> even that. is it possible to pass host virtual out. the fast path add > the addend to get host virtual ? so it must be in a register, most > likely eax in i386. what do you think would be the best way to get > that out ?
Take a look on comment on tcg_out_tlb_load (tcg/i386/tcg-target.c). First argument register is loaded with the low part of the address. In the TLB hit case, it has been adjusted as indicated by the TLB and so is a host address. In the TLB miss case, it continues to hold a guest address. So I guess you can take "tcg_target_call_iarg_regs[0]" as host virtual address if software tlb hit. /* TLB Hit. */ tcg_out_qemu_ld_direct(s, data_reg, data_reg2, tcg_target_call_iarg_regs[0], 0, opc); As for how do you get host virtual address out, I think you can write a helper function logging those host virtual address into a file or something else, then insert a helper function call at the point of TLB hit. HTH, chenwj -- Wei-Ren Chen (陳韋任) Computer Systems Lab, Institute of Information Science, Academia Sinica, Taiwan (R.O.C.) Tel:886-2-2788-3799 #1667 Homepage: http://people.cs.nctu.edu.tw/~chenwj