On 16 August 2012 17:36, Steven <wangwangk...@gmail.com> wrote: > I would like to get a trace of guest memory access. So I can not use > "info registers". > What I want to do is that when tcg fetches a load instruction at > disas_insns(), the guest memory address should be calculated.
You cannot calculate the guest memory address at the point where TCG is translating the load instruction. This is because that address depends on the values of guest registers at runtime. At translation time these values are not known. Also they may be different for different runs through the same generated code. QEMU is a just-in-time translator (JIT). For a JIT it is important to remember the difference between: * translation time. Here we know what the guest code (instructions) are, but we do not know what the guest CPU registers will be * run time. This may be some time later, and we may execute the same code several times. We don't have any access to information about the guest code we are running unless we specifically recorded it at translation time. When you are reading (or trying to change) QEMU source code you need to know whether the QEMU code will be running at translation or run time. The answer affects what information you have access to, and what you can do to the guest. -- PMM