world leader in high performance signal processing
Trace: » qemu
Table of Contents

QEMU

QEMU is a generic and open source machine emulator and virtualizer. It uses dynamic translation to achieve very good performance. Basically that means it reads in the target machine code, decodes it, translates it into the host CPU machine code, caches the result, and then executes it on the host CPU. With a decent host CPU (like a 2 GHz Intel processor), you can expect to see speeds in the range of 300 to 400 MIPS.

At the moment, only linux-user emulation support is available. That means you can execute FLAT and FDPIC ELF Linux userspace programs unmodified. This also supports any Blackfin ELF so long as you stick to the core instruction set -- so bare metal ELFs that attempt to use processor MMRs or interrupts/exceptions will not work today.

Building

For now, you need to download the source yourself:

$ git clone git://sources.blackfin.uclinux.org/git/users/vapier/qemu.git

Then to compile it:

$ ./configure --target-list=bfin-linux-user --disable-werror --disable-system --disable-strip
$ make

This will leave you with the binary:

$ ./bfin-linux-user/qemu-bfin
qemu-bfin version 0.13.50, Copyright (c) 2003-2008 Fabrice Bellard
usage: qemu-bfin [options] program [arguments...]
Linux CPU emulator (compiled for bfin emulation)
...

Usage

Now you can run Blackfin FLAT binaries:

$ qemu-bfin romfs/bin/busybox
BusyBox v1.18.1 (2010-12-21 14:45:51 EST) multi-call binary.
Copyright (C) 1998-2009 Erik Andersen, Rob Landley, Denys Vlasenko
and others. Licensed under GPLv2.
See source distribution for full notice.

Usage: busybox [function] [arguments]...
...

For dynamic Blackfin FDPIC binaries, you will to tell qemu where to find the shared libraries (sysroot):

$ qemu-bfin -L /opt/uClinux/bfin-linux-uclibc/bfin-linux-uclibc/runtime/ romfs/bin/busybox
BusyBox v1.18.1 (2010-12-21 14:45:51 EST) multi-call binary.
Copyright (C) 1998-2009 Erik Andersen, Rob Landley, Denys Vlasenko
and others. Licensed under GPLv2.
See source distribution for full notice.

Usage: busybox [function] [arguments]...
...

Tips

If you have the binfmt_misc mounted, you can register Blackfin binaries to automatically be executed via qemu.

First make sure it is mounted. If it is not, please consult your distro's documentation to find out to enable & mount it.

$ grep binfmt_misc /proc/mounts
binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0

Then as root, you can register a new handler (obviously replace the path to qemu-bfin to wherever you chose to install it):

# echo \
    ':bfin:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x6A\x00::/usr/local/bin/qemu-bfin:' \
    > /proc/sys/fs/binfmt_misc/register
# echo \
    ':bfin-flat:M::bFLT\x00\x00\x00\x04::/usr/local/bin/qemu-bfin:' \
    > /proc/sys/fs/binfmt_misc/register

Now you can execute Blackfin binaries like you would a native host binary:

$ ./romfs/bin/busybox
BusyBox v1.18.1 (2010-12-21 14:45:51 EST) multi-call binary.
Copyright (C) 1998-2009 Erik Andersen, Rob Landley, Denys Vlasenko
and others. Licensed under GPLv2.
See source distribution for full notice.

Usage: busybox [function] [arguments]...
...

Documentation

The upstream QEMU wiki has a lot of useful documentation for users.