[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] OMAP3 bootrom booting from file
From: |
Антон Кочков |
Subject: |
[Qemu-devel] OMAP3 bootrom booting from file |
Date: |
Sat, 5 Mar 2011 23:54:22 +0300 |
Good day!
I'm working on the omap3430 booting support from bootrom file.
On real hardware omap3430 have two copies of bootrom - low and high:
at the 0x14000 and 0x40014000
It was a problem, when qemu try to do reset GPMC, but now already solved.
But, stock omap3430 bootrom have it's own gpmc reset function:
ROM:400144D4 gpmc_reset
; CODE XREF: DoC_start+8 p
ROM:400144D4
; nand_start+10 p ...
ROM:400144D4 000 MOV.W R0,
#OMAP3430_GPMC_BASE ; Rd = Op2
ROM:400144D8 000 LDR R1, [R0,#0x10]
; Load from Memory
ROM:400144DA 000 ORR.W R1, R1, #2
; Rd = Op1 | Op2
ROM:400144DE 000 STR R1, [R0,#0x10]
; Store to Memory
ROM:400144DE
ROM:400144E0
ROM:400144E0 loop
; CODE XREF: gpmc_reset+10 j
ROM:400144E0 000 LDR R1, [R0,#0x14]
; Load from Memory
ROM:400144E2 000 LSLS R1, R1, #0x1F
; Logical Shift Left
ROM:400144E4 000 BEQ loop
; Branch
ROM:400144E4
ROM:400144E6 000 MOVS R0, #0
; Rd = Op2
ROM:400144E8 000 BX LR
; Branch to/from Thumb mode
So, I'm need save low copy of bootrom in the memory, bcoz sometimes
code call to 0x1xxxx addresses, someimes to 0x4001xxxx, so i'm need
prevent erasing of this memory.
here is log of gdb session with this function with running bootrom:
(gdb) b *0x144d4
Breakpoint 1 at 0x144d4
(gdb) info break
Num Type Disp Enb Address What
1 breakpoint keep y 0x000144d4
(gdb) c
Continuing.
Breakpoint 1, 0x000144d4 in ?? ()
1: x/4i $pc
=> 0x144d4: mov.w r0, #1845493760 ; 0x6e000000
0x144d8: ldr r1, [r0, #16]
0x144da: orr.w r1, r1, #2
0x144de: str r1, [r0, #16]
(gdb) i r
r0 0x0 0
r1 0x4020fc6c 1075903596
r2 0x40 64
r3 0x0 0
r4 0x4020f524 1075901732
r5 0x4020fbc0 1075903424
r6 0x4020ffb4 1075904436
r7 0x1 1
r8 0x0 0
r9 0x4020fc64 1075903588
r10 0x4020fc90 1075903632
r11 0x0 0
r12 0xffffecf4 -4876
sp 0x4020f4e8 0x4020f4e8
lr 0x17705 96005
pc 0x144d4 0x144d4
cpsr 0x200001f3 536871411
(gdb) si
0x000144d8 in ?? ()
1: x/4i $pc
=> 0x144d8: ldr r1, [r0, #16]
0x144da: orr.w r1, r1, #2
0x144de: str r1, [r0, #16]
0x144e0: ldr r1, [r0, #20]
(gdb) si
0x000144da in ?? ()
1: x/4i $pc
=> 0x144da: orr.w r1, r1, #2
0x144de: str r1, [r0, #16]
0x144e0: ldr r1, [r0, #20]
0x144e2: lsls r1, r1, #31
(gdb) i r
r0 0x6e000000 1845493760
r1 0x0 0
r2 0x40 64
r3 0x0 0
r4 0x4020f524 1075901732
r5 0x4020fbc0 1075903424
r6 0x4020ffb4 1075904436
r7 0x1 1
r8 0x0 0
r9 0x4020fc64 1075903588
r10 0x4020fc90 1075903632
r11 0x0 0
r12 0xffffecf4 -4876
sp 0x4020f4e8 0x4020f4e8
lr 0x17705 96005
pc 0x144da 0x144da
cpsr 0x200001f3 536871411
How I can do it?
My repo located here: http://gitorious.org/droid/qemu
Best regards,
Anton Kochkov.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-devel] OMAP3 bootrom booting from file,
Антон Кочков <=