We need to make these changes to qemu, to make our simulator workbench to capture all data we need, including all instruction disassemble lines and memory access records
1. git clone https://github.com/qemu/qemu.git
2. since latest qemu not work with xv6, so switch to v5.2.0 by git checkout tags/v5.2.0
3. modify accel/tcg/translate-all.c, infunction tb_gen_code, change this
if (phys_pc == -1) {
/* Generate a temporary TB with 1 insn in it */
cflags &= ~CF_COUNT_MASK;
cflags |= CF_NOCACHE | 1;
}To
if (phys_pc == -1 || true) {
/* Generate a temporary TB with 1 insn in it */
cflags &= ~CF_COUNT_MASK;
cflags |= CF_NOCACHE | 1;
}4. Edit target/riscv/cpu.c, add “tlb_flush(cs);” at the end of function “riscv_cpu_dump_state“, to let use capture all memory r/w operations, we have to keep flushing the tlb, since TLB operations are not record in trace.
5. Compile Qemu
./configure --target-list=riscv64-softmmu --enable-plugins
make -j8
sudo make install
