[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cpu state for every instruction
|
From: |
Peter Maydell |
|
Subject: |
Re: Cpu state for every instruction |
|
Date: |
Wed, 8 Sep 2021 11:03:37 +0100 |
On Wed, 8 Sept 2021 at 01:29, Hinko Kocevar <hinkocevar@gmail.com> wrote:
> I would like to be able to see target CPU state for every instruction that
> gets emulated.
>
> Looking at the qemu code and experimenting with the options I can get only
> pre/post tb CPU state printed; I would like to see also the state for all the
> instructions that were inside the tb.
"-singlestep -d nochain,cpu,exec -D somefile.log" should more or
less do what you want. (In particular, -singlestep says "put only
one instruction in each TB", which is the way to get the information
per-instruction.)
If you want to see the insns being executed (as opposed to just
the CPU PC values) you can add 'in_asm' to the -d flags, but be
aware that that shows them when the guest code is *translated*,
not when it is executed, so it happens before the exec logs,
and if the same insn is executed multiple times you have to
track back up in the log to find the place where it was originally
executed.
General note: the -d option is really a "for debugging QEMU"
kind of logging -- it prints the stuff that's easy to trace,
but you sometimes have to have an idea about what QEMU is
doing internally to make sense of it.
The other approach to looking at guest state is to use the
gdbstub: you could connect a gdb, and script gdb to do a loop
of "single step instruction; print guest registers".
-- PMM