Comment bug in locore.S?

Marius Nuennerich marius.nuennerich at gmx.de
Thu Sep 27 16:17:35 PDT 2007 

On Fri, 28 Sep 2007 01:25:53 +0200
Olivier Houchard <mlfbsd at ci0.org> wrote:

> On Thu, Sep 27, 2007 at 11:46:33PM +0200, Marius Nuennerich wrote:
> > On Fri, 28 Sep 2007 00:10:27 +0200
> > Olivier Houchard <mlfbsd at ci0.org> wrote:
> > 
> > > On Thu, Sep 27, 2007 at 11:13:31PM +0200, Marius Nuennerich wrote:
> > > > On Thu, 27 Sep 2007 23:41:41 +0200
> > > > Olivier Houchard <mlfbsd at ci0.org> wrote:
> > > > 
> > > > > On Thu, Sep 27, 2007 at 10:41:33PM +0200, Marius Nuennerich wrote:
> > > > > > On Thu, 27 Sep 2007 19:03:39 +0200
> > > > > > Olivier Houchard <mlfbsd at ci0.org> wrote:
> > > > > > 
> > > > > > > On Thu, Sep 27, 2007 at 05:18:22PM +0200, Marius Nuennerich wrote:
> > > > > > > > Hi all,
> > > > > > > > 
> > > > > > > 
> > > > > > > Hi Marius,
> > > > > > > 
> > > > > > > > I'm still trying to boot FreeBSD on the neo1973. So far I managed to
> > > > > > > > put bytes over the serial console so I can see where I am. At the
> > > > > > > > moment the (virtual) machine crashes in locore.S (1.16) line 170:
> > > > > > > > ldr pc, .Lvirt_done
> > > > > > > > 
> > > > > > > > qemu: fatal: Trying to execute code outside RAM or ROM at 0xc0008???
> > > > > > > > 
> > > > > > > > Which I don't understand because the section should be mapped by the
> > > > > > > > MMU to 0x30008??? at that time.
> > > > > > > > 
> > > > > > > > In line 137 the sequence in the comment is described as
> > > > > > > > /* # of sections, PA|attr, VA */
> > > > > > > > but in line 185 the order is
> > > > > > > > n_sec, VA, PA|attr
> > > > > > > > 
> > > > > > > > Is the comment wrong?
> > > > > > > > 
> > > > > > > 
> > > > > > > No the comment is right, 0xc0000000 should be mapped.
> > > > > > > Did you define STARTUP_PAGETABLE_ADDR ? It's not marked as such, but it is
> > > > > > > mandatory now.
> > > > > > 
> > > > > > Yes, in the kernel config there are these lines:
> > > > > > makeoptions     KERNPHYSADDR=0x30008000
> > > > > > makeoptions     KERNVIRTADDR=0xc0000000
> > > > > > options         KERNPHYSADDR=0x30008000
> > > > > > options         KERNVIRTADDR=0xc0000000
> > > > > > options         PHYSADDR=0x30000000
> > > > > > options         STARTUP_PAGETABLE_ADDR=0x30800000
> > > > > > 
> > > > > > It's from Andrew Turners config file which he posted on
> > > > > > http://wiki.openmoko.org/wiki/FreeBSD
> > > > > > in the tarball.
> > > > > > 
> > > > > 
> > > > > Hmmm, I really see no reason why the PA <=> PA mapping would work, but not
> > > > > the VA <=> PA one.
> > > > > I'll try to setup qemu. Can it provide useful informations about its 
> > > > > internal state, ie CPU registers, TLB, etc ?
> > > > 
> > > > Yes, it looks like this:
> > > > qemu: fatal: Trying to execute code outside RAM or ROM at 0xc0008030
> > > > 
> > > > R00=30800000 R01=c01afdb8 R02=c0000070 R03=00000000
> > > > R04=3000824c R05=3000808c R06=00000002 R07=30008050
> > > > R08=33f17fdc R09=00000000 R10=00000041 R11=50000020
> > > > R12=33f14934 R13=c019b140 R14=33f8b9e8 R15=c0008030
> > > > PSR=60000153 -ZC- A svc32
> > > 
> > > There's something I seriously miss. At this point, r2 should be 0 :
> > > 	ldmia	r1, {r1, r2, sp}	/* Set initial stack and */
> > > 	sub	r2, r2, r1		/* get zero init data */
> > > 	mov	r3, #0
> > > .L1:
> > > 	str	r3, [r1], #0x0004	/* get zero init data */
> > > 	subs	r2, r2, #4
> > > 	bgt	.L1
> > > 	ldr	pc, .Lvirt_done
> > > 
> > > And not 0xc0000070
> > > What are the values of _edata and _end ?
> > > If you've been able to do all those stores, the mapping should work anyway,
> > > I'm really confused.
> > 
> > I'm sorry, I just realized that it doesn't crash right there. My debug
> > ouput on serial line is ACDFFFGabcdeHIfA which indicates that it
> > does jump but to an address before line 110. I attach my modified
> > locore.S hopefully it won't get scrubbed.
> 
> Ah no wonder it explodes then, it goes back from the start, disables the MMU,
> and can't figure out where 0xc0000000 is.
> Now the big question is why it jumps there.
> I'd guess qemu can do single-stepping.
> Could you try to see which value it loads into pc ?

Hmmm, I tried attaching gdb to qemu. I can set breakpoints and it
breaks then, but I can't step single instructions, it shows the
registers with those weird i386 names and it seems it can't read an
arm kernel.symbols file :(
"kernel.symbols": can't read symbols: File format not recognized.

Anyone experience with this?

More information about the freebsd-arm mailing list