在Cortex-M4上编译和运行ARM汇编二进制文件(在QEMU中模拟)
我使用以下过程在虚拟QEMU嵌入式系统在Cortex-M4上编译和运行ARM汇编二进制文件(在QEMU中模拟),arm,qemu,cortex-m,Arm,Qemu,Cortex M,我使用以下过程在虚拟QEMU嵌入式系统connex上成功编译并执行了ARM二进制文件: arm-none-eabi-as -o program.o program.s arm-none-eabi-ld -Ttext=0x0 -o program.elf program.o arm-none-eabi-objcopy -O binary program.elf program.bin dd if=/dev/zero of=flash.bin bs=4096 count=4096 dd if=p
connexarm-none-eabi-as -o program.o program.s
arm-none-eabi-ld -Ttext=0x0 -o program.elf program.o
arm-none-eabi-objcopy -O binary program.elf program.bin
dd if=/dev/zero of=flash.bin bs=4096 count=4096
dd if=program.bin of=flash.bin bs=4096 conv=notrunc
qemu-system-arm -M connex -pflash flash.bin -nographic -serial /dev/null
qemu-armqemu-system-armError while loading program.bin: Exec format error
Error while loading flash.bin: Permission denied
sudo由于Linux采用A-profile内核,而不是M-profile内核,所以在qemu arm上使用-cpu cortex-m4所做的任何事情都只能靠运气,而不是故意。(我们不禁用这些CPU类型,因为有些GCC测试用例场景使用半托管,我们不想故意破坏这种工作方式。但这些工作方式与其他任何方式一样幸运。)与微控制器构建相比,您需要一个入口点(以及它的ram) 开始
.thumb
.thumb_func
.global _start
_start:
@mov r0,=0x10000
@mov sp,r0
bl notmain
mov r7,#0x1
mov r0,#0
swi #0
.word 0xFFFFFFFF
b .
.thumb_func
.globl PUT32
PUT32:
str r1,[r0]
bx lr
.thumb_func
.globl GET32
GET32:
ldr r0,[r0]
bx lr
.thumb_func
.globl dummy
dummy:
bx lr
.thumb_func
.globl write
write:
push {r7,lr}
mov r7,#0x04
swi 0
pop {r7,pc}
b .
.end
.thumb
.thumb_func
.global _start
_start:
mov r4,#10
top:
nop
sub r4,#1
bne top
mov r7,#0x1
mov r0,#0
swi #0
.word 0xFFFFFFFF
b .
.end
void PUT32 ( unsigned int, unsigned int );
unsigned int GET32 ( unsigned int );
void dummy ( unsigned int );
void write ( unsigned int, char *, unsigned int );
int notmain ( void )
{
//unsigned int ra;
//for(ra=0;ra<1000;ra++) dummy(ra);
write(1,"Hello\n",6);
return(0);
}
cat hello
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000000 -Z-- A usr26
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000010 -Z-- A usr32
Reserved 0xf7000000 bytes of guest address space
host mmap_min_addr=0x10000
guest_base 0x7f4347fb4000
start end size prot
00010000-00011000 00001000 r-x
f67ff000-f6800000 00001000 ---
f6800000-f7000000 00800000 rw-
start_brk 0x00000000
end_code 0x00010044
start_code 0x00010000
start_data 0x00010044
end_data 0x00010044
start_stack 0xf6fff350
brk 0x00010044
entry 0x00010001
----------------
IN:
0x00010000: f000 f810 bl 0x10024
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010000
PSR=00000030 ---- T usr32
----------------
IN: notmain
0x00010024: b508 push {r3, lr}
0x00010026: 2001 movs r0, #1
0x00010028: 4903 ldr r1, [pc, #12] (0x10038)
0x0001002a: 2206 movs r2, #6
0x0001002c: f7ff fff5 bl 0x1001a
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff350 R14=00010005 R15=00010024
PSR=00000030 ---- T usr32
----------------
IN:
0x0001001a: b580 push {r7, lr}
0x0001001c: 2704 movs r7, #4
0x0001001e: df00 svc 0
R00=00000001 R01=0001003c R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff348 R14=00010031 R15=0001001a
PSR=00000030 ---- T usr32
----------------
IN:
0x00010020: bd80 pop {r7, pc}
R00=00000006 R01=0001003c R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000004
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff340 R14=00010031 R15=00010020
PSR=00000030 ---- T usr32
----------------
IN: notmain
0x00010030: 2000 movs r0, #0
0x00010032: bc08 pop {r3}
0x00010034: bc02 pop {r1}
0x00010036: 4708 bx r1
R00=00000006 R01=0001003c R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff348 R14=00010031 R15=00010030
PSR=00000030 ---- T usr32
----------------
IN:
0x00010004: 2701 movs r7, #1
0x00010006: 2000 movs r0, #0
0x00010008: df00 svc 0
R00=00000000 R01=00010005 R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff350 R14=00010031 R15=00010004
PSR=40000030 -Z-- T usr32
cat hello
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000000 -Z-- A usr26
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000010 -Z-- A usr32
Reserved 0xf7000000 bytes of guest address space
host mmap_min_addr=0x10000
guest_base 0x7f36110fc000
start end size prot
00010000-00011000 00001000 r-x
f67ff000-f6800000 00001000 ---
f6800000-f7000000 00800000 rw-
start_brk 0x00000000
end_code 0x00010014
start_code 0x00010000
start_data 0x00010014
end_data 0x00010014
start_stack 0xf6fff350
brk 0x00010014
entry 0x00010001
----------------
IN:
0x00010000: 240a movs r4, #10
0x00010002: 46c0 nop (mov r8, r8)
0x00010004: 3c01 subs r4, #1
0x00010006: d1fc bne.n 0x10002
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010000
PSR=00000030 ---- T usr32
----------------
IN:
0x00010002: 46c0 nop (mov r8, r8)
0x00010004: 3c01 subs r4, #1
0x00010006: d1fc bne.n 0x10002
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000009 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010002
PSR=20000030 --C- T usr32
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000008 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010002
PSR=20000030 --C- T usr32
----------------
IN:
0x00010008: 2701 movs r7, #1
0x0001000a: 2000 movs r0, #0
0x0001000c: df00 svc 0
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010008
PSR=60000030 -ZC- T usr32
.thumb
.thumb_func
.global _start
_start:
@mov r0,=0x10000
@mov sp,r0
bl notmain
mov r7,#0x1
mov r0,#0
swi #0
.word 0xFFFFFFFF
b .
.thumb_func
.globl PUT32
PUT32:
str r1,[r0]
bx lr
.thumb_func
.globl GET32
GET32:
ldr r0,[r0]
bx lr
.thumb_func
.globl dummy
dummy:
bx lr
.thumb_func
.globl write
write:
push {r7,lr}
mov r7,#0x04
swi 0
pop {r7,pc}
b .
.end
.thumb
.thumb_func
.global _start
_start:
mov r4,#10
top:
nop
sub r4,#1
bne top
mov r7,#0x1
mov r0,#0
swi #0
.word 0xFFFFFFFF
b .
.end
cat hello
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000000 -Z-- A usr26
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000010 -Z-- A usr32
Reserved 0xf7000000 bytes of guest address space
host mmap_min_addr=0x10000
guest_base 0x7f4347fb4000
start end size prot
00010000-00011000 00001000 r-x
f67ff000-f6800000 00001000 ---
f6800000-f7000000 00800000 rw-
start_brk 0x00000000
end_code 0x00010044
start_code 0x00010000
start_data 0x00010044
end_data 0x00010044
start_stack 0xf6fff350
brk 0x00010044
entry 0x00010001
----------------
IN:
0x00010000: f000 f810 bl 0x10024
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010000
PSR=00000030 ---- T usr32
----------------
IN: notmain
0x00010024: b508 push {r3, lr}
0x00010026: 2001 movs r0, #1
0x00010028: 4903 ldr r1, [pc, #12] (0x10038)
0x0001002a: 2206 movs r2, #6
0x0001002c: f7ff fff5 bl 0x1001a
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff350 R14=00010005 R15=00010024
PSR=00000030 ---- T usr32
----------------
IN:
0x0001001a: b580 push {r7, lr}
0x0001001c: 2704 movs r7, #4
0x0001001e: df00 svc 0
R00=00000001 R01=0001003c R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff348 R14=00010031 R15=0001001a
PSR=00000030 ---- T usr32
----------------
IN:
0x00010020: bd80 pop {r7, pc}
R00=00000006 R01=0001003c R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000004
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff340 R14=00010031 R15=00010020
PSR=00000030 ---- T usr32
----------------
IN: notmain
0x00010030: 2000 movs r0, #0
0x00010032: bc08 pop {r3}
0x00010034: bc02 pop {r1}
0x00010036: 4708 bx r1
R00=00000006 R01=0001003c R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff348 R14=00010031 R15=00010030
PSR=00000030 ---- T usr32
----------------
IN:
0x00010004: 2701 movs r7, #1
0x00010006: 2000 movs r0, #0
0x00010008: df00 svc 0
R00=00000000 R01=00010005 R02=00000006 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010044 R11=00000000
R12=00000000 R13=f6fff350 R14=00010031 R15=00010004
PSR=40000030 -Z-- T usr32
cat hello
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000000 -Z-- A usr26
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000010 -Z-- A usr32
Reserved 0xf7000000 bytes of guest address space
host mmap_min_addr=0x10000
guest_base 0x7f36110fc000
start end size prot
00010000-00011000 00001000 r-x
f67ff000-f6800000 00001000 ---
f6800000-f7000000 00800000 rw-
start_brk 0x00000000
end_code 0x00010014
start_code 0x00010000
start_data 0x00010014
end_data 0x00010014
start_stack 0xf6fff350
brk 0x00010014
entry 0x00010001
----------------
IN:
0x00010000: 240a movs r4, #10
0x00010002: 46c0 nop (mov r8, r8)
0x00010004: 3c01 subs r4, #1
0x00010006: d1fc bne.n 0x10002
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010000
PSR=00000030 ---- T usr32
----------------
IN:
0x00010002: 46c0 nop (mov r8, r8)
0x00010004: 3c01 subs r4, #1
0x00010006: d1fc bne.n 0x10002
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000009 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010002
PSR=20000030 --C- T usr32
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000008 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010002
PSR=20000030 --C- T usr32
----------------
IN:
0x00010008: 2701 movs r7, #1
0x0001000a: 2000 movs r0, #0
0x0001000c: df00 svc 0
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010008
PSR=60000030 -ZC- T usr32
如果ELF入口点具有低位清除,则qemu arm将在arm模式下启动,如果入口点具有低位设置,则在Thumb模式下启动(Thumb模式ELF文件的常用约定)。对于M profile core,如果您尝试使用未设置的CPSR.T执行任何操作,您将立即得到UsageFault(在qemu arm中,这可能会表现为试图传递SIGILL)。它实际上不会以ARM指令的形式执行任何操作,尽管调试日志反汇编程序可能仍然以ARM格式反汇编INSN。为什么qemu ARM会有一系列cortex-m内核,而qemu系统ARM却没有?两者之间是否没有连接(qemu arm是否使用与qemu系统arm不同的代码/内核)?qemu系统arm支持同一组CPU,包括cortex-m3和cortex-m4。如果您的qemu系统arm没有列出cortex-m3,那么它一定是一个非常旧的版本(已经过时十年或更长时间了)。或者它可能是一个特定于发行版的特殊版本,禁用了很多代码——我认为RedHat有一个用于运行ARM虚拟机的版本,其中大多数仅用于仿真的内核都被禁用,以最大限度地减少安全攻击面。截至上次我检查时,除了cortex-m3之外,没有一个系统使用cortex-m4或其他任何(M)版本,正如所指出的……有一种叉子利用了它们,是的。qemu中的皮质m3只是最近才被修复为不会断裂,所以即使它是在tiva c被称为stellaris时添加的,并且是在德克萨斯仪器公司将其关联之前由luminary micro公司提供的。事实上,他们是第一个拥有m3硅(用于大规模消费)的公司,qemu后端也走了这么远,但问题已经存在这么久了。谁知道如果不尝试m4等,qemu目标也可能有问题,直到有人去尝试它们。是的,我们有m4 CPU支持,但m4还没有板模型。将-cpu cortex-m4传递给stellaris的某个板可能会产生类似于弗兰肯斯坦的东西。重新阅读你想要的标题汇编,删除bl notmain和gcc部分。这是从M配置文件代码中进行Linux系统调用,而M配置文件代码只在偶然情况下才真正起作用,据我所知,这与任何真正的硬件RTO的代码都不对应。。。在我看来,您最好使用qemu系统arm和半托管(或与UART对话)。在qemu arm中,没有中断控制器,没有对任何内存映射系统寄存器的访问,没有异常处理,没有UART或定时器设备。这些对于M-profile代码都非常重要。如果你想使用cortex-m4或其他(m3除外)qemu系统arm还没有选择,那是一个更大的项目,需要编写一个系统,将它添加到qemu系统arm来玩这个模拟器。无论如何,形状或形式都不是偶然的,调用就是调用,linux并没有什么神奇之处,它只是一个指令集。我本可以不打电话,只是为了好玩才加的。OP想知道如何做到这一点,你提供了丢失的链接,就像我说的,它是偶然出现的,因为我们不想故意破坏GCC测试套件和其他用户,他们碰巧发现它为有限的目的工作。这不是一个很大的bug,因为所有应该工作的东西都工作得很好。我们只是没有像可能的那样准确地诊断用户错误。
arm-none-eabi-as --warn --fatal-warnings start.s -o start.o
arm-none-eabi-ld -o notmain.elf -T hello.ld start.o
arm-none-eabi-objdump -D notmain.elf > notmain.list
arm-none-eabi-objcopy notmain.elf notmain.bin -O binary
qemu-arm -d in_asm,cpu,cpu_reset -D hello -cpu cortex-m4 notmain.elf
cat hello
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000000 -Z-- A usr26
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
PSR=40000010 -Z-- A usr32
Reserved 0xf7000000 bytes of guest address space
host mmap_min_addr=0x10000
guest_base 0x7f36110fc000
start end size prot
00010000-00011000 00001000 r-x
f67ff000-f6800000 00001000 ---
f6800000-f7000000 00800000 rw-
start_brk 0x00000000
end_code 0x00010014
start_code 0x00010000
start_data 0x00010014
end_data 0x00010014
start_stack 0xf6fff350
brk 0x00010014
entry 0x00010001
----------------
IN:
0x00010000: 240a movs r4, #10
0x00010002: 46c0 nop (mov r8, r8)
0x00010004: 3c01 subs r4, #1
0x00010006: d1fc bne.n 0x10002
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010000
PSR=00000030 ---- T usr32
----------------
IN:
0x00010002: 46c0 nop (mov r8, r8)
0x00010004: 3c01 subs r4, #1
0x00010006: d1fc bne.n 0x10002
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000009 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010002
PSR=20000030 --C- T usr32
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000008 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010002
PSR=20000030 --C- T usr32
----------------
IN:
0x00010008: 2701 movs r7, #1
0x0001000a: 2000 movs r0, #0
0x0001000c: df00 svc 0
R00=00000000 R01=f6fff4c2 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00010014 R11=00000000
R12=00000000 R13=f6fff350 R14=00000000 R15=00010008
PSR=60000030 -ZC- T usr32