Hi all! I need to simulate some code for a bare metal ARM application, and get a trace of every machine instruction that gets executed.
Attaching GDB to the qemu-system-arm works, but of course it is slow. Running `qemu-system-arm -d in_asm` doesn't record every time an instruction gets executed, so I cannot use that. Running `qemu-system-arm -d cpu` apparently doesn't execute all the instructions. I mean, There is a section of my code that does get executed (I see that from GDB), but looking at the program counter (R15, since this is ARM) the addresses of these instructions don't appear in the trace I get. Taking a closer inspection, it seems that a conditional branch gets executed when debugging, but not in "normal" QEMU My last resort apart from using GDB is to use one of the TGC plugins, as I see on the documentation: https://qemu.readthedocs.io/en/latest/devel/tcg-plugins.html (in particular, contrib/plugins/execlog.c should be what I need). But I will need to ship this tool to other people, so I cannot really ask them to recompile all of QEMU's codebase just to access one single plugin. So my question is: can I compile just the plugins, so that I can link against them? Thanks! -- Alessandro Bertulli
