[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Write to guest memory space in target-i386/translate.c
From: |
Alexander Graf |
Subject: |
Re: [Qemu-devel] Write to guest memory space in target-i386/translate.c |
Date: |
Mon, 3 Aug 2009 12:30:12 +0200 |
Hi Tommy,
On 03.08.2009, at 08:24, Tommy Huang wrote:
Hi all,
I've found that no functions in target-i386/translate.c try to
"write" to guest memory space.
There is ldub_code which can be used to read from guest space.
Which function can I use to write to the guest memory space in
translate.c?
I know I can use stb_kernel in target-i386/helper.c. But I can't use
it in target-i386/translate.c.
Any workaround?
Those files get called in different steps of the emulator.
translate.c code gets executed when qemu finds that a block is not
translated yet, but wants to translate it. So in translate.c you only
write TCG calls that generate host code, because you're not executing
code yet, but only translating it.
helper.c code gets called from TCG code when the block is executed. In
here you can just do normal C calls, because you know you're running
at the time the code gets executed.
Imagine this easy to read x86 assembly code:
x:
mov %eax, $0
mov %cr0, %eax
jmp x
Qemu would call translate.c once(!) for this block. translate.c would
now take the opcodes and create host equivalents out of them.
The mov to cr0 gets translated to a helper call in translate.c, which
would get called all the time while running the code, because you're
stuck in an endless loop while _executing_.
I hope I haven't confused you more than you were now :-)
Alex
PS: I don't take guarantees for valid code examples :-). Maybe I have
a typo in here, maybe writing 0 to cr0 makes the whole code fail. The
code is really just there to explain the difference between
translation and execution step.