How To Log QEMU Memory Access

Peter Maydell peter.maydell at linaro.org
Thu Mar 15 14:08:53 UTC 2012

2012/3/15 周春华 <uulinux at gmail.com>:
> Dear Peter Maydell,
> Thank you for your help. I got an idea to log the guest physical address,
> would you mind help me to check it?
> Because the function tcg_out_qemu_ld() and tcg_out_qemu_st() know the guest
> virtual address should be accessed, we can call the
> [target-arm/helper.c:get_phys_addr] function to translate the guest virtual
> address to the guest physical address and log the guest physical address.
> Is it feasible? I know it will be slow the QEMU.

Depends what you mean by 'feasible'. It's not totally impossible.
Bear in mind that you'll have to write C code which writes out
x86 instructions which do the actual function call, and that
you will need to do it without accidentally trashing any registers
which are in use at that point. You'll also need to find all the
slow path accesses which don't go through this point.

You might find it simpler to attack the problem at a higher level
by modifying the translator to output calls to tracing helper functions
before every load/store instruction.

This is all getting pretty complicated, though, and I wouldn't recommend it
without a decent understanding of how QEMU works...

-- PMM

