Version 17 - History - Getting Started - QEMU4V - Open-Source Projects

Getting Started » History » Version 17

Sergey Smolov, 11/14/2018 01:38 PM

-Sergey Smolov
+h1. Getting Started
 {{toc}}
-Sergey Smolov
+h2. General notes
-Sergey Smolov
+First of all, install the QEMU4V (follow the "instruction":https://forge.ispras.ru/projects/qemu4v/wiki/Installation).
 Sergey Smolov
-Sergey Smolov
+It is possible to terminate QEMU by hands only. Neither Ctrl-C nor Ctrl-Z works, use _kill <process-id>_ or _killall qemu-system*_.
-Sergey Smolov
+h2. Aarch64
-Sergey Smolov
+It is supposed that the following tools are already installed in your system:
-Sergey Smolov
+- Toolchain for Aarch64 assembler programs compilation, linking, etc. (can be downloaded from "Linaro website":http://releases.linaro.org/components/toolchain/binaries or just below, installation instruction is "here":http://forge.ispras.ru/projects/microtesk-armv8/wiki/Toolchain).
-Sergey Smolov
+# Write a simple Aarch64 program (it is called @sample.s@) that does nothing but puts 0x10 value to X0 register and then halts. Here it is:
-Sergey Smolov
+<pre>
 .text
 	.globl _start
 	bl _start
 _start:
 	movz x1, #0x10, LSL #0
 	hlt #57005
 </pre>
-Sergey Smolov
+# To compile the Aarch64 assembler program, do the following:
-Sergey Smolov
+<pre>
 aarch64-linux-gnu-as sample.s -o sample.o
 aarch64-linux-gnu-ld sample.o -o sample.elf
 aarch64-linux-gnu-objcopy -O binary sample.elf sample.bin
 </pre>
 # Finally, run _QEMU4V_ emulator with enabled option of microprocessor execution trace logging:
 <pre>
 qemu-system-aarch64 -M virt -cpu cortex-a57 -bios sample.bin -d nochain,in_asm -singlestep -nographic -trace-log -D log-file.txt
 </pre>
-Sergey Smolov
+# Wait for a while, then stop QEMU4V. The following @log-file.txt@ trace file should be generated:
-Sergey Smolov
+<pre>
 clk IT (0) 0000000000000000 94000001 A svc_ns : bl #+0x4 (addr 0x4)
 clk IT (1) 0000000000000004 d2800201 A svc_ns : movz x1, #0x10, LSL #0
 clk IT (2) 0000000000000008 d45bd5a0 A svc_ns : hlt #57005
 </pre>
-Sergey Smolov
+h2. MIPS32
 Sergey Smolov
-Sergey Smolov
+It is supposed that the following tools are already installed in your system:
-Sergey Smolov
+- Toolchain for MIPS assembler programs compilation, linking, etc. (a list of toolchains is available "here":https://www.linux-mips.org/wiki/Toolchains).
 # First of all, let's write a simple MIPS program (it is called @sample.s@) that stores 0x10 value at x12345678 address. Here it is:
 <pre>
 .text
 	.globl _start
 _start:
 lui $1, 0x1234
 ori $1, $1, 0x5678
 addi $8, $0, 10
 sw $8, 0($1)
 </pre>
-Sergey Smolov
+# To compile the MIPS32 assembler program, do the following:
-Sergey Smolov
+<pre>
 mips-linux-gnu-as sample.s -o sample.o
 mips-linux-gnu-ld sample.o -Ttext 0xbfc00000 -o sample.elf
 </pre>
 # Finally, run _QEMU4V_ emulator:
 <pre>
 qemu-system-mips -M mips -cpu mips32r6-generic -d unimp,nochain,in_asm -nographic -singlestep -D log.txt -bios sample.elf
 </pre>
-Sergey Smolov
+# Wait for a while, then stop QEMU4V. The following @log-file.txt@ trace file should be generated:
-Sergey Smolov
+<pre>
 ...
 ----------------
 IN:
 xbfc0fffc:  nop
 ----------------
 IN:
 xbfc10000:  lui	at,0x1234
 ----------------
 IN:
 xbfc10004:  ori	at,at,0x5678
 ----------------
 IN:
 xbfc10008:  beqzalc	zero,t0,0xbfc10034
 ----------------
 IN:
 xbfc10034:  cache	0x0,0(s8)
 </pre>
-Sergey Smolov
+h2. PowerPC32
 Sergey Smolov
-Sergey Smolov
+It is supposed that the following tools are already installed in your system:
 - Toolchain for PowerPC32 assembler programs compilation, linking, etc. (we use "GNU C compiler":https://packages.debian.org/sid/gcc-powerpc-linux-gnu).
-Maxim Chudnov
+# Write a simple PowerPC program (it is called @p1.s@). Here it is:
 <pre>
 .section    .text
     addi    4,0,5       # bad
     la  3,3(0)      # very bad
     la  3,0(3)
     la  5,2500(3)
 </pre>
 # To compile the PowerPC assembler program, do the following:
 <pre>
-Sergey Smolov
+powerpc-linux-gnu-as p1.s -me500mc -o p1.o
-Sergey Smolov
+powerpc-linux-gnu-ld p1.o -Ttext 0x0 -o p1.elf
-Maxim Chudnov
+</pre>
-Maxim Chudnov
+# Finally, run _QEMU4V_ emulator :
 <pre>
 qemu-system-ppc -M ppce500 -cpu e500 -d unimp,nochain,in_asm -nographic -singlestep -bios p1.elf
 </pre>
 # Wait for a while, then stop QEMU4V. The following trace should be generated:
 <pre>
 IN:
 x00000000:  li      r4,5
 IN:
 x00000004:  li      r3,3
 IN:
 x00000008:  addi    r3,r3,0
 IN:
 x0000000c:  addi    r5,r3,2500
 </pre>
 Sergey Smolov
-Sergey Smolov
+h2. RISC-V
-Sergey Smolov
+It is supposed that the following tools are already installed in your system:
-Sergey Smolov
+- Toolchain for RISC-V assembler programs compilation, linking, etc. (the source code and the installation guide are available "here":https://github.com/riscv/riscv-gnu-toolchain).
-Sergey Smolov
+# Write a simple RISC-V program (it is called @sample.s@) that does nothing but puts 0x18 value to @t1@ register and puts 0x21 value to @t2@ register. Here it is:
-Sergey Smolov
+<pre>
 .text
 .globl _start
 _start:
  addi t1, zero, 0x18
  addi t2, zero, 0x21
 </pre>
-Sergey Smolov
+# To compile the RISC-V assembler program, do the following:
-Sergey Smolov
+<pre>
 aarch64-linux-gnu-as sample.s -o sample.o
 aarch64-linux-gnu-ld sample.o -Ttext 0x1000 -o sample.elf
 </pre>
 # Finally, run _QEMU4V_ emulator with enabled option of microprocessor execution trace logging (0x1000 value was used by linker because of QEMU-related features):
 <pre>
-Sergey Smolov
+qemu-system-riscv64 -M spike_v1.10 -cpu any -d unimp,nochain,in_asm -nographic -singlestep -trace-log -kernel sample.elf
-Sergey Smolov
+</pre>
-Sergey Smolov
+# Wait for a while, then stop QEMU4V. The following trace should be generated:
-Sergey Smolov
+<pre>
 clk 0 IT (0) 0000000000001000 01800313 A svc_ns : li t1,24
 clk R t1 0000000000000018
 clk 0 IT (1) 0000000000001004 02100393 A svc_ns : li t2,33
 clk R t2 0000000000000021
 clk 0 IT (2) 0000000000001008 00000000 A svc_ns : unimp
 clk 0 IT (3) 0000000000001010 00000000 A svc_ns : unimp
-Sergey Smolov
+</pre>
-Sergey Smolov
+h2. X86 (8086 case)
 Sergey Smolov
-Sergey Smolov
+It is supposed that the following tools are already installed in your system:
-Sergey Smolov
+- Toolchain for X86 assembler programs compilation, linking, etc. (we use "GCC":https://gcc.gnu.org).
 Sergey Smolov
-Sergey Smolov
+# Write a simple X86 program (it is called @sample.s@) that performs some calculations:
-Sergey Smolov
+<pre>
-Sergey Smolov
+.code16 # tell the assembler that we're using 16 bit mode
 	.text
 	.global _start
-Sergey Smolov
+_start:
-Sergey Smolov
+	mov $11, %AX
 	and $204, %BX
 	mov %AX, %CX
 	add %CX, %BX
 	sub %CX, %AX
 .org 510 # magic bytes that tell BIOS that this is bootable
 .word 0xaa55 # magic bytes that tell BIOS that this is bootable
-Sergey Smolov
+</pre>
 # To compile the X86 GNU assembler program, do the following:
 <pre>
 x86_64-linux-gnu-as sample.s -o sample.o
-Sergey Smolov
+x86_64-linux-gnu-ld sample.o -T 0x7c00 --oformat binary -o sample.elf
-Sergey Smolov
+</pre>
 # Finally, run _QEMU4V_ emulator:
 <pre>
-Sergey Smolov
+qemu-system-i386 -M pc -cpu 486 -d unimp,nochain,in_asm -nographic -singlestep -D log.txt -hda sample.elf
-Sergey Smolov
+</pre>
-Sergey Smolov
+# Wait for a while, then stop QEMU4V. The following @log-file.txt@ trace file should be generated (go to the 0x7c00 address and see the program execution fragment):
-Sergey Smolov
+<pre>
-Sergey Smolov
+----------------
 IN:
 x00007c00:  mov    $0xb,%ax
 ----------------
 IN:
 x00007c03:  and    $0xcc,%bx
 ----------------
 IN:
 x00007c07:  mov    %ax,%cx
 ----------------
 IN:
 x00007c09:  add    %cx,%bx
 ----------------
 IN:
 x00007c0b:  sub    %cx,%ax
 ----------------
-Sergey Smolov
+</pre>

Project

General

Profile

QEMU4V

Getting Started » History » Version 17