--- trunk/TODO 2007/10/08 16:17:48 2 +++ trunk/TODO 2007/10/08 16:21:17 34 @@ -1,220 +1,515 @@ -$Id: TODO,v 1.125 2005/03/06 08:21:10 debug Exp $ +$Id: TODO,v 1.453 2007/02/19 01:34:42 debug Exp $ -Here's a short list of what I have left to do on GXemul. This file is a mess. -Order is random. Don't trust it to be up-to-date. +------------------------------------------------------------------------------- +Fix after the 0.4.4 release: + Fix the PowerPC DECR interrupt speed! - Caches / memory hierarchies: (this is mostly MIPS-specific) - o) MIPS coproc.c: bits in config registers should reflect - correct cache sizes for _all_ CPU types. (currently only - implemented for R4000, R1x000, and a few others) - o) src/memory*.c: Implement correct cache emulation for - all CPU types. (currently only R2000/R3000 is implemented) - (per CPU, multiple levels should be possible, - associativity etc!) - o) R2000/R3000 isn't _100%_ correct, just almost correct :) - o) Move the -S (fill mem with random) functionality into the - memory.c subsystem, not machine.c or wherever it is now - o) ECC stuff, simulation of memory errors? (Machine dependant) - o) More than 4GB of emulated RAM, when run on a 32-bit host? - (using manual swap-out of blocks to disk, ugly) - o) A global command line option should be used to turn - cache emulation on or off. When off, caches should be - faked like they are right now. When on, caches and - memory latencies should be emulated as correctly as - possible. - - Network layer: - o) Multiple networks per emulation, and let different - NICs in machines connect to different networks. - o) Network across multiple hosts. - o) Fixed MAC addresses for NICs, fixed IPv4 addresses if - DHCP or RARP is used. - o) many other issues: see src/net.c - - Configure script: - o) Only enable Alpha prefetch on pca56 etc, not on ev4, ev5. - o) Use getopts? - o) X11 libs and headers via command line option? - o) Verify that the configure script, building and running - the emulator works on some platforms: - +) Irix, AIX, QNX - +) MacOS X (I've not tried this personally yet) - +) Ultrix using gcc? (Inside the emulator) - - CPU emulation: - o) Binary translation: - +) use an Intermediate Representation! - +) recursive translation? - +) basic blocks instead of one-instruction? :) - +) on Alpha: don't assume pca56-like byte load/store? - +) write backends for UltraSparc and MIPS - +) see src/bintrans.c for more info - - MIPS CPU emulation: - o) Instructions: - o) Regression tests (see tests/README for more info): - o) Floating point exception handling, and - add more instructions. - o) Finish the MIPS16 translator, and test it! - o) MIPS ISA I, II, III, IV - o) MIPS V (SIMD vector stuff?) - o) MDMX (MIPS Digital Media Extension) - o) MIPS 3D - o) MIPS MT (Multi-thread stuff) (What's this?) - o) Warn about mis-used bit fields (ie bits that - should be all zeroes, warn about if they are not)! - Both for coprocessor registers and for instruction - opcodes. - o) the special2 stuff is a mess right now - o) warn and/or cause exceptions for unimplemented - instructions (depending on CPU type) - o) R2000/R3000: - x) R3000 "tri-byte stores". (What's this?) - o) R4000 and others: - x) watchhi/watchlo exceptions, and other exception - handling details - o) R10000 and others: (R12000, R14000 ?) - x) memory space, exceptions, ... - x) use cop0 framemask for tlb lookups - (http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/hdwr/bks/SGI_Developer/books/R10K_UM/sgi_html/t5.Ver.2.0.book_284.html) - o) Implement load delays? Warnings on interlocks. - o) Implement all coprocessor 0 bits / functions. - x) coproc 0 selectors! (R4000 ?) - o) R4300 (nintendo64, no mmu?), R5900 (playstation2, weird - TLB/cache? 128-bit GPRs, new instructions), - 4K (note: NOT R4000), 5K (note: NOT R5000), - R6000 (ISA II), R8000 - o) Multi-cpu stuff: - +) SGI's NUMA architecture. Study - x) Linux sources - x) SGI's specs on NUMA address space - +) Ultrix? NetBSD doesn't do SMP on MIPS yet :-( - +) Own experiments with ycx2. - - Emulation of specific machines and devices: - o) Clean up stuff to make it possible to emulate multiple - (different) machines simultaneously. - o) Use same clock for all emulations and machines. - o) Clean up the device stuff (registering of devices etc) - o) Various SCSI and IDE controllers - o) PS/2-style keyboard controller (for several machines) - o) Generic busses; - x) PCI: i/o and interrupts - x) QBus-22 (DECsystem 5500, 5400?) - o) DECstations (pmax): - x) ioasic - x) framebuffers: - +) better cursor support, overlays?, - +) 2D/3D acceleration, PX[G] - x) status words / control words, make this more - portable/cleaner - x) scsi controller(s): sii, DMA for asc - x) serial controllers: ssc, scc (and more work on dc?) - x) nvram on decstation 5000/125: when using X11, - set console=g or similar - x) DECstation 5840? "xbi-based SMP" - o) SGI and ARC machines (sgimips, arc): - x) IP32 ("O2"): (Lots of stuff) - +) mec (ethernet) - +) pci - +) ahc (scsi) - +) ps2 kbd - +) memory controller - +) framebuffer/graphics - +) caches - x) more ARCBIOS stuff - x) Memory/interrupt controllers - x) IP30 (Linux with graphics support?) - x) SMP / NUMA? (SGI and various ARC machines) - o) Cobalt: PCI and interrupt system, ethernet, - harddisk controller(s) - o) Playstation 2: - Hardware: OHCI usb controller, keyboard, IDE, ... - Has an R3000A as a subsystem (!) - o) hpcmips: framebuffer(s) and harddisk controller, - among other things - o) newsmips: - o) NetBSD/newsmips, get it to detect a "real" - model, right now everything is 100% bogus - o) Less interesting platforms: - o) mipsco? (NetBSD) - o) wgrisc? (big endian R3000, in OpenBSD's attic) - o) other embedded / evaluation MIPS boards - o) Playstation 1? R3000A. Weird hardware? - No FPU, but something as coproc 2. - o) Nintendo 64, http://www.nintendo.com/systems/n64/n64_specs.jsp - (R4300, 4MB RAM, really weird memory map) - - File/disk handling: - o) Read function argument count and types from binaries? (ELF?) - o) ELF: separate LE/BE (MIPS instruction format) from LSB/MSB - (ELF structure format)? - o) Better handling of tape files - - Userland ABI emulation: - o) see src/useremul.c - - Terminal based interactive debugger: - o) see src/debugger.c - - GDB interface? (Maybe not necessary; the built-in debugger feels - more useful.) - - GUI, interactive debugger? GTK+? (The GUI _must be optional_!) - o) Breakpoints (complex expressions? combinations of register - states, memory accesses and so on) - o) Instruction trace - o) Disassembly of RAM (_NOT_ the same as instruction trace) - o) Function call trace - o) Inspection of CPU registers/state, coprocessor - registers/state, any device registers/state/contents - o) Framebuffers in windows / tabs. - o) Contents of RAM - o) "Start new emulation" should allow amount of - RAM and nr of cpus to easily be specified. - Multiple simultaneous machines should be possible. - o) Disk images. - - Regression tests: - o) see tests/ - - Save state of the whole emulated machine, to be able to load it back - in later? (Memory, all device's states, all registers and - so on. Like taking a snapshot. (SimOS seems to do this, - according to its website.)) - - Better X-windows functionality: - o) CLEAN UP the ugly event code - o) Mouse clicks can be "missed" in the current system; this is - not good. They should be put on a stack of some kind. - o) More 2D and 3D framebuffer acceleration. - o) Non-resizable windows? Or choose scaledown depending - on size (and center the image, with a black border). - o) Different scaledown on different windows? - o) Switch scaledown during runtime? (Ala CTRL-ALT-plus/minus) - o) Keyboard and mouse events: - x) Do this for more machines than just DECstation - x) more X11 cursor keycodes - x) Keys like CTRL, ALT, SHIFT do not get through - by themselves (these are necessary for example - to change the font of an xterm in X in the - emulator) - o) Generalize the framebuffer stuff by moving _ALL_ X11 - specific code to src/x11.c! - - Statistics: (this could be interesting) - o) Save to file and show graphics. It should be possible to - run gxemul after a simulation to just show the graphics, - or convert to a .ppm or .tga or similar. - o) memory accesses (to measure cache efficiency and - page coloring efficiency) - o) nr of simultaneous ASIDs in use in the TLB, for MIPS - o) percentage of time spent in different "states", such as - running userland code, kernel code, or idling (for CPUs - that have such an instruction, or whenever the PC is - inside a specific idle-function (address range)). - Possible additional state (for example on R3000): caches - disabled. - o) position of read/write on (SCSI) disks +------------------------------------------------------------------------------- + +Possible (relatively large) work packages to concentrate on in the future: + + x) SMP: + Get SMP working again. It is pretty much broken since I started + the conversion from the old bintrans system to the new dyntrans system. + Add better Test machine demos for SMP in the demos directory. + + x) Network: + Redesign of the networking subsystem, at least the NAT translation + part. The current way of allowing raw ethernet frames to be + transfered to/from the emulator via UDP should probably be extended + to allow the frames to be transmitted other ways as well. + Also adding support for connecting ttys (either to xterms, or to + pipes/sockets etc, or even to PPP->NAT or SLIP->NAT :-). + + x) PCI: + Pretty much everything related to runtime configuration, device + slots, interrupts, whatever. The current code is very hardcoded + and ugly. + + x) Debugging: + Think more about SMP debugging, etc. Right now, the + debugger is a mess. Also, a better connection to GDB would be + very nice to have. + + x) Userland emulation: + Primary goals would be NetBSD and Linux syscall emulation. + +And of course, there are _LOTS_ of minor TODOs spread out throughout +the source code, which must be fixed sooner or later. + +------------------------------------------------------------------------------- + +Some other things, in random order, that I'd like to fix: (Some items in +this list are probably out-to-date by now.) + +Dyntrans: + x) Instruction combination collisions? How to avoid easily... + x) Think about how to do both SHmedia and SHcompact in a reasonable + way! (Or AMD64 long/protected/real, for that matter.) + x) 68K emulation; think about how to do variable instruction + lengths across page boundaries. + x) Dyntrans with valgrind-inspired memory checker. (In memory_rw, + it would be reasonably simple to add; in each individual fast + load/store routine = a lot more work, and it would become + kludgy very fast.) + x) Dyntrans with SMP... lots of work to be done here. + x) Dyntrans with cache emulation... lots of work here as well. + o) dev_mp doesn't work well with dyntrans yet + o) In general, IPIs, CAS, LL/SC etc must be made to work with dyntrans + x) Redesign/rethink the delay slot mechanism used for e.g. MIPS, + so that it caches a translation (that is, an instruction + word and the instr_call it was translated to the last + time), so that it doesn't need to do slow + to_be_translated for each end of page? + x) Program Counter statistics: + Per machine? What about SMP? All data to the same file? + A debugger command should be possible to use to enable/ + disable statistics gathering. + Configuration file option! + x) Breakpoints: + o) Physical vs virtual addresses! + o) 32-bit vs 64-bit sign extension for MIPS, and others? + x) INVALIDATION should cause translations in _all_ cpus to be + invalidated, e.g. on a write to a write-protected page + (containing code) + x) 16-bit encodings? (MIPS16, ARM Thumb, 32-bit SH on SH64) + x) Lots of other stuff: see src/cpus/README_DYNTRANS + x) true recompilation backend? think carefully about this. + o) abstract syntax for emitting opcopdes + o) convert into native code only after an entire + block has been translated? probably best. + o) x86/amd64 code generator can be very similar... perhaps + o) branches to already translated code blocks can + link the blocks together + o) load/store are the most important. + +Simple Valgrind-like checks? + o) Mark every address with bits which tell whether or not the address + has been written to. + o) What should happen when programs are loaded? Text/data, bss (zero + filled). But stack space and heap is uninitialized. + o) Uninitialized local variables: + A load from a place on the stack which has not previously + been stored to => warning. Increasing the stack pointer using + any available means should reset the memory to uninitialized. + o) If calls to malloc() and free() can be intercepted: + o) Access to a memory area after free() => warning. + o) Memory returned by malloc() is marked as not-initialized. + o) Non-passive, but good to have: Change the argument + given to malloc, to return a slightly larger memory + area, i.e. margin_before + size + margin_after, + and return the pointer + margin_before. + Any access to the margin_before or _after space results + in warnings. (free() must be modified to free the + actually allocated address.) + +MIPS: + o) Nicer MIPS status bits in register dumps. + o) Alignment exceptions. + o) Floating point exception correctness. + o) Fix this? Triggered by NetBSD/sgimips? Hm: + to_be_translated(): TODO: unimplemented instruction: + 000000000065102c: 00200800 (d) rot_00 at,zr,0 + o) Some more work on opcodes. + x) MIPS64 revision 2. + o) Find out which actual CPUs implement the rev2 ISA! + o) DROTR32 and similar MIPS64 rev 2 instructions, + which have a rotation bit which differs from + previous ISAs. + o) EI and DI instructions for MIPS64/32 rev 2. + NOTE: These are _NOT_ the same as for R5900! + x) _MAYBE_ TX79 and R5900 actually differ in their + opcodes? Check this carefully! + o) Dyntrans: Count register updates are probably not 100% correct yet. + o) Refactor code for performance and readability/maintainability. + o) (Re)implement 128-bit loads/stores for R5900. + o) R4000 and others: + x) watchhi/watchlo exceptions, and other exception + handling details + o) R10000 and others: (R12000, R14000 ?) + x) The code before the line + /* reg[COP0_PAGEMASK] = cpu->cd.mips.coproc[0]->tlbs[0].mask & PAGEMASK_MASK; */ + in cpu_mips.c is not correct for R10000 according to + Lemote's Godson patches for GXemul. TODO: Go through all + register definitions according to http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/hdwr/bks/SGI_Developer/books/R10K_UM/sgi_html/t5.Ver.2.0.book_263.html#HEADING334 + and make sure everything works with R10000. + Then test with OpenBSD/sgi? + x) memory space, exceptions, ... + x) use cop0 framemask for tlb lookups + (http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi/hdwr/bks/SGI_Developer/books/R10K_UM/sgi_html/t5.Ver.2.0.book_284.html) + +SuperH: + x) SH4 interrupt controller: + x) Implement correct priorities of interrupts + x) SH4 DMA (0xffa00000) + x) SH4 UBC (0xff200000) + x) Store queues can copy 32 bytes at a time, there's no need to + copy individual 32-bit words. (Performance improvement.) + x) SH4 BSC (Bus State Controller) + x) SH4 RTC: Read the host's clock. + x) SH4 SCIF: Serial _interrupts_ + x) Instruction tracing should include symbols for branch targets, + and so on, to make the output more human readable. + x) NetBSD/evbsh3, dreamcast, mmeye, hpcsh! Linux? + x) Replace pc-relative loads with immediate load, if within the + same page. (Similar to the same optimization for ARM.) + x) Floating point speed! + x) Floating point exception correctness. + x) Think carefully about how to implement SH5/SH64 (for evbsh5). + +Dreamcast: + x) G2 DMA + x) LAN adapter (dev_mb8696x.c). NetBSD root-on-nfs. + x) PVR: Lots of stuff. See dev_pvr.c. + x) GDROM + x) Modem + x) PCI bridge/bus? + x) Maple bus: + x) Correct controller input + x) Mouse input + x) Software emulation of BIOS calls: + x) GD-ROM emulation: Use the GDROM device. + x) Use the VGA font as a fake ROM font. (Better than + nothing.) + x) Linux/dreamcast? (The gentoo kernel currently crashes.) + x) Make as many as possible of the KOS examples run! + x) More homebrew demos/games. + x) SPU: Sound emulation (ARM cpu). + x) VME processor emulation? "(Sanyo LC8670 "Potato")" according to + Wikipedia, LC86K87 according to Comstedt's page. See + http://www.maushammer.com/vmu.html for a good description of + the differences between LC86104C and the one used in the VME. + +Transputer: + x) Implement support for Helios binaries. + x) Stack and register contents at startup? + x) Figure out how to boot an entire Helios distribution. + x) Implement all instructions. :) + +RCA1802/RCA1805, CHIP8: + x) CHIP8 -> RCA180x conversion + x) Think about how to do dual-mode, variable-instr-length + ISAs, and switch between modes. + x) 1805 "extended" opcode -> trigger CHIP8 emulation? + That is, all calls 0NNN could point to 0x68 opcodes, + which, if running on a 1802 in CHIP8-emulation-mode, + would be manually interpreted. + x) Better solution: + CHIP8 calls to 00xx => handle at high level, + calls to 0xxx in general = call 180X machine code + (0000 = reboot?) + x) 1802 info: http://www.nyx.net/~lturner/public_html/Cosmac.html + and: http://www.elf-emulation.com/1802.html + x) 1805 extended opcodes: Implement at least disassembly support! + x) Keyboard input. + x) Sound (beep only). + x) Slow-down to correct speed? Wikipedia: "it was usually operated + at 3.58 MHz/2 to suit the requirements of the 1861 chip which + gave a speed of a little over 100,000 instructions per second" + (Note that _CHIP8_ emulation would then be even slower.) + x) SCHIP48 (Super) emulation: + Some more opcodes, 128x64 framebuffer, larger + sprites and fonts. + +Alpha: + x) OSF1 PALcode, Virtual memory support. + x) PALcode replacement! PAL1E etc opcodes...? + x) Interrupt/exception/trap handling. + x) Floating point exception correctness. + x) More work on bootup memory and register contents. + x) More Alpha machine types, so it could work with + OpenBSD, FreeBSD, and Linux too? + +SPARC: + o) Implement Adress space identifiers; load/stores etc. + o) Save/restore register windows etc! Both v9 and pre-v9! + o) Finish the subcc and addcc flag computation code. + o) Add more registers (floating point, control regs etc) + o) Exception/trap handling. + o) Disassemly of some more instructions? + o) Are sll etc 32-bit sign-extending or zero-extending? + o) Finish the GDB register stuff. + x) Floating point exception correctness. + o) SPARC v8, v7 etc? + +Debugger: + o) How does SMP debugging work? Does it simply use "threads"? + What if the guest OS (running on an emulated SMP machine) + has a usertask running, with userland threads? + o) Try to make the debugger more modular and, if possible, reentrant! + o) Remove the emul command? (But show network info if showing + machines?) + o) Evaluate expressions within []? That would allow stuff like + cpu[x] where x is an expression. + o) Settings: + x) Special handlers for Write! + +) MIPS coproc regs + +) Alpha/MIPS/SPARC zero registers + +) x86 64/32/16-bit registers + x) Value formatter for resulting output. + o) see src/debugger.c for more + +POWER/PowerPC: + x) Fix DECR timer speed, so it matches the host. + x) NetBSD/prep 3.x triggers a possible bug in the emulator: + + + <0x26c550(&ata_xfer_pool,2,0,8,..)> + <0x35c71c(0x3f27000,0,52,8,..)> + + + <__wdccommand_start(0xd005e4c8,0x3f27000,0,13,..)> + + [ wdc: write to SDH: 0xb0 (sectorsize 2, lba=1, drive 1, head 0) ] + + <0x198120(0xd005e4c8,72,64,0xbb8,..)> + + + Note: + x) PPC optimizations; instr combs + x) 64-bit stuff: either Linux on G5, or perhaps some hobbyist + version of AIX? (if there exists such a thing) + x) macppc: adb controller; keyboard (for framebuffer mode) + x) make OpenBSD/macppc work (PCI controller stuff) + x) Floating point exception correctness. + x) Alignment exceptions. + +PReP: + Clock time! ("Bad battery blah blah") + +Algor: + o) Other models than the P5064? + o) PCI interrupts... needed for stuff like the tlp NIC? + +BeBox: + o) Interrupts. There seems to be a problem with WDC interrupts + "after a short while", although a few interrupts get through? + o) Perhaps find a copy of BeOS and try it? + +HPCmips: + x) Mouse/pad support! :) + x) A NIC? (As a PCMCIA device?) + +AVR: + o) Everything. + +ARM: + o) See netwinder_reset() in NetBSD; the current "an internal error + occured" message after reboot/halt is too ugly. + o) ARM "wait"-like instruction? + o) try to get netbsd/evbarm 3.x or 4.x running (iq80321) + o) make the xscale counter registers (ccnt) work + o) make the ata controller usable for FreeBSD! + o) Zaurus emulation, for e.g. OpenBSD/zaurus + o) Debian/cats crashes because of unimplemented coproc stuff. + fix this? + +Test machines: + o) dev_fb block fill and copy + o) dev_fb draw characters (from the built-in font)? + o) dev_fb input device? mouse pointer coordinates and buttons + (allow changes in these to cause interrupts as well?) + o) Redefine the halt() function so that it stops "sometimes + soon", i.e. usage in demo code should be: + for (;;) { + halt(); + } + +Better CD Image file support: + x) Support CD formats that contain more than 1 track, e.g. + CDI files (?). These can then contain a mixture of e.g. sound + and data tracks, and booting from an ISO filesystem path + would boot from [by default] the first data track. + (This would make sense for e.g. Dreamcast CD images, or + possibly other live-CD formats.) + +Networking: + x) Fix performance problems caused by only allowing a + single TCP packet to be unacked. + x) Don't hardcode offsets into packets! + x) Test with lower than 100 max tcp/udp connections, + to make sure that reuse works! + x) Make OpenBSD work better as a guest OS! + x) DHCP? Debian doesn't actually send DHCP packets, even + though it claims to? So it is hard to test. + x) Multiple networks per emulation, and let different + NICs in machines connect to different networks. + x) Support VDE (vde.sf.net)? Easiest/cleanest (before a + redesign of the network framework has been done) is + probably to connect it using the current (udp) solution. + x) Allow SLIP connections, possibly PPP, in addition to + ethernet? + +Cache simulation: + o) Command line flags for: + o) CPU endianness? + o) Cache sizes? (multiple levels) + o) Separate from the CPU concept, so that multi-core CPUs sharing + e.g. a L2 cache can be simulated (?) + o) Instruction cache emulation is easiest (if separate from the + data cache); similar hack as the S;I; hack in cpu_dyntrans.c. + NOTE: if the architecture has a delay slot, then an instruction + slot can actually be executed as 2 instructions. + o) Data cache emulation = harder; each arch's load/store routines + must include support? running one instruction at a time and + having a cpu-dependant lookup function for each instruction + is another option (easier to implement, but very very slow). + +Documentation: + x) Note about sandboxing/security: + Not all emulated instructions fail in the way they would + do on real hardware (e.g. a userspace program writing to + a system register might work in GXemul, but it would + fail on real hardware). Sandbox = contain from the + host OS. But the emulated programs will run "less + securely". + x) Try NetBSD/arc 4.x! (It seems to work with disk images!) + x) NetBSD/pmax 4 install instructions: xterm instead of vt100! + x) BETTER DEVICE EXAMPLES! + o) Move away from technical.html to somewhere new. + o) DEVICE_TICK + o) Implement example devices using interrupts, dyntrans + memory access, etc.? + x) Document the dyntrans core? + x) Rewrite the section about experimental devices, after the + framebuffer acceleration has been implemented, and demos + written. (Symbolic names instead of numbers; example + use cases, etc. Mention demo files that use the various + features?) + x) "a very simple linear framebuffer device (for graphics output)" + under "which machines does gxemul emulate" ==> better + description? + x) Better description on how to set up a cross compiler? + Example for MIPS64. + o) Automagic documentation generation? + x) machines, cpus, devices. + x) REMEMBER that several machines/devices can be in + the same source file! + o) Try to rewrite the install instructions for those machines + that use 3MAX into using CATS or hpcmips? (To remove the need + to use a raw ffs partition, using up all of the disk image.) + +More generic out_of_memory error reporting, and check everywhere! + Causes: OpenBSD has low default limits for normal users. + Host is 32-bit? (32-bit hosts are limited to 4 GB or less + of userspace memory.) + You are actually low on RAM. (As trivial as this might sound, + Unix systems usually allow processes to allocate virtual + memory beyond the amount of RAM in the machine.) + +The Device subsystem: + x) allow devices to be moved and/or changed in size (down to a + minimum size, etc, or up to a max size); if there is a collision, + return false. It is up to the caller to handle this situation! + x) NOTE: Translations must be invalidated, both for + registering new devices, and for moving existing ones. + cpu->invalidate translation caches, for all CPUs that + are connected to a specific memory. + x) keep track of interrupts and busses? actually, allowing any device + to be a bus might be a nice idea. + x) turn interrupt controllers into devices? :-) + x) refactor various clocks/nvram/cmos into one device? + +PCI: + x) last write was ffffffff ==> fix this, it should be used + together with a mask to get the correct bits. also, not ALL + bits are size bits! (lowest 4 vs lowest 2?) + x) add support for address fixups + x) generalize the interrupt routing stuff (lines etc) + +Clocks and timers: + x) DON'T HARDCODE 100 HZ IN cpu_mips_coproc.c! + x) Test the 8253? Right now it doesn't seem to be used? + x) NetWinder timeofday is incorrect! + x) Cobalt TOD is incorrect! + x) Go through all other machines, one by one, and fix them. + +Config file parser: + o) Rewrite it from scratch! + o) Usage of any expression available through the debugger + o) Allow interrupt controllers to be added! and interrupts + to be used in more ways than before + o) Support for running debugger commands (like the -c + command line option) + +Floating point layer: + o) make it common enough to be used by _all_ emulation modes + o) implement correct error/exception handling and rounding modes + o) implement more helper functions (i.e. add, sub, mul...) + o) non-IEEE modes (i.e. x86)? + +Userland emulation: + x) Lots of stuff; freebsd and netbsd (and linux?) syscalls. + x) Dynamic linking? Hm. + +Sound: + x) generic sound framework + x) add one or more sound cards as devices; add a testmachine + sound card first? + x) Dreamcast sound? Generic PCI sound cards? + +ASC SCSI controller: + x) NetBSD/arc 2.0 uses the ASC controller in a way which GXemul + cannot yet handle. (NetBSD 1.6.2 works ok.) (Possibly a problem + in NetBSD itself, http://mail-index.netbsd.org/source-changes/ + 2005/11/06/0024.html suggests that.) + NetBSD 4.x seems to work? :) + +Caches / memory hierarchies: (this is mostly MIPS-specific) + o) src/memory*.c: Implement correct cache emulation for + all CPU types. (currently only R2000/R3000 is implemented) + (per CPU, multiple levels should be possible, associativity etc!) + o) R2000/R3000 isn't _100%_ correct, just almost correct :) + o) Move the -S (fill mem with random) functionality into the + memory.c subsystem, not machine.c or wherever it is now + o) ECC stuff, simulation of memory errors? (Machine dependent) + o) More than 4GB of emulated RAM, when run on a 32-bit host? + (using manual swap-out of blocks to disk, ugly) + o) A global command line option should be used to turn + cache emulation on or off. When off, caches should be + faked like they are right now. When on, caches and + memory latencies should be emulated as correctly as + possible. + +File/disk/symbol handling: + o) Make sure that disks can be added/removed during runtime! + (Perhaps this needs a reasonably large re-write.) + o) Remove some of the complexity in file format guessing, for + Ultrix kernels that are actually disk images? + o) Better handling of tape files + o) Read function argument count and types from binaries? (ELF?) + o) Better demangling of C++ names. Note: GNU's C++ differs from e.g. + Microsoft's C++, so multiple schemes must be possible. See + URL at top of src/symbol_demangle.c for more info. + +Userland ABI emulation: + o) see src/useremul.c + +Better framebuffer and X-windows functionality: + o) Generalize the update_x1y1x2y2 stuff to an extend-region() + function... + o) -Yx sometimes causes crashes. + o) Simple device access to framebuffer_blockcopyfill() etc, + and text output (using the built-in fonts), for dev_fb. + o) CLEAN UP the ugly event code + o) Mouse clicks can be "missed" in the current system; this is + not good. They should be put on a stack of some kind. + o) More 2D and 3D framebuffer acceleration. + o) Non-resizable windows? Or choose scaledown depending + on size (and center the image, with a black border). + o) Different scaledown on different windows? + o) Non-integral scale-up? (E.g. 640x480 -> 1024x768) + o) Switch scaledown during runtime? (Ala CTRL-ALT-plus/minus) + o) Bug reported by Elijah Rutschman on MacOS with weird + keys (F5 = cursor down?). + o) Keyboard and mouse events: + x) Do this for more machines than just DECstation + x) more X11 cursor keycodes + x) Keys like CTRL, ALT, SHIFT do not get through + by themselves (these are necessary for example + to change the font of an xterm in X in the + emulator) + o) Generalize the framebuffer stuff by moving _ALL_ X11 + specific code to src/x11.c!