xref: /qemu/docs/user/main.rst (revision 2e73a17c68f4d80023dc616e596e8c1f3ea8dd75) 
1.. _user-mode:
2
3QEMU User space emulator
4========================
5
6Supported Operating Systems
7---------------------------
8
9The following OS are supported in user space emulation:
10
11-  Linux (referred as qemu-linux-user)
12
13-  BSD (referred as qemu-bsd-user)
14
15Features
16--------
17
18QEMU user space emulation has the following notable features:
19
20**System call translation:**
21   QEMU includes a generic system call translator. This means that the
22   parameters of the system calls can be converted to fix endianness and
23   32/64-bit mismatches between hosts and targets. IOCTLs can be
24   converted too.
25
26**POSIX signal handling:**
27   QEMU can redirect to the running program all signals coming from the
28   host (such as ``SIGALRM``), as well as synthesize signals from
29   virtual CPU exceptions (for example ``SIGFPE`` when the program
30   executes a division by zero).
31
32   QEMU relies on the host kernel to emulate most signal system calls,
33   for example to emulate the signal mask. On Linux, QEMU supports both
34   normal and real-time signals.
35
36**Threading:**
37   On Linux, QEMU can emulate the ``clone`` syscall and create a real
38   host thread (with a separate virtual CPU) for each emulated thread.
39   Note that not all targets currently emulate atomic operations
40   correctly. x86 and Arm use a global lock in order to preserve their
41   semantics.
42
43QEMU was conceived so that ultimately it can emulate itself. Although it
44is not very useful, it is an important test to show the power of the
45emulator.
46
47.. _linux-user-mode:
48
49Linux User space emulator
50-------------------------
51
52Command line options
53~~~~~~~~~~~~~~~~~~~~
54
55::
56
57   qemu-i386 [-h] [-d] [-L path] [-s size] [-cpu model] [-g port] [-B offset] [-R size] program [arguments...]
58
59``-h``
60   Print the help
61
62``-L path``
63   Set the x86 elf interpreter prefix (default=/usr/local/qemu-i386)
64
65``-s size``
66   Set the x86 stack size in bytes (default=524288)
67
68``-cpu model``
69   Select CPU model (-cpu help for list and additional feature
70   selection)
71
72``-E var=value``
73   Set environment var to value.
74
75``-U var``
76   Remove var from the environment.
77
78``-B offset``
79   Offset guest address by the specified number of bytes. This is useful
80   when the address region required by guest applications is reserved on
81   the host. This option is currently only supported on some hosts.
82
83``-R size``
84   Pre-allocate a guest virtual address space of the given size (in
85   bytes). \"G\", \"M\", and \"k\" suffixes may be used when specifying
86   the size.
87
88Debug options:
89
90``-d item1,...``
91   Activate logging of the specified items (use '-d help' for a list of
92   log items)
93
94``-g port``
95   Wait gdb connection to port
96
97``-one-insn-per-tb``
98   Run the emulation with one guest instruction per translation block.
99   This slows down emulation a lot, but can be useful in some situations,
100   such as when trying to analyse the logs produced by the ``-d`` option.
101
102Environment variables:
103
104QEMU_STRACE
105   Print system calls and arguments similar to the 'strace' program
106   (NOTE: the actual 'strace' program will not work because the user
107   space emulator hasn't implemented ptrace). At the moment this is
108   incomplete. All system calls that don't have a specific argument
109   format are printed with information for six arguments. Many
110   flag-style arguments don't have decoders and will show up as numbers.
111
112Other binaries
113~~~~~~~~~~~~~~
114
115-  user mode (Alpha)
116
117   * ``qemu-alpha`` TODO.
118
119-  user mode (Arm)
120
121   * ``qemu-armeb`` TODO.
122
123   * ``qemu-arm`` is also capable of running Arm \"Angel\" semihosted ELF
124     binaries (as implemented by the arm-elf and arm-eabi Newlib/GDB
125     configurations), and arm-uclinux bFLT format binaries.
126
127-  user mode (ColdFire)
128
129-  user mode (M68K)
130
131   * ``qemu-m68k`` is capable of running semihosted binaries using the BDM
132     (m5xxx-ram-hosted.ld) or m68k-sim (sim.ld) syscall interfaces, and
133     coldfire uClinux bFLT format binaries.
134
135   The binary format is detected automatically.
136
137-  user mode (i386)
138
139   * ``qemu-i386`` TODO.
140   * ``qemu-x86_64`` TODO.
141
142-  user mode (Microblaze)
143
144   * ``qemu-microblaze`` TODO.
145
146-  user mode (MIPS)
147
148   * ``qemu-mips`` executes 32-bit big endian MIPS binaries (MIPS O32 ABI).
149
150   * ``qemu-mipsel`` executes 32-bit little endian MIPS binaries (MIPS O32 ABI).
151
152   * ``qemu-mips64`` executes 64-bit big endian MIPS binaries (MIPS N64 ABI).
153
154   * ``qemu-mips64el`` executes 64-bit little endian MIPS binaries (MIPS N64
155     ABI).
156
157   * ``qemu-mipsn32`` executes 32-bit big endian MIPS binaries (MIPS N32 ABI).
158
159   * ``qemu-mipsn32el`` executes 32-bit little endian MIPS binaries (MIPS N32
160     ABI).
161
162-  user mode (PowerPC)
163
164   * ``qemu-ppc64`` TODO.
165   * ``qemu-ppc`` TODO.
166
167-  user mode (SH4)
168
169   * ``qemu-sh4eb`` TODO.
170   * ``qemu-sh4`` TODO.
171
172-  user mode (SPARC)
173
174   * ``qemu-sparc`` can execute Sparc32 binaries (Sparc32 CPU, 32 bit ABI).
175
176   * ``qemu-sparc32plus`` can execute Sparc32 and SPARC32PLUS binaries
177     (Sparc64 CPU, 32 bit ABI).
178
179   * ``qemu-sparc64`` can execute some Sparc64 (Sparc64 CPU, 64 bit ABI) and
180     SPARC32PLUS binaries (Sparc64 CPU, 32 bit ABI).
181
182.. _bsd-user-mode:
183
184BSD User space emulator
185-----------------------
186
187BSD Status
188~~~~~~~~~~
189
190-  target Sparc64 on Sparc64: Some trivial programs work.
191
192Quick Start
193~~~~~~~~~~~
194
195In order to launch a BSD process, QEMU needs the process executable
196itself and all the target dynamic libraries used by it.
197
198-  On Sparc64, you can just try to launch any process by using the
199   native libraries::
200
201      qemu-sparc64 /bin/ls
202
203Command line options
204~~~~~~~~~~~~~~~~~~~~
205
206::
207
208   qemu-sparc64 [-h] [-d] [-L path] [-s size] [-bsd type] program [arguments...]
209
210``-h``
211   Print the help
212
213``-L path``
214   Set the library root path (default=/)
215
216``-s size``
217   Set the stack size in bytes (default=524288)
218
219``-ignore-environment``
220   Start with an empty environment. Without this option, the initial
221   environment is a copy of the caller's environment.
222
223``-E var=value``
224   Set environment var to value.
225
226``-U var``
227   Remove var from the environment.
228
229``-bsd type``
230   Set the type of the emulated BSD Operating system. Valid values are
231   FreeBSD, NetBSD and OpenBSD (default).
232
233Debug options:
234
235``-d item1,...``
236   Activate logging of the specified items (use '-d help' for a list of
237   log items)
238
239``-p pagesize``
240   Act as if the host page size was 'pagesize' bytes
241
242``-one-insn-per-tb``
243   Run the emulation with one guest instruction per translation block.
244   This slows down emulation a lot, but can be useful in some situations,
245   such as when trying to analyse the logs produced by the ``-d`` option.
246