While we do have a bunch of debugging we can turn on in cputlb there
is an argument for making tlb_fill a generally available trace point.
Any fault (via probe or access) will have to be preceded by a tlb_fill
for the address in question.
We don't bother logging the return address as that will be a host
address associated with translation and therefor can move around with
ASLR.
In my particular case I'm trying to track down a difference in memory
fault exception patterns between record and replay phases.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
---
accel/tcg/cputlb.c | 2 ++
accel/tcg/trace-events | 1 +
2 files changed, 3 insertions(+)
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
index db3f93fda9..c35df27caf 100644
--- a/accel/tcg/cputlb.c
+++ b/accel/tcg/cputlb.c
@@ -1308,6 +1308,8 @@ static void tlb_fill(CPUState *cpu, vaddr addr, int size,
{
bool ok;
+ trace_tlb_fill(addr, size, access_type, mmu_idx);
+
/*
* This is not a probe, so only valid return is success; failure
* should result in exception + longjmp to the cpu loop.
diff --git a/accel/tcg/trace-events b/accel/tcg/trace-events
index 4e9b450520..31dda01c12 100644
--- a/accel/tcg/trace-events
+++ b/accel/tcg/trace-events
@@ -9,6 +9,7 @@ exec_tb_exit(void *last_tb, unsigned int flags) "tb:%p flags=0x%x"
# cputlb.c
memory_notdirty_write_access(uint64_t vaddr, uint64_t ram_addr, unsigned size) "0x%" PRIx64 " ram_addr 0x%" PRIx64 " size %u"
memory_notdirty_set_dirty(uint64_t vaddr) "0x%" PRIx64
+tlb_fill(uint64_t vaddr, int size, int access_type, int mmu_idx) "0x%" PRIx64 "/%d %d %d"
# translate-all.c
translate_block(void *tb, uintptr_t pc, const void *tb_code) "tb:%p, pc:0x%"PRIxPTR", tb_code:%p"
--
2.39.2