| author | Mike Kinghan <mikek@symbian.org> |
| Wed, 04 Aug 2010 10:56:22 +0100 | |
| branch | GCC_SURGE |
| changeset 93 | 07b904f40417 |
| parent 1 | 2fb8b9db1c86 |
| permissions | -rw-r--r-- |
|
1
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
1 |
\input texinfo @c -*- texinfo -*- |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
2 |
@c %**start of header |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
3 |
@setfilename qemu-tech.info |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
4 |
@settitle QEMU Internals |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
5 |
@exampleindent 0 |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
6 |
@paragraphindent 0 |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
7 |
@c %**end of header |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
8 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
9 |
@iftex |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
10 |
@titlepage |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
11 |
@sp 7 |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
12 |
@center @titlefont{QEMU Internals}
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
13 |
@sp 3 |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
14 |
@end titlepage |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
15 |
@end iftex |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
16 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
17 |
@ifnottex |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
18 |
@node Top |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
19 |
@top |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
20 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
21 |
@menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
22 |
* Introduction:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
23 |
* QEMU Internals:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
24 |
* Regression Tests:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
25 |
* Index:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
26 |
@end menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
27 |
@end ifnottex |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
28 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
29 |
@contents |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
30 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
31 |
@node Introduction |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
32 |
@chapter Introduction |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
33 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
34 |
@menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
35 |
* intro_features:: Features |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
36 |
* intro_x86_emulation:: x86 and x86-64 emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
37 |
* intro_arm_emulation:: ARM emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
38 |
* intro_mips_emulation:: MIPS emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
39 |
* intro_ppc_emulation:: PowerPC emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
40 |
* intro_sparc_emulation:: Sparc32 and Sparc64 emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
41 |
* intro_other_emulation:: Other CPU emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
42 |
@end menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
43 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
44 |
@node intro_features |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
45 |
@section Features |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
46 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
47 |
QEMU is a FAST! processor emulator using a portable dynamic |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
48 |
translator. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
49 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
50 |
QEMU has two operating modes: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
51 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
52 |
@itemize @minus |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
53 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
54 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
55 |
Full system emulation. In this mode (full platform virtualization), |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
56 |
QEMU emulates a full system (usually a PC), including a processor and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
57 |
various peripherals. It can be used to launch several different |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
58 |
Operating Systems at once without rebooting the host machine or to |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
59 |
debug system code. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
60 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
61 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
62 |
User mode emulation. In this mode (application level virtualization), |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
63 |
QEMU can launch processes compiled for one CPU on another CPU, however |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
64 |
the Operating Systems must match. This can be used for example to ease |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
65 |
cross-compilation and cross-debugging. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
66 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
67 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
68 |
As QEMU requires no host kernel driver to run, it is very safe and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
69 |
easy to use. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
70 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
71 |
QEMU generic features: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
72 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
73 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
74 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
75 |
@item User space only or full system emulation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
76 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
77 |
@item Using dynamic translation to native code for reasonable speed. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
78 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
79 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
80 |
Working on x86, x86_64 and PowerPC32/64 hosts. Being tested on ARM, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
81 |
HPPA, Sparc32 and Sparc64. Previous versions had some support for |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
82 |
Alpha and S390 hosts, but TCG (see below) doesn't support those yet. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
83 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
84 |
@item Self-modifying code support. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
85 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
86 |
@item Precise exceptions support. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
87 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
88 |
@item The virtual CPU is a library (@code{libqemu}) which can be used
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
89 |
in other projects (look at @file{qemu/tests/qruncom.c} to have an
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
90 |
example of user mode @code{libqemu} usage).
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
91 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
92 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
93 |
Floating point library supporting both full software emulation and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
94 |
native host FPU instructions. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
95 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
96 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
97 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
98 |
QEMU user mode emulation features: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
99 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
100 |
@item Generic Linux system call converter, including most ioctls. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
101 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
102 |
@item clone() emulation using native CPU clone() to use Linux scheduler for threads. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
103 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
104 |
@item Accurate signal handling by remapping host signals to target signals. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
105 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
106 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
107 |
Linux user emulator (Linux host only) can be used to launch the Wine |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
108 |
Windows API emulator (@url{http://www.winehq.org}). A Darwin user
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
109 |
emulator (Darwin hosts only) exists and a BSD user emulator for BSD |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
110 |
hosts is under development. It would also be possible to develop a |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
111 |
similar user emulator for Solaris. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
112 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
113 |
QEMU full system emulation features: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
114 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
115 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
116 |
QEMU uses a full software MMU for maximum portability. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
117 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
118 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
119 |
QEMU can optionally use an in-kernel accelerator, like kqemu and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
120 |
kvm. The accelerators execute some of the guest code natively, while |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
121 |
continuing to emulate the rest of the machine. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
122 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
123 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
124 |
Various hardware devices can be emulated and in some cases, host |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
125 |
devices (e.g. serial and parallel ports, USB, drives) can be used |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
126 |
transparently by the guest Operating System. Host device passthrough |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
127 |
can be used for talking to external physical peripherals (e.g. a |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
128 |
webcam, modem or tape drive). |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
129 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
130 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
131 |
Symmetric multiprocessing (SMP) even on a host with a single CPU. On a |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
132 |
SMP host system, QEMU can use only one CPU fully due to difficulty in |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
133 |
implementing atomic memory accesses efficiently. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
134 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
135 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
136 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
137 |
@node intro_x86_emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
138 |
@section x86 and x86-64 emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
139 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
140 |
QEMU x86 target features: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
141 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
142 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
143 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
144 |
@item The virtual x86 CPU supports 16 bit and 32 bit addressing with segmentation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
145 |
LDT/GDT and IDT are emulated. VM86 mode is also supported to run |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
146 |
DOSEMU. There is some support for MMX/3DNow!, SSE, SSE2, SSE3, SSSE3, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
147 |
and SSE4 as well as x86-64 SVM. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
148 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
149 |
@item Support of host page sizes bigger than 4KB in user mode emulation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
150 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
151 |
@item QEMU can emulate itself on x86. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
152 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
153 |
@item An extensive Linux x86 CPU test program is included @file{tests/test-i386}.
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
154 |
It can be used to test other x86 virtual CPUs. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
155 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
156 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
157 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
158 |
Current QEMU limitations: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
159 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
160 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
161 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
162 |
@item Limited x86-64 support. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
163 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
164 |
@item IPC syscalls are missing. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
165 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
166 |
@item The x86 segment limits and access rights are not tested at every |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
167 |
memory access (yet). Hopefully, very few OSes seem to rely on that for |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
168 |
normal use. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
169 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
170 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
171 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
172 |
@node intro_arm_emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
173 |
@section ARM emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
174 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
175 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
176 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
177 |
@item Full ARM 7 user emulation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
178 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
179 |
@item NWFPE FPU support included in user Linux emulation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
180 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
181 |
@item Can run most ARM Linux binaries. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
182 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
183 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
184 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
185 |
@node intro_mips_emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
186 |
@section MIPS emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
187 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
188 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
189 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
190 |
@item The system emulation allows full MIPS32/MIPS64 Release 2 emulation, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
191 |
including privileged instructions, FPU and MMU, in both little and big |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
192 |
endian modes. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
193 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
194 |
@item The Linux userland emulation can run many 32 bit MIPS Linux binaries. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
195 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
196 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
197 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
198 |
Current QEMU limitations: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
199 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
200 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
201 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
202 |
@item Self-modifying code is not always handled correctly. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
203 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
204 |
@item 64 bit userland emulation is not implemented. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
205 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
206 |
@item The system emulation is not complete enough to run real firmware. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
207 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
208 |
@item The watchpoint debug facility is not implemented. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
209 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
210 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
211 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
212 |
@node intro_ppc_emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
213 |
@section PowerPC emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
214 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
215 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
216 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
217 |
@item Full PowerPC 32 bit emulation, including privileged instructions, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
218 |
FPU and MMU. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
219 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
220 |
@item Can run most PowerPC Linux binaries. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
221 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
222 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
223 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
224 |
@node intro_sparc_emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
225 |
@section Sparc32 and Sparc64 emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
226 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
227 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
228 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
229 |
@item Full SPARC V8 emulation, including privileged |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
230 |
instructions, FPU and MMU. SPARC V9 emulation includes most privileged |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
231 |
and VIS instructions, FPU and I/D MMU. Alignment is fully enforced. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
232 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
233 |
@item Can run most 32-bit SPARC Linux binaries, SPARC32PLUS Linux binaries and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
234 |
some 64-bit SPARC Linux binaries. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
235 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
236 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
237 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
238 |
Current QEMU limitations: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
239 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
240 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
241 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
242 |
@item IPC syscalls are missing. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
243 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
244 |
@item Floating point exception support is buggy. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
245 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
246 |
@item Atomic instructions are not correctly implemented. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
247 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
248 |
@item There are still some problems with Sparc64 emulators. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
249 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
250 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
251 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
252 |
@node intro_other_emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
253 |
@section Other CPU emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
254 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
255 |
In addition to the above, QEMU supports emulation of other CPUs with |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
256 |
varying levels of success. These are: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
257 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
258 |
@itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
259 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
260 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
261 |
Alpha |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
262 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
263 |
CRIS |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
264 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
265 |
M68k |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
266 |
@item |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
267 |
SH4 |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
268 |
@end itemize |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
269 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
270 |
@node QEMU Internals |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
271 |
@chapter QEMU Internals |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
272 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
273 |
@menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
274 |
* QEMU compared to other emulators:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
275 |
* Portable dynamic translation:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
276 |
* Condition code optimisations:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
277 |
* CPU state optimisations:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
278 |
* Translation cache:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
279 |
* Direct block chaining:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
280 |
* Self-modifying code and translated code invalidation:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
281 |
* Exception support:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
282 |
* MMU emulation:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
283 |
* Device emulation:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
284 |
* Hardware interrupts:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
285 |
* User emulation specific details:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
286 |
* Bibliography:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
287 |
@end menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
288 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
289 |
@node QEMU compared to other emulators |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
290 |
@section QEMU compared to other emulators |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
291 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
292 |
Like bochs [3], QEMU emulates an x86 CPU. But QEMU is much faster than |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
293 |
bochs as it uses dynamic compilation. Bochs is closely tied to x86 PC |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
294 |
emulation while QEMU can emulate several processors. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
295 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
296 |
Like Valgrind [2], QEMU does user space emulation and dynamic |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
297 |
translation. Valgrind is mainly a memory debugger while QEMU has no |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
298 |
support for it (QEMU could be used to detect out of bound memory |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
299 |
accesses as Valgrind, but it has no support to track uninitialised data |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
300 |
as Valgrind does). The Valgrind dynamic translator generates better code |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
301 |
than QEMU (in particular it does register allocation) but it is closely |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
302 |
tied to an x86 host and target and has no support for precise exceptions |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
303 |
and system emulation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
304 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
305 |
EM86 [4] is the closest project to user space QEMU (and QEMU still uses |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
306 |
some of its code, in particular the ELF file loader). EM86 was limited |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
307 |
to an alpha host and used a proprietary and slow interpreter (the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
308 |
interpreter part of the FX!32 Digital Win32 code translator [5]). |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
309 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
310 |
TWIN [6] is a Windows API emulator like Wine. It is less accurate than |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
311 |
Wine but includes a protected mode x86 interpreter to launch x86 Windows |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
312 |
executables. Such an approach has greater potential because most of the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
313 |
Windows API is executed natively but it is far more difficult to develop |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
314 |
because all the data structures and function parameters exchanged |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
315 |
between the API and the x86 code must be converted. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
316 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
317 |
User mode Linux [7] was the only solution before QEMU to launch a |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
318 |
Linux kernel as a process while not needing any host kernel |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
319 |
patches. However, user mode Linux requires heavy kernel patches while |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
320 |
QEMU accepts unpatched Linux kernels. The price to pay is that QEMU is |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
321 |
slower. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
322 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
323 |
The Plex86 [8] PC virtualizer is done in the same spirit as the now |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
324 |
obsolete qemu-fast system emulator. It requires a patched Linux kernel |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
325 |
to work (you cannot launch the same kernel on your PC), but the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
326 |
patches are really small. As it is a PC virtualizer (no emulation is |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
327 |
done except for some privileged instructions), it has the potential of |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
328 |
being faster than QEMU. The downside is that a complicated (and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
329 |
potentially unsafe) host kernel patch is needed. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
330 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
331 |
The commercial PC Virtualizers (VMWare [9], VirtualPC [10], TwoOStwo |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
332 |
[11]) are faster than QEMU, but they all need specific, proprietary |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
333 |
and potentially unsafe host drivers. Moreover, they are unable to |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
334 |
provide cycle exact simulation as an emulator can. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
335 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
336 |
VirtualBox [12], Xen [13] and KVM [14] are based on QEMU. QEMU-SystemC |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
337 |
[15] uses QEMU to simulate a system where some hardware devices are |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
338 |
developed in SystemC. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
339 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
340 |
@node Portable dynamic translation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
341 |
@section Portable dynamic translation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
342 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
343 |
QEMU is a dynamic translator. When it first encounters a piece of code, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
344 |
it converts it to the host instruction set. Usually dynamic translators |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
345 |
are very complicated and highly CPU dependent. QEMU uses some tricks |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
346 |
which make it relatively easily portable and simple while achieving good |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
347 |
performances. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
348 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
349 |
After the release of version 0.9.1, QEMU switched to a new method of |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
350 |
generating code, Tiny Code Generator or TCG. TCG relaxes the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
351 |
dependency on the exact version of the compiler used. The basic idea |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
352 |
is to split every target instruction into a couple of RISC-like TCG |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
353 |
ops (see @code{target-i386/translate.c}). Some optimizations can be
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
354 |
performed at this stage, including liveness analysis and trivial |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
355 |
constant expression evaluation. TCG ops are then implemented in the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
356 |
host CPU back end, also known as TCG target (see |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
357 |
@code{tcg/i386/tcg-target.c}). For more information, please take a
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
358 |
look at @code{tcg/README}.
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
359 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
360 |
@node Condition code optimisations |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
361 |
@section Condition code optimisations |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
362 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
363 |
Lazy evaluation of CPU condition codes (@code{EFLAGS} register on x86)
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
364 |
is important for CPUs where every instruction sets the condition |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
365 |
codes. It tends to be less important on conventional RISC systems |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
366 |
where condition codes are only updated when explicitly requested. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
367 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
368 |
Instead of computing the condition codes after each x86 instruction, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
369 |
QEMU just stores one operand (called @code{CC_SRC}), the result
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
370 |
(called @code{CC_DST}) and the type of operation (called
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
371 |
@code{CC_OP}). When the condition codes are needed, the condition
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
372 |
codes can be calculated using this information. In addition, an |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
373 |
optimized calculation can be performed for some instruction types like |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
374 |
conditional branches. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
375 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
376 |
@code{CC_OP} is almost never explicitly set in the generated code
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
377 |
because it is known at translation time. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
378 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
379 |
The lazy condition code evaluation is used on x86, m68k and cris. ARM |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
380 |
uses a simplified variant for the N and Z flags. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
381 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
382 |
@node CPU state optimisations |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
383 |
@section CPU state optimisations |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
384 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
385 |
The target CPUs have many internal states which change the way it |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
386 |
evaluates instructions. In order to achieve a good speed, the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
387 |
translation phase considers that some state information of the virtual |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
388 |
CPU cannot change in it. The state is recorded in the Translation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
389 |
Block (TB). If the state changes (e.g. privilege level), a new TB will |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
390 |
be generated and the previous TB won't be used anymore until the state |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
391 |
matches the state recorded in the previous TB. For example, if the SS, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
392 |
DS and ES segments have a zero base, then the translator does not even |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
393 |
generate an addition for the segment base. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
394 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
395 |
[The FPU stack pointer register is not handled that way yet]. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
396 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
397 |
@node Translation cache |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
398 |
@section Translation cache |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
399 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
400 |
A 16 MByte cache holds the most recently used translations. For |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
401 |
simplicity, it is completely flushed when it is full. A translation unit |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
402 |
contains just a single basic block (a block of x86 instructions |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
403 |
terminated by a jump or by a virtual CPU state change which the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
404 |
translator cannot deduce statically). |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
405 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
406 |
@node Direct block chaining |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
407 |
@section Direct block chaining |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
408 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
409 |
After each translated basic block is executed, QEMU uses the simulated |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
410 |
Program Counter (PC) and other cpu state informations (such as the CS |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
411 |
segment base value) to find the next basic block. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
412 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
413 |
In order to accelerate the most common cases where the new simulated PC |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
414 |
is known, QEMU can patch a basic block so that it jumps directly to the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
415 |
next one. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
416 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
417 |
The most portable code uses an indirect jump. An indirect jump makes |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
418 |
it easier to make the jump target modification atomic. On some host |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
419 |
architectures (such as x86 or PowerPC), the @code{JUMP} opcode is
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
420 |
directly patched so that the block chaining has no overhead. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
421 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
422 |
@node Self-modifying code and translated code invalidation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
423 |
@section Self-modifying code and translated code invalidation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
424 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
425 |
Self-modifying code is a special challenge in x86 emulation because no |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
426 |
instruction cache invalidation is signaled by the application when code |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
427 |
is modified. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
428 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
429 |
When translated code is generated for a basic block, the corresponding |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
430 |
host page is write protected if it is not already read-only. Then, if |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
431 |
a write access is done to the page, Linux raises a SEGV signal. QEMU |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
432 |
then invalidates all the translated code in the page and enables write |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
433 |
accesses to the page. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
434 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
435 |
Correct translated code invalidation is done efficiently by maintaining |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
436 |
a linked list of every translated block contained in a given page. Other |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
437 |
linked lists are also maintained to undo direct block chaining. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
438 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
439 |
On RISC targets, correctly written software uses memory barriers and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
440 |
cache flushes, so some of the protection above would not be |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
441 |
necessary. However, QEMU still requires that the generated code always |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
442 |
matches the target instructions in memory in order to handle |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
443 |
exceptions correctly. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
444 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
445 |
@node Exception support |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
446 |
@section Exception support |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
447 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
448 |
longjmp() is used when an exception such as division by zero is |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
449 |
encountered. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
450 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
451 |
The host SIGSEGV and SIGBUS signal handlers are used to get invalid |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
452 |
memory accesses. The simulated program counter is found by |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
453 |
retranslating the corresponding basic block and by looking where the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
454 |
host program counter was at the exception point. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
455 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
456 |
The virtual CPU cannot retrieve the exact @code{EFLAGS} register because
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
457 |
in some cases it is not computed because of condition code |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
458 |
optimisations. It is not a big concern because the emulated code can |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
459 |
still be restarted in any cases. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
460 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
461 |
@node MMU emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
462 |
@section MMU emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
463 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
464 |
For system emulation QEMU supports a soft MMU. In that mode, the MMU |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
465 |
virtual to physical address translation is done at every memory |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
466 |
access. QEMU uses an address translation cache to speed up the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
467 |
translation. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
468 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
469 |
In order to avoid flushing the translated code each time the MMU |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
470 |
mappings change, QEMU uses a physically indexed translation cache. It |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
471 |
means that each basic block is indexed with its physical address. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
472 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
473 |
When MMU mappings change, only the chaining of the basic blocks is |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
474 |
reset (i.e. a basic block can no longer jump directly to another one). |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
475 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
476 |
@node Device emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
477 |
@section Device emulation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
478 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
479 |
Systems emulated by QEMU are organized by boards. At initialization |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
480 |
phase, each board instantiates a number of CPUs, devices, RAM and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
481 |
ROM. Each device in turn can assign I/O ports or memory areas (for |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
482 |
MMIO) to its handlers. When the emulation starts, an access to the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
483 |
ports or MMIO memory areas assigned to the device causes the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
484 |
corresponding handler to be called. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
485 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
486 |
RAM and ROM are handled more optimally, only the offset to the host |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
487 |
memory needs to be added to the guest address. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
488 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
489 |
The video RAM of VGA and other display cards is special: it can be |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
490 |
read or written directly like RAM, but write accesses cause the memory |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
491 |
to be marked with VGA_DIRTY flag as well. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
492 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
493 |
QEMU supports some device classes like serial and parallel ports, USB, |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
494 |
drives and network devices, by providing APIs for easier connection to |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
495 |
the generic, higher level implementations. The API hides the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
496 |
implementation details from the devices, like native device use or |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
497 |
advanced block device formats like QCOW. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
498 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
499 |
Usually the devices implement a reset method and register support for |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
500 |
saving and loading of the device state. The devices can also use |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
501 |
timers, especially together with the use of bottom halves (BHs). |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
502 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
503 |
@node Hardware interrupts |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
504 |
@section Hardware interrupts |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
505 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
506 |
In order to be faster, QEMU does not check at every basic block if an |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
507 |
hardware interrupt is pending. Instead, the user must asynchrously |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
508 |
call a specific function to tell that an interrupt is pending. This |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
509 |
function resets the chaining of the currently executing basic |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
510 |
block. It ensures that the execution will return soon in the main loop |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
511 |
of the CPU emulator. Then the main loop can test if the interrupt is |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
512 |
pending and handle it. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
513 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
514 |
@node User emulation specific details |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
515 |
@section User emulation specific details |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
516 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
517 |
@subsection Linux system call translation |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
518 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
519 |
QEMU includes a generic system call translator for Linux. It means that |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
520 |
the parameters of the system calls can be converted to fix the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
521 |
endianness and 32/64 bit issues. The IOCTLs are converted with a generic |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
522 |
type description system (see @file{ioctls.h} and @file{thunk.c}).
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
523 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
524 |
QEMU supports host CPUs which have pages bigger than 4KB. It records all |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
525 |
the mappings the process does and try to emulated the @code{mmap()}
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
526 |
system calls in cases where the host @code{mmap()} call would fail
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
527 |
because of bad page alignment. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
528 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
529 |
@subsection Linux signals |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
530 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
531 |
Normal and real-time signals are queued along with their information |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
532 |
(@code{siginfo_t}) as it is done in the Linux kernel. Then an interrupt
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
533 |
request is done to the virtual CPU. When it is interrupted, one queued |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
534 |
signal is handled by generating a stack frame in the virtual CPU as the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
535 |
Linux kernel does. The @code{sigreturn()} system call is emulated to return
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
536 |
from the virtual signal handler. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
537 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
538 |
Some signals (such as SIGALRM) directly come from the host. Other |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
539 |
signals are synthetized from the virtual CPU exceptions such as SIGFPE |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
540 |
when a division by zero is done (see @code{main.c:cpu_loop()}).
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
541 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
542 |
The blocked signal mask is still handled by the host Linux kernel so |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
543 |
that most signal system calls can be redirected directly to the host |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
544 |
Linux kernel. Only the @code{sigaction()} and @code{sigreturn()} system
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
545 |
calls need to be fully emulated (see @file{signal.c}).
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
546 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
547 |
@subsection clone() system call and threads |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
548 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
549 |
The Linux clone() system call is usually used to create a thread. QEMU |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
550 |
uses the host clone() system call so that real host threads are created |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
551 |
for each emulated thread. One virtual CPU instance is created for each |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
552 |
thread. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
553 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
554 |
The virtual x86 CPU atomic operations are emulated with a global lock so |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
555 |
that their semantic is preserved. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
556 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
557 |
Note that currently there are still some locking issues in QEMU. In |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
558 |
particular, the translated cache flush is not protected yet against |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
559 |
reentrancy. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
560 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
561 |
@subsection Self-virtualization |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
562 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
563 |
QEMU was conceived so that ultimately it can emulate itself. Although |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
564 |
it is not very useful, it is an important test to show the power of the |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
565 |
emulator. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
566 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
567 |
Achieving self-virtualization is not easy because there may be address |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
568 |
space conflicts. QEMU user emulators solve this problem by being an |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
569 |
executable ELF shared object as the ld-linux.so ELF interpreter. That |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
570 |
way, it can be relocated at load time. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
571 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
572 |
@node Bibliography |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
573 |
@section Bibliography |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
574 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
575 |
@table @asis |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
576 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
577 |
@item [1] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
578 |
@url{http://citeseer.nj.nec.com/piumarta98optimizing.html}, Optimizing
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
579 |
direct threaded code by selective inlining (1998) by Ian Piumarta, Fabio |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
580 |
Riccardi. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
581 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
582 |
@item [2] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
583 |
@url{http://developer.kde.org/~sewardj/}, Valgrind, an open-source
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
584 |
memory debugger for x86-GNU/Linux, by Julian Seward. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
585 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
586 |
@item [3] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
587 |
@url{http://bochs.sourceforge.net/}, the Bochs IA-32 Emulator Project,
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
588 |
by Kevin Lawton et al. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
589 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
590 |
@item [4] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
591 |
@url{http://www.cs.rose-hulman.edu/~donaldlf/em86/index.html}, the EM86
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
592 |
x86 emulator on Alpha-Linux. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
593 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
594 |
@item [5] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
595 |
@url{http://www.usenix.org/publications/library/proceedings/usenix-nt97/@/full_papers/chernoff/chernoff.pdf},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
596 |
DIGITAL FX!32: Running 32-Bit x86 Applications on Alpha NT, by Anton |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
597 |
Chernoff and Ray Hookway. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
598 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
599 |
@item [6] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
600 |
@url{http://www.willows.com/}, Windows API library emulation from
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
601 |
Willows Software. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
602 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
603 |
@item [7] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
604 |
@url{http://user-mode-linux.sourceforge.net/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
605 |
The User-mode Linux Kernel. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
606 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
607 |
@item [8] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
608 |
@url{http://www.plex86.org/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
609 |
The new Plex86 project. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
610 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
611 |
@item [9] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
612 |
@url{http://www.vmware.com/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
613 |
The VMWare PC virtualizer. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
614 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
615 |
@item [10] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
616 |
@url{http://www.microsoft.com/windowsxp/virtualpc/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
617 |
The VirtualPC PC virtualizer. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
618 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
619 |
@item [11] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
620 |
@url{http://www.twoostwo.org/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
621 |
The TwoOStwo PC virtualizer. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
622 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
623 |
@item [12] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
624 |
@url{http://virtualbox.org/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
625 |
The VirtualBox PC virtualizer. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
626 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
627 |
@item [13] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
628 |
@url{http://www.xen.org/},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
629 |
The Xen hypervisor. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
630 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
631 |
@item [14] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
632 |
@url{http://kvm.qumranet.com/kvmwiki/Front_Page},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
633 |
Kernel Based Virtual Machine (KVM). |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
634 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
635 |
@item [15] |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
636 |
@url{http://www.greensocs.com/projects/QEMUSystemC},
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
637 |
QEMU-SystemC, a hardware co-simulator. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
638 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
639 |
@end table |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
640 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
641 |
@node Regression Tests |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
642 |
@chapter Regression Tests |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
643 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
644 |
In the directory @file{tests/}, various interesting testing programs
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
645 |
are available. They are used for regression testing. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
646 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
647 |
@menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
648 |
* test-i386:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
649 |
* linux-test:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
650 |
* qruncom.c:: |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
651 |
@end menu |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
652 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
653 |
@node test-i386 |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
654 |
@section @file{test-i386}
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
655 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
656 |
This program executes most of the 16 bit and 32 bit x86 instructions and |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
657 |
generates a text output. It can be compared with the output obtained with |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
658 |
a real CPU or another emulator. The target @code{make test} runs this
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
659 |
program and a @code{diff} on the generated output.
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
660 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
661 |
The Linux system call @code{modify_ldt()} is used to create x86 selectors
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
662 |
to test some 16 bit addressing and 32 bit with segmentation cases. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
663 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
664 |
The Linux system call @code{vm86()} is used to test vm86 emulation.
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
665 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
666 |
Various exceptions are raised to test most of the x86 user space |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
667 |
exception reporting. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
668 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
669 |
@node linux-test |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
670 |
@section @file{linux-test}
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
671 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
672 |
This program tests various Linux system calls. It is used to verify |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
673 |
that the system call parameters are correctly converted between target |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
674 |
and host CPUs. |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
675 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
676 |
@node qruncom.c |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
677 |
@section @file{qruncom.c}
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
678 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
679 |
Example of usage of @code{libqemu} to emulate a user mode i386 CPU.
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
680 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
681 |
@node Index |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
682 |
@chapter Index |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
683 |
@printindex cp |
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
684 |
|
|
2fb8b9db1c86
Initial QEMU (symbian-qemu-0.9.1-12) import
martin.trojer@nokia.com
parents:
diff
changeset
|
685 |
@bye |