1 /*
2 * Copyright (C) 2019, Alex Bennée <alex.bennee@linaro.org>
3 *
4 * License: GNU GPL, version 2 or later.
5 * See the COPYING file in the top-level directory.
6 */
7 #include <inttypes.h>
8 #include <assert.h>
9 #include <stdlib.h>
10 #include <inttypes.h>
11 #include <string.h>
12 #include <unistd.h>
13 #include <stdio.h>
14 #include <glib.h>
15
16 #include <qemu-plugin.h>
17
18 QEMU_PLUGIN_EXPORT int qemu_plugin_version = QEMU_PLUGIN_VERSION;
19
20 static bool do_inline;
21
22 /* Plugins need to take care of their own locking */
23 static GMutex lock;
24 static GHashTable *hotblocks;
25 static guint64 limit = 20;
26
27 /*
28 * Counting Structure
29 *
30 * The internals of the TCG are not exposed to plugins so we can only
31 * get the starting PC for each block. We cheat this slightly by
32 * xor'ing the number of instructions to the hash to help
33 * differentiate.
34 */
35 typedef struct {
36 uint64_t start_addr;
37 struct qemu_plugin_scoreboard *exec_count;
38 int trans_count;
39 unsigned long insns;
40 } ExecCount;
41
cmp_exec_count(gconstpointer a,gconstpointer b)42 static gint cmp_exec_count(gconstpointer a, gconstpointer b)
43 {
44 ExecCount *ea = (ExecCount *) a;
45 ExecCount *eb = (ExecCount *) b;
46 uint64_t count_a =
47 qemu_plugin_u64_sum(qemu_plugin_scoreboard_u64(ea->exec_count));
48 uint64_t count_b =
49 qemu_plugin_u64_sum(qemu_plugin_scoreboard_u64(eb->exec_count));
50 return count_a > count_b ? -1 : 1;
51 }
52
exec_count_free(gpointer key,gpointer value,gpointer user_data)53 static void exec_count_free(gpointer key, gpointer value, gpointer user_data)
54 {
55 ExecCount *cnt = value;
56 qemu_plugin_scoreboard_free(cnt->exec_count);
57 }
58
plugin_exit(qemu_plugin_id_t id,void * p)59 static void plugin_exit(qemu_plugin_id_t id, void *p)
60 {
61 g_autoptr(GString) report = g_string_new("collected ");
62 GList *counts, *it;
63 int i;
64
65 g_string_append_printf(report, "%d entries in the hash table\n",
66 g_hash_table_size(hotblocks));
67 counts = g_hash_table_get_values(hotblocks);
68 it = g_list_sort(counts, cmp_exec_count);
69
70 if (it) {
71 g_string_append_printf(report, "pc, tcount, icount, ecount\n");
72
73 for (i = 0; i < limit && it->next; i++, it = it->next) {
74 ExecCount *rec = (ExecCount *) it->data;
75 g_string_append_printf(
76 report, "0x%016"PRIx64", %d, %ld, %"PRId64"\n",
77 rec->start_addr, rec->trans_count,
78 rec->insns,
79 qemu_plugin_u64_sum(
80 qemu_plugin_scoreboard_u64(rec->exec_count)));
81 }
82
83 g_list_free(it);
84 }
85
86 qemu_plugin_outs(report->str);
87
88 g_hash_table_foreach(hotblocks, exec_count_free, NULL);
89 g_hash_table_destroy(hotblocks);
90 }
91
plugin_init(void)92 static void plugin_init(void)
93 {
94 hotblocks = g_hash_table_new(NULL, g_direct_equal);
95 }
96
vcpu_tb_exec(unsigned int cpu_index,void * udata)97 static void vcpu_tb_exec(unsigned int cpu_index, void *udata)
98 {
99 ExecCount *cnt = (ExecCount *)udata;
100 qemu_plugin_u64_add(qemu_plugin_scoreboard_u64(cnt->exec_count),
101 cpu_index, 1);
102 }
103
104 /*
105 * When do_inline we ask the plugin to increment the counter for us.
106 * Otherwise a helper is inserted which calls the vcpu_tb_exec
107 * callback.
108 */
vcpu_tb_trans(qemu_plugin_id_t id,struct qemu_plugin_tb * tb)109 static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
110 {
111 ExecCount *cnt;
112 uint64_t pc = qemu_plugin_tb_vaddr(tb);
113 size_t insns = qemu_plugin_tb_n_insns(tb);
114 uint64_t hash = pc ^ insns;
115
116 g_mutex_lock(&lock);
117 cnt = (ExecCount *) g_hash_table_lookup(hotblocks, (gconstpointer) hash);
118 if (cnt) {
119 cnt->trans_count++;
120 } else {
121 cnt = g_new0(ExecCount, 1);
122 cnt->start_addr = pc;
123 cnt->trans_count = 1;
124 cnt->insns = insns;
125 cnt->exec_count = qemu_plugin_scoreboard_new(sizeof(uint64_t));
126 g_hash_table_insert(hotblocks, (gpointer) hash, (gpointer) cnt);
127 }
128
129 g_mutex_unlock(&lock);
130
131 if (do_inline) {
132 qemu_plugin_register_vcpu_tb_exec_inline_per_vcpu(
133 tb, QEMU_PLUGIN_INLINE_ADD_U64,
134 qemu_plugin_scoreboard_u64(cnt->exec_count), 1);
135 } else {
136 qemu_plugin_register_vcpu_tb_exec_cb(tb, vcpu_tb_exec,
137 QEMU_PLUGIN_CB_NO_REGS,
138 (void *)cnt);
139 }
140 }
141
142 QEMU_PLUGIN_EXPORT
qemu_plugin_install(qemu_plugin_id_t id,const qemu_info_t * info,int argc,char ** argv)143 int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
144 int argc, char **argv)
145 {
146 for (int i = 0; i < argc; i++) {
147 char *opt = argv[i];
148 g_auto(GStrv) tokens = g_strsplit(opt, "=", 2);
149 if (g_strcmp0(tokens[0], "inline") == 0) {
150 if (!qemu_plugin_bool_parse(tokens[0], tokens[1], &do_inline)) {
151 fprintf(stderr, "boolean argument parsing failed: %s\n", opt);
152 return -1;
153 }
154 } else {
155 fprintf(stderr, "option parsing failed: %s\n", opt);
156 return -1;
157 }
158 }
159
160 plugin_init();
161
162 qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
163 qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
164 return 0;
165 }
166