qemu internals
play

QEMU internals Chad D. Kersey January 28, 2009 Chad D. Kersey - PowerPoint PPT Presentation

Sep 05, 2023 •216 likes •456 views

The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions QEMU internals Chad D. Kersey January 28, 2009 Chad D. Kersey QEMU internals The basics Dynamic translation Basic Block Chaining The codebase

  1. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions QEMU internals Chad D. Kersey January 28, 2009 Chad D. Kersey QEMU internals

  2. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Where to get the source svn co svn://svn.savannah.nongnu.org/qemu Make sure you have the latest sources if you’re reading along. A lot has changed since the previous release. Chad D. Kersey QEMU internals

  3. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Functional simulation Simulate what a processor does, not how it does it. Needs separate model for timing analysis (if needed). Faster than “cycle-accurate” simulators. Good enough to use applications written for another CPU. Chad D. Kersey QEMU internals

  4. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions QEMU system simulation QEMU simulates VGA, serial, and ethernet. hw/* contain all of the supported boards. Includes rather complete PC, Nokia N-series, PCI ultrasparc. Various development boards in varying levels of completion. Chad D. Kersey QEMU internals

  5. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions What dynamic translation isn’t Interpreters execute instructions one at a time. Significant slowdown from constant overhead. Easier to write and debug than dynamic translators. Guest Code Static Code Control Flow Data Flow Chad D. Kersey QEMU internals

  6. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions What dynamic translation is Dynamic translators convert code as needed. Try to spend most time executing in translation cache. Translate basic blocks as needed. Store translated blocks in code cache. Translation Cache . Generated Code . Guest Code Static Code . . . . Control Flow Data Flow Chad D. Kersey QEMU internals

  7. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Getting into and out of the code cache cpu exec() called each time around main loop. Program executes until an unchained block is encountered. Returns to cpu exec() through epilogue. Pre−generated code Translation Cache Prologue . Code . cpu_exec() . Epilogue . . . Chad D. Kersey QEMU internals

  8. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Portable dynamic translation Guest Code QEMU uses an gen_intermediate_code() intermediate form. Frontends are in TCG Operations target-*/ Backends are in tcg/*/ Selected with preprocessor tcg_gen_code() evil. Host Code Chad D. Kersey QEMU internals

  9. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Portable dynamic translation: stage 1 push %ebp Guest Code mov %esp,%ebp not %eax add %eax,%edx mov %edx,%eax gen_intermediate_code() xor $0x55555555,%eax pop %ebp ret TCG Operations tcg_gen_code() Host Code Chad D. Kersey QEMU internals

  10. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Portable dynamic translation: stage 2 . . . Guest Code ld_i32 tmp2,env,$0x10 qemu_ld32u tmp0,tmp2,$0xffffffff ld_i32 tmp4,env,$0x10 movi_i32 tmp14,$0x4 gen_intermediate_code() add_i32 tmp4,tmp4,tmp14 st_i32 tmp4,env,$0x10 st_i32 tmp0,env,$0x20 movi_i32 cc_op,$0x18 TCG Operations exit_tb $0x0 tcg_gen_code() Host Code Chad D. Kersey QEMU internals

  11. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Portable dynamic translation: stage 3 . . . Guest Code mov 0x10(%ebp),%eax mov %eax,%ecx mov (%ecx),%eax mov 0x10(%ebp),%edx gen_intermediate_code() add $0x4,%edx mov %edx,0x10(%ebp) mov %eax,0x20(%ebp) mov $0x18,%eax TCG Operations mov %eax,0x30(%ebp) xor %eax,%eax jmp 0xba0db428 tcg_gen_code() /*This represents just the ret instruction!*/ Host Code Chad D. Kersey QEMU internals

  12. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Basic block chaining Returning from code cache is slow. Solution: jump directly between basic blocks! Make space for a jump, follow by a return to the epilogue. Every time a block returns, try to chain it. Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  13. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Basic block chaining: step 1 Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  14. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Basic block chaining: step 2 Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  15. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Basic block chaining: step 3 Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  16. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Basic block chaining: step 4 Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  17. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Basic block chaining: step 5 Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  18. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Unchain on interrupt Now how do we interrupt the processor? Have another thread unchain the blocks. cpu_interrupt() Pre−generated code Translation Cache TB Prologue cpu_exec() TB TB Epilogue TB Chad D. Kersey QEMU internals

  19. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Code organization TranslationBlock structure in translate-all.h Translation cache is code gen buffer in exec.c cpu-exec() in cpu-exec.c orchestrates translation and block chaining. target-*/translate.c : guest ISA specific code. tcg-*/*/ : host ISA specific code. linux-user/* : Linux usermode specific code. vl.c : Main loop for system emulation. hw/* : Hardware, including video, audio, and boards. Chad D. Kersey QEMU internals

  20. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Ways to have fun Add extra instructions to an ISA. Generate execution traces to drive timing models. Try to integrate timing models. Retarget frontend or backend. Improve optimization, say, by retaining chaining across interrupts. Chad D. Kersey QEMU internals

  21. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Acknowledgments QEMU by Fabrice Bellard: www.bellard.org/ Current qemu-internals: http://bellard.org/qemu/qemu-tech.html Some graphics in these slides part of work funded by DOE grant. Chad D. Kersey QEMU internals

  22. The basics Dynamic translation Basic Block Chaining The codebase Acknowledgments Questions Questions? ? Chad D. Kersey QEMU internals

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete (April 18, 2016) Manolis Marazakis (maraz@ics.forth.gr) Institute of Computer Science (ICS) Foundation for Research and Technology Hellas

289 views • 27 slides
QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete (April 8, 2019) Manolis Marazakis (maraz@ics.forth.gr) Institute of Computer Science (ICS) Foundation for Research and Technology Hellas

412 views • 30 slides
QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete

QEMU: Architecture and Internals Lecture for the Embedded Systems Course CSD, University of Crete (May 6, 2014) Manolis Marazakis (maraz@ics.forth.gr) Institute of Computer Science (ICS) Foundation for Research and Technology Hellas

262 views • 23 slides
QEMU 2.0 and Beyond CloudOpen 2013 Anthony Liguori <anthony@codemonkey.ws> About QEMU

QEMU 2.0 and Beyond CloudOpen 2013 Anthony Liguori <anthony@codemonkey.ws> About QEMU

QEMU 2.0 and Beyond CloudOpen 2013 Anthony Liguori <anthony@codemonkey.ws> About QEMU is a fast full system simulator and virtualization engine QEMU is Open Source hardware emulation KVM Xen Android SDK (fork)

431 views • 22 slides
Merging QEMU-DM upstream Taking the '-dm' out of qemu-dm Anthony Liguori aliguori@us.ibm.com

Merging QEMU-DM upstream Taking the '-dm' out of qemu-dm Anthony Liguori aliguori@us.ibm.com

Merging QEMU-DM upstream Taking the '-dm' out of qemu-dm Anthony Liguori aliguori@us.ibm.com IBM Linux Technology Center XenSummit April 16th, 2007 Linux is a registered trademark of Linus Torvalds. What's qemu-dm? HVM device

430 views • 13 slides
QEMU internal APIs How abstractions inside QEMU (don't) work together Eduardo Habkost

QEMU internal APIs How abstractions inside QEMU (don't) work together Eduardo Habkost

QEMU internal APIs How abstractions inside QEMU (don't) work together Eduardo Habkost <ehabkost@redhat.com> 1 Contents Context: QEMU features and interfaces Overview of some internal QEMU APIs Interaction between different abstractions

899 views • 70 slides
Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8

Windows 8 Heap Internals Windows 8 Heap Internals Windows 8 Heap Internals INTRODUCTION Windows 8 Heap Internals Who Chris Valasek (@nudehaberdasher) Sr. Research Scientist Coverity Tarjei Mandt (@kernelpool) Vulnerability

1.33k views • 91 slides
Towards a more expressive and introspectable QEMU command line Markus Armbruster

Towards a more expressive and introspectable QEMU command line Markus Armbruster

Towards a more expressive and introspectable QEMU command line Markus Armbruster <armbru@redhat.com> KVM Forum 2017 Part I Things we want from the command line A simple example You could run QEMU like this: $ qemu -s -machine

953 views • 83 slides
Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in

Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in

Improving the QEMU Event Loop Fam Zheng Red Hat KVM Forum 2015 Agenda The event loops in QEMU Challenges Consistency Scalability Correctness The event loops in QEMU QEMU from a mile away Main loop from 10 meters The

523 views • 35 slides
io_uring in QEMU: high-performance disk IO for Linux FOSDEM 2020 Julia Suvorova, Red Hat

io_uring in QEMU: high-performance disk IO for Linux FOSDEM 2020 Julia Suvorova, Red Hat

io_uring in QEMU: high-performance disk IO for Linux FOSDEM 2020 Julia Suvorova, Red Hat Software Engineer 1 Agenda What well discuss today io_uring API QEMU structure Features of io_uring and how they helped QEMU Benchmarks What

634 views • 20 slides
QEMU Support for the RISC-V Instruction Set Architecture Sagar Karandikar

QEMU Support for the RISC-V Instruction Set Architecture Sagar Karandikar

QEMU Support for the RISC-V Instruction Set Architecture Sagar Karandikar sagark@eecs.berkeley.edu KVM Forum 2016 https://github.com/riscv/riscv-qemu Outline Why RISC-V? Benefits of an Open ISA RISC-V ISA Basics Virtualization

536 views • 42 slides
Roadmap for Section 4.3. Windows Process and Thread Internals Thread Block, Process Block Flow

Roadmap for Section 4.3. Windows Process and Thread Internals Thread Block, Process Block Flow

Unit OS4: Scheduling and Dispatch 4.3. Windows Process and Thread Internals Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 4.3. Windows Process and Thread Internals Thread

438 views • 15 slides
Testing QEMU emulated devices using qtest Marc Mar Barcel <marc.mari.barcelo@gmail.com>

Testing QEMU emulated devices using qtest Marc Mar Barcel <marc.mari.barcelo@gmail.com>

Testing QEMU emulated devices using qtest Marc Mar Barcel <marc.mari.barcelo@gmail.com> KVM Forum 2014 Marc Mar Testing QEMU emulated devices using qtest 2 Who am I? Computer Science student Worked on QEMU in GSoC project

597 views • 44 slides
Converging QEMU and TCMU for Container Storage Huamin Chen Red Hat @root_fs

Converging QEMU and TCMU for Container Storage Huamin Chen Red Hat @root_fs

Converging QEMU and TCMU for Container Storage Huamin Chen Red Hat @root_fs https://github.com/rootfs https://huaminchen.wordpress.com/ Agenda Background Collaboration with Andy Grover (TCMU) and Fem Zheng (QEMU) Scope

2.75k views • 14 slides
Backing Chain Management in libvirt and qemu Eric Blake <eblake@redhat.com> KVM Forum,

Backing Chain Management in libvirt and qemu Eric Blake <eblake@redhat.com> KVM Forum,

Backing Chain Management in libvirt and qemu Eric Blake <eblake@redhat.com> KVM Forum, August 2015 In this presentation How does the qcow2 format track point-in-time snapshots What are the qemu building blocks for managing backing

1.6k views • 101 slides
Evaluating storage APIs for QEMU Anthony Liguori aliguori@us.ibm.com Open Virtualization

Evaluating storage APIs for QEMU Anthony Liguori aliguori@us.ibm.com Open Virtualization

Evaluating storage APIs for QEMU Anthony Liguori aliguori@us.ibm.com Open Virtualization IBM Linux Technology Center Linux Plumbers Conference 2009 Linux is a registered trademark of Linus Torvalds. The V-Word QEMU is used by Xen and

777 views • 52 slides
Combinatorics and topology of toric arrangements III. Epilogue Emanuele Delucchi (SNSF /

Combinatorics and topology of toric arrangements III. Epilogue Emanuele Delucchi (SNSF /

Combinatorics and topology of toric arrangements III. Epilogue Emanuele Delucchi (SNSF / Universit e de Fribourg) Toblach/Dobbiaco February 24, 2017 Finite matroids Rank functions / intersection posets ... of central hyperplane

569 views • 28 slides
Procedure Calls (Part 2) March 4, 2013 1 / 23 Schedule for the rest of the quarter . . .

Procedure Calls (Part 2) March 4, 2013 1 / 23 Schedule for the rest of the quarter . . .

Procedure Calls (Part 2) March 4, 2013 1 / 23 Schedule for the rest of the quarter . . . Assignments PA3 due tonight at 11:59pm! PA4 posted tomorrow, due Wed, March 13 HW2 posted Friday, due in class Fri, March 15 (this

429 views • 23 slides
The Timepix3 telescope Martin van Beuzekom, Panagiotis Tsopelas 1 on behalf of the LHCb Velo

The Timepix3 telescope Martin van Beuzekom, Panagiotis Tsopelas 1 on behalf of the LHCb Velo

The Timepix3 telescope Martin van Beuzekom, Panagiotis Tsopelas 1 on behalf of the LHCb Velo Upgrade group Telescopes & Testbeams Workshop DESY 2014 1 email: ptsopel@nikhef.nl Introduction The Timepix3 detector The telescope Epilogue

409 views • 17 slides
Archiving Computational Research in Virtual Machines Sorin Mitran Applied Mathematics

Archiving Computational Research in Virtual Machines Sorin Mitran Applied Mathematics

UNCvm Prologue Teaching Research Epilogue Archiving Computational Research in Virtual Machines Sorin Mitran Applied Mathematics University of North Carolina Chapel Hill Applied Mathematics Perspectives Reproducible Research Workshop

812 views • 55 slides
CSC 151 Spring 2020 Topic: Project Introduction April 17, 2020 Day 32 Exam 3 Reminder Exam 3

CSC 151 Spring 2020 Topic: Project Introduction April 17, 2020 Day 32 Exam 3 Reminder Exam 3

CSC 151 Spring 2020 Topic: Project Introduction April 17, 2020 Day 32 Exam 3 Reminder Exam 3 epilogue and cover sheet are due tonight (Friday) at 10:30 pm Central Time! CSC 151 Project Project Overview Find and use a new data set Do some

224 views • 8 slides
ePYTHON An implementation of Python for the many-core Epiphany coprocessor Nick Brown, EPCC

ePYTHON An implementation of Python for the many-core Epiphany coprocessor Nick Brown, EPCC

ePYTHON An implementation of Python for the many-core Epiphany coprocessor Nick Brown, EPCC nick.brown@ed.ac.uk Epiphany Announced by Adapteva in 2012, released in 2014 The Epiphany is a many core co-processor Most common version

496 views • 18 slides
Master Thesis Exploring the Epiphany manycore architecture for the Lattice Boltzmann algorithm

Master Thesis Exploring the Epiphany manycore architecture for the Lattice Boltzmann algorithm

Master Thesis Exploring the Epiphany manycore architecture for the Lattice Boltzmann algorithm Sebastian Raase 18 th November, 2014 Preface This thesis is a cooperation between Volvo Penta AB and Hgskolan i Halmstad. Volvo Penta

406 views • 18 slides
State of the ${kit} (kit=WebKitGTK+) Adrin Prez Igalia WebKit Basics Includes WebKitGTK+

State of the ${kit} (kit=WebKitGTK+) Adrin Prez Igalia WebKit Basics Includes WebKitGTK+

State of the ${kit} (kit=WebKitGTK+) Adrin Prez Igalia WebKit Basics Includes WebKitGTK+ What is WebKit? #webkitgtk #fosdem 4/24 What is WebKitGTK+? #webkitgtk #fosdem 5/24 What is WebKit2? #webkitgtk #fosdem 6/24 Who is using it?

619 views • 24 slides

More recommend