Investigate Qemu MIPS Malta Serial Communication

On one of my task session, I want to explore whether Qemu’s MIPS Malta Serial Communication is functioning properly as it is said from their documentations. The emulator should properly shows the transmitted character to the emulated serial port.

To achieve the above goal, I’ve found small program called the barebone from http://www.linux-mips.org/wiki/Linux/MIPS_Porting_Guide. It is basically a program that transmit the hello world string to the designated serial port.

Since the emulator is emulating CBUS UART (a TI 16C550C) chipset, I have to revise the port base and offset address in according to the malta board specification.

The serial port for malta board is registered at 0x1F000900 physical address. In the application it the base register address should be revised to 0xBF000900, because the MIPS is using the virtual to physical address translation.

The register offset should to proper address also, for example the line control register which is used by the program should be revised to:

mips01

After compiling using make:

mips02

And test the result using parameters below:

mips03

The hello world string output should show in the file, but it did not.

I decided to perform detailed examination by debugging and I arrived at the callstack below:

mips04

The null_chr_write function is just an empty function which emulate the “null” state.

When I specify the parameter -serial file:mySerial.txt the emulator is trying to register the device by doing series of call sequences below (qemu-char.c) :

qmp_chardev_add
qmp_chardev_open_file
qemu_chr_open_win_file

At the end of the above sequence, the write function is initialized with the statement chr->chr_write = win_chr_write and the specified device is added to the chardevs list.

But why the emulator still call the null_chr_write instead of of win_chr_write ?

Here is the access path of the null_chr_write function:

MemoryRegion *mr
mr->opaque
SerialState *s = opaque
(CharDriverState*) s->chr

The MemoryRegion for serial interface is initialized at serial_mm_init with callstack sequence as follow:

mips05

The causes of a null_chr_write can be found by checking the call to malta_fpga_init which has the function prototype:

mips06

This function is used at mips_malta_init (mips_malta.c) by passing the serial_hds[2] as its fourth parameter. The serial_hds array value is also initialized at mips_malta_init as follows:

mips07

From the above routines, the emulator will automatically create the null character device when it is not found one. When I passed the -serial file:mySerial.txt, it will registered as “serial0” in the serial name description at serial_parse function (vl.c).

Based on the above clue, the proper parameters for serial output redirection for MIPS Malta emulator is:

mips08

Here’s the output in the mySerial.txt:

mips09

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: