RISC-V Virtual Prototyping with QEMU
Overview
In 2017, the Circuit Design Group initially collaborated with SiFive and TI as co-maintainers of the first RISC-V implementation within the QEMU CPU emulator. QEMU is an open-source CPU emulator that supports a variety of instruction set architectures for executing compiled software. The specialist group can draw on extensive experience in this field, as it has already developed and published the complete TriCore™ instruction set in cooperation with Infineon Technologies AG as a registered maintainer in recent years. Current activities focus on implementing the RISC-V instruction set in various variants in QEMU for the creation of virtual prototypes and the development of chips for RISC-V-based IoT nodes (IoT – Internet of Things), which is funded by the German Federal Ministry of Education and Research (BMBF) through the COMPACT and SAFE4I projects. The specialist group developed several QEMU-based configurable analysis platforms for RISC-V-based IoT devices. The analysis covers functional and non-functional properties of the software binary instructions for the RISC-V ISA. The configuration options were based on the principle of ISA specification through so-called decode trees, which were developed, implemented, and published for the RISC-V architecture within the QEMU open source project.
Within this framework, the decoding of the complete RISC-V ISA within QEMU was converted to decode trees. The implemented extensions and conversions were fully transferred to the QEMU open source upstream at the beginning of 2019 and have been included in QEMU release 4.0.0 since April 2019. For the dynamic analysis of compiled RISC-V software, QTA (QEMU Timing Analyzer) github.com/hni-sct/qemu-qta was developed and implemented based on the newly available TCG plugin API interface for tool integration. This interface guarantees compatibility of all QEMU extensions with future QEMU versions without the need to continuously adapt the extension to the respective new QEMU version. Since its development within the QEMU project, the TCG plugin API interface has been continuously verified until it reached a stable state in mid-2019, making it foreseeable that it would soon be officially available with QEMU 4.2. QTA was then implemented by UPB in 2020 using this interface and released freely in early 2021.
The source code has been freely available since January 2021 at github.com/hni-sct/qta under an MIT license. QTA performs time-annotated execution of compiled software for all instruction set architectures supported by QEMU. For time annotation, an interface for ait (Absint) was implemented as an analysis front end and tested for ARM and RISC-V compiled software.
Publications:
ris.uni-paderborn.de/record/32125
ris.uni-paderborn.de/record/32132
ris.uni-paderborn.de/record/24027
ris.uni-paderborn.de/record/24060
ris.uni-paderborn.de/record/24061
ris.uni-paderborn.de/record/24063
ris.uni-paderborn.de/record/24194
ris.uni-paderborn.de/record/24220
Project Informationen:
COMPACT: www.uni-paderborn.de/projekt/305 und www.edacentrum.de/compact/
SAFE4I: www.uni-paderborn.de/projekt/306
Key Facts
- Grant Number:
- Project type:
- Forschung
- Project duration:
- 08/2017 - 12/2024
- Funded by:
- Bundesministerium für Bildung und Forschung (BMBF)
More Information
Contact
If you have any questions about this project, contact us!
apl. Prof. Dr. Wolfgang Müller
System and Circuit Technology / Heinz Nixdorf Institut
Apl. Professor
Funded by:
