Date: Fri, 28 Sep 2007 02:13:03 +0200 From: Olivier Houchard <mlfbsd@ci0.org> To: Marius Nuennerich <marius.nuennerich@gmx.de> Cc: freebsd-arm@freebsd.org Subject: Re: Comment bug in locore.S? Message-ID: <20070928001303.GA18335@ci0.org> In-Reply-To: <20070928011740.01026dcd@sol.hackerzberg.local> References: <20070927171822.0bdec7d9@sol.hackerzberg.local> <20070927170339.GA11021@ci0.org> <20070927224133.5fc9b24f@sol.hackerzberg.local> <20070927214141.GB15654@ci0.org> <20070927231331.5d22bf4a@sol.hackerzberg.local> <20070927221027.GA16476@ci0.org> <20070927234633.50c1789d@sol.hackerzberg.local> <20070927232553.GA17068@ci0.org> <20070928011740.01026dcd@sol.hackerzberg.local>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Sep 28, 2007 at 01:17:40AM +0200, Marius Nuennerich wrote: > On Fri, 28 Sep 2007 01:25:53 +0200 > Olivier Houchard <mlfbsd@ci0.org> wrote: > > > On Thu, Sep 27, 2007 at 11:46:33PM +0200, Marius Nuennerich wrote: > > > On Fri, 28 Sep 2007 00:10:27 +0200 > > > Olivier Houchard <mlfbsd@ci0.org> wrote: > > > > > > > On Thu, Sep 27, 2007 at 11:13:31PM +0200, Marius Nuennerich wrote: > > > > > On Thu, 27 Sep 2007 23:41:41 +0200 > > > > > Olivier Houchard <mlfbsd@ci0.org> wrote: > > > > > > > > > > > On Thu, Sep 27, 2007 at 10:41:33PM +0200, Marius Nuennerich wrote: > > > > > > > On Thu, 27 Sep 2007 19:03:39 +0200 > > > > > > > Olivier Houchard <mlfbsd@ci0.org> wrote: > > > > > > > > > > > > > > > On Thu, Sep 27, 2007 at 05:18:22PM +0200, Marius Nuennerich wrote: > > > > > > > > > Hi all, > > > > > > > > > > > > > > > > > > > > > > > > > Hi Marius, > > > > > > > > > > > > > > > > > I'm still trying to boot FreeBSD on the neo1973. So far I managed to > > > > > > > > > put bytes over the serial console so I can see where I am. At the > > > > > > > > > moment the (virtual) machine crashes in locore.S (1.16) line 170: > > > > > > > > > ldr pc, .Lvirt_done > > > > > > > > > > > > > > > > > > qemu: fatal: Trying to execute code outside RAM or ROM at 0xc0008??? > > > > > > > > > > > > > > > > > > Which I don't understand because the section should be mapped by the > > > > > > > > > MMU to 0x30008??? at that time. > > > > > > > > > > > > > > > > > > In line 137 the sequence in the comment is described as > > > > > > > > > /* # of sections, PA|attr, VA */ > > > > > > > > > but in line 185 the order is > > > > > > > > > n_sec, VA, PA|attr > > > > > > > > > > > > > > > > > > Is the comment wrong? > > > > > > > > > > > > > > > > > > > > > > > > > No the comment is right, 0xc0000000 should be mapped. > > > > > > > > Did you define STARTUP_PAGETABLE_ADDR ? It's not marked as such, but it is > > > > > > > > mandatory now. > > > > > > > > > > > > > > Yes, in the kernel config there are these lines: > > > > > > > makeoptions KERNPHYSADDR=0x30008000 > > > > > > > makeoptions KERNVIRTADDR=0xc0000000 > > > > > > > options KERNPHYSADDR=0x30008000 > > > > > > > options KERNVIRTADDR=0xc0000000 > > > > > > > options PHYSADDR=0x30000000 > > > > > > > options STARTUP_PAGETABLE_ADDR=0x30800000 > > > > > > > > > > > > > > It's from Andrew Turners config file which he posted on > > > > > > > http://wiki.openmoko.org/wiki/FreeBSD > > > > > > > in the tarball. > > > > > > > > > > > > > > > > > > > Hmmm, I really see no reason why the PA <=> PA mapping would work, but not > > > > > > the VA <=> PA one. > > > > > > I'll try to setup qemu. Can it provide useful informations about its > > > > > > internal state, ie CPU registers, TLB, etc ? > > > > > > > > > > Yes, it looks like this: > > > > > qemu: fatal: Trying to execute code outside RAM or ROM at 0xc0008030 > > > > > > > > > > R00=30800000 R01=c01afdb8 R02=c0000070 R03=00000000 > > > > > R04=3000824c R05=3000808c R06=00000002 R07=30008050 > > > > > R08=33f17fdc R09=00000000 R10=00000041 R11=50000020 > > > > > R12=33f14934 R13=c019b140 R14=33f8b9e8 R15=c0008030 > > > > > PSR=60000153 -ZC- A svc32 > > > > > > > > There's something I seriously miss. At this point, r2 should be 0 : > > > > ldmia r1, {r1, r2, sp} /* Set initial stack and */ > > > > sub r2, r2, r1 /* get zero init data */ > > > > mov r3, #0 > > > > .L1: > > > > str r3, [r1], #0x0004 /* get zero init data */ > > > > subs r2, r2, #4 > > > > bgt .L1 > > > > ldr pc, .Lvirt_done > > > > > > > > And not 0xc0000070 > > > > What are the values of _edata and _end ? > > > > If you've been able to do all those stores, the mapping should work anyway, > > > > I'm really confused. > > > > > > I'm sorry, I just realized that it doesn't crash right there. My debug > > > ouput on serial line is ACDFFFGabcdeHIfA which indicates that it > > > does jump but to an address before line 110. I attach my modified > > > locore.S hopefully it won't get scrubbed. > > > > Ah no wonder it explodes then, it goes back from the start, disables the MMU, > > and can't figure out where 0xc0000000 is. > > Now the big question is why it jumps there. > > I'd guess qemu can do single-stepping. > > Could you try to see which value it loads into pc ? > > Hmmm, I tried attaching gdb to qemu. I can set breakpoints and it > breaks then, but I can't step single instructions, it shows the > registers with those weird i386 names and it seems it can't read an > arm kernel.symbols file :( > "kernel.symbols": can't read symbols: File format not recognized. > > Anyone experience with this? It's worth a try with a cross-gdb. To build it, you'll need a few libs from binutils, don't remember which, you can just build the whole thing with cd /usr/src/gnu/usr.bin/binutils && make TARGET_ARCH=arm depend all then cd /usr/src/gnu/usr.bin/gdb && make TARGET_ARCH=arm depend all It should pickup the binutils libs by itself, and you should end up with a cross-gdb in /usr/src/gnu/usr.bin/gdb/gdb Regards, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070928001303.GA18335>