From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1IAttX-00080U-Fd for qemu-devel@nongnu.org; Tue, 17 Jul 2007 16:43:43 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1IAttW-00080I-1y for qemu-devel@nongnu.org; Tue, 17 Jul 2007 16:43:42 -0400 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1IAttV-00080F-Sj for qemu-devel@nongnu.org; Tue, 17 Jul 2007 16:43:41 -0400 Received: from wx-out-0506.google.com ([66.249.82.231]) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1IAttV-0007sf-AC for qemu-devel@nongnu.org; Tue, 17 Jul 2007 16:43:41 -0400 Received: by wx-out-0506.google.com with SMTP id h31so1639966wxd for ; Tue, 17 Jul 2007 13:43:40 -0700 (PDT) Message-ID: <12835c8f0707171343k592e3383i408b29fb16d9f3fe@mail.gmail.com> Date: Tue, 17 Jul 2007 13:43:40 -0700 From: "Shashidhar Mysore" Subject: Re: [Qemu-devel] address translation In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_99300_14199045.1184705020212" References: <12835c8f0707121729y29d1a678qf27d29b0ca572f08@mail.gmail.com> <12835c8f0707131517t72febf40h27326ab67d5b32f3@mail.gmail.com> Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org ------=_Part_99300_14199045.1184705020212 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Andrzej, There were actually two methods described in the thread referred to in the thread to which you were referring in your previous mail. :) The thread was - http://thread.gmane.org/gmane.comp.emulators.qemu/16604 I used the patch provided by Stuart Brady (in the thread referred above) - and I believed that this is the one which helps me extract executed PC values, until you told me in your previous email that this is _not_ the case, and they are just the disassembled and not the executed PC trace! Can you please let me know if you were referring to the same thread or a different one? Thanks, -Shashi. On 7/13/07, andrzej zaborowski wrote: > > On 14/07/07, Shashidhar Mysore wrote: > > Thanks for the reply, Andrzej! > > > > Some clarifications below ... > > > > On 7/13/07, andrzej zaborowski wrote: > > > > > > > > ************************************************ > > > > /* convert one instruction. s->is_jmp is set if the translation must > > > > be stopped. Return the next pc value */ > > > > static target_ulong disas_insn(DisasContext *s, target_ulong > pc_start) > > > > { > > > > int b, prefixes, aflag, dflag; > > > > int shift, ot; > > > > int modrm, reg, rm, mod, reg_addr, op, opreg, offset_addr, val; > > > > target_ulong next_eip, tval; > > > > int rex_w, rex_r; > > > > > > > > s->pc = pc_start; // This s->pc is what I am using to extract > all > > > > executed PC values > > > > > > This s->pc doesn't correspond to executed PC values, qemu is a > translator. > > > > Can you tell me what s->pc is, in this context? Is the the start PC of a > > It is the PC of the disassembled instruction (hence disasm_insn). > > > basic block that is about to be executed? Is there any way in which I > could > > extract the trace of executed PCs in QEMU? > > Yes, there was a thread about this about two months ago. > > Regards > > > ------=_Part_99300_14199045.1184705020212 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Andrzej,

There were actually two methods described in the thread referred to in the thread to which you were referring in your previous mail. :)
The thread was -
http://thread.gmane.org/gmane.comp.emulators.qemu/16604

I used the patch provided by Stuart Brady (in the thread referred above) - and I believed that this is the one which helps me extract executed PC values, until you told me in your previous email that this is _not_ the case, and they are just the disassembled and not the executed PC trace! Can you please let me know if you were referring to the same thread or a different one?

Thanks,
-Shashi.

On 7/13/07, andrzej zaborowski <balrogg@gmail.com> wrote:
On 14/07/07, Shashidhar Mysore <shashimc@gmail.com> wrote:
> Thanks for the reply, Andrzej!
>
> Some clarifications below ...
>
> On 7/13/07, andrzej zaborowski < balrogg@gmail.com > wrote:
> > >
> > > ************************************************
> > > /* convert one instruction. s->is_jmp is set if the translation must
> > >    be stopped. Return the next pc value */
> > > static target_ulong disas_insn(DisasContext *s, target_ulong pc_start)
> > > {
> > >     int b, prefixes, aflag, dflag;
> > >     int shift, ot;
> > >     int modrm, reg, rm, mod, reg_addr, op, opreg, offset_addr, val;
> > >     target_ulong next_eip, tval;
> > >     int rex_w, rex_r;
> > >
> > >     s->pc = pc_start;   // This s->pc is what I am using to extract all
> > > executed PC values
> >
> > This s->pc doesn't correspond to executed PC values, qemu is a translator.
>
> Can you tell me what s->pc is, in this context? Is the the start PC of a

It is the PC of the disassembled instruction (hence disasm_insn).

> basic block that is about to be executed? Is there any way in which I could
> extract the trace of executed PCs in QEMU?

Yes, there was a thread about this about two months ago.

Regards



------=_Part_99300_14199045.1184705020212--