Thank you for your reply! The thing is that, for one particular binary I can determine the address of main() in the way that you've described, or even by compiling the program with debug information and observing the in_asm log. What I need is this to work in a general case, for every binary, without the need to locate the entry point manually, but like Peter said, it cannot be done in qemu.
I can survive without this functionality. Thanks again and cheers, Ivan On Fri, Apr 5, 2013 at 4:32 PM, Laurent Desnogues < laurent.desnog...@gmail.com> wrote: > On Fri, Apr 5, 2013 at 4:15 PM, Peter Maydell <peter.mayd...@linaro.org> > wrote: > > On 5 April 2013 15:06, Ivan Jovanovic <jovanovic.d.i...@gmail.com> > wrote: > >> When I examine in_asm and out_asm logs I notice that before my program > >> starts emulating, dynamic linker code is being emulated, which is, of > >> course, expected. > >> > >> My question is, is there a way in qemu (a flag or something similar) to > >> determine during emulation when the dl code finishes executing and > execution > >> of the first TranslationBlock of my code starts? > > > > No, because QEMU doesn't care what your program does -- it just > > emulates code and doesn't need to know whether it is in the > > dynamic linker or the main program binary or a shared library > > or even code your program has dynamically generated at runtime. > > > > I suggest you look at the symbols for your guest binary (with > > 'nm' or 'objdump', for example) and match up the addresses in > > them with your code. (In particular this should let you find out > > which TB corresponds to the main() function.) You can either do > > this by hand or you could probably write a script to annotate > > the logs for you. > > There's an easier way that will work even with stripped execs: > use the ELF entry point. > > readelf -l prog | grep -i entry > > HTH, > > Laurent >
