blob: 1fdfbab67747a502fdda615767f8c87b8597bbcf [file] [log] [blame]
Vlad Lungu3987beb2008-05-05 14:20:03 +03001By Vlad Lungu vlad.lungu@windriver.com 2007-Oct-01
Vlad Lungu635e76c2008-01-16 19:27:51 +02002----------------------------------------
3Qemu is a full system emulator. See
4
Michal Simekd1b15cb2009-08-21 06:52:25 +10005http://www.nongnu.org/qemu/
Vlad Lungu635e76c2008-01-16 19:27:51 +02006
7Limitations & comments
8----------------------
Gabor Juhosff5c0802013-01-08 02:22:50 +00009Supports the "-M mips" configuration of qemu: serial,NE2000,IDE.
Daniel Schwierzeckedff5912013-01-08 17:51:11 +010010Supports little and big endian as well as 32 bit and 64 bit.
Vlad Lungu635e76c2008-01-16 19:27:51 +020011Derived from au1x00 with a lot of things cut out.
Vlad Lungu3987beb2008-05-05 14:20:03 +030012
13Supports emulated flash (patch Jean-Christophe PLAGNIOL-VILLARD) with
14recent qemu versions. When using emulated flash, launch with
15-pflash <filename> and erase mips_bios.bin.
Wolfgang Denke75d5632012-04-29 23:57:39 +000016
17
18
19Notes for the Qemu MIPS port
20----------------------------
21
22I) Example usage:
23
Daniel Schwierzeckedff5912013-01-08 17:51:11 +010024Using u-boot.bin as ROM (replaces Qemu monitor):
Wolfgang Denke75d5632012-04-29 23:57:39 +000025
Daniel Schwierzeckedff5912013-01-08 17:51:11 +01002632 bit, big endian:
27# make qemu_mips
28# qemu-system-mips -M mips -bios u-boot.bin -nographic
29
3032 bit, little endian:
31# make qemu_mipsel
32# qemu-system-mipsel -M mips -bios u-boot.bin -nographic
33
3464 bit, big endian:
35# make qemu_mips64
36# qemu-system-mips64 -cpu MIPS64R2-generic -M mips -bios u-boot.bin -nographic
37
3864 bit, little endian:
39# make qemu_mips64el
40# qemu-system-mips64el -cpu MIPS64R2-generic -M mips -bios u-boot.bin -nographic
41
42or using u-boot.bin from emulated flash:
Wolfgang Denke75d5632012-04-29 23:57:39 +000043
44if you use a qemu version after commit 4224
45
46create image:
47# dd of=flash bs=1k count=4k if=/dev/zero
48# dd of=flash bs=1k conv=notrunc if=u-boot.bin
Daniel Schwierzeckedff5912013-01-08 17:51:11 +010049start it (see above):
50# qemu-system-mips[64][el] [-cpu MIPS64R2-generic] -M mips -pflash flash -nographic
Wolfgang Denke75d5632012-04-29 23:57:39 +000051
522) Download kernel + initrd
53
54On ftp://ftp.denx.de/pub/contrib/Jean-Christophe_Plagniol-Villard/qemu_mips/
55you can downland
56
57#config to build the kernel
58qemu_mips_defconfig
59#patch to fix mips interrupt init on 2.6.24.y kernel
60qemu_mips_kernel.patch
61initrd.gz
62vmlinux
63vmlinux.bin
64System.map
65
664) Generate uImage
67
68# tools/mkimage -A mips -O linux -T kernel -C gzip -a 0x80010000 -e 0x80245650 -n "Linux 2.6.24.y" -d vmlinux.bin.gz uImage
69
705) Copy uImage to Flash
71# dd if=uImage bs=1k conv=notrunc seek=224 of=flash
72
736) Generate Ide Disk
74
75# dd of=ide bs=1k cout=100k if=/dev/zero
76
77# sfdisk -C 261 -d ide
78# partition table of ide
79unit: sectors
80
81 ide1 : start= 63, size= 32067, Id=83
82 ide2 : start= 32130, size= 32130, Id=83
83 ide3 : start= 64260, size= 4128705, Id=83
84 ide4 : start= 0, size= 0, Id= 0
85
867) Copy to ide
87
88# dd if=uImage bs=512 conv=notrunc seek=63 of=ide
89
908) Generate ext2 on part 2 on Copy uImage and initrd.gz
91
92# Attached as loop device ide offset = 32130 * 512
93# losetup -o 16450560 -f ide
94# Format as ext2 ( arg2 : nb blocks)
95# mke2fs /dev/loop0 16065
96# losetup -d /dev/loop0
97# Mount and copy uImage and initrd.gz to it
98# mount -o loop,offset=16450560 -t ext2 ide /mnt
99# mkdir /mnt/boot
100# cp {initrd.gz,uImage} /mnt/boot/
101# Umount it
102# umount /mnt
103
1049) Set Environment
105
106setenv rd_start 0x80800000
107setenv rd_size 2663940
108setenv kernel BFC38000
109setenv oad_addr 80500000
110setenv load_addr2 80F00000
111setenv kernel_flash BFC38000
112setenv load_addr_hello 80200000
113setenv bootargs 'root=/dev/ram0 init=/bin/sh'
114setenv load_rd_ext2 'ide res; ext2load ide 0:2 ${rd_start} /boot/initrd.gz'
115setenv load_rd_tftp 'tftp ${rd_start} /initrd.gz'
116setenv load_kernel_hda 'ide res; diskboot ${load_addr} 0:2'
117setenv load_kernel_ext2 'ide res; ext2load ide 0:2 ${load_addr} /boot/uImage'
118setenv load_kernel_tftp 'tftp ${load_addr} /qemu_mips/uImage'
119setenv boot_ext2_ext2 'run load_rd_ext2; run load_kernel_ext2; run addmisc; bootm ${load_addr}'
120setenv boot_ext2_flash 'run load_rd_ext2; run addmisc; bootm ${kernel_flash}'
121setenv boot_ext2_hda 'run load_rd_ext2; run load_kernel_hda; run addmisc; bootm ${load_addr}'
122setenv boot_ext2_tftp 'run load_rd_ext2; run load_kernel_tftp; run addmisc; bootm ${load_addr}'
123setenv boot_tftp_hda 'run load_rd_tftp; run load_kernel_hda; run addmisc; bootm ${load_addr}'
124setenv boot_tftp_ext2 'run load_rd_tftp; run load_kernel_ext2; run addmisc; bootm ${load_addr}'
125setenv boot_tftp_flash 'run load_rd_tftp; run addmisc; bootm ${kernel_flash}'
126setenv boot_tftp_tftp 'run load_rd_tftp; run load_kernel_tftp; run addmisc; bootm ${load_addr}'
127setenv load_hello_tftp 'tftp ${load_addr_hello} /examples/hello_world.bin'
128setenv go_tftp 'run load_hello_tftp; go ${load_addr_hello}'
129setenv addmisc 'setenv bootargs ${bootargs} console=ttyS0,${baudrate} rd_start=${rd_start} rd_size=${rd_size} ethaddr=${ethaddr}'
130setenv bootcmd 'run boot_tftp_flash'
131
13210) Now you can boot from flash, ide, ide+ext2 and tfp
133
134# qemu-system-mips -M mips -pflash flash -monitor null -nographic -net nic -net user -tftp `pwd` -hda ide
135
136II) How to debug U-Boot
137
138In order to debug U-Boot you need to start qemu with gdb server support (-s)
139and waiting the connection to start the CPU (-S)
140
141# qemu-system-mips -S -s -M mips -pflash flash -monitor null -nographic -net nic -net user -tftp `pwd` -hda ide
142
143in an other console you start gdb
144
1451) Debugging of U-Boot Before Relocation
146
147Before relocation, the addresses in the ELF file can be used without any problems
148by connecting to the gdb server localhost:1234
149
150# mipsel-unknown-linux-gnu-gdb u-boot
151GNU gdb 6.6
152Copyright (C) 2006 Free Software Foundation, Inc.
153GDB is free software, covered by the GNU General Public License, and you are
154welcome to change it and/or distribute copies of it under certain conditions.
155Type "show copying" to see the conditions.
156There is absolutely no warranty for GDB. Type "show warranty" for details.
157This GDB was configured as "--host=i486-linux-gnu --target=mipsel-unknown-linux-gnu"...
158(gdb) target remote localhost:1234
159Remote debugging using localhost:1234
160_start () at start.S:64
16164 RVECENT(reset,0) /* U-boot entry point */
162Current language: auto; currently asm
163(gdb) b board.c:289
164Breakpoint 1 at 0xbfc00cc8: file board.c, line 289.
165(gdb) c
166Continuing.
167
168Breakpoint 1, board_init_f (bootflag=<value optimized out>) at board.c:290
169290 relocate_code (addr_sp, id, addr);
170Current language: auto; currently c
171(gdb) p/x addr
172$1 = 0x87fa0000
173
1742) Debugging of U-Boot After Relocation
175
176For debugging U-Boot after relocation we need to know the address to which
177U-Boot relocates itself to 0x87fa0000 by default.
178And replace the symbol table to this offset.
179
180(gdb) symbol-file
181Discard symbol table from `/private/u-boot-arm/u-boot'? (y or n) y
182Error in re-setting breakpoint 1:
183No symbol table is loaded. Use the "file" command.
184No symbol file now.
185(gdb) add-symbol-file u-boot 0x87fa0000
186add symbol table from file "u-boot" at
187 .text_addr = 0x87fa0000
188(y or n) y
189Reading symbols from /private/u-boot-arm/u-boot...done.
190Breakpoint 1 at 0x87fa0cc8: file board.c, line 289.
191(gdb) c
192Continuing.
193
194Program received signal SIGINT, Interrupt.
1950xffffffff87fa0de4 in udelay (usec=<value optimized out>) at time.c:78
19678 while ((tmo - read_c0_count()) < 0x7fffffff)