Bug #254

Trying to compile and run coreboot on qemu-riscv..

Added by Marc Karasek 6 months ago. Updated 6 months ago.

Status:NewStart date:02/06/2020
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-

Description

I followed the build instruction I found online and was able to build a coreboot with a BBL+vmlinux payload, a vmlinux kernel and a coreinfo payload.

When I run either one under qemu-system-riscv64 I get a expection fault:
Before I go digging into the code, I wanted to see if this was a known issue? Or if I am doing something wrong? I have used this qemu to boot another riscv image (bbl)

CMDLINE: qemu-system-riscv64 -M virt -m 1024M -nographic -kernel build/coreboot.elf

Output:
qemu-system-riscv64: warning: No -bios option specified. Not loading a firmware.
qemu-system-riscv64: warning: This default will change in a future QEMU release. Please use the -bios option to avoid breakages when this happens.
qemu-system-riscv64: warning: See QEMU's deprecation documentation for details.

coreboot-4.11-9-g93ac30d189-dirty Thu Dec 12 15:10:43 UTC 2019 bootblock starting (log level: 7)...
ERROR: FMAP_CACHE enabled but no region provided!
FMAP: Found "FLASH" version 1.1 at 0x20000.
FMAP: base = 0x0 size = 0x2000000 #areas = 4
FMAP: area COREBOOT found @ 20100 (16645888 bytes)
CBFS: 'COREBOOT Locator' located CBFS at [20100:1000000)
CBFS: Locating 'fallback/romstage'
CBFS: Found @ offset 80 size 36e3

coreboot-4.11-9-g93ac30d189-dirty Thu Dec 12 15:10:43 UTC 2019 romstage starting (log level: 7)...

Exception: Load access fault
Hart ID: 0
Previous mode: machine
Bad instruction pc: 00000000820042ac
Bad address: 0000001081fffffc
Stored ra: 0000000082004378
Stored sp: 0000000083032e98
Can't recover from trap. Halting.

History

#1 Updated by Marc Karasek 6 months ago

Marc Karasek wrote:

I followed the build instruction I found online and was able to build a coreboot with a BBL+vmlinux payload, a vmlinux kernel and a coreinfo payload.

When I run either one under qemu-system-riscv64 I get a expection fault:
Before I go digging into the code, I wanted to see if this was a known issue? Or if I am doing something wrong? I have used this qemu to boot another riscv image (bbl)

CMDLINE: qemu-system-riscv64 -M virt -m 1024M -nographic -kernel build/coreboot.elf

Output:
qemu-system-riscv64: warning: No -bios option specified. Not loading a firmware.
qemu-system-riscv64: warning: This default will change in a future QEMU release. Please use the -bios option to avoid breakages when this happens.
qemu-system-riscv64: warning: See QEMU's deprecation documentation for details.

coreboot-4.11-9-g93ac30d189-dirty Thu Dec 12 15:10:43 UTC 2019 bootblock starting (log level: 7)...
ERROR: FMAP_CACHE enabled but no region provided!
FMAP: Found "FLASH" version 1.1 at 0x20000.
FMAP: base = 0x0 size = 0x2000000 #areas = 4
FMAP: area COREBOOT found @ 20100 (16645888 bytes)
CBFS: 'COREBOOT Locator' located CBFS at [20100:1000000)
CBFS: Locating 'fallback/romstage'
CBFS: Found @ offset 80 size 36e3

coreboot-4.11-9-g93ac30d189-dirty Thu Dec 12 15:10:43 UTC 2019 romstage starting (log level: 7)...

Exception: Load access fault
Hart ID: 0
Previous mode: machine
Bad instruction pc: 00000000820042ac
Bad address: 0000001081fffffc
Stored ra: 0000000082004378
Stored sp: 0000000083032e98
Can't recover from trap. Halting.

I have tried to run both coreboot.rom (as bios) and coreboot.elf (as kernel) under qemu-system-riscv both output the same the code gets to romstage and crashes..

Is there anyway to use an outside compiler to compile coreboot. I have installed the riscv toolchain and have managed to build opensbi and run this under qemu with a kernel image.
I was going to have coreboot have this payload (fw_payload.elf) from the opensbi build.

#2 Updated by Marc Karasek 6 months ago

Found the issue in ramdetect.c

Code is failing in probe_mb() function. Looking at commits that added this (bd4bcab8addf8791a9100140ae963415450b9663) from 6/30/19 this was added for qemu-armv7 and for qemu-riscv,
Tested against qemu-system-riscv which is 32 bit version.

Looks like it fails on 64 bit qemu-system-riscv64. I do not have 32bit qemu compiled but will get this installed to test this theory.
Will also revert the change to the mainboard.c for qemu-riscv to see if this lets it go further on 64bit version

Offending code:
int _weak probe_mb(const uintptr_t dram_start, const uintptr_t size)
{
uintptr_t addr = dram_start + (size * MiB) - sizeof(uint32_t);
static const uint32
t patterns[] = {
0x55aa55aa,
0x12345678
};
void *ptr = (void *) addr;
size_t i;

/* Don't accidentally clober oneself. */
if (OVERLAP(addr, addr + sizeof(uint32_t), (uintptr_t)_program, (uintptr_t) _eprogram))
    return 1;

uint32_t old = read32(ptr);
for (i = 0; i < ARRAY_SIZE(patterns); i++) {
    write32(ptr, patterns[i]);
    if (read32(ptr) != patterns[i])
        break;
}
write32(ptr, old);
return i == ARRAY_SIZE(patterns);

}
Values passed in are 81000000, 8000
The write32(ptr, old) is where the exception happens.

Exception: Load access fault
Hart ID: 0
Previous mode: machine
Bad instruction pc: 0x81004340
Bad address: 0x1080fffffc
Stored ra: 0x81004428
Stored sp: 0x82032e98
Can't recover from trap. Halting.

#3 Updated by Marc Karasek 6 months ago

Looks like 32bit Qemu is also broken.

built qemu-system-riscv32 (version 4.2.50 (v4.2.0-1411-ge18e5501d8-dirty)
Tried to run a coreboot.rom as -bios and fails in the same way in probe_mb()..

Not sure if it makes any difference but the coreboot.rom was built with the 64bit compiler.. Will rebuild with 32bit version

#4 Updated by Marc Karasek 6 months ago

I found out the problem but cannot see how this was ever working??

Under src/mainboard/emulation/qemu-riscv/Kconfig the default DRAM_SIZE was being set to 32768 when it should be 32.
I can make the change and submit it in the next day or so...

BTW: The memory scan for qemu is trash and really does not pickup the memory passed on the cmdline for riscv. It is dependent on this value in the .config
For a value of 32 it finds 127MB of memory. Even if you give qemu 1024M (1G). If you try to give it below 127, say 64 MB it will crash.

#5 Updated by Patrick Rudolph 6 months ago

It is working on qemu 4.0.
There's an attempt to fix the code made here: https://review.coreboot.org/c/coreboot/+/36486

Also available in: Atom PDF