From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LZmJN-0000O9-RJ for qemu-devel@nongnu.org; Wed, 18 Feb 2009 08:18:02 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LZmJL-0000NY-5n for qemu-devel@nongnu.org; Wed, 18 Feb 2009 08:18:00 -0500 Received: from [199.232.76.173] (port=57208 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LZmJK-0000NR-OU for qemu-devel@nongnu.org; Wed, 18 Feb 2009 08:17:58 -0500 Received: from mail-bw0-f205.google.com ([209.85.218.205]:32911) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LZmJK-0007p1-9N for qemu-devel@nongnu.org; Wed, 18 Feb 2009 08:17:58 -0500 Received: by bwz1 with SMTP id 1so5533479bwz.10 for ; Wed, 18 Feb 2009 05:17:56 -0800 (PST) Message-ID: <499C0A81.8090106@gmail.com> Date: Wed, 18 Feb 2009 08:17:53 -0500 From: Andrea Pellegrini MIME-Version: 1.0 Subject: Re: [Qemu-devel] Monitor Memory Accesses References: <499C03A9.6040003@gmail.com> <761ea48b0902180500wbe676d4x3895d37df10e495b@mail.gmail.com> In-Reply-To: <761ea48b0902180500wbe676d4x3895d37df10e495b@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Thanks for the quick reply! I obtain the instruction addresses through the function static TranslationBlock *tb_find_slow(target_ulong pc, target_ulong cs_base, uint64_t flags) ...... // Andrea, let's check the pc printf("PC: 0x%x\n", pc); .... in cpu_exec.c. So far it worked but maybe there is a better way to do it. Where can I find more informations about the "helper"? I'm just starting working with Qemu so I'm still not 100% sure about what is going on. :-P I searched in target-i386/translate.c for tcg_gen_qemu_ld or tcg_gen_qemu_lst and nothing pops up. Am I looking at the right thing? Thanks ~Andrea Laurent Desnogues wrote: > On Wed, Feb 18, 2009 at 1:48 PM, Andrea Pellegrini > wrote: > >> I want to track all the memory accesses performed in a program execution. >> Right now I'm working on an amd64 machine with target x86_64 but eventually >> I would like to do the same for other architectures (at least ARM and PPC). >> With few changes I was able to print out the address of the instructions >> that the processor executes (well at least the first address of the basic >> block) >> > > I guess you're doing that by calling a helper. If you don't, that > won't work :-) > > >> and now I was looking for a way to record all memory loads and >> stores. I believe I have to change some code in the file translate.c and I >> was wondering if anybody can give me a quick help about which part of code I >> should change. It would be great if I could call a function right before >> every time a load or store is executed. >> > > You should look for parts of translate.c that generate target loads > and stores; basically look for calls to tcg_gen_qemu_ld* and > tcg_gen_qemu_st*. > > > Laurent > > > >