I downloaded libhugetlbfs.so and have a simple test source :
int glbarr[1024*1024]={0} ;
int main()
{
char * ptr ;
ptr = (char *) malloc( 1024 * 1024 * 1 ) ;
printf(" press any key to go on \n");
getchar() ;
for(int idx=0;idx<100;idx++){
char strtmp[64] = {0} ;
sprintf(strtmp,"%020d",idx) ;
strcpy( ptr+1024*idx , strtmp ) ;
} //for
for(int idx=0;idx<100;idx++){
glbarr[idx] = idx ;
}
printf(" press any key to go on \n");
getchar() ;
} // main
then set the env :
export LD_PRELOAD=libhugetlbfs.so
export HUGETLB_MORECORE=yes
export HUGETLB_DEBUG=1
At last , execute test_malloc.exe :
INFO: Found pagesize 2048 kB
INFO: Detected page sizes:
INFO: Size: 2048 kB (default) Mount: /mnt/SharedMem_2M
INFO: Parsed kernel version: [3] . [10] . [0]
INFO: Feature private_reservations is present in this kernel
INFO: Feature noreserve_safe is present in this kernel
INFO: Feature map_hugetlb is present in this kernel
INFO: Kernel has MAP_PRIVATE reservations. Disabling heap prefaulting.
INFO: Kernel supports MAP_HUGETLB
INFO: HUGETLB_SHARE=0, sharing disabled
INFO: HUGETLB_NO_RESERVE=no, reservations enabled
INFO: Segment 0 (phdr 2): 0x400000-0x400a04 (filesz=0xa04) (prot = 0x5)
INFO: Segment 1 (phdr 3): 0x600de0-0xa01080 (filesz=0x274) (prot = 0x3)
DEBUG: symbol to copy at 0x601060: stdin
DEBUG: Total memsz = 0x400ca4, memsz of largest segment = 0x4002a0
INFO: libhugetlbfs version: 2.20
INFO: Mapped hugeseg at 0x2aaaaac00000. Copying 0xa04 bytes and 0 extra bytes from 0x400000...done
INFO: Prepare succeeded
INFO: Mapped hugeseg at 0x2aaaaac00000. Copying 0x274 bytes and 0x14 extra bytes from 0x600de0...done
INFO: Prepare succeeded
INFO: setup_morecore(): heapaddr = 0x1c00000
INFO: hugetlbfs_morecore(2101248) = ...
INFO: heapbase = 0x1c00000, heaptop = 0x1c00000, mapsize = 0, delta=2101248
INFO: Attempting to map 4194304 bytes
INFO: ... = 0x1c00000
INFO: hugetlbfs_morecore(0) = ...
INFO: heapbase = 0x1c00000, heaptop = 0x1e01000, mapsize = 400000, delta=-2093056
INFO: ... = 0x1e01000
and the /proc/pidof test_malloc.exe/maps :
00400000-00600000 r-xp 00000000 00:2b 6019488 /mnt/SharedMem_2M/libhugetlbfs.tmp.uI55WD (deleted)
00600000-00c00000 rw-p 00000000 00:2b 6123885 /mnt/SharedMem_2M/libhugetlbfs.tmp.VUALYM (deleted)
01c00000-02000000 rw-p 00000000 00:0d 6123886 /anon_hugepage (deleted)
numastat -m showes hugepage really in use for 8M ,
What bother me is what do "deleted" means in maps output ?!
either in /mnt/SharedMem_2M or /anon_hugepage
Edit :
and the debug information :
INFO: Found pagesize 2048 kB
INFO: Detected page sizes:
INFO: Size: 2048 kB (default) Mount: /mnt/SharedMem_2M
INFO: Parsed kernel version: [3] . [10] . [0]
INFO: Feature private_reservations is present in this kernel
INFO: Feature noreserve_safe is present in this kernel
INFO: Feature map_hugetlb is present in this kernel
INFO: Kernel has MAP_PRIVATE reservations. Disabling heap prefaulting.
INFO: Kernel supports MAP_HUGETLB
INFO: HUGETLB_SHARE=0, sharing disabled
INFO: HUGETLB_NO_RESERVE=no, reservations enabled
INFO: Segment 0 (phdr 3): 0x600de0-0xa01080 (filesz=0x274) (prot = 0x3)
DEBUG: symbol to copy at 0x601060: stdin
DEBUG: Total memsz = 0x4002a0, memsz of largest segment = 0x4002a0
INFO: libhugetlbfs version: 2.20
INFO: Mapped hugeseg at 0x2aaaaac00000. Copying 0x274 bytes and 0x14 extra bytes from 0x600de0...done
INFO: Prepare succeeded
INFO: setup_morecore(): heapaddr = 0x2200000
INFO: hugetlbfs_morecore(2101248) = ...
INFO: heapbase = 0x2200000, heaptop = 0x2200000, mapsize = 0, delta=2101248
INFO: Attempting to map 4194304 bytes
INFO: ... = 0x2200000
INFO: hugetlbfs_morecore(0) = ...
INFO: heapbase = 0x2200000, heaptop = 0x2401000, mapsize = 400000, delta=-2093056
INFO: ... = 0x2401000
and the maps :
00400000 default file=/home/marschen/test/posix-memalign/test_malloc.exe mapped=1 N0=1 kernelpagesize_kB=4
00600000 default file=/mnt/SharedMem_2M/libhugetlbfs.tmp.85Y41e\040(deleted) huge anon=1 dirty=1 N0=1 kernelpagesize_kB=2048
02200000 default file=/anon_hugepage\040(deleted) huge anon=1 dirty=1 N0=1 kernelpagesize_kB=2048
Temporary file deletion (unlinking) is normal for libhugetlbfs when it uses hugetlb fs pseudo filesystem (grep hugetlbfs /proc/filesystems) for getting mmaps backed with hugetlb pages.
For example, there is hugetlbfs_unlinked_fd function of libhugetlbfs/hugeutils.c
https://github.com/libhugetlbfs/libhugetlbfs/blob/e44180072b796c0e28e53c4d01ef6279caaa2a99/hugeutils.c#L1033
int hugetlbfs_unlinked_fd_for_size(long page_size)
{
const char *path;
char name[PATH_MAX+1];
int fd;
path = hugetlbfs_find_path_for_size(page_size);
..
name[sizeof(name)-1] = '\0';
strcpy(name, path);
strncat(name, "/libhugetlbfs.tmp.XXXXXX", sizeof(name)-1);
/* FIXME: deal with overflows */
fd = mkstemp64(name);
....
unlink(name);
return fd;
}
Temporary file name is randomly generated in mkstemp function; it also creates the file and opens it. Then this file is unlinked (man 2 unlink) from the filesystem (file name is marked as deleted in the directory, there is still inode and file data, but other programs can't access this file by name).
While unlinked fd is opened, it can be used to work with hugetlb mmap and to store data. Only when this fd is closed, file data will be actually deleted by fs.
Early unlinking of mktemp files is often used: When a file created with mkstemp() is deleted?
Some useful information can be also listed in HOWTO of libhugetlbfs project
https://github.com/libhugetlbfs/libhugetlbfs/blob/master/HOWTO
Related
I want to reserve some memory to save kernel information. I copied reserve_crashkernel function to arm64 and modified it:
/* 16M alignment for crash kernel regions */
#define CRASH_ALIGN (16 << 20)
/* Location of the reserved area for the crash kernel */
struct resource crashk_res = {
.name = "Crash kernel",
.start = 0,
.end = 0,
.flags = IORESOURCE_MEM
};
static void __init reserve_crashkernel(void)
{
unsigned long long crash_size, crash_base, total_mem;
int ret;
crash_size = CRASH_ALIGN;
total_mem = memblock_phys_mem_size();
pr_info("crashkernel find memory %x - %llx.\n", CRASH_ALIGN, memblock_end_of_DRAM());
crash_base = memblock_find_in_range(CRASH_ALIGN, memblock_end_of_DRAM(),
crash_size, CRASH_ALIGN);
if (!crash_base) {
pr_info("crashkernel reservation failed - No suitable area found.\n");
return;
}
ret = memblock_reserve(crash_base, crash_size);
if (ret) {
pr_err("%s: Error reserving crashkernel memblock.\n", __func__);
return;
}
pr_info("Reserving %ldMB of memory at %ldMB for crashkernel (System RAM: %ldMB)\n",
(unsigned long)(crash_size >> 20),
(unsigned long)(crash_base >> 20),
(unsigned long)(total_mem >> 20));
crashk_res.start = crash_base;
crashk_res.end = crash_base + crash_size - 1;
insert_resource(&iomem_resource, &crashk_res);
}
When the kernel started, I can find kernel print like this:
[ 0.000000] crashkernel find memory 1000000 - 210000000.
[ 0.000000] Reserving 16MB of memory at 8272MB for crashkernel (System RAM: 8190MB)
But the /proc/iomem doesn't seem right. Without my code there is a 'System RAM' region:
100000000-20fffffff : System RAM
Now with reserve_crashkernel, the region changed to:
205000000-205ffffff : Crash kernel
I don't why the 'System RAM' region disappeared and I'm not sure that my code is correct.
This is my first time to ask a question, good luck for myself to get answers.
question description (cpu:t104x, ppc64 kernel configed with CONFIG_KEXEC):
I boot the first kernel with bootargs below:
setenv bootargs root=/dev/$bdev ro crashkernel=128M#32M \
console=$consoledev,$baudrate earlyprintk=ttyS0 $othbootargs;
then execute the following to load vmlinux successfully:
./kexec -p ./vmlinux -t elf-ppc64 --dtb=./dtb.t104x \
--command-line="root=/dev/mtdblock9 ro crashkernel=128M#32M console=ttyS0,115200 earlyprintk=ttyS0" \
-d --mem-min=0x2000000 --mem-max=0xa000000
then got the prints:
Try gzip decompression.
kernel: 0xeeb3b008 kernel_size: 0x8f49140
0000000000000000-0000000100000000 : 0
get base memory ranges:1
usable memory rgns size:1 base:0 size:a000000
exclude_range sorted exclude_range[0] start:0, end:188c000
setup_memory_ranges memory_range[0] start:188c001, end:30000000
get memory ranges:1
CRASH MEMORY RANGES
0000000000000000-0000000000010000
0000000000010000-0000000002000000
000000000a000000-0000000100000000
get_crash_notes_per_cpu: crash_notes addr = ffe0a1b4, size = 536
Elf header: p_type = 4, p_offset = 0xffe0a1b4 p_paddr = 0xffe0a1b4 p_vaddr = 0x0 p_filesz = 0x218 p_memsz = 0x218
get_crash_notes_per_cpu: crash_notes addr = ffe4a1b4, size = 536
Elf header: p_type = 4, p_offset = 0xffe4a1b4 p_paddr = 0xffe4a1b4 p_vaddr = 0x0 p_filesz = 0x218 p_memsz = 0x218
get_crash_notes_per_cpu: crash_notes addr = ffe8a1b4, size = 536
Elf header: p_type = 4, p_offset = 0xffe8a1b4 p_paddr = 0xffe8a1b4 p_vaddr = 0x0 p_filesz = 0x218 p_memsz = 0x218
get_crash_notes_per_cpu: crash_notes addr = ffeca1b4, size = 536
Elf header: p_type = 4, p_offset = 0xffeca1b4 p_paddr = 0xffeca1b4 p_vaddr = 0x0 p_filesz = 0x218 p_memsz = 0x218
vmcoreinfo header: p_type = 4, p_offset = 0x178dd48 p_paddr = 0x178dd48 p_vaddr = 0x0 p_filesz = 0x1024 p_memsz = 0x1024
Elf header: p_type = 1, p_offset = 0x3888000 p_paddr = 0x0 p_vaddr = 0x0 p_filesz = 0x10000 p_memsz = 0x10000
Elf header: p_type = 1, p_offset = 0x10000 p_paddr = 0x10000 p_vaddr = 0x10000 p_filesz = 0x1ff0000 p_memsz = 0x1ff0000
Elf header: p_type = 1, p_offset = 0xa000000 p_paddr = 0xa000000 p_vaddr = 0xa000000 p_filesz = 0xf6000000 p_memsz = 0xf6000000
Command line after adding elfcorehdr: root=/dev/mtdblock9 ro crashkernel=128M#32M console=ttyS0,115200 earlyprintk=ttyS0 1 maxcpus=1 noirqdistrib reset_devices elfcorehdr=57952K
sym: _savegpr0_27 info: 10 other: 00 shndx: 1 value: 970 size: 0
sym: _savegpr0_27 value: 3899970 addr: 3899004
sym: .data info: 03 other: 00 shndx: 4 value: 0 size: 0
.........
.........
sym: backup_start value: 389cc48 addr: 389cf08
info->entry is 0x3899600
kernel is 2000000
dt_offset is 9fe6000
run_at_load flag is 1
panic_kernel is 1
backup_start is 3888000
stack is 38a1000
toc_addr is 38a4f00
purgatory size is 23888
debug is 0
opal_base is 0
opal_entry is 0
kexec_load: entry = 0x3899600 flags = 0x150001
nr_segments = 5
segment[0].buf = 0xeeb4b008
segment[0].bufsz = 0x1757700
segment[0].mem = 0x2000000
segment[0].memsz = 0x1888000
segment[1].buf = 0x10050fb8
segment[1].bufsz = 0x10000
segment[1].mem = 0x3888000
segment[1].memsz = 0x10000
segment[2].buf = 0x10041108
segment[2].bufsz = 0x400
segment[2].mem = 0x3898000
segment[2].memsz = 0x1000
segment[3].buf = 0x10042c10
segment[3].bufsz = 0x3f10
segment[3].mem = 0x3899000
segment[3].memsz = 0x4000
segment[4].buf = 0x10060fc0
segment[4].bufsz = 0x19e68
segment[4].mem = 0x9fe6000
segment[4].memsz = 0x1a000
at last, trigger a panic:
echo c > /proc/sysrq-trigger
stopped here:
root#t104x:/media/emmc/image/kexec-cmd> echo c > /proc/sysrq-trigger
sysrq: SysRq : Trigger a crash
Unable to handle kernel paging request for data at address 0x00000000
Faulting instruction address: 0xc000000000603d90
Oops: Kernel access of bad area, sig: 11 [#1]
PREEMPT SMP NR_CPUS=4 CoreNet Generic
Modules linked in: uio_seville(O) nandsim mpc85xx_edac edac_core
CPU: 2 PID: 488 Comm: sh Tainted: G O 4.1.18-WR8.0.0.3_standard #4
task: c0000000f1b38bc0 ti: c0000000f1f4c000 task.ti: c0000000f1f4c000
NIP: c000000000603d90 LR: c000000000604ccc CTR: c000000000603d64
REGS: c0000000f1f4f7a0 TRAP: 0300 Tainted: G O (4.1.18-WR8.0.0.3_standard)
MSR: 0000000080029000 <CE,EE,ME> CR: 28242282 XER: 00000000
DEAR: 0000000000000000 ESR: 0000000000800000 SOFTE: 1
GPR00: c000000000604ccc c0000000f1f4fa20 c00000000174b700 0000000000000063
GPR04: c0000000ffe80828 c0000000ffe83e98 0000000000000285 c000000001774da8
GPR08: c0000000f1f4c000 0000000000000001 0000000000000000 0000000000000002
GPR12: 0000000042242484 c00000000fffed80 0000000028222482 000000001011217c
GPR16: 0000000010128668 0000000010136bb0 0000000010128a60 00000000100f1520
GPR20: 0000000010120a58 0000000000000000 000000001012c468 0000000010131fe0
GPR24: 0000000000000000 0000000010103a58 c0000000015e7aa8 0000000000000004
GPR28: c0000000015e7e90 0000000000000063 c000000001599e1c 0000000000000000
NIP [c000000000603d90] .sysrq_handle_crash+0x2c/0x40
LR [c000000000604ccc] .__handle_sysrq+0xec/0x224
Call Trace:
[c0000000f1f4fa90] [c000000000604ccc] .__handle_sysrq+0xec/0x224
[c0000000f1f4fb40] [c000000000605404] .write_sysrq_trigger+0x70/0x8c
[c0000000f1f4fbc0] [c00000000026a1e8] .proc_reg_write+0xac/0xfc
[c0000000f1f4fc60] [c0000000001f09ec] .__vfs_write+0x68/0xd0
[c0000000f1f4fcf0] [c0000000001f15b0] .vfs_write+0xb8/0x1e8
[c0000000f1f4fd90] [c0000000001f23f4] .SyS_write+0x64/0xf4
[c0000000f1f4fe30] [c000000000000698] system_call+0x38/0xc4
Instruction dump:
4bffffac 7c0802a6 f8010010 f821ff91 60000000 60000000 3d220002 39499e5c
39200001 912a0000 7c0004ac 39400000 <992a0000> 38210070 e8010010 7c0803a6
---[ end trace 4ddc8f20f56a5689 ]---
Sending IPI to other CPUs
IPI complete
I have added some prints in the kernel. I'm sure it has jumped into the entry, but don't know why it stoped here.
When i changed the options as follow s(just without --dtb option, I don't know why yet), the problem was solved:
./kexec -p ./vmlinux -t elf-ppc64 --command-line="root=/dev/mtdblock9 ro \
crashkernel=128M#32M console=ttyS0,115200 earlyprintk=ttyS0" -d \
--mem-min=0x2000000 --mem-max=0xa000000
I have two programs, one is custom bootloader which will be located in BANK A and the other one is the main program which will be located in external spifi flash.
Both programs I load and debug from eclipse.
Currently I can jump from the bootloader to the main program, I can start debug with jtag from the reset handler in the main program but sometimes is continues to main and sometimes it breaks after the first step.
From the bootloader I do the following for jumping to main program:
halInit(); // init my hal functions
chSysInit(); // init my OS
chThdSleepMilliseconds(1000);
flashInit(); // init the spifi driver
uint32_t NewAddressOfNewVectorTable = 0x14000000;
__disable_irq();
/** Load new Vector Table **/
SCB->VTOR = AddressOfNewVectorTable;
__set_MSP(*(uint32_t*)(AddressOfNewVectorTable));
LPC_CREG->M4MEMMAP = AddressOfNewVectorTable;
/**
* Jump to Reset Vector of new Vector Table
* -> thats the second word (hence fourth byte).
*/
((user_code_pointer_t)(*((uint32_t*)(AddressOfNewVectorTable + 4))))();
This seems to work alright and it jumps to the 0x14000000 address.
Then when I start to debug with JTAG the app, it will come first in the reset handler.
I firstly had to disable __early_init() for the main app which configures the clocks, this would make all crash.
Is this correct?
Then sometimes I can step through all into the main() function.
But also regularly it crashes after doing the first step with JTAG with the following output:
SEGGER J-Link GDB Server V5.02l Command Line Version
JLinkARM.dll V5.02l (DLL compiled Nov 24 2015 09:36:30)
-----GDB Server start settings-----
GDBInit file: none
GDB Server Listening port: 2331
SWO raw output listening port: 2332
Terminal I/O port: 2333
Accept remote connection: localhost only
Generate logfile: off
Verify download: on
Init regs on start: on
Silent mode: off
Single run mode: on
Target connection timeout: 0 ms
------J-Link related settings------
J-Link Host interface: USB
J-Link script: none
J-Link settings file: none
------Target related settings------
Target device: LPC4357_M4
Target interface: SWD
Target interface speed: 1000kHz
Target endian: little
Connecting to J-Link...
J-Link is connected.
Firmware: J-Link V9 compiled Oct 9 2015 20:34:47
Hardware: V9.30
S/N: 269301849
OEM: SEGGER-EDU
Feature(s): FlashBP, GDB
Checking target voltage...
Target voltage: 3.31 V
Listening on TCP/IP port 2331
Connecting to target...Connected to target
Waiting for GDB connection...Connected to 127.0.0.1
Reading all registers
WARNING: Failed to read memory # address 0x00000000
Target interface speed set to 1000 kHz
Resetting target
Halting target CPU...
...Target halted (PC = 0x1A000140)
R0 = 1A000000, R1 = 1A000000, R2 = 400F1FC0, R3 = 12345678
R4 = 40045000, R5 = 1008000C, R6 = 00000000, R7 = 00000000
R8 = 00000000, R9 = 00000000, R10= 00000000, R11= 00000000
R12= 00000000, R13= 10000200, MSP= 10000200, PSP= 00000000
R14(LR) = 10405B25, R15(PC) = 1A000140
XPSR 41000000, APSR 40000000, EPSR 01000000, IPSR 00000000
CFBP 00000000, CONTROL 00, FAULTMASK 00, BASEPRI 00, PRIMASK 00
Reading all registers
Select auto target interface speed (2000 kHz)
Flash breakpoints enabled
Semi-hosting enabled (Handle on BKPT)
Semihosting I/O set to TELNET Client
SWO disabled succesfully.
SWO enabled succesfully.
Downloading 276 bytes # address 0x14000000 - Verified OK
Downloading 16192 bytes # address 0x14000120 - Verified OK
Downloading 16080 bytes # address 0x14004060 - Verified OK
Downloading 16176 bytes # address 0x14007F30 - Verified OK
Downloading 16064 bytes # address 0x1400BE60 - Verified OK
Downloading 16096 bytes # address 0x1400FD20 - Verified OK
Downloading 16096 bytes # address 0x14013C00 - Verified OK
Downloading 16112 bytes # address 0x14017AE0 - Verified OK
Downloading 8492 bytes # address 0x1401B9D0 - Verified OK
Downloading 8 bytes # address 0x1401DAFC - Verified OK
Downloading 2308 bytes # address 0x1401DB08 - Verified OK
Comparing flash [....................] Done.
Verifying flash [....................] Done.
Writing register (PC = 0x14000120)
Read 4 bytes # address 0x14000120 (Data = 0x4100F081)
Read 2 bytes # address 0x14015764 (Data = 0x2300)
Read 2 bytes # address 0x140157C8 (Data = 0x2300)
Read 2 bytes # address 0x140166D8 (Data = 0x2300)
Read 2 bytes # address 0x140166DC (Data = 0x4818)
Read 2 bytes # address 0x14001370 (Data = 0xB672)
Read 2 bytes # address 0x140013E8 (Data = 0xF015)
Read 2 bytes # address 0x140166D8 (Data = 0x2300)
Read 2 bytes # address 0x1401670E (Data = 0xAB03)
Read 2 bytes # address 0x14001370 (Data = 0xB672)
Read 2 bytes # address 0x14001370 (Data = 0xB672)
Read 2 bytes # address 0x14016764 (Data = 0xF7EC)
Read 2 bytes # address 0x14016764 (Data = 0xF7EC)
Read 2 bytes # address 0x14001370 (Data = 0xB672)
Read 2 bytes # address 0x140013D4 (Data = 0xF7FF)
Read 2 bytes # address 0x14015764 (Data = 0x2300)
Read 2 bytes # address 0x140157BA (Data = 0x4850)
Read 2 bytes # address 0x1400ACB8 (Data = 0x4806)
Read 2 bytes # address 0x1400ACBA (Data = 0x4907)
Read 2 bytes # address 0x1400ACC4 (Data = 0x4B05)
Resetting target
Halting target CPU...
...Target halted (PC = 0x1A000140)
Read 2 bytes # address 0x14016764 (Data = 0xF7EC)
Read 2 bytes # address 0x14016764 (Data = 0xF7EC)
Read 2 bytes # address 0x14016764 (Data = 0xF7EC)
R0 = 1A000000, R1 = 1A000000, R2 = 400F1FC0, R3 = 12345678
R4 = 40045000, R5 = 1008000C, R6 = 00000000, R7 = 00000000
R8 = 00000000, R9 = 00000000, R10= 00000000, R11= 00000000
R12= 00000000, R13= 10000200, MSP= 10000200, PSP= 00000000
R14(LR) = 10405B25, R15(PC) = 1A000140
XPSR 41000000, APSR 40000000, EPSR 01000000, IPSR 00000000
CFBP 00000000, CONTROL 00, FAULTMASK 00, BASEPRI 00, PRIMASK 00
Reading all registers
Read 4 bytes # address 0x1A000140 (Data = 0x4C24B672)
Setting breakpoint # address 0x14001370, Size = 2, BPHandle = 0x0001
Setting breakpoint # address 0x140013D4, Size = 2, BPHandle = 0x0002
Setting breakpoint # address 0x140013E8, Size = 2, BPHandle = 0x0003
Setting breakpoint # address 0x1400ACC4, Size = 2, BPHandle = 0x0004
Setting breakpoint # address 0x140166DC, Size = 2, BPHandle = 0x0005
Setting breakpoint # address 0x1401670E, Size = 2, BPHandle = 0x0006
Setting breakpoint # address 0x14016764, Size = 2, BPHandle = 0x0007
Starting target CPU...
Erasing flash [....................] Done.
Programming flash [....................] Done.
Verifying flash [....................] Done.
...Breakpoint reached # address 0x14001370
Reading all registers
Removing breakpoint # address 0x14001370, Size = 2
Removing breakpoint # address 0x140013D4, Size = 2
Removing breakpoint # address 0x140013E8, Size = 2
Removing breakpoint # address 0x1400ACC4, Size = 2
Removing breakpoint # address 0x140166DC, Size = 2
Removing breakpoint # address 0x1401670E, Size = 2
Removing breakpoint # address 0x14016764, Size = 2
Read 4 bytes # address 0x14001370 (Data = 0x4C23B672)
Read 4 bytes # address 0x1A0025B4 (Data = 0xF8D39B03)
Read 4 bytes # address 0x1A0025B4 (Data = 0xF8D39B03)
Performing single step...
...Target halted (PC = 0xFFFFFFFE)
Reading all registers
WARNING: Failed to read memory # address 0xFFFFFFFE
Read 4 bytes # address 0x1000041C (Data = 0x00000000)
Reading 64 bytes # address 0x10000400
Read 4 bytes # address 0x00000000 (Data = 0x10000400)
Read 4 bytes # address 0x00000000 (Data = 0x10000400)
Am I missing something that is needed after the jump to external flash?
Or can anyone give me a pointer why this is not functioning properly all the time?
I am writing an extension for Windbg, and at a particular point I need to get the permissions for a memory offset, much like how !address addr would provide in Windbg. I have had a look at the available functions of the Debugger Engine API here at:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff551059%28v=vs.85%29.aspx
However I have failed to find such a function that would return the section/permissions information against a memory offset. Basically I would like to get what section the address lies in, data section, text section etc, what permissions it has and so on.
The closest sounding function I have found is GetOffsetInformation in the IDebugDataSpaces4 interface. However as per the documentation, it doesn't provide anything from what I am looking for:
http://msdn.microsoft.com/en-us/library/windows/hardware/ff548055(v=vs.85).aspx
I could always run the !address command and have its output parsed, but I was looking for a cleaner way where I could get this information directly, by using the API.
Am I missing something? Is there a documented/undocumented way I could achieve this with?
Doesnt QueryVirtual Work ?
#include <engextcpp.hpp>
class EXT_CLASS : public ExtExtension
{
public:
EXT_COMMAND_METHOD(getoffinfo);
};
EXT_DECLARE_GLOBALS();
EXT_COMMAND( getoffinfo, "", "{;e,d=0;getoffinfo;simulates !address <address>}" )
{
ULONG64 Offset = GetUnnamedArgU64(0);
if (Offset == 0)
{
Out( "usage !getoffinfo <address>\n");
}
else
{
MEMORY_BASIC_INFORMATION64 meminfo;
memset(&meminfo,0,sizeof(MEMORY_BASIC_INFORMATION64 ));
m_Data2->QueryVirtual(Offset,&meminfo);
Out("Allocation Base : %x\n",meminfo.AllocationBase);
Out("Base Address : %x\n",meminfo.BaseAddress);
Out("End Address : %x\n",meminfo.AllocationBase + meminfo.RegionSize);
Out("RegionSize : %x\n",meminfo.RegionSize);
Out("Type : %x\n",meminfo.Type);
Out("State : %x\n",meminfo.State);
}
}
result as follows
0:000> !address windbg
Usage: Image
Allocation Base: 01000000
Base Address: 01000000
End Address: 01001000
Region Size: 00001000
Type: 01000000 MEM_IMAGE
State: 00001000 MEM_COMMIT
Protect: 00000002 PAGE_READONLY
More info: lmv m windbg
More info: !lmi windbg
More info: ln 0x1000000
0:000> .load getoffinfo
0:000> !getoffinfo
usage !getoffinfo <address>
0:000> !getoffinfo windbg
Allocation Base : 1000000
Base Address : 1000000
End Address : 1001000
RegionSize : 1000
Type : 1000000
State : 1000
I have encountered a problem with a USB UDC linux driver. I'd like to connect our PXA320 based board to PC using g_ether and USB UDC.
Our board uses PXA320 with Linux-2.6.32 kernel.
I have enabled pxa27x UDC and g_ether on menuconfig and built kernel successfully.
But after I run "ifup usb0" and plug in the USB cable, PC detects the USB device (since D+ pull-up resistor is enabled) and sends "GET DESCRIPTOR" to the device. But the USB device(our board) does NOT respond.
I dumped some register values and found that the UDCCR is 0x1 which means UDC is enabled but is inactive.
The following are the debug messages I got:
ifup usb0
+++ ether - init
++++ usb_composite_register
+++ usb_gadget_register_driver
+++ dplus_pullup, on = 1
++++ composite_bind
+++ pxa_ep_alloc_request
--- pxa_ep_alloc_request
+++ eth_bind
g_ether gadget: using random self ethernet address
g_ether gadget: using random host ethernet address
usb0: MAC d6:81:e9:fa:0c:66
usb0: HOST MAC 7a:58:58:9a:bb:be
+++ eth_bind - CDC Subset/SAFE
+++ eth_bind - RNDIS plus ECM-or-Subset
+++ eth_bind - manufacturer = Linux 2.6.32.9 with pxa27x_udc
adding config #2 'RNDIS'/bf0059c0
adding 'rndis'/c7fcdf00 to config 'RNDIS'/bf0059c0
++++ composite_uevent
+++ usb_interface_id
--- usb_interface_id - id = 0
+++ usb_interface_id
--- usb_interface_id - id = 1
+++ pxa_ep_alloc_request
--- pxa_ep_alloc_request
adding config #1 'CDC Subset/SAFE'/bf00594c
+++ eth_do_config
adding 'cdc_subset'/c7fcdd80 to config 'CDC Subset/SAFE'/bf00594c
++++ composite_uevent
+++ usb_interface_id
--- usb_interface_id - id = 0
g_ether gadget: Ethernet Gadget, version: Memorial Day 2008
Memorial Day 2008, version:
g_ether gadget: g_ether ready
registered gadget driver 'g_ether'
+++ should_enable_udc
--- should_enable_udc, put_on = 1
+++ udc_enable
+++ udc_clear_mask_UDCCR - udccr = 0x0, mask = 0x1
--- udc_clear_mask_UDCCR - udccr = 0x0
clk_pxa3xx_cken_enable - clk->cken = 0x14
+++ ep0_idle
+++ set_ep0state
state=WAIT_FOR_SETUP->WAIT_FOR_SETUP, udccsr0=0x000, udcbcr=0
+++ udc_set_mask_UDCCR
+++ ep_write_UDCCSR
+++ pio_irq_enable, index = 0
--- udc_enable
UDCCR(0x0) = 0x1
UDCICR0(0x4) = 0x3
UDCICR1(0x8) = 0xb8000000
UDCISR0(0xc) = 0x0
UDCISR1(0x10) = 0x0
UDCFNR(0x14) = 0x0
UDCOTGICR(0x18) = 0x0
UP2OCR(0x20) = 0xa0
UP3OCR(0x24) = 0x0
(0x100) = 0x200
(0x200) = 0x0
(0x300) = 0x43881454
(0x400) = 0x0
ICPR = 0x0
ICPR2 = 0x0
ICIP = 0x0
ICIP2 = 0x0
ICFP = 0x0
ICFP2 = 0x0
ICMR = 0x6b24c08
ICMR2 = 0x2000
ICLR = 0x0
ICLR2 = 0x0
ICCR = 0x1
ACCR = 0x0000321f
ACSR = 0x3003321f
AICSR = 0x0
CKEN_A = 0xffbfffff
CKEN_B = 0xffffffff
From the debug message, I can see that UDC clock is enabled (CKEN_A bit20), UDC interrupt is enabled (ICMR bit11) nad UDC is enabled (UDCCR bit0). But UDC is inactive(UDCCR bit1).
I have verified hardware by running Windows CE OS on the board and I could connect to PC via activesync.
I compared UDC registers between CE OS and Linux OS. CE version shows UDCCR is 0x3 which means UDC is active.
I don't understand why UDC is inactive in Linux. That bit in UDCCR is read only.
Could anyone give me some hints on how to solve this issue?
Thanks in advance