Author Topic: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Owned)  (Read 81432 times)

0 Members and 2 Guests are viewing this topic.

Offline spin

  • A few posts under my belt.
  • *
  • Posts: 23
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #40 on: June 06, 2005, 08:24:12 pm »
Quote
what should I have done ?


Write the files to /dos/DATA/stuff instead :-)

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #41 on: June 06, 2005, 08:25:39 pm »
Theres 253 megs of space on /dos .. I dont think thats the problem Spin.

Offline spin

  • A few posts under my belt.
  • *
  • Posts: 23
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #42 on: June 06, 2005, 08:32:20 pm »
The "No space left on device" error says otherwise =P I ran into the "no space" error until I changed partitions, I think it has more to do with the number of available files on the /dos partition, and not so much the amount of free space (inode starvation, but for vfat or somesuch). My /dos partition was tiny and /proc/kcore has a complete dump of physical memory...

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #43 on: June 06, 2005, 08:38:31 pm »
I'll try that. I think its trying to write to / instead of /dos for some reason...

Offline ralph.deratt

  • A few posts under my belt.
  • *
  • Posts: 22
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #44 on: June 06, 2005, 10:27:46 pm »
Quote
the DD failure generates this in the messages log:
Code: [Select]
Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = c0c24000
*pgd = c0fcb811, *pmd = c0fcb811, *pte = 00000000, *ppte = 00000000
Internal error: Oops: 0
CPU: 0
pc : [<c00e6ff8>]    lr : [<c00b1ec8>]    Not tainted
sp : c0c29f50  ip : 00000000  fp : c0c29f80
r10: bfffff4d  r9 : c0c28000  r8 : 00066000
r7 : 00000400  r6 : c0395ec0  r5 : 00000400  r4 : 00000400
r3 : c0c28000  r2 : 000003fc  r1 : 00000000  r0 : 00066000
Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  Segment user
Control: 217D  Table: C0C24015  DAC: 00000015
Process dd (pid: 23, stackpage=c0c29000)
Stack: (0xc0c29f40 to 0xc0c2a000)
9f40: c00b1ec8 c00e6ff8 20000013 ffffffff 00000400 00000400 00000400 c0395ec0
9f60: 00000400 c00b1ec8 00000000 ffffffea c0395ea0 c0c29fac c0c29f84 c0070ec0
9f80: c00b1e64 c0c29f90 c00706c4 0000000a 00000400 00066000 00000003 c0043aa0
9fa0: 00000000 c0c29fb0 c0043920 c0070df4 0000000a c0049c90 00000009 00066000
9fc0: 00000400 00000000 0000000a 00000400 00066000 00000009 00000400 bfffff41
9fe0: bfffff4d 00000000 00066000 bffffde0 00033fa0 000460b0 20000010 00000009
Backtrace:
Function entered at [<c00b1e54>] from [<c0070ec0>]
 r6 = C0395EA0  r5 = FFFFFFEA  r4 = 00000000
Function entered at [<c0070de4>] from [<c0043920>]
 r8 = C0043AA0  r7 = 00000003  r6 = 00066000  r5 = 00000400
 r4 = 0000000A
Code: 1a00002c e2522004 4282c004 4a00001b (e4913004)


Try this command instead:

dd if=/dev/mem of=/dos/data/stuff/rom.bin bs=1 skip=1 count=262143

It should solve the null pointer issue, but let Ben know that the first byte is missing...

RdeR

Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #45 on: June 06, 2005, 10:58:04 pm »
Quote

Try this command instead:

dd if=/dev/mem of=/dos/data/stuff/rom.bin bs=1 skip=1 count=262143

It should solve the null pointer issue, but let Ben know that the first byte is missing...

RdeR


Ralph, if you don't stop reading my mind, you're going to really freak me out. ;)

Yes, I was going to suggest that ... although this document http://www.embedded-kernel-track.org/2005/porting_to_arm.pdf suggests that 0x0-0xfff are a "null pointer / interrupt vector trap".

So, we might need to use mmap.

I wrote a quick little c-program called readrom.  get it here: http://bbyer.mm.st/readrom, source at http://bbyer.mm.st/readrom.c.  Put it in a script as "readrom /dos/data/rom.out" or whatever, and let me know if that works, someone ... anyone ... Bueller? ;)

Ben

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #46 on: June 07, 2005, 01:23:40 am »
Bushing, thats not working.  is it supposed to log any output?  contact me via ICQ or AIM or something... I can test stuff in a couple seconds with my test rig.. :)

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #47 on: June 07, 2005, 01:39:50 am »
Readrom seg fault info from dmesg:
Code: [Select]
readrom: unhandled page fault at pc=0x0000b8d8, lr=0x0000ffb4 (bad address=0xfffffffc, code 0)
pc : [<0000b8d8>]    lr : [<0000ffb4>]    Not tainted
sp : bffffddc  ip : bffffe90  fp : 00000000
r10: 00000000  r9 : 000363f0  r8 : 00000002
r7 : bffffe84  r6 : 0003c7ec  r5 : 00036670  r4 : 00046384
r3 : 0000f108  r2 : 00046384  r1 : 00000000  r0 : 00000008
Flags: nzCv  IRQs on  FIQs on  Mode USER_32  Segment user
Control: 217D  Table: C0C10015  DAC: 00000015
Unable to handle kernel NULL pointer dereference at virtual address 00000001
pgd = c0c10000
*pgd = c0c2c811, *pmd = c0c2c811, *pte = 00000000, *ppte = 00000000
Internal error: Oops: 0
CPU: 0
pc : [<c00e7074>]    lr : [<c00b1ec8>]    Not tainted
sp : c0c17f50  ip : 00000001  fp : c0c17f80
r10: bfffff48  r9 : c0c16000  r8 : 00066000
r7 : 00000001  r6 : c0c390e0  r5 : 00000001  r4 : 00000001
r3 : c0c16000  r2 : 00000001  r1 : 00000001  r0 : 00066000
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  Segment user
Control: 217D  Table: C0C10015  DAC: 00000015
Process dd (pid: 19, stackpage=c0c17000)
Stack: (0xc0c17f40 to 0xc0c18000)
7f40: c00b1ec8 c00e7074 80000013 ffffffff 00000001 00000001 00000001 c0c390e0
7f60: 00000001 c00b1ec8 00000001 ffffffea c0c390c0 c0c17fac c0c17f84 c0070ec0
7f80: c00b1e64 c0070c70 c00720b0 0000000a 00000001 00066000 00000003 c0043aa0
7fa0: 00000000 c0c17fb0 c0043920 c0070df4 0000000a c0049c90 00000009 00066000
7fc0: 00000001 00000000 0000000a 00000001 00066000 00000009 00000001 bfffff3c
7fe0: bfffff48 00000000 00066000 bffffde0 00033fa0 000460b0 20000010 00000009
Backtrace:
Function entered at [<c00b1e54>] from [<c0070ec0>]
r6 = C0C390C0  r5 = FFFFFFEA  r4 = 00000001
Function entered at [<c0070de4>] from [<c0043920>]
r8 = C0043AA0  r7 = 00000003  r6 = 00066000  r5 = 00000001
r4 = 0000000A
Code: 0affffe0 e33c0000 0a000009 e35c0002 (e4d13001)
« Last Edit: June 07, 2005, 01:40:31 am by judb »

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #48 on: June 07, 2005, 01:41:09 am »
dd also still segfaults using the updated options.. it creates a 0 byte file first though.  readrom does not.

#!/bin/sh
/dos/stuff/readrom /dos/data/stuff/readrom.out
dd if=/dev/mem of=/dos/data/stuff/rom.bin bs=1 skip=1 count=262143
/bin/tar cvfh /dos/data/stuff/proc.tar /proc
/bin/tar cvfhX /dos/data/stuff/all.tar /dos/stuff/tarexclude.txt /
dmesg > /dos/stuff/dmesg.txt
« Last Edit: June 07, 2005, 01:41:44 am by judb »

Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #49 on: June 07, 2005, 01:52:17 am »
Quote
Bushing, thats not working.  is it supposed to log any output?  contact me via ICQ or AIM or something... I can test stuff in a couple seconds with my test rig.. :)


It should have created a little bit of output.  *sigh*

Wanna create an IRC channel?  I'll go do some research online and post back in like 15 mins...

-b

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #50 on: June 07, 2005, 01:55:47 am »
Quote

It should have created a little bit of output.  *sigh*

Wanna create an IRC channel?  I'll go do some research online and post back in like 15 mins...

-b


pm'ed you with a chat room that I have setup.. not IRC.. dont have an IRC client on my box and dont feel like setting it up just for this.

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #51 on: June 07, 2005, 02:11:17 am »
dd error "dd if=/dev/mem of=/dos/data/stuff/rom.bin bs=1 skip=32 count=32"
Code: [Select]
Unable to handle kernel NULL pointer dereference at virtual address 00000020
pgd = c0c18000
*pgd = c0fee811, *pmd = c0fee811, *pte = 00000000, *ppte = 00000000
Internal error: Oops: 0
CPU: 0
pc : [<c00e7074>]    lr : [<c00b1ec8>]    Not tainted
sp : c0c1ff50  ip : 00000001  fp : c0c1ff80
r10: bfffff4b  r9 : c0c1e000  r8 : 00066000
r7 : 00000001  r6 : c0fc80e0  r5 : 00000001  r4 : 00000001
r3 : c0c1e000  r2 : 00000001  r1 : 00000020  r0 : 00066000
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  Segment user
Control: 217D  Table: C0C18015  DAC: 00000015
Process dd (pid: 18, stackpage=c0c1f000)
Stack: (0xc0c1ff40 to 0xc0c20000)
ff40: c00b1ec8 c00e7074 80000013 ffffffff 00000001 00000001 00000001 c0fc80e0
ff60: 00000001 c00b1ec8 00000020 ffffffea c0fc80c0 c0c1ffac c0c1ff84 c0070ec0
ff80: c00b1e64 c0070c70 c00720b0 0000000a 00000001 00066000 00000003 c0043aa0
ffa0: 00000000 c0c1ffb0 c0043920 c0070df4 0000000a c0049c90 00000009 00066000
ffc0: 00000001 00000000 0000000a 00000001 00066000 00000009 00000001 bfffff3f
ffe0: bfffff4b 00000000 00066000 bffffde0 00033fa0 000460b0 20000010 00000009
Backtrace:
Function entered at [<c00b1e54>] from [<c0070ec0>]
r6 = C0FC80C0  r5 = FFFFFFEA  r4 = 00000020
Function entered at [<c0070de4>] from [<c0043920>]
r8 = C0043AA0  r7 = 00000003  r6 = 00066000  r5 = 00000001
r4 = 0000000A
Code: 0affffe0 e33c0000 0a000009 e35c0002 (e4d13001)


devmem2 error "/dos/stuff/devmem2 262136 > /dos/stuff/devmem2.out"
Code: [Select]
devmem2: unhandled page fault at pc=0x0000ace8, lr=0x00016de0 (bad address=0xfffffffc, code 0)
pc : [<0000ace8>]    lr : [<00016de0>]    Not tainted
sp : bffffdfc  ip : bffffeb0  fp : 00000000
r10: 00000000  r9 : 00036b60  r8 : 00000002
r7 : bffffea4  r6 : 0003d038  r5 : 000390a4  r4 : 00046d50
r3 : 0000e518  r2 : 00046d50  r1 : 00000000  r0 : 00000008
Flags: nzCv  IRQs on  FIQs on  Mode USER_32  Segment user
Control: 217D  Table: C0FA4015  DAC: 00000015
« Last Edit: June 07, 2005, 02:46:40 am by judb »

Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #52 on: June 07, 2005, 01:56:54 pm »
Let's see if we can bring some more-experienced minds to bear on the problem:

http://lists.arm.linux.org.uk/pipermail/linux-arm/2005-June/010037.html

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #53 on: June 07, 2005, 02:15:57 pm »
I wonder if we can extract the 128 byte internal boot rom area from the ARM cpu...

Offline ralph.deratt

  • A few posts under my belt.
  • *
  • Posts: 22
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #54 on: June 07, 2005, 04:59:02 pm »
Quote
I wonder if we can extract the 128 byte internal boot rom area from the ARM cpu...


Why?? the full source is in the back of the User manual.

RdeR

Offline judb

  • Administrator
  • Veteran.
  • *****
  • Posts: 1329
  • ph4t l3wtz
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #55 on: June 07, 2005, 05:31:10 pm »
hmm good point.  I never noticed that.  apparently the boot rom data is stored at 0x7000.0000 according to the user manual and flash rom is addressed as 0x0... I cant tell where it says if the data at 0x7 is fixed code or if its rewriteable somehow.

Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #56 on: June 08, 2005, 03:10:57 am »
Quote
hmm good point.  I never noticed that.  apparently the boot rom data is stored at 0x7000.0000 according to the user manual and flash rom is addressed as 0x0... I cant tell where it says if the data at 0x7 is fixed code or if its rewriteable somehow.


I had to read all of the info about those two parts several times to get this, but I think I can explain more simply.

Normally, when you power up the EP7312, it jumps to location 0x0 -- hopefully you have some sort of memory (ram, rom, whatever) sitting there that holds instructions.  If not, you're toast.

Now, what this means is that if you want to have a system that boots, you had better make sure your flash rom chips are burned before you solder them down to a board, and if anything ever happened to them, you'd have to desolder / replace them.  Or use a socketed ROM chip.  All of these are horribly expensive from the point of view of the manufacturer.

OR ... you could do what they did.  They provided a 128-BYTE rom bank, actually on the die of the processor.  It truly is read-onky -- it will never change.   When you boot with it (enabled with a jumper on the PhatBox board), it runs a very, very small program, that does the following:

* turns on UART1, configures to 9600
* outputs one char: "<"
* reads the next 2048 bytes
* outputs one  last char: ">"
* copies that 2k chunk of data into internal [cache] sram, and executes it.

So, basically you write a 2k mini "pre-bootloader" loader, and use it to handle all other data transfer, and eventually could reflash that way.

Ben

Offline Genesis

  • Getting the hang of things.
  • **
  • Posts: 83
  • Bite Me
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #57 on: June 08, 2005, 04:05:40 am »
Hoh hoh hoh.....

You know what I said about "Sabots", right? :)

Offline ralph.deratt

  • A few posts under my belt.
  • *
  • Posts: 22
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #58 on: June 08, 2005, 04:03:56 pm »
Quote
dd error "dd if=/dev/mem of=/dos/data/stuff/rom.bin bs=1 skip=32 count=32"
Code: [Select]
Unable to handle kernel NULL pointer dereference at virtual address 00000020
pgd = c0c18000
*pgd = c0fee811, *pmd = c0fee811, *pte = 00000000, *ppte = 00000000
Internal error: Oops: 0
CPU: 0
pc : [<c00e7074>]    lr : [<c00b1ec8>]    Not tainted
sp : c0c1ff50  ip : 00000001  fp : c0c1ff80
r10: bfffff4b  r9 : c0c1e000  r8 : 00066000
r7 : 00000001  r6 : c0fc80e0  r5 : 00000001  r4 : 00000001
r3 : c0c1e000  r2 : 00000001  r1 : 00000020  r0 : 00066000
Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  Segment user
Control: 217D  Table: C0C18015  DAC: 00000015
Process dd (pid: 18, stackpage=c0c1f000)
Stack: (0xc0c1ff40 to 0xc0c20000)
ff40: c00b1ec8 c00e7074 80000013 ffffffff 00000001 00000001 00000001 c0fc80e0
ff60: 00000001 c00b1ec8 00000020 ffffffea c0fc80c0 c0c1ffac c0c1ff84 c0070ec0
ff80: c00b1e64 c0070c70 c00720b0 0000000a 00000001 00066000 00000003 c0043aa0
ffa0: 00000000 c0c1ffb0 c0043920 c0070df4 0000000a c0049c90 00000009 00066000
ffc0: 00000001 00000000 0000000a 00000001 00066000 00000009 00000001 bfffff3f
ffe0: bfffff4b 00000000 00066000 bffffde0 00033fa0 000460b0 20000010 00000009
Backtrace:
Function entered at [<c00b1e54>] from [<c0070ec0>]
 r6 = C0FC80C0  r5 = FFFFFFEA  r4 = 00000020
Function entered at [<c0070de4>] from [<c0043920>]
 r8 = C0043AA0  r7 = 00000003  r6 = 00066000  r5 = 00000001
 r4 = 0000000A
Code: 0affffe0 e33c0000 0a000009 e35c0002 (e4d13001)



Jud / Ben

Try this:

dd if=/dev/mem of=/dos/data/stuff/rom_mirror.bin bs=1024 skip=256 count=256

This will skip the first 256K and then read the next 256k.  Since the decoding of the flash is only 18 bits, the flash image should repeat every 256K (or every 512K,1024K etc)

Also run
dd if=/dev/mem of=/dos/data/stuff/rom.bin bs=1024 skip=4 count=252


On a linux box run dd if=rom_mirror.bin of=rom_mir_trim.bin bs=1024 skip=4 count=252

Then compare rom.bin to rom_mir_trim.bin

if they are the same, rom_mirror.bin has the full image.

RdeR





Offline bushing

  • Senior Member
  • Needs to get outside.
  • *****
  • Posts: 119
  • props to my peeps
Re: SPIN: 1 - PhatBox: 0 (PhatBox Successfully Own
« Reply #59 on: June 08, 2005, 11:06:31 pm »
Quote
Hoh hoh hoh.....

You know what I said about "Sabots", right? :)


Huh?

*confused*
Ben