qemu-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] Experimenting with x86 real mode code in qemu

From: Jakob Bohm
Subject: Re: [Qemu-discuss] Experimenting with x86 real mode code in qemu
Date: Mon, 7 Dec 2015 16:48:47 +0100
User-agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 
On 07/12/2015 16:17, Jay Aurabind wrote:

Hello Everyone,

I am doing an experiment to emulate x86 real mode in qemu so as to
study assembly programming in GNU assembler. My current status is that
qemu exits with the error:

qemu: fatal: Trying to execute code outside RAM or ROM at 0x000a0000

Please help me get my expt working. Coming to the details, my simple
source files:

startup.S:
======================
.globl start
.text
.code16gcc

start:
     jmp main
======================

main.S
======================
.globl main
.text
.code16gcc
main:   mov     $1, %ax
         mov     $1, %di
         mov     $1, %si
         mov     $1, %dx
     cli
     hlt
======================

Linker script: As x86 has the hard coded value 0xFFFF0 for the address
of first execution, I am putting my startup script which calls the
main function at 0xFFFF0:

======================
OUTPUT(binary);
ENTRY(start);
SECTIONS
{
     .text : { *(.text) }
     .data : { *(.data) }
     .bss : { *(.bss COMMON) }
     . = 0xFFFF0;
     .startup . : { startup.o (.text)}
}

=======================

My make output:

===========================
cc -nostdinc -nostdlib -ffreestanding -nostartfiles -nodefaultlibs
-mno-red-zone -c startup.S -o startup.o
cc -nostdinc -nostdlib -ffreestanding -nostartfiles -nodefaultlibs
-mno-red-zone -c main.S -o main.o
ld -T link.ld startup.o main.o -o bin
===========================

Later creating flash image:
========================================
dd if=/dev/zero of=flash.bin bs=4096 count=1024
dd if=bin of=flash.bin bs=4096 conv=notrunc
========================================

And finally starting qemu:
================================
qemu-system-i386  -pflash flash.bin -nographic
=================================

That fails with the error mentioned I already mentioned :
=====================================================
WARNING: Image format was not specified for 'flash.bin' and probing guessed raw.
          Automatically detecting the format is dangerous for raw
images, write operations on block 0 will be restricted.
          Specify the 'raw' format explicitly to remove the restrictions.
qemu: fatal: Trying to execute code outside RAM or ROM at 0x000a0000

EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000663
ESI=00000000 EDI=00000000 EBP=00000000 ESP=00000000
EIP=000afff2 EFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 00000000 0000ffff 00009300
CS =f000 ffff0000 0000ffff 00009b00
SS =0000 00000000 0000ffff 00009300
DS =0000 00000000 0000ffff 00009300
FS =0000 00000000 0000ffff 00009300
GS =0000 00000000 0000ffff 00009300
LDT=0000 00000000 0000ffff 00008200
TR =0000 00000000 0000ffff 00008b00
GDT=     00000000 0000ffff
IDT=     00000000 0000ffff
CR0=60000010 CR2=00000000 CR3=00000000 CR4=00000000
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000
DR6=ffff0ff0 DR7=00000400
CCS=00000000 CCD=00000000 CCO=ADDB
EFER=0000000000000000
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000

=======================================================

Please let me know what I missed.

Thanking in Advance!

Aurabindo

Hard to tell from your data, but what exactly are you
putting at 0xFFFF0 == FFFF:0000 == F000:0000 ?

And where are you trying to place your code?

And how do you expect the use of arm/mips style flash
options to apply to an emulator which tries to emulate
the PC hardware architecture, where (amongst many other
things):

Addresses from 0xF0000 to 0xFFFFF (and possibly more)
   are reserved for the "BIOS" bootstrap ROM (such as
   SeaBIOS)
Addresses from 0xC8000 to 0xEFFFF are reserved for
   additional memory mappad hardware, such as older
   network cards
Addresses from 0xC0000 to 0xC7FFF (and possibly more)
   are reserved for the "plug-in BIOS" on the graphics
   card
Addresses from 0xA0000 to 0xBFFFF are reserved for
   memory mapping part/all of the memory on the graphics
   card.
Addresses from (variable) to 0x9FFFF is RAM but reserved
   for supplemental BIOS variables.
Addresses from 0x00600 to (variable) is RAM available to
   the OS (such as freeDOS or your own bare metal program)
Addresses from 0x00500 to 0x005FF is RAM but may be
   reserved
Addresses from 0x00400 to 0x004FF is RAM and holds public
   BIOS variables, including one saying where the
   available RAM ends.
Addresses from 0x00000 to 0x003FF is RAM and holds the
  interrupt/exception handler table.



Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
reply via email to
[Prev in Thread] Current Thread [Next in Thread]