Hi; I've been playing around this weekend with writing a QEMU model for a music player I have (an XDuoo X3). This has a MIPS SoC, and its boot process is that the SoC's boot rom loads the guest binary into the CPU's icache and dcache (by playing tricks with the cache tag bits so that it appears to be precached content for a particular physaddr range). The guest binary then runs purely out of cache, until it can initialise the real SDRAM and relocate itself into that.
Unfortunately this causes problems for QEMU, because the guest binary expects that while it is running out of the icache at addresses 0x80000000-0x80004000 it can happily write data to the SDRAM at that address without overwriting its own code. Since QEMU isn't modelling caches at all, the writes cause the guest to corrupt its own code and it falls over. Does anybody have any suggestions for how we could model this kind of thing? thanks -- PMM
