Unable to run run-time loaded code on ZedBoard
Patrick Gauvin
pggauvin at gmail.com
Mon Oct 19 21:20:43 UTC 2015
Hi Chris,
> Simple question first. Was the load flagged as having unresolved externals?
No, the "dlinfo (handle, RTLD_DI_UNRESOLVED, &unresolved)" call
(dl-load.c:40) indicates that all externals are resolved.
> Is this the correct address? Is this the address in the base image?
0x119528 is the correct address for printf.
> I assume the base image and the o are built the same so should the
> bottom bit of the address be set for thumb mode? It has been a long time
> since looked at the specific detail.
The bottom bit should be set when a bx/blx (with register argument) to
THUMB code is made, and I see it here when the blx to "rtems_main" is
made:
(gdb) disas/r $pc-8,$pc+8
Dump of assembler code from 0x104686 to 0x104696:
0x00104686 <dl_load_test+182>: 41 f2 94 41 movw r1,
#5268 ; 0x1494
0x0010468a <dl_load_test+186>: c0 f2 20 01 movt r1, #32
=> 0x0010468e <dl_load_test+190>: 98 47 blx r3
0x00104690 <dl_load_test+192>: b8 60 str r0, [r7, #8]
0x00104692 <dl_load_test+194>: bb 68 ldr r3, [r7, #8]
0x00104694 <dl_load_test+196>: 02 2b cmp r3, #2
End of assembler dump.
(gdb) p/x $r3
$10 = 0x2138f9
> If you disassemble a piece of code in the base image that calls printf
> what instruction do you see?
This at is dl-load.c:45:
(gdb) disas /r $pc,$pc+32
Dump of assembler code from 0x10464a to 0x10466a:
=> 0x0010464a <dl_load_test+122>: 4f f2 30 70 movw r0,
#63280 ; 0xf730
0x0010464e <dl_load_test+126>: c0 f2 11 00 movt r0, #17
0x00104652 <dl_load_test+130>: 39 69 ldr r1, [r7, #16]
0x00104654 <dl_load_test+132>: 7a 69 ldr r2, [r7, #20]
0x00104656 <dl_load_test+134>: 14 f0 67 ff bl
0x119528 <printf>
> Note, ARM veneers is an outstanding task I need to complete.
The bl instructions to printf inside the loaded code are within range
(16 MB for the 32bit T32 bl) so I don't think this application
requires veneers. I will keep this in mind for the future, though.
Thank you,
Patrick
On Mon, Oct 19, 2015 at 12:08 AM, Chris Johns <chrisj at rtems.org> wrote:
> On 19/10/2015 9:00 am, Patrick Gauvin wrote:
>> Hello,
>>
>> Object code seems to be loaded properly (dlload) and symbols resolved
>> correctly (dlsym), but when the resolved symbol is called,
>> instructions don't do what they're supposed to, and usually the board
>> crashes soon after. This behavior is seen on the xilinx_zynq_zedboard
>> BSP, but the code behaves as expected on the xilinx_zynq_a9_qemu BSP.
>> I am using the 4.11 branch of RTEMS. I have a feeling it might have to
>> do with the MPU, but I figured before I continue debugging it would be
>> worth posting here to see if anyone has seen this before or has ideas.
>> Any input is appreciated.
>
> Simple question first. Was the load flagged as having unresolved externals?
>
> The interdependence that can exist between modules means externals can
> be resolved after other modules load.
>
>> The following is from a GDB session attached to a ZedBoard running
>> testsuites/libtests/dl01
>> (https://github.com/RTEMS/rtems/tree/4.11/testsuites/libtests/dl01)
>> program, with comments. 0x2138f8 is the start of the loaded function.
>> Adding 1 to the address is just to make GDB disassemble as THUMB code.
>> The function being called is "rtems_main" at line 54 of dl-load.c.
>> dl-o1.c contains the definition of "rtems_main", I've provided its
>> disassembly at the end of the email.
>>
>> 0x002138f8 in bsp_section_work_begin ()
>> 15: /x $lr = 0x104691
>> 14: /x $sp = 0x208a80
>> 13: /x $r7 = 0x208a80
>> 9: /x $r2 = 0x0
>> 7: /x $r1 = 0x201494
>> 6: /x $r0 = 0x2
>> (gdb) disas $pc+1,$pc+88
>> Dump of assembler code from 0x2138f9 to 0x213950:
>> 0x002138f9: push {r7, lr}
>> 0x002138fb: sub sp, #16
>> 0x002138fd: add r7, sp, #0
>> 0x002138ff: str r0, [r7, #4]
>> 0x00213901: str r1, [r7, #0]
>> 0x00213903: movw r0, #14688 ; 0x3960
>> 0x00213907: movt r0, #33 ; 0x21
>> 0x0021390b: ldr r1, [r7, #4]
>> 0x0021390d: movw r2, #14720 ; 0x3980
>> 0x00213911: movt r2, #33 ; 0x21
>> 0x00213915: bl 0x119528 <printf>
>> 0x00213919: movs r3, #0
>> 0x0021391b: str r3, [r7, #12]
>> 0x0021391d: b.n 0x21393e
>> 0x0021391f: ldr r3, [r7, #12]
>> 0x00213921: lsls r3, r3, #2
>> 0x00213923: ldr r2, [r7, #0]
>> 0x00213925: add r3, r2
>> 0x00213927: ldr r3, [r3, #0]
>> 0x00213929: movw r0, #14728 ; 0x3988
>> 0x0021392d: movt r0, #33 ; 0x21
>> 0x00213931: ldr r1, [r7, #12]
>> 0x00213933: mov r2, r3
>> 0x00213935: bl 0x119528 <printf>
>
> Is this the correct address? Is this the address in the base image?
>
> I assume the base image and the o are built the same so should the
> bottom bit of the address be set for thumb mode? It has been a long time
> since looked at the specific detail.
>
> If you disassemble a piece of code in the base image that calls printf
> what instruction do you see?
>
> Note, ARM veneers is an outstanding task I need to complete.
>
> Chris
>
>> 0x00213939: ldr r3, [r7, #12]
>> 0x0021393b: adds r3, #1
>> 0x0021393d: str r3, [r7, #12]
>> 0x0021393f: ldr r2, [r7, #12]
>> 0x00213941: ldr r3, [r7, #4]
>> 0x00213943: cmp r2, r3
>> 0x00213945: blt.n 0x21391e
>> 0x00213947: ldr r3, [r7, #4]
>> 0x00213949: mov r0, r3
>> 0x0021394b: adds r7, #16
>> 0x0021394d: mov sp, r7
>> 0x0021394f: pop {r7, pc}
>> End of assembler dump.
>> (gdb) si
>> 0x002138fa in bsp_section_work_begin ()
>> 15: /x $lr = 0x104691
>> 14: /x $sp = 0x208a80 # EXPECTED: 0x208a78
>> 13: /x $r7 = 0x208a80
>> 9: /x $r2 = 0x0
>> 7: /x $r1 = 0x201494
>> 6: /x $r0 = 0x2
>> (gdb)
>> 0x002138fc in bsp_section_work_begin ()
>> 15: /x $lr = 0x104691
>> 14: /x $sp = 0x208a80 # EXPECTED: 0x208a70
>> 13: /x $r7 = 0x208a80
>> 9: /x $r2 = 0x0
>> 7: /x $r1 = 0x2 # EXPECTED: No change
>> 6: /x $r0 = 0x2
>> (gdb)
>> 0x002138fe in bsp_section_work_begin ()
>> 15: /x $lr = 0x104691
>> 14: /x $sp = 0x208a80
>> 13: /x $r7 = 0x208a80
>> 9: /x $r2 = 0x0
>> 7: /x $r1 = 0x2
>> 6: /x $r0 = 0x2
>> (gdb)
>>
>> Eventually it crashes at 0x0021394c. No branches to printf were taken.
>>
>>
>> PROGRAM OUTPUT:
>> This is with RTL tracing enabled.
>>
>> *** BEGIN OF TEST libdl (RTL) 1 ***
>> load: /dl-o1.o
>> rtl: alloc: new: SYMBOL addr=0x20c518 size=384
>> rtl: alloc: new: OBJECT addr=0x20c6a0 size=2048
>> rtl: alloc: new: OBJECT addr=0x20cea8 size=2048
>> rtl: alloc: new: OBJECT addr=0x20d6b0 size=2048
>> rtl: alloc: new: OBJECT addr=0x20deb8 size=2048
>> rtl: alloc: new: OBJECT addr=0x20e6c0 size=136
>> rtl: alloc: new: OBJECT addr=0x20b1e8 size=13
>> rtl: alloc: new: OBJECT addr=0x20b200 size=2
>> rtl: adding global symbols, table size 25808
>> rtl: global symbol add: 987
>> rtl: alloc: new: SYMBOL addr=0x20e750 size=19740
>>
>> [snipped out a lot of "rtl: esyms: ..."]
>>
>> rtl: loading '/dl-o1.o'
>> rtl: alloc: new: OBJECT addr=0x20b210 size=9
>> rtl: alloc: del: OBJECT addr=0x0
>> rtl: alloc: new: OBJECT addr=0x213478 size=136
>> rtl: alloc: new: OBJECT addr=0x20b228 size=9
>> rtl: alloc: new: OBJECT addr=0x20b240 size=9
>> rtl: alloc: new: OBJECT addr=0x213508 size=56
>> rtl: alloc: new: OBJECT addr=0x20b258 size=6
>> rtl: sect: 1 : .text
>> rtl: alloc: new: OBJECT addr=0x213548 size=56
>> rtl: alloc: new: OBJECT addr=0x213588 size=10
>> rtl: sect: 2 : .rel.text
>> rtl: alloc: new: OBJECT addr=0x2135a0 size=56
>> rtl: alloc: new: OBJECT addr=0x2135e0 size=6
>> rtl: sect: 3 : .data
>> rtl: alloc: new: OBJECT addr=0x2135f0 size=56
>> rtl: alloc: new: OBJECT addr=0x213630 size=5
>> rtl: sect: 4 : .bss
>> rtl: alloc: new: OBJECT addr=0x213640 size=56
>> rtl: alloc: new: OBJECT addr=0x213680 size=8
>> rtl: sect: 5 : .rodata
>> rtl: alloc: new: OBJECT addr=0x213690 size=56
>> rtl: alloc: new: OBJECT addr=0x2136d0 size=16
>> rtl: sect: 7 : .rel.debug_info
>> rtl: alloc: new: OBJECT addr=0x2136e8 size=56
>> rtl: alloc: new: OBJECT addr=0x213728 size=19
>> rtl: sect: 10: .rel.debug_aranges
>> rtl: alloc: new: OBJECT addr=0x213748 size=56
>> rtl: alloc: new: OBJECT addr=0x213788 size=16
>> rtl: sect: 12: .rel.debug_line
>> rtl: unsupported section: 15: type=1879048195 flags=00
>> rtl: alloc: new: OBJECT addr=0x2137a0 size=56
>> rtl: alloc: new: OBJECT addr=0x2137e0 size=17
>> rtl: sect: 17: .rel.debug_frame
>> rtl: alloc: new: OBJECT addr=0x213800 size=56
>> rtl: alloc: new: OBJECT addr=0x213840 size=10
>> rtl: sect: 18: .shstrtab
>> rtl: alloc: new: OBJECT addr=0x213858 size=56
>> rtl: alloc: new: OBJECT addr=0x213898 size=8
>> rtl: sect: 19: .symtab
>> rtl: alloc: new: OBJECT addr=0x2138a8 size=56
>> rtl: alloc: new: OBJECT addr=0x2138e8 size=8
>> rtl: sect: 20: .strtab
>> rtl: alloc: new: READ_EXEC addr=0x2138f8 size=92
>> rtl: alloc: new: READ addr=0x213960 size=53
>> rtl: alloc: new: READ_WRITE addr=0x2139a0 size=1
>> rtl: load sect: text - b:0x2138f8 s:92 a:4
>> rtl: load sect: const - b:0x213960 s:53 a:4
>> rtl: load sect: data - b:0x2139a0 s:1 a:1
>> rtl: load sect: bss - b:0x0 s:0 a:1
>> rtl: loading: .text -> 0x2138f8 (88)
>> rtl: loading: .rodata -> 0x213960 (52)
>> rtl: alloc: new: SYMBOL addr=0x2139b0 size=121
>> rtl: alloc: new: SYMBOL addr=0x213a38 size=31
>> rtl: sym:add:6 name:9 :$d bind:0 type:0
>> val:0x213960 sect:5 size:0
>> rtl: sym:add:7 name:12:.LC0 bind:0 type:0
>> val:0x213960 sect:5 size:0
>> rtl: sym:add:8 name:17:.LC1 bind:0 type:0
>> val:0x213980 sect:5 size:0
>> rtl: sym:add:9 name:22:.LC2 bind:0 type:0
>> val:0x213988 sect:5 size:0
>> rtl: sym:add:10 name:27:$t bind:0 type:0
>> val:0x2138f8 sect:1 size:0
>> rtl: sym:add:20 name:30:rtems_main bind:1 type:2
>> val:0x2138f9 sect:1 size:88
>> rtl: relocation: .rel.text, syms:.symtab
>> rtl: rel: sym:.LC0(7 )=00213960 type:47 off:0000000a
>> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x1060f643 @ 0x213902 in /dl-o1.o
>> rtl: rel: sym:.LC0(7 )=00213960 type:48 off:0000000e
>> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x21f2c0 @ 0x213906 in /dl-o1.o
>> rtl: rel: sym:.LC1(8 )=00213980 type:47 off:00000014
>> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x1280f643 @ 0x21390c in /dl-o1.o
>> rtl: rel: sym:.LC1(8 )=00213980 type:48 off:00000018
>> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x221f2c0 @ 0x213910 in /dl-o1.o
>> rtl: rel: sym:printf(21)=00119529 type:10 off:0000001c
>> rtl: THM_CALL/JUMP24 0xfe08f705 @ 0x213914 in /dl-o1.o
>> rtl: rel: sym:.LC2(9 )=00213988 type:47 off:00000030
>> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x1088f643 @ 0x213928 in /dl-o1.o
>> rtl: rel: sym:.LC2(9 )=00213988 type:48 off:00000034
>> rtl: THM_MOVT_ABS/THM_MOVW_ABS_NC 0x21f2c0 @ 0x21392c in /dl-o1.o
>> rtl: rel: sym:printf(21)=00119529 type:10 off:0000003c
>> rtl: THM_CALL/JUMP24 0xfdf8f705 @ 0x213934 in /dl-o1.o
>> rtl: alloc: del: SYMBOL addr=0x2139b0
>> rtl: alloc: new: OBJECT addr=0x2139b0 size=84
>> rtl: linkmap_add
>> rtl: unresolv: global resolve
>> handle: 0x213478 loaded
>>
>>
>> dl-o1.o DISASSEMBLED:
>>
>> [patrick at w096 dl01]$ arm-rtems4.11-objdump -d dl-o1.o
>>
>> dl-o1.o: file format elf32-littlearm
>>
>>
>> Disassembly of section .text:
>>
>> 00000000 <rtems_main>:
>> 0: b580 push {r7, lr}
>> 2: b084 sub sp, #16
>> 4: af00 add r7, sp, #0
>> 6: 6078 str r0, [r7, #4]
>> 8: 6039 str r1, [r7, #0]
>> a: f240 0000 movw r0, #0
>> e: f2c0 0000 movt r0, #0
>> 12: 6879 ldr r1, [r7, #4]
>> 14: f240 0200 movw r2, #0
>> 18: f2c0 0200 movt r2, #0
>> 1c: f7ff fffe bl 0 <printf>
>> 20: 2300 movs r3, #0
>> 22: 60fb str r3, [r7, #12]
>> 24: e00f b.n 46 <rtems_main+0x46>
>> 26: 68fb ldr r3, [r7, #12]
>> 28: 009b lsls r3, r3, #2
>> 2a: 683a ldr r2, [r7, #0]
>> 2c: 4413 add r3, r2
>> 2e: 681b ldr r3, [r3, #0]
>> 30: f240 0000 movw r0, #0
>> 34: f2c0 0000 movt r0, #0
>> 38: 68f9 ldr r1, [r7, #12]
>> 3a: 461a mov r2, r3
>> 3c: f7ff fffe bl 0 <printf>
>> 40: 68fb ldr r3, [r7, #12]
>> 42: 3301 adds r3, #1
>> 44: 60fb str r3, [r7, #12]
>> 46: 68fa ldr r2, [r7, #12]
>> 48: 687b ldr r3, [r7, #4]
>> 4a: 429a cmp r2, r3
>> 4c: dbeb blt.n 26 <rtems_main+0x26>
>> 4e: 687b ldr r3, [r7, #4]
>> 50: 4618 mov r0, r3
>> 52: 3710 adds r7, #16
>> 54: 46bd mov sp, r7
>> 56: bd80 pop {r7, pc}
>>
>> Thank you,
>>
>> Patrick
>> _______________________________________________
>> users mailing list
>> users at rtems.org
>> http://lists.rtems.org/mailman/listinfo/users
>>
> _______________________________________________
> users mailing list
> users at rtems.org
> http://lists.rtems.org/mailman/listinfo/users
More information about the users
mailing list