From: Fabrice Bellard <fabrice.bellard@free.fr>
To: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] simulated memory instead of host memory
Date: Mon, 09 Jun 2003 21:09:37 +0200 [thread overview]
Message-ID: <3EE4DB71.3090706@free.fr> (raw)
In-Reply-To: 20030609203126.7fc1bb17.jrydberg@night.trouble.net
Johan Rydberg wrote:
> First question of the day;
>
> First of all I would like to say that I really like the concept of QEMU.
> Let GCC do most of the work and just glue it all together. Brilliant.
> One downside of it though is all the tampering with flags to GCC.
Yes, on every new gcc version there may be problems... a solution may be
to distribute binary only versions of some object files of QEMU.
I hope that someday someone will make a proper code generator, but it is
really a lot of work!
> To the question. How hard would it be to make QEMU a full-system
> simulator? Or, more concrete: How hard would it be to instead of using
> the host memory for the simulated app, use simulated memory (on per-page
> basis)?
It would be possible. I spent a lot of time thinking about it, but I did
not make it because of lack of time and motivation. I see three solutions:
1) The very slow (but simplest) solution is to just modify the memory
access inline functions in 'cpu-i386.h' to emulate the x86 MMU.
2) A faster solution is to use 4MB tables containing the addresses of
each CPU page. One 4MB table would be used for read, one table for
write. The tables can be seen as big TLBs. Unmapped pages would have a
NULL entry in the tables so that a fault is generated on access to fill
the table.
3) An even faster solution is to use Linux memory mappings to emulate
the MMU. The Linux MM state of the process would be considered as a TLB
of the virtual x86 MMU state. It works only if the host has <= 4KB page
size and if the guest OS don't do any mapping in memory >= 0xc0000000.
With Linux as guest it would work as you can easily change the base
address of the kernel. The restriction about mappings >= 0xc0000000
could be suppressed with a small (but tricky) kernel patch which would
allow to mmap() at addresses >= 0xc0000000.
I wanted to implement solution (3) to be able to simulate an unpatched
Linux kernel (and call the project 'qplex86' !).
To run any OS you would also need precise segment limits and rights
emulation, at least for non user code.
Fabrice.
next prev parent reply other threads:[~2003-06-09 19:10 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-09 18:31 [Qemu-devel] simulated memory instead of host memory Johan Rydberg
2003-06-09 19:09 ` Fabrice Bellard [this message]
2003-06-09 19:37 ` Johan Rydberg
2003-06-09 20:18 ` Fabrice Bellard
2003-06-09 20:43 ` Johan Rydberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3EE4DB71.3090706@free.fr \
--to=fabrice.bellard@free.fr \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).