.. SPDX-License-Identifier: GPL-2.0+
-.. sectionauthor:: Vlad Lungu <vlad.lungu@windriver.com>
+.. sectionauthor:: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
QEMU MIPS
=========
-Qemu is a full system emulator. See http://www.nongnu.org/qemu/
+Qemu for MIPS is based on the MIPS Malta board. The built Malta U-Boot
+images can be used for Qemu and on physical hardware. The Malta board
+supports all combinations of Little and Big Endian as well as 32 bit
+and 64 bit.
Limitations & comments
----------------------
-Supports the "-M mips" configuration of qemu: serial,NE2000,IDE.
-Supports little and big endian as well as 32 bit and 64 bit.
-Derived from au1x00 with a lot of things cut out.
-
-Supports emulated flash (patch Jean-Christophe PLAGNIOL-VILLARD) with
-recent qemu versions. When using emulated flash, launch with
--pflash <filename> and erase mips_bios.bin.
-
-
-Notes for the Qemu MIPS port
-----------------------------
+The memory size for Qemu is hard-coded to 256 MiB. For Malta Little Endian
+targets an extra endianness swapped image named *u-boot-swap.bin* is
+generated and required for Qemu.
Example usage
-^^^^^^^^^^^^^
-
-Using u-boot.bin as ROM (replaces Qemu monitor):
+-------------
-32 bit, big endian
+Build for 32 bit, big endian:
.. code-block:: bash
- make qemu_mips_defconfig
- qemu-system-mips -M mips -bios u-boot.bin -nographic
+ make malta_defconfig
+ make
+ UBOOT_BIN=u-boot.bin
+ QEMU_BIN=qemu-system-mips
+ QEMU_CPU=24Kc
-32 bit, little endian
+Build for 32 bit, little endian:
.. code-block:: bash
- make qemu_mipsel_defconfig
- qemu-system-mipsel -M mips -bios u-boot.bin -nographic
+ make maltael_defconfig
+ make
+ UBOOT_BIN=u-boot-swap.bin
+ QEMU_BIN=qemu-system-mipsel
+ QEMU_CPU=24Kc
-64 bit, big endian
+Build for 64 bit, big endian:
.. code-block:: bash
- make qemu_mips64_defconfig
- qemu-system-mips64 -cpu MIPS64R2-generic -M mips -bios u-boot.bin -nographic
+ make malta64_defconfig
+ make
+ UBOOT_BIN=u-boot.bin
+ QEMU_BIN=qemu-system-mips64
+ QEMU_CPU=MIPS64R2-generic
-64 bit, little endian
+Build for 64 bit, little endian:
.. code-block:: bash
- make qemu_mips64el_defconfig
- qemu-system-mips64el -cpu MIPS64R2-generic -M mips -bios u-boot.bin -nographic
+ make malta64el_defconfig
+ make
+ UBOOT_BIN=u-boot-swap.bin
+ QEMU_BIN=qemu-system-mips64el
+ QEMU_CPU=MIPS64R2-generic
-or using u-boot.bin from emulated flash:
-
-if you use a QEMU version after commit 4224
+Generate NOR flash image with U-Boot binary:
.. code-block:: bash
- # create image:
- dd of=flash bs=1k count=4k if=/dev/zero
- dd of=flash bs=1k conv=notrunc if=u-boot.bin
- # start it (see above):
- qemu-system-mips[64][el] [-cpu MIPS64R2-generic] -M mips -pflash flash -nographic
-
-Download kernel + initrd
-^^^^^^^^^^^^^^^^^^^^^^^^
-
-On ftp://ftp.denx.de/pub/contrib/Jean-Christophe_Plagniol-Villard/qemu_mips/
-you can downland::
+ dd if=/dev/zero bs=1M count=4 | tr '\000' '\377' > pflash.img
+ dd if=${UBOOT_BIN} of=pflash.img conv=notrunc
- #config to build the kernel
- qemu_mips_defconfig
- #patch to fix mips interrupt init on 2.6.24.y kernel
- qemu_mips_kernel.patch
- initrd.gz
- vmlinux
- vmlinux.bin
- System.map
-
-Generate uImage
-^^^^^^^^^^^^^^^
-
-.. code-block:: bash
-
- tools/mkimage -A mips -O linux -T kernel -C gzip -a 0x80010000 -e 0x80245650 -n "Linux 2.6.24.y" -d vmlinux.bin.gz uImage
-
-Copy uImage to Flash
-^^^^^^^^^^^^^^^^^^^^
+Start Qemu:
.. code-block:: bash
- dd if=uImage bs=1k conv=notrunc seek=224 of=flash
-
-Generate Ide Disk
-^^^^^^^^^^^^^^^^^
+ mkdir tftproot
+ ${QEMU_BIN} -nographic -cpu ${QEMU_CPU} -m 256 -drive if=pflash,file="$(pwd)/pflash.img",format=raw -netdev user,id=net0,tftp="$(pwd)/tftproot" -device pcnet,netdev=net0
.. code-block:: bash
- dd of=ide bs=1k count=100k if=/dev/zero
+ U-Boot 2021.04-00963-g60279a2b1d (Apr 21 2021 - 19:54:32 +0200)
- # Create partion table
- sudo sfdisk ide << EOF
- label: dos
- label-id: 0x6fe3a999
- device: image
- unit: sectors
- image1 : start= 63, size= 32067, Id=83
- image2 : start= 32130, size= 32130, Id=83
- image3 : start= 64260, size= 4128705, Id=83
- EOF
+ Board: MIPS Malta CoreLV
+ DRAM: 256 MiB
+ Flash: 4 MiB
+ Loading Environment from Flash... *** Warning - bad CRC, using default environment
-Copy to ide
-^^^^^^^^^^^
+ In: serial@3f8
+ Out: serial@3f8
+ Err: serial@3f8
+ Net: pcnet#0
+ IDE: Bus 0: not available
+ maltael #
-.. code-block:: bash
-
- dd if=uImage bs=512 conv=notrunc seek=63 of=ide
+How to debug U-Boot
+-------------------
-Generate ext2 on part 2 on Copy uImage and initrd.gz
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+In order to debug U-Boot you need to start qemu with gdb server support (-s)
+and waiting the connection to start the CPU (-S). Start Qemu in the first console:
.. code-block:: bash
- # Attached as loop device ide offset = 32130 * 512
- sudo losetup -o 16450560 /dev/loop0 ide
- # Format as ext2 ( arg2 : nb blocks)
- sudo mkfs.ext2 /dev/loop0 16065
- sudo losetup -d /dev/loop0
- # Mount and copy uImage and initrd.gz to it
- sudo mount -o loop,offset=16450560 -t ext2 ide /mnt
- sudo mkdir /mnt/boot
- cp {initrd.gz,uImage} /mnt/boot/
- # Umount it
- sudo umount /mnt
-
-Set Environment
-^^^^^^^^^^^^^^^
-
-.. code-block:: bash
+ mkdir tftproot
+ ${QEMU_BIN} -s -S -nographic -cpu ${QEMU_CPU} -m 256 -drive if=pflash,file="$(pwd)/pflash.img",format=raw -netdev user,id=net0,tftp="$(pwd)/tftproot" -device pcnet,netdev=net0
- setenv rd_start 0x80800000
- setenv rd_size 2663940
- setenv kernel BFC38000
- setenv oad_addr 80500000
- setenv load_addr2 80F00000
- setenv kernel_flash BFC38000
- setenv load_addr_hello 80200000
- setenv bootargs 'root=/dev/ram0 init=/bin/sh'
- setenv load_rd_ext2 'ide res; ext2load ide 0:2 ${rd_start} /boot/initrd.gz'
- setenv load_rd_tftp 'tftp ${rd_start} /initrd.gz'
- setenv load_kernel_hda 'ide res; diskboot ${load_addr} 0:2'
- setenv load_kernel_ext2 'ide res; ext2load ide 0:2 ${load_addr} /boot/uImage'
- setenv load_kernel_tftp 'tftp ${load_addr} /qemu_mips/uImage'
- setenv boot_ext2_ext2 'run load_rd_ext2; run load_kernel_ext2; run addmisc; bootm ${load_addr}'
- setenv boot_ext2_flash 'run load_rd_ext2; run addmisc; bootm ${kernel_flash}'
- setenv boot_ext2_hda 'run load_rd_ext2; run load_kernel_hda; run addmisc; bootm ${load_addr}'
- setenv boot_ext2_tftp 'run load_rd_ext2; run load_kernel_tftp; run addmisc; bootm ${load_addr}'
- setenv boot_tftp_hda 'run load_rd_tftp; run load_kernel_hda; run addmisc; bootm ${load_addr}'
- setenv boot_tftp_ext2 'run load_rd_tftp; run load_kernel_ext2; run addmisc; bootm ${load_addr}'
- setenv boot_tftp_flash 'run load_rd_tftp; run addmisc; bootm ${kernel_flash}'
- setenv boot_tftp_tftp 'run load_rd_tftp; run load_kernel_tftp; run addmisc; bootm ${load_addr}'
- setenv load_hello_tftp 'tftp ${load_addr_hello} /examples/hello_world.bin'
- setenv go_tftp 'run load_hello_tftp; go ${load_addr_hello}'
- setenv addmisc 'setenv bootargs ${bootargs} console=ttyS0,${baudrate} rd_start=${rd_start} rd_size=${rd_size} ethaddr=${ethaddr}'
- setenv bootcmd 'run boot_tftp_flash'
-
-Now you can boot from flash, ide, ide+ext2 and tfp
+In the second console start gdb:
.. code-block:: bash
- qemu-system-mips -M mips -pflash flash -monitor null -nographic -net nic -net user -tftp `pwd` -hda ide
-
-
-How to debug U-Boot
--------------------
-
-In order to debug U-Boot you need to start qemu with gdb server support (-s)
-and waiting the connection to start the CPU (-S)
+ gdb-multiarch --eval-command "target remote :1234" u-boot
.. code-block:: bash
- qemu-system-mips -S -s -M mips -pflash flash -monitor null -nographic -net nic -net user -tftp `pwd` -hda ide
-
-in an other console you start gdb
-
-Debugging of U-Boot Before Relocation
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-Before relocation, the addresses in the ELF file can be used without any problems
-by connecting to the gdb server localhost:1234
-
-.. code-block:: none
-
- $ mipsel-unknown-linux-gnu-gdb u-boot
- GNU gdb 6.6
- Copyright (C) 2006 Free Software Foundation, Inc.
- GDB is free software, covered by the GNU General Public License, and you are
- welcome to change it and/or distribute copies of it under certain conditions.
- Type "show copying" to see the conditions.
- There is absolutely no warranty for GDB. Type "show warranty" for details.
- This GDB was configured as "--host=i486-linux-gnu --target=mipsel-unknown-linux-gnu"...
- (gdb) target remote localhost:1234
- Remote debugging using localhost:1234
- _start () at start.S:64
- 64 RVECENT(reset,0) /* U-Boot entry point */
- Current language: auto; currently asm
- (gdb) b board.c:289
- Breakpoint 1 at 0xbfc00cc8: file board.c, line 289.
- (gdb) c
- Continuing.
-
- Breakpoint 1, board_init_f (bootflag=<value optimized out>) at board.c:290
- 290 relocate_code (addr_sp, id, addr);
- Current language: auto; currently c
- (gdb) p/x addr
- $1 = 0x87fa0000
-
-Debugging of U-Boot After Relocation
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-
-For debugging U-Boot after relocation we need to know the address to which
-U-Boot relocates itself to 0x87fa0000 by default.
-And replace the symbol table to this offset.
-
-.. code-block:: none
-
- (gdb) symbol-file
- Discard symbol table from `/private/u-boot-arm/u-boot'? (y or n) y
- Error in re-setting breakpoint 1:
- No symbol table is loaded. Use the "file" command.
- No symbol file now.
- (gdb) add-symbol-file u-boot 0x87fa0000
- add symbol table from file "u-boot" at
- .text_addr = 0x87fa0000
- (y or n) y
- Reading symbols from /private/u-boot-arm/u-boot...done.
- Breakpoint 1 at 0x87fa0cc8: file board.c, line 289.
- (gdb) c
- Continuing.
-
- Program received signal SIGINT, Interrupt.
- 0xffffffff87fa0de4 in udelay (usec=<value optimized out>) at time.c:78
- 78 while ((tmo - read_c0_count()) < 0x7fffffff)
+ GNU gdb (Ubuntu 9.2-0ubuntu1~20.04) 9.2
+ Copyright (C) 2020 Free Software Foundation, Inc.
+ License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
+ This is free software: you are free to change and redistribute it.
+ There is NO WARRANTY, to the extent permitted by law.
+ Type "show copying" and "show warranty" for details.
+ This GDB was configured as "x86_64-linux-gnu".
+ Type "show configuration" for configuration details.
+ For bug reporting instructions, please see:
+ <http://www.gnu.org/software/gdb/bugs/>.
+ Find the GDB manual and other documentation resources online at:
+ <http://www.gnu.org/software/gdb/documentation/>.
+
+ For help, type "help".
+ Type "apropos word" to search for commands related to "word"...
+ Reading symbols from u-boot...
+ Remote debugging using :1234
+ 0xbfc00000 in ?? ()
+ (gdb) c
+ Continuing.