|
From: Peter H. <pe...@se...> - 2005-12-06 07:17:41
|
I'm working on an academic research project involving profiling, and we're using the lackey tool that comes with valgrind. We'd like to extend the tool to count more specific instructions, like x86 push and pop, for example. In lackey, lk_instrument() switches on st->tag, where st is the current IRStmt in the basic block; if the tag is Ist_Tmp, it also switches on expr->tag. Question 1: from the possible values of the IRStmt and IRExpr tags (those currently defined in libvex_ir.h), is it possible to determine whether st represents a host push/pop/etc. instruction? I suspect that it's not possible, because the information is lost in the VEX translation. Question 2 (answer me this question and I can probably answer question 1 myself): where in the source code are the tags for st set? We've been trying to trace it for a while, but have been unsuccessful so far. If we can find where the tags are set, then we could add any tags we need for the profiling we want to do. Maybe the answer to this question isn't as simple as I think it might be; if I'm misunderstanding any of this, please correct me. We're working with the source code for valgrind 3.1.0. Thanks, Peter |
|
From: Nicholas N. <nj...@cs...> - 2005-12-06 15:48:57
|
On Tue, 6 Dec 2005, Peter Hornyack wrote: > I'm working on an academic research project involving profiling, and we're > using the lackey tool that comes with valgrind. We'd like to extend the tool > to count more specific instructions, like x86 push and pop, for example. > > In lackey, lk_instrument() switches on st->tag, where st is the current > IRStmt in the basic block; if the tag is Ist_Tmp, it also switches on > expr->tag. > > Question 1: from the possible values of the IRStmt and IRExpr tags (those > currently defined in libvex_ir.h), is it possible to determine whether st > represents a host push/pop/etc. instruction? I suspect that it's not > possible, because the information is lost in the VEX translation. It's not really possible. Valgrind's IR is deliberately architecture-neutral so that you can write each tool once and have it work on all architectures. The downside of this is that you can't really work with the original instructions. You might have more luck with DynamoRIO or Pin, both of which let you instrument code like Valgrind, but give you access to the original instruction stream. I think I've seen a Pin tool that counts x86 instructions. They're also faster if you're doing simple things like counting instructions. > Question 2 (answer me this question and I can probably answer question 1 > myself): where in the source code are the tags for st set? We've been trying > to trace it for a while, but have been unsuccessful so far. If we can find > where the tags are set, then we could add any tags we need for the profiling > we want to do. I think it's VEX/priv/guest-*/toIR.c. Nick |
|
From: Peter H. <pe...@se...> - 2005-12-06 22:44:25
|
Thanks for your response, Nick. I found that the functions that set the tags. In irdefs.c, there are IRStmt constructors for each of the IRStmt tag types (Store, Tmp, etc...) that set them. Like Nick said, these constructors get called in toIr.c. A lot. It would be an extraordinary task to go through all of these occurrences, find the ones that match what we want to keep track of, and add our own tags, so I think we'll pursue using one of the other tools Nick mentioned. Peter Quoting Nicholas Nethercote <nj...@cs...>: > On Tue, 6 Dec 2005, Peter Hornyack wrote: > > > I'm working on an academic research project involving profiling, and we're > > > using the lackey tool that comes with valgrind. We'd like to extend the > tool > > to count more specific instructions, like x86 push and pop, for example. > > > > In lackey, lk_instrument() switches on st->tag, where st is the current > > IRStmt in the basic block; if the tag is Ist_Tmp, it also switches on > > expr->tag. > > > > Question 1: from the possible values of the IRStmt and IRExpr tags (those > > currently defined in libvex_ir.h), is it possible to determine whether st > > represents a host push/pop/etc. instruction? I suspect that it's not > > possible, because the information is lost in the VEX translation. > > It's not really possible. Valgrind's IR is deliberately > architecture-neutral so that you can write each tool once and have it work > on all architectures. The downside of this is that you can't really work > with the original instructions. > > You might have more luck with DynamoRIO or Pin, both of which let you > instrument code like Valgrind, but give you access to the original > instruction stream. I think I've seen a Pin tool that counts x86 > instructions. They're also faster if you're doing simple things like > counting instructions. > > > Question 2 (answer me this question and I can probably answer question 1 > > myself): where in the source code are the tags for st set? We've been > trying > > to trace it for a while, but have been unsuccessful so far. If we can find > > > where the tags are set, then we could add any tags we need for the > profiling > > we want to do. > > I think it's VEX/priv/guest-*/toIR.c. > > Nick > |