[Qemu-devel] Translation block identification.

[Qemu-devel] Translation block identification.

[Rafael Kioji]

Dear all,

During translation how can I identify what is the basic block of the 
guest code? I wanted to know whether the block being translated is the 
beginning of a function and get its name.

My current approach involves looking up the symbol associated with the 
first PC of the translation block. But no symbol is ever found. What I 
did was to add the following code in the function "translator_loop" at 
"accel/tcg/translator.c":

     printf("sym: %lu %s\n", tb->pc, lookup_symbol(tb->pc));

The function lookup_symbol is defined in the file "./disas.c". I am 
compiling my application with symbols (-g). My target arch is ARM.

Thanks!


Kind regards,
Rafael

Re: [Qemu-devel] Translation block identification.

[Alex Bennée]

Rafael Kioji <rafaelkioji@gmail.com> writes:

> Dear all,
>
> During translation how can I identify what is the basic block of the
> guest code? I wanted to know whether the block being translated is the
> beginning of a function and get its name.
>
> My current approach involves looking up the symbol associated with the
> first PC of the translation block. But no symbol is ever found. What I
> did was to add the following code in the function "translator_loop" at
> "accel/tcg/translator.c":
>
>  printf("sym: %lu %s\n", tb->pc, lookup_symbol(tb->pc));
>
> The function lookup_symbol is defined in the file "./disas.c". I am
> compiling my application with symbols (-g). My target arch is ARM.

If you run QEMU with the debug flags you should see name resolution for
each basic block. e.g.

  qemu-arm -d in_asm prog

--
Alex Bennée

Re: [Qemu-devel] Translation block identification.

[Rafael Kioji]

This logging flag prints what I want. But I really wanted is to get this 
info inside the QEMU source code. Why am I not able to lookup the 
symbols in the translator.c file the way I showed?

Kind regards,
Rafael

On 5/1/2018 6:04 PM, Alex Bennée wrote:
> Rafael Kioji <rafaelkioji@gmail.com> writes:
>
>> Dear all,
>>
>> During translation how can I identify what is the basic block of the
>> guest code? I wanted to know whether the block being translated is the
>> beginning of a function and get its name.
>>
>> My current approach involves looking up the symbol associated with the
>> first PC of the translation block. But no symbol is ever found. What I
>> did was to add the following code in the function "translator_loop" at
>> "accel/tcg/translator.c":
>>
>>   printf("sym: %lu %s\n", tb->pc, lookup_symbol(tb->pc));
>>
>> The function lookup_symbol is defined in the file "./disas.c". I am
>> compiling my application with symbols (-g). My target arch is ARM.
> If you run QEMU with the debug flags you should see name resolution for
> each basic block. e.g.
>
>    qemu-arm -d in_asm prog
>
> --
> Alex Bennée

Re: [Qemu-devel] Translation block identification.

[Peter Maydell]

On 1 May 2018 at 11:20, Rafael Kioji <rafaelkioji@gmail.com> wrote:
> This logging flag prints what I want. But I really wanted is to get this
> info inside the QEMU source code. Why am I not able to lookup the symbols in
> the translator.c file the way I showed?

The -d in_asm logging is just using lookup_symbol() (eg for arm
I think it's in arm_tr_disas_log() that that particular logging
is done), so if it works when it's called by the existing QEMU code
but not in your modification then it sounds like there's an
error in your modification somewhere.

thanks
-- PMM

Re: [Qemu-devel] Translation block identification.

[Alex Bennée]

Rafael Kioji <rafaelkioji@gmail.com> writes:

> This logging flag prints what I want. But I really wanted is to get
> this info inside the QEMU source code. Why am I not able to lookup the
> symbols in the translator.c file the way I showed?

Without a failing patch it's hard to say, after all the working
disassembly is called at the bottom of translator_loop():

  ops->disas_log(db, cpu);

>
> Kind regards,
> Rafael
>
> On 5/1/2018 6:04 PM, Alex Bennée wrote:
>> Rafael Kioji <rafaelkioji@gmail.com> writes:
>>
>>> Dear all,
>>>
>>> During translation how can I identify what is the basic block of the
>>> guest code? I wanted to know whether the block being translated is the
>>> beginning of a function and get its name.
>>>
>>> My current approach involves looking up the symbol associated with the
>>> first PC of the translation block. But no symbol is ever found. What I
>>> did was to add the following code in the function "translator_loop" at
>>> "accel/tcg/translator.c":
>>>
>>>   printf("sym: %lu %s\n", tb->pc, lookup_symbol(tb->pc));
>>>
>>> The function lookup_symbol is defined in the file "./disas.c". I am
>>> compiling my application with symbols (-g). My target arch is ARM.
>> If you run QEMU with the debug flags you should see name resolution for
>> each basic block. e.g.
>>
>>    qemu-arm -d in_asm prog
>>
>> --
>> Alex Bennée


--
Alex Bennée

Re: [Qemu-devel] Translation block identification.

[Rafael Kioji]

Solved. The reason I was not able to get the symbols is because logging 
has to be enabled, otherwise the symbols are not loaded. In "elfload.c" 
there is the condition:

> if (qemu_log_enabled()) {
>     load_symbols(ehdr, image_fd, load_bias);
> }

Thanks!

Kind regards,
Rafael

On 5/1/2018 6:28 PM, Peter Maydell wrote:
> On 1 May 2018 at 11:20, Rafael Kioji <rafaelkioji@gmail.com> wrote:
>> This logging flag prints what I want. But I really wanted is to get this
>> info inside the QEMU source code. Why am I not able to lookup the symbols in
>> the translator.c file the way I showed?
> The -d in_asm logging is just using lookup_symbol() (eg for arm
> I think it's in arm_tr_disas_log() that that particular logging
> is done), so if it works when it's called by the existing QEMU code
> but not in your modification then it sounds like there's an
> error in your modification somewhere.
>
> thanks
> -- PMM