Re: How can I compile just the TCG plugins?

[Alex Bennée]

Alessandro Bertulli <alessandro.bertulli96@gmail.com> writes:

> Hi all!
>
> I need to simulate some code for a bare metal ARM application, and get a
> trace of every machine instruction that gets executed.
>
> Attaching GDB to the qemu-system-arm works, but of course it is slow.
>
> Running `qemu-system-arm -d in_asm` doesn't record every time an
> instruction gets executed, so I cannot use that.

This will only display at translation time, so when the code is first
encountered.

> Running `qemu-system-arm -d cpu` apparently doesn't execute all the
> instructions. I mean, There is a section of my code that does get executed
> (I see that from GDB), but looking at the program counter (R15, since
> this is ARM) the addresses of these instructions don't appear in the
> trace I get. Taking a closer inspection, it seems that a conditional
> branch gets executed when debugging, but not in "normal" QEMU

That would be weird. However CPU will "miss" code that doesn't return to
the main loop due to TB patching. -d nochain will ensure exec and cpu
traces are complete as we return to the run loop after every TB.

> My last resort apart from using GDB is to use one of the TGC plugins, as
> I see on the documentation:
> https://qemu.readthedocs.io/en/latest/devel/tcg-plugins.html (in
> particular, contrib/plugins/execlog.c should be what I need). But I will
> need to ship this tool to other people, so I cannot really ask them to
> recompile all of QEMU's codebase just to access one single plugin.
>
> So my question is: can I compile just the plugins, so that I can link
> against them?

Yes. "make plugins" will build them. Assuming the QEMU is new enough to
support plugins and there hasn't been an API change the plugin can be
used with the older QEMU.

>
> Thanks!


-- 
Alex Bennée
Virtualisation Tech Lead @ Linaro