From: 陳韋任 <chenwj@iis.sinica.edu.tw>
To: "Jo緌 Corr獪" <joao.lvwr@gmail.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] Doubts about qemu tcg/tci
Date: Fri, 2 Mar 2012 11:30:41 +0800 [thread overview]
Message-ID: <20120302033040.GA22049@cs.nctu.edu.tw> (raw)
In-Reply-To: <CALMZKf7o1uhpcTYLoODUu9P7M+zSaxeQsPA7XMnZ7q24KyRSWQ@mail.gmail.com>
> I'm trying to read the asm code generated with the -D qemu option, but I am
> having some difficulties.
Should be "-d" option.
> First, I've seen that the generated asm is allocated in different address
> ranges. The beginning of the dump says:
>
> end_code 0x080486dc
> start_code 0x08048000
This is guest binary range.
> but the first instruction's address is: 0x6022caf0
This is the address of host binary in the code cache.
> Am I misunderstanding something? How exactly this reallocation happens (or
> where in the source code am I able to track and understand the process)?
http://lugatgt.org/content/qemu_internals/downloads/slides.pdf
http://m1.archiveorange.com/m/att/1XS1v/ArchiveOrange_YD2LcLkRqU2so0i2Zoj99h2bwUsa.pdf
Should be good start.
> Second, what exactly means the identifying letters of arguments counted in
> front of each instruction (i, o, c) ? Is it too hard to create a patch on
> the disassembly function to also output its values?
Sorry, I don't understand what you're trying to do. Where do you see those
identifying letters?
> Third, Is there a trivial way for me to track an original function inside
> the generated asm dump? I mean, if I create a C function called foo(), that
> is called somewhere inside the main function, what should I do in order to
> find the translated instructions inside the outputted dump?
`objdump -D` should show you the address of the function you're interested in.
For example, function foo() locates 0x080483b4. You can lookup qemu.log for that
address. Also, it seems QEMU will log the function name, too. Say,
----------------
IN: foo <---
0x080483b4: push %ebp
0x080483b5: mov %esp,%ebp
0x080483b7: pop %ebp
0x080483b8: ret
> Finally, I've been trying to find material about how this translation works
> properly, but I've been unable to find much. Is there something I should be
> reading before asking around here? If yes, please, point me to it!
See above.
Regards,
chenwj
--
Wei-Ren Chen (陳韋任)
Computer Systems Lab, Institute of Information Science,
Academia Sinica, Taiwan (R.O.C.)
Tel:886-2-2788-3799 #1667
Homepage: http://people.cs.nctu.edu.tw/~chenwj
next prev parent reply other threads:[~2012-03-02 3:30 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-01 20:45 [Qemu-devel] Doubts about qemu tcg/tci João Corrêa
2012-03-02 3:30 ` 陳韋任 [this message]
[not found] ` <CALMZKf5LHXaOoZa=nSuxX1_4YY2vBCQHKbLU9aoafG17huU16A@mail.gmail.com>
2012-03-14 3:04 ` 陳韋任
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120302033040.GA22049@cs.nctu.edu.tw \
--to=chenwj@iis.sinica.edu.tw \
--cc=joao.lvwr@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).