xref: /openbmc/qemu/tests/tcg/plugins/mem.c (revision 173c427eb5705064da7dc8db22553c8df34f7f58)
1 /*
2  * Copyright (C) 2018, Emilio G. Cota <cota@braap.org>
3  *
4  * License: GNU GPL, version 2 or later.
5  *   See the COPYING file in the top-level directory.
6  */
7 #include <inttypes.h>
8 #include <assert.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <unistd.h>
12 #include <stdio.h>
13 #include <glib.h>
14 
15 /*
16  * plugins should not include anything from QEMU aside from the
17  * API header. However as this is a test plugin to exercise the
18  * internals of QEMU and we want to avoid needless code duplication we
19  * do so here. bswap.h is pretty self-contained although it needs a
20  * few things provided by compiler.h.
21  */
22 #include <compiler.h>
23 #include <bswap.h>
24 #include <qemu-plugin.h>
25 
26 QEMU_PLUGIN_EXPORT int qemu_plugin_version = QEMU_PLUGIN_VERSION;
27 
28 typedef struct {
29     uint64_t mem_count;
30     uint64_t io_count;
31 } CPUCount;
32 
33 typedef struct {
34     uint64_t vaddr;
35     const char *sym;
36 } InsnInfo;
37 
38 /*
39  * For the "memory" system test we need to track accesses to
40  * individual regions. We mirror the data written to the region and
41  * then check when it is read that it matches up.
42  *
43  * We do this as regions rather than pages to save on complications
44  * with page crossing and the fact the test only cares about the
45  * test_data region.
46  */
47 static uint64_t region_size = 4096 * 4;
48 static uint64_t region_mask;
49 
50 typedef struct {
51     uint64_t region_address;
52     uint64_t reads;
53     uint64_t writes;
54     uint8_t *data;
55     /* Did we see every write and read with correct values? */
56     bool     seen_all;
57 } RegionInfo;
58 
59 static struct qemu_plugin_scoreboard *counts;
60 static qemu_plugin_u64 mem_count;
61 static qemu_plugin_u64 io_count;
62 static bool do_inline, do_callback, do_print_accesses, do_region_summary;
63 static bool do_haddr;
64 static enum qemu_plugin_mem_rw rw = QEMU_PLUGIN_MEM_RW;
65 
66 
67 static GMutex lock;
68 static GHashTable *regions;
69 
70 static gint addr_order(gconstpointer a, gconstpointer b)
71 {
72     RegionInfo *na = (RegionInfo *) a;
73     RegionInfo *nb = (RegionInfo *) b;
74 
75     return na->region_address > nb->region_address ? 1 : -1;
76 }
77 
78 
79 static void plugin_exit(qemu_plugin_id_t id, void *p)
80 {
81     g_autoptr(GString) out = g_string_new("");
82 
83     if (do_inline || do_callback) {
84         g_string_printf(out, "mem accesses: %" PRIu64 "\n",
85                         qemu_plugin_u64_sum(mem_count));
86     }
87     if (do_haddr) {
88         g_string_append_printf(out, "io accesses: %" PRIu64 "\n",
89                                qemu_plugin_u64_sum(io_count));
90     }
91     qemu_plugin_outs(out->str);
92 
93 
94     if (do_region_summary) {
95         GList *counts = g_hash_table_get_values(regions);
96 
97         counts = g_list_sort(counts, addr_order);
98 
99         g_string_printf(out, "Region Base, Reads, Writes, Seen all\n");
100 
101         if (counts && g_list_next(counts)) {
102             for (/* counts */; counts; counts = counts->next) {
103                 RegionInfo *ri = (RegionInfo *) counts->data;
104 
105                 g_string_append_printf(out,
106                                        "0x%016"PRIx64", "
107                                        "%"PRId64", %"PRId64", %s\n",
108                                        ri->region_address,
109                                        ri->reads,
110                                        ri->writes,
111                                        ri->seen_all ? "true" : "false");
112             }
113         }
114         qemu_plugin_outs(out->str);
115     }
116 
117     qemu_plugin_scoreboard_free(counts);
118 }
119 
120 /*
121  * Update the region tracking info for the access. We split up accesses
122  * that span regions even though the plugin infrastructure will deliver
123  * it as a single access.
124  */
125 static void update_region_info(uint64_t region, uint64_t offset,
126                                qemu_plugin_meminfo_t meminfo,
127                                qemu_plugin_mem_value value,
128                                unsigned size)
129 {
130     bool be = qemu_plugin_mem_is_big_endian(meminfo);
131     bool is_store = qemu_plugin_mem_is_store(meminfo);
132     RegionInfo *ri;
133     bool unseen_data = false;
134 
135     g_assert(offset + size <= region_size);
136 
137     g_mutex_lock(&lock);
138     ri = (RegionInfo *) g_hash_table_lookup(regions, GUINT_TO_POINTER(region));
139 
140     if (!ri) {
141         ri = g_new0(RegionInfo, 1);
142         ri->region_address = region;
143         ri->data = g_malloc0(region_size);
144         ri->seen_all = true;
145         g_hash_table_insert(regions, GUINT_TO_POINTER(region), (gpointer) ri);
146     }
147 
148     if (is_store) {
149         ri->writes++;
150     } else {
151         ri->reads++;
152     }
153 
154     switch (value.type) {
155     case QEMU_PLUGIN_MEM_VALUE_U8:
156         if (is_store) {
157             ri->data[offset] = value.data.u8;
158         } else if (ri->data[offset] != value.data.u8) {
159             unseen_data = true;
160         }
161         break;
162     case QEMU_PLUGIN_MEM_VALUE_U16:
163     {
164         uint16_t *p = (uint16_t *) &ri->data[offset];
165         if (is_store) {
166             if (be) {
167                 stw_be_p(p, value.data.u16);
168             } else {
169                 stw_le_p(p, value.data.u16);
170             }
171         } else {
172             uint16_t val = be ? lduw_be_p(p) : lduw_le_p(p);
173             unseen_data = val != value.data.u16;
174         }
175         break;
176     }
177     case QEMU_PLUGIN_MEM_VALUE_U32:
178     {
179         uint32_t *p = (uint32_t *) &ri->data[offset];
180         if (is_store) {
181             if (be) {
182                 stl_be_p(p, value.data.u32);
183             } else {
184                 stl_le_p(p, value.data.u32);
185             }
186         } else {
187             uint32_t val = be ? ldl_be_p(p) : ldl_le_p(p);
188             unseen_data = val != value.data.u32;
189         }
190         break;
191     }
192     case QEMU_PLUGIN_MEM_VALUE_U64:
193     {
194         uint64_t *p = (uint64_t *) &ri->data[offset];
195         if (is_store) {
196             if (be) {
197                 stq_be_p(p, value.data.u64);
198             } else {
199                 stq_le_p(p, value.data.u64);
200             }
201         } else {
202             uint64_t val = be ? ldq_be_p(p) : ldq_le_p(p);
203             unseen_data = val != value.data.u64;
204         }
205         break;
206     }
207     case QEMU_PLUGIN_MEM_VALUE_U128:
208         /* non in test so skip */
209         break;
210     default:
211         g_assert_not_reached();
212     }
213 
214     /*
215      * This is expected for regions initialised by QEMU (.text etc) but we
216      * expect to see all data read and written to the test_data region
217      * of the memory test.
218      */
219     if (unseen_data && ri->seen_all) {
220         g_autoptr(GString) error = g_string_new("Warning: ");
221         g_string_append_printf(error, "0x%016"PRIx64":%"PRId64
222                                " read an un-instrumented value\n",
223                                region, offset);
224         qemu_plugin_outs(error->str);
225         ri->seen_all = false;
226     }
227 
228     g_mutex_unlock(&lock);
229 }
230 
231 static void vcpu_mem(unsigned int cpu_index, qemu_plugin_meminfo_t meminfo,
232                      uint64_t vaddr, void *udata)
233 {
234     if (do_haddr) {
235         struct qemu_plugin_hwaddr *hwaddr;
236         hwaddr = qemu_plugin_get_hwaddr(meminfo, vaddr);
237         if (qemu_plugin_hwaddr_is_io(hwaddr)) {
238             qemu_plugin_u64_add(io_count, cpu_index, 1);
239         } else {
240             qemu_plugin_u64_add(mem_count, cpu_index, 1);
241         }
242     } else {
243         qemu_plugin_u64_add(mem_count, cpu_index, 1);
244     }
245 
246     if (do_region_summary) {
247         uint64_t region = vaddr & ~region_mask;
248         uint64_t offset = vaddr & region_mask;
249         qemu_plugin_mem_value value = qemu_plugin_mem_get_value(meminfo);
250         unsigned size = 1 << qemu_plugin_mem_size_shift(meminfo);
251 
252         update_region_info(region, offset, meminfo, value, size);
253     }
254 }
255 
256 static void print_access(unsigned int cpu_index, qemu_plugin_meminfo_t meminfo,
257                          uint64_t vaddr, void *udata)
258 {
259     InsnInfo *insn_info = udata;
260     unsigned size = 8 << qemu_plugin_mem_size_shift(meminfo);
261     const char *type = qemu_plugin_mem_is_store(meminfo) ? "store" : "load";
262     qemu_plugin_mem_value value = qemu_plugin_mem_get_value(meminfo);
263     uint64_t hwaddr =
264         qemu_plugin_hwaddr_phys_addr(qemu_plugin_get_hwaddr(meminfo, vaddr));
265     g_autoptr(GString) out = g_string_new("");
266     g_string_printf(out,
267                     "0x%"PRIx64",%s,0x%"PRIx64",0x%"PRIx64",%d,%s,",
268                     insn_info->vaddr, insn_info->sym,
269                     vaddr, hwaddr, size, type);
270     switch (value.type) {
271     case QEMU_PLUGIN_MEM_VALUE_U8:
272         g_string_append_printf(out, "0x%02"PRIx8, value.data.u8);
273         break;
274     case QEMU_PLUGIN_MEM_VALUE_U16:
275         g_string_append_printf(out, "0x%04"PRIx16, value.data.u16);
276         break;
277     case QEMU_PLUGIN_MEM_VALUE_U32:
278         g_string_append_printf(out, "0x%08"PRIx32, value.data.u32);
279         break;
280     case QEMU_PLUGIN_MEM_VALUE_U64:
281         g_string_append_printf(out, "0x%016"PRIx64, value.data.u64);
282         break;
283     case QEMU_PLUGIN_MEM_VALUE_U128:
284         g_string_append_printf(out, "0x%016"PRIx64"%016"PRIx64,
285                                value.data.u128.high, value.data.u128.low);
286         break;
287     default:
288         g_assert_not_reached();
289     }
290     g_string_append_printf(out, "\n");
291     qemu_plugin_outs(out->str);
292 }
293 
294 static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
295 {
296     size_t n = qemu_plugin_tb_n_insns(tb);
297     size_t i;
298 
299     for (i = 0; i < n; i++) {
300         struct qemu_plugin_insn *insn = qemu_plugin_tb_get_insn(tb, i);
301 
302         if (do_inline) {
303             qemu_plugin_register_vcpu_mem_inline_per_vcpu(
304                 insn, rw,
305                 QEMU_PLUGIN_INLINE_ADD_U64,
306                 mem_count, 1);
307         }
308         if (do_callback || do_region_summary) {
309             qemu_plugin_register_vcpu_mem_cb(insn, vcpu_mem,
310                                              QEMU_PLUGIN_CB_NO_REGS,
311                                              rw, NULL);
312         }
313         if (do_print_accesses) {
314             /* we leak this pointer, to avoid locking to keep track of it */
315             InsnInfo *insn_info = g_malloc(sizeof(InsnInfo));
316             const char *sym = qemu_plugin_insn_symbol(insn);
317             insn_info->sym = sym ? sym : "";
318             insn_info->vaddr = qemu_plugin_insn_vaddr(insn);
319             qemu_plugin_register_vcpu_mem_cb(insn, print_access,
320                                              QEMU_PLUGIN_CB_NO_REGS,
321                                              rw, (void *) insn_info);
322         }
323     }
324 }
325 
326 QEMU_PLUGIN_EXPORT int qemu_plugin_install(qemu_plugin_id_t id,
327                                            const qemu_info_t *info,
328                                            int argc, char **argv)
329 {
330 
331     for (int i = 0; i < argc; i++) {
332         char *opt = argv[i];
333         g_auto(GStrv) tokens = g_strsplit(opt, "=", 2);
334 
335         if (g_strcmp0(tokens[0], "haddr") == 0) {
336             if (!qemu_plugin_bool_parse(tokens[0], tokens[1], &do_haddr)) {
337                 fprintf(stderr, "boolean argument parsing failed: %s\n", opt);
338                 return -1;
339             }
340         } else if (g_strcmp0(tokens[0], "track") == 0) {
341             if (g_strcmp0(tokens[1], "r") == 0) {
342                 rw = QEMU_PLUGIN_MEM_R;
343             } else if (g_strcmp0(tokens[1], "w") == 0) {
344                 rw = QEMU_PLUGIN_MEM_W;
345             } else if (g_strcmp0(tokens[1], "rw") == 0) {
346                 rw = QEMU_PLUGIN_MEM_RW;
347             } else {
348                 fprintf(stderr, "invalid value for argument track: %s\n", opt);
349                 return -1;
350             }
351         } else if (g_strcmp0(tokens[0], "inline") == 0) {
352             if (!qemu_plugin_bool_parse(tokens[0], tokens[1], &do_inline)) {
353                 fprintf(stderr, "boolean argument parsing failed: %s\n", opt);
354                 return -1;
355             }
356         } else if (g_strcmp0(tokens[0], "callback") == 0) {
357             if (!qemu_plugin_bool_parse(tokens[0], tokens[1], &do_callback)) {
358                 fprintf(stderr, "boolean argument parsing failed: %s\n", opt);
359                 return -1;
360             }
361         } else if (g_strcmp0(tokens[0], "print-accesses") == 0) {
362             if (!qemu_plugin_bool_parse(tokens[0], tokens[1],
363                                         &do_print_accesses)) {
364                 fprintf(stderr, "boolean argument parsing failed: %s\n", opt);
365                 return -1;
366             }
367         } else if (g_strcmp0(tokens[0], "region-summary") == 0) {
368             if (!qemu_plugin_bool_parse(tokens[0], tokens[1],
369                                         &do_region_summary)) {
370                 fprintf(stderr, "boolean argument parsing failed: %s\n", opt);
371                 return -1;
372             }
373         } else {
374             fprintf(stderr, "option parsing failed: %s\n", opt);
375             return -1;
376         }
377     }
378 
379     if (do_inline && do_callback) {
380         fprintf(stderr,
381                 "can't enable inline and callback counting at the same time\n");
382         return -1;
383     }
384 
385     if (do_print_accesses) {
386         g_autoptr(GString) out = g_string_new("");
387         g_string_printf(out,
388                 "insn_vaddr,insn_symbol,mem_vaddr,mem_hwaddr,"
389                 "access_size,access_type,mem_value\n");
390         qemu_plugin_outs(out->str);
391     }
392 
393     if (do_region_summary) {
394         region_mask = (region_size - 1);
395         regions = g_hash_table_new(NULL, g_direct_equal);
396     }
397 
398     counts = qemu_plugin_scoreboard_new(sizeof(CPUCount));
399     mem_count = qemu_plugin_scoreboard_u64_in_struct(
400         counts, CPUCount, mem_count);
401     io_count = qemu_plugin_scoreboard_u64_in_struct(counts, CPUCount, io_count);
402     qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
403     qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
404     return 0;
405 }
406