Re: [Qemu-devel] minimal linux distribution for qemu

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Rob Landley <rob@landley.net>
To: Herbei Dacian <dacian_herbei@yahoo.fr>
Cc: QEmu Devel <qemu-devel@nongnu.org>
Subject: Re: [Qemu-devel] minimal linux distribution for qemu
Date: Tue, 20 Aug 2013 03:38:41 -0500	[thread overview]
Message-ID: <1376987921.2737.64@driftwood> (raw)
In-Reply-To: <1376834228.65699.YahooMailNeo@web172602.mail.ir2.yahoo.com> (from dacian_herbei@yahoo.fr on Sun Aug 18 08:57:08 2013)

On 08/18/2013 08:57:08 AM, Herbei Dacian wrote:
> 
> good to know.
> I was working back in 2005-2006 with a company that had a 4MB kernel.
> At that time I was too inexperienced to work at that level but I  
> thought now I could reproduce their work with some help.
> Anyhow for the moment I'll go for 256 MB of ram board just so that I  
> don't worry too much about things that are not yet relevant for me.
> But thanks again for the warning.
> But since you helped me soo much I have another question.
> Is it fisible to change the emulator so that I may visualize the  
> following aspects:
> _ address of the currently executed instruction from the guest system
> _ if this instruction is a form of jump like call return conditional  
> jump.
> _ the address or range of addresses read by this instruction
> _ the address or range of addresses written by this instruction

If you feed qemu the -s option it'll open a network port you can  
connect to to provide the gdbserver protocol (gdb's "target remote"  
command attaches to this). For system emulation it acts like a jtag  
attached to the emulated hardware, letting you see registers and such.

> I read some things about the emulator and if I understood it  
> correctly the emulator
> breaks the instructions of the gurest platform in micro ops which are  
> then executed
> on the host operation system.

Not really, no.

QEMU translates large blocks of code (used to be pages, now it's  
variable sized chunks depending on where the return instruction is) and  
keeps the translated versions cached (sort of like a java JIT). The  
main QEMU loop then calls the translated functions which execute until  
they return or get interrupted by signals (simulating things like timer  
IRQ). This is why QEMU is so fast, the actual translation overhead is  
amortized by the resulting native code being run lots of times, a  
function or loop gets translated once and then runs as native code.

This means that "the address of the currently executing instruction"  
isn't really something qemu naturally tracks, because although there  
_is_ a copy of the untranslated code page, it's not what we're running.  
The gdbserver code tries to do so artifically, but it's slow and  
awkward and not always perfect.

Self-modifying code is actually a horrible thing to do to qemu, from a  
performance perspective. Every time the emulated code page is modified,  
the cached copy of the translated code is discarded and the entire page  
gets retranslated. This means that in Aboriginal Linux, the shell  
scripts ./configure runs sped up 20% when I replaced my dynamically  
linked busybox with a statically linked one, due to the extra  
translations caused by the relocation fixups.

Rob

     prev parent reply	other threads:[~2013-08-20 10:24 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-08-15  8:57 [Qemu-devel] minimal linux distribution for qemu Herbei Dacian
2013-08-15 11:53 ` Andreas Färber
2013-08-16 15:59   ` Rob Landley
2013-08-16 16:06     ` Herbei Dacian
2013-08-15 12:09 ` Stefan Hajnoczi
2013-08-15 13:22   ` Herbei Dacian
2013-08-15 13:31     ` Peter Maydell
2013-08-15 13:46       ` Herbei Dacian
2013-08-15 13:48         ` Peter Maydell
2013-08-15 14:01           ` Herbei Dacian
2013-08-15 14:05             ` Peter Maydell
2013-08-15 14:18               ` Herbei Dacian
2013-08-15 14:22                 ` Peter Maydell
2013-08-16 16:21                 ` Rob Landley
2013-08-16 16:05             ` Rob Landley
2013-08-16 16:17               ` Herbei Dacian
2013-08-16 17:46                 ` Andreas Färber
2013-08-18  5:00                 ` Rob Landley
2013-08-18 13:57                   ` Herbei Dacian
2013-08-20  8:38                     ` Rob Landley [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1376987921.2737.64@driftwood \
    --to=rob@landley.net \
    --cc=dacian_herbei@yahoo.fr \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).