1
2
3
4
5
6
7
8
9
10
11
12#include <inttypes.h>
13#include <assert.h>
14#include <stdlib.h>
15#include <inttypes.h>
16#include <string.h>
17#include <unistd.h>
18#include <stdio.h>
19#include <glib.h>
20
21#include <qemu-plugin.h>
22
23QEMU_PLUGIN_EXPORT int qemu_plugin_version = QEMU_PLUGIN_VERSION;
24
25static char header[] = "DRCOV VERSION: 2\n"
26 "DRCOV FLAVOR: drcov-64\n"
27 "Module Table: version 2, count 1\n"
28 "Columns: id, base, end, entry, path\n";
29
30static FILE *fp;
31static const char *file_name = "file.drcov.trace";
32static GMutex lock;
33
34typedef struct {
35 uint32_t start;
36 uint16_t size;
37 uint16_t mod_id;
38 bool exec;
39} bb_entry_t;
40
41
42static GPtrArray *blocks;
43
44static void printf_header(unsigned long count)
45{
46 fprintf(fp, "%s", header);
47 const char *path = qemu_plugin_path_to_binary();
48 uint64_t start_code = qemu_plugin_start_code();
49 uint64_t end_code = qemu_plugin_end_code();
50 uint64_t entry = qemu_plugin_entry_code();
51 fprintf(fp, "0, 0x%lx, 0x%lx, 0x%lx, %s\n",
52 start_code, end_code, entry, path);
53 fprintf(fp, "BB Table: %ld bbs\n", count);
54}
55
56static void printf_char_array32(uint32_t data)
57{
58 const uint8_t *bytes = (const uint8_t *)(&data);
59 fwrite(bytes, sizeof(char), sizeof(data), fp);
60}
61
62static void printf_char_array16(uint16_t data)
63{
64 const uint8_t *bytes = (const uint8_t *)(&data);
65 fwrite(bytes, sizeof(char), sizeof(data), fp);
66}
67
68
69static void printf_el(gpointer data, gpointer user_data)
70{
71 bb_entry_t *bb = (bb_entry_t *)data;
72 if (bb->exec) {
73 printf_char_array32(bb->start);
74 printf_char_array16(bb->size);
75 printf_char_array16(bb->mod_id);
76 }
77 g_free(bb);
78}
79
80static void count_block(gpointer data, gpointer user_data)
81{
82 unsigned long *count = (unsigned long *) user_data;
83 bb_entry_t *bb = (bb_entry_t *)data;
84 if (bb->exec) {
85 *count = *count + 1;
86 }
87}
88
89static void plugin_exit(qemu_plugin_id_t id, void *p)
90{
91 unsigned long count = 0;
92 g_mutex_lock(&lock);
93 g_ptr_array_foreach(blocks, count_block, &count);
94
95
96 printf_header(count);
97 g_ptr_array_foreach(blocks, printf_el, NULL);
98
99
100 g_ptr_array_free(blocks, true);
101
102 fclose(fp);
103
104 g_mutex_unlock(&lock);
105}
106
107static void plugin_init(void)
108{
109 fp = fopen(file_name, "wb");
110 blocks = g_ptr_array_sized_new(128);
111}
112
113static void vcpu_tb_exec(unsigned int cpu_index, void *udata)
114{
115 bb_entry_t *bb = (bb_entry_t *) udata;
116
117 g_mutex_lock(&lock);
118 bb->exec = true;
119 g_mutex_unlock(&lock);
120}
121
122static void vcpu_tb_trans(qemu_plugin_id_t id, struct qemu_plugin_tb *tb)
123{
124 uint64_t pc = qemu_plugin_tb_vaddr(tb);
125 size_t n = qemu_plugin_tb_n_insns(tb);
126
127 g_mutex_lock(&lock);
128
129 bb_entry_t *bb = g_new0(bb_entry_t, 1);
130 for (int i = 0; i < n; i++) {
131 bb->size += qemu_plugin_insn_size(qemu_plugin_tb_get_insn(tb, i));
132 }
133
134 bb->start = pc;
135 bb->mod_id = 0;
136 bb->exec = false;
137 g_ptr_array_add(blocks, bb);
138
139 g_mutex_unlock(&lock);
140 qemu_plugin_register_vcpu_tb_exec_cb(tb, vcpu_tb_exec,
141 QEMU_PLUGIN_CB_NO_REGS,
142 (void *)bb);
143
144}
145
146QEMU_PLUGIN_EXPORT
147int qemu_plugin_install(qemu_plugin_id_t id, const qemu_info_t *info,
148 int argc, char **argv)
149{
150 for (int i = 0; i < argc; i++) {
151 g_autofree char **tokens = g_strsplit(argv[i], "=", 2);
152 if (g_strcmp0(tokens[0], "filename") == 0) {
153 file_name = g_strdup(tokens[1]);
154 }
155 }
156
157 plugin_init();
158
159 qemu_plugin_register_vcpu_tb_trans_cb(id, vcpu_tb_trans);
160 qemu_plugin_register_atexit_cb(id, plugin_exit, NULL);
161
162 return 0;
163}
164
