Thanks Peter! Adding -singlestep to the list of my args did the trick! After digging into code things became a bit more clearer on what happens where and when.
On Wed, 8 Sep 2021 at 12:04, Peter Maydell <[email protected]> wrote: > On Wed, 8 Sept 2021 at 01:29, Hinko Kocevar <[email protected]> wrote: > > I would like to be able to see target CPU state for every instruction > that gets emulated. > > > > Looking at the qemu code and experimenting with the options I can get > only pre/post tb CPU state printed; I would like to see also the state for > all the instructions that were inside the tb. > > "-singlestep -d nochain,cpu,exec -D somefile.log" should more or > less do what you want. (In particular, -singlestep says "put only > one instruction in each TB", which is the way to get the information > per-instruction.) > > If you want to see the insns being executed (as opposed to just > the CPU PC values) you can add 'in_asm' to the -d flags, but be > aware that that shows them when the guest code is *translated*, > not when it is executed, so it happens before the exec logs, > and if the same insn is executed multiple times you have to > track back up in the log to find the place where it was originally > executed. > > General note: the -d option is really a "for debugging QEMU" > kind of logging -- it prints the stuff that's easy to trace, > but you sometimes have to have an idea about what QEMU is > doing internally to make sense of it. > > The other approach to looking at guest state is to use the > gdbstub: you could connect a gdb, and script gdb to do a loop > of "single step instruction; print guest registers". > > -- PMM > -- .. the more I see the less I believe.., AE AoR
