[Qemu-devel] OMAP3 bootrom booting from file

Sat, 05 Mar 2011 12:54:34 -0800 

Good day!

I'm working on the omap3430 booting support from bootrom file.
On real hardware omap3430 have two copies of bootrom - low and high:
at the 0x14000 and 0x40014000

It was a problem, when qemu try to do reset GPMC, but now already solved.
But, stock omap3430 bootrom have it's own gpmc reset function:

ROM:400144D4     gpmc_reset
      ; CODE XREF: DoC_start+8 p
ROM:400144D4
      ; nand_start+10 p ...
ROM:400144D4 000                 MOV.W           R0,
#OMAP3430_GPMC_BASE     ; Rd = Op2
ROM:400144D8 000                 LDR             R1, [R0,#0x10]
      ; Load from Memory
ROM:400144DA 000                 ORR.W           R1, R1, #2
      ; Rd = Op1 | Op2
ROM:400144DE 000                 STR             R1, [R0,#0x10]
      ; Store to Memory
ROM:400144DE
ROM:400144E0
ROM:400144E0     loop
      ; CODE XREF: gpmc_reset+10 j
ROM:400144E0 000                 LDR             R1, [R0,#0x14]
      ; Load from Memory
ROM:400144E2 000                 LSLS            R1, R1, #0x1F
      ; Logical Shift Left
ROM:400144E4 000                 BEQ             loop
      ; Branch
ROM:400144E4
ROM:400144E6 000                 MOVS            R0, #0
      ; Rd = Op2
ROM:400144E8 000                 BX              LR
      ; Branch to/from Thumb mode

So, I'm need save low copy of bootrom in the memory, bcoz sometimes
code call to 0x1xxxx addresses, someimes to 0x4001xxxx, so i'm need
prevent erasing of this memory.

here is log of gdb session with this function with running bootrom:

(gdb) b *0x144d4
Breakpoint 1 at 0x144d4
(gdb) info break
Num     Type           Disp Enb Address    What
1       breakpoint     keep y   0x000144d4
(gdb) c
Continuing.

Breakpoint 1, 0x000144d4 in ?? ()
1: x/4i $pc
=> 0x144d4:     mov.w   r0, #1845493760 ; 0x6e000000
   0x144d8:     ldr     r1, [r0, #16]
   0x144da:     orr.w   r1, r1, #2
   0x144de:     str     r1, [r0, #16]
(gdb) i r
r0             0x0      0
r1             0x4020fc6c       1075903596
r2             0x40     64
r3             0x0      0
r4             0x4020f524       1075901732
r5             0x4020fbc0       1075903424
r6             0x4020ffb4       1075904436
r7             0x1      1
r8             0x0      0
r9             0x4020fc64       1075903588
r10            0x4020fc90       1075903632
r11            0x0      0
r12            0xffffecf4       -4876
sp             0x4020f4e8       0x4020f4e8
lr             0x17705  96005
pc             0x144d4  0x144d4
cpsr           0x200001f3       536871411
(gdb) si
0x000144d8 in ?? ()
1: x/4i $pc
=> 0x144d8:     ldr     r1, [r0, #16]
   0x144da:     orr.w   r1, r1, #2
   0x144de:     str     r1, [r0, #16]
   0x144e0:     ldr     r1, [r0, #20]
(gdb) si
0x000144da in ?? ()
1: x/4i $pc
=> 0x144da:     orr.w   r1, r1, #2
   0x144de:     str     r1, [r0, #16]
   0x144e0:     ldr     r1, [r0, #20]
   0x144e2:     lsls    r1, r1, #31
(gdb) i r
r0             0x6e000000       1845493760
r1             0x0      0
r2             0x40     64
r3             0x0      0
r4             0x4020f524       1075901732
r5             0x4020fbc0       1075903424
r6             0x4020ffb4       1075904436
r7             0x1      1
r8             0x0      0
r9             0x4020fc64       1075903588
r10            0x4020fc90       1075903632
r11            0x0      0
r12            0xffffecf4       -4876
sp             0x4020f4e8       0x4020f4e8
lr             0x17705  96005
pc             0x144da  0x144da
cpsr           0x200001f3       536871411


How I can do it?

My repo located here: http://gitorious.org/droid/qemu

Best regards,
Anton Kochkov.

Reply via email to