Qemu
m (→QEMU support status regarding hppa/parisc) |
m (→QEMU status overview) |
||
Line 20: | Line 20: | ||
== QEMU status overview == | == QEMU status overview == | ||
− | + | Please run at least QEMU version 7.1.0 (or higher). | |
− | + | Earlier versions had various bugs which are fixed in v7.1.0. | |
== QEMU runtime options == | == QEMU runtime options == |
Revision as of 20:19, 7 October 2022
QEMU support status regarding hppa/parisc
Since QEMU version 2.12 (April 2018), qemu fully supports 32-bit hppa user emulation (hppa-linux-user) and 32-bit hppa system emulation (qemu-system-hppa). All necessary changes have been merged into the upstream qemu git tree.
PA-RISC machines need a firmware ("PDC" = Processor Dependend Code). Qemu comes with a precompiled PDC firmware for hppa (pc-bios/hppa-firmware.img), which is based on a fork of SeaBIOS .
The emulated machine is a HP B160L desktop machine, with one or more 32-bit PA7100LC CPUs.
The QEMU emulation is able to run Linux and HP-UX.
QEMU on parisc has been developed by:
- Richard Henderson: QEMU CPU emulation (32-bit only), QEMU hardware divers
- Helge Deller: QEMU hardware drivers, SeaBIOS PDC firmware
- Sven Schnelle: Lots of fixes all over QEMU and SeaBIOS (SCSI, CPU emulation fixes, SeaBIOS PDC firmware)
QEMU on parisc might be further developed (by paid contract) via:
- Mark Cave-Ayland: offers paid contract work
QEMU status overview
Please run at least QEMU version 7.1.0 (or higher). Earlier versions had various bugs which are fixed in v7.1.0.
QEMU runtime options
Standard qemu options:
- -m 1G - tell machine to have 1G of memory
- -accel tcg,thread=multi - always use this to enable parallel tcg (otherwise all guest CPUs run on one host CPU)
- -smp cpus=4 - define number of CPUs in the guest (maximum CPUs: 32)
- -boot menu=on - Firmware: enable interactive mode (same as "BOOT PRI IPL")
- -boot order=c - Firmware: Boot from first hard disc
- -boot order=d - Firmware: Boot from first CD/DVD
- -boot order=g-m - Firmware: Boot from SCSI ID0 ("g"), SCSI ID1 ("h"), ... SCSI ID7 ("m")
- -serial mon:stdio - multiplex serial console to stdout
- -nographic - disable artist graphic card emulation, so no graphics output
- -display sdl - if you need graphics you should prefer SDL display output. Much faster than GTK (which is the default).
- -vnc :1 - start graphics output on VNC output, connect to hostname:1 with any VNC viewer
Qemu standard debugging options:
- -d item[,...] QEMU_LOG e.g in_asm,out_asm enable logging of specified items (use '-d help' for a list of items)
- -dfilter range[,...] QEMU_DFILTER filter logging based on address range
HPPA specific qemu options:
- -global artist.width=800
- -global artist.height=600 set Artist graphic card to 800x600 pixel
- -fw_cfg opt/pdc_debug,string=255 enable all firmware debug infos (1: show PDC calls, 2: show IODC calls)
- -fw_cfg opt/hostid,string=334455 set the hostid to 334455 (instead of the default value 2006243326). Visible in Linux in /proc/cpuinfo, and with "uname -i" in HP/UX
- -fw_cfg opt/console,string=[serial | graphics] set default firmware output method to serial or graphics console. When selecting serial, you need to add e.g. "-serial mon:stdio" too.
- -fw_cfg opt/font,string=[1-4] select default graphics font: HP 8x16 (#1), HP 6x13 (#2), HP 10x20 (#3) or Linux 16x32 (#4)
While running you can press
- ctrl-A + X to exit qemu.
- ctrl-A + C + ENTER when started with "-serial mon:stdio", the serial port and the QEMU debug port are multiplexed and you can switch between them with this key combination.
- ctrl-Alt + F switch to fullscreen when using SDL output
- execute "NMI" in qemu monitor (ctrl-A + C) to trigger HPPA TOC (transfer-of-control = Reset) button switch
Examples on how to start the emulator
- qemu-system-hppa -snapshot -m 512 -device lsi,id=scsi0 -device scsi-hd,drive=drive0,bus=scsi0.0,channel=0,scsi-id=5,lun=0,bootindex=2 -drive file=hdd5.img,if=none,id=drive0 -device scsi-hd,drive=drive1,bus=scsi0.0,channel=0,scsi-id=6,lun=0,bootindex=1 -drive file=hdd2img,if=none,id=drive1 -accel tcg,thread=multi -serial mon:stdio
- qemu-system-hppa -drive file=hdd.img -nographic -serial mon:stdio -accel tcg,thread=multi -smp cpus=2 -drive file=hdd2-.img -boot menu=on -boot order=h
- qemu-system-hppa -boot d -m 512 -drive file=disk.img,format=qcow2 -netdev tap,id=nic1,script=/etc/qemu-ifup -cdrom /opt/iso/HPUX_10.20.iso -device tulip,netdev=nic1,mac=01:00:11:00:00:02 -serial telnet:0.0.0.0:8001,server,nowait -monitor stdio -nographic
- qemu-system-hppa -drive file=../qemu-images/hdd.img -kernel vmlinux -append "root=/dev/sda5 cryptomgr.notests panic=-1" -serial mon:stdio -nographic -accel tcg,thread=multi -smp cpus=3 -netdev bridge,id=hn0,br=virbr0,helper=./qemu-bridge-helper -device tulip,netdev=hn0,id=nic1
QEMU special emulated assembler statements
The emulated guest may use specific asssembler statements to control the qemu emulator:
- .word 0xfffdead0 -- immediately halt the emulator, similiar to turning the machine off
- .word 0xfffdead1 -- reset machine
- .word 0xfffdead2 -- restore original (pre-interrupt) values back into shadow registers, used by SeaBIOS when executing NMI instruction in qemu
- or %r10,%r10,%r10 -- idle loop; wait for interrupt
- or %r31,%r31,%r31 -- death loop; offline cpu (currently implemented for idle loop).
How to build QEMU from source
Check out the qemu git tree
Run configure, e.g.
- (for system emulation) ./configure --target-list=hppa-softmmu --enable-numa
- (for user emulation) ./configure --target-list=hppa-linux-user --disable-stack-protector --prefix=/home/qemu-hppa/chroot-unstable --interp-prefix=/home/qemu-hppa/chroot-unstable --static
Run "make"
Emulation guest targets
- Linux (Debian, Gentoo)
- HP-UX, versions 9.x up to 11.11
- NetBSD, >= 8.0
- NextSTEP
- OSF/MkLinux
Linux
- Linux kernel >= 4.14 runs best, with initial optimizations added for kernels >= 4.9.
- Prefer the Tulip NIC, then e1000 over the rtl8129 card. The latter gives irq issues with Dino emulation.
- If you try to boot older Linux install CDs (Debian-5, Debian-8, Debian-9), you may need to start qemu with "-boot menu=on", and then change the kernel console option to "console=ttyS0" (serial port) instead of "console=tty0" (terminal). Then switch in GUI to the "serial0" device to see console. Alternatively start without graphical console, e.g. with "-nographic"-
Ready-to-run Debian Linux QEMU images for parisc
Download Debian hard disc image:
wget http://dellerweb.de/qemu/debian-11-hdd.img.bz2
or
wget http://dellerweb.de/qemu/debian-10-hdd.img.bz2
Unzip image:
bunzip2 debian-11-hdd.img.bz2
Run qemu:
qemu-system-hppa -drive file=debian-11-hdd.img -nographic -serial mon:stdio -accel tcg,thread=multi -smp cpus=4
Log in as root, root password is "rootme"
How to run QEMU with Debian-10 installer image
- Create a virtual hard disc once:
qemu-img create -f qcow2 hdd.img 50G
- download a Linux install image, e.g.
- Start emulator with the installer image once:
qemu-system-hppa -drive file=hdd.img -drive file=debian-11.0.0-hppa-NETINST-1.iso,media=cdrom -boot order=d -accel tcg,thread=multi -smp cpus=4 -serial mon:stdio -nographic
- Choose typical installation options, the defaults are OK.
- Shut down virtual machine after installation
- Start emulator with installed operating system any time:
qemu-system-hppa -drive file=hdd.img -nographic -serial mon:stdio -accel tcg,thread=multi -smp cpus=4
Gentoo Linux
- From https://www.gentoo.org/downloads/#hppa download the Minimal installation CD or the hppa32 netboot image (lif file)
- Start qemu with "-cdrom <isofile>", or the lif file with "-drive file=<lif-file>", e.g.
qemu-system-hppa -drive file=gentoo-2020-hppa-netboot.lif -accel tcg,thread=multi -smp cpus=2 -nographic
HP-UX
- NOTE: Please keep the default screen resolution of 1280x1024 pixels. HP-UX may crash if you increase the width, or in graphical environment (with dtwm) the mouse won't be able to reach any line >= 1146 pxels.
- You probably won't be able to boot an original HP-UX installed hard disc image coming from a physical machine other than a B160L. The reason is, that the HP-UX kernel from the other machine has drivers built-in and won't recognize the SCSI and network in the emulated virtual machine.
- LASI NIC emulation and NCR 710 emulation is needed in order to be able to boot older HP-UX releases.
- Astrobaby wrote about his test results.
- Hints:
- The "INTERRUPT KEY" mentioned sometimes by HP-UX can be emulated with the "Ctrl-\" key combination
- In case you lost the HP-UX root password, boot at ISL 'hpux -is' and then give a new password with running "passwd" (you need to use the "-boot menu=on" qemu option)
- When booting HP-UX may show strange characters instead of brackets - just delete the file /etc/kbdlang, reboot and choose PS2_DIN_US language
- How to start X11, CDE or dtwm
- CDE Login: init 4
- CDE desktop: start "xinit", then "/usr/dt/bin/dtsession"
- X11: startx
- dtwm Window Manager: start "xinit", then run "/usr/dt/bin/dtwm".
- How to run full filesystem check: fsck -F vxfs -y -o full
- File downloads see https://archive.org/download/hpunix/
HP-UX 9 is the first HP-UX release which does support the PA-RISC CPU. HP-UX 9.05 fails when booting the install CD: (reported 2021/05/18)
Stored message buffer up to panic: Floating point coprocessor configured and enabled. No BTLB entries found for processor 0 Unsupported module type 0x7 found System Panic: B2352A HP-UX (A.09.05) #2: Tue Oct 18 15:46:14 PDT 1994 panic: (display==0xbc00, flags==0x0) Unable to initialize msus structure PC-Offset Stack Trace (read across, most recent is 1st): 0x000ec6f8 0x000d7e3c 0x00081e5c 0x000254c0 End Of Stack dumping 0 bytes to dev 0xffffffff, offset 0 ... Dump failed, returning 5.
according to this document "msus" means "mass storage unit specifier" and "msvs" means "mass storage volume specifier" while the msvs is sometimes called an "msus". I assume HP-UX 9.05 doesn't know how to handle the emulated SCSI PCI card and thus can't access the disc. Remember, a B160L is different to a HP700, and a HP700 had a built-in LASI700 (NCR700) SCSI controller.
NetBSD
Relevant NetBSD/hppa links:
- Daily install images: https://nycdn.netbsd.org/pub/NetBSD-daily/netbsd-9/latest/images/
- Install images: https://cdn.netbsd.org/pub/NetBSD/install-images/
- Generic NetBSD/hppa info: http://wiki.netbsd.org/ports/hppa/
- How to install NetBSD with qemu: http://wiki.netbsd.org/ports/hppa/qemu_hppa/
Please note that at least NetBSD-8 required. NetBSD-7 doesn't work, since the NetBSD kernel trap handler code complains about the stack pointer in the trap frame. Reported error is:
insanity: 'tf->tf_sp >= minsp && tf->tf_sp < maxsp' at trap:556 type 0xf tf 0xe00040 lwp 0xe38140 sp 0xa0 pc 0x200240
(info by Nick Hudson <nick.hudson@gmx.co.uk>)
OSF/MkLinux
Download at ftp://ftp.cirr.com/pub/hppa/mklinux/ The file root_ext2_g.dd.bin.gz doesn't cleanly decompress.. so I did a gzip -dc into root_ext2_g.dd.bin.
MkLinux sources: https://github.com/slp/osfmk-mklinux
qemu-system-hppa -boot c -drive if=scsi,bus=0,index=3,file=root_ext2_g.dd.bin,format=raw \ -serial mon:stdio -nographic -m 128
It boots, but fails during device detection because Qemu currently emulates a B160, while MkLinux expects a HP700. So it fails to see the LASI chip below the GSC bridge.
NVM bootdata Bad Checksum (0) OSF Mach boot : /mach text (0x95618) at 0x11000 data (0x48594) at 0xa8000 Mach 3.0 VERSION(PMK1.1): cb <pmk1_1>; Wed Nov 26 17:20:37 MET 1997; mach_kernel/PRODUCTION (cameleon) HP9000/ unknown machine type 0x502 good luck :-) , 0K Icache, 0K Dcache, 256 entry shared TLB) Warning: unsupported module at ffc00000 (type:7 svers:0 hvers:50) Stack Trace (depth=1): 0x00084d68 End of Stack
(info by Jason Stevens <neozeed@gmail.com>)
Future QEMU work
Possible enhancements:
- Add Dino/Lasi serial port
- Harmony sound card in Lasi
- Does HP-UX has some kind of "sleep" assembler instruction in it's idle loop which can be used to lower qemu power consumption?
- Fix virtio-drivers in SeaBIOS (endianess-bugs, because SeaBIOS is originally only Little-endian from x86)
- More correct emulation of B160L in Qemu
- Emulate a 712 and/or j5000/c3000 machine
- Emulate built-in LASI SCI controller instead of PCI SCSI add-on card
- Elroy PCI emulation, then emulate e.g. a C3000?
- PA2.0/64bit (low prio)
List of QEmu important patches
- target/hppa: Allow, but diagnose, LDCW aligned only mod 4 - prevents crash with unaligned LDCW instruction. Missing in qemu v4.2.1, see: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964805
- target/hppa: Free some temps in do_sub - fixes https://bugs.launchpad.net/qemu/+bug/1880287
- target/hppa: Fix atomic_store_3 for STBY