Booting L4Re on the CI20: Panic in sigma0

Paul Boddie paul at boddie.org.uk
Thu Jul 13 19:22:32 CEST 2017


Hello,

I've been trying to get Fiasco.OC and L4Re booting on the MIPS Creator CI20, 
starting out by building the "hello" example.

The first obstacle was actually seeing the serial output, where the board 
appears to be configured to output to UART4 in the bootstrap package, but 
booting from an SD card produced no output. Although I thought I had messed up 
the preparation of the image, or that U-Boot was being fussy about the image 
addresses and failing to execute the payload, switching to UART0 and rewiring 
my connection got me some output.

For reference, changing the UART involves a couple of modifications to 
pkg/bootstrap/server/src/platform/ci20.cc as follows:

-    kuart.base_address = 0x10034000; // UART4
+    kuart.base_address = 0x10030000; // UART0
-    kuart.irqno        = 34;
+    kuart.irqno        = 51; // UART0: 32 + 19

But now I appear to experience a panic in sigma0 as it starts up, with the 
message...

Warning: Sigma0 raised an exception --> HALT

Here are the regions:

Regions of list 'regions'
    [        0,       1db] {      1dc} Kern   fiasco
    [     1000,      10eb] {       ec} Root   mbi_rt
    [    10000,     9d09f] {    8d0a0} Kern   fiasco
    [   140000,    184773] {    44774} Root   moe
    [   190000,    197f3f] {     7f40} Root   moe
    [   200000,    20be17] {     be18} Sigma0 sigma0
    [   210000,    2161bf] {     61c0} Sigma0 sigma0
    [   2d0000,    2e33df] {    133e0} Boot   bootstrap
    [  1100000,   1164fff] {    65000} Root   Module

And the registers look like this:

00[ 0]: 00000000 at[ 1]: 80022e50 v0[ 2]: 00000001 v1[ 3]: 80000000
a0[ 4]: 00010000 a1[ 5]: 002000e0 a2[ 6]: ffffffe7 a3[ 7]: 00000401
t0[ 8]: 00000000 t1[ 9]: 00000401 t2[10]: 00000413 t3[11]: 82152f38
t4[12]: 82152000 t5[13]: 801873bc t6[14]: fffffffe t7[15]: 801873bc
s0[16]: 82152f60 s1[17]: 00000400 s2[18]: 00000001 s3[19]: 00000000
s4[20]: 80090000 s5[21]: 00000000 s6[22]: 00000fa0 s7[23]: 00000000
t8[24]: 8008519c t9[25]: 800a0000 k0[26]: ffffffff k1[27]: ffffffff
gp[28]: 800b7f80 sp[29]: 00000000 fp[30]: 80185000 ra[31]: 80010000
HI: 00000000 LO: 000003a8
Status 00000413 Cause 00000010 EPC 002000ec

The EPC indeed appears to reference sigma0, with the Cause indicating an 
erroneous data or instruction fetch operation. Looking at the disassembly of 
sigma0...

002000e0 <__start>:
  2000e0:       3c1c0001        lui     gp,0x1
  2000e4:       279c7f80        addiu   gp,gp,32640
  2000e8:       0399e021        addu    gp,gp,t9
  2000ec:       8f9d8018        lw      sp,-32744(gp)
  2000f0:       8f99801c        lw      t9,-32740(gp)
  2000f4:       27bdfff0        addiu   sp,sp,-16
  2000f8:       0320f809        jalr    t9
  2000fc:       00000000        nop

...it appears that the problem occurs when the global offset table is 
accessed. The global pointer gets computed as...

0x10000 + 32640 + 0x800a0000 = 0x800b7f80

...with the load-relative operation accessing...

0x800b7f80 - 32744 = 0x800aff98

It is presumably this address that is illegal within the failing thread of 
execution. I've been looking at the debugger documentation...

http://l4re.org/fiasco/doc/jdb.pdf

...but I'm not sure I'm doing the right things to see the state of the 
machine. Attempting to dump the memory at that address appears to indicate 
inaccessible memory, but I imagine that this region might not be mapped within 
whichever "task" is active.

Does anyone have any suggestions about how I can troubleshoot this problem?

Thanks in advance,

Paul



More information about the l4-hackers mailing list