![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to qemu-doc.texi CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Qemu by Fabrice Bellard] / qemu|
Return to qemu-doc.texi CVS log | Up to [Qemu by Fabrice Bellard] / qemu |
1.1 root 1: \input texinfo @c -*- texinfo -*- 1.1.1.3 ! root 2: @c %**start of header ! 3: @setfilename qemu-doc.info ! 4: @settitle QEMU CPU Emulator User Documentation ! 5: @exampleindent 0 ! 6: @paragraphindent 0 ! 7: @c %**end of header 1.1 root 8: 9: @iftex 10: @titlepage 11: @sp 7 1.1.1.3 ! root 12: @center @titlefont{QEMU CPU Emulator} ! 13: @sp 1 ! 14: @center @titlefont{User Documentation} 1.1 root 15: @sp 3 16: @end titlepage 17: @end iftex 18: 1.1.1.3 ! root 19: @ifnottex ! 20: @node Top ! 21: @top ! 22: ! 23: @menu ! 24: * Introduction:: ! 25: * Installation:: ! 26: * QEMU PC System emulator:: ! 27: * QEMU System emulator for non PC targets:: ! 28: * QEMU Linux User space emulator:: ! 29: * compilation:: Compilation from the sources ! 30: * Index:: ! 31: @end menu ! 32: @end ifnottex ! 33: ! 34: @contents ! 35: ! 36: @node Introduction 1.1 root 37: @chapter Introduction 38: 1.1.1.3 ! root 39: @menu ! 40: * intro_features:: Features ! 41: @end menu ! 42: ! 43: @node intro_features 1.1 root 44: @section Features 45: 46: QEMU is a FAST! processor emulator using dynamic translation to 47: achieve good emulation speed. 48: 49: QEMU has two operating modes: 50: 51: @itemize @minus 52: 53: @item 54: Full system emulation. In this mode, QEMU emulates a full system (for 1.1.1.2 root 55: example a PC), including one or several processors and various 56: peripherals. It can be used to launch different Operating Systems 57: without rebooting the PC or to debug system code. 1.1 root 58: 59: @item 60: User mode emulation (Linux host only). In this mode, QEMU can launch 61: Linux processes compiled for one CPU on another CPU. It can be used to 62: launch the Wine Windows API emulator (@url{http://www.winehq.org}) or 63: to ease cross-compilation and cross-debugging. 64: 65: @end itemize 66: 67: QEMU can run without an host kernel driver and yet gives acceptable 68: performance. 69: 70: For system emulation, the following hardware targets are supported: 71: @itemize 72: @item PC (x86 or x86_64 processor) 1.1.1.2 root 73: @item ISA PC (old style PC without PCI bus) 1.1 root 74: @item PREP (PowerPC processor) 75: @item G3 BW PowerMac (PowerPC processor) 76: @item Mac99 PowerMac (PowerPC processor, in progress) 77: @item Sun4m (32-bit Sparc processor) 78: @item Sun4u (64-bit Sparc processor, in progress) 1.1.1.2 root 79: @item Malta board (32-bit MIPS processor) 1.1.1.3 ! root 80: @item ARM Integrator/CP (ARM926E or 1026E processor) 1.1 root 81: @end itemize 82: 1.1.1.2 root 83: For user emulation, x86, PowerPC, ARM, MIPS, and Sparc32/64 CPUs are supported. 1.1 root 84: 1.1.1.3 ! root 85: @node Installation 1.1 root 86: @chapter Installation 87: 88: If you want to compile QEMU yourself, see @ref{compilation}. 89: 1.1.1.3 ! root 90: @menu ! 91: * install_linux:: Linux ! 92: * install_windows:: Windows ! 93: * install_mac:: Macintosh ! 94: @end menu ! 95: ! 96: @node install_linux 1.1 root 97: @section Linux 98: 99: If a precompiled package is available for your distribution - you just 100: have to install it. Otherwise, see @ref{compilation}. 101: 1.1.1.3 ! root 102: @node install_windows 1.1 root 103: @section Windows 104: 105: Download the experimental binary installer at 1.1.1.3 ! root 106: @url{http://www.free.oszoo.org/@/download.html}. 1.1 root 107: 1.1.1.3 ! root 108: @node install_mac 1.1 root 109: @section Mac OS X 110: 111: Download the experimental binary installer at 1.1.1.3 ! root 112: @url{http://www.free.oszoo.org/@/download.html}. 1.1 root 113: 1.1.1.3 ! root 114: @node QEMU PC System emulator 1.1.1.2 root 115: @chapter QEMU PC System emulator 1.1 root 116: 1.1.1.3 ! root 117: @menu ! 118: * pcsys_introduction:: Introduction ! 119: * pcsys_quickstart:: Quick Start ! 120: * sec_invocation:: Invocation ! 121: * pcsys_keys:: Keys ! 122: * pcsys_monitor:: QEMU Monitor ! 123: * disk_images:: Disk Images ! 124: * pcsys_network:: Network emulation ! 125: * direct_linux_boot:: Direct Linux Boot ! 126: * pcsys_usb:: USB emulation ! 127: * gdb_usage:: GDB usage ! 128: * pcsys_os_specific:: Target OS specific information ! 129: @end menu ! 130: ! 131: @node pcsys_introduction 1.1 root 132: @section Introduction 133: 134: @c man begin DESCRIPTION 135: 1.1.1.2 root 136: The QEMU PC System emulator simulates the 137: following peripherals: 1.1 root 138: 139: @itemize @minus 140: @item 141: i440FX host PCI bridge and PIIX3 PCI to ISA bridge 142: @item 143: Cirrus CLGD 5446 PCI VGA card or dummy VGA card with Bochs VESA 144: extensions (hardware level, including all non standard modes). 145: @item 146: PS/2 mouse and keyboard 147: @item 148: 2 PCI IDE interfaces with hard disk and CD-ROM support 149: @item 150: Floppy disk 151: @item 152: NE2000 PCI network adapters 153: @item 154: Serial ports 155: @item 1.1.1.2 root 156: Creative SoundBlaster 16 sound card 157: @item 158: ENSONIQ AudioPCI ES1370 sound card 159: @item 160: Adlib(OPL2) - Yamaha YM3812 compatible chip 161: @item 162: PCI UHCI USB controller and a virtual USB hub. 1.1 root 163: @end itemize 164: 1.1.1.2 root 165: SMP is supported with up to 255 CPUs. 166: 167: Note that adlib is only available when QEMU was configured with 168: -enable-adlib 169: 1.1 root 170: QEMU uses the PC BIOS from the Bochs project and the Plex86/Bochs LGPL 171: VGA BIOS. 172: 1.1.1.2 root 173: QEMU uses YM3812 emulation by Tatsuyuki Satoh. 174: 1.1 root 175: @c man end 176: 1.1.1.3 ! root 177: @node pcsys_quickstart 1.1 root 178: @section Quick Start 179: 180: Download and uncompress the linux image (@file{linux.img}) and type: 181: 182: @example 183: qemu linux.img 184: @end example 185: 186: Linux should boot and give you a prompt. 187: 188: @node sec_invocation 189: @section Invocation 190: 191: @example 192: @c man begin SYNOPSIS 193: usage: qemu [options] [disk_image] 194: @c man end 195: @end example 196: 197: @c man begin OPTIONS 198: @var{disk_image} is a raw hard disk image for IDE hard disk 0. 199: 200: General options: 201: @table @option 1.1.1.2 root 202: @item -M machine 203: Select the emulated machine (@code{-M ?} for list) 204: 1.1 root 205: @item -fda file 206: @item -fdb file 1.1.1.3 ! root 207: Use @var{file} as floppy disk 0/1 image (@pxref{disk_images}). You can 1.1 root 208: use the host floppy by using @file{/dev/fd0} as filename. 209: 210: @item -hda file 211: @item -hdb file 212: @item -hdc file 213: @item -hdd file 1.1.1.3 ! root 214: Use @var{file} as hard disk 0, 1, 2 or 3 image (@pxref{disk_images}). 1.1 root 215: 216: @item -cdrom file 217: Use @var{file} as CD-ROM image (you cannot use @option{-hdc} and and 218: @option{-cdrom} at the same time). You can use the host CD-ROM by 219: using @file{/dev/cdrom} as filename. 220: 221: @item -boot [a|c|d] 222: Boot on floppy (a), hard disk (c) or CD-ROM (d). Hard disk boot is 223: the default. 224: 225: @item -snapshot 226: Write to temporary files instead of disk image files. In this case, 227: the raw disk image you use is not written back. You can however force 1.1.1.3 ! root 228: the write back by pressing @key{C-a s} (@pxref{disk_images}). 1.1 root 229: 230: @item -m megs 231: Set virtual RAM size to @var{megs} megabytes. Default is 128 MB. 232: 1.1.1.2 root 233: @item -smp n 234: Simulate an SMP system with @var{n} CPUs. On the PC target, up to 255 235: CPUs are supported. 236: 1.1 root 237: @item -nographic 238: 239: Normally, QEMU uses SDL to display the VGA output. With this option, 240: you can totally disable graphical output so that QEMU is a simple 241: command line application. The emulated serial port is redirected on 242: the console. Therefore, you can still use QEMU to debug a Linux kernel 243: with a serial console. 244: 1.1.1.3 ! root 245: @item -vnc d ! 246: ! 247: Normally, QEMU uses SDL to display the VGA output. With this option, ! 248: you can have QEMU listen on VNC display d and redirect the VGA display ! 249: over the VNC session. It is very useful to enable the usb tablet device ! 250: when using this option (option @option{-usbdevice tablet}). ! 251: 1.1 root 252: @item -k language 253: 254: Use keyboard layout @var{language} (for example @code{fr} for 255: French). This option is only needed where it is not easy to get raw PC 256: keycodes (e.g. on Macs or with some X11 servers). You don't need to 257: use it on PC/Linux or PC/Windows hosts. 258: 259: The available layouts are: 260: @example 261: ar de-ch es fo fr-ca hu ja mk no pt-br sv 262: da en-gb et fr fr-ch is lt nl pl ru th 263: de en-us fi fr-be hr it lv nl-be pt sl tr 264: @end example 265: 266: The default is @code{en-us}. 267: 1.1.1.2 root 268: @item -audio-help 1.1 root 269: 1.1.1.2 root 270: Will show the audio subsystem help: list of drivers, tunable 271: parameters. 272: 273: @item -soundhw card1,card2,... or -soundhw all 274: 275: Enable audio and selected sound hardware. Use ? to print all 276: available sound hardware. 277: 278: @example 279: qemu -soundhw sb16,adlib hda 280: qemu -soundhw es1370 hda 281: qemu -soundhw all hda 282: qemu -soundhw ? 283: @end example 1.1 root 284: 285: @item -localtime 286: Set the real time clock to local time (the default is to UTC 287: time). This option is needed to have correct date in MS-DOS or 288: Windows. 289: 290: @item -full-screen 291: Start in full screen. 292: 293: @item -pidfile file 294: Store the QEMU process PID in @var{file}. It is useful if you launch QEMU 295: from a script. 296: 297: @item -win2k-hack 298: Use it when installing Windows 2000 to avoid a disk full bug. After 299: Windows 2000 is installed, you no longer need this option (this option 300: slows down the IDE transfers). 301: 302: @end table 303: 1.1.1.2 root 304: USB options: 305: @table @option 306: 307: @item -usb 308: Enable the USB driver (will be the default soon) 309: 310: @item -usbdevice devname 311: Add the USB device @var{devname}. See the monitor command 312: @code{usb_add} to have more information. 313: @end table 314: 1.1 root 315: Network options: 316: 317: @table @option 318: 1.1.1.3 ! root 319: @item -net nic[,vlan=n][,macaddr=addr][,model=type] 1.1.1.2 root 320: Create a new Network Interface Card and connect it to VLAN @var{n} (@var{n} 321: = 0 is the default). The NIC is currently an NE2000 on the PC 322: target. Optionally, the MAC address can be changed. If no 323: @option{-net} option is specified, a single NIC is created. 1.1.1.3 ! root 324: Qemu can emulate several different models of network card. Valid values for ! 325: @var{type} are @code{ne2k_pci}, @code{ne2k_isa}, @code{rtl8139}, ! 326: @code{smc91c111} and @code{lance}. Not all devices are supported on all ! 327: targets. 1.1.1.2 root 328: 1.1.1.3 ! root 329: @item -net user[,vlan=n][,hostname=name] 1.1.1.2 root 330: Use the user mode network stack which requires no administrator 1.1.1.3 ! root 331: priviledge to run. @option{hostname=name} can be used to specify the client ! 332: hostname reported by the builtin DHCP server. 1.1 root 333: 1.1.1.2 root 334: @item -net tap[,vlan=n][,fd=h][,ifname=name][,script=file] 335: Connect the host TAP network interface @var{name} to VLAN @var{n} and 336: use the network script @var{file} to configure it. The default 337: network script is @file{/etc/qemu-ifup}. If @var{name} is not 338: provided, the OS automatically provides one. @option{fd=h} can be 339: used to specify the handle of an already opened host TAP interface. Example: 1.1 root 340: 1.1.1.2 root 341: @example 342: qemu linux.img -net nic -net tap 343: @end example 1.1 root 344: 1.1.1.2 root 345: More complicated example (two NICs, each one connected to a TAP device) 346: @example 347: qemu linux.img -net nic,vlan=0 -net tap,vlan=0,ifname=tap0 \ 348: -net nic,vlan=1 -net tap,vlan=1,ifname=tap1 349: @end example 1.1 root 350: 351: 1.1.1.2 root 352: @item -net socket[,vlan=n][,fd=h][,listen=[host]:port][,connect=host:port] 1.1 root 353: 1.1.1.2 root 354: Connect the VLAN @var{n} to a remote VLAN in another QEMU virtual 355: machine using a TCP socket connection. If @option{listen} is 356: specified, QEMU waits for incoming connections on @var{port} 357: (@var{host} is optional). @option{connect} is used to connect to 358: another QEMU instance using the @option{listen} option. @option{fd=h} 359: specifies an already opened TCP socket. 360: 361: Example: 362: @example 363: # launch a first QEMU instance 1.1.1.3 ! root 364: qemu linux.img -net nic,macaddr=52:54:00:12:34:56 \ ! 365: -net socket,listen=:1234 ! 366: # connect the VLAN 0 of this instance to the VLAN 0 ! 367: # of the first instance ! 368: qemu linux.img -net nic,macaddr=52:54:00:12:34:57 \ ! 369: -net socket,connect=127.0.0.1:1234 1.1.1.2 root 370: @end example 371: 372: @item -net socket[,vlan=n][,fd=h][,mcast=maddr:port] 373: 374: Create a VLAN @var{n} shared with another QEMU virtual 375: machines using a UDP multicast socket, effectively making a bus for 376: every QEMU with same multicast address @var{maddr} and @var{port}. 377: NOTES: 378: @enumerate 379: @item 380: Several QEMU can be running on different hosts and share same bus (assuming 381: correct multicast setup for these hosts). 382: @item 383: mcast support is compatible with User Mode Linux (argument @option{eth@var{N}=mcast}), see 384: @url{http://user-mode-linux.sf.net}. 385: @item Use @option{fd=h} to specify an already opened UDP multicast socket. 386: @end enumerate 387: 388: Example: 389: @example 390: # launch one QEMU instance 1.1.1.3 ! root 391: qemu linux.img -net nic,macaddr=52:54:00:12:34:56 \ ! 392: -net socket,mcast=230.0.0.1:1234 1.1.1.2 root 393: # launch another QEMU instance on same "bus" 1.1.1.3 ! root 394: qemu linux.img -net nic,macaddr=52:54:00:12:34:57 \ ! 395: -net socket,mcast=230.0.0.1:1234 1.1.1.2 root 396: # launch yet another QEMU instance on same "bus" 1.1.1.3 ! root 397: qemu linux.img -net nic,macaddr=52:54:00:12:34:58 \ ! 398: -net socket,mcast=230.0.0.1:1234 1.1.1.2 root 399: @end example 400: 401: Example (User Mode Linux compat.): 402: @example 1.1.1.3 ! root 403: # launch QEMU instance (note mcast address selected ! 404: # is UML's default) ! 405: qemu linux.img -net nic,macaddr=52:54:00:12:34:56 \ ! 406: -net socket,mcast=239.192.168.1:1102 1.1.1.2 root 407: # launch UML 408: /path/to/linux ubd0=/path/to/root_fs eth0=mcast 409: @end example 410: 411: @item -net none 412: Indicate that no network devices should be configured. It is used to 1.1.1.3 ! root 413: override the default configuration (@option{-net nic -net user}) which ! 414: is activated if no @option{-net} options are provided. 1.1 root 415: 416: @item -tftp prefix 417: When using the user mode network stack, activate a built-in TFTP 418: server. All filenames beginning with @var{prefix} can be downloaded 419: from the host to the guest using a TFTP client. The TFTP client on the 420: guest must be configured in binary mode (use the command @code{bin} of 421: the Unix TFTP client). The host IP address on the guest is as usual 422: 10.0.2.2. 423: 424: @item -smb dir 425: When using the user mode network stack, activate a built-in SMB 426: server so that Windows OSes can access to the host files in @file{dir} 427: transparently. 428: 429: In the guest Windows OS, the line: 430: @example 431: 10.0.2.4 smbserver 432: @end example 433: must be added in the file @file{C:\WINDOWS\LMHOSTS} (for windows 9x/Me) 434: or @file{C:\WINNT\SYSTEM32\DRIVERS\ETC\LMHOSTS} (Windows NT/2000). 435: 436: Then @file{dir} can be accessed in @file{\\smbserver\qemu}. 437: 438: Note that a SAMBA server must be installed on the host OS in 439: @file{/usr/sbin/smbd}. QEMU was tested succesfully with smbd version 440: 2.2.7a from the Red Hat 9 and version 3.0.10-1.fc3 from Fedora Core 3. 441: 442: @item -redir [tcp|udp]:host-port:[guest-host]:guest-port 443: 444: When using the user mode network stack, redirect incoming TCP or UDP 445: connections to the host port @var{host-port} to the guest 446: @var{guest-host} on guest port @var{guest-port}. If @var{guest-host} 447: is not specified, its value is 10.0.2.15 (default address given by the 448: built-in DHCP server). 449: 450: For example, to redirect host X11 connection from screen 1 to guest 451: screen 0, use the following: 452: 453: @example 454: # on the host 455: qemu -redir tcp:6001::6000 [...] 456: # this host xterm should open in the guest X11 server 457: xterm -display :1 458: @end example 459: 460: To redirect telnet connections from host port 5555 to telnet port on 461: the guest, use the following: 462: 463: @example 464: # on the host 465: qemu -redir tcp:5555::23 [...] 466: telnet localhost 5555 467: @end example 468: 469: Then when you use on the host @code{telnet localhost 5555}, you 470: connect to the guest telnet server. 471: 472: @end table 473: 1.1.1.2 root 474: Linux boot specific: When using these options, you can use a given 1.1 root 475: Linux kernel without installing it in the disk image. It can be useful 476: for easier testing of various kernels. 477: 478: @table @option 479: 480: @item -kernel bzImage 481: Use @var{bzImage} as kernel image. 482: 483: @item -append cmdline 484: Use @var{cmdline} as kernel command line 485: 486: @item -initrd file 487: Use @var{file} as initial ram disk. 488: 489: @end table 490: 491: Debug/Expert options: 492: @table @option 493: 494: @item -serial dev 495: Redirect the virtual serial port to host device @var{dev}. Available 496: devices are: 497: @table @code 498: @item vc 499: Virtual console 500: @item pty 501: [Linux only] Pseudo TTY (a new PTY is automatically allocated) 502: @item null 503: void device 1.1.1.2 root 504: @item /dev/XXX 505: [Linux only] Use host tty, e.g. @file{/dev/ttyS0}. The host serial port 506: parameters are set according to the emulated ones. 507: @item /dev/parportN 508: [Linux only, parallel port only] Use host parallel port 509: @var{N}. Currently only SPP parallel port features can be used. 510: @item file:filename 511: Write output to filename. No character can be read. 1.1 root 512: @item stdio 513: [Unix only] standard input/output 1.1.1.2 root 514: @item pipe:filename 515: [Unix only] name pipe @var{filename} 1.1 root 516: @end table 517: The default device is @code{vc} in graphical mode and @code{stdio} in 518: non graphical mode. 519: 520: This option can be used several times to simulate up to 4 serials 521: ports. 522: 1.1.1.2 root 523: @item -parallel dev 524: Redirect the virtual parallel port to host device @var{dev} (same 525: devices as the serial port). On Linux hosts, @file{/dev/parportN} can 526: be used to use hardware devices connected on the corresponding host 527: parallel port. 528: 529: This option can be used several times to simulate up to 3 parallel 530: ports. 531: 1.1 root 532: @item -monitor dev 533: Redirect the monitor to host device @var{dev} (same devices as the 534: serial port). 535: The default device is @code{vc} in graphical mode and @code{stdio} in 536: non graphical mode. 537: 538: @item -s 1.1.1.3 ! root 539: Wait gdb connection to port 1234 (@pxref{gdb_usage}). 1.1 root 540: @item -p port 541: Change gdb connection port. 542: @item -S 543: Do not start CPU at startup (you must type 'c' in the monitor). 544: @item -d 545: Output log in /tmp/qemu.log 546: @item -hdachs c,h,s,[,t] 547: Force hard disk 0 physical geometry (1 <= @var{c} <= 16383, 1 <= 548: @var{h} <= 16, 1 <= @var{s} <= 63) and optionally force the BIOS 549: translation mode (@var{t}=none, lba or auto). Usually QEMU can guess 550: all thoses parameters. This option is useful for old MS-DOS disk 551: images. 552: 553: @item -std-vga 554: Simulate a standard VGA card with Bochs VBE extensions (default is 555: Cirrus Logic GD5446 PCI VGA) 556: @item -loadvm file 557: Start right away with a saved state (@code{loadvm} in monitor) 558: @end table 559: 560: @c man end 561: 1.1.1.3 ! root 562: @node pcsys_keys 1.1 root 563: @section Keys 564: 565: @c man begin OPTIONS 566: 567: During the graphical emulation, you can use the following keys: 568: @table @key 569: @item Ctrl-Alt-f 570: Toggle full screen 571: 572: @item Ctrl-Alt-n 573: Switch to virtual console 'n'. Standard console mappings are: 574: @table @emph 575: @item 1 576: Target system display 577: @item 2 578: Monitor 579: @item 3 580: Serial port 581: @end table 582: 583: @item Ctrl-Alt 584: Toggle mouse and keyboard grab. 585: @end table 586: 587: In the virtual consoles, you can use @key{Ctrl-Up}, @key{Ctrl-Down}, 588: @key{Ctrl-PageUp} and @key{Ctrl-PageDown} to move in the back log. 589: 590: During emulation, if you are using the @option{-nographic} option, use 591: @key{Ctrl-a h} to get terminal commands: 592: 593: @table @key 594: @item Ctrl-a h 595: Print this help 596: @item Ctrl-a x 597: Exit emulatior 598: @item Ctrl-a s 599: Save disk data back to file (if -snapshot) 600: @item Ctrl-a b 601: Send break (magic sysrq in Linux) 602: @item Ctrl-a c 603: Switch between console and monitor 604: @item Ctrl-a Ctrl-a 605: Send Ctrl-a 606: @end table 607: @c man end 608: 609: @ignore 610: 611: @c man begin SEEALSO 612: The HTML documentation of QEMU for more precise information and Linux 613: user mode emulator invocation. 614: @c man end 615: 616: @c man begin AUTHOR 617: Fabrice Bellard 618: @c man end 619: 620: @end ignore 621: 1.1.1.3 ! root 622: @node pcsys_monitor 1.1 root 623: @section QEMU Monitor 624: 625: The QEMU monitor is used to give complex commands to the QEMU 626: emulator. You can use it to: 627: 628: @itemize @minus 629: 630: @item 631: Remove or insert removable medias images 632: (such as CD-ROM or floppies) 633: 634: @item 635: Freeze/unfreeze the Virtual Machine (VM) and save or restore its state 636: from a disk file. 637: 638: @item Inspect the VM state without an external debugger. 639: 640: @end itemize 641: 642: @subsection Commands 643: 644: The following commands are available: 645: 646: @table @option 647: 648: @item help or ? [cmd] 649: Show the help for all commands or just for command @var{cmd}. 650: 651: @item commit 652: Commit changes to the disk images (if -snapshot is used) 653: 654: @item info subcommand 655: show various information about the system state 656: 657: @table @option 658: @item info network 1.1.1.2 root 659: show the various VLANs and the associated devices 1.1 root 660: @item info block 661: show the block devices 662: @item info registers 663: show the cpu registers 664: @item info history 665: show the command line history 1.1.1.2 root 666: @item info pci 667: show emulated PCI device 668: @item info usb 669: show USB devices plugged on the virtual USB hub 670: @item info usbhost 671: show all USB host devices 1.1 root 672: @end table 673: 674: @item q or quit 675: Quit the emulator. 676: 677: @item eject [-f] device 678: Eject a removable media (use -f to force it). 679: 680: @item change device filename 681: Change a removable media. 682: 683: @item screendump filename 684: Save screen into PPM image @var{filename}. 685: 686: @item log item1[,...] 687: Activate logging of the specified items to @file{/tmp/qemu.log}. 688: 689: @item savevm filename 690: Save the whole virtual machine state to @var{filename}. 691: 692: @item loadvm filename 693: Restore the whole virtual machine state from @var{filename}. 694: 695: @item stop 696: Stop emulation. 697: 698: @item c or cont 699: Resume emulation. 700: 701: @item gdbserver [port] 702: Start gdbserver session (default port=1234) 703: 704: @item x/fmt addr 705: Virtual memory dump starting at @var{addr}. 706: 707: @item xp /fmt addr 708: Physical memory dump starting at @var{addr}. 709: 710: @var{fmt} is a format which tells the command how to format the 711: data. Its syntax is: @option{/@{count@}@{format@}@{size@}} 712: 713: @table @var 714: @item count 715: is the number of items to be dumped. 716: 717: @item format 718: can be x (hexa), d (signed decimal), u (unsigned decimal), o (octal), 719: c (char) or i (asm instruction). 720: 721: @item size 722: can be b (8 bits), h (16 bits), w (32 bits) or g (64 bits). On x86, 723: @code{h} or @code{w} can be specified with the @code{i} format to 724: respectively select 16 or 32 bit code instruction size. 725: 726: @end table 727: 728: Examples: 729: @itemize 730: @item 731: Dump 10 instructions at the current instruction pointer: 732: @example 733: (qemu) x/10i $eip 734: 0x90107063: ret 735: 0x90107064: sti 736: 0x90107065: lea 0x0(%esi,1),%esi 737: 0x90107069: lea 0x0(%edi,1),%edi 738: 0x90107070: ret 739: 0x90107071: jmp 0x90107080 740: 0x90107073: nop 741: 0x90107074: nop 742: 0x90107075: nop 743: 0x90107076: nop 744: @end example 745: 746: @item 747: Dump 80 16 bit values at the start of the video memory. 1.1.1.3 ! root 748: @smallexample 1.1 root 749: (qemu) xp/80hx 0xb8000 750: 0x000b8000: 0x0b50 0x0b6c 0x0b65 0x0b78 0x0b38 0x0b36 0x0b2f 0x0b42 751: 0x000b8010: 0x0b6f 0x0b63 0x0b68 0x0b73 0x0b20 0x0b56 0x0b47 0x0b41 752: 0x000b8020: 0x0b42 0x0b69 0x0b6f 0x0b73 0x0b20 0x0b63 0x0b75 0x0b72 753: 0x000b8030: 0x0b72 0x0b65 0x0b6e 0x0b74 0x0b2d 0x0b63 0x0b76 0x0b73 754: 0x000b8040: 0x0b20 0x0b30 0x0b35 0x0b20 0x0b4e 0x0b6f 0x0b76 0x0b20 755: 0x000b8050: 0x0b32 0x0b30 0x0b30 0x0b33 0x0720 0x0720 0x0720 0x0720 756: 0x000b8060: 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 757: 0x000b8070: 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 758: 0x000b8080: 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 759: 0x000b8090: 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 0x0720 1.1.1.3 ! root 760: @end smallexample 1.1 root 761: @end itemize 762: 763: @item p or print/fmt expr 764: 765: Print expression value. Only the @var{format} part of @var{fmt} is 766: used. 767: 768: @item sendkey keys 769: 770: Send @var{keys} to the emulator. Use @code{-} to press several keys 771: simultaneously. Example: 772: @example 773: sendkey ctrl-alt-f1 774: @end example 775: 776: This command is useful to send keys that your graphical user interface 777: intercepts at low level, such as @code{ctrl-alt-f1} in X Window. 778: 779: @item system_reset 780: 781: Reset the system. 782: 1.1.1.2 root 783: @item usb_add devname 784: 785: Plug the USB device devname to the QEMU virtual USB hub. @var{devname} 786: is either a virtual device name (for example @code{mouse}) or a host 787: USB device identifier. Host USB device identifiers have the following 788: syntax: @code{host:bus.addr} or @code{host:vendor_id:product_id}. 789: 790: @item usb_del devname 791: 792: Remove the USB device @var{devname} from the QEMU virtual USB 793: hub. @var{devname} has the syntax @code{bus.addr}. Use the monitor 794: command @code{info usb} to see the devices you can remove. 795: 1.1 root 796: @end table 797: 798: @subsection Integer expressions 799: 800: The monitor understands integers expressions for every integer 801: argument. You can use register names to get the value of specifics 802: CPU registers by prefixing them with @emph{$}. 803: 804: @node disk_images 805: @section Disk Images 806: 807: Since version 0.6.1, QEMU supports many disk image formats, including 808: growable disk images (their size increase as non empty sectors are 809: written), compressed and encrypted disk images. 810: 1.1.1.3 ! root 811: @menu ! 812: * disk_images_quickstart:: Quick start for disk image creation ! 813: * disk_images_snapshot_mode:: Snapshot mode ! 814: * qemu_img_invocation:: qemu-img Invocation ! 815: * disk_images_fat_images:: Virtual FAT disk images ! 816: @end menu ! 817: ! 818: @node disk_images_quickstart 1.1 root 819: @subsection Quick start for disk image creation 820: 821: You can create a disk image with the command: 822: @example 823: qemu-img create myimage.img mysize 824: @end example 825: where @var{myimage.img} is the disk image filename and @var{mysize} is its 826: size in kilobytes. You can add an @code{M} suffix to give the size in 827: megabytes and a @code{G} suffix for gigabytes. 828: 1.1.1.3 ! root 829: See @ref{qemu_img_invocation} for more information. 1.1 root 830: 1.1.1.3 ! root 831: @node disk_images_snapshot_mode 1.1 root 832: @subsection Snapshot mode 833: 834: If you use the option @option{-snapshot}, all disk images are 835: considered as read only. When sectors in written, they are written in 836: a temporary file created in @file{/tmp}. You can however force the 837: write back to the raw disk images by using the @code{commit} monitor 838: command (or @key{C-a s} in the serial console). 839: 840: @node qemu_img_invocation 841: @subsection @code{qemu-img} Invocation 842: 843: @include qemu-img.texi 844: 1.1.1.3 ! root 845: @node disk_images_fat_images 1.1.1.2 root 846: @subsection Virtual FAT disk images 847: 848: QEMU can automatically create a virtual FAT disk image from a 849: directory tree. In order to use it, just type: 850: 851: @example 852: qemu linux.img -hdb fat:/my_directory 853: @end example 854: 855: Then you access access to all the files in the @file{/my_directory} 856: directory without having to copy them in a disk image or to export 857: them via SAMBA or NFS. The default access is @emph{read-only}. 1.1 root 858: 1.1.1.2 root 859: Floppies can be emulated with the @code{:floppy:} option: 1.1 root 860: 1.1.1.2 root 861: @example 862: qemu linux.img -fda fat:floppy:/my_directory 863: @end example 1.1 root 864: 1.1.1.2 root 865: A read/write support is available for testing (beta stage) with the 866: @code{:rw:} option: 867: 868: @example 869: qemu linux.img -fda fat:floppy:rw:/my_directory 870: @end example 871: 872: What you should @emph{never} do: 873: @itemize 874: @item use non-ASCII filenames ; 875: @item use "-snapshot" together with ":rw:" ; 876: @item expect it to work when loadvm'ing ; 877: @item write to the FAT directory on the host system while accessing it with the guest system. 878: @end itemize 879: 1.1.1.3 ! root 880: @node pcsys_network 1.1.1.2 root 881: @section Network emulation 882: 883: QEMU can simulate several networks cards (NE2000 boards on the PC 884: target) and can connect them to an arbitrary number of Virtual Local 885: Area Networks (VLANs). Host TAP devices can be connected to any QEMU 886: VLAN. VLAN can be connected between separate instances of QEMU to 887: simulate large networks. For simpler usage, a non priviledged user mode 888: network stack can replace the TAP device to have a basic network 889: connection. 890: 891: @subsection VLANs 892: 893: QEMU simulates several VLANs. A VLAN can be symbolised as a virtual 894: connection between several network devices. These devices can be for 895: example QEMU virtual Ethernet cards or virtual Host ethernet devices 896: (TAP devices). 897: 898: @subsection Using TAP network interfaces 899: 900: This is the standard way to connect QEMU to a real network. QEMU adds 901: a virtual network device on your host (called @code{tapN}), and you 902: can then configure it as if it was a real ethernet card. 1.1 root 903: 904: As an example, you can download the @file{linux-test-xxx.tar.gz} 905: archive and copy the script @file{qemu-ifup} in @file{/etc} and 906: configure properly @code{sudo} so that the command @code{ifconfig} 907: contained in @file{qemu-ifup} can be executed as root. You must verify 1.1.1.2 root 908: that your host kernel supports the TAP network interfaces: the 1.1 root 909: device @file{/dev/net/tun} must be present. 910: 911: See @ref{direct_linux_boot} to have an example of network use with a 1.1.1.2 root 912: Linux distribution and @ref{sec_invocation} to have examples of 913: command lines using the TAP network interfaces. 1.1 root 914: 915: @subsection Using the user mode network stack 916: 1.1.1.2 root 917: By using the option @option{-net user} (default configuration if no 918: @option{-net} option is specified), QEMU uses a completely user mode 919: network stack (you don't need root priviledge to use the virtual 920: network). The virtual network configuration is the following: 1.1 root 921: 922: @example 923: 1.1.1.2 root 924: QEMU VLAN <------> Firewall/DHCP server <-----> Internet 925: | (10.0.2.2) 1.1 root 926: | 927: ----> DNS server (10.0.2.3) 928: | 929: ----> SMB server (10.0.2.4) 930: @end example 931: 932: The QEMU VM behaves as if it was behind a firewall which blocks all 933: incoming connections. You can use a DHCP client to automatically 1.1.1.2 root 934: configure the network in the QEMU VM. The DHCP server assign addresses 935: to the hosts starting from 10.0.2.15. 1.1 root 936: 937: In order to check that the user mode network is working, you can ping 938: the address 10.0.2.2 and verify that you got an address in the range 939: 10.0.2.x from the QEMU virtual DHCP server. 940: 941: Note that @code{ping} is not supported reliably to the internet as it 942: would require root priviledges. It means you can only ping the local 943: router (10.0.2.2). 944: 945: When using the built-in TFTP server, the router is also the TFTP 946: server. 947: 948: When using the @option{-redir} option, TCP or UDP connections can be 949: redirected from the host to the guest. It allows for example to 950: redirect X11, telnet or SSH connections. 951: 1.1.1.2 root 952: @subsection Connecting VLANs between QEMU instances 953: 954: Using the @option{-net socket} option, it is possible to make VLANs 955: that span several QEMU instances. See @ref{sec_invocation} to have a 956: basic example. 957: 1.1 root 958: @node direct_linux_boot 959: @section Direct Linux Boot 960: 961: This section explains how to launch a Linux kernel inside QEMU without 962: having to make a full bootable image. It is very useful for fast Linux 963: kernel testing. The QEMU network configuration is also explained. 964: 965: @enumerate 966: @item 967: Download the archive @file{linux-test-xxx.tar.gz} containing a Linux 968: kernel and a disk image. 969: 970: @item Optional: If you want network support (for example to launch X11 examples), you 971: must copy the script @file{qemu-ifup} in @file{/etc} and configure 972: properly @code{sudo} so that the command @code{ifconfig} contained in 973: @file{qemu-ifup} can be executed as root. You must verify that your host 974: kernel supports the TUN/TAP network interfaces: the device 975: @file{/dev/net/tun} must be present. 976: 977: When network is enabled, there is a virtual network connection between 978: the host kernel and the emulated kernel. The emulated kernel is seen 979: from the host kernel at IP address 172.20.0.2 and the host kernel is 980: seen from the emulated kernel at IP address 172.20.0.1. 981: 982: @item Launch @code{qemu.sh}. You should have the following output: 983: 1.1.1.3 ! root 984: @smallexample 1.1 root 985: > ./qemu.sh 986: Connected to host network interface: tun0 1.1.1.3 ! root 987: Linux version 2.4.21 (bellard@@voyager.localdomain) (gcc version 3.2.2 20030222 @/(Red Hat @/Linux 3.2.2-5)) #5 Tue Nov 11 18:18:53 CET 2003 1.1 root 988: BIOS-provided physical RAM map: 989: BIOS-e801: 0000000000000000 - 000000000009f000 (usable) 990: BIOS-e801: 0000000000100000 - 0000000002000000 (usable) 991: 32MB LOWMEM available. 992: On node 0 totalpages: 8192 993: zone(0): 4096 pages. 994: zone(1): 4096 pages. 995: zone(2): 0 pages. 1.1.1.3 ! root 996: Kernel command line: root=/dev/hda sb=0x220,5,1,5 ide2=noprobe ide3=noprobe ide4=noprobe @/ide5=noprobe console=ttyS0 1.1 root 997: ide_setup: ide2=noprobe 998: ide_setup: ide3=noprobe 999: ide_setup: ide4=noprobe 1000: ide_setup: ide5=noprobe 1001: Initializing CPU#0 1002: Detected 2399.621 MHz processor. 1003: Console: colour EGA 80x25 1004: Calibrating delay loop... 4744.80 BogoMIPS 1.1.1.3 ! root 1005: Memory: 28872k/32768k available (1210k kernel code, 3508k reserved, 266k data, 64k init, @/0k highmem) 1.1 root 1006: Dentry cache hash table entries: 4096 (order: 3, 32768 bytes) 1007: Inode cache hash table entries: 2048 (order: 2, 16384 bytes) 1008: Mount cache hash table entries: 512 (order: 0, 4096 bytes) 1009: Buffer-cache hash table entries: 1024 (order: 0, 4096 bytes) 1010: Page-cache hash table entries: 8192 (order: 3, 32768 bytes) 1011: CPU: Intel Pentium Pro stepping 03 1012: Checking 'hlt' instruction... OK. 1013: POSIX conformance testing by UNIFIX 1014: Linux NET4.0 for Linux 2.4 1015: Based upon Swansea University Computer Society NET3.039 1016: Initializing RT netlink socket 1017: apm: BIOS not found. 1018: Starting kswapd 1019: Journalled Block Device driver loaded 1020: Detected PS/2 Mouse Port. 1021: pty: 256 Unix98 ptys configured 1022: Serial driver version 5.05c (2001-07-08) with no serial options enabled 1023: ttyS00 at 0x03f8 (irq = 4) is a 16450 1.1.1.3 ! root 1024: ne.c:v1.10 9/23/94 Donald Becker (becker@@scyld.com) 1.1 root 1025: Last modified Nov 1, 2000 by Paul Gortmaker 1026: NE*000 ethercard probe at 0x300: 52 54 00 12 34 56 1027: eth0: NE2000 found at 0x300, using IRQ 9. 1028: RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize 1029: Uniform Multi-Platform E-IDE driver Revision: 7.00beta4-2.4 1030: ide: Assuming 50MHz system bus speed for PIO modes; override with idebus=xx 1031: hda: QEMU HARDDISK, ATA DISK drive 1032: ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 1033: hda: attached ide-disk driver. 1034: hda: 20480 sectors (10 MB) w/256KiB Cache, CHS=20/16/63 1035: Partition check: 1036: hda: 1037: Soundblaster audio driver Copyright (C) by Hannu Savolainen 1993-1996 1038: NET4: Linux TCP/IP 1.0 for NET4.0 1039: IP Protocols: ICMP, UDP, TCP, IGMP 1040: IP: routing cache hash table of 512 buckets, 4Kbytes 1041: TCP: Hash tables configured (established 2048 bind 4096) 1042: NET4: Unix domain sockets 1.0/SMP for Linux NET4.0. 1043: EXT2-fs warning: mounting unchecked fs, running e2fsck is recommended 1044: VFS: Mounted root (ext2 filesystem). 1045: Freeing unused kernel memory: 64k freed 1046: 1.1.1.3 ! root 1047: Linux version 2.4.21 (bellard@@voyager.localdomain) (gcc version 3.2.2 20030222 @/(Red Hat @/Linux 3.2.2-5)) #5 Tue Nov 11 18:18:53 CET 2003 1.1 root 1048: 1049: QEMU Linux test distribution (based on Redhat 9) 1050: 1051: Type 'exit' to halt the system 1052: 1053: sh-2.05b# 1.1.1.3 ! root 1054: @end smallexample 1.1 root 1055: 1056: @item 1057: Then you can play with the kernel inside the virtual serial console. You 1058: can launch @code{ls} for example. Type @key{Ctrl-a h} to have an help 1059: about the keys you can type inside the virtual serial console. In 1060: particular, use @key{Ctrl-a x} to exit QEMU and use @key{Ctrl-a b} as 1061: the Magic SysRq key. 1062: 1063: @item 1064: If the network is enabled, launch the script @file{/etc/linuxrc} in the 1065: emulator (don't forget the leading dot): 1066: @example 1067: . /etc/linuxrc 1068: @end example 1069: 1070: Then enable X11 connections on your PC from the emulated Linux: 1071: @example 1072: xhost +172.20.0.2 1073: @end example 1074: 1075: You can now launch @file{xterm} or @file{xlogo} and verify that you have 1076: a real Virtual Linux system ! 1077: 1078: @end enumerate 1079: 1080: NOTES: 1081: @enumerate 1082: @item 1083: A 2.5.74 kernel is also included in the archive. Just 1084: replace the bzImage in qemu.sh to try it. 1085: 1086: @item 1087: In order to exit cleanly from qemu, you can do a @emph{shutdown} inside 1088: qemu. qemu will automatically exit when the Linux shutdown is done. 1089: 1090: @item 1091: You can boot slightly faster by disabling the probe of non present IDE 1092: interfaces. To do so, add the following options on the kernel command 1093: line: 1094: @example 1095: ide1=noprobe ide2=noprobe ide3=noprobe ide4=noprobe ide5=noprobe 1096: @end example 1097: 1098: @item 1099: The example disk image is a modified version of the one made by Kevin 1100: Lawton for the plex86 Project (@url{www.plex86.org}). 1101: 1102: @end enumerate 1103: 1.1.1.3 ! root 1104: @node pcsys_usb 1.1.1.2 root 1105: @section USB emulation 1106: 1107: QEMU emulates a PCI UHCI USB controller and a 8 port USB hub connected 1108: to it. You can virtually plug to the hub virtual USB devices or real 1109: host USB devices (experimental, works only on Linux hosts). 1110: 1111: @subsection Using virtual USB devices 1112: 1113: A virtual USB mouse device is available for testing in QEMU. 1114: 1115: You can try it with the following monitor commands: 1116: 1117: @example 1118: # add the mouse device 1119: (qemu) usb_add mouse 1120: 1121: # show the virtual USB devices plugged on the QEMU Virtual USB hub 1122: (qemu) info usb 1123: Device 0.3, speed 12 Mb/s 1124: 1125: # after some time you can try to remove the mouse 1126: (qemu) usb_del 0.3 1127: @end example 1128: 1129: The option @option{-usbdevice} is similar to the monitor command 1130: @code{usb_add}. 1131: 1132: @subsection Using host USB devices on a Linux host 1133: 1134: WARNING: this is an experimental feature. QEMU will slow down when 1135: using it. USB devices requiring real time streaming (i.e. USB Video 1136: Cameras) are not supported yet. 1137: 1138: @enumerate 1139: @item If you use an early Linux 2.4 kernel, verify that no Linux driver 1140: is actually using the USB device. A simple way to do that is simply to 1141: disable the corresponding kernel module by renaming it from @file{mydriver.o} 1142: to @file{mydriver.o.disabled}. 1143: 1144: @item Verify that @file{/proc/bus/usb} is working (most Linux distributions should enable it by default). You should see something like that: 1145: @example 1146: ls /proc/bus/usb 1147: 001 devices drivers 1148: @end example 1149: 1150: @item Since only root can access to the USB devices directly, you can either launch QEMU as root or change the permissions of the USB devices you want to use. For testing, the following suffices: 1151: @example 1152: chown -R myuid /proc/bus/usb 1153: @end example 1154: 1155: @item Launch QEMU and do in the monitor: 1156: @example 1157: info usbhost 1158: Device 1.2, speed 480 Mb/s 1159: Class 00: USB device 1234:5678, USB DISK 1160: @end example 1161: You should see the list of the devices you can use (Never try to use 1162: hubs, it won't work). 1163: 1164: @item Add the device in QEMU by using: 1165: @example 1166: usb_add host:1234:5678 1167: @end example 1168: 1169: Normally the guest OS should report that a new USB device is 1170: plugged. You can use the option @option{-usbdevice} to do the same. 1171: 1172: @item Now you can try to use the host USB device in QEMU. 1173: 1174: @end enumerate 1175: 1176: When relaunching QEMU, you may have to unplug and plug again the USB 1177: device to make it work again (this is a bug). 1178: 1.1 root 1179: @node gdb_usage 1180: @section GDB usage 1181: 1182: QEMU has a primitive support to work with gdb, so that you can do 1183: 'Ctrl-C' while the virtual machine is running and inspect its state. 1184: 1185: In order to use gdb, launch qemu with the '-s' option. It will wait for a 1186: gdb connection: 1187: @example 1.1.1.3 ! root 1188: > qemu -s -kernel arch/i386/boot/bzImage -hda root-2.4.20.img \ ! 1189: -append "root=/dev/hda" 1.1 root 1190: Connected to host network interface: tun0 1191: Waiting gdb connection on port 1234 1192: @end example 1193: 1194: Then launch gdb on the 'vmlinux' executable: 1195: @example 1196: > gdb vmlinux 1197: @end example 1198: 1199: In gdb, connect to QEMU: 1200: @example 1201: (gdb) target remote localhost:1234 1202: @end example 1203: 1204: Then you can use gdb normally. For example, type 'c' to launch the kernel: 1205: @example 1206: (gdb) c 1207: @end example 1208: 1209: Here are some useful tips in order to use gdb on system code: 1210: 1211: @enumerate 1212: @item 1213: Use @code{info reg} to display all the CPU registers. 1214: @item 1215: Use @code{x/10i $eip} to display the code at the PC position. 1216: @item 1217: Use @code{set architecture i8086} to dump 16 bit code. Then use 1218: @code{x/10i $cs*16+*eip} to dump the code at the PC position. 1219: @end enumerate 1220: 1.1.1.3 ! root 1221: @node pcsys_os_specific 1.1 root 1222: @section Target OS specific information 1223: 1224: @subsection Linux 1225: 1226: To have access to SVGA graphic modes under X11, use the @code{vesa} or 1227: the @code{cirrus} X11 driver. For optimal performances, use 16 bit 1228: color depth in the guest and the host OS. 1229: 1230: When using a 2.6 guest Linux kernel, you should add the option 1231: @code{clock=pit} on the kernel command line because the 2.6 Linux 1232: kernels make very strict real time clock checks by default that QEMU 1233: cannot simulate exactly. 1234: 1235: When using a 2.6 guest Linux kernel, verify that the 4G/4G patch is 1236: not activated because QEMU is slower with this patch. The QEMU 1237: Accelerator Module is also much slower in this case. Earlier Fedora 1238: Core 3 Linux kernel (< 2.6.9-1.724_FC3) were known to incorporte this 1239: patch by default. Newer kernels don't have it. 1240: 1241: @subsection Windows 1242: 1243: If you have a slow host, using Windows 95 is better as it gives the 1244: best speed. Windows 2000 is also a good choice. 1245: 1246: @subsubsection SVGA graphic modes support 1247: 1248: QEMU emulates a Cirrus Logic GD5446 Video 1249: card. All Windows versions starting from Windows 95 should recognize 1250: and use this graphic card. For optimal performances, use 16 bit color 1251: depth in the guest and the host OS. 1252: 1253: @subsubsection CPU usage reduction 1254: 1255: Windows 9x does not correctly use the CPU HLT 1256: instruction. The result is that it takes host CPU cycles even when 1257: idle. You can install the utility from 1258: @url{http://www.user.cityline.ru/~maxamn/amnhltm.zip} to solve this 1259: problem. Note that no such tool is needed for NT, 2000 or XP. 1260: 1261: @subsubsection Windows 2000 disk full problem 1262: 1263: Windows 2000 has a bug which gives a disk full problem during its 1264: installation. When installing it, use the @option{-win2k-hack} QEMU 1265: option to enable a specific workaround. After Windows 2000 is 1266: installed, you no longer need this option (this option slows down the 1267: IDE transfers). 1268: 1269: @subsubsection Windows 2000 shutdown 1270: 1271: Windows 2000 cannot automatically shutdown in QEMU although Windows 98 1272: can. It comes from the fact that Windows 2000 does not automatically 1273: use the APM driver provided by the BIOS. 1274: 1275: In order to correct that, do the following (thanks to Struan 1276: Bartlett): go to the Control Panel => Add/Remove Hardware & Next => 1277: Add/Troubleshoot a device => Add a new device & Next => No, select the 1278: hardware from a list & Next => NT Apm/Legacy Support & Next => Next 1279: (again) a few times. Now the driver is installed and Windows 2000 now 1280: correctly instructs QEMU to shutdown at the appropriate moment. 1281: 1282: @subsubsection Share a directory between Unix and Windows 1283: 1284: See @ref{sec_invocation} about the help of the option @option{-smb}. 1285: 1286: @subsubsection Windows XP security problems 1287: 1288: Some releases of Windows XP install correctly but give a security 1289: error when booting: 1290: @example 1291: A problem is preventing Windows from accurately checking the 1292: license for this computer. Error code: 0x800703e6. 1293: @end example 1294: The only known workaround is to boot in Safe mode 1295: without networking support. 1296: 1297: Future QEMU releases are likely to correct this bug. 1298: 1299: @subsection MS-DOS and FreeDOS 1300: 1301: @subsubsection CPU usage reduction 1302: 1303: DOS does not correctly use the CPU HLT instruction. The result is that 1304: it takes host CPU cycles even when idle. You can install the utility 1305: from @url{http://www.vmware.com/software/dosidle210.zip} to solve this 1306: problem. 1307: 1.1.1.3 ! root 1308: @node QEMU System emulator for non PC targets 1.1.1.2 root 1309: @chapter QEMU System emulator for non PC targets 1310: 1311: QEMU is a generic emulator and it emulates many non PC 1312: machines. Most of the options are similar to the PC emulator. The 1313: differences are mentionned in the following sections. 1314: 1.1.1.3 ! root 1315: @menu ! 1316: * QEMU PowerPC System emulator:: ! 1317: * Sparc32 System emulator invocation:: ! 1318: * Sparc64 System emulator invocation:: ! 1319: * MIPS System emulator invocation:: ! 1320: * ARM System emulator invocation:: ! 1321: @end menu ! 1322: ! 1323: @node QEMU PowerPC System emulator 1.1.1.2 root 1324: @section QEMU PowerPC System emulator 1.1 root 1325: 1326: Use the executable @file{qemu-system-ppc} to simulate a complete PREP 1327: or PowerMac PowerPC system. 1328: 1329: QEMU emulates the following PowerMac peripherals: 1330: 1331: @itemize @minus 1332: @item 1333: UniNorth PCI Bridge 1334: @item 1335: PCI VGA compatible card with VESA Bochs Extensions 1336: @item 1337: 2 PMAC IDE interfaces with hard disk and CD-ROM support 1338: @item 1339: NE2000 PCI adapters 1340: @item 1341: Non Volatile RAM 1342: @item 1343: VIA-CUDA with ADB keyboard and mouse. 1344: @end itemize 1345: 1346: QEMU emulates the following PREP peripherals: 1347: 1348: @itemize @minus 1349: @item 1350: PCI Bridge 1351: @item 1352: PCI VGA compatible card with VESA Bochs Extensions 1353: @item 1354: 2 IDE interfaces with hard disk and CD-ROM support 1355: @item 1356: Floppy disk 1357: @item 1358: NE2000 network adapters 1359: @item 1360: Serial port 1361: @item 1362: PREP Non Volatile RAM 1363: @item 1364: PC compatible keyboard and mouse. 1365: @end itemize 1366: 1367: QEMU uses the Open Hack'Ware Open Firmware Compatible BIOS available at 1.1.1.2 root 1368: @url{http://perso.magic.fr/l_indien/OpenHackWare/index.htm}. 1.1 root 1369: 1370: @c man begin OPTIONS 1371: 1372: The following options are specific to the PowerPC emulation: 1373: 1374: @table @option 1375: 1376: @item -g WxH[xDEPTH] 1377: 1378: Set the initial VGA graphic mode. The default is 800x600x15. 1379: 1380: @end table 1381: 1382: @c man end 1383: 1384: 1385: More information is available at 1.1.1.2 root 1386: @url{http://perso.magic.fr/l_indien/qemu-ppc/}. 1.1 root 1387: 1.1.1.3 ! root 1388: @node Sparc32 System emulator invocation 1.1.1.2 root 1389: @section Sparc32 System emulator invocation 1.1 root 1390: 1391: Use the executable @file{qemu-system-sparc} to simulate a JavaStation 1392: (sun4m architecture). The emulation is somewhat complete. 1393: 1394: QEMU emulates the following sun4m peripherals: 1395: 1396: @itemize @minus 1397: @item 1398: IOMMU 1399: @item 1400: TCX Frame buffer 1401: @item 1402: Lance (Am7990) Ethernet 1403: @item 1404: Non Volatile RAM M48T08 1405: @item 1406: Slave I/O: timers, interrupt controllers, Zilog serial ports, keyboard 1407: and power/reset logic 1408: @item 1409: ESP SCSI controller with hard disk and CD-ROM support 1410: @item 1411: Floppy drive 1412: @end itemize 1413: 1414: The number of peripherals is fixed in the architecture. 1415: 1416: QEMU uses the Proll, a PROM replacement available at 1.1.1.3 ! root 1417: @url{http://people.redhat.com/@/zaitcev/linux/}. The required 1.1 root 1418: QEMU-specific patches are included with the sources. 1419: 1420: A sample Linux 2.6 series kernel and ram disk image are available on 1421: the QEMU web site. Please note that currently neither Linux 2.4 1422: series, NetBSD, nor OpenBSD kernels work. 1423: 1424: @c man begin OPTIONS 1425: 1426: The following options are specific to the Sparc emulation: 1427: 1428: @table @option 1429: 1430: @item -g WxH 1431: 1432: Set the initial TCX graphic mode. The default is 1024x768. 1433: 1434: @end table 1435: 1436: @c man end 1437: 1.1.1.3 ! root 1438: @node Sparc64 System emulator invocation 1.1.1.2 root 1439: @section Sparc64 System emulator invocation 1.1 root 1440: 1441: Use the executable @file{qemu-system-sparc64} to simulate a Sun4u machine. 1442: The emulator is not usable for anything yet. 1443: 1444: QEMU emulates the following sun4u peripherals: 1445: 1446: @itemize @minus 1447: @item 1448: UltraSparc IIi APB PCI Bridge 1449: @item 1450: PCI VGA compatible card with VESA Bochs Extensions 1451: @item 1452: Non Volatile RAM M48T59 1453: @item 1454: PC-compatible serial ports 1455: @end itemize 1456: 1.1.1.3 ! root 1457: @node MIPS System emulator invocation 1.1.1.2 root 1458: @section MIPS System emulator invocation 1.1 root 1459: 1460: Use the executable @file{qemu-system-mips} to simulate a MIPS machine. 1.1.1.2 root 1461: The emulator is able to boot a Linux kernel and to run a Linux Debian 1462: installation from NFS. The following devices are emulated: 1463: 1464: @itemize @minus 1465: @item 1466: MIPS R4K CPU 1467: @item 1468: PC style serial port 1469: @item 1470: NE2000 network card 1471: @end itemize 1472: 1473: More information is available in the QEMU mailing-list archive. 1474: 1.1.1.3 ! root 1475: @node ARM System emulator invocation 1.1.1.2 root 1476: @section ARM System emulator invocation 1477: 1478: Use the executable @file{qemu-system-arm} to simulate a ARM 1479: machine. The ARM Integrator/CP board is emulated with the following 1480: devices: 1481: 1482: @itemize @minus 1483: @item 1.1.1.3 ! root 1484: ARM926E or ARM1026E CPU 1.1.1.2 root 1485: @item 1486: Two PL011 UARTs 1487: @item 1488: SMC 91c111 Ethernet adapter 1489: @end itemize 1490: 1491: A Linux 2.6 test image is available on the QEMU web site. More 1492: information is available in the QEMU mailing-list archive. 1.1 root 1493: 1.1.1.3 ! root 1494: @node QEMU Linux User space emulator 1.1.1.2 root 1495: @chapter QEMU Linux User space emulator 1.1 root 1496: 1.1.1.3 ! root 1497: @menu ! 1498: * Quick Start:: ! 1499: * Wine launch:: ! 1500: * Command line options:: ! 1501: @end menu ! 1502: ! 1503: @node Quick Start 1.1 root 1504: @section Quick Start 1505: 1506: In order to launch a Linux process, QEMU needs the process executable 1507: itself and all the target (x86) dynamic libraries used by it. 1508: 1509: @itemize 1510: 1511: @item On x86, you can just try to launch any process by using the native 1512: libraries: 1513: 1514: @example 1515: qemu-i386 -L / /bin/ls 1516: @end example 1517: 1518: @code{-L /} tells that the x86 dynamic linker must be searched with a 1519: @file{/} prefix. 1520: 1521: @item Since QEMU is also a linux process, you can launch qemu with qemu (NOTE: you can only do that if you compiled QEMU from the sources): 1522: 1523: @example 1524: qemu-i386 -L / qemu-i386 -L / /bin/ls 1525: @end example 1526: 1527: @item On non x86 CPUs, you need first to download at least an x86 glibc 1528: (@file{qemu-runtime-i386-XXX-.tar.gz} on the QEMU web page). Ensure that 1529: @code{LD_LIBRARY_PATH} is not set: 1530: 1531: @example 1532: unset LD_LIBRARY_PATH 1533: @end example 1534: 1535: Then you can launch the precompiled @file{ls} x86 executable: 1536: 1537: @example 1538: qemu-i386 tests/i386/ls 1539: @end example 1540: You can look at @file{qemu-binfmt-conf.sh} so that 1541: QEMU is automatically launched by the Linux kernel when you try to 1542: launch x86 executables. It requires the @code{binfmt_misc} module in the 1543: Linux kernel. 1544: 1545: @item The x86 version of QEMU is also included. You can try weird things such as: 1546: @example 1.1.1.3 ! root 1547: qemu-i386 /usr/local/qemu-i386/bin/qemu-i386 \ ! 1548: /usr/local/qemu-i386/bin/ls-i386 1.1 root 1549: @end example 1550: 1551: @end itemize 1552: 1.1.1.3 ! root 1553: @node Wine launch 1.1 root 1554: @section Wine launch 1555: 1556: @itemize 1557: 1558: @item Ensure that you have a working QEMU with the x86 glibc 1559: distribution (see previous section). In order to verify it, you must be 1560: able to do: 1561: 1562: @example 1563: qemu-i386 /usr/local/qemu-i386/bin/ls-i386 1564: @end example 1565: 1566: @item Download the binary x86 Wine install 1567: (@file{qemu-XXX-i386-wine.tar.gz} on the QEMU web page). 1568: 1569: @item Configure Wine on your account. Look at the provided script 1.1.1.3 ! root 1570: @file{/usr/local/qemu-i386/@/bin/wine-conf.sh}. Your previous 1.1 root 1571: @code{$@{HOME@}/.wine} directory is saved to @code{$@{HOME@}/.wine.org}. 1572: 1573: @item Then you can try the example @file{putty.exe}: 1574: 1575: @example 1.1.1.3 ! root 1576: qemu-i386 /usr/local/qemu-i386/wine/bin/wine \ ! 1577: /usr/local/qemu-i386/wine/c/Program\ Files/putty.exe 1.1 root 1578: @end example 1579: 1580: @end itemize 1581: 1.1.1.3 ! root 1582: @node Command line options 1.1 root 1583: @section Command line options 1584: 1585: @example 1586: usage: qemu-i386 [-h] [-d] [-L path] [-s size] program [arguments...] 1587: @end example 1588: 1589: @table @option 1590: @item -h 1591: Print the help 1592: @item -L path 1593: Set the x86 elf interpreter prefix (default=/usr/local/qemu-i386) 1594: @item -s size 1595: Set the x86 stack size in bytes (default=524288) 1596: @end table 1597: 1598: Debug options: 1599: 1600: @table @option 1601: @item -d 1602: Activate log (logfile=/tmp/qemu.log) 1603: @item -p pagesize 1604: Act as if the host page size was 'pagesize' bytes 1605: @end table 1606: 1607: @node compilation 1608: @chapter Compilation from the sources 1609: 1.1.1.3 ! root 1610: @menu ! 1611: * Linux/Unix:: ! 1612: * Windows:: ! 1613: * Cross compilation for Windows with Linux:: ! 1614: * Mac OS X:: ! 1615: @end menu ! 1616: ! 1617: @node Linux/Unix 1.1 root 1618: @section Linux/Unix 1619: 1620: @subsection Compilation 1621: 1622: First you must decompress the sources: 1623: @example 1624: cd /tmp 1625: tar zxvf qemu-x.y.z.tar.gz 1626: cd qemu-x.y.z 1627: @end example 1628: 1629: Then you configure QEMU and build it (usually no options are needed): 1630: @example 1631: ./configure 1632: make 1633: @end example 1634: 1635: Then type as root user: 1636: @example 1637: make install 1638: @end example 1639: to install QEMU in @file{/usr/local}. 1640: 1641: @subsection Tested tool versions 1642: 1643: In order to compile QEMU succesfully, it is very important that you 1644: have the right tools. The most important one is gcc. I cannot guaranty 1645: that QEMU works if you do not use a tested gcc version. Look at 1646: 'configure' and 'Makefile' if you want to make a different gcc 1647: version work. 1648: 1649: @example 1650: host gcc binutils glibc linux distribution 1651: ---------------------------------------------------------------------- 1652: x86 3.2 2.13.2 2.1.3 2.4.18 1653: 2.96 2.11.93.0.2 2.2.5 2.4.18 Red Hat 7.3 1654: 3.2.2 2.13.90.0.18 2.3.2 2.4.20 Red Hat 9 1655: 1656: PowerPC 3.3 [4] 2.13.90.0.18 2.3.1 2.4.20briq 1657: 3.2 1658: 1659: Alpha 3.3 [1] 2.14.90.0.4 2.2.5 2.2.20 [2] Debian 3.0 1660: 1661: Sparc32 2.95.4 2.12.90.0.1 2.2.5 2.4.18 Debian 3.0 1662: 1663: ARM 2.95.4 2.12.90.0.1 2.2.5 2.4.9 [3] Debian 3.0 1664: 1665: [1] On Alpha, QEMU needs the gcc 'visibility' attribute only available 1666: for gcc version >= 3.3. 1667: [2] Linux >= 2.4.20 is necessary for precise exception support 1668: (untested). 1669: [3] 2.4.9-ac10-rmk2-np1-cerf2 1670: 1671: [4] gcc 2.95.x generates invalid code when using too many register 1672: variables. You must use gcc 3.x on PowerPC. 1673: @end example 1674: 1.1.1.3 ! root 1675: @node Windows 1.1 root 1676: @section Windows 1677: 1678: @itemize 1679: @item Install the current versions of MSYS and MinGW from 1680: @url{http://www.mingw.org/}. You can find detailed installation 1681: instructions in the download section and the FAQ. 1682: 1683: @item Download 1684: the MinGW development library of SDL 1.2.x 1.1.1.3 ! root 1685: (@file{SDL-devel-1.2.x-@/mingw32.tar.gz}) from 1.1 root 1686: @url{http://www.libsdl.org}. Unpack it in a temporary place, and 1687: unpack the archive @file{i386-mingw32msvc.tar.gz} in the MinGW tool 1688: directory. Edit the @file{sdl-config} script so that it gives the 1689: correct SDL directory when invoked. 1690: 1691: @item Extract the current version of QEMU. 1692: 1693: @item Start the MSYS shell (file @file{msys.bat}). 1694: 1695: @item Change to the QEMU directory. Launch @file{./configure} and 1696: @file{make}. If you have problems using SDL, verify that 1697: @file{sdl-config} can be launched from the MSYS command line. 1698: 1699: @item You can install QEMU in @file{Program Files/Qemu} by typing 1700: @file{make install}. Don't forget to copy @file{SDL.dll} in 1701: @file{Program Files/Qemu}. 1702: 1703: @end itemize 1704: 1.1.1.3 ! root 1705: @node Cross compilation for Windows with Linux 1.1 root 1706: @section Cross compilation for Windows with Linux 1707: 1708: @itemize 1709: @item 1710: Install the MinGW cross compilation tools available at 1711: @url{http://www.mingw.org/}. 1712: 1713: @item 1714: Install the Win32 version of SDL (@url{http://www.libsdl.org}) by 1715: unpacking @file{i386-mingw32msvc.tar.gz}. Set up the PATH environment 1716: variable so that @file{i386-mingw32msvc-sdl-config} can be launched by 1717: the QEMU configuration script. 1718: 1719: @item 1720: Configure QEMU for Windows cross compilation: 1721: @example 1722: ./configure --enable-mingw32 1723: @end example 1724: If necessary, you can change the cross-prefix according to the prefix 1725: choosen for the MinGW tools with --cross-prefix. You can also use 1726: --prefix to set the Win32 install path. 1727: 1728: @item You can install QEMU in the installation directory by typing 1729: @file{make install}. Don't forget to copy @file{SDL.dll} in the 1730: installation directory. 1731: 1732: @end itemize 1733: 1734: Note: Currently, Wine does not seem able to launch 1735: QEMU for Win32. 1736: 1.1.1.3 ! root 1737: @node Mac OS X 1.1 root 1738: @section Mac OS X 1739: 1740: The Mac OS X patches are not fully merged in QEMU, so you should look 1741: at the QEMU mailing list archive to have all the necessary 1742: information. 1743: 1.1.1.3 ! root 1744: @node Index ! 1745: @chapter Index ! 1746: @printindex cp ! 1747: ! 1748: @bye
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.