On 22 March 2018 at 22:34, Arnabjyoti Kalita <akal...@cs.stonybrook.edu> wrote: > From what I can see from the logs, it is quite hard to tell why this occurs. > I am afraid I might have to disagree with your point 2. If it was an MMU > page fault, one of the TCG blocks would have started executing the page > fault handlers already - which I do not see in the TCG execution flow yet > and a page fault in the kernel would anyway be dangerous. ( I am not aware > of any other scenarios of MMU faults in the guest though ).
*You* can see that. What I said was that I couldn't tell whether it was that or not from the logs you sent in your email, which is true :-) > It is a bit likely that the -icount value probably ran out, much more likely > is that one of the loads/stores could be to an emulated device as you > explained. But atleast in the translation phase, the icount values correctly > count the number of instructions in the TCG block, even for cases like the > ones I described previously. If things go wrong in the final host code > execution phase, the code jumping to the middle of the TB could happen. > > I see this pattern quite irregularly across other Translation Blocks as well > (not many times, but they are scattered around). > > I would have to take this irregularity into consideration with the use of > -icount as I try to analyze the execution flow. You can't analyse execution flow from the translation-time events. You need to look at execution time logs for that (-d exec). You don't need to care if we translate a TB once or many times, only what TBs we actually executed. thanks -- PMM
