On 28 jun 2006, at 10:48, Tieu Ma Dau wrote:
[quote]
The basic idea is to split every x86 instruction into fewer simpler
instructions. Each simple instruction is implemented by a piece of
C code (see `target-i386/op.c'). Then a compile time tool
(`dyngen') takes the corresponding object file (`op.o') to generate
a dynamic code generator which concatenates the simple instructions
to build a function (see `op.h:dyngen_code()')
[/quote]
(I don't understand the explanation in bold)
Since I'm reading your message in plain text, I don't know what part
of your quote is bold, but what happens is this:
* a number of basic operations are defined, and each of these basic
operations is implemented using a C function (so the implementation
is mostly cpu-independent)
* the functions with these simple operations are put together in
"op.c", and this file is compiled by a compiler on the host platform
into op.o
* dyngen more or less disassembles this generated op.o: for each of
those functions, it gets the assembler code, but strips out entry and
exit code
* when emulating, for each to be emulated instruction Qemu simply
copies the appropriate assembler code gotten by dyngen from op.o
By putting all those copied code fragments after each other, the full
program is emulated. There are some special tricks for things like
jumps (a special symbol which is found using the relocation
information, and which then can be replaced during emulation with the
actual target), but overall that's it.
Jonas
_______________________________________________
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
