[J-core] qemu updates / roadmap

Christopher Friedt chrisfriedt at gmail.com
Tue May 3 14:10:31 EDT 2016 

Hi list,

The Qemu build (or rather Apple's linker, ld) was misbehaving recently
(since El Capitan upgrade?) and I just submitted a 2-line patch to
Qemu to resolve that [1].

At the moment, my efforts are being focused on the branch
"feature/j2-sh2-dirty-hacks" [2]. Due to the aforementioned Qemu build
issue, I've only (so far) added superficially added SH7619 and J2 as
CPUs (without implementing any cpu-specific details), along with the
CAS.L instruction (as described in "SH-2 Instruction Set.ods").

A few of observations and comments for Qemu:

1) According to README.sh4, the sh4 target might not even be functional yet [3]
2) The function _decode_opc() in target-sh4/translate.c could use some
reorganization, which I am thinking should be
  * group opcodes into ISA version and use a ">=" or "has( feature )"
approach to deciding if the current emulation target supports a given
instruction before attempting to decode it
  * group SH1, SH2, SH3, and SH4 (others?) instructions together
  * make conditional blocks for "special" instructions like CAS.L and
use the has( feature ) approach
  * defer this until after the numato board is added
3) currently, the "demo" for qemu-system-sh4 seems to be quasi-functional [5].
4) Leaning to renaming "target-sh4" to "target-sh" and handling all
ISA variants in one directory. Thoughts?

My next steps will likely be something along the lines of
* set up GDB with the kernel sources for J2 so that I can step debug
through Linux initialization & driver code
* run vmlinux from J2 instead of the vmlinux from [4], so that only
SH2 / J2 instructions are used for bringup.
* add board, memory, SoC, etc definitions / features incrementally to
Qemu as they are encountered in the Linux kernel
* eventually all features should be added and Qemu should behave more
or less like a terminal connected to the Numato Mimas v2 board.

After getting the dirty hacks done, then I will likely factor the
changeset into a sequence of smaller, more coherent, and well-written
individual patches to submit to qemu-devel.

Cheers,

C

[1] http://lists.nongnu.org/archive/html/qemu-devel/2016-05/msg00152.html
[2] https://goo.gl/P5cCGF
[3] https://github.com/cfriedt/qemu/blob/master/target-sh4/README.sh4
[4] http://perso.telecom-paristech.fr/~polti/robot/
[5]
$ qemu-system-sh4 -kernel vmlinux-nand_img_with_OOB-2.6.10-v1.0
loaded 1350624 bytes for shix_linux_nand.bin into flash
long write to SH7750_WCR1_A7 (0x000000001f800008) ignored
long write to SH7750_WCR2_A7 (0x000000001f80000c) ignored
long write to SH7750_WCR3_A7 (0x000000001f800010) ignored
long write to SH7750_MCR_A7 (0x000000001f800014) ignored
word write to SH7750_RTCOR_A7 (0x000000001f800024) ignored
word write to SH7750_RTCNT_A7 (0x000000001f800020) ignored
Write access to refresh count register
word write to SH7750_RTCSR_A7 (0x000000001f80001c) ignored
long write to SH7750_MCR_A7 (0x000000001f800014) ignored
Read access to refresh count register, incrementing
long write to SH7750_MCR_A7 (0x000000001f800014) ignored
word write to SH7750_RTCOR_A7 (0x000000001f800024) ignored
word write to SH7750_RTCNT_A7 (0x000000001f800020) ignored
Write access to refresh count register
word write to SH7750_RTCSR_A7 (0x000000001f80001c) ignored
long write to SH7750_MCR_A7 (0x000000001f800014) ignored

More information about the J-core mailing list