Hello qemu-developers, I know this is
probably not the right place for these questions, but I have been having a
hard time getting feedback on any of the other forums and mailing lists.
Starting with the fact that in the last couple of days I haven't been able
to access the QEMU Users Forum. Whenever I click on the
http://qemu-forum.ipi.fi/ link, I get the following error page:
*General Error* *SQL ERROR [ mysql4 ]
Lost connection to MySQL server during query [2013]
An sql error occurred while fetching this page. Please contact an
administrator if this problem persists.
*
*
So, who should I contact? It says an administrator, but it doesn't provide
an e-mail addre*ss.
Anyway, going to my developing questions... let me provide with some
background first:
*(This was already sent in a previous e-mail that got zero responses :-(
)*
I am starting my Master's Thesis related to the field of Hardware/Software
co-simulation design.
Currently, we have a System-Level-Design-Language called SpecC, similar to
SystemC, that can be used for both: Simulating a system and generating the
proper embedded software and RTL information (for future synthesis).
Simulation is performed in different levels starting from the purely
abstract Functional level, going down to the RTL/IIS level.
The embedded software generation is done by using the gnu gcc compiler
collection. And the the IIS simulation has done so far by interfacing to the
SWARM ISS.
So, I had started looking at QEMU source code looking for the best way to
integrate our Simulator and QEMU. The main idea is the following:
Create a SpecC behaviour that wraps the QEMU CPU emulation and the CPU
interfaces with the rest of the modeled hardware (in SpecC). Therefore, the
"wrapper" should detect the QEMU Core bus and data accesses so that it can
transmit them to the other SpecC behaviors. Besides, and this is the part
that I am less sure about, it should monitor and/or signal cpu/external
interrupts.
Finally, it should advance the simulation clock according to the QEMU Core
behavior (cache misses, memory accesses, interrupts, etc).
So, with all the above being said, here are some of my questions that I was
hoping some of you could give me some insight:
*1) Per my understandind, I have three different options for interfacing
with QEMU:*
a) Change the vl.c code (and probably other source files) in qemu.
b) Use the qemu monitor (Although I believe it doesn't provide the
level of details that I would be needing, right?)
c) Use some sort of qemu PCI or HBA interface (Again, I believe
this wouldn't achieve all the functionalities that I require)
*Any recommendations regarding the best strategy on integrating both
environments?*
*2) How do I manage to make CodeSourcery map the bare-metal program to the
correct memory region?
*I get a segmentation fault whenever I run qemu-arm [hello_world]
And here are the details on my CodeSourcer Lite cross-compiler:
$ arm-none-eabi-gcc -v
Using built-in specs.
Target: arm-none-eabi
Configured with:
/scratch/maxim/arm-lite/src-4.3-arm-none-eabi-lite/gcc-4.3/configure
--build=i686-pc-linux-gnu --host=i686-pc-linux-gnu --target=arm-none-eabi
--enable-threads --disable-libmudflap --disable-libssp
--disable-libstdcxx-pch --with-gnu-as --with-gnu-ld --enable-languages=c,c++
--disable-shared --with-newlib --with-pkgversion='Sourcery G++ Lite
2009q1-161' --with-bugurl=support.codesourcery.com/GNUToolchain--disable-nls
--prefix=/opt/codesourcery --with-headers=yes
--with-sysroot=/opt/codesourcery/arm-none-eabi
--with-build-sysroot=/scratch/maxim/arm-lite/install-4.3-arm-none-eabi-lite/arm-none-eabi
--with-gmp=/scratch/maxim/arm-lite/obj-4.3-arm-none-eabi-lite/host-libs-2009q1-161-arm-none-eabi-i686-pc-linux-gnu/usr
--with-mpfr=/scratch/maxim/arm-lite/obj-4.3-arm-none-eabi-lite/host-libs-2009q1-161-arm-none-eabi-i686-pc-linux-gnu/usr
--disable-libgomp --enable-poison-system-directories
--with-build-time-tools=/scratch/maxim/arm-lite/install-4.3-arm-none-eabi-lite/arm-none-eabi/bin
--with-build-time-tools=/scratch/maxim/arm-lite/install-4.3-arm-none-eabi-lite/arm-none-eabi/bin
Thread model: single
gcc version 4.3.3 (Sourcery G++ Lite 2009q1-161)
and qemu:
$ qemu-arm
qemu-arm version 0.11.0, Copyright (c) 2003-2008 Fabrice Bellard
*3) By the way, I can only run qemu-arm as root, otherwise, I get the
following error message:*
mmap: Permission denied
*4) What is the difference between qemu-arm and qemu-system-arm?*
*5) So, QEMU performs Dynamic Code translation in blocks, if I would like to
look for memory/data accesses and interrupts signaling and detection* *which
area of the source code should I look at?*
tcg_cpu_exec() inside vl.c ?
or cpu-exec.c ?
