1 |
$Id: TODO,v 1.324 2006/07/22 10:23:39 debug Exp $ |
2 |
|
3 |
Hm. This file is in random order, and not all parts of it are up-to-date. |
4 |
|
5 |
Code cleanup: |
6 |
x) 64-bit ranges in src/cpus/memory_mips_v2p.c |
7 |
x) Revert the dyntrans page template experiment? Hm. |
8 |
x) Refactor the cpu type detection/initialization/listing. |
9 |
|
10 |
Documentation: |
11 |
x) Rewrite the section about experimental devices, after the |
12 |
framebuffer acceleration has been implemented, and demos |
13 |
written. (Symbolic names instead of numbers; example |
14 |
use cases, etc. Mention demo files that use the various |
15 |
features?) |
16 |
x) "a very simple linear framebuffer device (for graphics output)" |
17 |
under "which machines does gxemul emulate" ==> better |
18 |
description? |
19 |
x) Better description on how to set up a cross compiler? |
20 |
Example for MIPS64. |
21 |
|
22 |
Long-term implementation: |
23 |
x) Testmachine includes: |
24 |
+ dev_fb block fill and copy |
25 |
+ dev_fb draw characters (from the built-in font)? |
26 |
+ dev_fb input device? mouse pointer coordinates and buttons |
27 |
(allow changes in these to cause interrupts as well?) |
28 |
+ Redefine the halt() function so that it stops "sometimes |
29 |
soon", i.e. usage in demo code should be: |
30 |
for (;;) { |
31 |
halt(); |
32 |
} |
33 |
x) Rewrite the networking stack; make OpenBSD work better as a guest |
34 |
OS, fix the performance problems, make Linux work with DHCP, etc. |
35 |
x) Make the wdc controller work with modern versions of NetBSD! |
36 |
x) Continue on SPARC emulation |
37 |
+ Enable it in the configure script as soon as it can |
38 |
run all the demo programs. |
39 |
x) Continue on Alpha emulation (virtual memory, etc). Cleanup. |
40 |
x) Alignment exceptions (MIPS, PPC, ARM?, ...) |
41 |
|
42 |
Long-term design: |
43 |
x) Instruction combination collisions? How to avoid easily... |
44 |
o) Actually use the settings object, better debugger stuff, etc! |
45 |
o) Debugger command for enabling/disabling instruction statistics |
46 |
during runtime. machine.statistics = on|off |
47 |
x) MAINBUS REDESIGN! |
48 |
x) Clock framework! Go through all clock devices, make sure they |
49 |
return correct data, and run at correct speeds! |
50 |
x) Dyntrans with valgrind-inspired memory checker. (In memory_rw, |
51 |
it would be reasonably simple to add; in each individual fast |
52 |
load/store routine = a lot more work, and it would become |
53 |
kludgy very fast.) |
54 |
x) Dyntrans with SMP... lots of work to be done here. |
55 |
x) Dyntrans with cache emulation... lots of work here as well. |
56 |
x) Reimplement the config file parser from scratch. |
57 |
|
58 |
Test: |
59 |
x) Test with more than one Sprite instance on an emulated network! |
60 |
x) NetBSD 4.x, once it is out. |
61 |
|
62 |
------------------------------------------------------------------------------- |
63 |
|
64 |
Simple Valgrind-like checks? |
65 |
o) Mark every address with bits which tell whether or not the address |
66 |
has been written to. |
67 |
o) What should happen when programs are loaded? Text/data, bss (zero |
68 |
filled). But stack space and heap is uninitialized. |
69 |
o) Uninitialized local variables: |
70 |
A load from a place on the stack which has not previously |
71 |
been stored to => warning. Increasing the stack pointer using |
72 |
any available means should reset the memory to uninitialized. |
73 |
o) If calls to malloc() and free() can be intercepted: |
74 |
o) Access to a memory area after free() => warning. |
75 |
o) Memory returned by malloc() is marked as not-initialized. |
76 |
o) Non-passive, but good to have: Change the argument |
77 |
given to malloc, to return a slightly larger memory |
78 |
area, i.e. margin_before + size + margin_after, |
79 |
and return the pointer + margin_before. |
80 |
Any access to the margin_before or _after space results |
81 |
in warnings. (free() must be modified to free the |
82 |
actually allocated address.) |
83 |
|
84 |
SMP: |
85 |
o) dev_mp doesn't work well with dyntrans yet |
86 |
o) In general, IPIs, CAS, LL/SC etc must be made to work with dyntrans |
87 |
|
88 |
MIPS: |
89 |
+) Some more work on opcodes. |
90 |
x) MIPS64 revision 2. |
91 |
o) Find out which actual CPUs implement the rev2 ISA! |
92 |
x) _MAYBE_ TX79 and R5900 actually differ in their |
93 |
opcodes? Check this carefully! |
94 |
o) Dyntrans: Count register updates are probably not 100% correct yet. |
95 |
o) Refactor code for performance and readability/maintainability. |
96 |
o) Instruction combinations? Possible candidates (but profile first!): |
97 |
o) R2000/R3000 cache cleaner! |
98 |
o) strlen, memset loops etc |
99 |
o) multiple loads/stores in a row, e.g. relative to |
100 |
the stack pointer |
101 |
o) lui + or, lui + add, and 64-bit variants |
102 |
o) jr ra + addiu to the v0 register? |
103 |
o) compare + branch |
104 |
o) DROTR32 and similar MIPS64 rev 2 instructions, which have |
105 |
a rotation bit which differs from previous ISAs. |
106 |
o) EI and DI instructions for MIPS64/32 rev 2. NOTE: These are |
107 |
_NOT_ the same as for R5900! |
108 |
o) (Re)implement 128-bit loads/stores for R5900. |
109 |
o) R4000 and others: |
110 |
x) watchhi/watchlo exceptions, and other exception |
111 |
handling details |
112 |
o) R10000 and others: (R12000, R14000 ?) |
113 |
x) memory space, exceptions, ... |
114 |
x) use cop0 framemask for tlb lookups |
115 |
(http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/hdwr/bks/SGI_Developer/books/R10K_UM/sgi_html/t5.Ver.2.0.book_284.html) |
116 |
|
117 |
Dyntrans: |
118 |
x) Redesign/rethink the delay slot mechanism used for e.g. MIPS, |
119 |
so that it caches a translation (that is, an instruction |
120 |
word and the instr_call it was translated to the last |
121 |
time), so that it doesn't need to do slow |
122 |
to_be_translated for each end of page? |
123 |
x) Program Counter statistics: |
124 |
Per machine? What about SMP? All data to the same file? |
125 |
A debugger command should be possible to use to enable/ |
126 |
disable statistics gathering. |
127 |
Configuration file option! |
128 |
x) Common fatal_abort() function, which drops into the debugger |
129 |
without continuing. |
130 |
x) INVALIDATION should cause translations in _all_ cpus to be |
131 |
invalidated, e.g. on a write to a write-protected page |
132 |
(containing code) |
133 |
x) Call/return hints? |
134 |
x) 16-bit encodings? (MIPS16, ARM Thumb, SH3, ...) |
135 |
x) H8? |
136 |
x) Lots of other stuff: see src/cpus/README_DYNTRANS |
137 |
x) true recompilation backend? think carefully about this, |
138 |
experiment in a separate project (not in GXemul) |
139 |
o) First test would be to just implement a simple |
140 |
instruction such as MIPS' addiu or lui, on AMD64 |
141 |
hosts... |
142 |
x) Idle loop detection? (Depends on target.) Could be turned |
143 |
into usleep(1) or similar on the host... except when doing |
144 |
e.g. SMP emulation. Then it becomes trickier. |
145 |
|
146 |
Alpha: |
147 |
o) Virtual memory (tlbs etc) |
148 |
o) Get {NetBSD,OpenBSD,Linux}/alpha booting. :) |
149 |
|
150 |
SPARC: |
151 |
o) Add all registers (floating point, control regs etc) |
152 |
o) Save/restore register windows etc! |
153 |
o) Load/stores! |
154 |
o) Disassemly of some more instructions? |
155 |
o) Are sll etc 32-bit sign-extending or zero-extending? |
156 |
o) Finish the cmp (subcc) flag computation code. |
157 |
o) Finish the GDB register stuff. |
158 |
o) SPARC v8, v7 etc? |
159 |
|
160 |
Debugger: |
161 |
o) How does SMP debugging work? Does it simply use "threads"? |
162 |
What if the guest OS (running on an emulated SMP machine) |
163 |
has a usertask running, with userland threads? |
164 |
o) Try to make the debugger more modular and, if possible, reentrant! |
165 |
o) Remove the emul command? (But show network info if showing |
166 |
machines?) |
167 |
o) Generalize the expression evaluator. (debugger_expr.c?) |
168 |
settable variables ("show nr of instructions on average") |
169 |
emul[x] defaults to current emul |
170 |
machine[x] defaults to current machine |
171 |
cpu[x] defaults to currently focused cpu |
172 |
registers cpu arch dependent (#-prefix) |
173 |
symbols @-prefix |
174 |
numeric constants decimal, hex, and octal ($-prefix) |
175 |
boolean yes,no, true,false |
176 |
operators (+ - * / % & | ^ !) |
177 |
parentheses for grouping subexpressions |
178 |
NOTE: the change from % to # for register prefix! |
179 |
examples: |
180 |
emul[0].machine[2].cpu[0].pc |
181 |
machine[test2].cpu[1].ra = main |
182 |
settings.show_trace_tree = yes |
183 |
|
184 |
Settings: |
185 |
o) Remove a setting. |
186 |
o) Read/write a setting given a name. (Read as |
187 |
string and/or int64_t simultaneously?) |
188 |
o) Warnings when exiting the emulator, if the |
189 |
settings have not been removed exactly in |
190 |
the same way as they were added? This would |
191 |
improve code cleanliness in the long term. |
192 |
(I.e. require a corresponding _destroy() |
193 |
function for all _new functions... machine_ |
194 |
cpu_ etc.) |
195 |
|
196 |
Help command should have subsections! One for "expressions", |
197 |
mirrored in the documentation, but the internal help should |
198 |
be the one that should be considered correct. |
199 |
o) see src/debugger.c for more |
200 |
|
201 |
POWER/PowerPC: |
202 |
x) PPC optimizations; instr combs |
203 |
x) 64-bit stuff: either Linux on G5, or perhaps some hobbyist |
204 |
version of AIX? (if there exists such a thing) |
205 |
x) find and fix the bug which causes NetBSD/macppc to fail after |
206 |
an install! |
207 |
x) macppc: adb controller; keyboard (for framebuffer mode) |
208 |
x) make OpenBSD/macppc work (PCI controller stuff) |
209 |
|
210 |
Algor: |
211 |
PCI and ISA and LOCAL interrupts! --> wdc could start working |
212 |
Add interrupt controller in dev_algor.c. |
213 |
|
214 |
ARM: |
215 |
o) try to get netbsd/evbarm 3.x running (iq80321) |
216 |
o) make the xscale counter registers (ccnt) work |
217 |
o) make the ata controller usable for FreeBSD! |
218 |
o) zaurus for openbsd... |
219 |
o) debian/cats crashes because of unimplemented coproc stuff. |
220 |
fix this? |
221 |
|
222 |
Cache simulation: |
223 |
o) Command line flags for: |
224 |
o) CPU endianness? |
225 |
o) Cache sizes? (multiple levels) |
226 |
o) Separate from the CPU concept, so that multi-core CPUs sharing |
227 |
e.g. a L2 cache can be simulated (?) |
228 |
o) Instruction cache emulation is easiest (if separate from the |
229 |
data cache); similar hack as the S;I; hack in cpu_dyntrans.c. |
230 |
NOTE: if the architecture has a delay slot, then an instruction |
231 |
slot can actually be executed as 2 instructions. |
232 |
o) Data cache emulation = harder; each arch's load/store routines |
233 |
must include support? running one instruction at a time and |
234 |
having a cpu-dependant lookup function for each instruction |
235 |
is another option (easier to implement, but very very slow). |
236 |
|
237 |
Documentation: |
238 |
o) machines, cpus, devices. |
239 |
o) Automagic documentation generation: |
240 |
x) REMEMBER that several machines/devices can be in |
241 |
the same source file! |
242 |
o) Try to rewrite the install instructions for those machines |
243 |
that use 3MAX into using CATS? (To remove the need to a raw |
244 |
ffs partition using up all of the disk image.) |
245 |
|
246 |
More generic out_of_memory error reporting, and check everywhere! |
247 |
Causes: OpenBSD has low default limits for normal users. |
248 |
Host is 32-bit? (32-bit hosts are limited to 4 GB or less |
249 |
of userspace memory.) |
250 |
You are actually low on RAM. (As trivial as this might sound, |
251 |
Unix systems usually allow processes to allocate virtual |
252 |
memory beyond the amount of RAM in the machine.) |
253 |
|
254 |
Breakpoints: 32-bit vs 64-bit sign extension for MIPS, warnings, etc. |
255 |
Use the debugger's symbolic name stuff. (which will have to be |
256 |
extended soon to support stuff like "2*x + symbol + y" etc. cool |
257 |
stuff) |
258 |
|
259 |
The Device subsystem: |
260 |
x) allow devices to be moved and/or changed in size (down to a |
261 |
minimum size, etc, or up to a max size) |
262 |
x) keep track of interrupts and busses? actually, allowing any device |
263 |
to be a bus might be a nice idea. |
264 |
x) turn interrupt controllers into devices? :-) |
265 |
x) refactor various clocks/nvram/cmos into one device? |
266 |
|
267 |
Clocks: |
268 |
x) General framework for automagic clock adjustment for _all_ |
269 |
kinds of clocks and timers. (Which should be possible to turn |
270 |
off, of course, like the way DECstation emulation works now.) |
271 |
|
272 |
PCI: |
273 |
x) last write was ffffffff ==> fix this, it should be used |
274 |
together with a mask to get the correct bits. also, not ALL |
275 |
bits are size bits! (lowest 4 vs lowest 2?) |
276 |
x) add support for address fixups |
277 |
x) generalize the interrupt routing stuff (lines etc). this should |
278 |
be per machine? or per bus, that's better |
279 |
x) add a "pcn" NIC (AMD PCnet32 Lance 79c970 (PCI 1022:2000)), |
280 |
could be useful for several machine modes (Malta, Algor, evbarm, |
281 |
hp700?, macppc, etc.) |
282 |
|
283 |
Network layer: |
284 |
o) DHCP (for Debian and BSD installers :-) |
285 |
o) increase performance |
286 |
o) don't rely on NetBSD-ish usage |
287 |
o) Multiple networks per emulation, and let different |
288 |
NICs in machines connect to different networks. |
289 |
o) many other issues: see src/net.c |
290 |
|
291 |
Busses: |
292 |
o) Redesign the entire "mainbus" concept! |
293 |
o) Busses should be placed in a hierarchical tree! |
294 |
o) Easily configurable interrupt routing in SMP systems. |
295 |
o) Specific clock/bus speeds, cpu speeds etc. |
296 |
o) Synchronization over network? or at least in dyntrans within |
297 |
one emulated machine |
298 |
o) dev->bus: TurboChannel, PCMCIA, ADB? |
299 |
|
300 |
Config file parser: |
301 |
o) Rewrite it from scratch! |
302 |
o) Usage of any expression available through the debugger |
303 |
o) Support for running debugger commands (like the -c |
304 |
command line option) |
305 |
|
306 |
Floating point layer: |
307 |
o) make it common enough to be used by _all_ emulation modes |
308 |
o) implement more stuff |
309 |
o) non-IEEE modes (i.e. x86)? |
310 |
|
311 |
Userland emulation: |
312 |
x) Lots of stuff; freebsd and netbsd (and linux?) syscalls. |
313 |
x) Dynamic linking? Hm. |
314 |
|
315 |
Sound: |
316 |
x) generic sound framework |
317 |
x) add one or more sound cards as devices |
318 |
|
319 |
ASC SCSI controller: |
320 |
x) NetBSD/arc 2.0 uses the ASC controller in a way which GXemul |
321 |
cannot yet handle. (NetBSD 1.6.2 works ok.) (Possibly a problem |
322 |
in NetBSD itself, http://mail-index.netbsd.org/source-changes/ |
323 |
2005/11/06/0024.html suggests that.) |
324 |
|
325 |
Caches / memory hierarchies: (this is mostly MIPS-specific) |
326 |
o) src/memory*.c: Implement correct cache emulation for |
327 |
all CPU types. (currently only R2000/R3000 is implemented) |
328 |
(per CPU, multiple levels should be possible, associativity etc!) |
329 |
o) R2000/R3000 isn't _100%_ correct, just almost correct :) |
330 |
o) Move the -S (fill mem with random) functionality into the |
331 |
memory.c subsystem, not machine.c or wherever it is now |
332 |
o) ECC stuff, simulation of memory errors? (Machine dependent) |
333 |
o) More than 4GB of emulated RAM, when run on a 32-bit host? |
334 |
(using manual swap-out of blocks to disk, ugly) |
335 |
o) A global command line option should be used to turn |
336 |
cache emulation on or off. When off, caches should be |
337 |
faked like they are right now. When on, caches and |
338 |
memory latencies should be emulated as correctly as |
339 |
possible. |
340 |
|
341 |
File/disk/symbol handling: |
342 |
o) Remove some of the complexity in file format guessing, for |
343 |
Ultrix kernels that are actually disk images? |
344 |
o) Better handling of tape files |
345 |
o) Read function argument count and types from binaries? (ELF?) |
346 |
o) Better demangling of C++ names. Note: GNU's C++ differs from e.g. |
347 |
Microsoft's C++, so multiple schemes must be possible. See |
348 |
URL at top of src/symbol_demangle.c for more info. |
349 |
|
350 |
Userland ABI emulation: |
351 |
o) see src/useremul.c |
352 |
|
353 |
Terminal/console: |
354 |
o) allow emulated serial ports to be connected to the outside |
355 |
world in a more generic way, or even to other emulated |
356 |
machines(?) |
357 |
|
358 |
Save state of the whole emulated machine, to be able to load it back |
359 |
in later? (Memory, all device's states, all registers and |
360 |
so on. Like taking a snapshot. (SimOS seems to do this, |
361 |
according to its website.)) |
362 |
|
363 |
Better framebuffer and X-windows functionality: |
364 |
o) -Yx sometimes causes crashes. |
365 |
o) Simple device access to framebuffer_blockcopyfill() etc, |
366 |
and text output (using the built-in fonts), for dev_fb. |
367 |
o) CLEAN UP the ugly event code |
368 |
o) Mouse clicks can be "missed" in the current system; this is |
369 |
not good. They should be put on a stack of some kind. |
370 |
o) More 2D and 3D framebuffer acceleration. |
371 |
o) Non-resizable windows? Or choose scaledown depending |
372 |
on size (and center the image, with a black border). |
373 |
o) Different scaledown on different windows? |
374 |
o) Switch scaledown during runtime? (Ala CTRL-ALT-plus/minus) |
375 |
o) Bug reported by Elijah Rutschman on MacOS with weird |
376 |
keys (F5 = cursor down?). |
377 |
o) Keyboard and mouse events: |
378 |
x) Do this for more machines than just DECstation |
379 |
x) more X11 cursor keycodes |
380 |
x) Keys like CTRL, ALT, SHIFT do not get through |
381 |
by themselves (these are necessary for example |
382 |
to change the font of an xterm in X in the |
383 |
emulator) |
384 |
o) Generalize the framebuffer stuff by moving _ALL_ X11 |
385 |
specific code to src/x11.c! |
386 |
|
387 |
Statistics: (this could be interesting) |
388 |
o) Save to file and show graphics. It should be possible to |
389 |
run gxemul after a simulation to just show the graphics, |
390 |
or convert to a .ppm or .tga or similar. |
391 |
o) memory accesses (to measure cache efficiency and |
392 |
page coloring efficiency) |
393 |
o) nr of simultaneous ASIDs in use in the TLB, for MIPS |
394 |
o) percentage of time spent in different "states", such as |
395 |
running userland code, kernel code, or idling (for CPUs |
396 |
that have such an instruction, or whenever the PC is |
397 |
inside a specific idle-function (address range)). |
398 |
Possible additional state (for example on R3000): caches |
399 |
disabled. |
400 |
o) position of read/write on (SCSI) disks |
401 |
|