-
Notifications
You must be signed in to change notification settings - Fork 0
Getting Started
git clone https://github.com/espes/xqemu.git
./configure --cc=clang --enable-opengl --disable-vnc --disable-user --target-list=xbox-softmmu --extra-cflags="-march=native" --enable-debug
make
-
Install MSYS2 x86_64: Follow all the steps on http://msys2.github.io/
-
Open the "MinGW-w64 Win64 Shell" and run:
pacman -S git python2 make autoconf automake-wrapper mingw-w64-x86_64-libtool mingw-w64-x86_64-gcc mingw-w64-x86_64-pkg-config mingw-w64-x86_64-glib2 mingw-w64-x86_64-glew mingw-w64-x86_64-SDL git clone https://github.com/espes/xqemu cd xqemu git submodule update --init pixman ./configure --cc=gcc --python=python2 --enable-opengl --disable-vnc --disable-user --target-list=xbox-softmmu --extra-cflags="-march=native" --enable-debug make
- Everything QEMU requires
- OpenGL with GLX and GLEW
For Debian most build dependencies can be installed by running:
apt-get build-dep qemu
apt-get install libglew-dev libtxc-dxtn-s2tc0
./configure --python=python2 --enable-opengl --disable-vnc --disable-user --enable-kvm --disable-xen --audio-drv-list=alsa --target-list=xbox-softmmu --extra-cflags="-march=native" --disable-werror --enable-debug
make
XQEMU is a Low-Level Emulator, so you need to find a copy of the stuff the Xbox runs when it turns on:
MD5 (mcpx_1.0.bin) = d49c52a4102f6df7bcf8d0617ac475ed
If your mcpx dump has an MD5 of 196a5f59a13382c185636e691d6c323d you dumped it badly and it's a couple bytes off. It should start with 0x33 0xC0 and end with 0x02 0xEE.
You can use a retail bios or a modified 'debug' bios. Just like a real xbox, running a retail bios will not boot unofficial software.
People have reported success with the 'COMPLEX 4627' modified debug bios. It's convenient to note that this bios does not necessarily require a populated hard disk image to load an application from DVD (though an empty drive still needs to be attached), so you can skip the next step in some cases.
v1.0.2 1M dump: MD5 (Complex_4627Debug.bin) = 19b5c6d3d42a707bba620634fe6d4baf
or sometimes
1MB dump: MD5 (complex_4627debug.bin) = e8dd61cc6abdbd06aac185e371312dc1
1M dump: MD5 (3944.bin) = e8b39b98cf775496c1c76e4f7756e6ed
or sometimes
256k dump: MD5 (3944.bin) = 542c62cb976a4993c8c5027dff9638ce
Create an Xbox hard-disk image, using xboxhdm or otherwise:
- Create an xboxhdm cd-rom with the dashboard files
- If xboxhdm doesn't work for you, try to set the included "mkisofs.exe" to run in Windows XP compatibility mode
- Create a blank hard-disk file:
qemu-img create -f qcow2 xbox_harddisk.qcow2 8G - Run xboxhdm with qemu or something:
i386-softmmu/qemu-system-i386 -hda xbox_harddisk.qcow2 -cdrom linux.iso
Launch XQEMU with something like...
xbox-softmmu/qemu-system-xbox -cpu pentium3 -machine xbox,bootrom=mcpx_rom.bin -m 64 -drive file=xbox_harddisk.qcow2,index=0,media=disk,locked=on -drive index=1,media=cdrom -bios xbox_bios.bin -usb -device usb-hub,bus=usb-bus.0,port=3 -device usb-xbox-gamepad,bus=usb-bus.0,port=3.2
On Linux, you can use KVM by passing accel=kvm,kernel_irqchip=off to -machine. This is not yet recommended.
To skip the Xbox logo animation you can pass short_animation to the -machine option (Example: -machine xbox,short_animation,bootrom=mcpx_rom.bin).
To run a game from a Xbox DVD image you must specify a file for the DVD device
XQEMU includes limited emulation of the SEGA Chihiro. Currently it doesn't make it past SegaBoot.
To emulate a Chihiro, launch XQEMU with something like...
xbox-softmmu/qemu-system-xbox -cpu pentium3 -machine chihiro,mediaboard_rom=mediaboard_rom.bin -m 128 -bios chihiro_xbox_bios.bin
- QEMU can host a gdb stub! Launch with
-s -S, and with gdb runtarget remote localhost:1234- Protip: You can also attach to it with IDA if you're so inclined. You can then load in a database if you export it as a IDC script!
- XQEMU can emulate a XDK serial port (which with a debug bios hosts KD, as in this and this)! Launch with something like
-device lpc47m157 -serial unix:/tmp/xserial,server. With some effort you can wrestle the unix socket into a vm for with WinDbg. There's also a very barebones perl KD client in scripts/windpl - apitrace is useful for tracking down rendering bugs.