Problems with l4linux

Valery V. Sedletski _valerius at mail.ru
Wed Oct 29 04:25:49 CET 2008 

On Tue, 28 Oct 2008 17:48:44 +0100, Adam Lackorzynski wrote:

>> >Rather not. Can you tell me at which position the f.2 is in user-land?
>> >That would be interesting.
>> > 
>> 
>> This is the result of executing "tf.2" in kernel debugger:
>> 
>> thread:   f.02 <001e0801>               prio: a0  mcp: ff  mode: Con
>> state: 001 ready    %dl
>> 001e0804     into
>> wait for:           polling:            rcv descr:
>> lcked by: ---.--                        timeout  :
>> cpu time:   2.000 ms                    timeslice: 4000/10000 ╣s
>> pager   :   f.00        cap: ---.--     utcb: ffe34200
>> preemptr:   0.00        not monitored   ready lnk:  ???.??   5.00
>>                                         prsnt lnk:   f.04   f.00
>> EAX=00000000  ESI=001e0801  DS=0023
>> EBX=a0051454  EDI=00000000  ES=0023     iret
>> ECX=0000000d  EBP=afeffe40  GS=0043     lea    0x0(%esi),%esi
>> EDX=afeffe58  ESP=c03c17ec  SS=0010
>> trap 13 (General Protection), error 00000070, from kernel mode
>> CS=0008  EIP=f003622b  EFlags=00203246
>> 001e0815     cli
>> c03c17ec f003622b 00000008 00203246 [eacff102] 00000073 00203296 afeffe00 0000007b
>> 001e0818     into
>> 
>> the [eacff102] dword was highlighted in backtrace. So, as I understood
>> this, this marks current stack frame. Here we see that previous stack
>> frame is ip=0xf003622b, cs=0x8, eflags=0x00203246 is respectively ip,
>> cs and eflags taken off from the stack by previous iret instruction.
>> Current iret must take off the next frame: eip=0xeacff102, cs=0x73,
>> eflags=0x00203296. Here we can see that selector cs=0x73 is ring3 and
>> eip is 0xeacff102. 
>
>Yep, ok, cs value is bogus. Now we need to find out why, cs should be
>1b. (8 is kernel code, so ok.) Maybe I find the time to reproduce this
>but on the other side it does not happen when the IOPL3 option is off,
>right?
> 

CS is incorrect? That's why it traps... I tried to set breakpoint before TRAP d in linux 
(in ioport.c when it writes "Got %d out of %d I/O ports") -- set "-wait" in fiasco command 
line and when it broke in kernel debugger after fiasco started, tried to set breakpoint:

bi addr=4054ec 
b+ bpn=1
br bpn=1 task=f

But after I said "g" in the debugger it didn't stopped at the breakpoint, only broke in TRAP d. What I do incorrectly?
Maybe,  bi addr=4054ec sets the breakpoint at phys address, not to linear of task f? How then I can
set to linear (or convert linear to physical?).

PS: If needed, I can make bootable iso image with my setup. Is it needed?

>> an address 001e0800 (into) is not in CS segment of vmlinux executable
>> (no such address in objdump output) So, what is it? Corrupt stack? Or
>> it is not a return address but something different?
>
>It's the thread-ID, so nothing to disassemble :)
>

Yes, I thought of it, but was not sure :)

>> >> >I guess not. Which address? Anyway, I guess it should ioremap those...
>> >> >
>> ....
>> >
>> >Some of those addresses are quite low but unfortunately I don't have an
>> >idea what they're used for.
>> >
>> 
>> The Cardbus controller uses these addresses, according to windows Device manager: 
>> 
>> 0xb8008000-0xb8008fff
>> 0xfebff000-0xfebfffff
>> 0xfabff000-0xfebfefff
>> 0x000db000-0x000dbfff
>> 
>> and modem itself uses none, only i/o and irq
>> 
>> Also, I searched logs and found that piece:
>> 
>> Oct 21 04:54:14 localhost kernel: Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ sharing enabled
>> Oct 21 04:54:14 localhost kernel: cs: memory probe 0xb8000000-0xb80fffff:  l4x ioremap: Requested region at b8010000 [0x1000 
>> Bytes]
>> Oct 21 04:54:14 localhost kernel: cs: memory probe 0x70000000-0x700fffff: excluding 0x70000000-0x700fffff
>> Oct 21 04:54:14 localhost kernel: cs: warning: no high memory space available!
>> 
>> (This was in the log with info level (there are also error and warning levels)), so, as I understood, this is not fatal.
>> Also here are ioremaps, so, they are present.
>
>Looks like this stuff is doing someting quite special, at least when
>looking at the code that is producing those log lines. I fear it's not
>easily doable to get this going.
>

Hmm... Sad. -- I wanted to experiment with it while the inet access working, but I turns that I can't. But interestingly, 
bluetooth comport is working and GPRS access to internet through it either. So, I could try this through bluetooth and
my phone, if not PCMCIA. Bad but not worst ;) Anyway, I can try pcmcia modem again when TRAP d will be resolved,
a warning with High memory access may be not so important and it will work. Or not?

PS:
I searched L4linux sources for string "no high memory space" and found nothing. Strange. Could you point me
where it is, please?

More information about the l4-hackers mailing list