On 19/10/21 3:53 am, Kinsey Moore wrote: > On 10/18/2021 00:44, Chris Johns wrote: >> Hi, >> >> I cannot run libbsd on real hardware because the cadence rx descriptor cache >> coherent allocation crashes in `memset`. It is used to clear the memory. >> >> The rtemsbsd allocator call optionally clears the memory and it seems the >> newlib >> aarch64 memset code crashes when doing this. A basic loop with 8bit or 32bit >> writes does not crash. The memset call happily clears an array in cached >> memory >> with different offsets. >> >> I have posted a patch to spcache01 that generates the crash on Versal and >> ZynqMP >> hardware. The crash dump is: >> >> test cache coherent allocation >> clear cache coherent with memset: 0x1fe00050 >> >> >> *** FATAL *** >> fatal source: 9 (RTEMS_FATAL_SOURCE_EXCEPTION) >> >> >> X0 = 0x000000001fe00050 X17 = 0x000000000000000c >> X1 = 0x0000000000000000 X18 = 0x00000000100007b0 >> X2 = 0x0000000000000110 X19 = 0x000000001fe00050 >> X3 = 0x000000001fe000c0 X20 = 0x000000001fdfff80 >> X4 = 0x000000001fe00250 X21 = 0x0000000010013ab0 >> X5 = 0x0000000000000004 X22 = 0x0000000000000000 >> X6 = 0x0000000000000001 X23 = 0x00000000ffffffff >> X7 = 0x0000000000000000 X24 = 0x0000000010103140 >> X8 = 0x0000000000000000 X25 = 0x0000000000000000 >> X9 = 0xffffff80ffffffc8 X26 = 0x0000000000000000 >> X10 = 0x0000000000000000 X27 = 0x0000000000000000 >> X11 = 0x000000001010ca78 X28 = 0x0000000000000000 >> X12 = 0x0000000000000001 FP = 0x000000001010cc30 >> X13 = 0x000000001fe00050 LR = 0x0000000010001f94 >> X14 = 0x0000000000000000 SP = 0x000000001010cc30 >> X15 = 0x0000000000000004 PC = 0x00000000100125c0 >> X16 = 0x000000001000f700 DAIF = 0x00000000000003c0 >> VEC = 0x0000000000000004 CPSR = 0x0000000060000005 >> ESR = EC: 0b100101 IL: 0b1 ISS: 0b0000000000000000001100001 >> Data Abort taken without a change in Exception level >> FAR = 0x000000001fe000c0 >> FPCR = 0x0000000000000000 FPSR = 0x0000000000000010 >> >> The Versal (A72) fails in exactly the same way. The allocated address is >> 0x1fe00050 and the FAR is 0x1fe000c0 so I am not sure if the "0xc0 - 0x50" >> section is aligning the pointer to a larger word size for better performance >> and >> that first part is OK but the different word size breaks. > > I'm running with a toolchain that was built with > --targetcflags="-DPREFER_SIZE_OVER_SPEED" which affects the content of the > memset function, so my memset is just loops of writes and seems to work fine.
Oh. Maybe the eng manual needs a piece on this. Using flags on tool chains like this is fine for a user because it is use at your own peril however I believe patches need to be tested with the defaults for all tools. It is way to hard to baseline a BSP if tweaks are needed here and there. > Just out of curiousity, what instruction was at that PC address? If it was "dc > zva", then I had seen this a while back during initial AArch64 bringup and had > assumed it was fixed since the addition of the MMU code since that instruction > doesn't work on device memory. It this that instruction ... 100125c0: d50b7423 dc zva, x3 Looks like it is not fixed. > It looks like bsp_section_nocacheheap sits inside bsp_section_nocachenoload > which is mapped as device memory which wouldn't play nicely with the "dc zva" > instruction. Cache coherent memory is mapped as device memory. The descriptors are mapped into it so checks of bits and updates are effected by caches. Chris _______________________________________________ devel mailing list devel@rtems.org http://lists.rtems.org/mailman/listinfo/devel