[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Instruction counting instrumentation for ARM + initial
|
From: |
Vince Weaver |
|
Subject: |
Re: [Qemu-devel] Instruction counting instrumentation for ARM + initial patch |
|
Date: |
Wed, 20 May 2009 16:35:25 -0400 (EDT) |
I wonder if a simplistic stats gathering frame work could be added to
Qemu.
The problem is there currently are at least 3 users of Qemu:
1. People who want fast simulation
2. People who are doing virtualization
3. People trying to do instrumentation/research
Unfortunately those three groups have conflicting interests.
The main problem is that adding instrumentation infrastructure will either
slow down the common case, or else introduce lots of #ifdefs all over the
code. Neither is very attractive.
It would be nice if maybe a limited instrumentation architecture could
be put into qemu, that could be configured out. It would save the various
researchers the problem of everyone re-implementing it differently.
It would be nice to have:
1. A way to dump an instruction trace (address, length (for CISC),
and opcode, CPU# for multi-thread)
2. A way to dump memory traces (address, length, possibly the value
loaded/stored, CPU# for multi-thread)
3. A way to dump basic-block entry/exit
Many of the various research metrics can be gained from these stats.
#1 and #2 are enough for cache simulators.
#1 (if post-processed) is enough to get a frequency plot for instruction
count and type.
#1 can be used to extrapolate branch-taken statistics for branch
predictors
#3 Can be used for basic block vectors, or to get faster instruction
counts
I'm not sure if it's possible to do this in a non-intrusive way that would
be acceptable to the other users of Qemu though.
Pin manages to have their null plugin run very fast; at least one
of the Spec2k binaries runs faster translated than it does natively.
Vince