qemu-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] How do -icount flags work in QEMU TCG

From: Arnabjyoti Kalita
Subject: Re: [Qemu-discuss] How do -icount flags work in QEMU TCG
Date: Fri, 23 Mar 2018 15:47:17 -0400 
Hi Peter,

Yes only I could see that. Sorry for dumping out incomplete logs :)

Well I think I figured out the source of this representation of repeating
TB blocks. Your 3rd point in your previous answer was the solution. The
fact that QEMU in TCG mode executes I/O instructions at the end of the
translation block is causing these blocks to repeat. What helped me to
figure this out was a recent patch in the QEMU source code.

This is the patch :
https://github.com/qemu/qemu/commit/0790f86861079b1932679d0f011e431aaf4ee9e2

Thanks for enlisting out the reasons for the occurence of repeating TBs.
That helped me to atleast narrow down the sources of this cause.

Best Regards,
Arnab

On Fri, Mar 23, 2018 at 6:03 AM, Peter Maydell <address@hidden>
wrote:

> On 22 March 2018 at 22:34, Arnabjyoti Kalita <address@hidden>
> wrote:
> > From what I can see from the logs, it is quite hard to tell why this
> occurs.
> > I am afraid I might have to disagree with your point 2. If it was an MMU
> > page fault, one of the TCG blocks would have started executing the page
> > fault handlers already - which I do not see in the TCG execution flow yet
> > and a page fault in the kernel would anyway be dangerous. ( I am not
> aware
> > of any other scenarios of MMU faults in the guest though ).
>
> *You* can see that. What I said was that I couldn't tell whether
> it was that or not from the logs you sent in your email, which is true :-)
>
> > It is a bit likely that the -icount value probably ran out, much more
> likely
> > is that one of the loads/stores could be to an emulated device as you
> > explained. But atleast in the translation phase, the icount values
> correctly
> > count the number of instructions in the TCG block, even for cases like
> the
> > ones I described previously. If things go wrong in the final host code
> > execution phase, the code jumping to the middle of the TB could happen.
> >
> > I see this pattern quite irregularly across other Translation Blocks as
> well
> > (not many times, but they are scattered around).
> >
> > I would have to take this irregularity into consideration with the use of
> > -icount as I try to analyze the execution flow.
>
> You can't analyse execution flow from the translation-time events.
> You need to look at execution time logs for that (-d exec). You
> don't need to care if we translate a TB once or many times, only
> what TBs we actually executed.
>
> thanks
> -- PMM
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]