On Dec 13, 2006, at 10:04 AM, Joseph Miller wrote:
Can someone elaborate on this a little? What is the difference
between the SOFTMMU and the mmap()? Should I be using the
--enable-system or the --disable-system for win32 guest on i386
debian host? Can someone give a little more insight on this
technicality?
For full system emulation, qemu needs to support the emulated
processor's ability to perform virtual->physical address translation
for every memory reference (including data loads/stores and
non-pc-relative branches). Using the SOFTMMU method, this is done at
basic-block translation time by inlining a software TLB lookup routine
for each memory reference. This expands a simple target load
instruction into a sequence of ~20 host processor instructions (for
x86 target, ppc host I see about 25 instructions for TLB lookup).
The other way to handle this would be to use the host's MMU to do the
translation directly, via an mmap() system call which sets up the
translation. Then the translated basic block would contain memory
references using the target system's virtual address values, and the
translation would occur in the host's hardware MMU during execution
(fast), rather than having to execute a software TLB lookup. However,
there are a number of restrictions to using mmap() translation (host
and target address spaces cannot overlap, etc.) It appears that this
feature has been removed from current versions of qemu, so the only
way to do full system emulation is via the SOFTMMU method.
-- tim
_______________________________________________
Qemu-devel mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/qemu-devel