I want to modify the implementation of rdtsc assembly instruction, i.e., I want to modify at the fundamental level, what happens when rdtsc assembly instruction is invoked.
I am working on a QEMU Virtual Machine running on an Intel Core2 Duo processor. The Instruction Set Architecture is i686.
To locate the portion of QEMU Source Code dealing with rdtsc call, I did a grep over the entire source code and found the function helper_rdtsc() in the file target-i386/misc_helper.c to be the key suspect. So I did the following modification in this file:
.
.
/* modification start at header inclusion */
#include <stdio.h>
#include <inttypes.h>
static const uint64_t myconst = 81926483;
/* modification end at header inclusion */
.
.
void helper_rdtsc(CPUX86State *env)
{
uint64_t val;
if ((env->cr[4] & CR4_TSD_MASK) && ((env->hflags & HF_CPL_MASK) != 0)) {
raise_exception(env, EXCP0D_GPF);
}
cpu_svm_check_intercept_param(env, SVM_EXIT_RDTSC, 0);
val = cpu_get_tsc(env) + env->tsc_offset;
/* modification start within helper_rdtsc() */
val = val % myconst;
printf("rdtsc return = %" PRIu64 "//printed from source code\n", val);
/* modification end within helper_rdtsc() */
env->regs[R_EAX] = (uint32_t)(val);
env->regs[R_EDX] = (uint32_t)(val >> 32);
}
Then I compiled QEMU from this modified source code, mounted Ubuntu 12.04 as the Guest-OS, and ran a test C code which accessed rdtsc through the following function:
int64_t myrdtsc(void)
{
int64_t tick;
asm volatile("rdtsc" : "=A" (tick));
return tick;
}
Naturally, on executing this test code, I expected the value returned through tick to be less than myconst. Also I expected the statement rdtsc return = <somevalue> //printed from source code to be printed as a part of the rdtsc call. However none of it happened.
Am I modifying the right portion of the QEMU source code? If yes, is there an error in the modifications I have made? If no, where should I look for in the source code to do the desired modification?