-
Notifications
You must be signed in to change notification settings - Fork 9
QEMU traces
BrunoASMauricio edited this page Nov 28, 2023
·
2 revisions
Qemu provides a tracing infrastructure which may help in debugging or analysing what happens within a simulation cycle.
At this moment, there are two tracers added into ARC backend, one for MMU operations, and the other for exceptions. Here they are:
# mmu.c
mmu_command(uint32_t address, const char *command, uint32_t pd0, uint32_t pd1) "[MMU] at 0x%08x, CMD=%s, PD0=0x%08x, PD1=0x%08x"
# helper.c
excp_info(uint32_t address, const char *name) "[IRQ] at 0x08, Exception=%s"- Build with the 'simple' trace backend:
./configure --target-list=arc-softmmu --enable-trace-backends=simple
make
- Create a file with the events you want to trace. For example:
events.trc:
mmu_command
excp_info
- Run the virtual machine to produce a trace file:
qemu-system-arc --trace events=events.trc ... # your normal QEMU invocation
- Pretty-print the binary trace file:
<qemu_src>/scripts/simpletrace.py <qemu_src>/target/arc/trace-events trace-* # Override * with QEMU <pid>
Since QEMU has a GDBStub, it is always possible to automate GDB to collect some information for us.
An example of such automation is to only trace instructions running inside a function. Example script here.
More info about traces in:
- QEMU source dir docs/devel/tracing.txt;
- Tracing with QEMU
- Tracing Linux kernel