12 @@ static inline void tlb_flush_by_mmuidx_all_cpus_synced(CPUState *cpu,
uint16_t idxmap)
{
}
+static inline bool tlb_plugin_lookup(CPUState *cpu, target_ulong addr,
+ int mmu_idx, bool is_store,
+ struct qemu_plugin_hwaddr *data)
+{
+ return false;
+}
#endif
void *probe_access(CPUArchState *env, target_ulong addr, int size,
MMUAccessType access_type, int mmu_idx, uintptr_t retaddr);
diff --git a/include/qemu/plugin.h b/include/qemu/plugin.h
index 3c46a24166..657345df60 100644
--- a/include/qemu/plugin.h
+++ b/include/qemu/plugin.h
@@ -182,6 +182,12 @@ struct qemu_plugin_insn *qemu_plugin_tb_insn_get(struct qemu_plugin_tb *tb)
return insn;
}
+struct qemu_plugin_hwaddr {
+ uint64_t hostaddr;
+ bool is_io;
+};
+
+
#ifdef CONFIG_PLUGIN
void qemu_plugin_vcpu_init_hook(CPUState *cpu);
diff --git a/plugins/api.c b/plugins/api.c
index 3de05719a8..fbacd78df6 100644
--- a/plugins/api.c
+++ b/plugins/api.c
@@ -39,7 +39,7 @@
#include "cpu.h"
#include "sysemu/sysemu.h"
#include "tcg/tcg.h"
-#include "trace/mem-internal.h" /* mem_info macros */
+#include "exec/exec-all.h"
#include "plugin.h"
#ifndef CONFIG_USER_ONLY
#include "hw/boards.h"
@@ -240,11 +240,30 @@ bool qemu_plugin_mem_is_store(qemu_plugin_meminfo_t info)
* Virtual Memory queries
*/
+#ifdef CONFIG_SOFTMMU
+static __thread struct qemu_plugin_hwaddr hwaddr_info;
+
+struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
+ uint64_t vaddr)
+{
+ CPUState *cpu = current_cpu;
+ unsigned int mmu_idx = info >> TRACE_MEM_MMU_SHIFT;
+
+ if (!tlb_plugin_lookup(cpu, vaddr, mmu_idx,
+ info & TRACE_MEM_ST, &hwaddr_info)) {
+ error_report("invalid use of qemu_plugin_get_hwaddr");
+ return NULL;
+ }
+
+ return &hwaddr_info;
+}
+#else
struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
uint64_t vaddr)
{
return NULL;
}
+#endif
bool qemu_plugin_hwaddr_is_io(struct qemu_plugin_hwaddr *hwaddr)
{
@@ -253,7 +272,20 @@ bool qemu_plugin_hwaddr_is_io(struct qemu_plugin_hwaddr *hwaddr)
uint64_t qemu_plugin_hwaddr_to_raddr(const struct qemu_plugin_hwaddr *haddr)
{
+#ifdef CONFIG_SOFTMMU
+ ram_addr_t ram_addr = 0;
+
+ if (haddr && !haddr->is_io) {
+ ram_addr = qemu_ram_addr_from_host((void *) haddr->hostaddr);
+ if (ram_addr == RAM_ADDR_INVALID) {
+ error_report("Bad ram pointer %"PRIx64"", haddr->hostaddr);
+ abort();
+ }
+ }
+ return ram_addr;
+#else
return 0;
+#endif
}
/*
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr
2019-10-14 10:49 ` [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr Alex Bennée
@ 2019-10-14 15:45 ` Richard Henderson
2019-10-14 15:54 ` Peter Maydell
1 sibling, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 15:45 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Paolo Bonzini, Richard Henderson
On 10/14/19 3:49 AM, Alex Bennée wrote:
> +bool tlb_plugin_lookup(CPUState *cpu, target_ulong addr, int mmu_idx,
> + bool is_store, struct qemu_plugin_hwaddr *data)
> +{
> + CPUArchState *env = cpu->env_ptr;
> + CPUTLBEntry *tlbe = tlb_entry(env, mmu_idx, addr);
> + target_ulong tlb_addr = is_store ? tlb_addr_write(tlbe) : tlbe->addr_read;
> +
> + if (likely(tlb_hit(tlb_addr, addr))) {
> + if (tlb_addr & TLB_MMIO) {
> + data->hostaddr = 0;
> + data->is_io = true;
> + /* XXX: lookup device */
> + } else {
> + data->hostaddr = addr + tlbe->addend;
> + data->is_io = false;
...
> uint64_t qemu_plugin_hwaddr_to_raddr(const struct qemu_plugin_hwaddr *haddr)
> {
> +#ifdef CONFIG_SOFTMMU
> + ram_addr_t ram_addr = 0;
> +
> + if (haddr && !haddr->is_io) {
> + ram_addr = qemu_ram_addr_from_host((void *) haddr->hostaddr);
> + if (ram_addr == RAM_ADDR_INVALID) {
So, did you want the host address or the ram_addr?
If you really only want the ram_addr then you can get
that directly from the (io)tlb:
uintptr_t index = tlb_index(env, mmu_idx, addr);
CPUTLB *tlb = &cpu_neg(cpu)->tlb;
CPUIOTLBEntry *iotlbentry = &tlb->d[mmu_idx].iotlb[index];
data->raddr = addr + iotlbentry->addr;
That said, what you have works.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr
2019-10-14 10:49 ` [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr Alex Bennée
2019-10-14 15:45 ` Richard Henderson
@ 2019-10-14 15:54 ` Peter Maydell
2019-10-14 16:34 ` Alex Bennée
1 sibling, 1 reply; 94+ messages in thread
From: Peter Maydell @ 2019-10-14 15:54 UTC (permalink / raw)
To: Alex Bennée
Cc: robert.foley, QEMU Developers, peter.puhov, Aaron Lindsay,
Emilio G. Cota, Paolo Bonzini, Richard Henderson
On Mon, 14 Oct 2019 at 12:25, Alex Bennée <alex.bennee@linaro.org> wrote:
>
> We need to keep a local per-cpu copy of the data as other threads may
> be running. We use a automatically growing array and re-use the space
> for subsequent queries.
>
> +#ifdef CONFIG_SOFTMMU
> +static __thread struct qemu_plugin_hwaddr hwaddr_info;
> +
> +struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
> + uint64_t vaddr)
> +{
> + CPUState *cpu = current_cpu;
> + unsigned int mmu_idx = info >> TRACE_MEM_MMU_SHIFT;
> +
> + if (!tlb_plugin_lookup(cpu, vaddr, mmu_idx,
> + info & TRACE_MEM_ST, &hwaddr_info)) {
> + error_report("invalid use of qemu_plugin_get_hwaddr");
> + return NULL;
> + }
> +
> + return &hwaddr_info;
> +}
Apologies for dropping into the middle of this patchset, but
this API looks a bit odd. A hwaddr alone isn't a complete
definition of an access -- you need an (AddressSpace, hwaddr)
tuple for that. So this API looks like it doesn't really cope
with things like TrustZone ?
> uint64_t qemu_plugin_hwaddr_to_raddr(const struct qemu_plugin_hwaddr *haddr)
> {
> +#ifdef CONFIG_SOFTMMU
> + ram_addr_t ram_addr = 0;
> +
> + if (haddr && !haddr->is_io) {
> + ram_addr = qemu_ram_addr_from_host((void *) haddr->hostaddr);
> + if (ram_addr == RAM_ADDR_INVALID) {
> + error_report("Bad ram pointer %"PRIx64"", haddr->hostaddr);
> + abort();
> + }
> + }
> + return ram_addr;
> +#else
> return 0;
> +#endif
> }
This looks odd to see in the plugin API -- ramaddrs should
be a QEMU internal concept, shouldn't they?
thanks
-- PMM
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr
2019-10-14 15:54 ` Peter Maydell
@ 2019-10-14 16:34 ` Alex Bennée
2019-10-14 16:56 ` Peter Maydell
0 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 16:34 UTC (permalink / raw)
To: Peter Maydell
Cc: robert.foley, QEMU Developers, peter.puhov, Aaron Lindsay,
Emilio G. Cota, Paolo Bonzini, Richard Henderson
Peter Maydell <peter.maydell@linaro.org> writes:
> On Mon, 14 Oct 2019 at 12:25, Alex Bennée <alex.bennee@linaro.org> wrote:
>>
>> We need to keep a local per-cpu copy of the data as other threads may
>> be running. We use a automatically growing array and re-use the space
>> for subsequent queries.
>>
>
>
>> +#ifdef CONFIG_SOFTMMU
>> +static __thread struct qemu_plugin_hwaddr hwaddr_info;
>> +
>> +struct qemu_plugin_hwaddr *qemu_plugin_get_hwaddr(qemu_plugin_meminfo_t info,
>> + uint64_t vaddr)
>> +{
>> + CPUState *cpu = current_cpu;
>> + unsigned int mmu_idx = info >> TRACE_MEM_MMU_SHIFT;
>> +
>> + if (!tlb_plugin_lookup(cpu, vaddr, mmu_idx,
>> + info & TRACE_MEM_ST, &hwaddr_info)) {
>> + error_report("invalid use of qemu_plugin_get_hwaddr");
>> + return NULL;
>> + }
>> +
>> + return &hwaddr_info;
>> +}
>
> Apologies for dropping into the middle of this patchset, but
> this API looks a bit odd. A hwaddr alone isn't a complete
> definition of an access -- you need an (AddressSpace, hwaddr)
> tuple for that. So this API looks like it doesn't really cope
> with things like TrustZone ?
Aren't hwaddr's unique across the bus? Or is this because you would have
two address buses (secure and non-secure) with different address lines to
different chips?
But surely we have all the information we need because we've hooked the
two things that QEMU's softmmu code knows. The mmu_idx and the vaddr
with which the slow path can figure out what it needs.
>> uint64_t qemu_plugin_hwaddr_to_raddr(const struct qemu_plugin_hwaddr *haddr)
>> {
>> +#ifdef CONFIG_SOFTMMU
>> + ram_addr_t ram_addr = 0;
>> +
>> + if (haddr && !haddr->is_io) {
>> + ram_addr = qemu_ram_addr_from_host((void *) haddr->hostaddr);
>> + if (ram_addr == RAM_ADDR_INVALID) {
>> + error_report("Bad ram pointer %"PRIx64"", haddr->hostaddr);
>> + abort();
>> + }
>> + }
>> + return ram_addr;
>> +#else
>> return 0;
>> +#endif
>> }
>
> This looks odd to see in the plugin API -- ramaddrs should
> be a QEMU internal concept, shouldn't they?
Hmm maybe.. I guess it's a special case of device offset. Do you want to
drop this part for now?
>
> thanks
> -- PMM
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr
2019-10-14 16:34 ` Alex Bennée
@ 2019-10-14 16:56 ` Peter Maydell
0 siblings, 0 replies; 94+ messages in thread
From: Peter Maydell @ 2019-10-14 16:56 UTC (permalink / raw)
To: Alex Bennée
Cc: robert.foley, QEMU Developers, peter.puhov, Aaron Lindsay,
Emilio G. Cota, Paolo Bonzini, Richard Henderson
On Mon, 14 Oct 2019 at 17:34, Alex Bennée <alex.bennee@linaro.org> wrote:
> Peter Maydell <peter.maydell@linaro.org> writes:
> > Apologies for dropping into the middle of this patchset, but
> > this API looks a bit odd. A hwaddr alone isn't a complete
> > definition of an access -- you need an (AddressSpace, hwaddr)
> > tuple for that. So this API looks like it doesn't really cope
> > with things like TrustZone ?
>
> Aren't hwaddr's unique across the bus? Or is this because you would have
> two address buses (secure and non-secure) with different address lines to
> different chips?
Architecturally, there are two completely separate physical
address spaces for Secure and NonSecure.
In actual Arm hardware, what you get is a bus/interconnect
where effectively the 'S/NS' line is an extra address bit.
The interconnect can set things up however it likes, but the
most common setup is "most devices mapped at the same address
in both S and NS", aka "most decode ignores the S/NS signal",
with some "this device is only present in S". There's no inherent
reason you couldn't have "address A is device X in S and device
Y in NS", though.
> But surely we have all the information we need because we've hooked the
> two things that QEMU's softmmu code knows. The mmu_idx and the vaddr
> with which the slow path can figure out what it needs.
I think the slowpath uses the MemTxAttrs rather than the mmu_idx:
iotlb_to_section() calls cpu_asidx_from_attrs() and then pulls the
AddressSpace out of cpu->cpu_ases[].
From the point of view of a plugin, it probably wants
the (hwaddr, MemTxAttrs) for the access.
> > This looks odd to see in the plugin API -- ramaddrs should
> > be a QEMU internal concept, shouldn't they?
>
> Hmm maybe.. I guess it's a special case of device offset. Do you want to
> drop this part for now?
I'd need to go and look at the overall plugin-facing API to
be sure, but in general my expectation would be that the
whole API should be in terms of guest-architectural concepts,
with no QEMU-isms like ramaddrs leaking through.
thanks
-- PMM
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 18/55] translate-all: notify plugin code of tb_flush
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (16 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 17/55] plugins: implement helpers for resolving hwaddr Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 19/55] *-user: notify plugin of exit Alex Bennée
` (37 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Plugins might allocate per-TB data that then they get passed each
time a TB is executed (via the *userdata pointer).
Notify plugin code every time a code cache flush occurs, so
that plugins can then reclaim the memory of the per-TB data.
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
accel/tcg/translate-all.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
index 0a08fcda3e..6d1b0ecd69 100644
--- a/accel/tcg/translate-all.c
+++ b/accel/tcg/translate-all.c
@@ -1231,6 +1231,8 @@ static gboolean tb_host_size_iter(gpointer key, gpointer value, gpointer data)
/* flush all the translation blocks */
static void do_tb_flush(CPUState *cpu, run_on_cpu_data tb_flush_count)
{
+ bool did_flush = false;
+
mmap_lock();
/* If it is already been done on request of another CPU,
* just retry.
@@ -1238,6 +1240,7 @@ static void do_tb_flush(CPUState *cpu, run_on_cpu_data tb_flush_count)
if (tb_ctx.tb_flush_count != tb_flush_count.host_int) {
goto done;
}
+ did_flush = true;
if (DEBUG_TB_FLUSH_GATE) {
size_t nb_tbs = tcg_nb_tbs();
@@ -1262,6 +1265,9 @@ static void do_tb_flush(CPUState *cpu, run_on_cpu_data tb_flush_count)
done:
mmap_unlock();
+ if (did_flush) {
+ qemu_plugin_flush_cb();
+ }
}
void tb_flush(CPUState *cpu)
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 19/55] *-user: notify plugin of exit
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (17 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 18/55] translate-all: notify plugin code of tb_flush Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 20/55] *-user: plugin syscalls Alex Bennée
` (36 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Riku Voipio, Richard Henderson, Laurent Vivier,
peter.puhov, aaron, cota, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
bsd-user/syscall.c | 3 +++
linux-user/exit.c | 1 +
2 files changed, 4 insertions(+)
diff --git a/bsd-user/syscall.c b/bsd-user/syscall.c
index 1ee6195d9f..84a983a9a1 100644
--- a/bsd-user/syscall.c
+++ b/bsd-user/syscall.c
@@ -332,6 +332,7 @@ abi_long do_freebsd_syscall(void *cpu_env, int num, abi_long arg1,
_mcleanup();
#endif
gdb_exit(cpu_env, arg1);
+ qemu_plugin_atexit_cb();
/* XXX: should free thread stack and CPU env */
_exit(arg1);
ret = 0; /* avoid warning */
@@ -430,6 +431,7 @@ abi_long do_netbsd_syscall(void *cpu_env, int num, abi_long arg1,
_mcleanup();
#endif
gdb_exit(cpu_env, arg1);
+ qemu_plugin_atexit_cb();
/* XXX: should free thread stack and CPU env */
_exit(arg1);
ret = 0; /* avoid warning */
@@ -505,6 +507,7 @@ abi_long do_openbsd_syscall(void *cpu_env, int num, abi_long arg1,
_mcleanup();
#endif
gdb_exit(cpu_env, arg1);
+ qemu_plugin_atexit_cb();
/* XXX: should free thread stack and CPU env */
_exit(arg1);
ret = 0; /* avoid warning */
diff --git a/linux-user/exit.c b/linux-user/exit.c
index bdda720553..a362ef67d2 100644
--- a/linux-user/exit.c
+++ b/linux-user/exit.c
@@ -35,4 +35,5 @@ void preexit_cleanup(CPUArchState *env, int code)
__gcov_dump();
#endif
gdb_exit(env, code);
+ qemu_plugin_atexit_cb();
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 20/55] *-user: plugin syscalls
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (18 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 19/55] *-user: notify plugin of exit Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 21/55] cpu: hook plugin vcpu events Alex Bennée
` (35 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Riku Voipio, Richard Henderson, Laurent Vivier,
peter.puhov, aaron, cota, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
To avoid too much duplication add a wrapper that the existing trace
and the new plugin calls can live in. We could move the -strace code
here as well but that is left for a future series as the code is
subtly different between the bsd and linux.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
[AJB: wrap in syscall-trace.h, expand commit msg]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
bsd-user/syscall.c | 21 +++++++++++++------
include/user/syscall-trace.h | 40 ++++++++++++++++++++++++++++++++++++
linux-user/syscall.c | 7 ++++---
3 files changed, 59 insertions(+), 9 deletions(-)
create mode 100644 include/user/syscall-trace.h
diff --git a/bsd-user/syscall.c b/bsd-user/syscall.c
index 84a983a9a1..0d45b654bb 100644
--- a/bsd-user/syscall.c
+++ b/bsd-user/syscall.c
@@ -26,6 +26,7 @@
#include "qemu.h"
#include "qemu-common.h"
+#include "user/syscall-trace.h"
//#define DEBUG
@@ -322,7 +323,8 @@ abi_long do_freebsd_syscall(void *cpu_env, int num, abi_long arg1,
#ifdef DEBUG
gemu_log("freebsd syscall %d\n", num);
#endif
- trace_guest_user_syscall(cpu, num, arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8);
+ record_syscall_start(cpu, num, arg1, arg2, arg3, arg4, arg5, arg6, 0, 0);
+
if(do_strace)
print_freebsd_syscall(num, arg1, arg2, arg3, arg4, arg5, arg6);
@@ -403,7 +405,8 @@ abi_long do_freebsd_syscall(void *cpu_env, int num, abi_long arg1,
#endif
if (do_strace)
print_freebsd_syscall_ret(num, ret);
- trace_guest_user_syscall_ret(cpu, num, ret);
+
+ record_syscall_return(cpu, num, ret);
return ret;
efault:
ret = -TARGET_EFAULT;
@@ -421,7 +424,9 @@ abi_long do_netbsd_syscall(void *cpu_env, int num, abi_long arg1,
#ifdef DEBUG
gemu_log("netbsd syscall %d\n", num);
#endif
- trace_guest_user_syscall(cpu, num, arg1, arg2, arg3, arg4, arg5, arg6, 0, 0);
+
+ record_syscall_start(cpu, num, arg1, arg2, arg3, arg4, arg5, arg6, 0, 0);
+
if(do_strace)
print_netbsd_syscall(num, arg1, arg2, arg3, arg4, arg5, arg6);
@@ -479,7 +484,8 @@ abi_long do_netbsd_syscall(void *cpu_env, int num, abi_long arg1,
#endif
if (do_strace)
print_netbsd_syscall_ret(num, ret);
- trace_guest_user_syscall_ret(cpu, num, ret);
+
+ record_syscall_return(cpu, num, ret);
return ret;
efault:
ret = -TARGET_EFAULT;
@@ -497,7 +503,9 @@ abi_long do_openbsd_syscall(void *cpu_env, int num, abi_long arg1,
#ifdef DEBUG
gemu_log("openbsd syscall %d\n", num);
#endif
- trace_guest_user_syscall(cpu, num, arg1, arg2, arg3, arg4, arg5, arg6, 0, 0);
+
+ record_syscall_start(cpu, num, arg1, arg2, arg3, arg4, arg5, arg6, 0, 0);
+
if(do_strace)
print_openbsd_syscall(num, arg1, arg2, arg3, arg4, arg5, arg6);
@@ -555,7 +563,8 @@ abi_long do_openbsd_syscall(void *cpu_env, int num, abi_long arg1,
#endif
if (do_strace)
print_openbsd_syscall_ret(num, ret);
- trace_guest_user_syscall_ret(cpu, num, ret);
+
+ record_syscall_return(cpu, num, ret);
return ret;
efault:
ret = -TARGET_EFAULT;
diff --git a/include/user/syscall-trace.h b/include/user/syscall-trace.h
new file mode 100644
index 0000000000..9e60473643
--- /dev/null
+++ b/include/user/syscall-trace.h
@@ -0,0 +1,40 @@
+/*
+ * Common System Call Tracing Wrappers for *-user
+ *
+ * Copyright (c) 2019 Linaro
+ * Written by Alex Bennée <alex.bennee@linaro.org>
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef _SYSCALL_TRACE_H_
+#define _SYSCALL_TRACE_H_
+
+/*
+ * These helpers just provide a common place for the various
+ * subsystems that want to track syscalls to put their hooks in. We
+ * could potentially unify the -strace code here as well.
+ */
+
+static inline void record_syscall_start(void *cpu, int num,
+ abi_long arg1, abi_long arg2,
+ abi_long arg3, abi_long arg4,
+ abi_long arg5, abi_long arg6,
+ abi_long arg7, abi_long arg8)
+{
+ trace_guest_user_syscall(cpu, num,
+ arg1, arg2, arg3, arg4,
+ arg5, arg6, arg7, arg8);
+ qemu_plugin_vcpu_syscall(cpu, num,
+ arg1, arg2, arg3, arg4,
+ arg5, arg6, arg7, arg8);
+}
+
+static inline void record_syscall_return(void *cpu, int num, abi_long ret)
+{
+ trace_guest_user_syscall_ret(cpu, num, ret);
+ qemu_plugin_vcpu_syscall_ret(cpu, num, ret);
+}
+
+
+#endif /* _SYSCALL_TRACE_H_ */
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index e2af3c1494..77e87a959f 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -112,6 +112,7 @@
#include "qemu.h"
#include "qemu/guest-random.h"
+#include "user/syscall-trace.h"
#include "qapi/error.h"
#include "fd-trans.h"
@@ -11981,8 +11982,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
}
#endif
- trace_guest_user_syscall(cpu, num, arg1, arg2, arg3, arg4,
- arg5, arg6, arg7, arg8);
+ record_syscall_start(cpu, num, arg1,
+ arg2, arg3, arg4, arg5, arg6, arg7, arg8);
if (unlikely(do_strace)) {
print_syscall(num, arg1, arg2, arg3, arg4, arg5, arg6);
@@ -11994,6 +11995,6 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1,
arg5, arg6, arg7, arg8);
}
- trace_guest_user_syscall_ret(cpu, num, ret);
+ record_syscall_return(cpu, num, ret);
return ret;
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 21/55] cpu: hook plugin vcpu events
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (19 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 20/55] *-user: plugin syscalls Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 22/55] plugin-gen: add plugin_insn_append Alex Bennée
` (34 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Eduardo Habkost, robert.foley, Richard Henderson, peter.puhov,
aaron, cota, Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
cpus.c | 10 ++++++++++
exec.c | 2 ++
hw/core/cpu.c | 2 ++
3 files changed, 14 insertions(+)
diff --git a/cpus.c b/cpus.c
index d2c61ff155..98f00ffba7 100644
--- a/cpus.c
+++ b/cpus.c
@@ -45,6 +45,7 @@
#include "exec/exec-all.h"
#include "qemu/thread.h"
+#include "qemu/plugin.h"
#include "sysemu/cpus.h"
#include "sysemu/qtest.h"
#include "qemu/main-loop.h"
@@ -1255,9 +1256,18 @@ static void qemu_tcg_rr_wait_io_event(void)
static void qemu_wait_io_event(CPUState *cpu)
{
+ bool slept = false;
+
while (cpu_thread_is_idle(cpu)) {
+ if (!slept) {
+ slept = true;
+ qemu_plugin_vcpu_idle_cb(cpu);
+ }
qemu_cond_wait(cpu->halt_cond, &qemu_global_mutex);
}
+ if (slept) {
+ qemu_plugin_vcpu_resume_cb(cpu);
+ }
#ifdef _WIN32
/* Eat dummy APC queued by qemu_cpu_kick_thread. */
diff --git a/exec.c b/exec.c
index bdcfcdff3f..7be7adb8f5 100644
--- a/exec.c
+++ b/exec.c
@@ -975,6 +975,8 @@ void cpu_exec_realizefn(CPUState *cpu, Error **errp)
}
tlb_init(cpu);
+ qemu_plugin_vcpu_init_hook(cpu);
+
#ifndef CONFIG_USER_ONLY
if (qdev_get_vmsd(DEVICE(cpu)) == NULL) {
vmstate_register(NULL, cpu->cpu_index, &vmstate_cpu_common, cpu);
diff --git a/hw/core/cpu.c b/hw/core/cpu.c
index 73b1ee34d0..db1a03c6bb 100644
--- a/hw/core/cpu.c
+++ b/hw/core/cpu.c
@@ -32,6 +32,7 @@
#include "hw/boards.h"
#include "hw/qdev-properties.h"
#include "trace-root.h"
+#include "qemu/plugin.h"
CPUInterruptHandler cpu_interrupt_handler;
@@ -352,6 +353,7 @@ static void cpu_common_unrealizefn(DeviceState *dev, Error **errp)
CPUState *cpu = CPU(dev);
/* NOTE: latest generic point before the cpu is fully unrealized */
trace_fini_vcpu(cpu);
+ qemu_plugin_vcpu_exit_hook(cpu);
cpu_exec_unrealizefn(cpu);
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 22/55] plugin-gen: add plugin_insn_append
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (20 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 21/55] cpu: hook plugin vcpu events Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q} Alex Bennée
` (33 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
By adding it to plugin-gen's header file, we can export is as
an inline, since tcg.h is included in the header (we need tcg_ctx).
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: use g_byte_array]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v3
- use g_byte_array
---
include/exec/plugin-gen.h | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/include/exec/plugin-gen.h b/include/exec/plugin-gen.h
index de519883b1..4834a9e2f4 100644
--- a/include/exec/plugin-gen.h
+++ b/include/exec/plugin-gen.h
@@ -27,6 +27,17 @@ void plugin_gen_insn_end(void);
void plugin_gen_disable_mem_helpers(void);
void plugin_gen_empty_mem_callback(TCGv addr, uint32_t info);
+static inline void plugin_insn_append(const void *from, size_t size)
+{
+ struct qemu_plugin_insn *insn = tcg_ctx->plugin_insn;
+
+ if (insn == NULL) {
+ return;
+ }
+
+ insn->data = g_byte_array_append(insn->data, from, size);
+}
+
#else /* !CONFIG_PLUGIN */
static inline
@@ -51,6 +62,9 @@ static inline void plugin_gen_disable_mem_helpers(void)
static inline void plugin_gen_empty_mem_callback(TCGv addr, uint32_t info)
{ }
+static inline void plugin_insn_append(const void *from, size_t size)
+{ }
+
#endif /* CONFIG_PLUGIN */
#endif /* QEMU_PLUGIN_GEN_H */
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q}
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (21 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 22/55] plugin-gen: add plugin_insn_append Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:08 ` Richard Henderson
2019-10-14 17:31 ` Peter Maydell
2019-10-14 10:49 ` [PATCH v5 24/55] target/arm: fetch code with translator_ld Alex Bennée
` (32 subsequent siblings)
55 siblings, 2 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
We don't bother with replicating the fast path (tlb_hit) of the old
cpu_ldst helpers as it has no measurable effect on performance. This
probably indicates we should consider flattening the whole set of
helpers but that is out of scope for this change.
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: directly plumb into softmmu/user helpers]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v4
- don't use the cpu_ldst helpers, plumb directly into the lower
level
- mark the CODE_ACCESS/SOFTMMU_CODE_ACCESS as deprecated
v5
- expand commit message w.r.t. fast path.
---
include/exec/cpu_ldst.h | 11 ++++++++
include/exec/translator.h | 58 ++++++++++++++++++++++++++++++++++++++-
include/qemu/bswap.h | 5 ++++
tcg/tcg.h | 2 ++
4 files changed, 75 insertions(+), 1 deletion(-)
diff --git a/include/exec/cpu_ldst.h b/include/exec/cpu_ldst.h
index 9151fdb042..fd499f7e2f 100644
--- a/include/exec/cpu_ldst.h
+++ b/include/exec/cpu_ldst.h
@@ -129,6 +129,11 @@ static inline void clear_helper_retaddr(void)
#include "exec/cpu_ldst_useronly_template.h"
#undef MEMSUFFIX
+/*
+ * Code access is deprecated in favour of translator_ld* functions
+ * (see translator.h). However there are still users that need to
+ * converted so for now these stay.
+ */
#define MEMSUFFIX _code
#define CODE_ACCESS
#define DATA_SIZE 1
@@ -427,6 +432,12 @@ static inline CPUTLBEntry *tlb_entry(CPUArchState *env, uintptr_t mmu_idx,
#undef CPU_MMU_INDEX
#undef MEMSUFFIX
+/*
+ * Code access is deprecated in favour of translator_ld* functions
+ * (see translator.h). However there are still users that need to
+ * converted so for now these stay.
+ */
+
#define CPU_MMU_INDEX (cpu_mmu_index(env, true))
#define MEMSUFFIX _code
#define SOFTMMU_CODE_ACCESS
diff --git a/include/exec/translator.h b/include/exec/translator.h
index 180c51d509..7a9dc1b937 100644
--- a/include/exec/translator.h
+++ b/include/exec/translator.h
@@ -19,7 +19,10 @@
*/
+#include "qemu/bswap.h"
#include "exec/exec-all.h"
+#include "exec/cpu_ldst.h"
+#include "exec/plugin-gen.h"
#include "tcg/tcg.h"
@@ -142,4 +145,57 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
void translator_loop_temp_check(DisasContextBase *db);
-#endif /* EXEC__TRANSLATOR_H */
+/*
+ * Translator Load Functions
+ *
+ * These are intended to replace the old cpu_ld*_code functions and
+ * are mandatory for front-ends that have been migrated to the common
+ * translator_loop. These functions are only intended to be called
+ * from the translation stage and should not be called from helper
+ * functions. Those functions should be converted to encode the
+ * relevant information at translation time.
+ */
+
+#ifdef CONFIG_USER_ONLY
+
+#define DO_LOAD(type, name, shift) \
+ set_helper_retaddr(1); \
+ ret = name ## _p(g2h(pc)); \
+ clear_helper_retaddr();
+
+#else
+
+#define DO_LOAD(type, name, shift) \
+ int mmu_idx = cpu_mmu_index(env, true); \
+ TCGMemOpIdx oi = make_memop_idx(shift, mmu_idx); \
+ ret = helper_ret_ ## name ## _cmmu(env, pc, oi, 0);
+
+#endif
+
+#define GEN_TRANSLATOR_LD(fullname, name, type, shift, swap_fn) \
+ static inline type \
+ fullname ## _swap(CPUArchState *env, abi_ptr pc, bool do_swap) \
+ { \
+ type ret; \
+ DO_LOAD(type, name, shift) \
+ \
+ if (do_swap) { \
+ ret = swap_fn(ret); \
+ } \
+ plugin_insn_append(&ret, sizeof(ret)); \
+ return ret; \
+ } \
+ \
+ static inline type fullname(CPUArchState *env, abi_ptr pc) \
+ { \
+ return fullname ## _swap(env, pc, false); \
+ }
+
+GEN_TRANSLATOR_LD(translator_ldub, ldb, uint8_t, 0, /* no swap needed */)
+GEN_TRANSLATOR_LD(translator_ldsw, lduw, int16_t, 1, bswap16)
+GEN_TRANSLATOR_LD(translator_lduw, lduw, uint16_t, 1, bswap16)
+GEN_TRANSLATOR_LD(translator_ldl, ldl, uint32_t, 2, bswap32)
+GEN_TRANSLATOR_LD(translator_ldq, ldq, uint64_t, 3, bswap64)
+#undef GEN_TRANSLATOR_LD
+
+#endif /* EXEC__TRANSLATOR_H */
diff --git a/include/qemu/bswap.h b/include/qemu/bswap.h
index 2a9f3fe783..4f70727874 100644
--- a/include/qemu/bswap.h
+++ b/include/qemu/bswap.h
@@ -306,6 +306,11 @@ static inline int ldub_p(const void *ptr)
return *(uint8_t *)ptr;
}
+static inline int ldb_p(const void *ptr)
+{
+ return ldub_p(ptr);
+}
+
static inline int ldsb_p(const void *ptr)
{
return *(int8_t *)ptr;
diff --git a/tcg/tcg.h b/tcg/tcg.h
index a38659ea5b..302533b463 100644
--- a/tcg/tcg.h
+++ b/tcg/tcg.h
@@ -1317,6 +1317,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
# define helper_ret_stl_mmu helper_be_stl_mmu
# define helper_ret_stq_mmu helper_be_stq_mmu
# define helper_ret_ldw_cmmu helper_be_ldw_cmmu
+# define helper_ret_lduw_cmmu helper_be_ldw_cmmu
# define helper_ret_ldl_cmmu helper_be_ldl_cmmu
# define helper_ret_ldq_cmmu helper_be_ldq_cmmu
#else
@@ -1330,6 +1331,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
# define helper_ret_stl_mmu helper_le_stl_mmu
# define helper_ret_stq_mmu helper_le_stq_mmu
# define helper_ret_ldw_cmmu helper_le_ldw_cmmu
+# define helper_ret_lduw_cmmu helper_le_ldw_cmmu
# define helper_ret_ldl_cmmu helper_le_ldl_cmmu
# define helper_ret_ldq_cmmu helper_le_ldq_cmmu
#endif
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q}
2019-10-14 10:49 ` [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q} Alex Bennée
@ 2019-10-14 16:08 ` Richard Henderson
2019-10-14 17:31 ` Peter Maydell
1 sibling, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:08 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Paolo Bonzini, Richard Henderson
On 10/14/19 3:49 AM, Alex Bennée wrote:
> From: "Emilio G. Cota" <cota@braap.org>
>
> We don't bother with replicating the fast path (tlb_hit) of the old
> cpu_ldst helpers as it has no measurable effect on performance. This
> probably indicates we should consider flattening the whole set of
> helpers but that is out of scope for this change.
>
> Suggested-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> [AJB: directly plumb into softmmu/user helpers]
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v4
> - don't use the cpu_ldst helpers, plumb directly into the lower
> level
> - mark the CODE_ACCESS/SOFTMMU_CODE_ACCESS as deprecated
> v5
> - expand commit message w.r.t. fast path.
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q}
2019-10-14 10:49 ` [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q} Alex Bennée
2019-10-14 16:08 ` Richard Henderson
@ 2019-10-14 17:31 ` Peter Maydell
2019-10-15 18:55 ` Alex Bennée
2019-10-15 19:03 ` Alex Bennée
1 sibling, 2 replies; 94+ messages in thread
From: Peter Maydell @ 2019-10-14 17:31 UTC (permalink / raw)
To: Alex Bennée
Cc: robert.foley, Richard Henderson, QEMU Developers, peter.puhov,
Aaron Lindsay, Emilio G. Cota, Paolo Bonzini, Richard Henderson
On Mon, 14 Oct 2019 at 12:38, Alex Bennée <alex.bennee@linaro.org> wrote:
>
> From: "Emilio G. Cota" <cota@braap.org>
>
> We don't bother with replicating the fast path (tlb_hit) of the old
> cpu_ldst helpers as it has no measurable effect on performance. This
> probably indicates we should consider flattening the whole set of
> helpers but that is out of scope for this change.
>
> Suggested-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> [AJB: directly plumb into softmmu/user helpers]
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> diff --git a/tcg/tcg.h b/tcg/tcg.h
> index a38659ea5b..302533b463 100644
> --- a/tcg/tcg.h
> +++ b/tcg/tcg.h
> @@ -1317,6 +1317,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
> # define helper_ret_stl_mmu helper_be_stl_mmu
> # define helper_ret_stq_mmu helper_be_stq_mmu
> # define helper_ret_ldw_cmmu helper_be_ldw_cmmu
> +# define helper_ret_lduw_cmmu helper_be_ldw_cmmu
> # define helper_ret_ldl_cmmu helper_be_ldl_cmmu
> # define helper_ret_ldq_cmmu helper_be_ldq_cmmu
> #else
> @@ -1330,6 +1331,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
> # define helper_ret_stl_mmu helper_le_stl_mmu
> # define helper_ret_stq_mmu helper_le_stq_mmu
> # define helper_ret_ldw_cmmu helper_le_ldw_cmmu
> +# define helper_ret_lduw_cmmu helper_le_ldw_cmmu
> # define helper_ret_ldl_cmmu helper_le_ldl_cmmu
> # define helper_ret_ldq_cmmu helper_le_ldq_cmmu
> #endif
This looks odd. Why is it ok to define a 'lduw' helper
as the 'ldw' cmmu helper ? One ought to be sign
extending and the other not...
thanks
-- PMM
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q}
2019-10-14 17:31 ` Peter Maydell
@ 2019-10-15 18:55 ` Alex Bennée
2019-10-15 21:34 ` Alex Bennée
2019-10-15 19:03 ` Alex Bennée
1 sibling, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-15 18:55 UTC (permalink / raw)
To: Peter Maydell
Cc: robert.foley, Richard Henderson, QEMU Developers, peter.puhov,
Aaron Lindsay, Emilio G. Cota, Paolo Bonzini, Richard Henderson
Peter Maydell <peter.maydell@linaro.org> writes:
> On Mon, 14 Oct 2019 at 12:38, Alex Bennée <alex.bennee@linaro.org> wrote:
>>
>> From: "Emilio G. Cota" <cota@braap.org>
>>
>> We don't bother with replicating the fast path (tlb_hit) of the old
>> cpu_ldst helpers as it has no measurable effect on performance. This
>> probably indicates we should consider flattening the whole set of
>> helpers but that is out of scope for this change.
>>
>> Suggested-by: Richard Henderson <richard.henderson@linaro.org>
>> Signed-off-by: Emilio G. Cota <cota@braap.org>
>> [AJB: directly plumb into softmmu/user helpers]
>> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>>
>> diff --git a/tcg/tcg.h b/tcg/tcg.h
>> index a38659ea5b..302533b463 100644
>> --- a/tcg/tcg.h
>> +++ b/tcg/tcg.h
>> @@ -1317,6 +1317,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
>> # define helper_ret_stl_mmu helper_be_stl_mmu
>> # define helper_ret_stq_mmu helper_be_stq_mmu
>> # define helper_ret_ldw_cmmu helper_be_ldw_cmmu
>> +# define helper_ret_lduw_cmmu helper_be_ldw_cmmu
>> # define helper_ret_ldl_cmmu helper_be_ldl_cmmu
>> # define helper_ret_ldq_cmmu helper_be_ldq_cmmu
>> #else
>> @@ -1330,6 +1331,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
>> # define helper_ret_stl_mmu helper_le_stl_mmu
>> # define helper_ret_stq_mmu helper_le_stq_mmu
>> # define helper_ret_ldw_cmmu helper_le_ldw_cmmu
>> +# define helper_ret_lduw_cmmu helper_le_ldw_cmmu
>> # define helper_ret_ldl_cmmu helper_le_ldl_cmmu
>> # define helper_ret_ldq_cmmu helper_le_ldq_cmmu
>> #endif
>
> This looks odd. Why is it ok to define a 'lduw' helper
> as the 'ldw' cmmu helper ? One ought to be sign
> extending and the other not...
This was attempting to make things line up between the softmmu helpers
and the user-mode ld*_p helpers that we need to expand to. I'm not sure
a sign extending loader even makes sense for code load anyway.
>
> thanks
> -- PMM
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q}
2019-10-15 18:55 ` Alex Bennée
@ 2019-10-15 21:34 ` Alex Bennée
0 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-15 21:34 UTC (permalink / raw)
To: Peter Maydell
Cc: robert.foley, Richard Henderson, QEMU Developers, peter.puhov,
Aaron Lindsay, Emilio G. Cota, Paolo Bonzini, Richard Henderson
Alex Bennée <alex.bennee@linaro.org> writes:
> Peter Maydell <peter.maydell@linaro.org> writes:
>
>> On Mon, 14 Oct 2019 at 12:38, Alex Bennée <alex.bennee@linaro.org> wrote:
>>>
>>> From: "Emilio G. Cota" <cota@braap.org>
>>>
>>> We don't bother with replicating the fast path (tlb_hit) of the old
>>> cpu_ldst helpers as it has no measurable effect on performance. This
>>> probably indicates we should consider flattening the whole set of
>>> helpers but that is out of scope for this change.
>>>
>>> Suggested-by: Richard Henderson <richard.henderson@linaro.org>
>>> Signed-off-by: Emilio G. Cota <cota@braap.org>
>>> [AJB: directly plumb into softmmu/user helpers]
>>> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>>>
>>> diff --git a/tcg/tcg.h b/tcg/tcg.h
>>> index a38659ea5b..302533b463 100644
>>> --- a/tcg/tcg.h
>>> +++ b/tcg/tcg.h
>>> @@ -1317,6 +1317,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
>>> # define helper_ret_stl_mmu helper_be_stl_mmu
>>> # define helper_ret_stq_mmu helper_be_stq_mmu
>>> # define helper_ret_ldw_cmmu helper_be_ldw_cmmu
>>> +# define helper_ret_lduw_cmmu helper_be_ldw_cmmu
>>> # define helper_ret_ldl_cmmu helper_be_ldl_cmmu
>>> # define helper_ret_ldq_cmmu helper_be_ldq_cmmu
>>> #else
>>> @@ -1330,6 +1331,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
>>> # define helper_ret_stl_mmu helper_le_stl_mmu
>>> # define helper_ret_stq_mmu helper_le_stq_mmu
>>> # define helper_ret_ldw_cmmu helper_le_ldw_cmmu
>>> +# define helper_ret_lduw_cmmu helper_le_ldw_cmmu
>>> # define helper_ret_ldl_cmmu helper_le_ldl_cmmu
>>> # define helper_ret_ldq_cmmu helper_le_ldq_cmmu
>>> #endif
>>
>> This looks odd. Why is it ok to define a 'lduw' helper
>> as the 'ldw' cmmu helper ? One ought to be sign
>> extending and the other not...
>
> This was attempting to make things line up between the softmmu helpers
> and the user-mode ld*_p helpers that we need to expand to. I'm not sure
> a sign extending loader even makes sense for code load anyway.
That last bit is not true as sign extending helpers are used for loading
sign-extended immediate values.
>
>>
>> thanks
>> -- PMM
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q}
2019-10-14 17:31 ` Peter Maydell
2019-10-15 18:55 ` Alex Bennée
@ 2019-10-15 19:03 ` Alex Bennée
1 sibling, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-15 19:03 UTC (permalink / raw)
To: Peter Maydell
Cc: robert.foley, Richard Henderson, QEMU Developers, peter.puhov,
Aaron Lindsay, Emilio G. Cota, Paolo Bonzini, Richard Henderson
Peter Maydell <peter.maydell@linaro.org> writes:
> On Mon, 14 Oct 2019 at 12:38, Alex Bennée <alex.bennee@linaro.org> wrote:
>>
>> From: "Emilio G. Cota" <cota@braap.org>
>>
>> We don't bother with replicating the fast path (tlb_hit) of the old
>> cpu_ldst helpers as it has no measurable effect on performance. This
>> probably indicates we should consider flattening the whole set of
>> helpers but that is out of scope for this change.
>>
>> Suggested-by: Richard Henderson <richard.henderson@linaro.org>
>> Signed-off-by: Emilio G. Cota <cota@braap.org>
>> [AJB: directly plumb into softmmu/user helpers]
>> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>>
>> diff --git a/tcg/tcg.h b/tcg/tcg.h
>> index a38659ea5b..302533b463 100644
>> --- a/tcg/tcg.h
>> +++ b/tcg/tcg.h
>> @@ -1317,6 +1317,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
>> # define helper_ret_stl_mmu helper_be_stl_mmu
>> # define helper_ret_stq_mmu helper_be_stq_mmu
>> # define helper_ret_ldw_cmmu helper_be_ldw_cmmu
>> +# define helper_ret_lduw_cmmu helper_be_ldw_cmmu
>> # define helper_ret_ldl_cmmu helper_be_ldl_cmmu
>> # define helper_ret_ldq_cmmu helper_be_ldq_cmmu
>> #else
>> @@ -1330,6 +1331,7 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
>> # define helper_ret_stl_mmu helper_le_stl_mmu
>> # define helper_ret_stq_mmu helper_le_stq_mmu
>> # define helper_ret_ldw_cmmu helper_le_ldw_cmmu
>> +# define helper_ret_lduw_cmmu helper_le_ldw_cmmu
>> # define helper_ret_ldl_cmmu helper_le_ldl_cmmu
>> # define helper_ret_ldq_cmmu helper_le_ldq_cmmu
>> #endif
>
> This looks odd. Why is it ok to define a 'lduw' helper
> as the 'ldw' cmmu helper ? One ought to be sign
> extending and the other not...
This is the alternative:
3 files changed, 9 insertions(+), 17 deletions(-)
include/exec/translator.h | 19 +++++++++----------
include/qemu/bswap.h | 5 -----
tcg/tcg.h | 2 --
modified include/exec/translator.h
@@ -158,26 +158,26 @@ void translator_loop_temp_check(DisasContextBase *db);
#ifdef CONFIG_USER_ONLY
-#define DO_LOAD(type, name, shift) \
+#define DO_LOAD(type, name, uname, shift) \
set_helper_retaddr(1); \
- ret = name ## _p(g2h(pc)); \
+ ret = uname ## _p(g2h(pc)); \
clear_helper_retaddr();
#else
-#define DO_LOAD(type, name, shift) \
+#define DO_LOAD(type, name, uname, shift) \
int mmu_idx = cpu_mmu_index(env, true); \
TCGMemOpIdx oi = make_memop_idx(shift, mmu_idx); \
ret = helper_ret_ ## name ## _cmmu(env, pc, oi, 0);
#endif
-#define GEN_TRANSLATOR_LD(fullname, name, type, shift, swap_fn) \
+#define GEN_TRANSLATOR_LD(fullname, name, uname, type, shift, swap_fn) \
static inline type \
fullname ## _swap(CPUArchState *env, abi_ptr pc, bool do_swap) \
{ \
type ret; \
- DO_LOAD(type, name, shift) \
+ DO_LOAD(type, name, uname, shift) \
\
if (do_swap) { \
ret = swap_fn(ret); \
@@ -191,11 +191,10 @@ void translator_loop_temp_check(DisasContextBase *db);
return fullname ## _swap(env, pc, false); \
}
-GEN_TRANSLATOR_LD(translator_ldub, ldb, uint8_t, 0, /* no swap needed */)
-GEN_TRANSLATOR_LD(translator_ldsw, lduw, int16_t, 1, bswap16)
-GEN_TRANSLATOR_LD(translator_lduw, lduw, uint16_t, 1, bswap16)
-GEN_TRANSLATOR_LD(translator_ldl, ldl, uint32_t, 2, bswap32)
-GEN_TRANSLATOR_LD(translator_ldq, ldq, uint64_t, 3, bswap64)
+GEN_TRANSLATOR_LD(translator_ldub, ldb, ldub, uint8_t, 0, /* no swap needed */)
+GEN_TRANSLATOR_LD(translator_ldw, ldw, lduw, uint16_t, 1, bswap16)
+GEN_TRANSLATOR_LD(translator_ldl, ldl, ldl, uint32_t, 2, bswap32)
+GEN_TRANSLATOR_LD(translator_ldq, ldq, ldl, uint64_t, 3, bswap64)
#undef GEN_TRANSLATOR_LD
#endif /* EXEC__TRANSLATOR_H */
modified include/qemu/bswap.h
@@ -306,11 +306,6 @@ static inline int ldub_p(const void *ptr)
return *(uint8_t *)ptr;
}
-static inline int ldb_p(const void *ptr)
-{
- return ldub_p(ptr);
-}
-
static inline int ldsb_p(const void *ptr)
{
return *(int8_t *)ptr;
modified tcg/tcg.h
@@ -1317,7 +1317,6 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
# define helper_ret_stl_mmu helper_be_stl_mmu
# define helper_ret_stq_mmu helper_be_stq_mmu
# define helper_ret_ldw_cmmu helper_be_ldw_cmmu
-# define helper_ret_lduw_cmmu helper_be_ldw_cmmu
# define helper_ret_ldl_cmmu helper_be_ldl_cmmu
# define helper_ret_ldq_cmmu helper_be_ldq_cmmu
#else
@@ -1331,7 +1330,6 @@ uint64_t helper_be_ldq_cmmu(CPUArchState *env, target_ulong addr,
# define helper_ret_stl_mmu helper_le_stl_mmu
# define helper_ret_stq_mmu helper_le_stq_mmu
# define helper_ret_ldw_cmmu helper_le_ldw_cmmu
-# define helper_ret_lduw_cmmu helper_le_ldw_cmmu
# define helper_ret_ldl_cmmu helper_le_ldl_cmmu
# define helper_ret_ldq_cmmu helper_le_ldq_cmmu
#endif
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 24/55] target/arm: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (22 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 23/55] translator: add translator_ld{ub,sw,uw,l,q} Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 25/55] target/ppc: " Alex Bennée
` (31 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, robert.foley, Richard Henderson, peter.puhov,
aaron, cota, open list:ARM TCG CPUs, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Now the arm_ld*_code functions are only used at translate time we can
just pass down to translator_ld functions.
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: convert from plugin_insn_append to translator_ld]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v4
- use translator_ld like the rest of them
---
target/arm/arm_ldst.h | 15 +++------------
1 file changed, 3 insertions(+), 12 deletions(-)
diff --git a/target/arm/arm_ldst.h b/target/arm/arm_ldst.h
index 5e0ac8bef0..45edb108f6 100644
--- a/target/arm/arm_ldst.h
+++ b/target/arm/arm_ldst.h
@@ -20,25 +20,20 @@
#ifndef ARM_LDST_H
#define ARM_LDST_H
-#include "exec/cpu_ldst.h"
+#include "exec/translator.h"
#include "qemu/bswap.h"
/* Load an instruction and return it in the standard little-endian order */
static inline uint32_t arm_ldl_code(CPUARMState *env, target_ulong addr,
bool sctlr_b)
{
- uint32_t insn = cpu_ldl_code(env, addr);
- if (bswap_code(sctlr_b)) {
- return bswap32(insn);
- }
- return insn;
+ return translator_ldl_swap(env, addr, bswap_code(sctlr_b));
}
/* Ditto, for a halfword (Thumb) instruction */
static inline uint16_t arm_lduw_code(CPUARMState *env, target_ulong addr,
bool sctlr_b)
{
- uint16_t insn;
#ifndef CONFIG_USER_ONLY
/* In big-endian (BE32) mode, adjacent Thumb instructions have been swapped
within each word. Undo that now. */
@@ -46,11 +41,7 @@ static inline uint16_t arm_lduw_code(CPUARMState *env, target_ulong addr,
addr ^= 2;
}
#endif
- insn = cpu_lduw_code(env, addr);
- if (bswap_code(sctlr_b)) {
- return bswap16(insn);
- }
- return insn;
+ return translator_lduw_swap(env, addr, bswap_code(sctlr_b));
}
#endif
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 25/55] target/ppc: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (23 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 24/55] target/arm: fetch code with translator_ld Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 26/55] target/sh4: " Alex Bennée
` (30 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
open list:PowerPC TCG CPUs, Alex Bennée, David Gibson
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/ppc/translate.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/target/ppc/translate.c b/target/ppc/translate.c
index adb8fd516f..f5fe5d0611 100644
--- a/target/ppc/translate.c
+++ b/target/ppc/translate.c
@@ -7853,11 +7853,9 @@ static void ppc_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
LOG_DISAS("nip=" TARGET_FMT_lx " super=%d ir=%d\n",
ctx->base.pc_next, ctx->mem_idx, (int)msr_ir);
- if (unlikely(need_byteswap(ctx))) {
- ctx->opcode = bswap32(cpu_ldl_code(env, ctx->base.pc_next));
- } else {
- ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
- }
+ ctx->opcode = translator_ldl_swap(env, ctx->base.pc_next,
+ need_byteswap(ctx));
+
LOG_DISAS("translate opcode %08x (%02x %02x %02x %02x) (%s)\n",
ctx->opcode, opc1(ctx->opcode), opc2(ctx->opcode),
opc3(ctx->opcode), opc4(ctx->opcode),
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 26/55] target/sh4: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (24 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 25/55] target/ppc: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 27/55] target/i386: " Alex Bennée
` (29 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée, Aurelien Jarno
From: "Emilio G. Cota" <cota@braap.org>
There is a small wrinkle with the gUSA instruction. The translator
effectively treats a (known) gUSA sequence as a single instruction.
For the purposes of the plugin we end up with a long multi-instruction
qemu_plugin_insn.
If the known sequence isn't detected we shall never run this
translation anyway.
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/sh4/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/sh4/translate.c b/target/sh4/translate.c
index 5a7d8c4535..922785e225 100644
--- a/target/sh4/translate.c
+++ b/target/sh4/translate.c
@@ -1917,7 +1917,7 @@ static void decode_gusa(DisasContext *ctx, CPUSH4State *env)
/* Read all of the insns for the region. */
for (i = 0; i < max_insns; ++i) {
- insns[i] = cpu_lduw_code(env, pc + i * 2);
+ insns[i] = translator_lduw(env, pc + i * 2);
}
ld_adr = ld_dst = ld_mop = -1;
@@ -2332,7 +2332,7 @@ static void sh4_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
}
#endif
- ctx->opcode = cpu_lduw_code(env, ctx->base.pc_next);
+ ctx->opcode = translator_lduw(env, ctx->base.pc_next);
decode_opc(ctx);
ctx->base.pc_next += 2;
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 27/55] target/i386: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (25 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 26/55] target/sh4: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 28/55] target/hppa: " Alex Bennée
` (28 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Eduardo Habkost, robert.foley, Richard Henderson, peter.puhov,
aaron, cota, Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/i386/translate.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/target/i386/translate.c b/target/i386/translate.c
index 868b0acafe..77e932d827 100644
--- a/target/i386/translate.c
+++ b/target/i386/translate.c
@@ -1925,28 +1925,28 @@ static uint64_t advance_pc(CPUX86State *env, DisasContext *s, int num_bytes)
static inline uint8_t x86_ldub_code(CPUX86State *env, DisasContext *s)
{
- return cpu_ldub_code(env, advance_pc(env, s, 1));
+ return translator_ldub(env, advance_pc(env, s, 1));
}
static inline int16_t x86_ldsw_code(CPUX86State *env, DisasContext *s)
{
- return cpu_ldsw_code(env, advance_pc(env, s, 2));
+ return translator_ldsw(env, advance_pc(env, s, 2));
}
static inline uint16_t x86_lduw_code(CPUX86State *env, DisasContext *s)
{
- return cpu_lduw_code(env, advance_pc(env, s, 2));
+ return translator_lduw(env, advance_pc(env, s, 2));
}
static inline uint32_t x86_ldl_code(CPUX86State *env, DisasContext *s)
{
- return cpu_ldl_code(env, advance_pc(env, s, 4));
+ return translator_ldl(env, advance_pc(env, s, 4));
}
#ifdef TARGET_X86_64
static inline uint64_t x86_ldq_code(CPUX86State *env, DisasContext *s)
{
- return cpu_ldq_code(env, advance_pc(env, s, 8));
+ return translator_ldq(env, advance_pc(env, s, 8));
}
#endif
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 28/55] target/hppa: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (26 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 27/55] target/i386: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 29/55] target/m68k: " Alex Bennée
` (27 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/hppa/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/hppa/translate.c b/target/hppa/translate.c
index c1b2822f60..2f8d407a82 100644
--- a/target/hppa/translate.c
+++ b/target/hppa/translate.c
@@ -4221,7 +4221,7 @@ static void hppa_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
{
/* Always fetch the insn, even if nullified, so that we check
the page permissions for execute. */
- uint32_t insn = cpu_ldl_code(env, ctx->base.pc_next);
+ uint32_t insn = translator_ldl(env, ctx->base.pc_next);
/* Set up the IA queue for the next insn.
This will be overwritten by a branch. */
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 29/55] target/m68k: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (27 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 28/55] target/hppa: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 30/55] target/alpha: " Alex Bennée
` (26 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, Laurent Vivier, peter.puhov,
aaron, cota, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/m68k/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/m68k/translate.c b/target/m68k/translate.c
index 24c1dd3408..fcdb7bc8e4 100644
--- a/target/m68k/translate.c
+++ b/target/m68k/translate.c
@@ -384,7 +384,7 @@ static TCGv gen_ldst(DisasContext *s, int opsize, TCGv addr, TCGv val,
static inline uint16_t read_im16(CPUM68KState *env, DisasContext *s)
{
uint16_t im;
- im = cpu_lduw_code(env, s->pc);
+ im = translator_lduw(env, s->pc);
s->pc += 2;
return im;
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 30/55] target/alpha: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (28 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 29/55] target/m68k: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` Alex Bennée
` (25 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/alpha/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/alpha/translate.c b/target/alpha/translate.c
index a69f58bf65..f7f1ed0f41 100644
--- a/target/alpha/translate.c
+++ b/target/alpha/translate.c
@@ -2987,7 +2987,7 @@ static void alpha_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
{
DisasContext *ctx = container_of(dcbase, DisasContext, base);
CPUAlphaState *env = cpu->env_ptr;
- uint32_t insn = cpu_ldl_code(env, ctx->base.pc_next);
+ uint32_t insn = translator_ldl(env, ctx->base.pc_next);
ctx->base.pc_next += 4;
ctx->base.is_jmp = translate_one(ctx, insn);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 31/55] target/riscv: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:48 ` [PATCH v5 02/55] trace: add mmu_index to mem_info Alex Bennée
` (54 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: open list:RISC-V TCG CPUs, Sagar Karandikar, Bastian Koppelmann,
robert.foley, Palmer Dabbelt, Richard Henderson, peter.puhov,
aaron, cota, Alistair Francis, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/riscv/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index adeddb85f6..b26533d4fd 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -779,7 +779,7 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
DisasContext *ctx = container_of(dcbase, DisasContext, base);
CPURISCVState *env = cpu->env_ptr;
- ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
+ ctx->opcode = translator_ldl(env, ctx->base.pc_next);
decode_opc(ctx);
ctx->base.pc_next = ctx->pc_succ_insn;
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 31/55] target/riscv: fetch code with translator_ld
@ 2019-10-14 10:49 ` Alex Bennée
0 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: cota, aaron, peter.puhov, robert.foley, Richard Henderson,
Alex Bennée, Palmer Dabbelt, Alistair Francis,
Sagar Karandikar, Bastian Koppelmann, open list:RISC-V TCG CPUs
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/riscv/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/riscv/translate.c b/target/riscv/translate.c
index adeddb85f6..b26533d4fd 100644
--- a/target/riscv/translate.c
+++ b/target/riscv/translate.c
@@ -779,7 +779,7 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
DisasContext *ctx = container_of(dcbase, DisasContext, base);
CPURISCVState *env = cpu->env_ptr;
- ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
+ ctx->opcode = translator_ldl(env, ctx->base.pc_next);
decode_opc(ctx);
ctx->base.pc_next = ctx->pc_succ_insn;
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 31/55] target/riscv: fetch code with translator_ld
2019-10-14 10:49 ` Alex Bennée
@ 2019-10-14 17:59 ` Alistair Francis
-1 siblings, 0 replies; 94+ messages in thread
From: Alistair Francis @ 2019-10-14 17:59 UTC (permalink / raw)
To: Alex Bennée
Cc: open list:RISC-V TCG CPUs, Sagar Karandikar, Bastian Koppelmann,
robert.foley, Palmer Dabbelt, Richard Henderson,
qemu-devel@nongnu.org Developers, peter.puhov, aaron,
Emilio G. Cota, Alistair Francis
On Mon, Oct 14, 2019 at 4:20 AM Alex Bennée <alex.bennee@linaro.org> wrote:
>
> From: "Emilio G. Cota" <cota@braap.org>
>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Alistair
> ---
> target/riscv/translate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/target/riscv/translate.c b/target/riscv/translate.c
> index adeddb85f6..b26533d4fd 100644
> --- a/target/riscv/translate.c
> +++ b/target/riscv/translate.c
> @@ -779,7 +779,7 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
> DisasContext *ctx = container_of(dcbase, DisasContext, base);
> CPURISCVState *env = cpu->env_ptr;
>
> - ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
> + ctx->opcode = translator_ldl(env, ctx->base.pc_next);
> decode_opc(ctx);
> ctx->base.pc_next = ctx->pc_succ_insn;
>
> --
> 2.20.1
>
>
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH v5 31/55] target/riscv: fetch code with translator_ld
@ 2019-10-14 17:59 ` Alistair Francis
0 siblings, 0 replies; 94+ messages in thread
From: Alistair Francis @ 2019-10-14 17:59 UTC (permalink / raw)
To: Alex Bennée
Cc: qemu-devel@nongnu.org Developers, open list:RISC-V TCG CPUs,
Sagar Karandikar, Bastian Koppelmann, robert.foley,
Palmer Dabbelt, Richard Henderson, peter.puhov, aaron,
Emilio G. Cota, Alistair Francis
On Mon, Oct 14, 2019 at 4:20 AM Alex Bennée <alex.bennee@linaro.org> wrote:
>
> From: "Emilio G. Cota" <cota@braap.org>
>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Alistair
> ---
> target/riscv/translate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/target/riscv/translate.c b/target/riscv/translate.c
> index adeddb85f6..b26533d4fd 100644
> --- a/target/riscv/translate.c
> +++ b/target/riscv/translate.c
> @@ -779,7 +779,7 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
> DisasContext *ctx = container_of(dcbase, DisasContext, base);
> CPURISCVState *env = cpu->env_ptr;
>
> - ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
> + ctx->opcode = translator_ldl(env, ctx->base.pc_next);
> decode_opc(ctx);
> ctx->base.pc_next = ctx->pc_succ_insn;
>
> --
> 2.20.1
>
>
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH v5 31/55] target/riscv: fetch code with translator_ld
2019-10-14 17:59 ` Alistair Francis
@ 2019-10-18 18:32 ` Palmer Dabbelt
-1 siblings, 0 replies; 94+ messages in thread
From: Palmer Dabbelt @ 2019-10-18 18:32 UTC (permalink / raw)
To: alex.bennee, alistair23
Cc: qemu-riscv, sagark, Bastian Koppelmann, robert.foley,
richard.henderson, qemu-devel, peter.puhov, aaron, cota,
Alistair Francis, alex.bennee
On Mon, 14 Oct 2019 10:59:07 PDT (-0700), alistair23@gmail.com wrote:
> On Mon, Oct 14, 2019 at 4:20 AM Alex Bennée <alex.bennee@linaro.org> wrote:
>>
>> From: "Emilio G. Cota" <cota@braap.org>
>>
>> Signed-off-by: Emilio G. Cota <cota@braap.org>
>> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
>> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
and
Acked-by: Palmer Dabbelt <palmer@sifive.com>
as I'm assuming this will go in with the rest of the patch set.
>
> Alistair
>
>> ---
>> target/riscv/translate.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/target/riscv/translate.c b/target/riscv/translate.c
>> index adeddb85f6..b26533d4fd 100644
>> --- a/target/riscv/translate.c
>> +++ b/target/riscv/translate.c
>> @@ -779,7 +779,7 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
>> DisasContext *ctx = container_of(dcbase, DisasContext, base);
>> CPURISCVState *env = cpu->env_ptr;
>>
>> - ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
>> + ctx->opcode = translator_ldl(env, ctx->base.pc_next);
>> decode_opc(ctx);
>> ctx->base.pc_next = ctx->pc_succ_insn;
>>
>> --
>> 2.20.1
>>
>>
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH v5 31/55] target/riscv: fetch code with translator_ld
@ 2019-10-18 18:32 ` Palmer Dabbelt
0 siblings, 0 replies; 94+ messages in thread
From: Palmer Dabbelt @ 2019-10-18 18:32 UTC (permalink / raw)
To: alex.bennee, alistair23
Cc: alex.bennee, qemu-devel, qemu-riscv, sagark, Bastian Koppelmann,
robert.foley, richard.henderson, peter.puhov, aaron, cota,
Alistair Francis
On Mon, 14 Oct 2019 10:59:07 PDT (-0700), alistair23@gmail.com wrote:
> On Mon, Oct 14, 2019 at 4:20 AM Alex Bennée <alex.bennee@linaro.org> wrote:
>>
>> From: "Emilio G. Cota" <cota@braap.org>
>>
>> Signed-off-by: Emilio G. Cota <cota@braap.org>
>> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
>> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
and
Acked-by: Palmer Dabbelt <palmer@sifive.com>
as I'm assuming this will go in with the rest of the patch set.
>
> Alistair
>
>> ---
>> target/riscv/translate.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/target/riscv/translate.c b/target/riscv/translate.c
>> index adeddb85f6..b26533d4fd 100644
>> --- a/target/riscv/translate.c
>> +++ b/target/riscv/translate.c
>> @@ -779,7 +779,7 @@ static void riscv_tr_translate_insn(DisasContextBase *dcbase, CPUState *cpu)
>> DisasContext *ctx = container_of(dcbase, DisasContext, base);
>> CPURISCVState *env = cpu->env_ptr;
>>
>> - ctx->opcode = cpu_ldl_code(env, ctx->base.pc_next);
>> + ctx->opcode = translator_ldl(env, ctx->base.pc_next);
>> decode_opc(ctx);
>> ctx->base.pc_next = ctx->pc_succ_insn;
>>
>> --
>> 2.20.1
>>
>>
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 32/55] target/sparc: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (30 preceding siblings ...)
2019-10-14 10:49 ` Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 33/55] target/xtensa: " Alex Bennée
` (23 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Mark Cave-Ayland, robert.foley, Richard Henderson, peter.puhov,
aaron, cota, Alex Bennée, Artyom Tarasenko
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/sparc/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/sparc/translate.c b/target/sparc/translate.c
index c68bf4a2e4..edc23a7c40 100644
--- a/target/sparc/translate.c
+++ b/target/sparc/translate.c
@@ -5884,7 +5884,7 @@ static void sparc_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
CPUSPARCState *env = cs->env_ptr;
unsigned int insn;
- insn = cpu_ldl_code(env, dc->pc);
+ insn = translator_ldl(env, dc->pc);
dc->base.pc_next += 4;
disas_sparc_insn(dc, insn);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 33/55] target/xtensa: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (31 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 32/55] target/sparc: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 34/55] target/openrisc: " Alex Bennée
` (22 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, Max Filippov,
aaron, cota, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/xtensa/translate.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/target/xtensa/translate.c b/target/xtensa/translate.c
index d20e60ce77..a99f5296e2 100644
--- a/target/xtensa/translate.c
+++ b/target/xtensa/translate.c
@@ -859,7 +859,7 @@ static int arg_copy_compare(const void *a, const void *b)
static void disas_xtensa_insn(CPUXtensaState *env, DisasContext *dc)
{
xtensa_isa isa = dc->config->isa;
- unsigned char b[MAX_INSN_LENGTH] = {cpu_ldub_code(env, dc->pc)};
+ unsigned char b[MAX_INSN_LENGTH] = {translator_ldub(env, dc->pc)};
unsigned len = xtensa_op0_insn_len(dc, b[0]);
xtensa_format fmt;
int slot, slots;
@@ -883,7 +883,7 @@ static void disas_xtensa_insn(CPUXtensaState *env, DisasContext *dc)
dc->base.pc_next = dc->pc + len;
for (i = 1; i < len; ++i) {
- b[i] = cpu_ldub_code(env, dc->pc + i);
+ b[i] = translator_ldub(env, dc->pc + i);
}
xtensa_insnbuf_from_chars(isa, dc->insnbuf, b, len);
fmt = xtensa_format_decode(isa, dc->insnbuf);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 34/55] target/openrisc: fetch code with translator_ld
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (32 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 33/55] target/xtensa: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 35/55] translator: inject instrumentation from plugins Alex Bennée
` (21 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Stafford Horne, Alex Bennée
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
target/openrisc/translate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/openrisc/translate.c b/target/openrisc/translate.c
index 6addbac8d6..8dd28d6cf1 100644
--- a/target/openrisc/translate.c
+++ b/target/openrisc/translate.c
@@ -1645,7 +1645,7 @@ static void openrisc_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
{
DisasContext *dc = container_of(dcbase, DisasContext, base);
OpenRISCCPU *cpu = OPENRISC_CPU(cs);
- uint32_t insn = cpu_ldl_code(&cpu->env, dc->base.pc_next);
+ uint32_t insn = translator_ldl(&cpu->env, dc->base.pc_next);
if (!decode(dc, insn)) {
gen_illegal_exception(dc);
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 35/55] translator: inject instrumentation from plugins
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (33 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 34/55] target/openrisc: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 36/55] plugin: add API symbols to qemu-plugins.symbols Alex Bennée
` (20 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v4
- note we can't inject instrumentation if ! DISAS_NEXT
---
accel/tcg/translator.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/accel/tcg/translator.c b/accel/tcg/translator.c
index 70c66c538c..f977682be7 100644
--- a/accel/tcg/translator.c
+++ b/accel/tcg/translator.c
@@ -16,6 +16,7 @@
#include "exec/gen-icount.h"
#include "exec/log.h"
#include "exec/translator.h"
+#include "exec/plugin-gen.h"
/* Pairs with tcg_clear_temp_count.
To be called by #TranslatorOps.{translate_insn,tb_stop} if
@@ -34,6 +35,7 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
CPUState *cpu, TranslationBlock *tb, int max_insns)
{
int bp_insn = 0;
+ bool plugin_enabled;
/* Initialize DisasContext */
db->tb = tb;
@@ -55,11 +57,17 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
ops->tb_start(db, cpu);
tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */
+ plugin_enabled = plugin_gen_tb_start(cpu, tb);
+
while (true) {
db->num_insns++;
ops->insn_start(db, cpu);
tcg_debug_assert(db->is_jmp == DISAS_NEXT); /* no early exit */
+ if (plugin_enabled) {
+ plugin_gen_insn_start(cpu, db);
+ }
+
/* Pass breakpoint hits to target for further processing */
if (!db->singlestep_enabled
&& unlikely(!QTAILQ_EMPTY(&cpu->breakpoints))) {
@@ -99,6 +107,14 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
break;
}
+ /*
+ * We can't instrument after instructions that change control
+ * flow although this only really affects post-load operations.
+ */
+ if (plugin_enabled) {
+ plugin_gen_insn_end();
+ }
+
/* Stop translation if the output buffer is full,
or we have executed all of the allowed instructions. */
if (tcg_op_buf_full() || db->num_insns >= db->max_insns) {
@@ -111,6 +127,10 @@ void translator_loop(const TranslatorOps *ops, DisasContextBase *db,
ops->tb_stop(db, cpu);
gen_tb_end(db->tb, db->num_insns - bp_insn);
+ if (plugin_enabled) {
+ plugin_gen_tb_end(cpu);
+ }
+
/* The disas_log hook may use these values rather than recompute. */
db->tb->size = db->pc_next - db->pc_first;
db->tb->icount = db->num_insns;
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 36/55] plugin: add API symbols to qemu-plugins.symbols
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (34 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 35/55] translator: inject instrumentation from plugins Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:13 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 37/55] vl: support -plugin option Alex Bennée
` (19 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
From: "Emilio G. Cota" <cota@braap.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
[AJB: moved into plugins]
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v3
- moved to plugins/
- include qemu_plugin_reset
v5
- re-trigger configure if symbols are updated
- wrap ld checks inside if static = no
---
Makefile | 7 ++++
configure | 72 ++++++++++++++++++++++++++++++++++++
plugins/.gitignore | 2 +
plugins/Makefile.objs | 14 +++++++
plugins/qemu-plugins.symbols | 38 +++++++++++++++++++
5 files changed, 133 insertions(+)
create mode 100644 plugins/.gitignore
create mode 100644 plugins/qemu-plugins.symbols
diff --git a/Makefile b/Makefile
index 15f4745cf3..370eb9ad8d 100644
--- a/Makefile
+++ b/Makefile
@@ -74,6 +74,12 @@ CONFIG_ALL=y
config-host.mak: $(SRC_PATH)/configure $(SRC_PATH)/pc-bios $(SRC_PATH)/VERSION
@echo $@ is out-of-date, running configure
@./config.status
+
+# Force configure to re-run if the API symbols are updated
+ifeq ($(CONFIG_PLUGIN),y)
+config-host.mak: $(SRC_PATH)/plugins/qemu-plugins.symbols
+endif
+
else
config-host.mak:
ifneq ($(filter-out $(UNCHECKED_GOALS),$(MAKECMDGOALS)),$(if $(MAKECMDGOALS),,fail))
@@ -730,6 +736,7 @@ distclean: clean
rm -f qemu-doc.fn qemu-doc.fns qemu-doc.info qemu-doc.ky qemu-doc.kys
rm -f qemu-doc.log qemu-doc.pdf qemu-doc.pg qemu-doc.toc qemu-doc.tp
rm -f qemu-doc.vr qemu-doc.txt
+ rm -f qemu-plugins-ld.symbols qemu-plugins-ld64.symbols
rm -f config.log
rm -f linux-headers/asm
rm -f docs/version.texi
diff --git a/configure b/configure
index 485a9837c9..75632b1df1 100755
--- a/configure
+++ b/configure
@@ -30,6 +30,7 @@ TMPO="${TMPDIR1}/${TMPB}.o"
TMPCXX="${TMPDIR1}/${TMPB}.cxx"
TMPE="${TMPDIR1}/${TMPB}.exe"
TMPMO="${TMPDIR1}/${TMPB}.mo"
+TMPTXT="${TMPDIR1}/${TMPB}.txt"
rm -f config.log
@@ -5464,6 +5465,61 @@ if compile_prog "" "" ; then
atomic64=yes
fi
+#########################################
+# See if --dynamic-list is supported by the linker
+ld_dynamic_list="no"
+if test "$static" = "no" ; then
+ cat > $TMPTXT <<EOF
+{
+ foo;
+};
+EOF
+
+ cat > $TMPC <<EOF
+#include <stdio.h>
+void foo(void);
+
+void foo(void)
+{
+ printf("foo\n");
+}
+
+int main(void)
+{
+ foo();
+ return 0;
+}
+EOF
+
+ if compile_prog "" "-Wl,--dynamic-list=$TMPTXT" ; then
+ ld_dynamic_list="yes"
+ fi
+fi
+
+#########################################
+# See if -exported_symbols_list is supported by the linker
+
+ld_exported_symbols_list="no"
+if test "$static" = "no" ; then
+ cat > $TMPTXT <<EOF
+ _foo
+EOF
+
+ if compile_prog "" "-Wl,-exported_symbols_list,$TMPTXT" ; then
+ ld_exported_symbols_list="yes"
+ fi
+fi
+
+if test "$plugins" = "yes" &&
+ test "$ld_dynamic_list" = "no" &&
+ test "$ld_exported_symbols_list" = "no" ; then
+ error_exit \
+ "Plugin support requires dynamic linking and specifying a set of symbols " \
+ "that are exported to plugins. Unfortunately your linker doesn't " \
+ "support the flag (--dynamic-list or -exported_symbols_list) used " \
+ "for this purpose. You can't build with --static."
+fi
+
########################################
# See if 16-byte vector operations are supported.
# Even without a vector unit the compiler may expand these.
@@ -7267,6 +7323,22 @@ fi
if test "$plugins" = "yes" ; then
echo "CONFIG_PLUGIN=y" >> $config_host_mak
LIBS="-ldl $LIBS"
+ # Copy the export object list to the build dir
+ if test "$ld_dynamic_list" = "yes" ; then
+ echo "CONFIG_HAS_LD_DYNAMIC_LIST=yes" >> $config_host_mak
+ ld_symbols=qemu-plugins-ld.symbols
+ cp "$source_path/plugins/qemu-plugins.symbols" $ld_symbols
+ elif test "$ld_exported_symbols_list" = "yes" ; then
+ echo "CONFIG_HAS_LD_EXPORTED_SYMBOLS_LIST=yes" >> $config_host_mak
+ ld64_symbols=qemu-plugins-ld64.symbols
+ echo "# Automatically generated by configure - do not modify" > $ld64_symbols
+ grep 'qemu_' "$source_path/plugins/qemu-plugins.symbols" | sed 's/;//g' | \
+ sed -E 's/^[[:space:]]*(.*)/_\1/' >> $ld64_symbols
+ else
+ error_exit \
+ "If \$plugins=yes, either \$ld_dynamic_list or " \
+ "\$ld_exported_symbols_list should have been set to 'yes'."
+ fi
fi
if test "$tcg_interpreter" = "yes"; then
diff --git a/plugins/.gitignore b/plugins/.gitignore
new file mode 100644
index 0000000000..7b8aaa1f10
--- /dev/null
+++ b/plugins/.gitignore
@@ -0,0 +1,2 @@
+qemu-plugins-ld.symbols
+qemu-plugins-ld64.symbols
diff --git a/plugins/Makefile.objs b/plugins/Makefile.objs
index 95baabf3d2..6f14d91ccb 100644
--- a/plugins/Makefile.objs
+++ b/plugins/Makefile.objs
@@ -5,3 +5,17 @@
obj-y += loader.o
obj-y += core.o
obj-y += api.o
+
+# Abuse -libs suffix to only link with --dynamic-list/-exported_symbols_list
+# when the final binary includes the plugin object.
+#
+# Note that simply setting LDFLAGS is not enough: we build binaries that
+# never link plugin.o, and the linker might fail (at least ld64 does)
+# if the symbols in the list are not in the output binary.
+ifdef CONFIG_HAS_LD_DYNAMIC_LIST
+api.o-libs := -Wl,--dynamic-list=$(BUILD_DIR)/qemu-plugins-ld.symbols
+else
+ifdef CONFIG_HAS_LD_EXPORTED_SYMBOLS_LIST
+api.o-libs := -Wl,-exported_symbols_list,$(BUILD_DIR)/qemu-plugins-ld64.symbols
+endif
+endif
diff --git a/plugins/qemu-plugins.symbols b/plugins/qemu-plugins.symbols
new file mode 100644
index 0000000000..40c0d1abd2
--- /dev/null
+++ b/plugins/qemu-plugins.symbols
@@ -0,0 +1,38 @@
+{
+ qemu_plugin_uninstall;
+ qemu_plugin_reset;
+ qemu_plugin_register_vcpu_init_cb;
+ qemu_plugin_register_vcpu_exit_cb;
+ qemu_plugin_register_vcpu_idle_cb;
+ qemu_plugin_register_vcpu_resume_cb;
+ qemu_plugin_register_vcpu_insn_exec_cb;
+ qemu_plugin_register_vcpu_insn_exec_inline;
+ qemu_plugin_register_vcpu_mem_cb;
+ qemu_plugin_register_vcpu_mem_haddr_cb;
+ qemu_plugin_register_vcpu_mem_inline;
+ qemu_plugin_ram_addr_from_host;
+ qemu_plugin_register_vcpu_tb_trans_cb;
+ qemu_plugin_register_vcpu_tb_exec_cb;
+ qemu_plugin_register_vcpu_tb_exec_inline;
+ qemu_plugin_register_flush_cb;
+ qemu_plugin_register_vcpu_syscall_cb;
+ qemu_plugin_register_vcpu_syscall_ret_cb;
+ qemu_plugin_register_atexit_cb;
+ qemu_plugin_tb_n_insns;
+ qemu_plugin_tb_get_insn;
+ qemu_plugin_tb_vaddr;
+ qemu_plugin_insn_data;
+ qemu_plugin_insn_size;
+ qemu_plugin_insn_vaddr;
+ qemu_plugin_insn_haddr;
+ qemu_plugin_mem_size_shift;
+ qemu_plugin_mem_is_sign_extended;
+ qemu_plugin_mem_is_big_endian;
+ qemu_plugin_mem_is_store;
+ qemu_plugin_get_hwaddr;
+ qemu_plugin_hwaddr_is_io;
+ qemu_plugin_hwaddr_to_raddr;
+ qemu_plugin_vcpu_for_each;
+ qemu_plugin_n_vcpus;
+ qemu_plugin_n_max_vcpus;
+};
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 36/55] plugin: add API symbols to qemu-plugins.symbols
2019-10-14 10:49 ` [PATCH v5 36/55] plugin: add API symbols to qemu-plugins.symbols Alex Bennée
@ 2019-10-14 16:13 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:13 UTC (permalink / raw)
To: Alex Bennée, qemu-devel; +Cc: aaron, cota, robert.foley, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> From: "Emilio G. Cota" <cota@braap.org>
>
> Signed-off-by: Emilio G. Cota <cota@braap.org>
> [AJB: moved into plugins]
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v3
> - moved to plugins/
> - include qemu_plugin_reset
> v5
> - re-trigger configure if symbols are updated
> - wrap ld checks inside if static = no
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 37/55] vl: support -plugin option
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (35 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 36/55] plugin: add API symbols to qemu-plugins.symbols Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 38/55] linux-user: " Alex Bennée
` (18 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Lluís Vilanova
From: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
[ cota: s/instrument/plugin ]
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
qemu-options.hx | 17 +++++++++++++++++
vl.c | 11 +++++++++++
2 files changed, 28 insertions(+)
diff --git a/qemu-options.hx b/qemu-options.hx
index 2a04ca6ac5..8dcc88e5ae 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -4144,6 +4144,23 @@ HXCOMM HX does not support conditional compilation of text.
@findex -trace
@include qemu-option-trace.texi
ETEXI
+DEF("plugin", HAS_ARG, QEMU_OPTION_plugin,
+ "-plugin [file=]<file>[,arg=<string>]\n"
+ " load a plugin\n",
+ QEMU_ARCH_ALL)
+STEXI
+@item -plugin file=@var{file}[,arg=@var{string}]
+@findex -plugin
+
+Load a plugin.
+
+@table @option
+@item file=@var{file}
+Load the given plugin from a shared library file.
+@item arg=@var{string}
+Argument string passed to the plugin. (Can be given multiple times.)
+@end table
+ETEXI
HXCOMM Internal use
DEF("qtest", HAS_ARG, QEMU_OPTION_qtest, "", QEMU_ARCH_ALL)
diff --git a/vl.c b/vl.c
index 002bf4919e..4bdd526029 100644
--- a/vl.c
+++ b/vl.c
@@ -110,6 +110,7 @@ int main(int argc, char **argv)
#include "trace-root.h"
#include "trace/control.h"
+#include "qemu/plugin.h"
#include "qemu/queue.h"
#include "sysemu/arch_init.h"
@@ -2904,6 +2905,7 @@ int main(int argc, char **argv, char **envp)
bool list_data_dirs = false;
char *dir, **dirs;
BlockdevOptionsQueue bdo_queue = QSIMPLEQ_HEAD_INITIALIZER(bdo_queue);
+ QemuPluginList plugin_list = QTAILQ_HEAD_INITIALIZER(plugin_list);
os_set_line_buffering();
@@ -2934,6 +2936,7 @@ int main(int argc, char **argv, char **envp)
qemu_add_opts(&qemu_global_opts);
qemu_add_opts(&qemu_mon_opts);
qemu_add_opts(&qemu_trace_opts);
+ qemu_plugin_add_opts();
qemu_add_opts(&qemu_option_rom_opts);
qemu_add_opts(&qemu_machine_opts);
qemu_add_opts(&qemu_accel_opts);
@@ -3717,6 +3720,9 @@ int main(int argc, char **argv, char **envp)
g_free(trace_file);
trace_file = trace_opt_parse(optarg);
break;
+ case QEMU_OPTION_plugin:
+ qemu_plugin_opt_parse(optarg, &plugin_list);
+ break;
case QEMU_OPTION_readconfig:
{
int ret = qemu_read_config_file(optarg);
@@ -4030,6 +4036,11 @@ int main(int argc, char **argv, char **envp)
machine_class->default_machine_opts, 0);
}
+ /* process plugin before CPUs are created, but once -smp has been parsed */
+ if (qemu_plugin_load_list(&plugin_list)) {
+ exit(1);
+ }
+
qemu_opts_foreach(qemu_find_opts("device"),
default_driver_check, NULL, NULL);
qemu_opts_foreach(qemu_find_opts("global"),
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 38/55] linux-user: support -plugin option
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (36 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 37/55] vl: support -plugin option Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 39/55] tests/plugin: add sample plugins Alex Bennée
` (17 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Riku Voipio, Richard Henderson, Laurent Vivier,
peter.puhov, aaron, cota, Alex Bennée, Lluís Vilanova
From: Lluís Vilanova <vilanova@ac.upc.edu>
Signed-off-by: Lluís Vilanova <vilanova@ac.upc.edu>
[ cota: s/instrument/plugin ]
Signed-off-by: Emilio G. Cota <cota@braap.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
linux-user/main.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/linux-user/main.c b/linux-user/main.c
index 560d053f72..6ff7851e86 100644
--- a/linux-user/main.c
+++ b/linux-user/main.c
@@ -34,6 +34,7 @@
#include "qemu/error-report.h"
#include "qemu/help_option.h"
#include "qemu/module.h"
+#include "qemu/plugin.h"
#include "cpu.h"
#include "exec/exec-all.h"
#include "tcg.h"
@@ -398,6 +399,15 @@ static void handle_arg_abi_call0(const char *arg)
}
#endif
+static QemuPluginList plugins = QTAILQ_HEAD_INITIALIZER(plugins);
+
+#ifdef CONFIG_PLUGIN
+static void handle_arg_plugin(const char *arg)
+{
+ qemu_plugin_opt_parse(arg, &plugins);
+}
+#endif
+
struct qemu_argument {
const char *argv;
const char *env;
@@ -449,6 +459,10 @@ static const struct qemu_argument arg_table[] = {
"", "Seed for pseudo-random number generator"},
{"trace", "QEMU_TRACE", true, handle_arg_trace,
"", "[[enable=]<pattern>][,events=<file>][,file=<file>]"},
+#ifdef CONFIG_PLUGIN
+ {"plugin", "QEMU_PLUGIN", true, handle_arg_plugin,
+ "", "[file=]<file>[,arg=<string>]"},
+#endif
{"version", "QEMU_VERSION", false, handle_arg_version,
"", "display version information and exit"},
#if defined(TARGET_XTENSA)
@@ -643,6 +657,7 @@ int main(int argc, char **argv, char **envp)
cpu_model = NULL;
qemu_add_opts(&qemu_trace_opts);
+ qemu_plugin_add_opts();
optind = parse_args(argc, argv);
@@ -650,6 +665,9 @@ int main(int argc, char **argv, char **envp)
exit(1);
}
trace_init_file(trace_file);
+ if (qemu_plugin_load_list(&plugins)) {
+ exit(1);
+ }
/* Zero out regs */
memset(regs, 0, sizeof(struct target_pt_regs));
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 39/55] tests/plugin: add sample plugins
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (37 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 38/55] linux-user: " Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:14 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 40/55] tests/tcg/Makefile.target: fix path to config-host.mak Alex Bennée
` (16 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
From: "Emilio G. Cota" <cota@braap.org>
Pass arguments with -plugin=libfoo.so,arg=bar,arg=baz
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v4
- tweaks for hwaddr API
---
configure | 1 +
tests/plugin/Makefile | 28 +++++++++++++
tests/plugin/bb.c | 65 +++++++++++++++++++++++++++++
tests/plugin/empty.c | 29 +++++++++++++
tests/plugin/insn.c | 62 ++++++++++++++++++++++++++++
tests/plugin/mem.c | 96 +++++++++++++++++++++++++++++++++++++++++++
6 files changed, 281 insertions(+)
create mode 100644 tests/plugin/Makefile
create mode 100644 tests/plugin/bb.c
create mode 100644 tests/plugin/empty.c
create mode 100644 tests/plugin/insn.c
create mode 100644 tests/plugin/mem.c
diff --git a/configure b/configure
index 75632b1df1..d5527a9f15 100755
--- a/configure
+++ b/configure
@@ -7887,6 +7887,7 @@ DIRS="$DIRS roms/seabios roms/vgabios"
LINKS="Makefile"
LINKS="$LINKS tests/tcg/lm32/Makefile po/Makefile"
LINKS="$LINKS tests/tcg/Makefile.target tests/fp/Makefile"
+LINKS="$LINKS tests/plugin/Makefile"
LINKS="$LINKS pc-bios/optionrom/Makefile pc-bios/keymaps"
LINKS="$LINKS pc-bios/s390-ccw/Makefile"
LINKS="$LINKS roms/seabios/Makefile roms/vgabios/Makefile"
diff --git a/tests/plugin/Makefile b/tests/plugin/Makefile
new file mode 100644
index 0000000000..f9a3546ea3
--- /dev/null
+++ b/tests/plugin/Makefile
@@ -0,0 +1,28 @@
+BUILD_DIR := $(CURDIR)/../..
+
+include $(BUILD_DIR)/config-host.mak
+include $(SRC_PATH)/rules.mak
+
+$(call set-vpath, $(SRC_PATH)/tests/plugin)
+
+NAMES :=
+NAMES += bb
+NAMES += empty
+NAMES += insn
+NAMES += mem
+
+SONAMES := $(addsuffix .so,$(addprefix lib,$(NAMES)))
+
+QEMU_CFLAGS += -fPIC
+QEMU_CFLAGS += -I$(SRC_PATH)/include/qemu
+
+all: $(SONAMES)
+
+lib%.so: %.o
+ $(CC) -shared -Wl,-soname,$@ -o $@ $^ $(LDLIBS)
+
+clean:
+ rm -f *.o *.so *.d
+ rm -Rf .libs
+
+.PHONY: all clean
diff --git a/tests/plugin/bb.c b/tests/plugin/bb.c
new file mode 100644
index 0000000000..93d25de363
--- /dev/null
+++ b/tests/plugin/bb.c
@@ -0,0 +1,65 @@
+/*
+ * Copyright (C) 2018, Emilio G. Cota <cota@braap.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+
+#include <qemu-plugin.h>
+
+static uint64_t bb_count;
+static uint64_t insn_count;
+static int stdout_fd;
+static bool do_inline;
+
+static void plugin_exit(qemu_plugin_id_t id, void *p)
+{
+ dprintf(stdout_fd, "bb's: %" PRIu64", insns: %" PRIu64 "\n",
+ bb_count, insn_count);
+}
+
+static void vcpu_tb_exec(unsigned int cpu_index, void *udata)
+{
+ unsigned long n_insns = (unsigned long)udata;
+
+ insn_count += n_insns;
+ bb_count++;
+}
+
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{
+ unsigned long n_insns = qemu_plugin_tb_n_insns(tb);
+
+ if (do_inline) {
+ qemu_plugin_register_vcpu_tb_exec_inline(tb, QEMU_PLUGIN_INLINE_ADD_U64,
+ &bb_count, 1);
+ qemu_plugin_register_vcpu_tb_exec_inline(tb, QEMU_PLUGIN_INLINE_ADD_U64,
+ &insn_count, n_insns);
+ } else {
+ qemu_plugin_register_vcpu_tb_exec_cb(tb, vcpu_tb_exec,
+ QEMU_PLUGIN_CB_NO_REGS,
+ (void *)n_insns);
+ }
+}
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ if (argc && strcmp(argv[0], "inline") == 0) {
+ do_inline = true;
+ }
+
+ /* to be used when in the exit hook */
+ stdout_fd = dup(STDOUT_FILENO);
+ assert(stdout_fd);
+
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
+ return 0;
+}
diff --git a/tests/plugin/empty.c b/tests/plugin/empty.c
new file mode 100644
index 0000000000..b141ddd0df
--- /dev/null
+++ b/tests/plugin/empty.c
@@ -0,0 +1,29 @@
+/*
+ * Copyright (C) 2018, Emilio G. Cota <cota@braap.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+
+#include <qemu-plugin.h>
+
+/*
+ * Empty TB translation callback.
+ * This allows us to measure the overhead of injecting and then
+ * removing empty instrumentation.
+ */
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{ }
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ return 0;
+}
diff --git a/tests/plugin/insn.c b/tests/plugin/insn.c
new file mode 100644
index 0000000000..3000ab4b73
--- /dev/null
+++ b/tests/plugin/insn.c
@@ -0,0 +1,62 @@
+/*
+ * Copyright (C) 2018, Emilio G. Cota <cota@braap.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+
+#include <qemu-plugin.h>
+
+static int stdout_fd;
+static uint64_t insn_count;
+static bool do_inline;
+
+static void vcpu_insn_exec_before(unsigned int cpu_index, void *udata)
+{
+ insn_count++;
+}
+
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{
+ size_t n = qemu_plugin_tb_n_insns(tb);
+ size_t i;
+
+ for (i = 0; i < n; i++) {
+ struct qemu_plugin_insn *insn = qemu_plugin_tb_get_insn(tb, i);
+
+ if (do_inline) {
+ qemu_plugin_register_vcpu_insn_exec_inline(
+ insn, QEMU_PLUGIN_INLINE_ADD_U64, &insn_count, 1);
+ } else {
+ qemu_plugin_register_vcpu_insn_exec_cb(
+ insn, vcpu_insn_exec_before, QEMU_PLUGIN_CB_NO_REGS, NULL);
+ }
+ }
+}
+
+static void plugin_exit(qemu_plugin_id_t id, void *p)
+{
+ dprintf(stdout_fd, "insns: %" PRIu64 "\n", insn_count);
+}
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ if (argc && !strcmp(argv[0], "inline")) {
+ do_inline = true;
+ }
+
+ /* to be used when in the exit hook */
+ stdout_fd = dup(STDOUT_FILENO);
+ assert(stdout_fd);
+
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
+ return 0;
+}
diff --git a/tests/plugin/mem.c b/tests/plugin/mem.c
new file mode 100644
index 0000000000..e5490f4a99
--- /dev/null
+++ b/tests/plugin/mem.c
@@ -0,0 +1,96 @@
+/*
+ * Copyright (C) 2018, Emilio G. Cota <cota@braap.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+
+#include <qemu-plugin.h>
+
+static uint64_t mem_count;
+static uint64_t io_count;
+static int stdout_fd;
+static bool do_inline;
+static bool do_haddr;
+static enum qemu_plugin_mem_rw rw = QEMU_PLUGIN_MEM_RW;
+
+static void plugin_exit(qemu_plugin_id_t id, void *p)
+{
+ dprintf(stdout_fd, "mem accesses: %" PRIu64 "\n", mem_count);
+ if (do_haddr) {
+ dprintf(stdout_fd, "io accesses: %" PRIu64 "\n", mem_count);
+ }
+}
+
+static void vcpu_mem(unsigned int cpu_index, qemu_plugin_meminfo_t meminfo,
+ uint64_t vaddr, void *udata)
+{
+ if (do_haddr) {
+ struct qemu_plugin_hwaddr *hwaddr;
+ hwaddr = qemu_plugin_get_hwaddr(meminfo, vaddr);
+ if (qemu_plugin_hwaddr_is_io(hwaddr)) {
+ io_count++;
+ } else {
+ mem_count++;
+ }
+ } else {
+ mem_count++;
+ }
+}
+
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{
+ size_t n = qemu_plugin_tb_n_insns(tb);
+ size_t i;
+
+ for (i = 0; i < n; i++) {
+ struct qemu_plugin_insn *insn = qemu_plugin_tb_get_insn(tb, i);
+
+ if (do_inline) {
+ qemu_plugin_register_vcpu_mem_inline(insn, rw,
+ QEMU_PLUGIN_INLINE_ADD_U64,
+ &mem_count, 1);
+ } else {
+ qemu_plugin_register_vcpu_mem_cb(insn, vcpu_mem,
+ QEMU_PLUGIN_CB_NO_REGS,
+ rw, NULL);
+ }
+ }
+}
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ if (argc) {
+ if (argc >= 3) {
+ if (!strcmp(argv[2], "haddr")) {
+ do_haddr = true;
+ }
+ }
+ if (argc >= 2) {
+ const char *str = argv[1];
+
+ if (!strcmp(str, "r")) {
+ rw = QEMU_PLUGIN_MEM_R;
+ } else if (!strcmp(str, "w")) {
+ rw = QEMU_PLUGIN_MEM_W;
+ }
+ }
+ if (!strcmp(argv[0], "inline")) {
+ do_inline = true;
+ }
+ }
+ /* plugin_exit might write to stdout after stdout has been closed */
+ stdout_fd = dup(STDOUT_FILENO);
+ assert(stdout_fd);
+
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
+ return 0;
+}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 40/55] tests/tcg/Makefile.target: fix path to config-host.mak
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (38 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 39/55] tests/plugin: add sample plugins Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:15 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 41/55] tests/tcg: set QEMU_OPTS for all cris runs Alex Bennée
` (15 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Alex Bennée, robert.foley, peter.puhov, aaron, cota,
Philippe Mathieu-Daudé
Since moving where the tests are run the path to config-host.mak has
been wrong. This doesn't affect much but things like the time fallback
for CONFIG_DEBUG_TCG and will also get in the way of checking for
PLUGINS support.
Fixes: fc76c56d3f4
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tests/tcg/Makefile.target | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/tcg/Makefile.target b/tests/tcg/Makefile.target
index 5a9a6faba4..84abbd24f3 100644
--- a/tests/tcg/Makefile.target
+++ b/tests/tcg/Makefile.target
@@ -30,7 +30,7 @@
#
all:
--include ../../config-host.mak
+-include ../../../config-host.mak
-include ../config-$(TARGET).mak
# for including , in command strings
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 40/55] tests/tcg/Makefile.target: fix path to config-host.mak
2019-10-14 10:49 ` [PATCH v5 40/55] tests/tcg/Makefile.target: fix path to config-host.mak Alex Bennée
@ 2019-10-14 16:15 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:15 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, cota, Philippe Mathieu-Daudé, aaron, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> Since moving where the tests are run the path to config-host.mak has
> been wrong. This doesn't affect much but things like the time fallback
> for CONFIG_DEBUG_TCG and will also get in the way of checking for
> PLUGINS support.
>
> Fixes: fc76c56d3f4
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 41/55] tests/tcg: set QEMU_OPTS for all cris runs
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (39 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 40/55] tests/tcg/Makefile.target: fix path to config-host.mak Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:16 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 42/55] tests/tcg: move "virtual" tests to EXTRA_TESTS Alex Bennée
` (14 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, peter.puhov, aaron, cota, Edgar E. Iglesias,
Alex Bennée
This will important for ensuring the plugin test variants will also
work.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tests/tcg/cris/Makefile.target | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/tcg/cris/Makefile.target b/tests/tcg/cris/Makefile.target
index c1173ead42..24c7f2e761 100644
--- a/tests/tcg/cris/Makefile.target
+++ b/tests/tcg/cris/Makefile.target
@@ -47,7 +47,7 @@ CRT_FILES = crt.o sys.o
$(CC) $(ASFLAGS) $< -o $@ $(LDFLAGS) $(NOSTDFLAGS) $(CRT_FILES)
# The default CPU breaks (possibly as it's max?) so force crisv17
-$(CRIS_RUNS): QEMU_OPTS=-cpu crisv17
+QEMU_OPTS=-cpu crisv17
# Additional runners to run under GNU SIM
CRIS_RUNS_ON_SIM=$(patsubst %, %-on-sim, $(CRIS_RUNS))
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 42/55] tests/tcg: move "virtual" tests to EXTRA_TESTS
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (40 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 41/55] tests/tcg: set QEMU_OPTS for all cris runs Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:16 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 43/55] tests/tcg: drop test-i386-fprem from TESTS when not SLOW Alex Bennée
` (13 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Alex Bennée, robert.foley, peter.puhov,
aaron, cota, open list:ARM TCG CPUs, Philippe Mathieu-Daudé
Otherwise clever expanders like the plugins test get unstuck.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tests/tcg/Makefile.target | 4 +++-
tests/tcg/aarch64/Makefile.softmmu-target | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/tests/tcg/Makefile.target b/tests/tcg/Makefile.target
index 84abbd24f3..9664613002 100644
--- a/tests/tcg/Makefile.target
+++ b/tests/tcg/Makefile.target
@@ -66,6 +66,8 @@ conditional-diff-out = \
# Tests we are building
TESTS=
+# additional tests which may re-use existing binaries
+EXTRA_TESTS=
# Start with a blank slate, the build targets get to add stuff first
CFLAGS=
@@ -109,7 +111,7 @@ else
endif
-all: $(TESTS)
+all: $(TESTS) $(EXTRA_TESTS)
#
# Test Runners
diff --git a/tests/tcg/aarch64/Makefile.softmmu-target b/tests/tcg/aarch64/Makefile.softmmu-target
index b4b3957963..950dbb4bac 100644
--- a/tests/tcg/aarch64/Makefile.softmmu-target
+++ b/tests/tcg/aarch64/Makefile.softmmu-target
@@ -52,4 +52,4 @@ run-memory-replay: memory-replay run-memory-record
$(QEMU_OPTS) memory, \
"$< on $(TARGET_NAME)")
-TESTS+=memory-record memory-replay
+EXTRA_TESTS+=memory-record memory-replay
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 42/55] tests/tcg: move "virtual" tests to EXTRA_TESTS
2019-10-14 10:49 ` [PATCH v5 42/55] tests/tcg: move "virtual" tests to EXTRA_TESTS Alex Bennée
@ 2019-10-14 16:16 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:16 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: Peter Maydell, robert.foley, peter.puhov, aaron, cota,
open list:ARM TCG CPUs, Philippe Mathieu-Daudé
On 10/14/19 3:49 AM, Alex Bennée wrote:
> Otherwise clever expanders like the plugins test get unstuck.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> ---
> tests/tcg/Makefile.target | 4 +++-
> tests/tcg/aarch64/Makefile.softmmu-target | 2 +-
> 2 files changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 43/55] tests/tcg: drop test-i386-fprem from TESTS when not SLOW
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (41 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 42/55] tests/tcg: move "virtual" tests to EXTRA_TESTS Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:44 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 44/55] tests/tcg: enable plugin testing Alex Bennée
` (12 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Eduardo Habkost, robert.foley, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
This is a very slow running test which we only enable explicitly.
However having it in the TESTS lists would confuse additional tests
like the plugins test which want to run on all currently enabled
tests.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tests/tcg/i386/Makefile.target | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/tests/tcg/i386/Makefile.target b/tests/tcg/i386/Makefile.target
index 08c5736a4d..43ee2e181e 100644
--- a/tests/tcg/i386/Makefile.target
+++ b/tests/tcg/i386/Makefile.target
@@ -7,10 +7,8 @@ VPATH += $(I386_SRC)
I386_SRCS=$(notdir $(wildcard $(I386_SRC)/*.c))
ALL_X86_TESTS=$(I386_SRCS:.c=)
-I386_TESTS:=$(filter-out test-i386-ssse3, $(ALL_X86_TESTS))
+SKIP_I386_TESTS=test-i386-ssse3
X86_64_TESTS:=$(filter test-i386-ssse3, $(ALL_X86_TESTS))
-# Update TESTS
-TESTS=$(MULTIARCH_TESTS) $(I386_TESTS)
#
# hello-i386 is a barebones app
@@ -36,9 +34,12 @@ run-test-i386-fprem: test-i386-fprem test-i386-fprem.ref
$(call run-test,test-i386-fprem, $(QEMU) $<,"$< on $(TARGET_NAME)")
$(call diff-out,test-i386-fprem, test-i386-fprem.ref)
else
-run-test-i386-fprem: test-i386-fprem
- $(call skip-test, $<, "SLOW")
+SKIP_I386_TESTS+=test-i386-fprem
endif
+# Update TESTS
+I386_TESTS:=$(filter-out $(SKIP_I386_TESTS), $(ALL_X86_TESTS))
+TESTS=$(MULTIARCH_TESTS) $(I386_TESTS)
+
# On i386 and x86_64 Linux only supports 4k pages (large pages are a different hack)
EXTRA_RUNS+=run-test-mmap-4096
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 44/55] tests/tcg: enable plugin testing
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (42 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 43/55] tests/tcg: drop test-i386-fprem from TESTS when not SLOW Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:46 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 45/55] tests/plugin: add a hotblocks plugin Alex Bennée
` (11 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Peter Maydell, Alex Bennée, robert.foley, peter.puhov,
aaron, cota, open list:ARM TCG CPUs, Philippe Mathieu-Daudé
If CONFIG_PLUGINS is enabled then lets enable testing for all our TCG
targets. This is a simple smoke test that ensure we don't crash or
otherwise barf out by running each plugin against each test.
There is a minor knock on effect for additional runners which need
specialised QEMU_OPTS which will also need to declare a plugin version
of the runner. If this gets onerous we might need to add another
helper.
Checking the results of the plugins is left for a later exercise.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v5
- fix for the latest changes to check-tcg
- extend timeout for plugin tests
- add special runner for semihosting with plugin
- fix naming of test in call output
- add special plugin aware runners for semihosting
---
tests/Makefile.include | 11 ++++++++-
tests/tcg/Makefile.target | 35 +++++++++++++++++++++++++++
tests/tcg/aarch64/Makefile.target | 6 +++++
tests/tcg/arm/Makefile.softmmu-target | 1 +
tests/tcg/arm/Makefile.target | 6 +++++
5 files changed, 58 insertions(+), 1 deletion(-)
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 3543451ed3..646a704e65 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -1052,6 +1052,15 @@ check-softfloat:
"SKIPPED for non-TCG builds")
endif
+# Plugins
+ifeq ($(CONFIG_PLUGIN),y)
+.PHONY: plugins
+plugins:
+ $(call quiet-command,\
+ $(MAKE) $(SUBDIR_MAKEFLAGS) -C tests/plugin V="$(V)", \
+ "BUILD", "plugins")
+endif
+
# Per guest TCG tests
BUILD_TCG_TARGET_RULES=$(patsubst %,build-tcg-tests-%, $(TARGET_DIRS))
@@ -1062,7 +1071,7 @@ RUN_TCG_TARGET_RULES=$(patsubst %,run-tcg-tests-%, $(TARGET_DIRS))
$(foreach PROBE_TARGET,$(TARGET_DIRS), \
$(eval -include $(SRC_PATH)/tests/tcg/Makefile.prereqs))
-build-tcg-tests-%:
+build-tcg-tests-%: $(if $(CONFIG_PLUGIN),plugins)
$(call quiet-command,$(MAKE) $(SUBDIR_MAKEFLAGS) \
-f $(SRC_PATH)/tests/tcg/Makefile.qemu \
SRC_PATH=$(SRC_PATH) \
diff --git a/tests/tcg/Makefile.target b/tests/tcg/Makefile.target
index 9664613002..d25fc64300 100644
--- a/tests/tcg/Makefile.target
+++ b/tests/tcg/Makefile.target
@@ -123,11 +123,38 @@ all: $(TESTS) $(EXTRA_TESTS)
#
RUN_TESTS=$(patsubst %,run-%, $(TESTS))
+
+# If plugins exist also include those in the tests
+ifeq ($(CONFIG_PLUGIN),y)
+PLUGIN_DIR=../../plugin
+VPATH+=$(PLUGIN_DIR)
+PLUGINS=$(notdir $(wildcard $(PLUGIN_DIR)/*.so))
+
+# We need to ensure expand the run-plugin-TEST-with-PLUGIN
+# pre-requistes manually here as we can't use stems to handle it. We
+# also add some special helpers the run-plugin- rules can use bellow.
+
+$(foreach p,$(PLUGINS), \
+ $(foreach t,$(TESTS),\
+ $(eval run-plugin-$(t)-with-$(p): $t $p) \
+ $(eval run-plugin-$(t)-with-$(p): TIMEOUT=30) \
+ $(eval RUN_TESTS+=run-plugin-$(t)-with-$(p))))
+endif
+
+strip-plugin = $(wordlist 1, 1, $(subst -with-, ,$1))
+extract-plugin = $(wordlist 2, 2, $(subst -with-, ,$1))
+
RUN_TESTS+=$(EXTRA_RUNS)
ifdef CONFIG_USER_ONLY
run-%: %
$(call run-test, $<, $(QEMU) $(QEMU_OPTS) $<, "$< on $(TARGET_NAME)")
+
+run-plugin-%:
+ $(call run-test, $@, $(QEMU) $(QEMU_OPTS) \
+ -plugin $(PLUGIN_DIR)/$(call extract-plugin,$@) \
+ $(call strip-plugin,$<), \
+ "$* on $(TARGET_NAME)")
else
run-%: %
$(call run-test, $<, \
@@ -135,6 +162,14 @@ run-%: %
-chardev file$(COMMA)path=$<.out$(COMMA)id=output \
$(QEMU_OPTS) $<, \
"$< on $(TARGET_NAME)")
+
+run-plugin-%:
+ $(call run-test, $@, \
+ $(QEMU) -monitor none -display none \
+ -chardev file$(COMMA)path=$@.out$(COMMA)id=output \
+ -plugin $(PLUGIN_DIR)/$(call extract-plugin,$@) \
+ $(QEMU_OPTS) $(call strip-plugin,$<), \
+ "$* on $(TARGET_NAME)")
endif
gdb-%: %
diff --git a/tests/tcg/aarch64/Makefile.target b/tests/tcg/aarch64/Makefile.target
index 509f1afa93..96d2321045 100644
--- a/tests/tcg/aarch64/Makefile.target
+++ b/tests/tcg/aarch64/Makefile.target
@@ -26,4 +26,10 @@ AARCH64_TESTS += semihosting
run-semihosting: semihosting
$(call run-test,$<,$(QEMU) $< 2> $<.err, "$< on $(TARGET_NAME)")
+run-plugin-semihosting-with-%:
+ $(call run-test, $@, $(QEMU) $(QEMU_OPTS) \
+ -plugin $(PLUGIN_DIR)/$(call extract-plugin,$@) \
+ $(call strip-plugin,$<) 2> $<.err, \
+ "$< on $(TARGET_NAME) with $*")
+
TESTS += $(AARCH64_TESTS)
diff --git a/tests/tcg/arm/Makefile.softmmu-target b/tests/tcg/arm/Makefile.softmmu-target
index 231e9a57b4..3fe237ba39 100644
--- a/tests/tcg/arm/Makefile.softmmu-target
+++ b/tests/tcg/arm/Makefile.softmmu-target
@@ -23,3 +23,4 @@ LDFLAGS+=-nostdlib -N -static
test-armv6m-undef: EXTRA_CFLAGS+=-mcpu=cortex-m0
run-test-armv6m-undef: QEMU_OPTS+=-semihosting -M microbit -kernel
+run-plugin-test-armv6m-undef-%: QEMU_OPTS+=-semihosting -M microbit -kernel
diff --git a/tests/tcg/arm/Makefile.target b/tests/tcg/arm/Makefile.target
index 3ddff85240..0765f37ff0 100644
--- a/tests/tcg/arm/Makefile.target
+++ b/tests/tcg/arm/Makefile.target
@@ -34,6 +34,12 @@ ARM_TESTS += semihosting
run-semihosting: semihosting
$(call run-test,$<,$(QEMU) $< 2> $<.err, "$< on $(TARGET_NAME)")
+run-plugin-semihosting-with-%:
+ $(call run-test, $@, $(QEMU) $(QEMU_OPTS) \
+ -plugin $(PLUGIN_DIR)/$(call extract-plugin,$@) \
+ $(call strip-plugin,$<) 2> $<.err, \
+ "$< on $(TARGET_NAME) with $*")
+
TESTS += $(ARM_TESTS)
# On ARM Linux only supports 4k pages
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 44/55] tests/tcg: enable plugin testing
2019-10-14 10:49 ` [PATCH v5 44/55] tests/tcg: enable plugin testing Alex Bennée
@ 2019-10-14 16:46 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:46 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: Peter Maydell, robert.foley, peter.puhov, aaron, cota,
open list:ARM TCG CPUs, Philippe Mathieu-Daudé
On 10/14/19 3:49 AM, Alex Bennée wrote:
> If CONFIG_PLUGINS is enabled then lets enable testing for all our TCG
> targets. This is a simple smoke test that ensure we don't crash or
> otherwise barf out by running each plugin against each test.
>
> There is a minor knock on effect for additional runners which need
> specialised QEMU_OPTS which will also need to declare a plugin version
> of the runner. If this gets onerous we might need to add another
> helper.
>
> Checking the results of the plugins is left for a later exercise.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v5
> - fix for the latest changes to check-tcg
> - extend timeout for plugin tests
> - add special runner for semihosting with plugin
> - fix naming of test in call output
> - add special plugin aware runners for semihosting
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 45/55] tests/plugin: add a hotblocks plugin
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (43 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 44/55] tests/tcg: enable plugin testing Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:49 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 46/55] plugin: add qemu_plugin_insn_disas helper Alex Bennée
` (10 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
This is a simple plugin to track which translation blocks are call
most often. As we don't have a view of the internals of TCG we can
only work by the address of the start of the block so we also need to
tracks how often the address is translated.
As there will be multiple blocks starting at the same address. We can
try and work around this by futzing the value to feed to the hash with
the insn count.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v5
- handle 0 length report
---
tests/plugin/Makefile | 1 +
tests/plugin/hotblocks.c | 148 +++++++++++++++++++++++++++++++++++++++
2 files changed, 149 insertions(+)
create mode 100644 tests/plugin/hotblocks.c
diff --git a/tests/plugin/Makefile b/tests/plugin/Makefile
index f9a3546ea3..e74940eaac 100644
--- a/tests/plugin/Makefile
+++ b/tests/plugin/Makefile
@@ -10,6 +10,7 @@ NAMES += bb
NAMES += empty
NAMES += insn
NAMES += mem
+NAMES += hotblocks
SONAMES := $(addsuffix .so,$(addprefix lib,$(NAMES)))
diff --git a/tests/plugin/hotblocks.c b/tests/plugin/hotblocks.c
new file mode 100644
index 0000000000..a150179a5c
--- /dev/null
+++ b/tests/plugin/hotblocks.c
@@ -0,0 +1,148 @@
+/*
+ * Copyright (C) 2019, Alex Bennée <alex.bennee@linaro.org>
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <inttypes.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <glib.h>
+
+#include <qemu-plugin.h>
+
+static bool do_inline;
+static int stdout_fd;
+
+/* Plugins need to take care of their own locking */
+static GMutex lock;
+static GHashTable *hotblocks;
+static guint64 limit = 20;
+
+/*
+ * Counting Structure
+ *
+ * The internals of the TCG are not exposed to plugins so we can only
+ * get the starting PC for each block. We cheat this slightly by
+ * xor'ing the number of instructions to the hash to help
+ * differentiate.
+ */
+typedef struct {
+ uint64_t start_addr;
+ uint64_t exec_count;
+ int trans_count;
+ unsigned long insns;
+} ExecCount;
+
+static gint cmp_exec_count(gconstpointer a, gconstpointer b)
+{
+ ExecCount *ea = (ExecCount *) a;
+ ExecCount *eb = (ExecCount *) b;
+ return ea->exec_count > eb->exec_count ? -1 : 1;
+}
+
+static void plugin_exit(qemu_plugin_id_t id, void *p)
+{
+ GString *report = g_string_new("collected ");
+ GList *counts, *it;
+ int i;
+
+ g_mutex_lock(&lock);
+ g_string_append_printf(report, "%d entries in the hash table\n",
+ g_hash_table_size(hotblocks));
+ counts = g_hash_table_get_values(hotblocks);
+ it = g_list_sort(counts, cmp_exec_count);
+
+ if (it) {
+ g_string_append_printf(report, "pc, tcount, icount, ecount\n");
+
+ for (i = 0; i < limit && it->next; i++, it = it->next) {
+ ExecCount *rec = (ExecCount *) it->data;
+ g_string_append_printf(report, "%#016"PRIx64", %d, %ld, %"PRId64"\n",
+ rec->start_addr, rec->trans_count,
+ rec->insns, rec->exec_count);
+ }
+
+ g_list_free(it);
+ g_mutex_unlock(&lock);
+ }
+
+ dprintf(stdout_fd, "%s", report->str);
+ g_string_free(report, true);
+}
+
+static void plugin_init(void)
+{
+ hotblocks = g_hash_table_new(NULL, g_direct_equal);
+}
+
+static void vcpu_tb_exec(unsigned int cpu_index, void *udata)
+{
+ ExecCount *cnt;
+ uint64_t hash = (uint64_t) udata;
+
+ g_mutex_lock(&lock);
+ cnt = (ExecCount *) g_hash_table_lookup(hotblocks, (gconstpointer) hash);
+ /* should always succeed */
+ g_assert(cnt);
+ cnt->exec_count++;
+ g_mutex_unlock(&lock);
+}
+
+/*
+ * When do_inline we ask the plugin to increment the counter for us.
+ * Otherwise a helper is inserted which calls the vcpu_tb_exec
+ * callback.
+ */
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{
+ ExecCount *cnt;
+ uint64_t pc = qemu_plugin_tb_vaddr(tb);
+ unsigned long insns = qemu_plugin_tb_n_insns(tb);
+ uint64_t hash = pc ^ insns;
+
+ g_mutex_lock(&lock);
+ cnt = (ExecCount *) g_hash_table_lookup(hotblocks, (gconstpointer) hash);
+ if (cnt) {
+ cnt->trans_count++;
+ } else {
+ cnt = g_new0(ExecCount, 1);
+ cnt->start_addr = pc;
+ cnt->trans_count = 1;
+ cnt->insns = insns;
+ g_hash_table_insert(hotblocks, (gpointer) hash, (gpointer) cnt);
+ }
+
+ g_mutex_unlock(&lock);
+
+ if (do_inline) {
+ qemu_plugin_register_vcpu_tb_exec_inline(tb, QEMU_PLUGIN_INLINE_ADD_U64,
+ &cnt->exec_count, 1);
+ } else {
+ qemu_plugin_register_vcpu_tb_exec_cb(tb, vcpu_tb_exec,
+ QEMU_PLUGIN_CB_NO_REGS,
+ (void *)hash);
+ }
+}
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ if (argc && strcmp(argv[0], "inline") == 0) {
+ do_inline = true;
+ }
+
+ /* to be used when in the exit hook */
+ stdout_fd = dup(STDOUT_FILENO);
+ assert(stdout_fd);
+
+ plugin_init();
+
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
+ return 0;
+}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 45/55] tests/plugin: add a hotblocks plugin
2019-10-14 10:49 ` [PATCH v5 45/55] tests/plugin: add a hotblocks plugin Alex Bennée
@ 2019-10-14 16:49 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:49 UTC (permalink / raw)
To: Alex Bennée, qemu-devel; +Cc: aaron, cota, robert.foley, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> This is a simple plugin to track which translation blocks are call
> most often. As we don't have a view of the internals of TCG we can
> only work by the address of the start of the block so we also need to
> tracks how often the address is translated.
>
> As there will be multiple blocks starting at the same address. We can
> try and work around this by futzing the value to feed to the hash with
> the insn count.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v5
> - handle 0 length report
> ---
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 46/55] plugin: add qemu_plugin_insn_disas helper
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (44 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 45/55] tests/plugin: add a hotblocks plugin Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 47/55] tests/plugin: add instruction execution breakdown Alex Bennée
` (9 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
Give the plugins access to the QEMU dissasembler so they don't have to
re-invent the wheel. We generate a warning when there are spare bytes
in the decode buffer. This is usually due to the front end loading in
more bytes than decoded.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
v5
- fix plugin_printf to use vprintf with va
- use __thread storage for string
- only decode single instruction for bfd case
- don't assert, warn_report when we have spare bytes in insn buffer
---
disas.c | 110 +++++++++++++++++++++++++++++++++++
include/disas/disas.h | 2 +
include/qemu/qemu-plugin.h | 9 +++
plugins/api.c | 7 +++
plugins/qemu-plugins.symbols | 1 +
5 files changed, 129 insertions(+)
diff --git a/disas.c b/disas.c
index 3e2bfa572b..02f68e92ab 100644
--- a/disas.c
+++ b/disas.c
@@ -418,6 +418,7 @@ static bool cap_disas_monitor(disassemble_info *info, uint64_t pc, int count)
# define cap_disas_target(i, p, s) false
# define cap_disas_host(i, p, s) false
# define cap_disas_monitor(i, p, c) false
+# define cap_disas_plugin(i, p, c) false
#endif /* CONFIG_CAPSTONE */
/* Disassemble this for me please... (debugging). */
@@ -475,6 +476,115 @@ void target_disas(FILE *out, CPUState *cpu, target_ulong code,
}
}
+static __thread GString plugin_disas_output;
+
+static int plugin_printf(FILE *stream, const char *fmt, ...)
+{
+ va_list va;
+ GString *s = &plugin_disas_output;
+ int initial_len = s->len;
+
+ va_start(va, fmt);
+ g_string_append_vprintf(s, fmt, va);
+ va_end(va);
+
+ return s->len - initial_len;
+}
+
+static void plugin_print_address(bfd_vma addr, struct disassemble_info *info)
+{
+ /* does nothing */
+}
+
+
+#ifdef CONFIG_CAPSTONE
+/* Disassemble a single instruction directly into plugin output */
+static
+bool cap_disas_plugin(disassemble_info *info, uint64_t pc, size_t size)
+{
+ uint8_t cap_buf[1024];
+ csh handle;
+ cs_insn *insn;
+ size_t csize = 0;
+ int count;
+ GString *s = &plugin_disas_output;
+
+ if (cap_disas_start(info, &handle) != CS_ERR_OK) {
+ return false;
+ }
+ insn = cap_insn;
+
+ size_t tsize = MIN(sizeof(cap_buf) - csize, size);
+ const uint8_t *cbuf = cap_buf;
+ target_read_memory(pc, cap_buf, tsize, info);
+
+ count = cs_disasm(handle, cbuf, size, 0, 1, &insn);
+
+ if (count) {
+ g_string_printf(s, "%s %s", insn->mnemonic, insn->op_str);
+ } else {
+ g_string_printf(s, "cs_disasm failed");
+ }
+
+ cs_close(&handle);
+ return true;
+}
+#endif
+
+/*
+ * We should only be dissembling one instruction at a time here. If
+ * there is left over it usually indicates the front end has read more
+ * bytes than it needed.
+ */
+char * plugin_disas(CPUState *cpu, uint64_t addr, size_t size)
+{
+ CPUClass *cc = CPU_GET_CLASS(cpu);
+ int count;
+ CPUDebug s;
+ GString *ds = g_string_set_size(&plugin_disas_output, 0);
+
+ g_assert(ds == &plugin_disas_output);
+
+ INIT_DISASSEMBLE_INFO(s.info, NULL, plugin_printf);
+
+ s.cpu = cpu;
+ s.info.read_memory_func = target_read_memory;
+ s.info.buffer_vma = addr;
+ s.info.buffer_length = size;
+ s.info.print_address_func = plugin_print_address;
+ s.info.cap_arch = -1;
+ s.info.cap_mode = 0;
+ s.info.cap_insn_unit = 4;
+ s.info.cap_insn_split = 4;
+
+#ifdef TARGET_WORDS_BIGENDIAN
+ s.info.endian = BFD_ENDIAN_BIG;
+#else
+ s.info.endian = BFD_ENDIAN_LITTLE;
+#endif
+
+ if (cc->disas_set_info) {
+ cc->disas_set_info(cpu, &s.info);
+ }
+
+ if (s.info.cap_arch >= 0 && cap_disas_plugin(&s.info, addr, size)) {
+ return g_strdup(ds->str);
+ }
+
+ if (s.info.print_insn == NULL) {
+ s.info.print_insn = print_insn_od_target;
+ }
+
+ count = s.info.print_insn(addr, &s.info);
+
+ /* The decoder probably read more than it needed it's not critical */
+ if (count < size) {
+ warn_report("%s: %zu bytes left over\n", __func__, size - count);
+ }
+
+ return g_strdup(ds->str);
+}
+
/* Disassemble this for me please... (debugging). */
void disas(FILE *out, void *code, unsigned long size)
{
diff --git a/include/disas/disas.h b/include/disas/disas.h
index ba47e9197c..8481d4a8b3 100644
--- a/include/disas/disas.h
+++ b/include/disas/disas.h
@@ -14,6 +14,8 @@ void target_disas(FILE *out, CPUState *cpu, target_ulong code,
void monitor_disas(Monitor *mon, CPUState *cpu,
target_ulong pc, int nb_insn, int is_physical);
+char * plugin_disas(CPUState *cpu, uint64_t addr, size_t size);
+
/* Look up symbol for debugging purpose. Returns "" if unknown. */
const char *lookup_symbol(target_ulong orig_addr);
#endif
diff --git a/include/qemu/qemu-plugin.h b/include/qemu/qemu-plugin.h
index d9c1ca3b4c..8b403dd615 100644
--- a/include/qemu/qemu-plugin.h
+++ b/include/qemu/qemu-plugin.h
@@ -324,6 +324,15 @@ qemu_plugin_register_vcpu_syscall_ret_cb(qemu_plugin_id_t id,
qemu_plugin_vcpu_syscall_ret_cb_t cb);
+/**
+ * qemu_plugin_insn_disas() - return disassembly string for instruction
+ * @insn: instruction reference
+ *
+ * Returns an allocated string containing the disassembly
+ */
+
+char * qemu_plugin_insn_disas(const struct qemu_plugin_insn *insn);
+
/**
* qemu_plugin_vcpu_for_each() - iterate over the existing vCPU
* @id: plugin ID
diff --git a/plugins/api.c b/plugins/api.c
index fbacd78df6..a9fa229369 100644
--- a/plugins/api.c
+++ b/plugins/api.c
@@ -40,6 +40,7 @@
#include "sysemu/sysemu.h"
#include "tcg/tcg.h"
#include "exec/exec-all.h"
+#include "disas/disas.h"
#include "plugin.h"
#ifndef CONFIG_USER_ONLY
#include "hw/boards.h"
@@ -211,6 +212,12 @@ void *qemu_plugin_insn_haddr(const struct qemu_plugin_insn *insn)
return insn->haddr;
}
+char *qemu_plugin_insn_disas(const struct qemu_plugin_insn *insn)
+{
+ CPUState *cpu = current_cpu;
+ return plugin_disas(cpu, insn->vaddr, insn->data->len);
+}
+
/*
* The memory queries allow the plugin to query information about a
* memory access.
diff --git a/plugins/qemu-plugins.symbols b/plugins/qemu-plugins.symbols
index 40c0d1abd2..267ec381b4 100644
--- a/plugins/qemu-plugins.symbols
+++ b/plugins/qemu-plugins.symbols
@@ -25,6 +25,7 @@
qemu_plugin_insn_size;
qemu_plugin_insn_vaddr;
qemu_plugin_insn_haddr;
+ qemu_plugin_insn_disas;
qemu_plugin_mem_size_shift;
qemu_plugin_mem_is_sign_extended;
qemu_plugin_mem_is_big_endian;
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 47/55] tests/plugin: add instruction execution breakdown
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (45 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 46/55] plugin: add qemu_plugin_insn_disas helper Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:50 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 48/55] tests/plugin: add hotpages plugin to breakdown memory access patterns Alex Bennée
` (8 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
This gives a break down of instruction classes and individual
instruction types.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v5
- add a bitmap guide to the comment ;-)
---
tests/plugin/Makefile | 1 +
tests/plugin/howvec.c | 303 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 304 insertions(+)
create mode 100644 tests/plugin/howvec.c
diff --git a/tests/plugin/Makefile b/tests/plugin/Makefile
index e74940eaac..3656429d46 100644
--- a/tests/plugin/Makefile
+++ b/tests/plugin/Makefile
@@ -11,6 +11,7 @@ NAMES += empty
NAMES += insn
NAMES += mem
NAMES += hotblocks
+NAMES += howvec
SONAMES := $(addsuffix .so,$(addprefix lib,$(NAMES)))
diff --git a/tests/plugin/howvec.c b/tests/plugin/howvec.c
new file mode 100644
index 0000000000..b435c6b64d
--- /dev/null
+++ b/tests/plugin/howvec.c
@@ -0,0 +1,303 @@
+/*
+ * Copyright (C) 2019, Alex Bennée <alex.bennee@linaro.org>
+ *
+ * How vectorised is this code?
+ *
+ * Attempt to measure the amount of vectorisation that has been done
+ * on some code by counting classes of instruction. This is very much
+ * ARM specific.
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <inttypes.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <glib.h>
+
+#include <qemu-plugin.h>
+
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+
+typedef enum {
+ COUNT_CLASS,
+ COUNT_INDIVIDUAL,
+ COUNT_NONE
+} CountType;
+
+static int limit = 50;
+static int stdout_fd;
+static bool do_inline;
+static bool verbose;
+
+static GMutex lock;
+static GHashTable *insns;
+
+typedef struct {
+ const char *class;
+ const char *opt;
+ uint32_t mask;
+ uint32_t pattern;
+ CountType what;
+ uint64_t count;
+} InsnClassExecCount;
+
+typedef struct {
+ char *insn;
+ uint32_t opcode;
+ uint64_t count;
+ InsnClassExecCount *class;
+} InsnExecCount;
+
+/*
+ * Matchers for classes of instructions, order is important.
+ *
+ * Your most precise match must be before looser matches. If no match
+ * is found in the table we can create an individual entry.
+ *
+ * 31..28 27..24 23..20 19..16 15..12 11..8 7..4 3..0
+ */
+InsnClassExecCount insn_classes[] = {
+ /* "Reserved"" */
+ { " UDEF", "udef", 0xffff0000, 0x00000000, COUNT_NONE},
+ { " SVE", "sve", 0x1e000000, 0x04000000, COUNT_CLASS},
+ { "Reserved", "res", 0x1e000000, 0x00000000, COUNT_CLASS},
+ /* Data Processing Immediate */
+ { " PCrel addr", "pcrel", 0x1f000000, 0x10000000, COUNT_CLASS},
+ { " Add/Sub (imm,tags)","asit", 0x1f800000, 0x11800000, COUNT_CLASS},
+ { " Add/Sub (imm)", "asi", 0x1f000000, 0x11000000, COUNT_CLASS},
+ { " Logical (imm)", "logi", 0x1f800000, 0x12000000, COUNT_CLASS},
+ { " Move Wide (imm)", "movwi", 0x1f800000, 0x12800000, COUNT_CLASS},
+ { " Bitfield", "bitf", 0x1f800000, 0x13000000, COUNT_CLASS},
+ { " Extract", "extr", 0x1f800000, 0x13800000, COUNT_CLASS},
+ { "Data Proc Imm", "dpri", 0x1c000000, 0x10000000, COUNT_CLASS},
+ /* Branches */
+ { " Cond Branch (imm)", "cndb", 0xfe000000, 0x54000000, COUNT_CLASS},
+ { " Exception Gen", "excp", 0xff000000, 0xd4000000, COUNT_CLASS},
+ { " NOP", "nop", 0xffffffff, 0xd503201f, COUNT_NONE},
+ { " Hints", "hint", 0xfffff000, 0xd5032000, COUNT_CLASS},
+ { " Barriers", "barr", 0xfffff000, 0xd5033000, COUNT_CLASS},
+ { " PSTATE", "psta", 0xfff8f000, 0xd5004000, COUNT_CLASS},
+ { " System Insn", "sins", 0xffd80000, 0xd5080000, COUNT_CLASS},
+ { " System Reg", "sreg", 0xffd00000, 0xd5100000, COUNT_CLASS},
+ { " Branch (reg)", "breg", 0xfe000000, 0xd6000000, COUNT_CLASS},
+ { " Branch (imm)", "bimm", 0x7c000000, 0x14000000, COUNT_CLASS},
+ { " Cmp & Branch", "cmpb", 0x7e000000, 0x34000000, COUNT_CLASS},
+ { " Tst & Branch", "tstb", 0x7e000000, 0x36000000, COUNT_CLASS},
+ { "Branches", "branch", 0x1c000000, 0x14000000, COUNT_CLASS},
+ /* Loads and Stores */
+ { " AdvSimd ldstmult", "advlsm", 0xbfbf0000, 0x0c000000, COUNT_CLASS},
+ { " AdvSimd ldstmult++","advlsmp",0xbfb00000, 0x0c800000, COUNT_CLASS},
+ { " AdvSimd ldst", "advlss", 0xbf9f0000, 0x0d000000, COUNT_CLASS},
+ { " AdvSimd ldst++", "advlssp",0xbf800000, 0x0d800000, COUNT_CLASS},
+ { " ldst excl", "ldstx", 0x3f000000, 0x08000000, COUNT_CLASS},
+ { " Prefetch", "prfm", 0xff000000, 0xd8000000, COUNT_CLASS},
+ { " Load Reg (lit)", "ldlit", 0x1b000000, 0x18000000, COUNT_CLASS},
+ { " ldst noalloc pair", "ldstnap",0x3b800000, 0x28000000, COUNT_CLASS},
+ { " ldst pair", "ldstp", 0x38000000, 0x28000000, COUNT_CLASS},
+ { " ldst reg", "ldstr", 0x3b200000, 0x38000000, COUNT_CLASS},
+ { " Atomic ldst", "atomic", 0x3b200c00, 0x38200000, COUNT_CLASS},
+ { " ldst reg (reg off)","ldstro", 0x3b200b00, 0x38200800, COUNT_CLASS},
+ { " ldst reg (pac)", "ldstpa", 0x3b200200, 0x38200800, COUNT_CLASS},
+ { " ldst reg (imm)", "ldsti", 0x3b000000, 0x39000000, COUNT_CLASS},
+ { "Loads & Stores", "ldst", 0x0a000000, 0x08000000, COUNT_CLASS},
+ /* Data Processing Register */
+ { "Data Proc Reg", "dprr", 0x0e000000, 0x0a000000, COUNT_CLASS},
+ /* Scalar FP */
+ { "Scalar FP ", "fpsimd", 0x0e000000, 0x0e000000, COUNT_CLASS},
+ /* Unclassified */
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_CLASS}
+};
+
+static gint cmp_exec_count(gconstpointer a, gconstpointer b)
+{
+ InsnExecCount *ea = (InsnExecCount *) a;
+ InsnExecCount *eb = (InsnExecCount *) b;
+ return ea->count > eb->count ? -1 : 1;
+}
+
+static void plugin_exit(qemu_plugin_id_t id, void *p)
+{
+ GString *report = g_string_new("Instruction Classes:\n");
+ int i;
+ GList *counts;
+
+ for (i = 0; i < ARRAY_SIZE(insn_classes); i++) {
+ switch (insn_classes[i].what) {
+ case COUNT_CLASS:
+ if (insn_classes[i].count || verbose) {
+ g_string_append_printf(report, "Class: %-24s\t(%ld hits)\n",
+ insn_classes[i].class,
+ insn_classes[i].count);
+ }
+ break;
+ case COUNT_INDIVIDUAL:
+ g_string_append_printf(report, "Class: %-24s\tcounted individually\n",
+ insn_classes[i].class);
+ break;
+ case COUNT_NONE:
+ g_string_append_printf(report, "Class: %-24s\tnot counted\n",
+ insn_classes[i].class);
+ break;
+ default:
+ break;
+ }
+ }
+
+ counts = g_hash_table_get_values(insns);
+ if (counts && g_list_next(counts)) {
+ GList *it;
+
+ g_string_append_printf(report,"Individual Instructions:\n");
+
+ it = g_list_sort(counts, cmp_exec_count);
+
+ for (i = 0; i < limit && it->next; i++, it = it->next) {
+ InsnExecCount *rec = (InsnExecCount *) it->data;
+ g_string_append_printf(report, "Instr: %-24s\t(%ld hits)\t(op=%#08x/%s)\n",
+ rec->insn,
+ rec->count,
+ rec->opcode,
+ rec->class ?
+ rec->class->class : "un-categorised");
+ }
+ g_list_free(it);
+ }
+
+ dprintf(stdout_fd, "%s", report->str);
+ g_string_free(report, true);
+}
+
+static void plugin_init(void)
+{
+ insns = g_hash_table_new(NULL, g_direct_equal);
+}
+
+static void vcpu_insn_exec_before(unsigned int cpu_index, void *udata)
+{
+ uint64_t *count = (uint64_t *) udata;
+ (*count)++;
+}
+
+static uint64_t * find_counter(struct qemu_plugin_insn *insn)
+{
+ int i;
+ uint64_t *cnt = NULL;
+ uint32_t opcode;
+ InsnClassExecCount *class = NULL;
+
+ /* we expect all instructions to by 32 bits for ARM */
+ g_assert(qemu_plugin_insn_size(insn) == 4);
+ opcode = *((uint32_t *)qemu_plugin_insn_data(insn));
+
+ for (i = 0; !cnt && i < ARRAY_SIZE(insn_classes); i++) {
+ uint32_t masked_bits = opcode & insn_classes[i].mask;
+ if (masked_bits == insn_classes[i].pattern) {
+ class = &insn_classes[i];
+ break;
+ }
+ }
+
+ g_assert(class);
+
+ switch (class->what) {
+ case COUNT_NONE:
+ return NULL;
+ case COUNT_CLASS:
+ return &class->count;
+ case COUNT_INDIVIDUAL:
+ {
+ InsnExecCount *icount;
+
+ g_mutex_lock(&lock);
+ icount = (InsnExecCount *) g_hash_table_lookup(insns,
+ GUINT_TO_POINTER(opcode));
+
+ if (!icount) {
+ icount = g_new0(InsnExecCount, 1);
+ icount->opcode = opcode;
+ icount->insn = qemu_plugin_insn_disas(insn);
+ icount->class = class;
+
+ if (verbose) {
+ dprintf(stdout_fd, "adding for %s (%#08x @ %#20lx from %s)\n",
+ icount->insn, opcode, qemu_plugin_insn_vaddr(insn),
+ class->class);
+ }
+ g_hash_table_insert(insns, GUINT_TO_POINTER(opcode),
+ (gpointer) icount);
+ }
+ g_mutex_unlock(&lock);
+
+ return &icount->count;
+ }
+ default:
+ g_assert_not_reached();
+ }
+
+ return NULL;
+}
+
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{
+ size_t n = qemu_plugin_tb_n_insns(tb);
+ size_t i;
+
+ for (i = 0; i < n; i++) {
+ uint64_t *cnt;
+ struct qemu_plugin_insn *insn = qemu_plugin_tb_get_insn(tb, i);
+ cnt = find_counter(insn);
+
+ if (cnt) {
+ if (do_inline) {
+ qemu_plugin_register_vcpu_insn_exec_inline(
+ insn, QEMU_PLUGIN_INLINE_ADD_U64, cnt, 1);
+ } else {
+ qemu_plugin_register_vcpu_insn_exec_cb(
+ insn, vcpu_insn_exec_before, QEMU_PLUGIN_CB_NO_REGS, cnt);
+ }
+ }
+ }
+}
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ int i;
+
+ for (i = 0; i < argc; i++) {
+ char *p = argv[i];
+ if (strcmp(p, "inline") == 0) {
+ do_inline = true;
+ } else if (strcmp(p, "verbose") == 0) {
+ verbose = true;
+ } else {
+ int j;
+ CountType type = COUNT_INDIVIDUAL;
+ if (*p == '!') {
+ type = COUNT_NONE;
+ p++;
+ }
+ for (j = 0; j < ARRAY_SIZE(insn_classes); j++) {
+ if (strcmp(p, insn_classes[j].opt) == 0) {
+ insn_classes[j].what = type;
+ break;
+ }
+ }
+ }
+ }
+
+ /* to be used when in the exit hook */
+ stdout_fd = dup(STDOUT_FILENO);
+ assert(stdout_fd);
+
+ plugin_init();
+
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
+ return 0;
+}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 48/55] tests/plugin: add hotpages plugin to breakdown memory access patterns
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (46 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 47/55] tests/plugin: add instruction execution breakdown Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:51 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 49/55] accel/stubs: reduce headers from tcg-stub Alex Bennée
` (7 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
This plugin gives a break down of access patterns grouped into pages.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
v4
- tweaks for new hwaddr api
- add sorting and pagesize selection args
---
tests/plugin/Makefile | 1 +
tests/plugin/hotpages.c | 179 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 180 insertions(+)
create mode 100644 tests/plugin/hotpages.c
diff --git a/tests/plugin/Makefile b/tests/plugin/Makefile
index 3656429d46..75467b6db8 100644
--- a/tests/plugin/Makefile
+++ b/tests/plugin/Makefile
@@ -12,6 +12,7 @@ NAMES += insn
NAMES += mem
NAMES += hotblocks
NAMES += howvec
+NAMES += hotpages
SONAMES := $(addsuffix .so,$(addprefix lib,$(NAMES)))
diff --git a/tests/plugin/hotpages.c b/tests/plugin/hotpages.c
new file mode 100644
index 0000000000..13ce8ffeb8
--- /dev/null
+++ b/tests/plugin/hotpages.c
@@ -0,0 +1,179 @@
+/*
+ * Copyright (C) 2019, Alex Bennée <alex.bennee@linaro.org>
+ *
+ * Hot Pages - show which pages saw the most memory accesses.
+ *
+ * License: GNU GPL, version 2 or later.
+ * See the COPYING file in the top-level directory.
+ */
+
+#include <inttypes.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <inttypes.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <glib.h>
+
+#include <qemu-plugin.h>
+
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+
+static uint64_t page_size = 4096;
+static uint64_t page_mask;
+static int stdout_fd;
+static int limit = 50;
+static enum qemu_plugin_mem_rw rw = QEMU_PLUGIN_MEM_RW;
+
+enum sort_type {
+ SORT_RW = 0,
+ SORT_R,
+ SORT_W
+};
+
+static int sort_by = SORT_RW;
+
+typedef struct {
+ uint64_t page_address;
+ int cpu_read;
+ int cpu_write;
+ uint64_t reads;
+ uint64_t writes;
+} PageCounters;
+
+static GMutex lock;
+static GHashTable *pages;
+
+static gint cmp_access_count(gconstpointer a, gconstpointer b)
+{
+ PageCounters *ea = (PageCounters *) a;
+ PageCounters *eb = (PageCounters *) b;
+ int r;
+ switch (sort_by) {
+ case SORT_RW:
+ r = (ea->reads + ea->writes) > (eb->reads + eb->writes) ? -1 : 1;
+ break;
+ case SORT_R:
+ r = ea->reads > eb->reads ? -1 : 1;
+ break;
+ case SORT_W:
+ r = ea->writes > eb->writes ? -1 : 1;
+ break;
+ default:
+ g_assert_not_reached();
+ }
+ return r;
+}
+
+
+static void plugin_exit(qemu_plugin_id_t id, void *p)
+{
+ GString *report = g_string_new("Addr, RCPUs, Reads, WCPUs, Writes\n");
+ int i;
+ GList *counts;
+
+ counts = g_hash_table_get_values(pages);
+ if (counts && g_list_next(counts)) {
+ GList *it;
+
+ it = g_list_sort(counts, cmp_access_count);
+
+ for (i = 0; i < limit && it->next; i++, it = it->next) {
+ PageCounters *rec = (PageCounters *) it->data;
+ g_string_append_printf(report,
+ "%#016"PRIx64", 0x%04x, %"PRId64
+ ", 0x%04x, %"PRId64"\n",
+ rec->page_address,
+ rec->cpu_read, rec->reads,
+ rec->cpu_write, rec->writes);
+ }
+ g_list_free(it);
+ }
+
+ dprintf(stdout_fd, "%s", report->str);
+ g_string_free(report, true);
+}
+
+static void plugin_init(void)
+{
+ page_mask = (page_size - 1);
+ pages = g_hash_table_new(NULL, g_direct_equal);
+}
+
+static void vcpu_haddr(unsigned int cpu_index, qemu_plugin_meminfo_t meminfo,
+ uint64_t vaddr, void *udata)
+{
+ struct qemu_plugin_hwaddr *hwaddr = qemu_plugin_get_hwaddr(meminfo, vaddr);
+ uint64_t page;
+ PageCounters *count;
+
+ /* We only get a hwaddr for system emulation */
+ if (hwaddr) {
+ page = (uint64_t) qemu_plugin_hwaddr_to_raddr(hwaddr);
+ } else {
+ page = vaddr;
+ }
+ page &= ~page_mask;
+
+ g_mutex_lock(&lock);
+ count = (PageCounters *) g_hash_table_lookup(pages, GUINT_TO_POINTER(page));
+
+ if (!count) {
+ count = g_new0(PageCounters, 1);
+ count->page_address = page;
+ g_hash_table_insert(pages, GUINT_TO_POINTER(page), (gpointer) count);
+ }
+ if (qemu_plugin_mem_is_store(meminfo)) {
+ count->writes++;
+ count->cpu_write |= (1 << cpu_index);
+ } else {
+ count->reads++;
+ count->cpu_read |= (1 << cpu_index);
+ }
+
+ g_mutex_unlock(&lock);
+}
+
+static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
+{
+ size_t n = qemu_plugin_tb_n_insns(tb);
+ size_t i;
+
+ for (i = 0; i < n; i++) {
+ struct qemu_plugin_insn *insn = qemu_plugin_tb_get_insn(tb, i);
+ qemu_plugin_register_vcpu_mem_cb(insn, vcpu_haddr,
+ QEMU_PLUGIN_CB_NO_REGS,
+ rw, NULL);
+ }
+}
+
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
+ char **argv)
+{
+ int i;
+
+ /* to be used when in the exit hook */
+ stdout_fd = dup(STDOUT_FILENO);
+ assert(stdout_fd);
+
+ for (i = 0; i < argc; i++) {
+ char *opt = argv[i];
+ if (g_strcmp0(opt, "reads") == 0) {
+ sort_by = SORT_R;
+ } else if (g_strcmp0(opt, "writes") == 0) {
+ sort_by = SORT_W;
+ } else if (g_str_has_prefix(opt, "pagesize=")) {
+ page_size = g_ascii_strtoull(opt + 9, NULL, 10);
+ } else {
+ dprintf(stdout_fd, "option parsing failed: %s\n", opt);
+ return -1;
+ }
+ }
+
+ plugin_init();
+
+ qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
+ qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
+ return 0;
+}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 48/55] tests/plugin: add hotpages plugin to breakdown memory access patterns
2019-10-14 10:49 ` [PATCH v5 48/55] tests/plugin: add hotpages plugin to breakdown memory access patterns Alex Bennée
@ 2019-10-14 16:51 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:51 UTC (permalink / raw)
To: Alex Bennée, qemu-devel; +Cc: aaron, cota, robert.foley, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> This plugin gives a break down of access patterns grouped into pages.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
>
> ---
> v4
> - tweaks for new hwaddr api
> - add sorting and pagesize selection args
> ---
> tests/plugin/Makefile | 1 +
> tests/plugin/hotpages.c | 179 ++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 180 insertions(+)
> create mode 100644 tests/plugin/hotpages.c
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 49/55] accel/stubs: reduce headers from tcg-stub
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (47 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 48/55] tests/plugin: add hotpages plugin to breakdown memory access patterns Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 50/55] include/exec: wrap cpu_ldst.h in CONFIG_TCG Alex Bennée
` (6 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
We don't need much for these. However I do wonder why these aren't
just null inlines in exec-all.h
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
accel/stubs/tcg-stub.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/accel/stubs/tcg-stub.c b/accel/stubs/tcg-stub.c
index e2d23edafe..677191a69c 100644
--- a/accel/stubs/tcg-stub.c
+++ b/accel/stubs/tcg-stub.c
@@ -11,7 +11,6 @@
*/
#include "qemu/osdep.h"
-#include "qemu-common.h"
#include "cpu.h"
#include "tcg/tcg.h"
#include "exec/exec-all.h"
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 50/55] include/exec: wrap cpu_ldst.h in CONFIG_TCG
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (48 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 49/55] accel/stubs: reduce headers from tcg-stub Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 10:49 ` [PATCH v5 51/55] plugins: expand the plugin_init function to include an info block Alex Bennée
` (5 subsequent siblings)
55 siblings, 0 replies; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Paolo Bonzini, Alex Bennée, Richard Henderson
This gets around a build problem with --disable-tcg.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
---
include/exec/exec-all.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/exec/exec-all.h b/include/exec/exec-all.h
index 47a071fee0..e74cf980e9 100644
--- a/include/exec/exec-all.h
+++ b/include/exec/exec-all.h
@@ -22,7 +22,9 @@
#include "cpu.h"
#include "exec/tb-context.h"
+#ifdef CONFIG_TCG
#include "exec/cpu_ldst.h"
+#endif
#include "sysemu/cpus.h"
/* allow to see translation results - the slowdown should be negligible, so we leave it */
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* [PATCH v5 51/55] plugins: expand the plugin_init function to include an info block
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (49 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 50/55] include/exec: wrap cpu_ldst.h in CONFIG_TCG Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:54 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 52/55] plugins: make howvec plugin more generic Alex Bennée
` (4 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
This provides a limited amount of info to plugins about the guest
system that will allow them to make some additional decisions on
setup.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
include/qemu/qemu-plugin.h | 26 ++++++++++++++++++++++++--
plugins/loader.c | 22 ++++++++++++++++++----
tests/plugin/bb.c | 5 +++--
tests/plugin/empty.c | 5 +++--
tests/plugin/hotblocks.c | 5 +++--
tests/plugin/hotpages.c | 5 +++--
tests/plugin/howvec.c | 5 +++--
tests/plugin/insn.c | 5 +++--
tests/plugin/mem.c | 5 +++--
9 files changed, 63 insertions(+), 20 deletions(-)
diff --git a/include/qemu/qemu-plugin.h b/include/qemu/qemu-plugin.h
index 8b403dd615..719d7054a1 100644
--- a/include/qemu/qemu-plugin.h
+++ b/include/qemu/qemu-plugin.h
@@ -38,9 +38,27 @@
typedef uint64_t qemu_plugin_id_t;
+typedef struct {
+ /* string describing architecture */
+ const char *target_name;
+ /* is this a full system emulation? */
+ bool system_emulation;
+ union {
+ /*
+ * smp_vcpus may change if vCPUs can be hot-plugged, max_vcpus
+ * is the system-wide limit.
+ */
+ struct {
+ int smp_vcpus;
+ int max_vcpus;
+ } system;
+ };
+} qemu_info_t;
+
/**
* qemu_plugin_install() - Install a plugin
* @id: this plugin's opaque ID
+ * @info: a block describing some details about the guest
* @argc: number of arguments
* @argv: array of arguments (@argc elements)
*
@@ -49,10 +67,14 @@ typedef uint64_t qemu_plugin_id_t;
* Note: Calling qemu_plugin_uninstall() from this function is a bug. To raise
* an error during install, return !0.
*
+ * Note: @info is only live during the call. Copy any information we
+ * want to keep.
+ *
* Note: @argv remains valid throughout the lifetime of the loaded plugin.
*/
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv);
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
+ const qemu_info_t *info,
+ int argc, char **argv);
/*
* Prototypes for the various callback styles we will be registering
diff --git a/plugins/loader.c b/plugins/loader.c
index 5de5cff8e3..a136a71d35 100644
--- a/plugins/loader.c
+++ b/plugins/loader.c
@@ -29,6 +29,9 @@
#include "hw/core/cpu.h"
#include "cpu.h"
#include "exec/exec-all.h"
+#ifndef CONFIG_USER_ONLY
+#include "hw/boards.h"
+#endif
#include "plugin.h"
@@ -60,7 +63,7 @@ QemuOptsList qemu_plugin_opts = {
},
};
-typedef int (*qemu_plugin_install_func_t)(qemu_plugin_id_t, int, char **);
+typedef int (*qemu_plugin_install_func_t)(qemu_plugin_id_t, const qemu_info_t *, int, char **);
extern struct qemu_plugin_state plugin;
@@ -147,7 +150,7 @@ static uint64_t xorshift64star(uint64_t x)
return x * UINT64_C(2685821657736338717);
}
-static int plugin_load(struct qemu_plugin_desc *desc)
+static int plugin_load(struct qemu_plugin_desc *desc, const qemu_info_t *info)
{
qemu_plugin_install_func_t install;
struct qemu_plugin_ctx *ctx;
@@ -198,7 +201,7 @@ static int plugin_load(struct qemu_plugin_desc *desc)
}
QTAILQ_INSERT_TAIL(&plugin.ctxs, ctx, entry);
ctx->installing = true;
- rc = install(ctx->id, desc->argc, desc->argv);
+ rc = install(ctx->id, info, desc->argc, desc->argv);
ctx->installing = false;
if (rc) {
error_report("%s: qemu_plugin_install returned error code %d",
@@ -249,11 +252,22 @@ static void plugin_desc_free(struct qemu_plugin_desc *desc)
int qemu_plugin_load_list(QemuPluginList *head)
{
struct qemu_plugin_desc *desc, *next;
+ g_autofree qemu_info_t *info = g_new0(qemu_info_t, 1);
+
+ info->target_name = TARGET_NAME;
+#ifndef CONFIG_USER_ONLY
+ MachineState * ms = MACHINE(qdev_get_machine());
+ info->system_emulation = true;
+ info->system.smp_vcpus = ms->smp.cpus;
+ info->system.max_vcpus = ms->smp.max_cpus;
+#else
+ info->system_emulation = false;
+#endif
QTAILQ_FOREACH_SAFE(desc, head, entry, next) {
int err;
- err = plugin_load(desc);
+ err = plugin_load(desc, info);
if (err) {
return err;
}
diff --git a/tests/plugin/bb.c b/tests/plugin/bb.c
index 93d25de363..4a6d6ca0bc 100644
--- a/tests/plugin/bb.c
+++ b/tests/plugin/bb.c
@@ -48,8 +48,9 @@ static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
}
}
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
+ const qemu_info_t *info,
+ int argc, char **argv)
{
if (argc && strcmp(argv[0], "inline") == 0) {
do_inline = true;
diff --git a/tests/plugin/empty.c b/tests/plugin/empty.c
index b141ddd0df..3f60f69027 100644
--- a/tests/plugin/empty.c
+++ b/tests/plugin/empty.c
@@ -21,8 +21,9 @@
static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
{ }
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
+ const qemu_info_t *info,
+ int argc, char **argv)
{
qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
return 0;
diff --git a/tests/plugin/hotblocks.c b/tests/plugin/hotblocks.c
index a150179a5c..57bea765b3 100644
--- a/tests/plugin/hotblocks.c
+++ b/tests/plugin/hotblocks.c
@@ -129,8 +129,9 @@ static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
}
}
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT
+int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
+ int argc, char **argv)
{
if (argc && strcmp(argv[0], "inline") == 0) {
do_inline = true;
diff --git a/tests/plugin/hotpages.c b/tests/plugin/hotpages.c
index 13ce8ffeb8..99bb4be07c 100644
--- a/tests/plugin/hotpages.c
+++ b/tests/plugin/hotpages.c
@@ -148,8 +148,9 @@ static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
}
}
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT
+int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
+ int argc, char **argv)
{
int i;
diff --git a/tests/plugin/howvec.c b/tests/plugin/howvec.c
index b435c6b64d..3b1d177ef3 100644
--- a/tests/plugin/howvec.c
+++ b/tests/plugin/howvec.c
@@ -264,8 +264,9 @@ static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
}
}
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
+ const qemu_info_t *info,
+ int argc, char **argv)
{
int i;
diff --git a/tests/plugin/insn.c b/tests/plugin/insn.c
index 3000ab4b73..9cfa7d0e53 100644
--- a/tests/plugin/insn.c
+++ b/tests/plugin/insn.c
@@ -45,8 +45,9 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
dprintf(stdout_fd, "insns: %" PRIu64 "\n", insn_count);
}
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
+ const qemu_info_t *info,
+ int argc, char **argv)
{
if (argc && !strcmp(argv[0], "inline")) {
do_inline = true;
diff --git a/tests/plugin/mem.c b/tests/plugin/mem.c
index e5490f4a99..fdf4347c5e 100644
--- a/tests/plugin/mem.c
+++ b/tests/plugin/mem.c
@@ -64,8 +64,9 @@ static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
}
}
-QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id, int argc,
- char **argv)
+QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
+ const qemu_info_t *info,
+ int argc, char **argv)
{
if (argc) {
if (argc >= 3) {
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 51/55] plugins: expand the plugin_init function to include an info block
2019-10-14 10:49 ` [PATCH v5 51/55] plugins: expand the plugin_init function to include an info block Alex Bennée
@ 2019-10-14 16:54 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:54 UTC (permalink / raw)
To: Alex Bennée, qemu-devel; +Cc: aaron, cota, robert.foley, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> This provides a limited amount of info to plugins about the guest
> system that will allow them to make some additional decisions on
> setup.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> ---
> include/qemu/qemu-plugin.h | 26 ++++++++++++++++++++++++--
> plugins/loader.c | 22 ++++++++++++++++++----
> tests/plugin/bb.c | 5 +++--
> tests/plugin/empty.c | 5 +++--
> tests/plugin/hotblocks.c | 5 +++--
> tests/plugin/hotpages.c | 5 +++--
> tests/plugin/howvec.c | 5 +++--
> tests/plugin/insn.c | 5 +++--
> tests/plugin/mem.c | 5 +++--
> 9 files changed, 63 insertions(+), 20 deletions(-)
This probably ought to have been sorted before the patches that add the test
plugins, but whatever.
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 52/55] plugins: make howvec plugin more generic
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (50 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 51/55] plugins: expand the plugin_init function to include an info block Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 16:59 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 53/55] plugins: add sparc64 instruction classification table Alex Bennée
` (3 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
Now the plugins interface indicates what guest architecture we are
running we can attempt to select the instruction classification based
on it. For now we still only classify aarch64 instructions and fall
back to decoding individual instructions. We also wave our hands about
irregular instruction encoding.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tests/plugin/howvec.c | 76 +++++++++++++++++++++++++++++++------------
1 file changed, 56 insertions(+), 20 deletions(-)
diff --git a/tests/plugin/howvec.c b/tests/plugin/howvec.c
index 3b1d177ef3..5f7c740833 100644
--- a/tests/plugin/howvec.c
+++ b/tests/plugin/howvec.c
@@ -4,8 +4,7 @@
* How vectorised is this code?
*
* Attempt to measure the amount of vectorisation that has been done
- * on some code by counting classes of instruction. This is very much
- * ARM specific.
+ * on some code by counting classes of instruction.
*
* License: GNU GPL, version 2 or later.
* See the COPYING file in the top-level directory.
@@ -61,7 +60,7 @@ typedef struct {
*
* 31..28 27..24 23..20 19..16 15..12 11..8 7..4 3..0
*/
-InsnClassExecCount insn_classes[] = {
+InsnClassExecCount aarch64_insn_classes[] = {
/* "Reserved"" */
{ " UDEF", "udef", 0xffff0000, 0x00000000, COUNT_NONE},
{ " SVE", "sve", 0x1e000000, 0x04000000, COUNT_CLASS},
@@ -110,9 +109,29 @@ InsnClassExecCount insn_classes[] = {
/* Scalar FP */
{ "Scalar FP ", "fpsimd", 0x0e000000, 0x0e000000, COUNT_CLASS},
/* Unclassified */
- { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_CLASS}
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_CLASS},
};
+/* Default matcher for currently unclassified architectures */
+InsnClassExecCount default_insn_classes[] = {
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
+};
+
+typedef struct {
+ const char *qemu_target;
+ InsnClassExecCount *table;
+ int table_sz;
+} ClassSelector;
+
+ClassSelector class_tables[] =
+{
+ { "aarch64", aarch64_insn_classes, ARRAY_SIZE(aarch64_insn_classes) },
+ { NULL, default_insn_classes, ARRAY_SIZE(default_insn_classes) },
+};
+
+static InsnClassExecCount *class_table;
+static int class_table_sz;
+
static gint cmp_exec_count(gconstpointer a, gconstpointer b)
{
InsnExecCount *ea = (InsnExecCount *) a;
@@ -125,23 +144,25 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
GString *report = g_string_new("Instruction Classes:\n");
int i;
GList *counts;
+ InsnClassExecCount *class = NULL;
- for (i = 0; i < ARRAY_SIZE(insn_classes); i++) {
- switch (insn_classes[i].what) {
+ for (i = 0; i < class_table_sz; i++) {
+ class = &class_table[i];
+ switch (class->what) {
case COUNT_CLASS:
- if (insn_classes[i].count || verbose) {
+ if (class->count || verbose) {
g_string_append_printf(report, "Class: %-24s\t(%ld hits)\n",
- insn_classes[i].class,
- insn_classes[i].count);
+ class->class,
+ class->count);
}
break;
case COUNT_INDIVIDUAL:
g_string_append_printf(report, "Class: %-24s\tcounted individually\n",
- insn_classes[i].class);
+ class->class);
break;
case COUNT_NONE:
g_string_append_printf(report, "Class: %-24s\tnot counted\n",
- insn_classes[i].class);
+ class->class);
break;
default:
break;
@@ -190,14 +211,18 @@ static uint64_t * find_counter(struct qemu_plugin_insn *insn)
uint32_t opcode;
InsnClassExecCount *class = NULL;
- /* we expect all instructions to by 32 bits for ARM */
- g_assert(qemu_plugin_insn_size(insn) == 4);
+ /*
+ * We only match the first 32 bits of the instruction which is
+ * fine for most RISCs but a bit limiting for CISC architectures.
+ * They would probably benefit from a more tailored plugin.
+ * However we can fall back to individual instruction counting.
+ */
opcode = *((uint32_t *)qemu_plugin_insn_data(insn));
- for (i = 0; !cnt && i < ARRAY_SIZE(insn_classes); i++) {
- uint32_t masked_bits = opcode & insn_classes[i].mask;
- if (masked_bits == insn_classes[i].pattern) {
- class = &insn_classes[i];
+ for (i = 0; !cnt && i < class_table_sz; i++) {
+ class = &class_table[i];
+ uint32_t masked_bits = opcode & class->mask;
+ if (masked_bits == class->pattern) {
break;
}
}
@@ -270,6 +295,17 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
{
int i;
+ /* Select a class table appropriate to the guest architecture */
+ for (i = 0; i < ARRAY_SIZE(class_tables); i++) {
+ ClassSelector *entry = &class_tables[i];
+ if (!entry->qemu_target ||
+ strcmp(entry->qemu_target, info->target_name) == 0) {
+ class_table = entry->table;
+ class_table_sz = entry->table_sz;
+ break;
+ }
+ }
+
for (i = 0; i < argc; i++) {
char *p = argv[i];
if (strcmp(p, "inline") == 0) {
@@ -283,9 +319,9 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
type = COUNT_NONE;
p++;
}
- for (j = 0; j < ARRAY_SIZE(insn_classes); j++) {
- if (strcmp(p, insn_classes[j].opt) == 0) {
- insn_classes[j].what = type;
+ for (j = 0; j < class_table_sz; j++) {
+ if (strcmp(p, class_table[j].opt) == 0) {
+ class_table[j].what = type;
break;
}
}
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 52/55] plugins: make howvec plugin more generic
2019-10-14 10:49 ` [PATCH v5 52/55] plugins: make howvec plugin more generic Alex Bennée
@ 2019-10-14 16:59 ` Richard Henderson
2019-10-14 17:14 ` Alex Bennée
0 siblings, 1 reply; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 16:59 UTC (permalink / raw)
To: Alex Bennée, qemu-devel; +Cc: aaron, cota, robert.foley, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> @@ -190,14 +211,18 @@ static uint64_t * find_counter(struct qemu_plugin_insn *insn)
> uint32_t opcode;
> InsnClassExecCount *class = NULL;
>
> - /* we expect all instructions to by 32 bits for ARM */
> - g_assert(qemu_plugin_insn_size(insn) == 4);
> + /*
> + * We only match the first 32 bits of the instruction which is
> + * fine for most RISCs but a bit limiting for CISC architectures.
> + * They would probably benefit from a more tailored plugin.
> + * However we can fall back to individual instruction counting.
> + */
> opcode = *((uint32_t *)qemu_plugin_insn_data(insn));
This totally ignores the endianness of the host.
I'm not keen on reading more than the number of
bytes in the insn either...
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH v5 52/55] plugins: make howvec plugin more generic
2019-10-14 16:59 ` Richard Henderson
@ 2019-10-14 17:14 ` Alex Bennée
2019-10-14 17:39 ` Richard Henderson
0 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 17:14 UTC (permalink / raw)
To: Richard Henderson; +Cc: aaron, cota, qemu-devel, peter.puhov, robert.foley
Richard Henderson <richard.henderson@linaro.org> writes:
> On 10/14/19 3:49 AM, Alex Bennée wrote:
>> @@ -190,14 +211,18 @@ static uint64_t * find_counter(struct qemu_plugin_insn *insn)
>> uint32_t opcode;
>> InsnClassExecCount *class = NULL;
>>
>> - /* we expect all instructions to by 32 bits for ARM */
>> - g_assert(qemu_plugin_insn_size(insn) == 4);
>> + /*
>> + * We only match the first 32 bits of the instruction which is
>> + * fine for most RISCs but a bit limiting for CISC architectures.
>> + * They would probably benefit from a more tailored plugin.
>> + * However we can fall back to individual instruction counting.
>> + */
>> opcode = *((uint32_t *)qemu_plugin_insn_data(insn));
>
> This totally ignores the endianness of the host.
> I'm not keen on reading more than the number of
> bytes in the insn either...
I guess we can strncpy the data and ensure it is NULL terminated and use
the "string" hash function instead. It depends if there are many opcode
strings with NULL's in them.
>
>
> r~
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH v5 52/55] plugins: make howvec plugin more generic
2019-10-14 17:14 ` Alex Bennée
@ 2019-10-14 17:39 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 17:39 UTC (permalink / raw)
To: Alex Bennée; +Cc: aaron, cota, qemu-devel, peter.puhov, robert.foley
On 10/14/19 10:14 AM, Alex Bennée wrote:
>>> - /* we expect all instructions to by 32 bits for ARM */
>>> - g_assert(qemu_plugin_insn_size(insn) == 4);
>>> + /*
>>> + * We only match the first 32 bits of the instruction which is
>>> + * fine for most RISCs but a bit limiting for CISC architectures.
>>> + * They would probably benefit from a more tailored plugin.
>>> + * However we can fall back to individual instruction counting.
>>> + */
>>> opcode = *((uint32_t *)qemu_plugin_insn_data(insn));
>>
>> This totally ignores the endianness of the host.
>> I'm not keen on reading more than the number of
>> bytes in the insn either...
>
> I guess we can strncpy the data and ensure it is NULL terminated and use
> the "string" hash function instead. It depends if there are many opcode
> strings with NULL's in them.
Um, plenty. E.g. "adrp x0, ."
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 53/55] plugins: add sparc64 instruction classification table
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (51 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 52/55] plugins: make howvec plugin more generic Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 17:01 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 54/55] plugins: add qemu_plugin_outs and use it Alex Bennée
` (2 subsequent siblings)
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel; +Cc: aaron, cota, Alex Bennée, robert.foley, peter.puhov
As an example of another set of instructions.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
tests/plugin/howvec.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/tests/plugin/howvec.c b/tests/plugin/howvec.c
index 5f7c740833..9ec0d25e3b 100644
--- a/tests/plugin/howvec.c
+++ b/tests/plugin/howvec.c
@@ -112,6 +112,27 @@ InsnClassExecCount aarch64_insn_classes[] = {
{ "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_CLASS},
};
+InsnClassExecCount sparc32_insn_classes[] = {
+ { "Call", "call", 0xc0000000, 0x40000000, COUNT_CLASS},
+ { "Branch ICond", "bcc", 0xc1c00000, 0x00800000, COUNT_CLASS},
+ { "Branch Fcond", "fbcc", 0xc1c00000, 0x01800000, COUNT_CLASS},
+ { "SetHi", "sethi", 0xc1c00000, 0x01000000, COUNT_CLASS},
+ { "FPU ALU", "fpu", 0xc1f00000, 0x81a00000, COUNT_CLASS},
+ { "ALU", "alu", 0xc0000000, 0x80000000, COUNT_CLASS},
+ { "Load/Store", "ldst", 0xc0000000, 0xc0000000, COUNT_CLASS},
+ /* Unclassified */
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
+};
+
+InsnClassExecCount sparc64_insn_classes[] = {
+ { "SetHi & Branches", "op0", 0xc0000000, 0x00000000, COUNT_CLASS},
+ { "Call", "op1", 0xc0000000, 0x40000000, COUNT_CLASS},
+ { "Arith/Logical/Move", "op2", 0xc0000000, 0x80000000, COUNT_CLASS},
+ { "Arith/Logical/Move", "op3", 0xc0000000, 0xc0000000, COUNT_CLASS},
+ /* Unclassified */
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
+};
+
/* Default matcher for currently unclassified architectures */
InsnClassExecCount default_insn_classes[] = {
{ "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
@@ -126,6 +147,7 @@ typedef struct {
ClassSelector class_tables[] =
{
{ "aarch64", aarch64_insn_classes, ARRAY_SIZE(aarch64_insn_classes) },
+ { "sparc64", sparc64_insn_classes, ARRAY_SIZE(sparc64_insn_classes) },
{ NULL, default_insn_classes, ARRAY_SIZE(default_insn_classes) },
};
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 53/55] plugins: add sparc64 instruction classification table
2019-10-14 10:49 ` [PATCH v5 53/55] plugins: add sparc64 instruction classification table Alex Bennée
@ 2019-10-14 17:01 ` Richard Henderson
2019-10-15 19:09 ` Alex Bennée
0 siblings, 1 reply; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 17:01 UTC (permalink / raw)
To: Alex Bennée, qemu-devel; +Cc: aaron, cota, robert.foley, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> +InsnClassExecCount sparc32_insn_classes[] = {
> + { "Call", "call", 0xc0000000, 0x40000000, COUNT_CLASS},
> + { "Branch ICond", "bcc", 0xc1c00000, 0x00800000, COUNT_CLASS},
> + { "Branch Fcond", "fbcc", 0xc1c00000, 0x01800000, COUNT_CLASS},
> + { "SetHi", "sethi", 0xc1c00000, 0x01000000, COUNT_CLASS},
> + { "FPU ALU", "fpu", 0xc1f00000, 0x81a00000, COUNT_CLASS},
> + { "ALU", "alu", 0xc0000000, 0x80000000, COUNT_CLASS},
> + { "Load/Store", "ldst", 0xc0000000, 0xc0000000, COUNT_CLASS},
> + /* Unclassified */
> + { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
> +};
> +
Unused. You'd see this if they were static.
r~
^ permalink raw reply [flat|nested] 94+ messages in thread* Re: [PATCH v5 53/55] plugins: add sparc64 instruction classification table
2019-10-14 17:01 ` Richard Henderson
@ 2019-10-15 19:09 ` Alex Bennée
2019-10-15 19:37 ` Richard Henderson
0 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-15 19:09 UTC (permalink / raw)
To: Richard Henderson; +Cc: aaron, cota, qemu-devel, peter.puhov, robert.foley
Richard Henderson <richard.henderson@linaro.org> writes:
> On 10/14/19 3:49 AM, Alex Bennée wrote:
>> +InsnClassExecCount sparc32_insn_classes[] = {
>> + { "Call", "call", 0xc0000000, 0x40000000, COUNT_CLASS},
>> + { "Branch ICond", "bcc", 0xc1c00000, 0x00800000, COUNT_CLASS},
>> + { "Branch Fcond", "fbcc", 0xc1c00000, 0x01800000, COUNT_CLASS},
>> + { "SetHi", "sethi", 0xc1c00000, 0x01000000, COUNT_CLASS},
>> + { "FPU ALU", "fpu", 0xc1f00000, 0x81a00000, COUNT_CLASS},
>> + { "ALU", "alu", 0xc0000000, 0x80000000, COUNT_CLASS},
>> + { "Load/Store", "ldst", 0xc0000000, 0xc0000000, COUNT_CLASS},
>> + /* Unclassified */
>> + { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
>> +};
>> +
>
> Unused. You'd see this if they were static.
How similar are the sparc and sparc64 decodes? Is there a canonical
table you can point to?
>
>
> r~
--
Alex Bennée
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 54/55] plugins: add qemu_plugin_outs and use it
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (52 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 53/55] plugins: add sparc64 instruction classification table Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 17:03 ` Richard Henderson
2019-10-14 10:49 ` [PATCH v5 55/55] .travis.yml: add --enable-plugins tests Alex Bennée
2019-10-15 4:36 ` [PATCH for 4.2 v5 00/55] Support for TCG plugins no-reply
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Alex Bennée, robert.foley, peter.puhov, aaron, cota,
Philippe Mathieu-Daudé
Having the plugins grab stdout and spew stuff there is a bit ugly and
certainly makes the tests look ugly. Provide a hook back into QEMU
which can be redirected as needed.
For the newer plugins that use GString already this falls out pretty
naturally. For the older printf style plugins we convert to
g_strdup_printf and pass that. While we are at it we can use
g_autoptr/g_autofree to let the compiler worry about freeing things.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
include/qemu/log.h | 1 +
include/qemu/qemu-plugin.h | 6 ++++++
plugins/api.c | 8 ++++++++
plugins/qemu-plugins.symbols | 1 +
tests/plugin/bb.c | 12 +++++-------
tests/plugin/hotblocks.c | 10 ++--------
tests/plugin/hotpages.c | 12 +++---------
tests/plugin/howvec.c | 15 ++-------------
tests/plugin/insn.c | 10 ++++------
tests/plugin/mem.c | 12 ++++++------
tests/tcg/Makefile.target | 2 ++
util/log.c | 3 +++
12 files changed, 43 insertions(+), 49 deletions(-)
diff --git a/include/qemu/log.h b/include/qemu/log.h
index b097a6cae1..a91105b2ad 100644
--- a/include/qemu/log.h
+++ b/include/qemu/log.h
@@ -45,6 +45,7 @@ static inline bool qemu_log_separate(void)
/* LOG_TRACE (1 << 15) is defined in log-for-trace.h */
#define CPU_LOG_TB_OP_IND (1 << 16)
#define CPU_LOG_TB_FPU (1 << 17)
+#define CPU_LOG_PLUGIN (1 << 18)
/* Lock output for a series of related logs. Since this is not needed
* for a single qemu_log / qemu_log_mask / qemu_log_mask_and_addr, we
diff --git a/include/qemu/qemu-plugin.h b/include/qemu/qemu-plugin.h
index 719d7054a1..060e253b74 100644
--- a/include/qemu/qemu-plugin.h
+++ b/include/qemu/qemu-plugin.h
@@ -379,4 +379,10 @@ int qemu_plugin_n_vcpus(void);
/* returns -1 in user-mode */
int qemu_plugin_n_max_vcpus(void);
+/**
+ * qemu_plugin_outs() - output string via QEMU's logging system
+ * @string: a string
+ */
+void qemu_plugin_outs(const char *string);
+
#endif /* QEMU_PLUGIN_API_H */
diff --git a/plugins/api.c b/plugins/api.c
index a9fa229369..701c232668 100644
--- a/plugins/api.c
+++ b/plugins/api.c
@@ -324,3 +324,11 @@ int qemu_plugin_n_max_vcpus(void)
return get_ms()->smp.max_cpus;
#endif
}
+
+/*
+ * Plugin output
+ */
+void qemu_plugin_outs(const char *string)
+{
+ qemu_log_mask(CPU_LOG_PLUGIN, "%s", string);
+}
diff --git a/plugins/qemu-plugins.symbols b/plugins/qemu-plugins.symbols
index 267ec381b4..4bdb381f48 100644
--- a/plugins/qemu-plugins.symbols
+++ b/plugins/qemu-plugins.symbols
@@ -36,4 +36,5 @@
qemu_plugin_vcpu_for_each;
qemu_plugin_n_vcpus;
qemu_plugin_n_max_vcpus;
+ qemu_plugin_outs;
};
diff --git a/tests/plugin/bb.c b/tests/plugin/bb.c
index 4a6d6ca0bc..45e1de5bd6 100644
--- a/tests/plugin/bb.c
+++ b/tests/plugin/bb.c
@@ -10,18 +10,20 @@
#include <string.h>
#include <unistd.h>
#include <stdio.h>
+#include <glib.h>
#include <qemu-plugin.h>
static uint64_t bb_count;
static uint64_t insn_count;
-static int stdout_fd;
static bool do_inline;
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
- dprintf(stdout_fd, "bb's: %" PRIu64", insns: %" PRIu64 "\n",
- bb_count, insn_count);
+ g_autofree gchar *out;
+ out = g_strdup_printf("bb's: %" PRIu64", insns: %" PRIu64 "\n",
+ bb_count, insn_count);
+ qemu_plugin_outs(out);
}
static void vcpu_tb_exec(unsigned int cpu_index, void *udata)
@@ -56,10 +58,6 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
do_inline = true;
}
- /* to be used when in the exit hook */
- stdout_fd = dup(STDOUT_FILENO);
- assert(stdout_fd);
-
qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
return 0;
diff --git a/tests/plugin/hotblocks.c b/tests/plugin/hotblocks.c
index 57bea765b3..1bd183849a 100644
--- a/tests/plugin/hotblocks.c
+++ b/tests/plugin/hotblocks.c
@@ -16,7 +16,6 @@
#include <qemu-plugin.h>
static bool do_inline;
-static int stdout_fd;
/* Plugins need to take care of their own locking */
static GMutex lock;
@@ -47,7 +46,7 @@ static gint cmp_exec_count(gconstpointer a, gconstpointer b)
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
- GString *report = g_string_new("collected ");
+ g_autoptr(GString) report = g_string_new("collected ");
GList *counts, *it;
int i;
@@ -71,8 +70,7 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
g_mutex_unlock(&lock);
}
- dprintf(stdout_fd, "%s", report->str);
- g_string_free(report, true);
+ qemu_plugin_outs(report->str);
}
static void plugin_init(void)
@@ -137,10 +135,6 @@ int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
do_inline = true;
}
- /* to be used when in the exit hook */
- stdout_fd = dup(STDOUT_FILENO);
- assert(stdout_fd);
-
plugin_init();
qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
diff --git a/tests/plugin/hotpages.c b/tests/plugin/hotpages.c
index 99bb4be07c..70917ea174 100644
--- a/tests/plugin/hotpages.c
+++ b/tests/plugin/hotpages.c
@@ -22,7 +22,6 @@
static uint64_t page_size = 4096;
static uint64_t page_mask;
-static int stdout_fd;
static int limit = 50;
static enum qemu_plugin_mem_rw rw = QEMU_PLUGIN_MEM_RW;
@@ -69,7 +68,7 @@ static gint cmp_access_count(gconstpointer a, gconstpointer b)
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
- GString *report = g_string_new("Addr, RCPUs, Reads, WCPUs, Writes\n");
+ g_autoptr(GString) report = g_string_new("Addr, RCPUs, Reads, WCPUs, Writes\n");
int i;
GList *counts;
@@ -91,8 +90,7 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
g_list_free(it);
}
- dprintf(stdout_fd, "%s", report->str);
- g_string_free(report, true);
+ qemu_plugin_outs(report->str);
}
static void plugin_init(void)
@@ -154,10 +152,6 @@ int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
{
int i;
- /* to be used when in the exit hook */
- stdout_fd = dup(STDOUT_FILENO);
- assert(stdout_fd);
-
for (i = 0; i < argc; i++) {
char *opt = argv[i];
if (g_strcmp0(opt, "reads") == 0) {
@@ -167,7 +161,7 @@ int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
} else if (g_str_has_prefix(opt, "pagesize=")) {
page_size = g_ascii_strtoull(opt + 9, NULL, 10);
} else {
- dprintf(stdout_fd, "option parsing failed: %s\n", opt);
+ fprintf(stderr, "option parsing failed: %s\n", opt);
return -1;
}
}
diff --git a/tests/plugin/howvec.c b/tests/plugin/howvec.c
index 9ec0d25e3b..96db546b4d 100644
--- a/tests/plugin/howvec.c
+++ b/tests/plugin/howvec.c
@@ -29,7 +29,6 @@ typedef enum {
} CountType;
static int limit = 50;
-static int stdout_fd;
static bool do_inline;
static bool verbose;
@@ -163,7 +162,7 @@ static gint cmp_exec_count(gconstpointer a, gconstpointer b)
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
- GString *report = g_string_new("Instruction Classes:\n");
+ g_autoptr(GString) report = g_string_new("Instruction Classes:\n");
int i;
GList *counts;
InsnClassExecCount *class = NULL;
@@ -211,8 +210,7 @@ static void plugin_exit(qemu_plugin_id_t id, void *p)
g_list_free(it);
}
- dprintf(stdout_fd, "%s", report->str);
- g_string_free(report, true);
+ qemu_plugin_outs(report->str);
}
static void plugin_init(void)
@@ -270,11 +268,6 @@ static uint64_t * find_counter(struct qemu_plugin_insn *insn)
icount->insn = qemu_plugin_insn_disas(insn);
icount->class = class;
- if (verbose) {
- dprintf(stdout_fd, "adding for %s (%#08x @ %#20lx from %s)\n",
- icount->insn, opcode, qemu_plugin_insn_vaddr(insn),
- class->class);
- }
g_hash_table_insert(insns, GUINT_TO_POINTER(opcode),
(gpointer) icount);
}
@@ -350,10 +343,6 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
}
}
- /* to be used when in the exit hook */
- stdout_fd = dup(STDOUT_FILENO);
- assert(stdout_fd);
-
plugin_init();
qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
diff --git a/tests/plugin/insn.c b/tests/plugin/insn.c
index 9cfa7d0e53..e5fd07fb64 100644
--- a/tests/plugin/insn.c
+++ b/tests/plugin/insn.c
@@ -10,10 +10,10 @@
#include <string.h>
#include <unistd.h>
#include <stdio.h>
+#include <glib.h>
#include <qemu-plugin.h>
-static int stdout_fd;
static uint64_t insn_count;
static bool do_inline;
@@ -42,7 +42,9 @@ static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
- dprintf(stdout_fd, "insns: %" PRIu64 "\n", insn_count);
+ g_autofree gchar *out;
+ out = g_strdup_printf("insns: %" PRIu64 "\n", insn_count);
+ qemu_plugin_outs(out);
}
QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
@@ -53,10 +55,6 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
do_inline = true;
}
- /* to be used when in the exit hook */
- stdout_fd = dup(STDOUT_FILENO);
- assert(stdout_fd);
-
qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
return 0;
diff --git a/tests/plugin/mem.c b/tests/plugin/mem.c
index fdf4347c5e..d967388989 100644
--- a/tests/plugin/mem.c
+++ b/tests/plugin/mem.c
@@ -10,22 +10,25 @@
#include <string.h>
#include <unistd.h>
#include <stdio.h>
+#include <glib.h>
#include <qemu-plugin.h>
static uint64_t mem_count;
static uint64_t io_count;
-static int stdout_fd;
static bool do_inline;
static bool do_haddr;
static enum qemu_plugin_mem_rw rw = QEMU_PLUGIN_MEM_RW;
static void plugin_exit(qemu_plugin_id_t id, void *p)
{
- dprintf(stdout_fd, "mem accesses: %" PRIu64 "\n", mem_count);
+ g_autoptr(GString) out = g_string_new("");
+
+ g_string_printf(out, "mem accesses: %" PRIu64 "\n", mem_count);
if (do_haddr) {
- dprintf(stdout_fd, "io accesses: %" PRIu64 "\n", mem_count);
+ g_string_append_printf(out, "io accesses: %" PRIu64 "\n", mem_count);
}
+ qemu_plugin_outs(out->str);
}
static void vcpu_mem(unsigned int cpu_index, qemu_plugin_meminfo_t meminfo,
@@ -87,9 +90,6 @@ QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
do_inline = true;
}
}
- /* plugin_exit might write to stdout after stdout has been closed */
- stdout_fd = dup(STDOUT_FILENO);
- assert(stdout_fd);
qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
diff --git a/tests/tcg/Makefile.target b/tests/tcg/Makefile.target
index d25fc64300..3c7421a356 100644
--- a/tests/tcg/Makefile.target
+++ b/tests/tcg/Makefile.target
@@ -153,6 +153,7 @@ run-%: %
run-plugin-%:
$(call run-test, $@, $(QEMU) $(QEMU_OPTS) \
-plugin $(PLUGIN_DIR)/$(call extract-plugin,$@) \
+ -d plugin -D $*.pout \
$(call strip-plugin,$<), \
"$* on $(TARGET_NAME)")
else
@@ -168,6 +169,7 @@ run-plugin-%:
$(QEMU) -monitor none -display none \
-chardev file$(COMMA)path=$@.out$(COMMA)id=output \
-plugin $(PLUGIN_DIR)/$(call extract-plugin,$@) \
+ -d plugin -D $*.pout \
$(QEMU_OPTS) $(call strip-plugin,$<), \
"$* on $(TARGET_NAME)")
endif
diff --git a/util/log.c b/util/log.c
index 1d1b33f7d9..1ca13059ee 100644
--- a/util/log.c
+++ b/util/log.c
@@ -273,6 +273,9 @@ const QEMULogItem qemu_log_items[] = {
{ CPU_LOG_TB_NOCHAIN, "nochain",
"do not chain compiled TBs so that \"exec\" and \"cpu\" show\n"
"complete traces" },
+#ifdef CONFIG_PLUGIN
+ { CPU_LOG_PLUGIN, "plugin", "output from TCG plugins\n"},
+#endif
{ 0, NULL, NULL },
};
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 54/55] plugins: add qemu_plugin_outs and use it
2019-10-14 10:49 ` [PATCH v5 54/55] plugins: add qemu_plugin_outs and use it Alex Bennée
@ 2019-10-14 17:03 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 17:03 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: robert.foley, cota, Philippe Mathieu-Daudé, aaron, peter.puhov
On 10/14/19 3:49 AM, Alex Bennée wrote:
> Having the plugins grab stdout and spew stuff there is a bit ugly and
> certainly makes the tests look ugly. Provide a hook back into QEMU
> which can be redirected as needed.
>
> For the newer plugins that use GString already this falls out pretty
> naturally. For the older printf style plugins we convert to
> g_strdup_printf and pass that. While we are at it we can use
> g_autoptr/g_autofree to let the compiler worry about freeing things.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> ---
> include/qemu/log.h | 1 +
> include/qemu/qemu-plugin.h | 6 ++++++
> plugins/api.c | 8 ++++++++
> plugins/qemu-plugins.symbols | 1 +
> tests/plugin/bb.c | 12 +++++-------
> tests/plugin/hotblocks.c | 10 ++--------
> tests/plugin/hotpages.c | 12 +++---------
> tests/plugin/howvec.c | 15 ++-------------
> tests/plugin/insn.c | 10 ++++------
> tests/plugin/mem.c | 12 ++++++------
> tests/tcg/Makefile.target | 2 ++
> util/log.c | 3 +++
> 12 files changed, 43 insertions(+), 49 deletions(-)
This also would be better sorted earlier, and the plugins done once.
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* [PATCH v5 55/55] .travis.yml: add --enable-plugins tests
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (53 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 54/55] plugins: add qemu_plugin_outs and use it Alex Bennée
@ 2019-10-14 10:49 ` Alex Bennée
2019-10-14 17:04 ` Richard Henderson
2019-10-15 4:36 ` [PATCH for 4.2 v5 00/55] Support for TCG plugins no-reply
55 siblings, 1 reply; 94+ messages in thread
From: Alex Bennée @ 2019-10-14 10:49 UTC (permalink / raw)
To: qemu-devel
Cc: Fam Zheng, Philippe Mathieu-Daudé,
robert.foley, Richard Henderson, peter.puhov, aaron, cota,
Alex Bennée
check-tcg will automatically run the plugins against most TCG tests if
it is enabled in the build. We exclude sparc64-linux-user for now as
there are pending patches that need to be merged fixing it's fork
implementation.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Cc: Richard Henderson <richard.henderson@linaro.org>
---
.travis.yml | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/.travis.yml b/.travis.yml
index d0b9e099b9..37bca1ca1c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -334,8 +334,23 @@ matrix:
- CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-default"
+ # Run check-tcg against linux-user (with plugins)
+ # we skip sparc64-linux-user until it has been fixed somewhat
+ - env:
+ - CONFIG="--disable-system --enable-plugins --target-list-exclude=sparc64-linux-user"
+ - TEST_CMD="make -j3 check-tcg V=1"
+ - CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-default"
+
+
# Run check-tcg against softmmu targets
- env:
- CONFIG="--target-list=xtensa-softmmu,arm-softmmu,aarch64-softmmu,alpha-softmmu"
- TEST_CMD="make -j3 check-tcg V=1"
- CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-default"
+
+
+ # Run check-tcg against softmmu targets (with plugins)
+ - env:
+ - CONFIG="--enable-plugins --target-list=xtensa-softmmu,arm-softmmu,aarch64-softmmu,alpha-softmmu"
+ - TEST_CMD="make -j3 check-tcg V=1"
+ - CACHE_NAME="${TRAVIS_BRANCH}-linux-gcc-default"
--
2.20.1
^ permalink raw reply related [flat|nested] 94+ messages in thread* Re: [PATCH v5 55/55] .travis.yml: add --enable-plugins tests
2019-10-14 10:49 ` [PATCH v5 55/55] .travis.yml: add --enable-plugins tests Alex Bennée
@ 2019-10-14 17:04 ` Richard Henderson
0 siblings, 0 replies; 94+ messages in thread
From: Richard Henderson @ 2019-10-14 17:04 UTC (permalink / raw)
To: Alex Bennée, qemu-devel
Cc: Fam Zheng, robert.foley, peter.puhov, aaron, cota,
Philippe Mathieu-Daudé
On 10/14/19 3:49 AM, Alex Bennée wrote:
> check-tcg will automatically run the plugins against most TCG tests if
> it is enabled in the build. We exclude sparc64-linux-user for now as
> there are pending patches that need to be merged fixing it's fork
> implementation.
>
> Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
> Cc: Richard Henderson <richard.henderson@linaro.org>
> ---
> .travis.yml | 15 +++++++++++++++
> 1 file changed, 15 insertions(+)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 94+ messages in thread
* Re: [PATCH for 4.2 v5 00/55] Support for TCG plugins
2019-10-14 10:48 [PATCH for 4.2 v5 00/55] Support for TCG plugins Alex Bennée
` (54 preceding siblings ...)
2019-10-14 10:49 ` [PATCH v5 55/55] .travis.yml: add --enable-plugins tests Alex Bennée
@ 2019-10-15 4:36 ` no-reply
55 siblings, 0 replies; 94+ messages in thread
From: no-reply @ 2019-10-15 4:36 UTC (permalink / raw)
To: alex.bennee
Cc: robert.foley, qemu-devel, peter.puhov, aaron, cota, alex.bennee
Patchew URL: https://patchew.org/QEMU/20191014104948.4291-1-alex.bennee@linaro.org/
Hi,
This series seems to have some coding style problems. See output below for
more information:
Subject: [PATCH for 4.2 v5 00/55] Support for TCG plugins
Type: series
Message-id: 20191014104948.4291-1-alex.bennee@linaro.org
=== TEST SCRIPT BEGIN ===
#!/bin/bash
git rev-parse base > /dev/null || exit 0
git config --local diff.renamelimit 0
git config --local diff.renames True
git config --local diff.algorithm histogram
./scripts/checkpatch.pl --mailback base..
=== TEST SCRIPT END ===
Switched to a new branch 'test'
3c4538d .travis.yml: add --enable-plugins tests
52d40be plugins: add qemu_plugin_outs and use it
173764d plugins: add sparc64 instruction classification table
984bf57 plugins: make howvec plugin more generic
8d5b793 plugins: expand the plugin_init function to include an info block
d9fde51 include/exec: wrap cpu_ldst.h in CONFIG_TCG
c968fc4 accel/stubs: reduce headers from tcg-stub
277050d tests/plugin: add hotpages plugin to breakdown memory access patterns
09bc325 tests/plugin: add instruction execution breakdown
3504de4 plugin: add qemu_plugin_insn_disas helper
28695ed tests/plugin: add a hotblocks plugin
2c35bc8 tests/tcg: enable plugin testing
4e61a46 tests/tcg: drop test-i386-fprem from TESTS when not SLOW
e7cbabb tests/tcg: move "virtual" tests to EXTRA_TESTS
71e2c9a tests/tcg: set QEMU_OPTS for all cris runs
19cc0a9 tests/tcg/Makefile.target: fix path to config-host.mak
32a7520 tests/plugin: add sample plugins
fdc50ab linux-user: support -plugin option
4502888 vl: support -plugin option
557ab9f plugin: add API symbols to qemu-plugins.symbols
452fc4f translator: inject instrumentation from plugins
ef58223 target/openrisc: fetch code with translator_ld
322a6e2 target/xtensa: fetch code with translator_ld
7746583 target/sparc: fetch code with translator_ld
20a99e5 target/riscv: fetch code with translator_ld
e456086 target/alpha: fetch code with translator_ld
dc5cd57 target/m68k: fetch code with translator_ld
3c933f4 target/hppa: fetch code with translator_ld
788ef4b target/i386: fetch code with translator_ld
756d7ac target/sh4: fetch code with translator_ld
96a68ab target/ppc: fetch code with translator_ld
8579c0a target/arm: fetch code with translator_ld
58d5ac3 translator: add translator_ld{ub,sw,uw,l,q}
9447806 plugin-gen: add plugin_insn_append
6c45871 cpu: hook plugin vcpu events
f35ce99 *-user: plugin syscalls
b464131 *-user: notify plugin of exit
5f45de7 translate-all: notify plugin code of tb_flush
90bebf1 plugins: implement helpers for resolving hwaddr
fd4c2fe tcg: let plugins instrument virtual memory accesses
b8e5c38 atomic_template: add inline trace/plugin helpers
cc9eeaa plugin-gen: add module for TCG-related code
6d95ee8 tcg: add tcg_gen_st_ptr
d0544ab cputlb: introduce get_page_addr_code_hostp
e337afd cputlb: document get_page_addr_code
d181e35 queue: add QTAILQ_REMOVE_SEVERAL
b5a5805 plugin: add implementation of the api
38dbddf plugin: add core code
dc6c029 plugin: add user-facing API
ce651ea configure: add --enable-plugins (MOVE TO END)
87ba90a docs/devel: add plugins.rst design document
a180702 translate-all: use cpu_in_exclusive_work_context() in tb_flush
de0849f cpu: introduce cpu_in_exclusive_context()
d8f88ce trace: add mmu_index to mem_info
03da1d4 trace: expand mem_info:size_shift to 4 bits
=== OUTPUT BEGIN ===
1/55 Checking commit 03da1d48f815 (trace: expand mem_info:size_shift to 4 bits)
2/55 Checking commit d8f88ceb4132 (trace: add mmu_index to mem_info)
ERROR: line over 90 characters
#25: FILE: accel/tcg/atomic_template.h:63:
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false, ATOMIC_MMU_IDX); \
ERROR: line over 90 characters
#34: FILE: accel/tcg/atomic_template.h:71:
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, false, ATOMIC_MMU_IDX); \
ERROR: line over 90 characters
#41: FILE: accel/tcg/atomic_template.h:77:
+ uint16_t info = glue(trace_mem_build_info_no_se, MEND)(SHIFT, true, ATOMIC_MMU_IDX); \
total: 3 errors, 0 warnings, 261 lines checked
Patch 2/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
3/55 Checking commit de0849f5305b (cpu: introduce cpu_in_exclusive_context())
4/55 Checking commit a180702bc2c7 (translate-all: use cpu_in_exclusive_work_context() in tb_flush)
5/55 Checking commit 87ba90add578 (docs/devel: add plugins.rst design document)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#24:
new file mode 100644
total: 0 errors, 1 warnings, 116 lines checked
Patch 5/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
6/55 Checking commit ce651eab7b66 (configure: add --enable-plugins (MOVE TO END))
7/55 Checking commit dc6c0292a53b (plugin: add user-facing API)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#15:
new file mode 100644
WARNING: architecture specific defines should be avoided
#41: FILE: include/qemu/qemu-plugin.h:22:
+#if defined _WIN32 || defined __CYGWIN__
WARNING: architecture specific defines should be avoided
#49: FILE: include/qemu/qemu-plugin.h:30:
+ #if __GNUC__ >= 4
total: 0 errors, 3 warnings, 351 lines checked
Patch 7/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
8/55 Checking commit 38dbddf37d35 (plugin: add core code)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#85:
new file mode 100644
ERROR: "foo * bar" should be "foo *bar"
#221: FILE: include/qemu/plugin.h:132:
+static inline struct qemu_plugin_insn * qemu_plugin_insn_alloc(void)
ERROR: named QLIST_HEAD should be typedefed separately
#404: FILE: plugins/core.c:42:
+QLIST_HEAD(qemu_plugin_cb_head, qemu_plugin_cb);
WARNING: line over 80 characters
#623: FILE: plugins/core.c:261:
+ cbs = g_array_sized_new(false, false, sizeof(struct qemu_plugin_dyn_cb), 1);
WARNING: Block comments use a leading /* on a separate line
#931: FILE: plugins/loader.c:59:
+ { /* end of list */ }
ERROR: externs should be avoided in .c files
#937: FILE: plugins/loader.c:65:
+extern struct qemu_plugin_state plugin;
total: 3 errors, 3 warnings, 1283 lines checked
Patch 8/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
9/55 Checking commit b5a580553858 (plugin: add implementation of the api)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#22:
new file mode 100644
ERROR: "foo * bar" should be "foo *bar"
#291: FILE: plugins/api.c:265:
+static MachineState * get_ms(void)
total: 1 errors, 1 warnings, 291 lines checked
Patch 9/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
10/55 Checking commit d181e35fd957 (queue: add QTAILQ_REMOVE_SEVERAL)
WARNING: Block comments use a leading /* on a separate line
#32: FILE: include/qemu/queue.h:431:
+ } while (/*CONSTCOND*/0)
total: 0 errors, 1 warnings, 16 lines checked
Patch 10/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
11/55 Checking commit e337afd4f7ba (cputlb: document get_page_addr_code)
12/55 Checking commit d0544ab75fda (cputlb: introduce get_page_addr_code_hostp)
13/55 Checking commit 6d95ee8cb30d (tcg: add tcg_gen_st_ptr)
14/55 Checking commit cc9eeaa0a629 (plugin-gen: add module for TCG-related code)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#48:
new file mode 100644
total: 0 errors, 1 warnings, 1123 lines checked
Patch 14/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
15/55 Checking commit b8e5c38572ae (atomic_template: add inline trace/plugin helpers)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#15:
new file mode 100644
total: 0 errors, 1 warnings, 296 lines checked
Patch 15/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
16/55 Checking commit fd4c2fe3e305 (tcg: let plugins instrument virtual memory accesses)
WARNING: line over 80 characters
#111: FILE: include/exec/cpu_ldst_template.h:91:
+ uint16_t meminfo = trace_mem_build_info(SHIFT, false, MO_TE, false, mmu_idx);
total: 0 errors, 1 warnings, 322 lines checked
Patch 16/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
17/55 Checking commit 90bebf129835 (plugins: implement helpers for resolving hwaddr)
18/55 Checking commit 5f45de7bce60 (translate-all: notify plugin code of tb_flush)
19/55 Checking commit b464131a3109 (*-user: notify plugin of exit)
20/55 Checking commit f35ce994630e (*-user: plugin syscalls)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#93:
new file mode 100644
total: 0 errors, 1 warnings, 127 lines checked
Patch 20/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
21/55 Checking commit 6c45871d214f (cpu: hook plugin vcpu events)
22/55 Checking commit 94478062431c (plugin-gen: add plugin_insn_append)
23/55 Checking commit 58d5ac329cb5 (translator: add translator_ld{ub,sw,uw,l,q})
ERROR: Macros with multiple statements should be enclosed in a do - while loop
#81: FILE: include/exec/translator.h:161:
+#define DO_LOAD(type, name, shift) \
+ set_helper_retaddr(1); \
+ ret = name ## _p(g2h(pc)); \
+ clear_helper_retaddr();
WARNING: Block comments use a leading /* on a separate line
#114: FILE: include/exec/translator.h:194:
+GEN_TRANSLATOR_LD(translator_ldub, ldb, uint8_t, 0, /* no swap needed */)
total: 1 errors, 1 warnings, 116 lines checked
Patch 23/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
24/55 Checking commit 8579c0acf750 (target/arm: fetch code with translator_ld)
25/55 Checking commit 96a68abee927 (target/ppc: fetch code with translator_ld)
26/55 Checking commit 756d7ac99834 (target/sh4: fetch code with translator_ld)
27/55 Checking commit 788ef4b5927e (target/i386: fetch code with translator_ld)
28/55 Checking commit 3c933f4f3faa (target/hppa: fetch code with translator_ld)
29/55 Checking commit dc5cd57c35c4 (target/m68k: fetch code with translator_ld)
30/55 Checking commit e456086d0d91 (target/alpha: fetch code with translator_ld)
31/55 Checking commit 20a99e55c877 (target/riscv: fetch code with translator_ld)
32/55 Checking commit 77465835e70b (target/sparc: fetch code with translator_ld)
33/55 Checking commit 322a6e272620 (target/xtensa: fetch code with translator_ld)
34/55 Checking commit ef58223c94ef (target/openrisc: fetch code with translator_ld)
35/55 Checking commit 452fc4f67497 (translator: inject instrumentation from plugins)
36/55 Checking commit 557ab9fcb99e (plugin: add API symbols to qemu-plugins.symbols)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#136:
new file mode 100644
total: 0 errors, 1 warnings, 166 lines checked
Patch 36/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
37/55 Checking commit 4502888fd6b3 (vl: support -plugin option)
38/55 Checking commit fdc50ab64b57 (linux-user: support -plugin option)
39/55 Checking commit 32a75208b318 (tests/plugin: add sample plugins)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#27:
new file mode 100644
total: 0 errors, 1 warnings, 287 lines checked
Patch 39/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
40/55 Checking commit 19cc0a9df50d (tests/tcg/Makefile.target: fix path to config-host.mak)
41/55 Checking commit 71e2c9a8f84f (tests/tcg: set QEMU_OPTS for all cris runs)
42/55 Checking commit e7cbabbbdda6 (tests/tcg: move "virtual" tests to EXTRA_TESTS)
43/55 Checking commit 4e61a46a42ec (tests/tcg: drop test-i386-fprem from TESTS when not SLOW)
44/55 Checking commit 2c35bc84f958 (tests/tcg: enable plugin testing)
45/55 Checking commit 28695ed94613 (tests/plugin: add a hotblocks plugin)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#33:
new file mode 100644
WARNING: line over 80 characters
#102: FILE: tests/plugin/hotblocks.c:65:
+ g_string_append_printf(report, "%#016"PRIx64", %d, %ld, %"PRId64"\n",
total: 0 errors, 2 warnings, 155 lines checked
Patch 45/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
46/55 Checking commit 3504de4e1f94 (plugin: add qemu_plugin_insn_disas helper)
ERROR: "foo * bar" should be "foo *bar"
#93: FILE: disas.c:539:
+char * plugin_disas(CPUState *cpu, uint64_t addr, size_t size)
ERROR: Error messages should not contain newlines
#136: FILE: disas.c:582:
+ warn_report("%s: %zu bytes left over\n", __func__, size - count);
ERROR: "foo * bar" should be "foo *bar"
#153: FILE: include/disas/disas.h:17:
+char * plugin_disas(CPUState *cpu, uint64_t addr, size_t size);
ERROR: "foo * bar" should be "foo *bar"
#172: FILE: include/qemu/qemu-plugin.h:334:
+char * qemu_plugin_insn_disas(const struct qemu_plugin_insn *insn);
total: 4 errors, 0 warnings, 171 lines checked
Patch 46/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
47/55 Checking commit 09bc325b2af1 (tests/plugin: add instruction execution breakdown)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#27:
new file mode 100644
ERROR: space required after that ',' (ctx:VxV)
#102: FILE: tests/plugin/howvec.c:71:
+ { " Add/Sub (imm,tags)","asit", 0x1f800000, 0x11800000, COUNT_CLASS},
^
ERROR: space required after that ',' (ctx:VxV)
#125: FILE: tests/plugin/howvec.c:94:
+ { " AdvSimd ldstmult++","advlsmp",0xbfb00000, 0x0c800000, COUNT_CLASS},
^
ERROR: space required after that ',' (ctx:VxV)
#125: FILE: tests/plugin/howvec.c:94:
+ { " AdvSimd ldstmult++","advlsmp",0xbfb00000, 0x0c800000, COUNT_CLASS},
^
ERROR: space required after that ',' (ctx:VxV)
#127: FILE: tests/plugin/howvec.c:96:
+ { " AdvSimd ldst++", "advlssp",0xbf800000, 0x0d800000, COUNT_CLASS},
^
ERROR: space required after that ',' (ctx:VxV)
#131: FILE: tests/plugin/howvec.c:100:
+ { " ldst noalloc pair", "ldstnap",0x3b800000, 0x28000000, COUNT_CLASS},
^
ERROR: space required after that ',' (ctx:VxV)
#135: FILE: tests/plugin/howvec.c:104:
+ { " ldst reg (reg off)","ldstro", 0x3b200b00, 0x38200800, COUNT_CLASS},
^
WARNING: line over 80 characters
#170: FILE: tests/plugin/howvec.c:139:
+ g_string_append_printf(report, "Class: %-24s\tcounted individually\n",
ERROR: space required after that ',' (ctx:VxV)
#186: FILE: tests/plugin/howvec.c:155:
+ g_string_append_printf(report,"Individual Instructions:\n");
^
WARNING: line over 80 characters
#192: FILE: tests/plugin/howvec.c:161:
+ g_string_append_printf(report, "Instr: %-24s\t(%ld hits)\t(op=%#08x/%s)\n",
ERROR: "foo * bar" should be "foo *bar"
#217: FILE: tests/plugin/howvec.c:186:
+static uint64_t * find_counter(struct qemu_plugin_insn *insn)
WARNING: line over 80 characters
#249: FILE: tests/plugin/howvec.c:218:
+ GUINT_TO_POINTER(opcode));
total: 8 errors, 4 warnings, 310 lines checked
Patch 47/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
48/55 Checking commit 277050daf1db (tests/plugin: add hotpages plugin to breakdown memory access patterns)
WARNING: added, moved or deleted file(s), does MAINTAINERS need updating?
#26:
new file mode 100644
total: 0 errors, 1 warnings, 186 lines checked
Patch 48/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
49/55 Checking commit c968fc46a5e0 (accel/stubs: reduce headers from tcg-stub)
50/55 Checking commit d9fde5180956 (include/exec: wrap cpu_ldst.h in CONFIG_TCG)
51/55 Checking commit 8d5b793b5566 (plugins: expand the plugin_init function to include an info block)
ERROR: line over 90 characters
#82: FILE: plugins/loader.c:66:
+typedef int (*qemu_plugin_install_func_t)(qemu_plugin_id_t, const qemu_info_t *, int, char **);
ERROR: "foo * bar" should be "foo *bar"
#112: FILE: plugins/loader.c:259:
+ MachineState * ms = MACHINE(qdev_get_machine());
total: 2 errors, 0 warnings, 176 lines checked
Patch 51/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
52/55 Checking commit 984bf57ce9d8 (plugins: make howvec plugin more generic)
WARNING: line over 80 characters
#49: FILE: tests/plugin/howvec.c:117:
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
ERROR: that open brace { should be on the previous line
#59: FILE: tests/plugin/howvec.c:127:
+ClassSelector class_tables[] =
+{
total: 1 errors, 1 warnings, 132 lines checked
Patch 52/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
53/55 Checking commit 173764dcb67b (plugins: add sparc64 instruction classification table)
WARNING: line over 80 characters
#29: FILE: tests/plugin/howvec.c:124:
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
WARNING: line over 80 characters
#38: FILE: tests/plugin/howvec.c:133:
+ { "Unclassified", "unclas", 0x00000000, 0x00000000, COUNT_INDIVIDUAL},
total: 0 errors, 2 warnings, 34 lines checked
Patch 53/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
54/55 Checking commit 52d40be360ad (plugins: add qemu_plugin_outs and use it)
WARNING: line over 80 characters
#170: FILE: tests/plugin/hotpages.c:71:
+ g_autoptr(GString) report = g_string_new("Addr, RCPUs, Reads, WCPUs, Writes\n");
total: 0 errors, 1 warnings, 278 lines checked
Patch 54/55 has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
55/55 Checking commit 3c4538dc4aa7 (.travis.yml: add --enable-plugins tests)
=== OUTPUT END ===
Test command exited with code: 1
The full log is available at
http://patchew.org/logs/20191014104948.4291-1-alex.bennee@linaro.org/testing.checkpatch/?type=message.
---
Email generated automatically by Patchew [https://patchew.org/].
Please send your feedback to patchew-devel@redhat.com
^ permalink raw reply [flat|nested] 94+ messages in thread