> I think the correct way to get the full instruction trace on a MIPS > emulated processor is:
the way you describe is slow because you are constantly re-generating the TBs. The best way to do this is to add your instrumentation to the TBs. I have code that does that for a recent version of Qemu here: http://www.csl.cornell.edu/~vince/projects/qemusim/ although it outputs Basic-Block vectors, not a full memory trace like you want. It has been validated to match proper instruction counts using hardware performnce counters though. I also have code creating full instruction/memory traces for Qemu MIPS that can be found here: http://www.csl.cornell.edu/~vince/projects/qemu-trace/ but it's against Qemu from 2007 pre-dating the TCG changeover so of limited use probably. I hvae some code somewhere that updated this to work with TCG but I don't know what happened to it. Vince
