All of lore.kernel.org
 help / color / mirror / Atom feed
From: Goswin von Brederlow <goswin-v-b@web.de>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] Can't switch to 64bit mode at boot, how to debug?
Date: Sat, 17 Nov 2012 18:50:25 +0100	[thread overview]
Message-ID: <20121117175025.GA12627@frosties> (raw)

Hi,

I'm having problems with the startup code for my toy kernel for amd64 that
switches from 32bit mode to 64bit mode and I'm at a loss how to debug this.
The code used to work last year (with qemu-kvm 0.14.0) but fails now with
QEMU emulator version 1.1.0 (Debian 1.1.0+dfsg-1).

Has something been changed in the boot environment for the multiboot?

When I start qemu I get the following:

% qemu -s -m 64 -kernel loader -initrd "../../kernel/moose arg=arg"
Could not open option rom 'kvmvapic.bin': No such file or directory
Trying to execute code outside RAM or ROM at 0x001000c1

EAX=80000013 EBX=0010fc90 ECX=c0000080 EDX=00000000
ESI=00009500 EDI=00107000 EBP=0010b000 ESP=0010afb4
EIP=001000c1 EFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
CS =0008 00000000 ffffffff 00cf9a00 DPL=0 CS32 [-R-]
SS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
DS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
FS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
GS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     00100dc8 00000028
IDT=     00000000 000003ff
CR0=80000013 CR2=00000000 CR3=00101000 CR4=00000020
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 
DR6=ffff0ff0 DR7=00000400
CCS=00000000 CCD=00000000 CCO=SARL    
EFER=0000000000000000
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
zsh: abort      qemu -s -m 64 -kernel loader -initrd "../../kernel/moose arg=arg"

0x001000c1 is the next instruction after the "movl %eax, %cr0" instruction
that enables protected mode and paging.

So how do I debug this? Can I tell qemu to go into monitor mode instead of
quiting?

Or can someone spot the problem from the source?

MfG
	Goswin
--
----------------------------------------------------------------------
#define ASM     1
#include <multiboot.h>
        
        .text

        .globl  start, _start
        .code32
start:
_start:
        jmp     multiboot_entry

        /* Align 32 bits boundary.  */
        .align  4
        
        /* Multiboot header.  */
multiboot_header:
        /* magic */
        .long   MULTIBOOT_HEADER_MAGIC
        /* flags */
        .long   MULTIBOOT_HEADER_FLAGS
        /* checksum */
        .long   -(MULTIBOOT_HEADER_MAGIC + MULTIBOOT_HEADER_FLAGS)
#ifndef __ELF__
        /* header_addr */
        .long   multiboot_header
        /* load_addr */
        .long   _start
        /* load_end_addr */
        .long   _edata
        /* bss_end_addr */
        .long   _end
        /* entry_addr */
        .long   multiboot_entry
#endif /* ! __ELF__ */

multiboot_entry:
        /* Initialize the stack pointer.  */
        movl    $(stack + STACK_SIZE), %esp

        /* Reset EFLAGS.  */
        pushl   $0
        popf

        /* Push the pointer to the Multiboot information structure.  */
        pushl   %ebx
        /* Push the magic value.  */
        pushl   %eax

        /* Enable PAE */
        movl    %cr4, %eax
        btsl    $5, %eax
        movl    %eax, %cr4

	/*
	 * Build early 4G boot pagetable
	 */
        /* Initialize Page tables to 0 */
        leal    pgtable, %edi
        xorl    %eax, %eax
        movl    $((4096*6)/4), %ecx
        rep     stosl

        /* Build Level 4 */
        leal    pgtable + 0, %edi
        leal    0x1007 (%edi), %eax
        movl    %eax, 0(%edi)

        /* Build Level 3 */
        leal    pgtable + 0x1000, %edi
        leal    0x1007(%edi), %eax
        movl    $4, %ecx
1:      movl    %eax, 0x00(%edi)
        addl    $0x00001000, %eax
        addl    $8, %edi
        decl    %ecx
        jnz     1b

        /* Build Level 2 */
        leal    pgtable + 0x2000, %edi
        movl    $0x00000183, %eax
        movl    $2048, %ecx
1:      movl    %eax, 0(%edi)
        addl    $0x00200000, %eax
        addl    $8, %edi
        decl    %ecx
        jnz     1b

        /* Load gdt */
        lgdt    gdt
        
        /* Load Level 4 page table (page 128) */
        leal    pgtable, %eax
        movl    %eax, %cr3
        
        /* Enable long mode */
        movl    $0xc0000080, %ecx
        rdmsr
        btsl    $8, %eax
        wrmsr

        /* enable paging to activate long mode */
        movl    %cr0, %eax
        btsl    $1, %eax        /* protected mode */
        btsl    $31, %eax       /* paging */
        movl    %eax, %cr0

        /* jump to 64bit mode */
        pushl   $0x8
        movl    $startup_64, %eax
        pushl   %eax
        lret


	.code64
startup_64:
_startup_64:
loop4:
	// Dummy code that just twirls the first char on the screen
        addq    $0x1,0xb8000
        jmp     loop4

        /* Our stack area.  */
        .comm   stack, STACK_SIZE
        
        .data
gdt:
        .word   gdt_end - gdt_base
        .long   gdt_base
        .long   0
idt:
        .word   idt_end - idt_base
        .long   idt_base
        .long   0
        
        .balign 8
        .globl gdt_base
gdt_base:
        .quad   0x0000000000000000      /* NULL descriptor */
        .quad   0x00af9a000000ffff      /* __KERNEL_CS */
        .quad   0x00cf92000000ffff      /* __KERNEL_DS */
        .quad   0x0080890000000000      /* TS descriptor */
        .quad   0x0000000000000000      /* TS continued */
gdt_end:

        .balign 8
idt_base:
        .quad   0x0000000000000000
        .quad   0x0000000000000000
idt_end:
/*
 * Space for page tables (not in .bss so not zeroed)
 */
        .bss
        .balign 4096
pgtable:
        .fill 6*4096, 1, 0

             reply	other threads:[~2012-11-17 17:50 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-11-17 17:50 Goswin von Brederlow [this message]
2012-11-17 19:58 ` [Qemu-devel] Can't switch to 64bit mode at boot, how to debug? Max Filippov
2012-11-17 20:18   ` Max Filippov
2012-11-17 21:55     ` Goswin von Brederlow
2012-11-17 22:09   ` Goswin von Brederlow
2012-11-17 22:38     ` Max Filippov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20121117175025.GA12627@frosties \
    --to=goswin-v-b@web.de \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.