From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NvSgH-0004ue-Aw
	for qemu-devel@nongnu.org; Sat, 27 Mar 2010 05:51:49 -0400
Received: from [140.186.70.92] (port=52765 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NvSgE-0004tT-TV
	for qemu-devel@nongnu.org; Sat, 27 Mar 2010 05:51:47 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <sdb@zubnet.me.uk>) id 1NvSgD-0000bd-He
	for qemu-devel@nongnu.org; Sat, 27 Mar 2010 05:51:46 -0400
Received: from b.painless.aaisp.net.uk ([81.187.30.52]:49388)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <sdb@zubnet.me.uk>) id 1NvSgD-0000aT-DA
	for qemu-devel@nongnu.org; Sat, 27 Mar 2010 05:51:45 -0400
Date: Sat, 27 Mar 2010 09:51:31 +0000
From: Stuart Brady <sdb@zubnet.me.uk>
Subject: Re: [Qemu-devel] Question about memory micro operations in Qemu
	0.12.x]
Message-ID: <20100327095131.GA5268@zubnet.me.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org, "coopht@gmail.com" <coopht@gmail.com>

[ Sorry for sending twice, forgot to reply to the list ]

On Fri, Mar 26, 2010 at 11:23:30PM +0300, coopht@gmail.com wrote:
> Hello.
> in qemu 0.9.x there was a special file with micro-operations, which
> implemented access to memory. For example for arm architecture it
> was op_mem.h file. I was able to add some printfs to this functions
> and get information about memory accesses.
> 
> My question is : how memory access microoperations are now
> implemented in qemu 0.12.x ?
> 
> Thanks for you answers.

To generate load and store operations, tcg_gen_qemu_{ld,st}*() are now
used.  See tcg/README for more information on TCG ops.

In tcg/*/tcg-target.c, you'll find tcg_out_qemu_{ld,st}().  The easiest
way to do this would probably be to place your printfs in __ld_mmu() and
__st_mmu() (which are defined via softmmu_template.h), and remove the
TLB lookups from tcg_out_qemu_{ld,st}() so that your tracing code is
always called.

Instead of modifying tcg_out_qemu_{ld,st}(), you might also be able to
bypass it entirely, by using having tcg_gen_qemu_{ld,st}*() generate
calls to a helper function.

Cheers,
-- 
Stuart Brady