SlideShare ist ein Scribd-Unternehmen logo

QEMU Binary Translations Overview

Als PPTX, PDF herunterladen
Jiann-Fuh Liaw
Jiann-Fuh Liaw

This document provides an overview of QEMU, including its use of dynamic translation and Tiny Code Generator (TCG) to emulate target CPUs on the host system. It discusses how QEMU translates target instructions into a RISC-like intermediate representation (TCG ops), optimizes and converts them to host instructions. The document also mentions Linaro's work with QEMU and a QEMU monitor tool for debugging ARM systems emulated by QEMU.

Software
1 von 42
QEMU Binary Translations 2014/09/25@NCKU Embedded Course Jeff Liaw rampant1018@gmail.com
Outline Introduction of QEMU Overview Translation Block Tiny Code Generator Porting to New Architecture Linaro QEMU Monitor A debug tool for AArch64/QEMU YODO Lab -2-
Introduction of QEMU
What is QEMU? Quick EMUlator QEMU is a FAST! processor emulator Time for booting linux kernel(buildroot)  QEMU needs 2 sec  Foundation Model needs 12 sec Simulation V.S Emulation Simulation – For analysis and study Emulation – For usage as substitute YODO Lab -4-
Usage of QEMU Modes: System-mode emulation – emulation of a full system User-mode emulation – launch processes compiled for another CPU(same OS)  Ex. execute arm/linux program on x86/linux Popular uses: For cross-compilation development environments Virtualization, device emulation, for kvm Android Emulator(part of SDK) YODO Lab -5-
QEMU Generic Features Support Self-modifying code Precise exception FPU  software emulation  host FPU instructions Dynamic translation to native code => speed YODO Lab -6-
QEMU Full System Emulation Features Full software MMU => portability Optionally use an in-kernel accelerator(kvm) Various hardware devices can be emulated SMP even on host with a single CPU YODO Lab -7-
QEMU Emulation Example Host(Win7/x86) emulate Guest(Linux/arm) x86 ISA is different from ARM’s ISA emulate YODO Lab -8-
Dynamic Translation Target CPU instruction → Host CPU instruction(runtime) 32MB YODO Lab -9-
Translation & Execution initialize the process or and jump to the host code Main Loop:  IRQ handle  translation  run guest restore normal state and return to the main loop Overhead! YODO Lab -10-
Translation & Execution We need emulation! Host Emulation  Main Loop:  IRQ handle  translation  run guest YODO Lab -11-
Basic Block(Translated Block, TB) Block exit point: encounter branch(modify PC) reach page boundary 000081ac<abort>: 81ac: add $sp, $sp #-24 81b0: str $fp, [$sp+#20] … 81c2: beq $lr 81c6: mov $sp, $fp … 81d0: ret $lr Branch occur Block 1 Block 2 YODO Lab -12-
Block Chaining Jump directly between basic blocks YODO Lab -13-
Chaining Steps tb_add_jump() in “cpu-exec.c” YODO Lab -14-
CPU Execution Flow Exceptions: asynchronous interrupts(unchain) process I/O no more TB Look up TBC by target PC Translate one basic block Chain it to existed block Cached Execute translated code Exception handling N Y tb_gen_code() tb_add_jump() cpu_tb_exec() YODO Lab -15-
Example arm-none-eabi-gcc -c -mcpu=arm926ej-s -g foo.c foo.o -O0 YODO Lab -16-
Example  r4 = dummy  r5 = i dummy++ when i < 5 dummy-- when i >= 5 i count from 0 to 9 Translation Cache TB 1 TB 1 cpu-exec TB 2 TB 2 TB 3 TB 3 TB 4 TB 4 TB 5 TB 5 YODO Lab -17-
CPU dependency(bad idea) generate host code Target CPU Host CPU Bomb!!!!!! YODO Lab -18-
CPU independency(good idea) -19- generate host code Target CPU Host CPU All problems in CS can be solved by another level of indirection YODO Lab -19-
Tiny Code Generator(TCG) Since QEMU 0.10 Relax dependency Steps: 1. Target instruction → RISC-like TCG ops 2. Optimizations 3. TCG ops → host instructions Frontend Backend YODO Lab -20-
TCG micro-ops Simple instruction Ex. add → TCG micro-ops ARM micro-ops Convert P.S tmp5 and tmp6 are temporary variables YODO Lab -21-
TCG micro-ops Complicated instruction Ex. qadd → TCG micro-ops(helper) ARM micro-ops Convert P.S tmp5, tmp6 and tmp7 are temporary variables YODO Lab -22-
TCG micro-ops TCG micro-ops Basic functions Temporary variables Divide one instruction to multiple small operations Helper function handle complicated instructions YODO Lab -23-
TCG Frontend API tcg_gen_<op>[i]_<reg_size> <op> - operation [i] - immediate or register <reg_size> - size of register YODO Lab -24-
TCG Frontend API Temporary variable allocate & delete Call helper function YODO Lab -25-
TCG internal Two column: op code(opc) op parameter(opparam) OPC OPPARAM op_add_i32 ret arg1 arg2 OPC OPPARAM YODO Lab -26-
ARM Convert micro-ops OPC OPPARAM op_movi_i32 op_mov_i32 op_add_i32 op_mov_i32 t0 arg2 t1 cpu_R[arg1] t1 t1 t0 cpu_R[arg1] t1 YODO Lab -27-
TCG Backend Frontend Backend OPC OPPARAM op_movi_i32 op_mov_i32 op_add_i32 op_mov_i32 t0 arg2 t1 cpu_R[arg1] t1 t1 t0 cpu_R[arg1] t1 YODO Lab -28-
TCG Backend micro-ops → host code QEMU on x86-64 micro-ops Host machine Convert YODO Lab -29-
TCG Backend x86-64 backend example OPC OPPARAM op_movi_i32 op_mov_i32 op_add_i32 op_mov_i32 t0 arg2 t1 cpu_R[arg1] t1 t1 t0 cpu_R[arg1] t1 YODO Lab -30-
TCG Porting Porting source tree qemu/target-*/ cpu.h translate.c op_helper.c helper.c qemu/tcg/*/ tcg-target. c tcg-target. h Frontend Backend regs and cpu status declaration target instruction → micro-op complicated instruction which can’t be modeled with micro-op exception handling(ex. divide 0) YODO Lab -31-
Linaro
Overview Build the future of Open Source Software on ARM Does the core engineering YODO Lab -33-
Members Core Members Club Members Group Members YODO Lab -34-
Android L Developer Preview Android emulator based on QEMU Differences to mainline QEMU User Interface  keypad/buttons  accelerated graphics Emulated Devices  Fast IPC(qemu_pipe)  GSM, GPS, sensors Ref: http://www.linaro.org/blog/core-dump/running-64bit-android-l-qemu/ YODO Lab -35-
QEMU-Monitor
Overview QEMU provide gdb stub debug in running image display general purpose registers(pc, spsr) single step execution But can not display system register hard to debug kernel image YODO Lab -37-
QEMU gdbserver & qemu-monitor  QEMU gdbserver send gdb packet when VM_STATE change  Custom packet through IPC socket GDB_VM_STATE _CHANGE Send GDB Packet Send Custom Packet Receive Custom Packet Print Related Information IPC Socket QEMU qemu-monitor Custom Packet YODO Lab -38-
QEMU System Registers Mapping Some registers are not implemented Hard-coded target-arm/helper.c Hash Key QEMU Variables mapping to ARM registers YODO Lab -39-
Screenshot YODO Lab -40-
YODO Lab 41
QEMU & KVM QEMU run independently QEMU + KVM qemu(userspace tool) kvm(hypervisor) YODO Lab -42-

Empfohlen

from Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu Worksfrom Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu WorksZhen Wei
 
Qemu JIT Code Generator and System Emulation
Qemu JIT Code Generator and System EmulationQemu JIT Code Generator and System Emulation
Qemu JIT Code Generator and System EmulationNational Cheng Kung University
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu IntroductionChiawei Wang
 
Dave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDanny Abukalam
 
SFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMU
SFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMUSFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMU
SFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMULinaro
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded LinuxEmertxe Information Technologies Pvt Ltd
 
Qemu
QemuQemu
QemuKoganti Ravikumar
 
Bootloaders
BootloadersBootloaders
BootloadersAnil Kumar Pugalia
 

Empfohlen

from Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu Worksfrom Binary to Binary: How Qemu Works
from Binary to Binary: How Qemu WorksZhen Wei
 
Qemu JIT Code Generator and System Emulation
Qemu JIT Code Generator and System EmulationQemu JIT Code Generator and System Emulation
Qemu JIT Code Generator and System EmulationNational Cheng Kung University
 
Qemu Introduction
Qemu IntroductionQemu Introduction
Qemu IntroductionChiawei Wang
 
Dave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDave Gilbert - KVM and QEMU
Dave Gilbert - KVM and QEMUDanny Abukalam
 
SFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMU
SFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMUSFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMU
SFO15-202: Towards Multi-Threaded Tiny Code Generator (TCG) in QEMULinaro
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded LinuxEmertxe Information Technologies Pvt Ltd
 
Qemu
QemuQemu
QemuKoganti Ravikumar
 
Bootloaders
BootloadersBootloaders
BootloadersAnil Kumar Pugalia
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device driversHoucheng Lin
 
Embedded Linux BSP Training (Intro)
Embedded Linux BSP Training (Intro)Embedded Linux BSP Training (Intro)
Embedded Linux BSP Training (Intro)RuggedBoardGroup
 
Ninja Build: Simple Guide for Beginners
Ninja Build: Simple Guide for BeginnersNinja Build: Simple Guide for Beginners
Ninja Build: Simple Guide for BeginnersChang W. Doh
 
QEMU and Raspberry Pi. Instant Embedded Development
QEMU and Raspberry Pi. Instant Embedded DevelopmentQEMU and Raspberry Pi. Instant Embedded Development
QEMU and Raspberry Pi. Instant Embedded DevelopmentGlobalLogic Ukraine
 
Linux Kernel Module - For NLKB
Linux Kernel Module - For NLKBLinux Kernel Module - For NLKB
Linux Kernel Module - For NLKBshimosawa
 
Linux Device Tree
Linux Device TreeLinux Device Tree
Linux Device Tree艾鍗科技
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBshimosawa
 
U-Boot - An universal bootloader
U-Boot - An universal bootloader U-Boot - An universal bootloader
U-Boot - An universal bootloader Emertxe Information Technologies Pvt Ltd
 
Embedded Linux on ARM
Embedded Linux on ARMEmbedded Linux on ARM
Embedded Linux on ARMEmertxe Information Technologies Pvt Ltd
 
BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black BootloadersSysPlay eLearning Academy for You
 
Let's trace Linux Lernel with KGDB @ COSCUP 2021
Let's trace Linux Lernel with KGDB @ COSCUP 2021Let's trace Linux Lernel with KGDB @ COSCUP 2021
Let's trace Linux Lernel with KGDB @ COSCUP 2021Jian-Hong Pan
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelSUSE Labs Taipei
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequenceHoucheng Lin
 
A practical guide to buildroot
A practical guide to buildrootA practical guide to buildroot
A practical guide to buildrootEmertxe Information Technologies Pvt Ltd
 
Understanding a kernel oops and a kernel panic
Understanding a kernel oops and a kernel panicUnderstanding a kernel oops and a kernel panic
Understanding a kernel oops and a kernel panicJoseph Lu
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal BootloaderSatpal Parmar
 
Bootloaders (U-Boot)
Bootloaders (U-Boot) Bootloaders (U-Boot)
Bootloaders (U-Boot) Omkar Rane
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers Emertxe Information Technologies Pvt Ltd
 
用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver艾鍗科技
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
 
Translation Cache Policies for Dynamic Binary Translation
Translation Cache Policies for Dynamic Binary TranslationTranslation Cache Policies for Dynamic Binary Translation
Translation Cache Policies for Dynamic Binary TranslationSaber Ferjani
 
Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Novell
 

Weitere ähnliche Inhalte

Was ist angesagt?

Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device driversHoucheng Lin
 
Embedded Linux BSP Training (Intro)
Embedded Linux BSP Training (Intro)Embedded Linux BSP Training (Intro)
Embedded Linux BSP Training (Intro)RuggedBoardGroup
 
Ninja Build: Simple Guide for Beginners
Ninja Build: Simple Guide for BeginnersNinja Build: Simple Guide for Beginners
Ninja Build: Simple Guide for BeginnersChang W. Doh
 
QEMU and Raspberry Pi. Instant Embedded Development
QEMU and Raspberry Pi. Instant Embedded DevelopmentQEMU and Raspberry Pi. Instant Embedded Development
QEMU and Raspberry Pi. Instant Embedded DevelopmentGlobalLogic Ukraine
 
Linux Kernel Module - For NLKB
Linux Kernel Module - For NLKBLinux Kernel Module - For NLKB
Linux Kernel Module - For NLKBshimosawa
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBshimosawa
 
Let's trace Linux Lernel with KGDB @ COSCUP 2021
Let's trace Linux Lernel with KGDB @ COSCUP 2021Let's trace Linux Lernel with KGDB @ COSCUP 2021
Let's trace Linux Lernel with KGDB @ COSCUP 2021Jian-Hong Pan
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelSUSE Labs Taipei
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequenceHoucheng Lin
 
Understanding a kernel oops and a kernel panic
Understanding a kernel oops and a kernel panicUnderstanding a kernel oops and a kernel panic
Understanding a kernel oops and a kernel panicJoseph Lu
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal BootloaderSatpal Parmar
 
Bootloaders (U-Boot)
Bootloaders (U-Boot) Bootloaders (U-Boot)
Bootloaders (U-Boot) Omkar Rane
 
用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver艾鍗科技
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
 

Was ist angesagt? (20)

Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
 
Embedded Linux BSP Training (Intro)
Embedded Linux BSP Training (Intro)Embedded Linux BSP Training (Intro)
Embedded Linux BSP Training (Intro)
 
Ninja Build: Simple Guide for Beginners
Ninja Build: Simple Guide for BeginnersNinja Build: Simple Guide for Beginners
Ninja Build: Simple Guide for Beginners
 
QEMU and Raspberry Pi. Instant Embedded Development
QEMU and Raspberry Pi. Instant Embedded DevelopmentQEMU and Raspberry Pi. Instant Embedded Development
QEMU and Raspberry Pi. Instant Embedded Development
 
Linux Kernel Module - For NLKB
Linux Kernel Module - For NLKBLinux Kernel Module - For NLKB
Linux Kernel Module - For NLKB
 
Linux Device Tree
Linux Device TreeLinux Device Tree
Linux Device Tree
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKB
 
U-Boot - An universal bootloader
U-Boot - An universal bootloader U-Boot - An universal bootloader
U-Boot - An universal bootloader
 
Embedded Linux on ARM
Embedded Linux on ARMEmbedded Linux on ARM
Embedded Linux on ARM
 
BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black Bootloaders
 
Let's trace Linux Lernel with KGDB @ COSCUP 2021
Let's trace Linux Lernel with KGDB @ COSCUP 2021Let's trace Linux Lernel with KGDB @ COSCUP 2021
Let's trace Linux Lernel with KGDB @ COSCUP 2021
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux Kernel
 
Uboot startup sequence
Uboot startup sequenceUboot startup sequence
Uboot startup sequence
 
A practical guide to buildroot
A practical guide to buildrootA practical guide to buildroot
A practical guide to buildroot
 
Understanding a kernel oops and a kernel panic
Understanding a kernel oops and a kernel panicUnderstanding a kernel oops and a kernel panic
Understanding a kernel oops and a kernel panic
 
U Boot or Universal Bootloader
U Boot or Universal BootloaderU Boot or Universal Bootloader
U Boot or Universal Bootloader
 
Bootloaders (U-Boot)
Bootloaders (U-Boot) Bootloaders (U-Boot)
Bootloaders (U-Boot)
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
 
用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver用Raspberry Pi 學Linux I2C Driver
用Raspberry Pi 學Linux I2C Driver
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
 

Andere mochten auch

Translation Cache Policies for Dynamic Binary Translation
Translation Cache Policies for Dynamic Binary TranslationTranslation Cache Policies for Dynamic Binary Translation
Translation Cache Policies for Dynamic Binary TranslationSaber Ferjani
 
Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Novell
 
Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Wan Leung Wong
 
Virtualization Architecture & KVM
Virtualization Architecture & KVMVirtualization Architecture & KVM
Virtualization Architecture & KVMPradeep Kumar
 
Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015Filipe Miranda
 
Memory Simulation in QEMU
Memory Simulation in QEMUMemory Simulation in QEMU
Memory Simulation in QEMUZ Chen
 
Virtualization, The future of computing (archived)
Virtualization, The future of computing (archived)Virtualization, The future of computing (archived)
Virtualization, The future of computing (archived)Bud Siddhisena
 
(망고210& Gingerbread) u-boot 컴파일 및 다운로드
(망고210& Gingerbread) u-boot 컴파일 및 다운로드(망고210& Gingerbread) u-boot 컴파일 및 다운로드
(망고210& Gingerbread) u-boot 컴파일 및 다운로드종인 전
 
Linux KVM のコードを追いかけてみよう
Linux KVM のコードを追いかけてみようLinux KVM のコードを追いかけてみよう
Linux KVM のコードを追いかけてみようTsuyoshi OZAWA
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Tim Mackey
 
Developing Automotive Linux
Developing Automotive LinuxDeveloping Automotive Linux
Developing Automotive LinuxAlison Chaiken
 
Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...
Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...
Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...Simone Ercoli
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013dotCloud
 
Study on Android Emulator
Study on Android EmulatorStudy on Android Emulator
Study on Android EmulatorSamael Wang
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System mentoresd
 
Sierraware ARM hypervisor
Sierraware ARM hypervisor Sierraware ARM hypervisor
Sierraware ARM hypervisor Sierraware
 

Andere mochten auch (20)

Translation Cache Policies for Dynamic Binary Translation
Translation Cache Policies for Dynamic Binary TranslationTranslation Cache Policies for Dynamic Binary Translation
Translation Cache Policies for Dynamic Binary Translation
 
Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)Virtualization with KVM (Kernel-based Virtual Machine)
Virtualization with KVM (Kernel-based Virtual Machine)
 
Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)Virtualization - Kernel Virtual Machine (KVM)
Virtualization - Kernel Virtual Machine (KVM)
 
Virtualization Architecture & KVM
Virtualization Architecture & KVMVirtualization Architecture & KVM
Virtualization Architecture & KVM
 
Qemu
QemuQemu
Qemu
 
Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015
 
Memory Simulation in QEMU
Memory Simulation in QEMUMemory Simulation in QEMU
Memory Simulation in QEMU
 
Virtualization, The future of computing (archived)
Virtualization, The future of computing (archived)Virtualization, The future of computing (archived)
Virtualization, The future of computing (archived)
 
(망고210& Gingerbread) u-boot 컴파일 및 다운로드
(망고210& Gingerbread) u-boot 컴파일 및 다운로드(망고210& Gingerbread) u-boot 컴파일 및 다운로드
(망고210& Gingerbread) u-boot 컴파일 및 다운로드
 
Linux KVM のコードを追いかけてみよう
Linux KVM のコードを追いかけてみようLinux KVM のコードを追いかけてみよう
Linux KVM のコードを追いかけてみよう
 
Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...Using hypervisor and container technology to increase datacenter security pos...
Using hypervisor and container technology to increase datacenter security pos...
 
Embedded Virtualization for Mobile Devices
Embedded Virtualization for Mobile DevicesEmbedded Virtualization for Mobile Devices
Embedded Virtualization for Mobile Devices
 
Developing Automotive Linux
Developing Automotive LinuxDeveloping Automotive Linux
Developing Automotive Linux
 
Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...
Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...
Vision and Multimedia Reading Group: DeCAF: a Deep Convolutional Activation F...
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
 
LXC
LXCLXC
LXC
 
Hypervisor and Nova
Hypervisor and NovaHypervisor and Nova
Hypervisor and Nova
 
Study on Android Emulator
Study on Android EmulatorStudy on Android Emulator
Study on Android Emulator
 
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
Simultaneously Leveraging Linux and Android in a GENIVI compliant IVI System
 
Sierraware ARM hypervisor
Sierraware ARM hypervisor Sierraware ARM hypervisor
Sierraware ARM hypervisor
 

Ähnlich wie QEMU Binary Translations Overview

20081114 Friday Food iLabt Bart Joris
20081114 Friday Food iLabt Bart Joris20081114 Friday Food iLabt Bart Joris
20081114 Friday Food iLabt Bart Jorisimec.archive
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
 
Challenges in GPU compilers
Challenges in GPU compilersChallenges in GPU compilers
Challenges in GPU compilersAnastasiaStulova
 
LCA13: Who Disturbs My Slumber
LCA13: Who Disturbs My SlumberLCA13: Who Disturbs My Slumber
LCA13: Who Disturbs My SlumberLinaro
 
Lec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIW
Lec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIWLec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIW
Lec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIWHsien-Hsin Sean Lee, Ph.D.
 
An Essential Relationship between Real-time and Resource Partitioning
An Essential Relationship between Real-time and Resource PartitioningAn Essential Relationship between Real-time and Resource Partitioning
An Essential Relationship between Real-time and Resource PartitioningYoshitake Kobayashi
 
emips_overview_apr08
emips_overview_apr08emips_overview_apr08
emips_overview_apr08Neil Pittman
 
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...Akihiro Hayashi
 
May2010 hex-core-opt
May2010 hex-core-optMay2010 hex-core-opt
May2010 hex-core-optJeff Larkin
 
Nvidia tegra K1 Presentation
Nvidia tegra K1 PresentationNvidia tegra K1 Presentation
Nvidia tegra K1 PresentationANURAG SEKHSARIA
 
UM2019 Extended BPF: A New Type of Software
UM2019 Extended BPF: A New Type of SoftwareUM2019 Extended BPF: A New Type of Software
UM2019 Extended BPF: A New Type of SoftwareBrendan Gregg
 
Introduction to FreeRTOS
Introduction to FreeRTOSIntroduction to FreeRTOS
Introduction to FreeRTOSICS
 
IRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the PreemptibleIRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the PreemptibleAlison Chaiken
 
unit 1ARM INTRODUCTION.pptx
unit 1ARM INTRODUCTION.pptxunit 1ARM INTRODUCTION.pptx
unit 1ARM INTRODUCTION.pptxKandavelEee
 
3.5 create, monitor and kill processes v2
3.5 create, monitor and kill processes v23.5 create, monitor and kill processes v2
3.5 create, monitor and kill processes v2Acácio Oliveira
 
MOVED: The challenge of SVE in QEMU - SFO17-103
MOVED: The challenge of SVE in QEMU - SFO17-103MOVED: The challenge of SVE in QEMU - SFO17-103
MOVED: The challenge of SVE in QEMU - SFO17-103Linaro
 
OSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner FischerOSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner FischerNETWAYS
 
CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...
CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...
CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...PROIDEA
 
PowerDRC/LVS 2.2 released by POLYTEDA
PowerDRC/LVS 2.2 released by POLYTEDAPowerDRC/LVS 2.2 released by POLYTEDA
PowerDRC/LVS 2.2 released by POLYTEDAAlexander Grudanov
 

Ähnlich wie QEMU Binary Translations Overview (20)

20081114 Friday Food iLabt Bart Joris
20081114 Friday Food iLabt Bart Joris20081114 Friday Food iLabt Bart Joris
20081114 Friday Food iLabt Bart Joris
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
 
Challenges in GPU compilers
Challenges in GPU compilersChallenges in GPU compilers
Challenges in GPU compilers
 
LCA13: Who Disturbs My Slumber
LCA13: Who Disturbs My SlumberLCA13: Who Disturbs My Slumber
LCA13: Who Disturbs My Slumber
 
Lec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIW
Lec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIWLec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIW
Lec15 Computer Architecture by Hsien-Hsin Sean Lee Georgia Tech -- EPIC VLIW
 
An Essential Relationship between Real-time and Resource Partitioning
An Essential Relationship between Real-time and Resource PartitioningAn Essential Relationship between Real-time and Resource Partitioning
An Essential Relationship between Real-time and Resource Partitioning
 
emips_overview_apr08
emips_overview_apr08emips_overview_apr08
emips_overview_apr08
 
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
 
May2010 hex-core-opt
May2010 hex-core-optMay2010 hex-core-opt
May2010 hex-core-opt
 
Nvidia tegra K1 Presentation
Nvidia tegra K1 PresentationNvidia tegra K1 Presentation
Nvidia tegra K1 Presentation
 
UM2019 Extended BPF: A New Type of Software
UM2019 Extended BPF: A New Type of SoftwareUM2019 Extended BPF: A New Type of Software
UM2019 Extended BPF: A New Type of Software
 
Introduction to FreeRTOS
Introduction to FreeRTOSIntroduction to FreeRTOS
Introduction to FreeRTOS
 
IRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the PreemptibleIRQs: the Hard, the Soft, the Threaded and the Preemptible
IRQs: the Hard, the Soft, the Threaded and the Preemptible
 
unit 1ARM INTRODUCTION.pptx
unit 1ARM INTRODUCTION.pptxunit 1ARM INTRODUCTION.pptx
unit 1ARM INTRODUCTION.pptx
 
3.5 create, monitor and kill processes v2
3.5 create, monitor and kill processes v23.5 create, monitor and kill processes v2
3.5 create, monitor and kill processes v2
 
MOVED: The challenge of SVE in QEMU - SFO17-103
MOVED: The challenge of SVE in QEMU - SFO17-103MOVED: The challenge of SVE in QEMU - SFO17-103
MOVED: The challenge of SVE in QEMU - SFO17-103
 
OSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner FischerOSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner Fischer
 
Kernel Debugging & Profiling
Kernel Debugging & ProfilingKernel Debugging & Profiling
Kernel Debugging & Profiling
 
CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...
CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...
CONFidence 2017: Escaping the (sand)box: The promises and pitfalls of modern ...
 
PowerDRC/LVS 2.2 released by POLYTEDA
PowerDRC/LVS 2.2 released by POLYTEDAPowerDRC/LVS 2.2 released by POLYTEDA
PowerDRC/LVS 2.2 released by POLYTEDA
 

Kürzlich hochgeladen

Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - InfographicHr365.us smith
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 

Kürzlich hochgeladen (20)

Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Asset Management Software - Infographic
Asset Management Software - InfographicAsset Management Software - Infographic
Asset Management Software - Infographic
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 

QEMU Binary Translations Overview

  • 1. QEMU Binary Translations 2014/09/25@NCKU Embedded Course Jeff Liaw rampant1018@gmail.com
  • 2. Outline Introduction of QEMU Overview Translation Block Tiny Code Generator Porting to New Architecture Linaro QEMU Monitor A debug tool for AArch64/QEMU YODO Lab -2-
  • 4. What is QEMU? Quick EMUlator QEMU is a FAST! processor emulator Time for booting linux kernel(buildroot)  QEMU needs 2 sec  Foundation Model needs 12 sec Simulation V.S Emulation Simulation – For analysis and study Emulation – For usage as substitute YODO Lab -4-
  • 5. Usage of QEMU Modes: System-mode emulation – emulation of a full system User-mode emulation – launch processes compiled for another CPU(same OS)  Ex. execute arm/linux program on x86/linux Popular uses: For cross-compilation development environments Virtualization, device emulation, for kvm Android Emulator(part of SDK) YODO Lab -5-
  • 6. QEMU Generic Features Support Self-modifying code Precise exception FPU  software emulation  host FPU instructions Dynamic translation to native code => speed YODO Lab -6-
  • 7. QEMU Full System Emulation Features Full software MMU => portability Optionally use an in-kernel accelerator(kvm) Various hardware devices can be emulated SMP even on host with a single CPU YODO Lab -7-
  • 8. QEMU Emulation Example Host(Win7/x86) emulate Guest(Linux/arm) x86 ISA is different from ARM’s ISA emulate YODO Lab -8-
  • 9. Dynamic Translation Target CPU instruction → Host CPU instruction(runtime) 32MB YODO Lab -9-
  • 10. Translation & Execution initialize the process or and jump to the host code Main Loop:  IRQ handle  translation  run guest restore normal state and return to the main loop Overhead! YODO Lab -10-
  • 11. Translation & Execution We need emulation! Host Emulation  Main Loop:  IRQ handle  translation  run guest YODO Lab -11-
  • 12. Basic Block(Translated Block, TB) Block exit point: encounter branch(modify PC) reach page boundary 000081ac<abort>: 81ac: add $sp, $sp #-24 81b0: str $fp, [$sp+#20] … 81c2: beq $lr 81c6: mov $sp, $fp … 81d0: ret $lr Branch occur Block 1 Block 2 YODO Lab -12-
  • 13. Block Chaining Jump directly between basic blocks YODO Lab -13-
  • 14. Chaining Steps tb_add_jump() in “cpu-exec.c” YODO Lab -14-
  • 15. CPU Execution Flow Exceptions: asynchronous interrupts(unchain) process I/O no more TB Look up TBC by target PC Translate one basic block Chain it to existed block Cached Execute translated code Exception handling N Y tb_gen_code() tb_add_jump() cpu_tb_exec() YODO Lab -15-
  • 16. Example arm-none-eabi-gcc -c -mcpu=arm926ej-s -g foo.c foo.o -O0 YODO Lab -16-
  • 17. Example  r4 = dummy  r5 = i dummy++ when i < 5 dummy-- when i >= 5 i count from 0 to 9 Translation Cache TB 1 TB 1 cpu-exec TB 2 TB 2 TB 3 TB 3 TB 4 TB 4 TB 5 TB 5 YODO Lab -17-
  • 18. CPU dependency(bad idea) generate host code Target CPU Host CPU Bomb!!!!!! YODO Lab -18-
  • 19. CPU independency(good idea) -19- generate host code Target CPU Host CPU All problems in CS can be solved by another level of indirection YODO Lab -19-
  • 20. Tiny Code Generator(TCG) Since QEMU 0.10 Relax dependency Steps: 1. Target instruction → RISC-like TCG ops 2. Optimizations 3. TCG ops → host instructions Frontend Backend YODO Lab -20-
  • 21. TCG micro-ops Simple instruction Ex. add → TCG micro-ops ARM micro-ops Convert P.S tmp5 and tmp6 are temporary variables YODO Lab -21-
  • 22. TCG micro-ops Complicated instruction Ex. qadd → TCG micro-ops(helper) ARM micro-ops Convert P.S tmp5, tmp6 and tmp7 are temporary variables YODO Lab -22-
  • 23. TCG micro-ops TCG micro-ops Basic functions Temporary variables Divide one instruction to multiple small operations Helper function handle complicated instructions YODO Lab -23-
  • 24. TCG Frontend API tcg_gen_<op>[i]_<reg_size> <op> - operation [i] - immediate or register <reg_size> - size of register YODO Lab -24-
  • 25. TCG Frontend API Temporary variable allocate & delete Call helper function YODO Lab -25-
  • 26. TCG internal Two column: op code(opc) op parameter(opparam) OPC OPPARAM op_add_i32 ret arg1 arg2 OPC OPPARAM YODO Lab -26-
  • 27. ARM Convert micro-ops OPC OPPARAM op_movi_i32 op_mov_i32 op_add_i32 op_mov_i32 t0 arg2 t1 cpu_R[arg1] t1 t1 t0 cpu_R[arg1] t1 YODO Lab -27-
  • 28. TCG Backend Frontend Backend OPC OPPARAM op_movi_i32 op_mov_i32 op_add_i32 op_mov_i32 t0 arg2 t1 cpu_R[arg1] t1 t1 t0 cpu_R[arg1] t1 YODO Lab -28-
  • 29. TCG Backend micro-ops → host code QEMU on x86-64 micro-ops Host machine Convert YODO Lab -29-
  • 30. TCG Backend x86-64 backend example OPC OPPARAM op_movi_i32 op_mov_i32 op_add_i32 op_mov_i32 t0 arg2 t1 cpu_R[arg1] t1 t1 t0 cpu_R[arg1] t1 YODO Lab -30-
  • 31. TCG Porting Porting source tree qemu/target-*/ cpu.h translate.c op_helper.c helper.c qemu/tcg/*/ tcg-target. c tcg-target. h Frontend Backend regs and cpu status declaration target instruction → micro-op complicated instruction which can’t be modeled with micro-op exception handling(ex. divide 0) YODO Lab -31-
  • 33. Overview Build the future of Open Source Software on ARM Does the core engineering YODO Lab -33-
  • 34. Members Core Members Club Members Group Members YODO Lab -34-
  • 35. Android L Developer Preview Android emulator based on QEMU Differences to mainline QEMU User Interface  keypad/buttons  accelerated graphics Emulated Devices  Fast IPC(qemu_pipe)  GSM, GPS, sensors Ref: http://www.linaro.org/blog/core-dump/running-64bit-android-l-qemu/ YODO Lab -35-
  • 37. Overview QEMU provide gdb stub debug in running image display general purpose registers(pc, spsr) single step execution But can not display system register hard to debug kernel image YODO Lab -37-
  • 38. QEMU gdbserver & qemu-monitor  QEMU gdbserver send gdb packet when VM_STATE change  Custom packet through IPC socket GDB_VM_STATE _CHANGE Send GDB Packet Send Custom Packet Receive Custom Packet Print Related Information IPC Socket QEMU qemu-monitor Custom Packet YODO Lab -38-
  • 39. QEMU System Registers Mapping Some registers are not implemented Hard-coded target-arm/helper.c Hash Key QEMU Variables mapping to ARM registers YODO Lab -39-
  • 42. QEMU & KVM QEMU run independently QEMU + KVM qemu(userspace tool) kvm(hypervisor) YODO Lab -42-