@item Sun4m/Sun4c/Sun4d (32-bit Sparc processor)
@item Sun4u (64-bit Sparc processor, in progress)
@item Malta board (32-bit and 64-bit MIPS processors)
+@item MIPS Magnum (64-bit MIPS processor)
@item ARM Integrator/CP (ARM)
@item ARM Versatile baseboard (ARM)
@item ARM RealView Emulation baseboard (ARM)
@item Freescale MCF5208EVB (ColdFire V2).
@item Arnewsh MCF5206 evaluation board (ColdFire V2).
@item Palm Tungsten|E PDA (OMAP310 processor)
+@item MusicPal (MV88W8618 ARM processor)
@end itemize
For user emulation, x86, PowerPC, ARM, 32-bit MIPS, Sparc32/64 and ColdFire(m68k) CPUs are supported.
@var{snapshot} is "on" or "off" and allows to enable snapshot for given drive (see @option{-snapshot}).
@item cache=@var{cache}
@var{cache} is "on" or "off" and allows to disable host cache to access data.
+@item format=@var{format}
+Specify which disk @var{format} will be used rather than detecting
+the format. Can be used to specifiy format=raw to avoid interpreting
+an untrusted format header.
@end table
Instead of @option{-cdrom} you can use:
be needed to boot from old floppy disks.
@item -m @var{megs}
-Set virtual RAM size to @var{megs} megabytes. Default is 128 MiB.
+Set virtual RAM size to @var{megs} megabytes. Default is 128 MiB. Optionally,
+a suffix of ``M'' or ``G'' can be used to signify a value in megabytes or
+gigabytes respectively.
@item -smp @var{n}
Simulate an SMP system with @var{n} CPUs. On the PC target, up to 255
@var{date} are: @code{now} or @code{2006-06-17T16:01:21} or
@code{2006-06-17}. The default value is @code{now}.
-@item -translation @var{setting1[,...]}
-Select dynamic translation options @var{setting}, @code{-translation ?}
-shows a list of settings. Valid settings are:
-
-@table @code
-@item @var{no-cache}
-This option disables caching of translated code. Is useful for low-level
-debugging of the emulated environment. This option incurs a massive
-slow-down in emulation speed.
-@end table
-
@item -pidfile @var{file}
Store the QEMU process PID in @var{file}. It is useful if you launch QEMU
from a script.
the console. Therefore, you can still use QEMU to debug a Linux kernel
with a serial console.
+@item -curses
+
+Normally, QEMU uses SDL to display the VGA output. With this option,
+QEMU can display the VGA output when in text mode using a
+curses/ncurses interface. Nothing is displayed in graphical mode.
+
@item -no-frame
Do not use decorations for SDL windows and start them using the whole
available screen space. This makes the using QEMU in a dedicated desktop
workspace more convenient.
+@item -no-quit
+
+Disable SDL window close capability.
+
@item -full-screen
Start in full screen.
@table @code
-@item @var{interface}:@var{d}
+@item @var{host}:@var{d}
-TCP connections will only be allowed from @var{interface} on display @var{d}.
-By convention the TCP port is 5900+@var{d}. Optionally, @var{interface} can
-be omitted in which case the server will bind to all interfaces.
+TCP connections will only be allowed from @var{host} on display @var{d}.
+By convention the TCP port is 5900+@var{d}. Optionally, @var{host} can
+be omitted in which case the server will accept connections from any host.
-@item @var{unix}:@var{path}
+@item @code{unix}:@var{path}
Connections will be allowed over UNIX domain sockets where @var{path} is the
location of a unix socket to listen for connections on.
@item none
-VNC is initialized by not started. The monitor @code{change} command can be used
-to later start the VNC server.
+VNC is initialized but not started. The monitor @code{change} command
+can be used to later start the VNC server.
@end table
@table @code
+@item reverse
+
+Connect to a listening VNC client via a ``reverse'' connection. The
+client is specified by the @var{display}. For reverse network
+connections (@var{host}:@var{d},@code{reverse}), the @var{d} argument
+is a TCP port number, not a display number.
+
@item password
Require that password based authentication is used for client connections.
Serial converter to host character device @var{dev}, see @code{-serial} for the
available devices.
+@item braille
+Braille device. This will use BrlAPI to display the braille output on a real
+or fake device.
+
@end table
@end table
Valid values for @var{type} are
@code{i82551}, @code{i82557b}, @code{i82559er},
@code{ne2k_pci}, @code{ne2k_isa}, @code{pcnet}, @code{rtl8139},
-@code{smc91c111}, @code{lance} and @code{mcf_fec}.
+@code{e1000}, @code{smc91c111}, @code{lance} and @code{mcf_fec}.
Not all devices are supported on all targets. Use -net nic,model=?
for a list of available devices for your target.
@item -serial mon:telnet::4444,server,nowait
@end table
+@item braille
+Braille device. This will use BrlAPI to display the braille output on a real
+or fake device.
+
@end table
@item -parallel @var{dev}
@item -no-reboot
Exit instead of rebooting.
+@item -no-shutdown
+Don't exit QEMU on guest shutdown, but instead only stop the emulation.
+This allows for instance switching to monitor to commit changes to the
+disk image.
+
@item -loadvm file
Start right away with a saved state (@code{loadvm} in monitor)
Change the medium for a removable disk device to point to @var{filename}. eg
@example
-(qemu) change cdrom /path/to/some.iso
+(qemu) change ide1-cd0 /path/to/some.iso
@end example
@item change vnc @var{display},@var{options}
Reset the system.
+@item boot_set @var{bootdevicelist}
+
+Define new values for the boot device list. Those values will override
+the values specified on the command line through the @code{-boot} option.
+
+The values that can be specified here depend on the machine type, but are
+the same that can be specified in the @code{-boot} command line option.
+
@item usb_add @var{devname}
Add the USB device @var{devname}. For details of available devices see
@end example
will connect to tcp port 4444 of ip 192.168.0.2, and plug that to the virtual
serial converter, faking a Matrix Orbital LCD Display (USB ID 0403:FA00).
+@item braille
+Braille device. This will use BrlAPI to display the braille output on a real
+or fake device.
@end table
@node host_usb_devices
@code{x/10i $cs*16+$eip} to dump the code at the PC position.
@end enumerate
+Advanced debugging options:
+
+The default single stepping behavior is step with the IRQs and timer service routines off. It is set this way because when gdb executes a single step it expects to advance beyond the current instruction. With the IRQs and and timer service routines on, a single step might jump into the one of the interrupt or exception vectors instead of executing the current instruction. This means you may hit the same breakpoint a number of times before executing the instruction gdb wants to have executed. Because there are rare circumstances where you want to single step into an interrupt vector the behavior can be controlled from GDB. There are three commands you can query and set the single step behavior:
+@table @code
+@item maintenance packet qqemu.sstepbits
+
+This will display the MASK bits used to control the single stepping IE:
+@example
+(gdb) maintenance packet qqemu.sstepbits
+sending: "qqemu.sstepbits"
+received: "ENABLE=1,NOIRQ=2,NOTIMER=4"
+@end example
+@item maintenance packet qqemu.sstep
+
+This will display the current value of the mask used when single stepping IE:
+@example
+(gdb) maintenance packet qqemu.sstep
+sending: "qqemu.sstep"
+received: "0x7"
+@end example
+@item maintenance packet Qqemu.sstep=HEX_VALUE
+
+This will change the single step mask, so if wanted to enable IRQs on the single step, but not timers, you would use:
+@example
+(gdb) maintenance packet Qqemu.sstep=0x5
+sending: "qemu.sstep=0x5"
+received: "OK"
+@end example
+@end table
+
@node pcsys_os_specific
@section Target OS specific information
Four executables cover simulation of 32 and 64-bit MIPS systems in
both endian options, @file{qemu-system-mips}, @file{qemu-system-mipsel}
@file{qemu-system-mips64} and @file{qemu-system-mips64el}.
-Four different machine types are emulated:
+Five different machine types are emulated:
@itemize @minus
@item
An ACER Pica "pica61". This machine needs the 64-bit emulator.
@item
MIPS emulator pseudo board "mipssim"
+@item
+A MIPS Magnum R4000 machine "magnum". This machine needs the 64-bit emulator.
@end itemize
The generic emulation is supported by Debian 'Etch' and is able to
MIPSnet network emulation
@end itemize
+The MIPS Magnum R4000 emulation supports:
+
+@itemize @minus
+@item
+MIPS R4000 CPU
+@item
+PC-style IRQ controller
+@item
+PC Keyboard
+@item
+SCSI controller
+@item
+G364 framebuffer
+@end itemize
+
+
@node ARM System emulator
@section ARM System emulator
OSRAM Pictiva 128x64 OLED with SSD0323 controller connected via SSI.
@end itemize
+The Freecom MusicPal internet radio emulation includes the following
+elements:
+
+@itemize @minus
+@item
+Marvell MV88W8618 ARM core.
+@item
+32 MB RAM, 256 KB SRAM, 8 MB flash.
+@item
+Up to 2 16550 UARTs
+@item
+MV88W8xx8 Ethernet controller
+@item
+MV88W8618 audio controller, WM8750 CODEC and mixer
+@item
+128×64 display with brightness control
+@item
+2 buttons, 2 navigation wheels with button function
+@end itemize
+
A Linux 2.6 test image is available on the QEMU web site. More
information is available in the QEMU mailing-list archive.
projects / mirror_qemu.git / blobdiff