On 12/16/2010 04:41 PM, Peter Maydell wrote:
Some hints:
* go and look up the C syntax for function pointers and
casting things to function pointers
Yup! See the reply to Mr. Santosa, thank you!
* code_gen_prologue[] contains code which has been generated
once on startup -- go and find the function which is doing this,
which ought to tell you what the prologue code actually does...
Is that the following?
/* init global prologue and epilogue */
s->code_buf = code_gen_prologue;
s->code_ptr = s->code_buf;
tcg_target_qemu_prologue(s);
Trying to understand the pseudo-assembly in tcg_target_qemu_prologue (in
file tcg-target.c), I think it builds an assembly function scheleton
storying it inside code_gen_prologue array..
Cosidering the implementation of that function for i386 I think the jmp
*%eax is the actual code that jumps to the host binary produced by TCG
from the target binary.. in fact, if I am not wrong,this binary function
is what is actually called by tcg_qemu_tb_exec(tb_ptr) macro with tb_ptr
passed to the function in %eax, thus "jmp *%eax" starts the execution of
the binary code .. am I wrong?
* try single stepping individual machine instructions in the
debugger as you go through tcg_qemu_tb_exec() and matching
this up with what is really happening here and with the bits of
qemu which generated that code.
-- PMM
I would have already done that.. unluckily I have always used IDE with
integrated debuggers, and I can't find an IDE for loading this project..
I guess I have no other choice than learning also gdb
Thank you for your tips! :)
Best Regards!
Stefano B.
