You should see this pdf (www.ecs.syr.edu/faculty/yin/Teaching/TC2010/Proj4.pdf). It talks about tracing the instructions.
--
Dushyant
Wow thank you! It sounds incredibly interesting!!
What we really need is to insert a function
call into the
translated code, so when each instruction is executed at runtime, our
inserted function will be
executed.
Again wow!! Is that really possible? Some sort of callback triggered at
every instruction execution?
Yes, this mechanism works. I have written a code to count different
kinds of instructions.
Do you
have any another document explaining that?
No. But maybe you can try to understand this through qemu source code.
Here are some resources for that
http://stackoverflow.com/questions/4501173/a-call-to-those-who-have-worked-with-qemu
This pdf
just gives instructions on how to do it on an old version of qemu
(disas_insn doesn't exist at all on my code now), and does not explain
what it is, what's behind that suggested code ..
Also the code for single step would be of great help to me! I really
needed that.. but when I tried it on qemu-user didn't work at all..
It exists in file qemu/target-i386/translate.c You are also talking
about qemu source code privided here http://wiki.qemu.org/Download,
right?
If you need, I can give the source code of counting implementation with
some documentation.
Hope this helps.
--
Dushyant
|