Home | History | Annotate | Download | only in docs 
      1 This document details how the Android-specific -trace <name> instruction works.
      2 
      3 hw/goldfish_trace.c:
      4 
      5 - virtual hardware i/o memory used by the goldfish kernel to send event information
      6   to the emulator (e.g. context switches, forks, execs, etc...). Used by both -trace
      7   and -memcheck implementations.
      8 
      9 trace.c/trace.h:
     10 
     11 - support functions for the runtime tracing facility. E.g. record static/dynamic
     12   blocks, compute instruction sizes, etc..
     13 
     14 trace_common.h:
     15 
     16 - a header included by "trace.h" but also by the sources of the trace file processor
     17   tool (sdk/emulator/qtools). Defines common data structures and types only.
     18 
     19 target-arm/translate.c:
     20 
     21 - each new translated basic block is recorded by:
     22 
     23     1. calling trace_bb_start()
     24     2. for each instruction in the block, calling trace_bb_insn()
     25     3. calling trace_bb_end() at the end of the basic block.
     26 
     27   this is done at "translation time".
     28 
     29 - each basic block is translated into a "tb" of x86 machine code that
     30   will have, at its start, a call to a helper function like:
     31 
     32      trace_bb_helper(bb_num, tb)
     33 
     34   where 'bb_num' is the unique 64-bit ID of the original basic block.
     35 
     36   -> at "execution time", we record which BB are executed.
     37 
     38 - we record context switches and other events from goldfish_trace.c through
     39   functions like trace_switch(), trace_fork(), trace_exception(), etc...
     40   (see trace.c, some of these miss a declaration in trace.h)
     41 
     42 - see genTraceTicks(), genTraceBB()
     43 
     44 - the number of virtual CPU cycles / instruction is returned by get_insn_ticks_arm()
     45   (implemented in trace.c). This does not account for dynamic data interlocks or
     46   variable cycles due to operand sizes (e.g. multiplications instructions).
     47 
     48 
     49 target-arm/helpers.h:
     50 
     51 - contains a list of helper functions that are going to be called by x86 machine code
     52   at runtime. see #ifdef CONFIG_TRACE .. #endif
     53 
     54 target-arm/helpers.c:
     55 
     56 - implementation of the helper functions. see #ifdef CONFIG_TRACE .. #endif at the end
     57 
     58 - helper traceTicks(ticks): used to record that we executed 'ticks' simulated ARM CPU
     59   cycles. This just increments a global uint64_t counter.
     60 
     61 - helper traceInsn(): used to record that we executed properly a single instruction.
     62   this allows to properly recover/profile when a basic block is exited by an exceptional
     63   condition (e.g. a signal, a page fault, etc...), instead of reaching its end.
     64 
     65 - helper_traceBB32/traceBB64: used to record that we entered a given basic block at
     66   runtime. Simply calls trace_bb_helper()
     67