QEMU 中的 ARM 中断处理 [英] ARM Interrupt Handling in QEMU
问题描述
我试图了解 QEMU 如何处理 ARM 处理器的中断.我有一个为 ARM1176 构建的裸机二进制 blob(即,不是 linux——只是一些汇编代码).在 QEMU 中运行时,在初始化期间,二进制 blob 中的代码设置 CPSR 的第 13 位,指示中断向量表位于 0xFFFF0000.挂上GDB,把那个地址的指令dump出来,确实可以看到对应的中断向量表.在 IRQ 上,它跳转到 0xFFFF0018,它只是跳转到 0xFFFF00070,它具有第一个 irq_handler 的代码,并最终跳转到第二个 irq_handler.>
那很好,但是当我看到在 QEMU 中连接中断时,我发现每个参考都连接了我自己的 irq_handler.如果你分配了一个 irq,我需要提供一个 qemu_irq_handler,它会在 IRQ 被触发时被调用.但在这种情况下,我不希望我自己的处理程序被调用.例如,当我调用 qemu_set_irq() 并开始在那里运行代码时,我假设 QEMU 会模拟 ARM 处理器并跳转到 0xFFFF0018.
我确定我的理解中缺少某些东西,但是有没有办法让 QEMU 跳转到中断向量表并在触发中断时在那里运行代码,例如,使用 qemu_set_irq()?
我认为 QEMU 正在使用 ARM 的半虚拟化.PC 上的 ARM 设备没有中断控制器.我认为 qemu_irq_handler 是一种处理中断的半虚拟化技术.中断从何而来?请参阅:QEMU 技术文档,尤其是
2.11 硬件中断
为了更快,QEMU 不会检查每个基本块是否有硬件中断挂起.相反,用户必须异步调用特定函数以告知中断正在挂起.该函数重置当前正在执行的基本块的链接.它确保执行将很快在 CPU 模拟器的主循环中返回.然后主循环可以测试中断是否挂起并处理.
可能 QEMU 带有一些代码来模拟设备.但是,如果您想使用自己的设备,则需要进行一些自定义操作.它不是实际 ARM 处理器.大多数虚拟化技术有问题 有中断;即使虚拟化由与目标相同的 CPU 托管.
I'm trying to understand how QEMU handles interrupts for ARM processors. I have a bare metal binary blob (ie, not linux -- just some assembly code) which was built for a ARM1176. When run in QEMU, during initialisation the code in the binary blob sets bit 13 of the CPSR indicating that the interrupt vector table is located at 0xFFFF0000. Hooking up GDB and dumping the instructions at that address, I can indeed see the corresponding interrupt vector table. On an IRQ, it jumps to 0xFFFF0018, which just does a jump to 0xFFFF00070, which has the code for the first irq_handler, and ultimately jumps to a second irq_handler.
That's fine, but when I look at hooking up interrupts in QEMU every reference I find is hooking up my own irq_handler. If you allocate an irq, I need to provide a qemu_irq_handler that gets called when the IRQ is fired. But in this case, I don't want my own handler to get called. I was assuming that QEMU would emulate the ARM processor and jump to 0xFFFF0018 when I, for instance, called qemu_set_irq() and start running the code there.
I'm sure something is lacking in my understanding, but is there not some way to get QEMU to jump to the interrupt vector table and run the code there when triggering an interrupt, for example, with qemu_set_irq()?
I would think that QEMU is using Paravirtualization for the ARM. There is no interrupt controller for the ARM device on a PC. I think the qemu_irq_handler is a paravirtualization technique to handle an interrupt. Where are interrupts going to come from? See: QEMU tech document especially,
2.11 Hardware interrupts
In order to be faster, QEMU does not check at every basic block if a hardware interrupt is pending. Instead, the user must asynchronously call a specific function to tell that an interrupt is pending. This function resets the chaining of the currently executing basic block. It ensures that the execution will return soon in the main loop of the CPU emulator. Then the main loop can test if the interrupt is pending and handle it.
Probably QEMU comes with some code to emulate devices. However, if you want to use your own device, you will need to do something custom. It is not an actual ARM processor. Most virtualization technology have issues with interrupts; even when the virtualization is hosted by the same CPU as the target.
这篇关于QEMU 中的 ARM 中断处理的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
