[U-Boot] Fwd: Fwd: coreboot uboot qemu x86
Ajoy Das
dasajoy80 at gmail.com
Fri Jan 2 17:42:41 CET 2015
---------- Forwarded message ----------
From: Bin Meng <bmeng.cn at gmail.com>
Date: Fri, Jan 2, 2015 at 10:05 PM
Subject: Re: [U-Boot] Fwd: coreboot uboot qemu x86
To: Ajoy Das <dasajoy80 at gmail.com>
Cc: U-Boot Mailing List <u-boot at lists.denx.de>, Simon Glass <
sjg at chromium.org>
Hi Ajoy,
On Wed, Dec 31, 2014 at 1:28 PM, Ajoy Das <dasajoy80 at gmail.com> wrote:
> ---------- Forwarded message ----------
> From: Ajoy Das <dasajoy80 at gmail.com>
> Date: Wed, Dec 31, 2014 at 8:51 AM
> Subject: Fwd: [U-Boot] coreboot uboot qemu x86
> To: U-Boot Mailing List <u-boot at lists.denx.de>, Simon Glass <
> sjg at chromium.org>
>
>
>
> ---------- Forwarded message ----------
> From: Simon Glass <sjg at chromium.org>
> Date: Wed, Dec 31, 2014 at 2:13 AM
> Subject: Re: [U-Boot] coreboot uboot qemu x86
> To: Ajoy Das <dasajoy80 at gmail.com>
> Cc: U-Boot Mailing List <u-boot at lists.denx.de>
>
>
> Hi Ajoy,
>
> On 30 December 2014 at 12:44, Ajoy Das <dasajoy80 at gmail.com> wrote:
>>
>> ---------- Forwarded message ----------
>> From: Ajoy Das <dasajoy80 at gmail.com>
>> Date: Tue, Dec 30, 2014 at 1:40 PM
>> Subject: Re: [U-Boot] coreboot uboot qemu x86
>> To: U-Boot Mailing List <u-boot at lists.denx.de>
>>
>>
>> Hi Simon
>>
>> Can i do a gdb on u-boot startup on the coreboot environment.
>> means i want to stop at _start in uboot and connect to gdb.
>>
>> Thanks
>> Ajoy
>>
>> On Tue, Dec 30, 2014 at 11:15 AM, Ajoy Das <dasajoy80 at gmail.com> wrote:
>>>
>>> I tried changing the boot rom size to 2MB.
>>> But with no effect
>>>
>>> coreboot.rom: 2048 kB, bootblocksize 944, romsize 2097152, offset 0x0
>>> alignment: 64 bytes, architecture: x86
>>>
>>> Name Offset Type Size
>>> cmos_layout.bin 0x0 cmos_layout 1160
>>> fallback/romstage 0x4c0 stage 17960
>>> fallback/ramstage 0x4b40 stage 56190
>>> config 0x12700 raw 2990
>>> revision 0x13300 raw 692
>>> (empty) 0x13600 null 2016728
>>> HOSTCC cbfstool/rmodtool.o
>>>
>>> Thanks
>>> Ajoy
>>>
>>>
>>>
>>> On Tue, Dec 30, 2014 at 4:17 AM, Simon Glass <sjg at chromium.org> wrote:
>>>>
>>>> Hi Ajoy,
>>>>
>>>> > On Mon, Dec 29, 2014 at 9:28 PM, Simon Glass <sjg at chromium.org>
wrote:
>>>> >
>>>> >> Hi Ajoy,
>>>> >>
>>>> >>
>>>> >> > On Mon, Dec 29, 2014 at 7:36 PM, Simon Glass <sjg at chromium.org>
>>>> >> > wrote:
>>>> >> >>
>>>> >> >> Hi,
>>>> >> >>
>>>> >> >> On 28 December 2014 at 21:38, Ajoy Das <dasajoy80 at gmail.com>
> wrote:
>>>> >> >> > Hi
>>>> >> >> >
>>>> >> >> > Need Help
>>>> >> >> >
>>>> >> >> > I want to run U-BOOT as coreboot payload on QEMU platform
>>>> >> >> >
>>>> >> >> > I am on uboot-x86 git
>>>> >> >> >
>>>> >> >> > Compiled U-BOOT with make coreboot-x86_defconfig and make all
>>>> >> >> >
>>>> >> >> > Running qemu with
>>>> >> >> > qemu-system-i386 -bios ../coreboot/build/coreboot.rom -hda
>>>> >> >> > disk.img
>>>> >> >> > -nographic -m 1g
>>>> >> >> >
>>>> >> >> > But The system crashes with the following message
>>>> >> >> >
>>>> >> >> > qemu: fatal: Trying to execute code outside RAM or ROM at
>>>> >> >> > 0x5e2a36c2
>>>> >> >> >
>>>> >> >> > Loading Segment: addr: 0x0000000001110000 memsz:
>>>> >> >> > 0x00000000000588e8
>>>> >> >> > filesz:
>>>> >> >> > 0x00000000000252eb
>>>> >> >> > lb: [0x0000000000100000, 0x000000000012b030)
>>>> >> >> > Post relocation: addr: 0x0000000001110000 memsz:
>>>> >> >> > 0x00000000000588e8
>>>> >> >> > filesz:
>>>> >> >> > 0x00000000000252eb
>>>> >> >> > using LZMA
>>>> >> >> > [ 0x01110000, 011688e8, 0x011688e8) <- fffd2770
>>>> >> >> > dest 01110000, end 011688e8, bouncebuffer 3ff77000
>>>> >> >> > Loaded segments
>>>> >> >> > Jumping to boot code at 01110015
>>>> >> >> > CPU0: stack: 00126000 - 00127000, lowest used address 00126b8c,
>>>> >> >> > stack
>>>> >> >> > used:
>>>> >> >> > 1140 bytes
>>>> >> >> > entry = 0x01110015
>>>> >> >> > lb_start = 0x00100000
>>>> >> >> > lb_size = 0x0002b030
>>>> >> >> > buffer = 0x3ff77000
>>>> >> >> > qemu: fatal: Trying to execute code outside RAM or ROM at
>>>> >> >> > 0x5e2a36c2
>>>> >> >> >
>>>> >> >> > EAX=0000000a EBX=000186a0 ECX=01145d15 EDX=19203eb0
>>>> >> >> > ESI=00000000 EDI=00000000 EBP=01145f6c ESP=01145f54
>>>> >> >> > EIP=5e2a36c2 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0
HLT=0
>>>> >> >> > ES =0018 00000000 ffffffff 00cf9300 DPL=0 DS [-WA]
>>>> >> >> > CS =0010 00000000 ffffffff 00cf9b00 DPL=0 CS32 [-RA]
>>>> >> >> > SS =0018 00000000 ffffffff 00cf9300 DPL=0 DS [-WA]
>>>> >> >> > DS =0018 00000000 ffffffff 00cf9300 DPL=0 DS [-WA]
>>>> >> >> > FS =0020 19203f5c ffffffff 00cf9300 DPL=0 DS [-WA]
>>>> >> >> > GS =0018 00000000 ffffffff 00cf9300 DPL=0 DS [-WA]
>>>> >> >> > LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
>>>> >> >> > TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
>>>> >> >> > GDT= 19203e60 00000047
>>>> >> >> > IDT= 00000000 00000000
>>>> >> >> > CR0=60000033 CR2=00000000 CR3=00000000 CR4=00000000
>>>> >> >> > DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000
>>>> >> >> > DR6=ffff0ff0 DR7=00000400
>>>> >> >> > CCS=00000218 CCD=01145f50 CCO=ADDL
>>>> >> >> > EFER=0000000000000000
>>>> >> >> > FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
>>>> >> >> > FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
>>>> >> >> > FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
>>>> >> >> > FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
>>>> >> >> > FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
>>>> >> >> > XMM00=00000000000000000000000000000000
>>>> >> >> > XMM01=00000000000000000000000000000000
>>>> >> >> > XMM02=00000000000000000000000000000000
>>>> >> >> > XMM03=00000000000000000000000000000000
>>>> >> >> > XMM04=00000000000000000000000000000000
>>>> >> >> > XMM05=00000000000000000000000000000000
>>>> >> >> > XMM06=00000000000000000000000000000000
>>>> >> >> > XMM07=00000000000000000000000000000000
>>>> >> >> > Aborted (core dumped)
>>>> >> >> >
>>>> >> >> > qemu-system-i386 --version
>>>> >> >> > QEMU emulator version 1.0 (qemu-kvm-1.0), Copyright (c)
> 2003-2008
>>>> >> >> > Fabrice
>>>> >> >> > Bellard
>>>> >> >> >
>>>> >> >> > Is QEMU not supported for coreboot and u-boot
>>>> >> >>
>>>> >> >> I'm not sure it's been tried but there's no reason why it should
>>>> >> >> work.
>>>> >> >> It seems to be crashing in U-Boot before there is any serial
>>>> >> >> output.
>>>> >> >> Did you put u-boot-dtb.bin as the payload?
>>>>
>>>> >> On 29 December 2014 at 07:34, Ajoy Das <dasajoy80 at gmail.com> wrote:
>>>> >> > Hi Simon
>>>> >> >
>>>> >> > Thanks for your reply
>>>> >> >
>>>> >> > I have added u-boot ELF as the coreboot payload
>>>> >> >
>>>> >> > u-boot: ELF 32-bit LSB shared object, Intel 80386, version 1
> (SYSV),
>>>> >> > statically linked, not stripped.
>>>> >> >
>>>> >> > Got this link but its a year old.
>>>> >> > http://lists.denx.de/pipermail/u-boot/2013-July/159140.html
>>>> >> >
>>>> >> > Thanks
>>>> >> > Ajoy
>>>> >> >
>>>> >>
>>>> [snip]
>>>> >>
>>>> >> I suggest using cbfstool add-flat-binary -f u-boot-dtb.bin -n
>>>> >> fallback/payload -c lzma -l <text_base> -e <entry>
>>>> >>
>>>> >> For text_base use CONFIG_SYS_TEXT_BASE which is probably 1110000
>>>> >>
>>>> >> For entry use _start which is probably 1110015.
>>>> >>
>>>> >> Of course I'm not sure whether your problem is with Coreboot, U-Boot
>>>> >> or qemu, but we'll see.
>>>> >>
>>>> >> Also, please can you reply to the list with instructions when you
get
>>>> >> it working, or send a patch to doc/README.x86.
>>>>
>>>> PLEASE add your reply below mine, not above. I have gone to the
>>>> trouble of rearranging the thread for this email.
>>>>
>>>> Also leave me on Cc otherwise I might not see your reply.
>>>>
>>>> On 29 December 2014 at 14:31, Ajoy Das <dasajoy80 at gmail.com> wrote:
>>>> > Hi Simon
>>>> >
>>>> > I executed the commands mentioned above. But getting LZMA decode
error
>>>> > on
>>>> > coreboot
>>>> >
>>>> > coreboot.rom: 256 kB, bootblocksize 944, romsize 262144, offset 0x0
>>>> > alignment: 64 bytes, architecture: x86
>>>> >
>>>> > Name Offset Type Size
>>>> > cmos_layout.bin 0x0 cmos_layout 1160
>>>> > fallback/romstage 0x4c0 stage 17960
>>>> > fallback/ramstage 0x4b40 stage 56161
>>>> > config 0x12700 raw 2986
>>>> > revision 0x13300 raw 692
>>>> > (empty) 0x13600 null 181720
>>>> >
>>>> >
>>>> >
>>>> > ./cbfstool ../../coreboot.rom add-flat-binary
>>>> > -v
>>>> > -f /home/ajoy/CISCO-2/uboot/u-boot/u-boot-dtb.bin
>>>> > -n fallback/payload
>>>> > -c lzma
>>>> > -l 01110000
>>>> > -e 1110015
>>>> >
>>>> > fallback/payload 0x13600 payload 173965
>>>> > code (LZMA compression, offset: 0x38, load: 0x49000, length:
>>>> > 173909/391062)
>>>> > entry (0x10efff)
>>>> > (empty) 0x3de00 null 7640
>>>> >
>>>> >
>>>> > Wrote coreboot table at: 3ffce000, 0x154 bytes, checksum 8ea6
>>>> > coreboot table: 364 bytes.
>>>> > CBMEM ROOT 0. 3ffff000 00001000
>>>> > CAR GLOBALS 1. 3fffe000 00001000
>>>> > ROMSTAGE 2. 3fffd000 00001000
>>>> > GDT 3. 3fffc000 00001000
>>>> > IRQ TABLE 4. 3fffb000 00001000
>>>> > ACPI 5. 3ffd7000 00024000
>>>> > SMBIOS 6. 3ffd6000 00001000
>>>> > COREBOOT 7. 3ffce000 00008000
>>>> > CBFS: located payload @ fffd3638, 173965 bytes.
>>>> > Loading segment from rom address 0xfffd3638
>>>> > code (compression=1)
>>>> > New segment dstaddr 0x49000 memsize 0x5f796 srcaddr 0xfffd3670
>>>> > filesize
>>>> > 0x2a755
>>>> > (cleaned up) New segment addr 0x49000 size 0x5f796 offset
0xfffd3670
>>>> > filesize 0x2a755
>>>> > Loading segment from rom address 0xfffd3654
>>>> > Entry Point 0x0010efff
>>>> > Payload being loaded below 1MiB without region being marked as RAM
>>>> > usable.
>>>> > Bounce Buffer at 3ff77000, 352352 bytes
>>>> > Loading Segment: addr: 0x0000000000049000 memsz: 0x000000000005f796
>>>> > filesz:
>>>> > 0x000000000002a755
>>>> > lb: [0x0000000000100000, 0x000000000012b030)
>>>> > Post relocation: addr: 0x0000000000049000 memsz: 0x000000000005f796
>>>> > filesz:
>>>> > 0x000000000002a755
>>>> > using LZMA
>>>> > lzma: Decoding error = 1
>>>> > Could not load payload
>>>>
>>>> Do you really have a 256KB ROM? That seems much too small to hold
>>>> Coreboot and U-Boot. It looks like U-Boot alone is 173KB.
>>>>
>>>> Regards,
>>>> Simon
>>
>>
>> Hi Simon
>>
>> I have build tested the same by increasing the ROM size to 2MB but with
no
>> effect.
>> Can I stop (using GDB) at the U-BOOT startup code after the control is
>> transferred from coreboot to u-boot
>>
>> Any other suggestion
>
> If you are seeing an LZMA decoding error then I doubt that U-Boot is
> actually running, since it failed to load. Have you managed to fix
> that error?
>
> Regards,
> Simon
>
>
> Hi simon
>
> No I have not fixed the LZMA error.
> But I was thinking of the payload as u-boot.elf.
> Is u-boot.elf is not the correct payload.
>
> Thanks
>
> Ajoy
>
> Hi Simon
>
> I figured out the reason for the crash (u-boot.elf as the coreboot
payload)
> In uboot it is hitting this function and the panic statement is causing
the
> crash
>
> u64 __attribute__((no_instrument_function)) get_ticks(void)
> {
> u64 now_tick = rdtsc();
>
> /* We assume that 0 means the base hasn't been set yet */
> if (!gd->arch.tsc_base)
> panic("No tick base available");
> return now_tick - gd->arch.tsc_base;
> }
>
> Let me investigate it further.
> If you have any inputs pleas let me know
>
> Thanks
> Ajoy
>
Looks like there are two places which are causing the qemu emulation
hang. The first one is as you mentioned the gd->arch.tsc_base is not
initialized to a non-zero value. I have a patch to fix this in U-Boot
coreboot support codes. This can make the qemu go a little bit further
to mark_bootstage(), but it still hangs in the get_tbclk_mhz() which
uses PIT and do the TSC frequency calibration. It seems that qemu
cannot support this hardware specific calibration method. I can send a
patch to use a pre-defined Kconfig option to bypass the calibration.
With the two fixes, the qemu boots to U-Boot shell. Log below.
Jumping to boot code at 01110015
CPU0: stack: 00127000 - 00128000, lowest used address 00127b1c, stack
used: 1252 bytes
entry = 0x01110015
lb_start = 0x00100000
lb_size = 0x0002c030
buffer = 0x1ff74000
U-Boot 2015.01-rc4-17820-g125738e-dirty (Jan 03 2015 - 00:27:58)
CPU: x86, vendor Intel, device 663h
DRAM: 511.7 MiB
trace: copying 000a0928 bytes of early data from 1400000 to 1efcd000
trace: enabled
SPI: ICH SPI: Cannot find device
ready
Using default environment
Video: No video mode configured in coreboot!
Model: Google Link
SCSI: Error: SCSI Controller(s) 8086:27C1 8086:1C03 8086:1C02
8086:1E03 not found
Net: No ethernet found.
Hit any key to stop autoboot: 0
=>
Regards,
Bin
Hi Bin
I changed the those timer functions into simple for loop and the U-BOOT
init went forward but again it crashed in serial init
what is the command your are invoking qemu with.
And also if possible can you give me both the patches .
Thanks
Ajoy
More information about the U-Boot
mailing list