Re: [Qemu-devel] qemu log function to print out the registers of the guest

[Wei-Ren Chen]

> > On Thu, Aug 16, 2012 at 7:49 PM, Steven <address@hidden> wrote:
> > [...]
> >> I want to get the guest memory address in the instruction mov
> >> 0x4(%ebx)  %eax, whic is 0x4(%ebx).
> >> Since %ebx is not resolved until the execution time, the code in
> >> softmmu_header.h does not generate any hit or miss information.
> >> Do you know any place that I could resolve the memory access address? 
> >> Thanks.
> >
> > You'll have to generate code.  Look at how helpers work.
> Hi, Laurent,
> do you mean the target-i386/op_helper.c/helper.c or the tcg helper? Thanks.

  What do you mean by "resolve the memory access address"? Do you want
to get guest virtual address for each guest memory access, right? As Max
mentioned before (you can also read [1]), there are fast and slow path
in QEMU softmmu, tlb hit and tlb miss respectively. Max provided patch
for slow path. As for fast path, take a look on tcg_out_tlb_load (tcg
/i386/tcg-target.c). tcg_out_tlb_load will generate native code in the
code cache to do tlb lookup, I think you cannot use the trick Max used
since tcg_out_tlb_load will not be called when the fast path executed,
it "generates" code instead. Therefore, you might have to insert your
instrument code in the code cache, perhaps modifying tcg_out_tlb_load
to log value of "addrlo" (see comments above tcg_out_tlb_load).

HTH,
chenwj

[1] http://lists.gnu.org/archive/html/qemu-devel/2012-08/msg03060.html

-- 
Wei-Ren Chen (陳韋任)
Computer Systems Lab, Institute of Information Science,
Academia Sinica, Taiwan (R.O.C.)
Tel:886-2-2788-3799 #1667
Homepage: http://people.cs.nctu.edu.tw/~chenwj