[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] classic emulator Vs QEMU-TCG
|
From: |
Stefano Bonifazi |
|
Subject: |
Re: [Qemu-devel] classic emulator Vs QEMU-TCG |
|
Date: |
Fri, 17 Dec 2010 14:49:46 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7 |
On 12/16/2010 04:41 PM, Peter Maydell wrote:
Some hints:
* go and look up the C syntax for function pointers and
casting things to function pointers
Yup! See the reply to Mr. Santosa, thank you!
* code_gen_prologue[] contains code which has been generated
once on startup -- go and find the function which is doing this,
which ought to tell you what the prologue code actually does...
Is that the following?
/* init global prologue and epilogue */
s->code_buf = code_gen_prologue;
s->code_ptr = s->code_buf;
tcg_target_qemu_prologue(s);
Trying to understand the pseudo-assembly in tcg_target_qemu_prologue (in
file tcg-target.c), I think it builds an assembly function scheleton
storying it inside code_gen_prologue array..
Cosidering the implementation of that function for i386 I think the jmp
*%eax is the actual code that jumps to the host binary produced by TCG
from the target binary.. in fact, if I am not wrong,this binary function
is what is actually called by tcg_qemu_tb_exec(tb_ptr) macro with tb_ptr
passed to the function in %eax, thus "jmp *%eax" starts the execution of
the binary code .. am I wrong?
* try single stepping individual machine instructions in the
debugger as you go through tcg_qemu_tb_exec() and matching
this up with what is really happening here and with the bits of
qemu which generated that code.
-- PMM
I would have already done that.. unluckily I have always used IDE with
integrated debuggers, and I can't find an IDE for loading this project..
I guess I have no other choice than learning also gdb
Thank you for your tips! :)
Best Regards!
Stefano B.