Unable to run run-time loaded code on ZedBoard
Chris Johns
chrisj at rtems.org
Mon Oct 19 04:08:46 UTC 2015
On 19/10/2015 9:00 am, Patrick Gauvin wrote:
> Hello,
>
> Object code seems to be loaded properly (dlload) and symbols resolved
> correctly (dlsym), but when the resolved symbol is called,
> instructions don't do what they're supposed to, and usually the board
> crashes soon after. This behavior is seen on the xilinx_zynq_zedboard
> BSP, but the code behaves as expected on the xilinx_zynq_a9_qemu BSP.
> I am using the 4.11 branch of RTEMS. I have a feeling it might have to
> do with the MPU, but I figured before I continue debugging it would be
> worth posting here to see if anyone has seen this before or has ideas.
> Any input is appreciated.
Simple question first. Was the load flagged as having unresolved externals?
The interdependence that can exist between modules means externals can
be resolved after other modules load.
> The following is from a GDB session attached to a ZedBoard running
> testsuites/libtests/dl01
> (https://github.com/RTEMS/rtems/tree/4.11/testsuites/libtests/dl01)
> program, with comments. 0x2138f8 is the start of the loaded function.
> Adding 1 to the address is just to make GDB disassemble as THUMB code.
> The function being called is "rtems_main" at line 54 of dl-load.c.
> dl-o1.c contains the definition of "rtems_main", I've provided its
> disassembly at the end of the email.
>
> 0x002138f8 in bsp_section_work_begin ()
> 15: /x $lr = 0x104691
> 14: /x $sp = 0x208a80
> 13: /x $r7 = 0x208a80
> 9: /x $r2 = 0x0
> 7: /x $r1 = 0x201494
> 6: /x $r0 = 0x2
> (gdb) disas $pc+1,$pc+88
> Dump of assembler code from 0x2138f9 to 0x213950:
> 0x002138f9: push {r7, lr}
> 0x002138fb: sub sp, #16
> 0x002138fd: add r7, sp, #0
> 0x002138ff: str r0, [r7, #4]
> 0x00213901: str r1, [r7, #0]
> 0x00213903: movw r0, #14688 ; 0x3960
> 0x00213907: movt r0, #33 ; 0x21
> 0x0021390b: ldr r1, [r7, #4]
> 0x0021390d: movw r2, #14720 ; 0x3980
> 0x00213911: movt r2, #33 ; 0x21
> 0x00213915: bl 0x119528 <printf>
> 0x00213919: movs r3, #0
> 0x0021391b: str r3, [r7, #12]
> 0x0021391d: b.n 0x21393e
> 0x0021391f: ldr r3, [r7, #12]
> 0x00213921: lsls r3, r3, #2
> 0x00213923: ldr r2, [r7, #0]
> 0x00213925: add r3, r2
> 0x00213927: ldr r3, [r3, #0]
> 0x00213929: movw r0, #14728 ; 0x3988
> 0x0021392d: movt r0, #33 ; 0x21
> 0x00213931: ldr r1, [r7, #12]
> 0x00213933: mov r2, r3
> 0x00213935: bl 0x119528 <printf>
Is this the correct address? Is this the address in the base image?
I assume the base image and the o are built the same so should the
bottom bit of the address be set for thumb mode? It has been a long time
since looked at the specific detail.
If you disassemble a piece of code in the base image that calls printf
what instruction do you see?
Note, ARM veneers is an outstanding task I need to complete.
Chris
> 0x00213939: ldr r3, [r7, #12]
> 0x0021393b: adds r3, #1
> 0x0021393d: str r3, [r7, #12]
> 0x0021393f: ldr r2, [r7, #12]
> 0x00213941: ldr r3, [r7, #4]
> 0x00213943: cmp r2, r3
> 0x00213945: blt.n 0x21391e
> 0x00213947: ldr r3, [r7, #4]
> 0x00213949: mov r0, r3
> 0x0021394b: adds r7, #16
> 0x0021394d: mov sp, r7
> 0x0021394f: pop {r7, pc}
> End of assembler dump.
> (gdb) si
> 0x002138fa in bsp_section_work_begin ()
> 15: /x $lr = 0x104691
> 14: /x $sp = 0x208a80 # EXPECTED: 0x208a78
> 13: /x $r7 = 0x208a80
> 9: /x $r2 = 0x0
> 7: /x $r1 = 0x201494
> 6: /x $r0 = 0x2
> (gdb)
> 0x002138fc in bsp_section_work_begin ()
> 15: /x $lr = 0x104691
> 14: /x $sp = 0x208a80 # EXPECTED: 0x208a70
> 13: /x $r7 = 0x208a80
> 9: /x $r2 = 0x0
> 7: /x $r1 = 0x2 # EXPECTED: No change
> 6: /x $r0 = 0x2
> (gdb)
> 0x002138fe in bsp_section_work_begin ()
> 15: /x $lr = 0x104691
> 14: /x $sp = 0x208a80
> 13: /x $r7 = 0x208a80
> 9: /x $r2 = 0x0
> 7: /x $r1 = 0x2
> 6: /x $r0 = 0x2
> (gdb)
>
> Eventually it crashes at 0x0021394c. No branches to printf were taken.
>
>
> PROGRAM OUTPUT:
> This is with RTL tracing enabled.
>
> *** BEGIN OF TEST libdl (RTL) 1 ***
> load: /dl-o1.o
> rtl: alloc: new: SYMBOL addr=0x20c518 size=384
> rtl: alloc: new: OBJECT addr=0x20c6a0 size=2048
> rtl: alloc: new: OBJECT addr=0x20cea8 size=2048
> rtl: alloc: new: OBJECT addr=0x20d6b0 size=2048
> rtl: alloc: new: OBJECT addr=0x20deb8 size=2048
> rtl: alloc: new: OBJECT addr=0x20e6c0 size=136
> rtl: alloc: new: OBJECT addr=0x20b1e8 size=13
> rtl: alloc: new: OBJECT addr=0x20b200 size=2
> rtl: adding global symbols, table size 25808
> rtl: global symbol add: 987
> rtl: alloc: new: SYMBOL addr=0x20e750 size=19740
>
> [snipped out a lot of "rtl: esyms: ..."]
>
> rtl: loading '/dl-o1.o'
> rtl: alloc: new: OBJECT addr=0x20b210 size=9
> rtl: alloc: del: OBJECT addr=0x0
> rtl: alloc: new: OBJECT addr=0x213478 size=136
> rtl: alloc: new: OBJECT addr=0x20b228 size=9
> rtl: alloc: new: OBJECT addr=0x20b240 size=9
> rtl: alloc: new: OBJECT addr=0x213508 size=56
> rtl: alloc: new: OBJECT addr=0x20b258 size=6
> rtl: sect: 1 : .text
> rtl: alloc: new: OBJECT addr=0x213548 size=56
> rtl: alloc: new: OBJECT addr=0x213588 size=10
> rtl: sect: 2 : .rel.text
> rtl: alloc: new: OBJECT addr=0x2135a0 size=56
> rtl: alloc: new: OBJECT addr=0x2135e0 size=6
> rtl: sect: 3 : .data
> rtl: alloc: new: OBJECT addr=0x2135f0 size=56
> rtl: alloc: new: OBJECT addr=0x213630 size=5
> rtl: sect: 4 : .bss
> rtl: alloc: new: OBJECT addr=0x213640 size=56
> rtl: alloc: new: OBJECT addr=0x213680 size=8
> rtl: sect: 5 : .rodata
> rtl: alloc: new: OBJECT addr=0x213690 size=56
> rtl: alloc: new: OBJECT addr=0x2136d0 size=16
> rtl: sect: 7 : .rel.debug_info
> rtl: alloc: new: OBJECT addr=0x2136e8 size=56
> rtl: alloc: new: OBJECT addr=0x213728 size=19
> rtl: sect: 10: .rel.debug_aranges
> rtl: alloc: new: OBJECT addr=0x213748 size=56
> rtl: alloc: new: OBJECT addr=0x213788 size=16
> rtl: sect: 12: .rel.debug_line
> rtl: unsupported section: 15: type=1879048195 flags=00
> rtl: alloc: new: OBJECT addr=0x2137a0 size=56
> rtl: alloc: new: OBJECT addr=0x2137e0 size=17
> rtl: sect: 17: .rel.debug_frame
> rtl: alloc: new: OBJECT addr=0x213800 size=56
> rtl: alloc: new: OBJECT addr=0x213840 size=10
> rtl: sect: 18: .shstrtab
> rtl: alloc: new: OBJECT addr=0x213858 size=56
> rtl: alloc: new: OBJECT addr=0x213898 size=8
> rtl: sect: 19: .symtab
> rtl: alloc: new: OBJECT addr=0x2138a8 size=56
> rtl: alloc: new: OBJECT addr=0x2138e8 size=8
> rtl: sect: 20: .strtab
> rtl: alloc: new: READ_EXEC addr=0x2138f8 size=92
> rtl: alloc: new: READ addr=0x213960 size=53
> rtl: alloc: new: READ_WRITE addr=0x2139a0 size=1
> rtl: load sect: text - b:0x2138f8 s:92 a:4
> rtl: load sect: const - b:0x213960 s:53 a:4
> rtl: load sect: data - b:0x2139a0 s:1 a:1
> rtl: load sect: bss - b:0x0 s:0 a:1
> rtl: loading: .text -> 0x2138f8 (88)
> rtl: loading: .rodata -> 0x213960 (52)
> rtl: alloc: new: SYMBOL addr=0x2139b0 size=121
> rtl: alloc: new: SYMBOL addr=0x213a38 size=31
> rtl: sym:add:6 name:9 :$d bind:0 type:0
> val:0x213960 sect:5 size:0
> rtl: sym:add:7 name:12:.LC0 bind:0 type:0
> val:0x213960 sect:5 size:0
> rtl: sym:add:8 name:17:.LC1 bind:0 type:0
> val:0x213980 sect:5 size:0
> rtl: sym:add:9 name:22:.LC2 bind:0 type:0
> val:0x213988 sect:5 size:0
> rtl: sym:add:10 name:27:$t bind:0 type:0
> val:0x2138f8 sect:1 size:0
> rtl: sym:add:20 name:30:rtems_main bind:1 type:2
> val:0x2138f9 sect:1 size:88
> rtl: relocation: .rel.text, syms:.symtab
> rtl: rel: sym:.LC0(7 )=00213960 type:47 off:0000000a
> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x1060f643 @ 0x213902 in /dl-o1.o
> rtl: rel: sym:.LC0(7 )=00213960 type:48 off:0000000e
> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x21f2c0 @ 0x213906 in /dl-o1.o
> rtl: rel: sym:.LC1(8 )=00213980 type:47 off:00000014
> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x1280f643 @ 0x21390c in /dl-o1.o
> rtl: rel: sym:.LC1(8 )=00213980 type:48 off:00000018
> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x221f2c0 @ 0x213910 in /dl-o1.o
> rtl: rel: sym:printf(21)=00119529 type:10 off:0000001c
> rtl: THM_CALL/JUMP24 0xfe08f705 @ 0x213914 in /dl-o1.o
> rtl: rel: sym:.LC2(9 )=00213988 type:47 off:00000030
> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x1088f643 @ 0x213928 in /dl-o1.o
> rtl: rel: sym:.LC2(9 )=00213988 type:48 off:00000034
> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x21f2c0 @ 0x21392c in /dl-o1.o
> rtl: rel: sym:printf(21)=00119529 type:10 off:0000003c
> rtl: THM_CALL/JUMP24 0xfdf8f705 @ 0x213934 in /dl-o1.o
> rtl: alloc: del: SYMBOL addr=0x2139b0
> rtl: alloc: new: OBJECT addr=0x2139b0 size=84
> rtl: linkmap_add
> rtl: unresolv: global resolve
> handle: 0x213478 loaded
>
>
> dl-o1.o DISASSEMBLED:
>
> [patrick at w096 dl01]$ arm-rtems4.11-objdump -d dl-o1.o
>
> dl-o1.o: file format elf32-littlearm
>
>
> Disassembly of section .text:
>
> 00000000 <rtems_main>:
> 0: b580 push {r7, lr}
> 2: b084 sub sp, #16
> 4: af00 add r7, sp, #0
> 6: 6078 str r0, [r7, #4]
> 8: 6039 str r1, [r7, #0]
> a: f240 0000 movw r0, #0
> e: f2c0 0000 movt r0, #0
> 12: 6879 ldr r1, [r7, #4]
> 14: f240 0200 movw r2, #0
> 18: f2c0 0200 movt r2, #0
> 1c: f7ff fffe bl 0 <printf>
> 20: 2300 movs r3, #0
> 22: 60fb str r3, [r7, #12]
> 24: e00f b.n 46 <rtems_main+0x46>
> 26: 68fb ldr r3, [r7, #12]
> 28: 009b lsls r3, r3, #2
> 2a: 683a ldr r2, [r7, #0]
> 2c: 4413 add r3, r2
> 2e: 681b ldr r3, [r3, #0]
> 30: f240 0000 movw r0, #0
> 34: f2c0 0000 movt r0, #0
> 38: 68f9 ldr r1, [r7, #12]
> 3a: 461a mov r2, r3
> 3c: f7ff fffe bl 0 <printf>
> 40: 68fb ldr r3, [r7, #12]
> 42: 3301 adds r3, #1
> 44: 60fb str r3, [r7, #12]
> 46: 68fa ldr r2, [r7, #12]
> 48: 687b ldr r3, [r7, #4]
> 4a: 429a cmp r2, r3
> 4c: dbeb blt.n 26 <rtems_main+0x26>
> 4e: 687b ldr r3, [r7, #4]
> 50: 4618 mov r0, r3
> 52: 3710 adds r7, #16
> 54: 46bd mov sp, r7
> 56: bd80 pop {r7, pc}
>
> Thank you,
>
> Patrick
> _______________________________________________
> users mailing list
> users at rtems.org
> http://lists.rtems.org/mailman/listinfo/users
>
More information about the users
mailing list