hi! aaaaah... i'm going crazy... could someone help me please: i'm still (as previously posted on irc) trying to catch when the guest OS (or a program running in it) accesses a certain virtual address (e.g. reads from it).
my guest code is something like: ... unsigned long *p = (unsigned long*)0xdeadbeef; unsigned long l = *p; ... now, i know it is compiled into something like this: ... movl $0xdeadbeef,0xfffffff8(%ebp) mov 0xfffffff8(%ebp),%eax mov (%eax),%eax ... what will be translated by qemu into something like ... movl_A0_EAX ldl_kernel_T0_A0 movl_EAX_T0 ... I hope that that's correct up to here (i'm not quite sure about the ldl_kernel as it could also be ldl_user!!). but... as ldl_(kernel|user)_T0_A0 simply calls the ld-functions in softmmu_header i inserted a line into these functions that simply dumps out the currently accessed address (i.e. the parameter ptr) to stdout. i run qemu and grep for my "deadbeef" output, but it NEVER occurs!! how can that be?? I've been trying for hours now, could someone please help me here?? don't know if that makes a difference but i've tried using -kernel-kqemu and also without kqemu. any help is greatly appreciated ... thanks!!