qemu

QEMU †

• What is QEMU?

   QEMU is a generic and open source machine emulator and virtualizer.

• qemu https://www.qemu.org/

debug buildの参考になりそう †

• brewでのビルド設定

    $brew cat qemu

• 検索したら出てきたweb page https://www.cnblogs.com/root-wang/p/8005212.html

mac osでのビルド時に必要になりそうなパッケージ †

 "libtool" => :build
 "pkg-config" => :build
 "glib"
 "gnutls"
 "jpeg"
 "libpng"
 "libssh2"
 "libusb"
 "ncurses"
 "pixman"
 "vde"

linuxでのdebug build †

• https://www.cnblogs.com/root-wang/p/8005212.html が参考になりそう

     ./configure --target-list=i386-softmmu,x86_64-softmmu,arm-softmmu,arm-linux-user --enable-kvm --enable-debug --prefix=$HOME/build/qemu

debug時のおすすめ †

   (gdb) b disas_arm_insn
   Breakpoint 2 at 0x555555691c55: file /home/syster_clown/src/qemu-4.0.0/target/arm/translate.c, line 9180.
   (gdb) r
   Starting program: /home/syster_clown/build/qemu/bin/qemu-arm ../localhost/sample-32
   [Thread debugging using libthread_db enabled]
   Using host libthread_db library "/lib64/libthread_db.so.1".
   [New Thread 0x7ffff7acf700 (LWP 1981)]
   Thread 1 "qemu-arm" hit Breakpoint 2, disas_arm_insn (s=0x7fffffffd3e0, insn=3852271616)
       at /home/syster_clown/src/qemu-4.0.0/target/arm/translate.c:9180
   9180        if (arm_dc_feature(s, ARM_FEATURE_M)) {
   (gdb) bt
   #0  disas_arm_insn (s=0x7fffffffd3e0, insn=3852271616) at /home/syster_clown/src/qemu-4.0.0/target/arm/translate.c:9180
   #1  0x000055555569cc7b in arm_tr_translate_insn (dcbase=0x7fffffffd3e0, cpu=0x555557a94f30)
       at /home/syster_clown/src/qemu-4.0.0/target/arm/translate.c:13483
   #2  0x00005555556200eb in translator_loop (ops=0x5555559d8ba0 <arm_translator_ops>, db=0x7fffffffd3e0, cpu=0x555557a94f30, 
       tb=0x555555a77040 <static_code_gen_buffer+2272>) at /home/syster_clown/src/qemu-4.0.0/accel/tcg/translator.c:107
   #3  0x000055555569d3e4 in gen_intermediate_code (cpu=0x555557a94f30, tb=0x555555a77040 <static_code_gen_buffer+2272>)
       at /home/syster_clown/src/qemu-4.0.0/target/arm/translate.c:13772
   #4  0x000055555561e699 in tb_gen_code (cpu=0x555557a94f30, pc=415056, cs_base=0, flags=128, cflags=-16777216)
       at /home/syster_clown/src/qemu-4.0.0/accel/tcg/translate-all.c:1723
   #5  0x000055555561bbbe in tb_find (cpu=0x555557a94f30, last_tb=0x0, tb_exit=0, cf_mask=0)
       at /home/syster_clown/src/qemu-4.0.0/accel/tcg/cpu-exec.c:407
   #6  0x000055555561c328 in cpu_exec (cpu=0x555557a94f30) at /home/syster_clown/src/qemu-4.0.0/accel/tcg/cpu-exec.c:728
   #7  0x000055555565bcf6 in cpu_loop (env=0x555557a9d1f0) at /home/syster_clown/src/qemu-4.0.0/linux-user/arm/cpu_loop.c:218
   #8  0x000055555562a725 in main (argc=2, argv=0x7fffffffdea8, envp=0x7fffffffdec0)
       at /home/syster_clown/src/qemu-4.0.0/linux-user/main.c:819

qemu よみ †

• armの命令のエミュレータを読むには qemu-arm をトレースしていく
• 内部で中間表現を生成している
• 中間形式はTCG(Tiny Code Generator )と呼ばれる