QEMU simulates with style

Imagine walking up to a friend running Windows on a laptop and asking to borrow the machine for a moment. You plug a pendrive into its USB port, open a window that boots into Linux, log on to a Web site, and download a file, then close the window, remove the pendrive, thank your friend, and walk away -- leaving your friend’s Windows session unaffected.

Free IT resource Open Source Business Conference (OSBC) May 22-23, 2007 Sponsored by OSBC Free IT resource Virtualization Insights from Top Experts - Learn how virtualization gets real! Sponsored by Dell QEMU Version 1.3.0 QEMU, qemu.com Very Good  8.5 criteria score weight Performance 8 20% Scalability 9 20% Setup 9 20% Documentation 6 15% Ease-of-use 9 15% Value 10 10% Cost: Open source Platforms: Windows XP, 2000, and 2003 Server; Linux; MacOS Bottom Line: Technically a simulator, QEMU nonetheless has virtualization capabilities that allow it to run Linux on Windows (or vice versa). It can also run code from one CPU on a system with a different physical CPU, so an x86 Windows system can execute a virtualized Sparc-based Solaris image. QEMU is slower than commercial virtualizers, but it's lightweight nature and platform support compensate for performance. About our Reviews and Scoring Methodology

While that scenario has a high coolness factor, its utility is a bit limited. But what if you want to install a new application on your Windows system and you’re unsure of that application’s trustworthiness? You quickly launch Windows in a virtual environment and start the app in that environment; sure enough, it crashes horribly. You shrug, close the virtual environment, throw it away, and resume your normal Windows activities. No harm done.

Users of VMware’s powerful virtualization system have enjoyed this capability for some time. Now, the open source world has a tool that allows similar powers: QEMU, the brainchild of France’s Fabrice Bellard. While not as robust as commercial virtualizers, QEMU’s features set the stage for not only running x86 Linux on x86 Windows (and vice versa), but running just about any OS, regardless of processor, on Windows and Linux.

Behind the Magic

Strictly speaking, QEMU is an emulator, not a virtualizer. That is, the code of the “guest OS” is translated and executed by the processor of the “host OS,” so a QEMU-enabled system host running x86, 64-bit x86, or PowerPC (testing is underway to add Alpha, Sparc, ARM, and IBM S/390) can run a guest OS executing x86, ARM, Sparc, PowerPC, or MIPS instructions. A version for Mac OS X is still in its infancy, but on the way. The full matrix of supported guest OSes that have been verified for each host OS is large and in a constant state of flux; check claunia.com/qemu/ for the most up-to-date combinations.

QEMU performs its emulation magic using a technique called “dynamic binary translation.” As guest code executes, QEMU identifies “translation blocks” (TBs) -- sequences of instructions terminated by jump or branch instructions. TBs execute linearly because there are no branches within the blocks, which considerably minimizes the work QEMU must perform to emulate that code.

QEMU then passes through the TB, translating each instruction to equivalent “micro operations” that will be executed on the host. Some optimization is performed during the translation (such as removing redundant operations whose results are known not to have any effect outside of the TB), after which the converted micro operations code is executed on the host.

In the case of x86-on-x86 execution, QEMU does become a virtualizer. Much of the emulation is bypassed, and the new KQEMU Accelerator module allows QEMU to run both user and kernel-mode code at near full speed. (User code executes at full speed; according to an estimate by Bellard, 90 percent of kernel-mode code will execute at full speed with the accelerator enabled.)