From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1KEbxi-0005LZ-DG for qemu-devel@nongnu.org; Thu, 03 Jul 2008 23:27:54 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1KEbxf-0005K7-LQ for qemu-devel@nongnu.org; Thu, 03 Jul 2008 23:27:54 -0400 Received: from [199.232.76.173] (port=33219 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1KEbxf-0005K0-DF for qemu-devel@nongnu.org; Thu, 03 Jul 2008 23:27:51 -0400 Received: from wsip-68-15-230-7.om.om.cox.net ([68.15.230.7]:59129 helo=hachi.dashjr.org) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1KEbxe-0005aZ-TU for qemu-devel@nongnu.org; Thu, 03 Jul 2008 23:27:51 -0400 Received: from yokochan.lan (yokochan.lan [IPv6:2002:440d:6de2:0:20d:60ff:fe77:7d85]) (Authenticated sender: luke-jr) by hachi.dashjr.org (Postfix) with ESMTP id B9D29961966 for ; Fri, 4 Jul 2008 03:27:47 +0000 (UTC) From: Luke -Jr Subject: Re: [Qemu-devel] MIPS emulation Date: Thu, 3 Jul 2008 22:27:34 -0500 References: <200806271350.40937.luke@dashjr.org> <200807032102.50356.luke@dashjr.org> <20080704024417.GP7007@networkno.de> In-Reply-To: <20080704024417.GP7007@networkno.de> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200807032227.37956.luke@dashjr.org> Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org On Thursday 03 July 2008, Thiemo Seufer wrote: > Luke -Jr wrote: > > On Saturday 28 June 2008, Thiemo Seufer wrote: > > > Luke -Jr wrote: > > > > On Friday 27 June 2008, Luke -Jr wrote: > > > > > Is it possible to just emulate a MIPS CPU without any kind of ELF > > > > > loader/BIOS/boot process, ideally letting me watch/debug the > > > > > instruction flow and registers? > > > > > > > > In particular, I get this log output when I try to boot a flash > > > > image: > > > > > > > > cpu_mips_handle_mmu_fault pc bfc00000 ad bfc00000 rw 2 mmu_idx 0 smmu > > > > 1 cpu_mips_handle_mmu_fault address=bfc00000 ret 0 physical 1fc00000 > > > > prot 3 do_raise_exception_err: 15 0 > > > > do_interrupt enter: PC bfc00000 EPC 00000000 instruction bus error > > > > exception do_interrupt: PC bfc00380 EPC bfc00000 cause 6 > > > > S 00400006 C 00000418 A 00000000 D 00000000 > > > > do_raise_exception_err: 15 0 > > > > do_interrupt enter: PC bfc00380 EPC bfc00000 instruction bus error > > > > exception do_interrupt: PC bfc00380 EPC bfc00000 cause 6 > > > > S 00400006 C 00000418 A 00000000 D 00000000 > > > > > > An "instruction bus error" means Qemu wasn't able to fetch an > > > instruction from address 0xbfc00000, which should correspond to the > > > very begin of your flash image. This looks like your Qemu build is > > > broken for some reason. Did you build with gcc4, per chance? > > > > Just tried and got this same thing with a vanilla checkout of trunk > > compiled with GCC 3.4.6... > > Well, the -pflash option works well enough for me to execute the first > instructions of a YAMON or redboot image. -pflash does appear to do a bit better! Strange that -mtdblock doesn't... wouldn't that be the most common interface? :/