Re: Role of qemu-arm

[vincent Dupaquis]

Philippe,

    It looks very near from what I want to do indeed.

    I essentially work on Cortex-M0+/M3 devices and I will have a try to
your proposal !

    Now I have a couple of hints, I'll probably be able to understand
more how to do this :)

    Best regards,

        Vincent.

Le 22/06/2020 à 11:29, Philippe Mathieu-Daudé a écrit :
> Hi Vincent,
>
> On 6/22/20 10:57 AM, Alex Bennée wrote:
>> vincent Dupaquis <v.dupaquis@trusted-objects.com> writes:
>>
>>> Hello,
>>>
>>>     I am using qemu for doing simulations of code, and currently find
>>> qemu-system-arm convienient.
>>>
>>>     But, I cannot understand how to use qemu-arm. In fact, what I am
>>> searching for is a way of simulating only the ARM core, not any
>>> peripherals.
> You can start a machine with only a CPU core using:
>
> $ qemu-system-arm -M none -cpu cortex-r5
>
> The core will start running at full speed looping taking
> exception because there is no memory on its bus to fetch
> the code to run:
>
> $ qemu-system-arm -M none -cpu cortex-r5 -d mmu,int
> PMSA MPU lookup for execute at 0x00000000 mmu_idx 33 -> Hit (prot rwx)
> Taking exception 3 [Prefetch Abort]
> ...from EL1 to EL1
> ...with ESR 0x21/0x8600003f
> ...with IFSR 0x8 IFAR 0x0
> Taking exception 3 [Prefetch Abort]
> ...from EL1 to EL1
> ...with ESR 0x21/0x8600003f
> ...with IFSR 0x8 IFAR 0xc
>
> You can use the '-m <size_mb>' option to add memory (mapped
> at the 0x00000000 address).
>
> You can use the '-S' flag to start QEMU with the cores not
> running.
>
> Example of use is via gdbstub, filling some instructions in
> memory, set $sp and $pc and singlestep.
>
> You can also use the 'loader' device to load a file into
> memory (it can understand ELF/hex format, see
> docs/generic-loader.txt).
>
> Finally I also recommend you the -semihosting option.
>
> For example you can run an RTOS Fibonacci test displaying
> progress via semihosting calls, by using something like
> (mapping 2MB of DRAM at 0x0):
>
> $ qemu-system-arm -M none \
>   -m 2 \
>   -cpu cortex-r5 -d in_asm \
>   -semihosting-config enable=on \
>   -device loader,file=fibonacci.elf
>
>> There are two modes:
>>
>>   - system emulation (CPU + board and peripherals)
>>   - linux-user (CPU but with a Linux syscall interface)
>>
>>> I can work with qemu-system-arm, and could not find a way
>>> to use qemu-arm.
>> If you are installing via your distros package manager you probably want
>> a package called qemu-user. You can build the only the user-mode
>> packages by issuing --disable-system to the configure script.
>>
>> The closest thing to being a "pure" just the CPU is probably a
>> standalone usermode binary that uses semihosting calls rather than a
>> libc/syscall interface.
>>
>>>     Would anyone have any pointers to a documentation or a tutorial
>>> using this tool ?
>>>
>>>     Best regards,
>>>
>>>         Vincent.
>>
-- 

*Vincent Dupaquis*
Software security & Cryptography expert
06 24 58 17 05
/Europarc de Pichaury Bâtiment B8 1330 rue Guillibert de la Lauzière
13290 Aix-en-Provence/

www.trusted-objects.com <http://www.trusted-objects.com>