Annotation of /trunk/TODO

$Id: TODO,v 1.343 2006/08/14 18:46:30 debug Exp $

Hm. This file is in random order, and not all parts of it are up-to-date.


Implementation:
        x)  ARM "wait"-like instruction.
        x)  CLOCK FRAMEWORK!
        x)  Mouse support for NetBSD/pmax 4.x!
        x)  See netwinder_reset() in NetBSD; the current "an internal error
            occured" message after reboot/halt is too ugly.
        x)  64-bit ranges in src/cpus/memory_mips_v2p.c
        x)  Revert the dyntrans page template experiment? Hm.
        x)  Refactor the cpu type detection/initialization/listing.
                Macro, which can be used as long as the cpu definitions
                contain a 'name'?
        x)  Testmachine includes:
                + dev_fb block fill and copy
                + dev_fb draw characters (from the built-in font)?
                + dev_fb input device? mouse pointer coordinates and buttons
                        (allow changes in these to cause interrupts as well?)
                + Redefine the halt() function so that it stops "sometimes
                  soon", i.e. usage in demo code should be:
                        for (;;) {
                                halt();
                        }
        x)  Continue on SPARC emulation
                + Enable it in the configure script as soon as it can
                  run all the demo programs.
        x)  Continue on Alpha emulation  (virtual memory, etc). Cleanup.
        x)  Nicer MIPS status bits in register dumps.
        x)  Alignment exceptions (MIPS, PPC, ARM?, ...)
        x)  Rewrite the networking stack; make OpenBSD work better as a guest
            OS, fix the performance problems, make Linux work with DHCP, etc.
            Support VDE (vde.sf.net)? Allow SLIP connections, possibly PPP,
            in addition to ethernet?
        x)  Implement more ethernet NICs.
        x)  IOP (I2O) device?

Documentation:
        x)  "Install netbsd/pmax first" => only use the install kernel?
        x)  Rewrite the section about experimental devices, after the
            framebuffer acceleration has been implemented, and demos
            written. (Symbolic names instead of numbers; example
            use cases, etc. Mention demo files that use the various
            features?)
        x)  "a very simple linear framebuffer device (for graphics output)"
            under "which machines does gxemul emulate" ==> better
            description?
        x)  Better description on how to set up a cross compiler?
            Example for MIPS64.

Long-term design:
        x)  Instruction combination collisions? How to avoid easily...
        x)  Think about how to do both SHmedia and SHcompact in a reasonable
            way!
        o)  Actually use the settings object, better debugger stuff, etc!
        o)  Debugger command for enabling/disabling instruction statistics
            during runtime.   machine.statistics = on|off
        x)  MAINBUS REDESIGN!
        x)  PCI redesign... I need to read up on how PCI actually works :)
        x)  Clock framework! Go through all clock devices, make sure they
            return correct data, and run at correct speeds!
        x)  Dyntrans with valgrind-inspired memory checker. (In memory_rw,
            it would be reasonably simple to add; in each individual fast
            load/store routine = a lot more work, and it would become
            kludgy very fast.)
        x)  Dyntrans with SMP... lots of work to be done here.
        x)  Dyntrans with cache emulation... lots of work here as well.
        x)  Reimplement the config file parser from scratch.

-------------------------------------------------------------------------------

Simple Valgrind-like checks?
        o)  Mark every address with bits which tell whether or not the address
            has been written to.
        o)  What should happen when programs are loaded?  Text/data, bss (zero
            filled). But stack space and heap is uninitialized.
        o)  Uninitialized local variables:
                A load from a place on the stack which has not previously
                been stored to => warning. Increasing the stack pointer using
                any available means should reset the memory to uninitialized.
        o)  If calls to malloc() and free() can be intercepted:
                o)  Access to a memory area after free() => warning.
                o)  Memory returned by malloc() is marked as not-initialized.
                o)  Non-passive, but good to have: Change the argument
                    given to malloc, to return a slightly larger memory
                    area, i.e.  margin_before + size + margin_after,
                    and return the pointer  + margin_before.
                    Any access to the margin_before or _after space results
                    in warnings. (free() must be modified to free the
                    actually allocated address.)

SMP:
        o)  dev_mp doesn't work well with dyntrans yet
        o)  In general, IPIs, CAS, LL/SC etc must be made to work with dyntrans

MIPS:
        +)  Some more work on opcodes.
                x) The "wait" instruction. How to implement this functionality?
                        (SMP, non-MIPS, interrupt correctness, host idling, ...)
                x) MIPS64 revision 2.
                        o)  Find out which actual CPUs implement the rev2 ISA!
                x) _MAYBE_ TX79 and R5900 actually differ in their
                   opcodes? Check this carefully!
        o)  Dyntrans: Count register updates are probably not 100% correct yet.
        o)  Refactor code for performance and readability/maintainability.
        o)  DROTR32 and similar MIPS64 rev 2 instructions, which have
            a rotation bit which differs from previous ISAs.
        o)  EI and DI instructions for MIPS64/32 rev 2. NOTE: These are
            _NOT_ the same as for R5900!
        o)  (Re)implement 128-bit loads/stores for R5900.
        o)  R4000 and others:
                x)  watchhi/watchlo exceptions, and other exception
                    handling details
        o)  R10000 and others:  (R12000, R14000 ?)
                x)  memory space, exceptions, ...
                x)  use cop0 framemask for tlb lookups
                    (http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/hdwr/bks/SGI_Developer/books/R10K_UM/sgi_html/t5.Ver.2.0.book_284.html)

Dyntrans:
        x)  Redesign/rethink the delay slot mechanism used for e.g. MIPS,
                so that it caches a translation (that is, an instruction
                word and the instr_call it was translated to the last
                time), so that it doesn't need to do slow
                to_be_translated for each end of page?
        x)  Program Counter statistics:
                Per machine? What about SMP? All data to the same file?
                A debugger command should be possible to use to enable/
                disable statistics gathering.
                Configuration file option!
        x)  Common fatal_abort() function, which drops into the debugger
                without continuing.
        x)  INVALIDATION should cause translations in _all_ cpus to be
            invalidated, e.g. on a write to a write-protected page
            (containing code)
        x)  16-bit encodings? (MIPS16, ARM Thumb, SH3, ...)
        x)  Lots of other stuff: see src/cpus/README_DYNTRANS
        x)  true recompilation backend? think carefully about this,
            experiment in a separate project (not in GXemul)
                o) First test would be to just implement a simple
                   instruction such as MIPS' addiu or lui, on AMD64
                   hosts...
        x)  Idle loop detection? (Depends on target.) Could be turned
            into usleep(1) or similar on the host... except when doing
            e.g. SMP emulation. Then it becomes trickier.

Transputer:
        x)  Implement support for Helios binaries.
        x)  Stack and register contents at startup?
        x)  Figure out how to boot an entire Helios distribution.
        x)  Implement all instructions. :)

Alpha:
        o)  Virtual memory (tlbs etc)
        o)  Get {NetBSD,OpenBSD,Linux}/alpha booting. :)

SPARC:
        o)  Load/stores to alternate address spaces!
        o)  Save/restore register windows etc!
        o)  Finish the subcc and addcc flag computation code.
        o)  Add more registers (floating point, control regs etc)
        o)  Disassemly of some more instructions?
        o)  Are sll etc 32-bit sign-extending or zero-extending?
        o)  Finish the GDB register stuff.
        o)  SPARC v8, v7 etc?

Debugger:
        o)  How does SMP debugging work? Does it simply use "threads"?
                What if the guest OS (running on an emulated SMP machine)
                has a usertask running, with userland threads?
        o)  Try to make the debugger more modular and, if possible, reentrant!
        o)  Remove the emul command? (But show network info if showing
                machines?)
        o)  Generalize the expression evaluator. (debugger_expr.c?)
                settable variables      ("show nr of instructions on average")
                emul[x]                 defaults to current emul
                machine[x]              defaults to current machine
                cpu[x]                  defaults to currently focused cpu
                registers               cpu arch dependent (#-prefix)
                symbols                 @-prefix
                numeric constants       decimal, hex, and octal ($-prefix)
                boolean                 yes,no, true,false
                operators (+ - * / % & | ^ !)
                parentheses for grouping subexpressions
                NOTE: the change from % to # for register prefix!
                examples:
                                emul[0].machine[2].cpu[0].pc
                                machine[test2].cpu[1].ra = main
                                settings.show_trace_tree = yes

                Settings:
                        o)  Remove a setting.
                        o)  Read/write a setting given a name. (Read as
                            string and/or int64_t simultaneously?)
                        o)  Warnings when exiting the emulator, if the
                            settings have not been removed exactly in
                            the same way as they were added? This would
                            improve code cleanliness in the long term.
                            (I.e. require a corresponding _destroy()
                            function for all _new functions... machine_
                            cpu_ etc.)

                Help command should have subsections! One for "expressions",
                mirrored in the documentation, but the internal help should
                be the one that should be considered correct.
        o)  see src/debugger.c for more

POWER/PowerPC:
        x)  PPC optimizations; instr combs
        x)  64-bit stuff: either Linux on G5, or perhaps some hobbyist
                version of AIX? (if there exists such a thing)
        x)  find and fix the bug which causes NetBSD/macppc to fail after
            an install!
        x)  macppc: adb controller; keyboard (for framebuffer mode)
        x)  make OpenBSD/macppc work (PCI controller stuff)

Algor:
        PCI interrupts... needed or stuff like the tlp NIC?

ARM:
        o)  try to get netbsd/evbarm 3.x running (iq80321)
        o)  make the xscale counter registers (ccnt) work
        o)  make the ata controller usable for FreeBSD!
        o)  zaurus for openbsd...
        o)  debian/cats crashes because of unimplemented coproc stuff.
            fix this?

Cache simulation:
        o)  Command line flags for:
                o)  CPU endianness?
                o)  Cache sizes? (multiple levels)
        o)  Separate from the CPU concept, so that multi-core CPUs sharing
            e.g. a L2 cache can be simulated (?)
        o)  Instruction cache emulation is easiest (if separate from the
            data cache); similar hack as the S;I; hack in cpu_dyntrans.c.
            NOTE: if the architecture has a delay slot, then an instruction
            slot can actually be executed as 2 instructions.
        o)  Data cache emulation = harder; each arch's load/store routines
            must include support? running one instruction at a time and
            having a cpu-dependant lookup function for each instruction
            is another option (easier to implement, but very very slow).

Documentation:
        o)  machines, cpus, devices.
        o)  Automagic documentation generation:
                x)  REMEMBER that several machines/devices can be in
                        the same source file!
        o)  Try to rewrite the install instructions for those machines
            that use 3MAX into using CATS? (To remove the need to a raw
            ffs partition using up all of the disk image.)

More generic out_of_memory error reporting, and check everywhere!
        Causes: OpenBSD has low default limits for normal users.
                Host is 32-bit? (32-bit hosts are limited to 4 GB or less
                of userspace memory.)
                You are actually low on RAM. (As trivial as this might sound,
                Unix systems usually allow processes to allocate virtual
                memory beyond the amount of RAM in the machine.)

Breakpoints: 32-bit vs 64-bit sign extension for MIPS, warnings, etc.
        Use the debugger's symbolic name stuff. (which will have to be
        extended soon to support stuff like  "2*x + symbol + y" etc. cool
        stuff)

The Device subsystem:
        x)  allow devices to be moved and/or changed in size (down to a
            minimum size, etc, or up to a max size)
        x)  keep track of interrupts and busses? actually, allowing any device
            to be a bus might be a nice idea.
        x)  turn interrupt controllers into devices? :-)
        x)  refactor various clocks/nvram/cmos into one device?

Clocks:
        x)  General framework for automagic clock adjustment for _all_
            kinds of clocks and timers. (Which should be possible to turn
            off, of course, like the way DECstation emulation works now.)

PCI:
        x)  last write was ffffffff ==> fix this, it should be used
            together with a mask to get the correct bits. also, not ALL
            bits are size bits! (lowest 4 vs lowest 2?)
        x)  add support for address fixups
        x)  generalize the interrupt routing stuff (lines etc). this should
            be per machine? or per bus, that's better
        x)  add a "pcn" NIC (AMD PCnet32 Lance 79c970 (PCI 1022:2000)),
            could be useful for several machine modes (Malta, Algor, evbarm,
            hp700?, macppc, etc.)

Network layer:
        o)  DHCP (for Debian and BSD installers :-)
        o)  increase performance
        o)  don't rely on NetBSD-ish usage
        o)  Multiple networks per emulation, and let different
            NICs in machines connect to different networks.
        o)  many other issues: see src/net.c

Busses:
        o)  Redesign the entire "mainbus" concept!
        o)  Busses should be placed in a hierarchical tree!
        o)  Easily configurable interrupt routing in SMP systems.
        o)  Specific clock/bus speeds, cpu speeds etc.
        o)  Synchronization over network? or at least in dyntrans within
            one emulated machine
        o)  dev->bus: TurboChannel, PCMCIA, ADB?

Config file parser:
        o)  Rewrite it from scratch!
        o)  Usage of any expression available through the debugger
        o)  Support for running debugger commands (like the -c
            command line option)

Floating point layer:
        o)  make it common enough to be used by _all_ emulation modes
        o)  implement more stuff
        o)  non-IEEE modes (i.e. x86)?

Userland emulation:
        x)  Lots of stuff; freebsd and netbsd (and linux?) syscalls.
        x)  Dynamic linking? Hm.

Sound:
        x)  generic sound framework
        x)  add one or more sound cards as devices

ASC SCSI controller:
        x)  NetBSD/arc 2.0 uses the ASC controller in a way which GXemul
            cannot yet handle. (NetBSD 1.6.2 works ok.) (Possibly a problem
            in NetBSD itself, http://mail-index.netbsd.org/source-changes/
            2005/11/06/0024.html suggests that.)

Caches / memory hierarchies: (this is mostly MIPS-specific)
        o)  src/memory*.c: Implement correct cache emulation for
            all CPU types. (currently only R2000/R3000 is implemented)
            (per CPU, multiple levels should be possible, associativity etc!)
        o)  R2000/R3000 isn't _100%_ correct, just almost correct :)
        o)  Move the -S (fill mem with random) functionality into the
            memory.c subsystem, not machine.c or wherever it is now
        o)  ECC stuff, simulation of memory errors?  (Machine dependent)
        o)  More than 4GB of emulated RAM, when run on a 32-bit host?
            (using manual swap-out of blocks to disk, ugly)
        o)  A global command line option should be used to turn
            cache emulation on or off. When off, caches should be
            faked like they are right now. When on, caches and
            memory latencies should be emulated as correctly as
            possible.

File/disk/symbol handling:
        o)  Remove some of the complexity in file format guessing, for
                Ultrix kernels that are actually disk images?
        o)  Better handling of tape files
        o)  Read function argument count and types from binaries? (ELF?)
        o)  Better demangling of C++ names. Note: GNU's C++ differs from e.g.
            Microsoft's C++, so multiple schemes must be possible. See
            URL at top of src/symbol_demangle.c for more info.

Userland ABI emulation:
        o)  see src/useremul.c

Terminal/console:
        o)  allow emulated serial ports to be connected to the outside
            world in a more generic way, or even to other emulated
            machines(?)

Save state of the whole emulated machine, to be able to load it back
        in later?  (Memory, all device's states, all registers and
        so on.  Like taking a snapshot. (SimOS seems to do this,
        according to its website.))

Better framebuffer and X-windows functionality:
        o)  -Yx sometimes causes crashes.
        o)  Simple device access to framebuffer_blockcopyfill() etc,
            and text output (using the built-in fonts), for dev_fb.
        o)  CLEAN UP the ugly event code
        o)  Mouse clicks can be "missed" in the current system; this is
            not good. They should be put on a stack of some kind.
        o)  More 2D and 3D framebuffer acceleration.
        o)  Non-resizable windows?  Or choose scaledown depending
                on size (and center the image, with a black border).
        o)  Different scaledown on different windows?
        o)  Switch scaledown during runtime? (Ala CTRL-ALT-plus/minus)
        o)  Bug reported by Elijah Rutschman on MacOS with weird
            keys (F5 = cursor down?).
        o)  Keyboard and mouse events:
                x)  Do this for more machines than just DECstation
                x)  more X11 cursor keycodes
                x)  Keys like CTRL, ALT, SHIFT do not get through
                    by themselves (these are necessary for example
                    to change the font of an xterm in X in the
                    emulator)
        o)  Generalize the framebuffer stuff by moving _ALL_ X11
                specific code to src/x11.c!

Statistics:  (this could be interesting)
        o)  Save to file and show graphics. It should be possible to
            run gxemul after a simulation to just show the graphics,
            or convert to a .ppm or .tga or similar.
        o)  memory accesses (to measure cache efficiency and
                page coloring efficiency)
        o)  nr of simultaneous ASIDs in use in the TLB, for MIPS
        o)  percentage of time spent in different "states", such as
            running userland code, kernel code, or idling (for CPUs
            that have such an instruction, or whenever the PC is
            inside a specific idle-function (address range)).
            Possible additional state (for example on R3000): caches
            disabled.
        o)  position of read/write on (SCSI) disks

1	dpavlin	30	$Id: TODO,v 1.343 2006/08/14 18:46:30 debug Exp $
2	dpavlin	2
3	dpavlin	22	Hm. This file is in random order, and not all parts of it are up-to-date.
4	dpavlin	20
5	dpavlin	30
6			Implementation:
7			x) ARM "wait"-like instruction.
8			x) CLOCK FRAMEWORK!
9			x) Mouse support for NetBSD/pmax 4.x!
10			x) See netwinder_reset() in NetBSD; the current "an internal error
11			occured" message after reboot/halt is too ugly.
12	dpavlin	28	x) 64-bit ranges in src/cpus/memory_mips_v2p.c
13			x) Revert the dyntrans page template experiment? Hm.
14			x) Refactor the cpu type detection/initialization/listing.
15	dpavlin	30	Macro, which can be used as long as the cpu definitions
16			contain a 'name'?
17	dpavlin	28	x) Testmachine includes:
18			+ dev_fb block fill and copy
19			+ dev_fb draw characters (from the built-in font)?
20			+ dev_fb input device? mouse pointer coordinates and buttons
21			(allow changes in these to cause interrupts as well?)
22			+ Redefine the halt() function so that it stops "sometimes
23			soon", i.e. usage in demo code should be:
24			for (;;) {
25			halt();
26			}
27			x) Continue on SPARC emulation
28			+ Enable it in the configure script as soon as it can
29			run all the demo programs.
30			x) Continue on Alpha emulation (virtual memory, etc). Cleanup.
31	dpavlin	30	x) Nicer MIPS status bits in register dumps.
32	dpavlin	28	x) Alignment exceptions (MIPS, PPC, ARM?, ...)
33	dpavlin	30	x) Rewrite the networking stack; make OpenBSD work better as a guest
34			OS, fix the performance problems, make Linux work with DHCP, etc.
35			Support VDE (vde.sf.net)? Allow SLIP connections, possibly PPP,
36			in addition to ethernet?
37			x) Implement more ethernet NICs.
38			x) IOP (I2O) device?
39	dpavlin	28
40	dpavlin	30	Documentation:
41			x) "Install netbsd/pmax first" => only use the install kernel?
42			x) Rewrite the section about experimental devices, after the
43			framebuffer acceleration has been implemented, and demos
44			written. (Symbolic names instead of numbers; example
45			use cases, etc. Mention demo files that use the various
46			features?)
47			x) "a very simple linear framebuffer device (for graphics output)"
48			under "which machines does gxemul emulate" ==> better
49			description?
50			x) Better description on how to set up a cross compiler?
51			Example for MIPS64.
52
53	dpavlin	28	Long-term design:
54			x) Instruction combination collisions? How to avoid easily...
55	dpavlin	30	x) Think about how to do both SHmedia and SHcompact in a reasonable
56			way!
57	dpavlin	28	o) Actually use the settings object, better debugger stuff, etc!
58			o) Debugger command for enabling/disabling instruction statistics
59			during runtime. machine.statistics = on\|off
60			x) MAINBUS REDESIGN!
61	dpavlin	30	x) PCI redesign... I need to read up on how PCI actually works :)
62	dpavlin	28	x) Clock framework! Go through all clock devices, make sure they
63	dpavlin	24	return correct data, and run at correct speeds!
64	dpavlin	28	x) Dyntrans with valgrind-inspired memory checker. (In memory_rw,
65			it would be reasonably simple to add; in each individual fast
66			load/store routine = a lot more work, and it would become
67			kludgy very fast.)
68	dpavlin	24	x) Dyntrans with SMP... lots of work to be done here.
69			x) Dyntrans with cache emulation... lots of work here as well.
70	dpavlin	28	x) Reimplement the config file parser from scratch.
71	dpavlin	24
72	dpavlin	28	-------------------------------------------------------------------------------
73
74			Simple Valgrind-like checks?
75			o) Mark every address with bits which tell whether or not the address
76			has been written to.
77			o) What should happen when programs are loaded? Text/data, bss (zero
78			filled). But stack space and heap is uninitialized.
79			o) Uninitialized local variables:
80			A load from a place on the stack which has not previously
81			been stored to => warning. Increasing the stack pointer using
82			any available means should reset the memory to uninitialized.
83			o) If calls to malloc() and free() can be intercepted:
84			o) Access to a memory area after free() => warning.
85			o) Memory returned by malloc() is marked as not-initialized.
86			o) Non-passive, but good to have: Change the argument
87			given to malloc, to return a slightly larger memory
88			area, i.e. margin_before + size + margin_after,
89			and return the pointer + margin_before.
90			Any access to the margin_before or _after space results
91			in warnings. (free() must be modified to free the
92			actually allocated address.)
93
94	dpavlin	24	SMP:
95			o) dev_mp doesn't work well with dyntrans yet
96			o) In general, IPIs, CAS, LL/SC etc must be made to work with dyntrans
97
98			MIPS:
99			+) Some more work on opcodes.
100	dpavlin	30	x) The "wait" instruction. How to implement this functionality?
101			(SMP, non-MIPS, interrupt correctness, host idling, ...)
102	dpavlin	24	x) MIPS64 revision 2.
103	dpavlin	28	o) Find out which actual CPUs implement the rev2 ISA!
104	dpavlin	24	x) _MAYBE_ TX79 and R5900 actually differ in their
105			opcodes? Check this carefully!
106			o) Dyntrans: Count register updates are probably not 100% correct yet.
107			o) Refactor code for performance and readability/maintainability.
108			o) DROTR32 and similar MIPS64 rev 2 instructions, which have
109			a rotation bit which differs from previous ISAs.
110			o) EI and DI instructions for MIPS64/32 rev 2. NOTE: These are
111			_NOT_ the same as for R5900!
112	dpavlin	28	o) (Re)implement 128-bit loads/stores for R5900.
113	dpavlin	24	o) R4000 and others:
114			x) watchhi/watchlo exceptions, and other exception
115			handling details
116			o) R10000 and others: (R12000, R14000 ?)
117			x) memory space, exceptions, ...
118			x) use cop0 framemask for tlb lookups
119			(http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/hdwr/bks/SGI_Developer/books/R10K_UM/sgi_html/t5.Ver.2.0.book_284.html)
120
121	dpavlin	14	Dyntrans:
122	dpavlin	28	x) Redesign/rethink the delay slot mechanism used for e.g. MIPS,
123			so that it caches a translation (that is, an instruction
124			word and the instr_call it was translated to the last
125			time), so that it doesn't need to do slow
126			to_be_translated for each end of page?
127			x) Program Counter statistics:
128			Per machine? What about SMP? All data to the same file?
129			A debugger command should be possible to use to enable/
130			disable statistics gathering.
131			Configuration file option!
132	dpavlin	24	x) Common fatal_abort() function, which drops into the debugger
133			without continuing.
134	dpavlin	22	x) INVALIDATION should cause translations in _all_ cpus to be
135			invalidated, e.g. on a write to a write-protected page
136			(containing code)
137			x) 16-bit encodings? (MIPS16, ARM Thumb, SH3, ...)
138	dpavlin	18	x) Lots of other stuff: see src/cpus/README_DYNTRANS
139	dpavlin	22	x) true recompilation backend? think carefully about this,
140			experiment in a separate project (not in GXemul)
141	dpavlin	28	o) First test would be to just implement a simple
142			instruction such as MIPS' addiu or lui, on AMD64
143			hosts...
144			x) Idle loop detection? (Depends on target.) Could be turned
145			into usleep(1) or similar on the host... except when doing
146			e.g. SMP emulation. Then it becomes trickier.
147	dpavlin	18
148	dpavlin	30	Transputer:
149			x) Implement support for Helios binaries.
150			x) Stack and register contents at startup?
151			x) Figure out how to boot an entire Helios distribution.
152			x) Implement all instructions. :)
153
154	dpavlin	24	Alpha:
155			o) Virtual memory (tlbs etc)
156			o) Get {NetBSD,OpenBSD,Linux}/alpha booting. :)
157
158			SPARC:
159	dpavlin	30	o) Load/stores to alternate address spaces!
160	dpavlin	24	o) Save/restore register windows etc!
161	dpavlin	30	o) Finish the subcc and addcc flag computation code.
162			o) Add more registers (floating point, control regs etc)
163	dpavlin	28	o) Disassemly of some more instructions?
164	dpavlin	24	o) Are sll etc 32-bit sign-extending or zero-extending?
165			o) Finish the GDB register stuff.
166	dpavlin	28	o) SPARC v8, v7 etc?
167	dpavlin	24
168			Debugger:
169			o) How does SMP debugging work? Does it simply use "threads"?
170			What if the guest OS (running on an emulated SMP machine)
171			has a usertask running, with userland threads?
172			o) Try to make the debugger more modular and, if possible, reentrant!
173			o) Remove the emul command? (But show network info if showing
174			machines?)
175			o) Generalize the expression evaluator. (debugger_expr.c?)
176			settable variables ("show nr of instructions on average")
177			emul[x] defaults to current emul
178			machine[x] defaults to current machine
179			cpu[x] defaults to currently focused cpu
180			registers cpu arch dependent (#-prefix)
181			symbols @-prefix
182			numeric constants decimal, hex, and octal ($-prefix)
183			boolean yes,no, true,false
184			operators (+ - * / % & \| ^ !)
185			parentheses for grouping subexpressions
186			NOTE: the change from % to # for register prefix!
187			examples:
188			emul[0].machine[2].cpu[0].pc
189			machine[test2].cpu[1].ra = main
190			settings.show_trace_tree = yes
191
192			Settings:
193			o) Remove a setting.
194			o) Read/write a setting given a name. (Read as
195			string and/or int64_t simultaneously?)
196	dpavlin	28	o) Warnings when exiting the emulator, if the
197			settings have not been removed exactly in
198			the same way as they were added? This would
199			improve code cleanliness in the long term.
200			(I.e. require a corresponding _destroy()
201			function for all _new functions... machine_
202			cpu_ etc.)
203	dpavlin	24
204			Help command should have subsections! One for "expressions",
205			mirrored in the documentation, but the internal help should
206			be the one that should be considered correct.
207			o) see src/debugger.c for more
208
209			POWER/PowerPC:
210			x) PPC optimizations; instr combs
211	dpavlin	28	x) 64-bit stuff: either Linux on G5, or perhaps some hobbyist
212			version of AIX? (if there exists such a thing)
213	dpavlin	24	x) find and fix the bug which causes NetBSD/macppc to fail after
214			an install!
215			x) macppc: adb controller; keyboard (for framebuffer mode)
216			x) make OpenBSD/macppc work (PCI controller stuff)
217
218			Algor:
219	dpavlin	30	PCI interrupts... needed or stuff like the tlp NIC?
220	dpavlin	24
221			ARM:
222			o) try to get netbsd/evbarm 3.x running (iq80321)
223			o) make the xscale counter registers (ccnt) work
224			o) make the ata controller usable for FreeBSD!
225			o) zaurus for openbsd...
226			o) debian/cats crashes because of unimplemented coproc stuff.
227			fix this?
228
229			Cache simulation:
230	dpavlin	28	o) Command line flags for:
231			o) CPU endianness?
232			o) Cache sizes? (multiple levels)
233	dpavlin	24	o) Separate from the CPU concept, so that multi-core CPUs sharing
234			e.g. a L2 cache can be simulated (?)
235			o) Instruction cache emulation is easiest (if separate from the
236			data cache); similar hack as the S;I; hack in cpu_dyntrans.c.
237			NOTE: if the architecture has a delay slot, then an instruction
238			slot can actually be executed as 2 instructions.
239			o) Data cache emulation = harder; each arch's load/store routines
240			must include support? running one instruction at a time and
241			having a cpu-dependant lookup function for each instruction
242			is another option (easier to implement, but very very slow).
243
244			Documentation:
245			o) machines, cpus, devices.
246			o) Automagic documentation generation:
247			x) REMEMBER that several machines/devices can be in
248			the same source file!
249			o) Try to rewrite the install instructions for those machines
250			that use 3MAX into using CATS? (To remove the need to a raw
251			ffs partition using up all of the disk image.)
252
253	dpavlin	22	More generic out_of_memory error reporting, and check everywhere!
254			Causes: OpenBSD has low default limits for normal users.
255			Host is 32-bit? (32-bit hosts are limited to 4 GB or less
256			of userspace memory.)
257			You are actually low on RAM. (As trivial as this might sound,
258			Unix systems usually allow processes to allocate virtual
259			memory beyond the amount of RAM in the machine.)
260
261			Breakpoints: 32-bit vs 64-bit sign extension for MIPS, warnings, etc.
262			Use the debugger's symbolic name stuff. (which will have to be
263			extended soon to support stuff like "2*x + symbol + y" etc. cool
264			stuff)
265
266			The Device subsystem:
267			x) allow devices to be moved and/or changed in size (down to a
268			minimum size, etc, or up to a max size)
269			x) keep track of interrupts and busses? actually, allowing any device
270	dpavlin	24	to be a bus might be a nice idea.
271			x) turn interrupt controllers into devices? :-)
272	dpavlin	22	x) refactor various clocks/nvram/cmos into one device?
273
274	dpavlin	24	Clocks:
275			x) General framework for automagic clock adjustment for _all_
276			kinds of clocks and timers. (Which should be possible to turn
277			off, of course, like the way DECstation emulation works now.)
278	dpavlin	22
279			PCI:
280	dpavlin	24	x) last write was ffffffff ==> fix this, it should be used
281			together with a mask to get the correct bits. also, not ALL
282			bits are size bits! (lowest 4 vs lowest 2?)
283	dpavlin	22	x) add support for address fixups
284			x) generalize the interrupt routing stuff (lines etc). this should
285			be per machine? or per bus, that's better
286	dpavlin	24	x) add a "pcn" NIC (AMD PCnet32 Lance 79c970 (PCI 1022:2000)),
287			could be useful for several machine modes (Malta, Algor, evbarm,
288			hp700?, macppc, etc.)
289	dpavlin	22
290			Network layer:
291			o) DHCP (for Debian and BSD installers :-)
292			o) increase performance
293			o) don't rely on NetBSD-ish usage
294			o) Multiple networks per emulation, and let different
295			NICs in machines connect to different networks.
296			o) many other issues: see src/net.c
297
298			Busses:
299			o) Redesign the entire "mainbus" concept!
300			o) Busses should be placed in a hierarchical tree!
301			o) Easily configurable interrupt routing in SMP systems.
302			o) Specific clock/bus speeds, cpu speeds etc.
303			o) Synchronization over network? or at least in dyntrans within
304			one emulated machine
305			o) dev->bus: TurboChannel, PCMCIA, ADB?
306
307			Config file parser:
308	dpavlin	24	o) Rewrite it from scratch!
309	dpavlin	22	o) Usage of any expression available through the debugger
310			o) Support for running debugger commands (like the -c
311			command line option)
312
313			Floating point layer:
314			o) make it common enough to be used by _all_ emulation modes
315	dpavlin	24	o) implement more stuff
316	dpavlin	22	o) non-IEEE modes (i.e. x86)?
317
318	dpavlin	14	Userland emulation:
319	dpavlin	22	x) Lots of stuff; freebsd and netbsd (and linux?) syscalls.
320	dpavlin	14	x) Dynamic linking? Hm.
321	dpavlin	12
322	dpavlin	22	Sound:
323			x) generic sound framework
324			x) add one or more sound cards as devices
325	dpavlin	12
326	dpavlin	24	ASC SCSI controller:
327			x) NetBSD/arc 2.0 uses the ASC controller in a way which GXemul
328			cannot yet handle. (NetBSD 1.6.2 works ok.) (Possibly a problem
329			in NetBSD itself, http://mail-index.netbsd.org/source-changes/
330			2005/11/06/0024.html suggests that.)
331
332	dpavlin	22	Caches / memory hierarchies: (this is mostly MIPS-specific)
333			o) src/memory*.c: Implement correct cache emulation for
334			all CPU types. (currently only R2000/R3000 is implemented)
335	dpavlin	28	(per CPU, multiple levels should be possible, associativity etc!)
336	dpavlin	22	o) R2000/R3000 isn't _100%_ correct, just almost correct :)
337			o) Move the -S (fill mem with random) functionality into the
338			memory.c subsystem, not machine.c or wherever it is now
339			o) ECC stuff, simulation of memory errors? (Machine dependent)
340			o) More than 4GB of emulated RAM, when run on a 32-bit host?
341			(using manual swap-out of blocks to disk, ugly)
342			o) A global command line option should be used to turn
343			cache emulation on or off. When off, caches should be
344			faked like they are right now. When on, caches and
345			memory latencies should be emulated as correctly as
346			possible.
347	dpavlin	2
348	dpavlin	22	File/disk/symbol handling:
349	dpavlin	28	o) Remove some of the complexity in file format guessing, for
350			Ultrix kernels that are actually disk images?
351	dpavlin	22	o) Better handling of tape files
352			o) Read function argument count and types from binaries? (ELF?)
353	dpavlin	24	o) Better demangling of C++ names. Note: GNU's C++ differs from e.g.
354			Microsoft's C++, so multiple schemes must be possible. See
355			URL at top of src/symbol_demangle.c for more info.
356	dpavlin	2
357	dpavlin	22	Userland ABI emulation:
358			o) see src/useremul.c
359	dpavlin	12
360	dpavlin	22	Terminal/console:
361			o) allow emulated serial ports to be connected to the outside
362			world in a more generic way, or even to other emulated
363			machines(?)
364	dpavlin	2
365	dpavlin	22	Save state of the whole emulated machine, to be able to load it back
366			in later? (Memory, all device's states, all registers and
367			so on. Like taking a snapshot. (SimOS seems to do this,
368			according to its website.))
369	dpavlin	6
370	dpavlin	22	Better framebuffer and X-windows functionality:
371			o) -Yx sometimes causes crashes.
372			o) Simple device access to framebuffer_blockcopyfill() etc,
373			and text output (using the built-in fonts), for dev_fb.
374			o) CLEAN UP the ugly event code
375			o) Mouse clicks can be "missed" in the current system; this is
376			not good. They should be put on a stack of some kind.
377			o) More 2D and 3D framebuffer acceleration.
378			o) Non-resizable windows? Or choose scaledown depending
379			on size (and center the image, with a black border).
380			o) Different scaledown on different windows?
381			o) Switch scaledown during runtime? (Ala CTRL-ALT-plus/minus)
382	dpavlin	24	o) Bug reported by Elijah Rutschman on MacOS with weird
383			keys (F5 = cursor down?).
384	dpavlin	22	o) Keyboard and mouse events:
385			x) Do this for more machines than just DECstation
386			x) more X11 cursor keycodes
387			x) Keys like CTRL, ALT, SHIFT do not get through
388			by themselves (these are necessary for example
389			to change the font of an xterm in X in the
390			emulator)
391			o) Generalize the framebuffer stuff by moving _ALL_ X11
392			specific code to src/x11.c!
393	dpavlin	2
394	dpavlin	22	Statistics: (this could be interesting)
395			o) Save to file and show graphics. It should be possible to
396			run gxemul after a simulation to just show the graphics,
397			or convert to a .ppm or .tga or similar.
398			o) memory accesses (to measure cache efficiency and
399			page coloring efficiency)
400			o) nr of simultaneous ASIDs in use in the TLB, for MIPS
401			o) percentage of time spent in different "states", such as
402			running userland code, kernel code, or idling (for CPUs
403			that have such an instruction, or whenever the PC is
404			inside a specific idle-function (address range)).
405			Possible additional state (for example on R3000): caches
406			disabled.
407			o) position of read/write on (SCSI) disks
408	dpavlin	2