xref: /openbmc/u-boot/doc/README.qemu-mips (revision 57dc53a72460e8e301fa1cc7951b41db8e731485) 
13ed75b6fSDaniel SchwierzeckBy Vlad Lungu vlad.lungu@windriver.com 2007-Oct-01
23ed75b6fSDaniel Schwierzeck----------------------------------------
33ed75b6fSDaniel SchwierzeckQemu is a full system emulator. See
43ed75b6fSDaniel Schwierzeck
53ed75b6fSDaniel Schwierzeckhttp://www.nongnu.org/qemu/
63ed75b6fSDaniel Schwierzeck
73ed75b6fSDaniel SchwierzeckLimitations & comments
83ed75b6fSDaniel Schwierzeck----------------------
93ed75b6fSDaniel SchwierzeckSupports the "-M mips" configuration of qemu: serial,NE2000,IDE.
103ed75b6fSDaniel SchwierzeckSupports little and big endian as well as 32 bit and 64 bit.
113ed75b6fSDaniel SchwierzeckDerived from au1x00 with a lot of things cut out.
123ed75b6fSDaniel Schwierzeck
133ed75b6fSDaniel SchwierzeckSupports emulated flash (patch Jean-Christophe PLAGNIOL-VILLARD) with
143ed75b6fSDaniel Schwierzeckrecent qemu versions. When using emulated flash, launch with
153ed75b6fSDaniel Schwierzeck-pflash <filename> and erase mips_bios.bin.
163ed75b6fSDaniel Schwierzeck
173ed75b6fSDaniel Schwierzeck
183ed75b6fSDaniel SchwierzeckNotes for the Qemu MIPS port
193ed75b6fSDaniel Schwierzeck----------------------------
203ed75b6fSDaniel Schwierzeck
213ed75b6fSDaniel SchwierzeckI) Example usage:
223ed75b6fSDaniel Schwierzeck
233ed75b6fSDaniel SchwierzeckUsing u-boot.bin as ROM (replaces Qemu monitor):
243ed75b6fSDaniel Schwierzeck
253ed75b6fSDaniel Schwierzeck32 bit, big endian:
263ed75b6fSDaniel Schwierzeck# make qemu_mips
273ed75b6fSDaniel Schwierzeck# qemu-system-mips -M mips -bios u-boot.bin -nographic
283ed75b6fSDaniel Schwierzeck
293ed75b6fSDaniel Schwierzeck32 bit, little endian:
303ed75b6fSDaniel Schwierzeck# make qemu_mipsel
313ed75b6fSDaniel Schwierzeck# qemu-system-mipsel -M mips -bios u-boot.bin -nographic
323ed75b6fSDaniel Schwierzeck
333ed75b6fSDaniel Schwierzeck64 bit, big endian:
343ed75b6fSDaniel Schwierzeck# make qemu_mips64
353ed75b6fSDaniel Schwierzeck# qemu-system-mips64 -cpu MIPS64R2-generic -M mips -bios u-boot.bin -nographic
363ed75b6fSDaniel Schwierzeck
373ed75b6fSDaniel Schwierzeck64 bit, little endian:
383ed75b6fSDaniel Schwierzeck# make qemu_mips64el
393ed75b6fSDaniel Schwierzeck# qemu-system-mips64el -cpu MIPS64R2-generic -M mips -bios u-boot.bin -nographic
403ed75b6fSDaniel Schwierzeck
413ed75b6fSDaniel Schwierzeckor using u-boot.bin from emulated flash:
423ed75b6fSDaniel Schwierzeck
433ed75b6fSDaniel Schwierzeckif you use a qemu version after commit 4224
443ed75b6fSDaniel Schwierzeck
453ed75b6fSDaniel Schwierzeckcreate image:
463ed75b6fSDaniel Schwierzeck# dd of=flash bs=1k count=4k if=/dev/zero
473ed75b6fSDaniel Schwierzeck# dd of=flash bs=1k conv=notrunc if=u-boot.bin
483ed75b6fSDaniel Schwierzeckstart it (see above):
493ed75b6fSDaniel Schwierzeck# qemu-system-mips[64][el] [-cpu MIPS64R2-generic] -M mips -pflash flash -nographic
503ed75b6fSDaniel Schwierzeck
513ed75b6fSDaniel Schwierzeck2) Download kernel + initrd
523ed75b6fSDaniel Schwierzeck
533ed75b6fSDaniel SchwierzeckOn ftp://ftp.denx.de/pub/contrib/Jean-Christophe_Plagniol-Villard/qemu_mips/
543ed75b6fSDaniel Schwierzeckyou can downland
553ed75b6fSDaniel Schwierzeck
563ed75b6fSDaniel Schwierzeck#config to build the kernel
573ed75b6fSDaniel Schwierzeckqemu_mips_defconfig
583ed75b6fSDaniel Schwierzeck#patch to fix mips interrupt init on 2.6.24.y kernel
593ed75b6fSDaniel Schwierzeckqemu_mips_kernel.patch
603ed75b6fSDaniel Schwierzeckinitrd.gz
613ed75b6fSDaniel Schwierzeckvmlinux
623ed75b6fSDaniel Schwierzeckvmlinux.bin
633ed75b6fSDaniel SchwierzeckSystem.map
643ed75b6fSDaniel Schwierzeck
653ed75b6fSDaniel Schwierzeck4) Generate uImage
663ed75b6fSDaniel Schwierzeck
673ed75b6fSDaniel Schwierzeck# tools/mkimage -A mips -O linux -T kernel -C gzip -a 0x80010000 -e 0x80245650 -n "Linux 2.6.24.y" -d vmlinux.bin.gz uImage
683ed75b6fSDaniel Schwierzeck
693ed75b6fSDaniel Schwierzeck5) Copy uImage to Flash
703ed75b6fSDaniel Schwierzeck# dd if=uImage bs=1k conv=notrunc seek=224 of=flash
713ed75b6fSDaniel Schwierzeck
723ed75b6fSDaniel Schwierzeck6) Generate Ide Disk
733ed75b6fSDaniel Schwierzeck
743ed75b6fSDaniel Schwierzeck# dd of=ide bs=1k cout=100k if=/dev/zero
753ed75b6fSDaniel Schwierzeck
763ed75b6fSDaniel Schwierzeck# sfdisk -C 261 -d ide
773ed75b6fSDaniel Schwierzeck# partition table of ide
783ed75b6fSDaniel Schwierzeckunit: sectors
793ed75b6fSDaniel Schwierzeck
803ed75b6fSDaniel Schwierzeck     ide1 : start=       63, size=    32067, Id=83
813ed75b6fSDaniel Schwierzeck     ide2 : start=    32130, size=    32130, Id=83
823ed75b6fSDaniel Schwierzeck     ide3 : start=    64260, size=  4128705, Id=83
833ed75b6fSDaniel Schwierzeck     ide4 : start=        0, size=        0, Id= 0
843ed75b6fSDaniel Schwierzeck
853ed75b6fSDaniel Schwierzeck7) Copy to ide
863ed75b6fSDaniel Schwierzeck
873ed75b6fSDaniel Schwierzeck# dd if=uImage bs=512 conv=notrunc seek=63 of=ide
883ed75b6fSDaniel Schwierzeck
893ed75b6fSDaniel Schwierzeck8) Generate ext2 on part 2 on Copy uImage and initrd.gz
903ed75b6fSDaniel Schwierzeck
913ed75b6fSDaniel Schwierzeck# Attached as loop device ide offset = 32130 * 512
923ed75b6fSDaniel Schwierzeck# losetup -o 16450560 -f ide
933ed75b6fSDaniel Schwierzeck# Format as ext2 ( arg2 : nb blocks)
943ed75b6fSDaniel Schwierzeck# mke2fs /dev/loop0 16065
953ed75b6fSDaniel Schwierzeck# losetup -d /dev/loop0
963ed75b6fSDaniel Schwierzeck# Mount and copy uImage and initrd.gz to it
973ed75b6fSDaniel Schwierzeck# mount -o loop,offset=16450560 -t ext2 ide /mnt
983ed75b6fSDaniel Schwierzeck# mkdir /mnt/boot
993ed75b6fSDaniel Schwierzeck# cp {initrd.gz,uImage} /mnt/boot/
1003ed75b6fSDaniel Schwierzeck# Umount it
1013ed75b6fSDaniel Schwierzeck# umount /mnt
1023ed75b6fSDaniel Schwierzeck
1033ed75b6fSDaniel Schwierzeck9) Set Environment
1043ed75b6fSDaniel Schwierzeck
1053ed75b6fSDaniel Schwierzecksetenv rd_start 0x80800000
1063ed75b6fSDaniel Schwierzecksetenv rd_size 2663940
1073ed75b6fSDaniel Schwierzecksetenv kernel BFC38000
1083ed75b6fSDaniel Schwierzecksetenv oad_addr 80500000
1093ed75b6fSDaniel Schwierzecksetenv load_addr2 80F00000
1103ed75b6fSDaniel Schwierzecksetenv kernel_flash BFC38000
1113ed75b6fSDaniel Schwierzecksetenv load_addr_hello 80200000
1123ed75b6fSDaniel Schwierzecksetenv bootargs 'root=/dev/ram0 init=/bin/sh'
1133ed75b6fSDaniel Schwierzecksetenv load_rd_ext2 'ide res; ext2load ide 0:2 ${rd_start} /boot/initrd.gz'
1143ed75b6fSDaniel Schwierzecksetenv load_rd_tftp 'tftp ${rd_start} /initrd.gz'
1153ed75b6fSDaniel Schwierzecksetenv load_kernel_hda 'ide res; diskboot ${load_addr} 0:2'
1163ed75b6fSDaniel Schwierzecksetenv load_kernel_ext2 'ide res; ext2load ide 0:2 ${load_addr} /boot/uImage'
1173ed75b6fSDaniel Schwierzecksetenv load_kernel_tftp 'tftp ${load_addr} /qemu_mips/uImage'
1183ed75b6fSDaniel Schwierzecksetenv boot_ext2_ext2 'run load_rd_ext2; run load_kernel_ext2; run addmisc; bootm ${load_addr}'
1193ed75b6fSDaniel Schwierzecksetenv boot_ext2_flash 'run load_rd_ext2; run addmisc; bootm ${kernel_flash}'
1203ed75b6fSDaniel Schwierzecksetenv boot_ext2_hda 'run load_rd_ext2; run load_kernel_hda; run addmisc; bootm ${load_addr}'
1213ed75b6fSDaniel Schwierzecksetenv boot_ext2_tftp 'run load_rd_ext2; run load_kernel_tftp; run addmisc; bootm ${load_addr}'
1223ed75b6fSDaniel Schwierzecksetenv boot_tftp_hda 'run load_rd_tftp; run load_kernel_hda; run addmisc; bootm ${load_addr}'
1233ed75b6fSDaniel Schwierzecksetenv boot_tftp_ext2 'run load_rd_tftp; run load_kernel_ext2; run addmisc; bootm ${load_addr}'
1243ed75b6fSDaniel Schwierzecksetenv boot_tftp_flash 'run load_rd_tftp; run addmisc; bootm ${kernel_flash}'
1253ed75b6fSDaniel Schwierzecksetenv boot_tftp_tftp 'run load_rd_tftp; run load_kernel_tftp; run addmisc; bootm ${load_addr}'
1263ed75b6fSDaniel Schwierzecksetenv load_hello_tftp 'tftp ${load_addr_hello} /examples/hello_world.bin'
1273ed75b6fSDaniel Schwierzecksetenv go_tftp 'run load_hello_tftp; go ${load_addr_hello}'
1283ed75b6fSDaniel Schwierzecksetenv addmisc 'setenv bootargs ${bootargs} console=ttyS0,${baudrate} rd_start=${rd_start} rd_size=${rd_size} ethaddr=${ethaddr}'
1293ed75b6fSDaniel Schwierzecksetenv bootcmd 'run boot_tftp_flash'
1303ed75b6fSDaniel Schwierzeck
1313ed75b6fSDaniel Schwierzeck10) Now you can boot from flash, ide, ide+ext2 and tfp
1323ed75b6fSDaniel Schwierzeck
1333ed75b6fSDaniel Schwierzeck# qemu-system-mips -M mips -pflash flash -monitor null -nographic -net nic -net user -tftp `pwd` -hda ide
1343ed75b6fSDaniel Schwierzeck
1353ed75b6fSDaniel SchwierzeckII) How to debug U-Boot
1363ed75b6fSDaniel Schwierzeck
1373ed75b6fSDaniel SchwierzeckIn order to debug U-Boot you need to start qemu with gdb server support (-s)
1383ed75b6fSDaniel Schwierzeckand waiting the connection to start the CPU (-S)
1393ed75b6fSDaniel Schwierzeck
1403ed75b6fSDaniel Schwierzeck# qemu-system-mips -S -s -M mips -pflash flash -monitor null -nographic -net nic -net user -tftp `pwd` -hda ide
1413ed75b6fSDaniel Schwierzeck
1423ed75b6fSDaniel Schwierzeckin an other console you start gdb
1433ed75b6fSDaniel Schwierzeck
1443ed75b6fSDaniel Schwierzeck1) Debugging of U-Boot Before Relocation
1453ed75b6fSDaniel Schwierzeck
1463ed75b6fSDaniel SchwierzeckBefore relocation, the addresses in the ELF file can be used without any problems
1473ed75b6fSDaniel Schwierzeckby connecting to the gdb server localhost:1234
1483ed75b6fSDaniel Schwierzeck
1493ed75b6fSDaniel Schwierzeck# mipsel-unknown-linux-gnu-gdb u-boot
1503ed75b6fSDaniel SchwierzeckGNU gdb 6.6
1513ed75b6fSDaniel SchwierzeckCopyright (C) 2006 Free Software Foundation, Inc.
1523ed75b6fSDaniel SchwierzeckGDB is free software, covered by the GNU General Public License, and you are
1533ed75b6fSDaniel Schwierzeckwelcome to change it and/or distribute copies of it under certain conditions.
1543ed75b6fSDaniel SchwierzeckType "show copying" to see the conditions.
1553ed75b6fSDaniel SchwierzeckThere is absolutely no warranty for GDB.  Type "show warranty" for details.
1563ed75b6fSDaniel SchwierzeckThis GDB was configured as "--host=i486-linux-gnu --target=mipsel-unknown-linux-gnu"...
1573ed75b6fSDaniel Schwierzeck(gdb)  target remote localhost:1234
1583ed75b6fSDaniel SchwierzeckRemote debugging using localhost:1234
1593ed75b6fSDaniel Schwierzeck_start () at start.S:64
160*a187559eSBin Meng64		RVECENT(reset,0)	/* U-Boot entry point */
1613ed75b6fSDaniel SchwierzeckCurrent language:  auto; currently asm
1623ed75b6fSDaniel Schwierzeck(gdb)  b board.c:289
1633ed75b6fSDaniel SchwierzeckBreakpoint 1 at 0xbfc00cc8: file board.c, line 289.
1643ed75b6fSDaniel Schwierzeck(gdb) c
1653ed75b6fSDaniel SchwierzeckContinuing.
1663ed75b6fSDaniel Schwierzeck
1673ed75b6fSDaniel SchwierzeckBreakpoint 1, board_init_f (bootflag=<value optimized out>) at board.c:290
1683ed75b6fSDaniel Schwierzeck290		relocate_code (addr_sp, id, addr);
1693ed75b6fSDaniel SchwierzeckCurrent language:  auto; currently c
1703ed75b6fSDaniel Schwierzeck(gdb) p/x addr
1713ed75b6fSDaniel Schwierzeck$1 = 0x87fa0000
1723ed75b6fSDaniel Schwierzeck
1733ed75b6fSDaniel Schwierzeck2) Debugging of U-Boot After Relocation
1743ed75b6fSDaniel Schwierzeck
1753ed75b6fSDaniel SchwierzeckFor debugging U-Boot after relocation we need to know the address to which
1763ed75b6fSDaniel SchwierzeckU-Boot relocates itself to 0x87fa0000 by default.
1773ed75b6fSDaniel SchwierzeckAnd replace the symbol table to this offset.
1783ed75b6fSDaniel Schwierzeck
1793ed75b6fSDaniel Schwierzeck(gdb) symbol-file
1803ed75b6fSDaniel SchwierzeckDiscard symbol table from `/private/u-boot-arm/u-boot'? (y or n) y
1813ed75b6fSDaniel SchwierzeckError in re-setting breakpoint 1:
1823ed75b6fSDaniel SchwierzeckNo symbol table is loaded.  Use the "file" command.
1833ed75b6fSDaniel SchwierzeckNo symbol file now.
1843ed75b6fSDaniel Schwierzeck(gdb) add-symbol-file u-boot 0x87fa0000
1853ed75b6fSDaniel Schwierzeckadd symbol table from file "u-boot" at
1863ed75b6fSDaniel Schwierzeck	.text_addr = 0x87fa0000
1873ed75b6fSDaniel Schwierzeck(y or n) y
1883ed75b6fSDaniel SchwierzeckReading symbols from /private/u-boot-arm/u-boot...done.
1893ed75b6fSDaniel SchwierzeckBreakpoint 1 at 0x87fa0cc8: file board.c, line 289.
1903ed75b6fSDaniel Schwierzeck(gdb) c
1913ed75b6fSDaniel SchwierzeckContinuing.
1923ed75b6fSDaniel Schwierzeck
1933ed75b6fSDaniel SchwierzeckProgram received signal SIGINT, Interrupt.
1943ed75b6fSDaniel Schwierzeck0xffffffff87fa0de4 in udelay (usec=<value optimized out>) at time.c:78
1953ed75b6fSDaniel Schwierzeck78		while ((tmo - read_c0_count()) < 0x7fffffff)
196