Hi,
I also investigate to implement trace target memory. Now i can trace logical address ( simulate ARM on i386)
I focus on tcg_out_qemu_ld and tcg_out_qemu_st function to generate i386 code. But i found that , QEMU don't generate full memory access for loop ( it only generate for 1 TB on loop )
How to generate full memory access address ?
Do you know about this
Lluis ?
About physical address
I found this topic on internet
http://vm-kernel.org/blog/2009/07/10/qemu-internal-part-2-softmmu/As it :
1. addend = host_virtual_address – guest_virtual_address
----->host_virtual_address = addend + guest_virtual_address
2. host_virtual_address = phys_ram_base(qemu variable) + guest_physical_address – guest_physical_address_base(0 in MIPS)
--> addend + guest_virtual_address =
phys_ram_base(qemu variable) + guest_physical_address – guest_physical_address_base(0 in MIPS)
In ARM
phys_ram_base(qemu variable) and guest_physical_address_base is const
--> guest_physical_address belong to addend.
But when i check in the source code , addend is difference each times i run qemu.
what do you think about my method? right or wrong?
Could you explain more about your idea to implement to trace guest physical address
Thanks
Best regards
Hoàng Tùng