Newbie (new to emulation) question: If I want to emulate an x86 (i486
specifically) on a Windows machine for the purpose of debugging an assembly
language program--that does not normally run under Windows (rather, runs on an
avionics mission computer on an aircraft; not under a commercial OS), would
Bochs be better than another emulator product such as VirtualBox? My concern
is that any emulator that uses dynamic recompilation or such trades off
realism of machine execution for speed of emulation. If I'm troubleshooting an
ASM program using an emulator, I want the emulated program to run as
faithfully as possible so that I can see realistically what's happening in
registers, flags, and memory. I don't want the emulator substituting code or
using tricks just to run faster. I believe I want fidelity over speed
(although speed is good).
Also, am I correct that Bochs keeps getting faster as the community optimizes
it, so relative speed of Bochs versus other emulators is becoming less of an
issue?
To you experts in emulation, are my concerns about VirtualBox and similar
emulators valid? Is Bochs a safer choice because it emulates the original code
as faithfully as possible?
Thanks in advance.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The VirtualBox is not an emulator on the same meaning as Bochs is. There are
three main emulation/virtualization techniques - Pure Emulation (Bochs), JIT
(Qemu) and virtualization, possibly hardware assisted (VirtualBox, VirtualPC,
Vmware and others). You could go wiki and learn in details what is the
difference between them.
Pure emulator tries to fetch/decode/execute every guest instruction alone, JIT
recompiles guest code into host one to archive better performance, virtualizer
tweaks segments/paging/system structures in the right way to be able to run
guest code on host nativly, with very little modification.
VirtualBox doesn't emulate Ring3 instructions, it just runs all Ring3 code
nativly on the host - it is fastest and most accurate way to do
virtualization.
JIT machine translates guest code into host and in theory could make it 100%
accurate way (Intel Pin www.pintool.org is good example for very accurate
JIT). But to make things run faster and JIT easier it might cut corners and
trade accuracy for speed - as Qemu does.
Emulator as Bochs also could cut corners to archive better performance. In
fact Bochs actually does it - when you disable x86 hardware debugging
facilities or x86 hardware alignment check Bochs emulation runs faster. x86
hardware debugging stuff even not enabled by default in Bochs releases. Also
Bochs, as others, mght have bugs and get incorrect, different from actual
hardware result, in some corner cases. Even in Ring3 code which will never
happen to VirtualPC or VmWare.
So the difference isn't in accuracy. The main difference between these three
technologies is controllability. VirtualBox could run code, but nothing more.
You cannot interfere with virtualized code in any way, only using host
hardware facilities.
JIT could instrument your code using predefined instrumentation code, your
instrumentation calls usually JITted together with guest code on the fly. But
inside translated block you almost can't have any control.
Pure emulation gives you full control over emulated system. You could have
fully featured powerful debugger inside the emulator and have access to every
piece of emulated hardware, control every instruction executing and even
emulation time. You could stop virtual machine on any place, examine and
change its state and when resume - and no guest software could figure out it
actually had been stopped.
Bochs has very powerful integrated GUI debugger for your needs. From speed
meaning - Bochs on Core 2 runs faster than real i486 hardware did so speed is
good but shouldn't be issue for you :)
Stanislav
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Newbie (new to emulation) question: If I want to emulate an x86 (i486
specifically) on a Windows machine for the purpose of debugging an assembly
language program--that does not normally run under Windows (rather, runs on an
avionics mission computer on an aircraft; not under a commercial OS), would
Bochs be better than another emulator product such as VirtualBox? My concern
is that any emulator that uses dynamic recompilation or such trades off
realism of machine execution for speed of emulation. If I'm troubleshooting an
ASM program using an emulator, I want the emulated program to run as
faithfully as possible so that I can see realistically what's happening in
registers, flags, and memory. I don't want the emulator substituting code or
using tricks just to run faster. I believe I want fidelity over speed
(although speed is good).
Also, am I correct that Bochs keeps getting faster as the community optimizes
it, so relative speed of Bochs versus other emulators is becoming less of an
issue?
To you experts in emulation, are my concerns about VirtualBox and similar
emulators valid? Is Bochs a safer choice because it emulates the original code
as faithfully as possible?
Thanks in advance.
Hi,
The VirtualBox is not an emulator on the same meaning as Bochs is. There are
three main emulation/virtualization techniques - Pure Emulation (Bochs), JIT
(Qemu) and virtualization, possibly hardware assisted (VirtualBox, VirtualPC,
Vmware and others). You could go wiki and learn in details what is the
difference between them.
Pure emulator tries to fetch/decode/execute every guest instruction alone, JIT
recompiles guest code into host one to archive better performance, virtualizer
tweaks segments/paging/system structures in the right way to be able to run
guest code on host nativly, with very little modification.
VirtualBox doesn't emulate Ring3 instructions, it just runs all Ring3 code
nativly on the host - it is fastest and most accurate way to do
virtualization.
JIT machine translates guest code into host and in theory could make it 100%
accurate way (Intel Pin www.pintool.org is good example for very accurate
JIT). But to make things run faster and JIT easier it might cut corners and
trade accuracy for speed - as Qemu does.
Emulator as Bochs also could cut corners to archive better performance. In
fact Bochs actually does it - when you disable x86 hardware debugging
facilities or x86 hardware alignment check Bochs emulation runs faster. x86
hardware debugging stuff even not enabled by default in Bochs releases. Also
Bochs, as others, mght have bugs and get incorrect, different from actual
hardware result, in some corner cases. Even in Ring3 code which will never
happen to VirtualPC or VmWare.
So the difference isn't in accuracy. The main difference between these three
technologies is controllability. VirtualBox could run code, but nothing more.
You cannot interfere with virtualized code in any way, only using host
hardware facilities.
JIT could instrument your code using predefined instrumentation code, your
instrumentation calls usually JITted together with guest code on the fly. But
inside translated block you almost can't have any control.
Pure emulation gives you full control over emulated system. You could have
fully featured powerful debugger inside the emulator and have access to every
piece of emulated hardware, control every instruction executing and even
emulation time. You could stop virtual machine on any place, examine and
change its state and when resume - and no guest software could figure out it
actually had been stopped.
Bochs has very powerful integrated GUI debugger for your needs. From speed
meaning - Bochs on Core 2 runs faster than real i486 hardware did so speed is
good but shouldn't be issue for you :)
Stanislav
You should write a book about how to make an emulator