On 26.08.2011, at 16:52, Benjamin Ylvisaker wrote: > On Fri, 26 Aug 2011 19:35 +0200, "Lluís" <xscr...@gmx.net> wrote: >> Benjamin Ylvisaker writes: >> >>> I am working on a project for which I'd like to gather statistics >>> about register usage. (For example, distributions of degree-of-use >>> and dynamic lifetimes of register-values.) Is QEMU a good tool for >>> doing this kind of work? Has anyone else done this? I looked at the >>> tracing available in QEMU and it seems to be mostly for higher level >>> things like memory accesses, function calls, basic block executions, >>> etc. >> >> This is not currently possible. >> >> In fact, I've been developing (somewhat in the background) the kind of >> features you're asking for, but it will still be at least a couple of >> months before it's in a publishable state. >> >> Meanwhile, there are some tools you can use to accomplish this >> (depending on your requirements), like valgrind or pintool. > > By "not currently possible" do you mean the current tracing facilities > don't support register/instruction granularity, or that there's > something in the QEMU architecture itself that would require substantial > changes to gather such information? I am willing to put in a fair bit > of hacking effort. I only have a cursory understanding of the internals > of QEMU, but shouldn't it be possible to hack the instruction > translations to do some extra work? > > I had been under the impression that QEMU was more likely to do what I > want than Valgrind or Pin. I thought those tools were a bit higher > level and had no intention of giving instruction-granularity control of > the guest program. I will take another look, though.
If all you need are register access counters, you can simply have tcg increment a var whenever a register is used. Obviously, you'd have to go through all the code to make sure that it uses your wrapper, but I don't see why it wouldn't work :) Valgrind is a JIT as well, so putting it in there would work as well as in QEMU. Alex