TCG Plugins are a new feature since 4.2 that provide the ability to run instrumentation experiments on code. They are capable for doing passive monitoring of every instruction and memory access made by the system.

Full details can be found in docs/devel/tcg-plugins.rst

Building

The build needs to be configured with `--enable-plugins`

Running

Multiple plugins can be loaded and each one can have arguments passed to it. The builtin plugins will also only output via debug output so you can filter this with -d plugin and use -D to redirect as appropriate.

   $QEMU $QEMU_ARGS -plugin=libplugin.so,arg="foo",arg="bar" -d plugin -D output.plugin

Example

What FPSIMD instructions does sha1 execute:

   qemu-aarch64 -d plugin -plugin ./tests/plugin/libhowvec.so,arg=fpsimd ./tests/tcg/aarch64-linux-user/sha1