From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=36264 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1PTahI-0001Wg-Af
	for qemu-devel@nongnu.org; Fri, 17 Dec 2010 08:50:13 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefboombastic@gmail.com>) id 1PTagw-0007aV-EV
	for qemu-devel@nongnu.org; Fri, 17 Dec 2010 08:49:51 -0500
Received: from mail-wy0-f173.google.com ([74.125.82.173]:34208)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefboombastic@gmail.com>) id 1PTagw-0007aO-A1
	for qemu-devel@nongnu.org; Fri, 17 Dec 2010 08:49:50 -0500
Received: by wyg36 with SMTP id 36so756815wyg.4
	for <qemu-devel@nongnu.org>; Fri, 17 Dec 2010 05:49:49 -0800 (PST)
Message-ID: <4D0B6A7A.3060502@gmail.com>
Date: Fri, 17 Dec 2010 14:49:46 +0100
From: Stefano Bonifazi <stefboombastic@gmail.com>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] classic emulator Vs QEMU-TCG
References: <4D0A2E4C.6070307@gmail.com>
	<AANLkTimWjKcrXs7JpRdJ6feFrhDbo6SeXXcLOE-5jJ=a@mail.gmail.com>
In-Reply-To: <AANLkTimWjKcrXs7JpRdJ6feFrhDbo6SeXXcLOE-5jJ=a@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: qemu-devel@nongnu.org

On 12/16/2010 04:41 PM, Peter Maydell wrote:
> Some hints:
>   * go and look up the C syntax for function pointers and
> casting things to function pointers
Yup! See the reply to Mr. Santosa, thank you!
>   * code_gen_prologue[] contains code which has been generated
> once on startup -- go and find the function which is doing this,
> which ought to tell you what the prologue code actually does...
Is that the following?
> /* init global prologue and epilogue */
>     s->code_buf = code_gen_prologue;
>     s->code_ptr = s->code_buf;
>     tcg_target_qemu_prologue(s);


Trying to understand the pseudo-assembly in tcg_target_qemu_prologue (in 
file tcg-target.c), I think it builds an assembly function scheleton 
storying it inside code_gen_prologue array..
Cosidering the implementation of that function for i386 I think the jmp 
*%eax is the actual code that jumps to the host binary produced by TCG 
from the target binary.. in fact, if I am not wrong,this binary function 
is what is actually called by tcg_qemu_tb_exec(tb_ptr) macro with tb_ptr 
passed to the function in %eax, thus "jmp *%eax" starts the execution of 
the binary code .. am I wrong?

>   * try single stepping individual machine instructions in the
> debugger as you go through tcg_qemu_tb_exec() and matching
> this up with what is really happening here and with the bits of
> qemu which generated that code.
>
> -- PMM
I would have already done that.. unluckily I have always used IDE with 
integrated debuggers, and I can't find an IDE for loading this project.. 
I guess I have no other choice than learning also gdb
Thank you for your tips! :)
Best Regards!
Stefano B.