Re: Assistance Required for QEMU Hardfault Error with Cortex-M33 on MPS2

Hi,

1) I am using QEMU Version 7.1.0. I am currently using this version with a plan to connect the remote port from Xilinx to the mps2an505 board. The decision to use this specific version is heavily influenced by the fact that it is the same version utilized by Xilinx's QEMU.

2) Debug Logs :

guest_errors:

Invalid read at addr 0x10000000, size 4, region '(null)', reason: rejected
Invalid read at addr 0x10000004, size 4, region '(null)', reason: rejected
Invalid read at addr 0x10800000, size 2, region '(null)', reason: rejected
qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)

in_asm:

IN:
0x10000008:
OBJD-T: 00480047

----------------
IN:
0x10000008:
OBJD-T: 00480047

----------------
IN:
0x10000010:
OBJD-T: 80b400affee70000000000000000000000000000000000000000000000000000
OBJD-T: 0000000000000000000000000000000000000000000000000000000000000000
OBJD-T: 0000000000000000000000000000000000000000000000000000000000000000
OBJD-T: 0000000000000000000000000000000000000000000000000000000000000000
OBJD-T: 0000000000000000000000000000000000000000000000000000000000000000
OBJD-T: 0000000000000000000000000000000000000000000000000000000000000000
OBJD-T: 0000000000000000000000000000000000000000000000000000000000000000

...goes on infinitely till address 0x107ffc00:

int :

Loaded reset SP 0x0 PC 0x0 from vector table
Loaded reset SP 0x10080000 PC 0x10000008 from vector table
Taking exception 18 [v7M INVSTATE UsageFault] on CPU 0
...taking pending secure exception 3
...loading from element 3 of secure vector table at 0x1000000c
...loaded new PC 0x10000011
Taking exception 3 [Prefetch Abort] on CPU 0
...at fault address 0x10800000
...with CFSR.IBUSERR
qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)

exec :
Trace 0: 0x7f2614000100 [0000040a/10000008/00000150/ff008000]
Stopped execution of TB chain before 0x7f2614000100 [10000008]
Trace 0: 0x7f2614000240 [0000040a/10000008/00000150/ff008000]
Trace 0: 0x7f2614000380 [0080040b/10000010/00000170/ff008000]
Trace 0: 0x7f2614000c80 [0080040b/10000400/00000170/ff008000]
goes on infinitely ...

cpu_reset :

CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=00000000 R15=00000000
XPSR=40000000 -Z-- A NS priv-thread
CPU Reset (CPU 0)
R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=00000000 R14=ffffffff R15=00000000
XPSR=40000000 -Z-- A S priv-thread
qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)

R00=00000000 R01=00000000 R02=00000000 R03=00000000
R04=00000000 R05=00000000 R06=00000000 R07=00000000
R08=00000000 R09=00000000 R10=00000000 R11=00000000
R12=00000000 R13=1007ffe0 R14=fffffff9 R15=10800000
XPSR=41000003 -Z-- T S handler
s00=00000000 s01=00000000 d00=0000000000000000
s02=00000000 s03=00000000 d01=0000000000000000
s04=00000000 s05=00000000 d02=0000000000000000
s06=00000000 s07=00000000 d03=0000000000000000
s08=00000000 s09=00000000 d04=0000000000000000
s10=00000000 s11=00000000 d05=0000000000000000
s12=00000000 s13=00000000 d06=0000000000000000
s14=00000000 s15=00000000 d07=0000000000000000
s16=00000000 s17=00000000 d08=0000000000000000
s18=00000000 s19=00000000 d09=0000000000000000
s20=00000000 s21=00000000 d10=0000000000000000
s22=00000000 s23=00000000 d11=0000000000000000
s24=00000000 s25=00000000 d12=0000000000000000
s26=00000000 s27=00000000 d13=0000000000000000
s28=00000000 s29=00000000 d14=0000000000000000
s30=00000000 s31=00000000 d15=0000000000000000
FPSCR: 00000000

3) You said the vector table is too small so I tried something like this from your reference files but it gives me the same error:

Boot.s ( Startup file )

.thumb
.syntax unified

.section .isr_vector
.long __StackTop
.long Reset_Handler
.word 0
.word 0
.rept 7
.word 0
.endr
.word 0
.word 0
.word 0
.word 0
.word 0
.rept 32
.word 0
.endr

.text
.global Reset_Handler
Reset_Handler:
ldr R0, = main
bx R0

Do you think it is something to do with the version itself or my memory layout? Please let me know. Any insights on the debug logs would also be of great help. Thanks!

On Tue, 16 Jan 2024 at 19:52, Peter Maydell <peter.maydell@linaro.org> wrote:

On Tue, 16 Jan 2024 at 14:16, sanjana gogte <sanj27272@gmail.com> wrote:
>
> I hope this message finds you well. I am reaching out to seek your expertise regarding a persistent issue I have encountered while working with QEMU, specifically a hardfault error when emulating the MPS2AN505 with a Cortex-M33 core.
>
> I have been grappling with this issue for some time and am unsure of the next steps to take. Could you please advise on potential areas to investigate or adjustments that might resolve this error? I am particularly curious if the issue lies with the vector table placement or the configuration in my linker script.
>
> The error I am facing is as follows:
> qemu: fatal: Lockup: can't escalate 3 to HardFault (current priority -1)
>
> This occurs when I attempt to run my kernel.elf file using the following QEMU command:
>
> qemu-system-arm -machine mps2-an505 -cpu cortex-m33 \
> -m 16M \
> -nographic -serial mon:stdio \
> -device loader,file=kernel.elf

(1) Tell us what QEMU version you're using.

(2) Give us the debug logs, by adding
-D qemu.log -d
in_asm,exec,cpu,int,cpu_reset,unimp,guest_errors,nochain -singlestep

Your guest is probably crashing in early bootup, and the
only way to tell where is to debug it.

Also, your interrupt vector table is too short, because
you've only put in the first two entries (SP and reset PC).
This will result in unhelpfully confusing behaviour if
the CPU ever takes some other kind of exception.

thanks
-- PMM

From:	sanjana gogte
Subject:	Re: Assistance Required for QEMU Hardfault Error with Cortex-M33 on MPS2AN505
Date:	Thu, 18 Jan 2024 12:00:10 +0530