On Fri, Aug 17, 2018 at 10:57 AM, Neil Stainton <nstainton at asl-control.co.uk> wrote:
New Stack Pointer is: 9ef92ea0 Relocation Offset is: 18795000 Relocating to 9ff95000, new gd at 9ef92ec0, sp at 9ef92ea0 data abort pc : [<87800c5c>] lr : [<9ff9570c>] sp : 9ef92ea0 ip : 00000030 fp : 00000017 r10: 878538dc r9 : 9ef92ec0 r8 : 9ffe8e98 r7 : 9ef95460 r6 : 87800000 r5 : 87800320 r4 : 18795000 r3 : 8785c648 r2 : 8785acd0 r1 : 00000017 r0 : 18795000 Flags: nZCv IRQs off FIQs off Mode SVC_32 Code: e20110ff e3510017 1a000003 e0800004 (e5901000) Resetting CPU ...
I traced this issue to the Arm linker script: The bss and __rel_dyn sections intersect. This causes 'load_elf_image_shdr' to clear a portion of the __rel_dyn table which in turn causes the 'fixloop' in relocate.S of the chained image to fail as it reads zeros instead of valid addresses.
Here's some debug output from load_elf_image_shdr which shows the order the elf sections are loaded:
=> bootelf ${loadaddr} Loading .text @ 0x87800000 (237976 bytes) Loading .rodata @ 0x8783a198 (59258 bytes) Loading .hash @ 0x87848914 (24 bytes) Loading .dtb.init.rodata @ 0x87848930 (31600 bytes) Loading .data @ 0x878504a0 (8620 bytes) Loading .got.plt @ 0x8785264c (12 bytes) Loading .u_boot_list @ 0x87852658 (4040 bytes) Loading .efi_runtime @ 0x87853620 (560 bytes) Loading .dynsym @ 0x8785c598 (48 bytes) Loading .efi_runtime_rel @ 0x87853850 (168 bytes) Loading .rel.dyn @ 0x878538f8 (36000 bytes) Clearing .bss @ 0x878538f8 (29508 bytes) Loading .dynstr @ 0x8785c5c8 (1 bytes) Loading .dynamic @ 0x8785c5cc (136 bytes) ## Starting application at 0x87800000 ...
.bss is being cleared after .rel.dyn is loaded, clobbering it. This can be simply fixed by removing the .bss section header from the chained elf file.
To chain a U-Boot generated Arm elf file, I prepare it by removing the .bss section and stripping the remaining debug cruft: ${CC}objcopy --remove-section .bss u-boot ${CC}strip u-boot
then once copied to the target device's memory space (at $loadaddr), I can boot it from the U-boot command prompt by entering: bootelf ${loadaddr}
This appears to work fine on iMX6ULL at least.
Neil