diff options
| author | Simon Hamelin <simon.hamelin@grenoble-inp.org> | 2024-07-18 10:45:12 +0100 |
|---|---|---|
| committer | Alex Bennée <alex.bennee@linaro.org> | 2024-07-22 09:37:56 +0100 |
| commit | 58fc249d9ebd7c6ed979cbf039ccfa93d1bae2b9 (patch) | |
| tree | bff7c6d8adee16755e9fb24ee0ed61de0aa46eeb /docs | |
| parent | e8122a7118eb22ace9e60c91bfbf2d4bbfc6f15a (diff) | |
| download | qemu-58fc249d9ebd7c6ed979cbf039ccfa93d1bae2b9.zip qemu-58fc249d9ebd7c6ed979cbf039ccfa93d1bae2b9.tar.gz qemu-58fc249d9ebd7c6ed979cbf039ccfa93d1bae2b9.tar.bz2 | |
plugins/stoptrigger: TCG plugin to stop execution under conditions
This new plugin allows to stop emulation using conditions on the
emulation state. By setting this plugin arguments, it is possible
to set an instruction count limit and/or trigger address(es) to stop at.
The code returned at emulation exit can be customized.
This plugin demonstrates how someone could stop QEMU execution.
It could be used for research purposes to launch some code and
deterministically stop it and understand where its execution flow went.
Co-authored-by: Alexandre Iooss <erdnaxe@crans.org>
Signed-off-by: Simon Hamelin <simon.hamelin@grenoble-inp.org>
Signed-off-by: Alexandre Iooss <erdnaxe@crans.org>
Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>
Message-Id: <20240715081521.19122-2-simon.hamelin@grenoble-inp.org>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20240718094523.1198645-5-alex.bennee@linaro.org>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/devel/tcg-plugins.rst | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/docs/devel/tcg-plugins.rst b/docs/devel/tcg-plugins.rst index f7d7b9e..954623f 100644 --- a/docs/devel/tcg-plugins.rst +++ b/docs/devel/tcg-plugins.rst @@ -642,6 +642,28 @@ The plugin has a number of arguments, all of them are optional: configuration arguments implies ``l2=on``. (default: N = 2097152 (2MB), B = 64, A = 16) +- contrib/plugins/stoptrigger.c + +The stoptrigger plugin allows to setup triggers to stop emulation. +It can be used for research purposes to launch some code and precisely stop it +and understand where its execution flow went. + +Two types of triggers can be configured: a count of instructions to stop at, +or an address to stop at. Multiple triggers can be set at once. + +By default, QEMU will exit with return code 0. A custom return code can be +configured for each trigger using ``:CODE`` syntax. + +For example, to stop at the 20-th instruction with return code 41, at address +0xd4 with return code 0 or at address 0xd8 with return code 42:: + + $ qemu-system-aarch64 $(QEMU_ARGS) \ + -plugin ./contrib/plugins/libstoptrigger.so,icount=20:41,addr=0xd4,addr=0xd8:42 -d plugin + +The plugin will log the reason of exit, for example:: + + 0xd4 reached, exiting + Plugin API ========== |