Skip to content

Commit

Permalink
add env to debug trace info
Browse files Browse the repository at this point in the history
  • Loading branch information
damienmaier committed Dec 6, 2023
1 parent 66d79db commit 8f3b3a8
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions linux-user/main.c
Original file line number Diff line number Diff line change
Expand Up @@ -615,6 +615,7 @@ static void save_memory_areas(void * env, struct image_info * info){
}

fprintf(f, format, "mxcsr", env + offsetof(CPUX86State, mxcsr));
fprintf(f, format, "env", env);
fprintf(f, format, "xmm_regs", env + offsetof(CPUX86State, xmm_regs));
fprintf(f, format, "xmm_t0", env + offsetof(CPUX86State, xmm_t0));

Expand Down

7 comments on commit 8f3b3a8

@prankster009
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hello, i have read you paper about port the symqemu to qemu version 8. You have detailed the cpu execution workflow of the qemu, explained the difficulties you encountered in the process and how you solved it, I learned a lot in the process, thank you for your selfless sharing.
I am interested in this process, so i am going to find the codes you add to solves these problems. I want to debug these codes, and i think it can help me imporve the understanding of the qemu and symqemu.
i can find the codes that deal with the vector instruction instrucmentation in the latest qemu, but there is no code about the symbolic tracing and snapshot. i want to debug the differences of old and new symqemu by myself.

I find your resposity (https://github.com/damienmaier/symqemu) has the code about the symbolic tracing, so i can learn this technique by following various commits in different branches.
But when i compile the symqemu of your resposity, i meet these error:
accel/tcg/tcg-runtime-sym.c:657: undefined reference to _sym_trace_execution' /usr/bin/ld: linux-user/syscall.o: in function do_syscall1':
linux-user/syscall.c:9271: undefined reference to `_sym_finalize_tracing'

it seems that the backend api of symbolic tracing do not exist in the symcc. but i coult not find the backend api implementation of symbolic tracing in the https://github.com/eurecom-s3/symcc.
can you help me deal with this situation?

the commit version i use is bellow:
symqemu: 8f3b3a8
symcc: d379bcdad1271e0e8037436c35f35161f4fd0f77

@aurelf
Copy link

@aurelf aurelf commented on 8f3b3a8 Jul 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, the tracing isn't merged in the mainline symcc/symqemu and it could be that the PR (or damien's branch) is out of date with the current symqemu/symcc-rt reorganisation.
This would explain the missing symbol.
I would start checking this PR here:
eurecom-s3/symcc#157
and getting the code up to date with the main branch

@prankster009
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, I see. Thank you a lot for your answer. and i now going to see the commits in eurecom-s3/symcc#157.

@damienmaier
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @prankster009

I see that @aurelf was faster than me, but yes exactly, the missing backend feature is in the symcc PR above. There is also some python code for parsing the json trace here : https://github.com/damienmaier/symcc/tree/master/util/symbolic_trace/symcctrace

I am glad my work was helpful to you, dont hesitate if I can provide any further help.

@prankster009
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @damienmaier

I follow the commit mentioned above, and find the symcc that contains the codes about symbolic tracing.

I have been succeed to compiled the symqemu of master branch(https://github.com/damienmaier/symqemu, symqemu 4) and trace-each-instr branch(https://github.com/damienmaier/symqemu/tree/trace-each-instr, symqemu 8) with modified symcc(https://github.com/damienmaier/symcc). After test, the symqemu generate backend_trace.json and symqemu_addresses.json, containing the symbolic trace and memory mapping information. So that I can debug it by myself.

But there are still somethings seems wrong.
when i compiled the symcc, although i can build the symcc binary and related lib used by symqemu, there are some checks not passed. I am not sure whether the reason of the check failure is the inacccuracy of the modified symcc or the output format of modified symcc. can you explain this for me?

The following are the information:

when i compile symcc master branch, output is bellow:

-- Testing: 26 tests, 4 workers --                                                                               
FAIL: compiler :: bcopy_bcmp_bzero.c (1 of 26)                                                                                                                                                                                     
******************** TEST 'compiler :: bcopy_bcmp_bzero.c' FAILED ********************                                                                                                                                             
Exit Code: 1                                                                                                     
                                                                                                                                                                                                                                   
Command Output (stdout):                                                                                                                                                                                                           
--                                     
# RUN: at line 15                        
/home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/../symcc -O2 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/bcopy_bcmp_bzero.c -o /home/io
t_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/bcopy_bcmp_bzero.c.tmp                                                                                                               
# executed command: /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/../symcc -O2 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/bcopy_bcmp
_bzero.c -o /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/bcopy_bcmp_bzero.c.tmp                                                                                           
# .---command stderr------------                                                                                                                                                                                                   
# | Symbolizer module instrumentation
# | Symbolizing function handle_test_case              
# | Symbolizing function main        
# `-----------------------------                     
# RUN: at line 16                          
env SYMCC_MEMORY_INPUT=1 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/bcopy_bcmp_bzero.c.tmp 2>&1 | FileCheck --check-prefix=QSYM --check-prefix=ANY --allow-unused-prefix
es /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/bcopy_bcmp_bzero.c   
# executed command: env SYMCC_MEMORY_INPUT=1 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/bcopy_bcmp_bzero.c.tmp                                                          
# executed command: FileCheck --check-prefix=QSYM --check-prefix=ANY --allow-unused-prefixes /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/bcopy_bcmp_bzero.c                           
# .---command stderr------------                        
# | /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/bcopy_bcmp_bzero.c:63:11: error: QSYM: expected string not found in input                                                             
# |  // QSYM: Solved: 1                        
# |           ^                                                                                                  
# | <stdin>:1:1: note: scanning from here
# | This is SymCC running with the QSYM backend         
# | ^                                
# | <stdin>:9:1: note: possible intended match here     
# | Solved: 0                                           
# | ^                                                                                                                                                                                                                              
# |                                                                                                                                                                                                                                
# | Input file: <stdin>                                                                                                                                                                                                            
# | Check file: /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/bcopy_bcmp_bzero.c                                                                                                        
# |                             
# | -dump-input=help explains the following input dump. 
# |                                                                                                                                                                                                                                
# | Input was:                             
# | <<<<<<                                              
# |             1: This is SymCC running with the QSYM backend                                                                                                                                                                     
# | check:63'0     X~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ error: no match found                                                                                                                                              
# |             2: [STAT] SMT: { "solving_time": 0, "total_time": 4494 }                                         
# | check:63'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                                                                                                                                                          
# |             3: [STAT] SMT: { "solving_time": 6192 }                                                                                                                                                                            
# | check:63'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                                                         
# |             4: [INFO] New testcase: /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/SymccOutput/000000                                                                          
# | check:63'0     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~                                                                         
# |             5: New testcase hex :  
# | check:63'0     ~~~~~~~~~~~~~~~~~~~~  
# |             6: 62617200                                                                                                                                                                                                        
# | check:63'0     ~~~~~~~~~                                                                                                                                                                                                       
# |             7: New testcase ascii :                                                                                                                                                                                            
# | check:63'0     ~~~~~~~~~~~~~~~~~~~~~~                                                                                                                                                                                          
# |             8: bar                                                                                                                                                                                                             
# | check:63'0     ~~~~~             
# |             9: Solved: 0                           
# | check:63'0     ~~~~~~~~~~        
# | check:63'1     ?          possible intended match
# | >>>>>>                                 
# `-----------------------------                                                                                                                                                                                                   
# error: command failed with exit status: 1                                                                      
                                                                                                                                                                                                                                   
--                                                                                                                                                                                                                                 
                                                        
********************                                                                                                                                                                                                               
FAIL: compiler :: test_case_handler.c (2 of 26)
******************** TEST 'compiler :: test_case_handler.c' FAILED ********************                          
Exit Code: 1                             
                                                        
Command Output (stdout):             
--                                                      
# RUN: at line 15                                       
/home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/../symcc -O2 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/test_case_handler.c -o /home/i
ot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/test_case_handler.c.tmp                                                                                                             
# executed command: /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/../symcc -O2 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/test_case_
handler.c -o /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/test_case_handler.c.tmp                                                                                         
# .---command stderr------------
# | Symbolizer module instrumentation
# | Symbolizing function handle_test_case                                                                                                                                                                                          
# | Symbolizing function main              
# `-----------------------------                        
# RUN: at line 16                                                                                                                                                                                                                  
env SYMCC_MEMORY_INPUT=1 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/test_case_handler.c.tmp 2>&1 | FileCheck --check-prefix=QSYM --check-prefix=ANY --allow-unused-prefi
xes /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/test_case_handler.c 
# executed command: env SYMCC_MEMORY_INPUT=1 /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/Output/test_case_handler.c.tmp                                                         
# executed command: FileCheck --check-prefix=QSYM --check-prefix=ANY --allow-unused-prefixes /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/test_case_handler.c                          
# .---command stderr------------                                                                                 
# | /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/test_case_handler.c:51:11: error: QSYM: expected string not found in input                                                            
# |  // QSYM: 1                                                                                                                                                                                                                    
# |           ^                        
# | <stdin>:5:3: note: scanning from here
# | no                                                                                                                                                                                                                             
# |   ^                                                                                                                                                                                                                            
# |                                                                                                                                                                                                                                
# | Input file: <stdin>                                                                                                                                                                                                            
# | Check file: /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/test/test_case_handler.c                                                                                                       
# |                                  
# | -dump-input=help explains the following input dump.
# |                                  
# | Input was:                                       
# | <<<<<<                                 
# |           1: This is SymCC running with the QSYM backend                                                                                                                                                                       
# |           2: [STAT] SMT: { "solving_time": 0, "total_time": 3516 }                                           
# |           3: [STAT] SMT: { "solving_time": 6463 }                                                                                                                                                                              
# |           4: [INFO] New testcase: /home/iot_2204/Symqemu_learn/symqemu_damienmaier/symqemu_branch_master/symcc_master/build/test/SymccOutput/000000                                                                            
# |           5: no                                     
# | check:51       X error: no match found                                                                                                                                                                                         
# |           6: 0                             
# | check:51     ~~                                                                                              
# |           7: 0                       
# | check:51     ~~                                     
# |           8: New testcase hex :  
# | check:51     ~~~~~~~~~~~~~~~~~~~~                   
# |           9: ab                                     
# | check:51     ~~~                                                                                                                                                                                                               
# |          10: New testcase ascii :                                                                                                                                                                                              
# | check:51     ~~~~~~~~~~~~~~~~~~~~~~                                                                                                                                                                                            
# |          11: �                                                                                                                                                                                                                 
# | check:51     ~~             
# | >>>>>>     
# | >>>>>>                                                                                                                                                                                                                         
# `-----------------------------                                                                                                                                                                                                   
# error: command failed with exit status: 1
                                                        
--                                                                                                                                                                                                                                 
                                                                                                                                                                                                                                   
********************                                                                                             
PASS: compiler :: globals.c (3 of 26)                                                                                                                                                                                              
PASS: compiler :: if.c (4 of 26)                                                                                                                                                                                                   
PASS: compiler :: structs.c (5 of 26)                                                                            
PASS: compiler :: loop.c (6 of 26)                                                                                                                                                                                                 
PASS: compiler :: large_alloc.c (7 of 26)                                                                                                                                                                                          
PASS: compiler :: memcpy.c (8 of 26)   
PASS: compiler :: file_input.c (9 of 26) 
PASS: compiler :: regression/cxa_vector.ll (10 of 26)                                                                                                                                                                              
PASS: compiler :: switch.c (11 of 26)                                                                                                                                                                                              
PASS: compiler :: bswap.c (12 of 26)                                                                                                                                                                                               
PASS: compiler :: pointers.c (13 of 26)                                                                                                                                                                                            
PASS: compiler :: strings.c (14 of 26)                                                                                                                                                                                             
PASS: compiler :: read.c (15 of 26)  
PASS: compiler :: arrays.c (16 of 26)                  
PASS: compiler :: floats.c (17 of 26)
PASS: compiler :: usub_sat.ll (18 of 26)             
PASS: compiler :: memory_input.c (19 of 26)
PASS: compiler :: propagation_select.c (20 of 26)                                                                                                                                                                                  
PASS: compiler :: symbolic_structs.ll (21 of 26)                                                                 
PASS: compiler :: integers.c (22 of 26)                                                                                                                                                                                            
PASS: compiler :: bool_cast.c (23 of 26)                                                                                                                                                                                           
PASS: compiler :: concrete_structs.ll (24 of 26)        
PASS: compiler :: load_store.ll (25 of 26)                                                                                                                                                                                         
PASS: compiler :: uadd_sat.ll (26 of 26)       
********************                                                                                             
Failed Tests (2):                        
  compiler :: bcopy_bcmp_bzero.c                        
  compiler :: test_case_handler.c    
                                                        
                                                        
Testing Time: 1.72s                                                                                                                                                                                                                
                                                                                                                                                                                                                                   
Total Discovered Tests: 26                                                                                                                                                                                                         
  Passed: 24 (92.31%)                                                                                                                                                                                                              
  Failed:  2 (7.69%)

when i compiled the symcc pr-symbolic-trace bramch, the output is bellow:

********************
PASS: compiler :: bswap.c (14 of 26)
PASS: compiler :: regression/cxa_vector.ll (15 of 26)
PASS: compiler :: if.c (16 of 26)
PASS: compiler :: arrays.c (17 of 26)
PASS: compiler :: floats.c (18 of 26)
PASS: compiler :: strings.c (19 of 26)
PASS: compiler :: usub_sat.ll (20 of 26)
PASS: compiler :: integers.c (21 of 26)
PASS: compiler :: load_store.ll (22 of 26)
PASS: compiler :: symbolic_structs.ll (23 of 26)
PASS: compiler :: concrete_structs.ll (24 of 26)
PASS: compiler :: memory_input.c (25 of 26)
PASS: compiler :: uadd_sat.ll (26 of 26)
********************
Failed Tests (13):
  compiler :: bcopy_bcmp_bzero.c
  compiler :: bool_cast.c
  compiler :: file_input.c
  compiler :: globals.c
  compiler :: large_alloc.c
  compiler :: loop.c
  compiler :: memcpy.c
  compiler :: pointers.c
  compiler :: propagation_select.c
  compiler :: read.c
  compiler :: structs.c
  compiler :: switch.c
  compiler :: test_case_handler.c


Testing Time: 1.66s

Total Discovered Tests: 26
  Passed: 13 (50.00%)
  Failed: 13 (50.00%)

@damienmaier
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't remember having run the symcc tests on my fork where I added the tracing feature.
Some content that appears on the failing test output is some prints that I added in my fork of symcc ("new testcase hex", "new testcase ascii").
So I guess that these prints that I added broke the tests.

@damienmaier
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These prints are not present in the PR, which should explain why the errors related to the prints appear on the master branch but not on the pr branch. Regarding the other failing tests, I do not know the cause, but you probably did nothing wrong, I think I broke them when adding the tracing feature and I didnt notice at the time.

Please sign in to comment.