QEMU PRIP 44 - tracing of instructions and registers

Jump to: navigation, search

User stories[edit]

I'm trying to use QEMU as a tool for development of embedded software for MIPS microcontrollers. Typically the most tricky tasks are debugging of context switch, interrupt handler entry and exit, virtual memory events (TLB exceptions) etc. Other simulators like MIPSsim or OVPsim have an ability to trace instructions and registers to a log file, which helps a lot in debugging. Unfortunately, current QEMU version lacks such a feature.


I propose to implement an option, like "-d instr", to enable instruction and register tracing to a log file. The output might look like this:

bfc00070: 3c088000      lui     t0,0x8000
    Write t0 = 80000000
bfc00074: 25080644      addiu   t0,t0,1604
    Write t0 = 80000644
bfc00078: 3c098000      lui     t1,0x8000
    Write t1 = 80000000
bfc0007c: 25290680      addiu   t1,t1,1664
    Write t1 = 80000680
bfc00080: 10000006      b       bfc0009c
bfc00084: 00000000      nop
bfc0009c: 0109082b      sltu    at,t0,t1
    Write at = 00000001
bfc000a0: 1420fff9      bnez    at,bfc00088
bfc000a4: 00000000      nop
bfc00088: ad000000      sw      zero,0(t0)
    Memory Write [80000644] = 00000000


  • On every instruction fetch, a call to a helper function should be generated, which prints a PC value, instruction opcode and mnemonics. In addition, it also prints the CPU registers, modified by previous instruction.
  • For every memory load/store or TLB write, a helper function should be called, to print the information to a log file.
  • It makes sense to print a message for every processor mode change (kernel/user/debug etc).
  • Need to print a line for every exception, including interrupts.