[U-Boot] Data abort during relocation

11 Jul 2019

Hello all,
I ran into a data abort in uboot during relocation (in relocate_code in
relocate.S), in the "fixloop macro":
ENTRY(relocate_code)
.
/*
* fix .rel.dyn relocations
*/
ldr           r2, =__rel_dyn_start          /* r2 <- SRC
&__rel_dyn_start */
ldr           r3, =__rel_dyn_end           /* r3 <- SRC
&__rel_dyn_end */
fixloop:
ldmia      r2!, {r0-r1}                            /*
(r0,r1) <- (SRC location,fixup) */
and         r1, r1, #0xff
cmp        r1, #23                                  /*
relative fixup? */
bne         fixnext
/* relative fix: increase location by offset */
add         r0, r0, r4
ldr           r1, [r0] <======== DataAbort
add         r1, r1, r4
str           r1, [r0]
fixnext:
cmp        r2, r3
blo          fixloop
relocate_done:
This happened after I added some trivial code somewhere totally different
and unrelated (somewhere in my board.c file, that only gets called after
relocation anyway). The only thing that I can think of, is that this shifted
some sections in size. Anway,
As far as I can tell, the dynamic relocation code checks if some word in
that region is 23, and if so, will try to use the previous word as address
(and add the relocation offset).
For some reason, r0 was zero somewhere in my case. After adding the
relocation offset (of 0x18722000), the dereferencing is invalid (RAM only
starts at 0x8000.0000) and causes the abort.
I now patched the code with this, and this fixes the abort for me:

diff --git a/arch/arm/lib/relocate.S b/arch/arm/lib/relocate.S
index 475d503..fba30b9 100644
--- a/arch/arm/lib/relocate.S
+++ b/arch/arm/lib/relocate.S
@@ -98,6 +98,9 @@ fixloop:
and         r1, r1, #0xff
cmp        r1, #23                                  /*
relative fixup? */
bne         fixnext
+             /* Check that the data is not 0. If so, skip it */
+             cmp r0, #0
+             beq fixnext
/* relative fix: increase location by offset */
add         r0, r0, r4
Even though this fixes my issue,  I don't understand what exactly this is
trying to relocate in the first place, and what could be the relation with
my seemingly unrelated change. Is this code fully ok? Or is there some edge
case where the data is allowed to be zero?
Does somebody know more about this, so we can check if there is anything
that really needs fixing?
Thanks for any feedback.
Kind regards,
Arnout

    

Arnout Diels

tags (0)

participants (1)