Re: [Qemu-devel] address translation

[Shashidhar Mysore]

Hi Andrzej,

There were actually two methods described in the thread referred to in the thread to which you were referring in your previous mail. :)
The thread was -
http://thread.gmane.org/gmane.comp.emulators.qemu/16604

I used the patch provided by Stuart Brady (in the thread referred above) - and I believed that this is the one which helps me extract executed PC values, until you told me in your previous email that this is _not_ the case, and they are just the disassembled and not the executed PC trace! Can you please let me know if you were referring to the same thread or a different one?

Thanks,
-Shashi.

On 7/13/07, andrzej zaborowski <address@hidden> wrote:

On 14/07/07, Shashidhar Mysore <address@hidden> wrote:
> Thanks for the reply, Andrzej!
>
> Some clarifications below ...
>
> On 7/13/07, andrzej zaborowski < address@hidden > wrote:
> > >
> > > ************************************************
> > > /* convert one instruction. s->is_jmp is set if the translation must
> > >    be stopped. Return the next pc value */
> > > static target_ulong disas_insn(DisasContext *s, target_ulong pc_start)
> > > {
> > >     int b, prefixes, aflag, dflag;
> > >     int shift, ot;
> > >     int modrm, reg, rm, mod, reg_addr, op, opreg, offset_addr, val;
> > >     target_ulong next_eip, tval;
> > >     int rex_w, rex_r;
> > >
> > >     s->pc = pc_start;   // This s->pc is what I am using to extract all
> > > executed PC values
> >
> > This s->pc doesn't correspond to executed PC values, qemu is a translator.
>
> Can you tell me what s->pc is, in this context? Is the the start PC of a

It is the PC of the disassembled instruction (hence disasm_insn).

> basic block that is about to be executed? Is there any way in which I could
> extract the trace of executed PCs in QEMU?

Yes, there was a thread about this about two months ago.

Regards