Thank you for your help and the script. Finally I've been able to get the functions.
Could you please give me some pointers on how to modify the script to give me the instruction trace? Thanks, Aziz On Wed, Oct 26, 2011 at 12:28 AM, Furat Afram <[email protected]> wrote: > try ./trace_to_func.py ptl_rip_trace output.txt -o ojectfile > > ojectfile is the output of objdump -t > I think this will give you the functions not the instructions but it > shouldn't be hard to modify it to give you the instruction opcodes > -Furat > > > On Tue, Oct 25, 2011 at 1:54 PM, Aziz <[email protected]> wrote: > > Thanks for the response. I've been trying hard to get to somewhere for > > obtaining the instruction trace, but no luck. > > > >>> > >>> I need to obtain instruction trace for the simulation run. I checked > the > >>> email archive, but defining TRACE_RIP only gives me hex coded > instructions, > >>> where I need the instruction, registers, and memory addresses as in > "add > >>> eax, 0xf4". Is there any way to obtain this? > >> > >> Its little tricky because the simulator translate the instructions to > >> micro-ops and keep a hash of RIP to micro-op buffers. So once > instruction is > >> decoded into micro-ops, we don't keep track of original instruction. In > >> order to create a trace file, you'll need to add a new hash-table that > keeps > >> track of RIP address to its original instruction. Then you can use that > in > >> pipeline to dump the trace along with register values and memory > addresses. > > > > I tried to get into the code. I found that qemu works on the instructions > in > > disas_insn() function (at qemu/target-i386/translate.c) , but marss > transfer > > the control to ptlsim using gen_helper_switch_to_sim(). I did not > understand > > though, what gen_jmp_im(pc_start - s->cs_base) does (line 4080 > > in qemu/target-i386/translate.c). > > Then I though, why use ptlsim, I can just get the instructions from qemu. > > When I searched for it on the web, I found this document > > > http://www.iamroot.org/xe/?module=file&act=procFileDownload&file_srl=37296&sid=1cb6b46c0111f9909279b58df123efa6 > > which explains how to trace instructions using qemu. I tried the method > they > > gave within the "Trace instructions in full system emulation" section, > but > > somehow I could not make it work. > > Then I tried using gdb debugger to singlestep through the instructions > (as > > explained in http://thread.gmane.org/gmane.comp.emulators.qemu/16604), > but > > neither gdb nor singlestep option worked for me with marss. Also when I > try > > "printf" in qemu files (e.g. translate.c function disas_insn), it does > not > > print anything. > > I would appreciate if you can point me to the correct functions to > change, > > and where-what to print to get the trace file? > > I also need to get the trace of the micro-ops in the same format I > explained > > (micro-op and register). Is there any automatic way to get that? If not, > > what to do to acquire that kind of trace file? > >>> > >>> Also I could not make the trace_to_func.py file which Avadh gave. It > says > >>> its usage as "trace_to_func.py [options] trace_file outputfile". I > >>> use ptl_rip_trace as trace_file and leave the options empty, but it > always > >>> gives the same Usage message. > >> > >> Did you specify the 'outputfile' ? > > > > Yes, I specified a filename for output. Still the following output comes > up: > > > > $ ./trace_to_func.py ptl_rip_trace output.txt > > Usage: trace_to_func.py [options] trace_file outputfile > > > > trace_to_func.py -h for help > > > > Thanks a lot for your help and for the great effort you put into marss. > > Best, > > Aziz > > _______________________________________________ > > http://www.marss86.org > > Marss86-Devel mailing list > > [email protected] > > https://www.cs.binghamton.edu/mailman/listinfo/marss86-devel > > > > >
_______________________________________________ http://www.marss86.org Marss86-Devel mailing list [email protected] https://www.cs.binghamton.edu/mailman/listinfo/marss86-devel
