• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1This document details how the Android-specific -trace <name> instruction works.
2
3hw/goldfish_trace.c:
4
5- virtual hardware i/o memory used by the goldfish kernel to send event information
6  to the emulator (e.g. context switches, forks, execs, etc...). Used by both -trace
7  and -memcheck implementations.
8
9trace.c/trace.h:
10
11- support functions for the runtime tracing facility. E.g. record static/dynamic
12  blocks, compute instruction sizes, etc..
13
14trace_common.h:
15
16- a header included by "trace.h" but also by the sources of the trace file processor
17  tool (sdk/emulator/qtools). Defines common data structures and types only.
18
19target-arm/translate.c:
20
21- each new translated basic block is recorded by:
22
23    1. calling trace_bb_start()
24    2. for each instruction in the block, calling trace_bb_insn()
25    3. calling trace_bb_end() at the end of the basic block.
26
27  this is done at "translation time".
28
29- each basic block is translated into a "tb" of x86 machine code that
30  will have, at its start, a call to a helper function like:
31
32     trace_bb_helper(bb_num, tb)
33
34  where 'bb_num' is the unique 64-bit ID of the original basic block.
35
36  -> at "execution time", we record which BB are executed.
37
38- we record context switches and other events from goldfish_trace.c through
39  functions like trace_switch(), trace_fork(), trace_exception(), etc...
40  (see trace.c, some of these miss a declaration in trace.h)
41
42- see genTraceTicks(), genTraceBB()
43
44- the number of virtual CPU cycles / instruction is returned by get_insn_ticks_arm()
45  (implemented in trace.c). This does not account for dynamic data interlocks or
46  variable cycles due to operand sizes (e.g. multiplications instructions).
47
48
49target-arm/helpers.h:
50
51- contains a list of helper functions that are going to be called by x86 machine code
52  at runtime. see #ifdef CONFIG_TRACE .. #endif
53
54target-arm/helpers.c:
55
56- implementation of the helper functions. see #ifdef CONFIG_TRACE .. #endif at the end
57
58- helper traceTicks(ticks): used to record that we executed 'ticks' simulated ARM CPU
59  cycles. This just increments a global uint64_t counter.
60
61- helper traceInsn(): used to record that we executed properly a single instruction.
62  this allows to properly recover/profile when a basic block is exited by an exceptional
63  condition (e.g. a signal, a page fault, etc...), instead of reaching its end.
64
65- helper_traceBB32/traceBB64: used to record that we entered a given basic block at
66  runtime. Simply calls trace_bb_helper()
67