ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Debugging with qemu?

Fri May 30, 2014 8:56 am

I've set up Torlu's rpi qemu branch in hopes of using it to debug kernels.
https://github.com/Torlus/qemu-rpi
I'm using mentor toolchain's arm gdb to hook up to localhost:1234 after starting qemu with -S -s

Then I can do something along these lines

Code: Select all

(gdb) ni
0x00010048 in ?? ()
(gdb) info registers
r0             0x10     16
r1             0x0      0
r2             0x20200000       538968064
r3             0x0      0
r4             0x0      0
r5             0x0      0
r6             0x0      0
r7             0x0      0
r8             0x0      0
r9             0x0      0
r10            0x0      0
r11            0x0      0
r12            0x0      0
...
The registers seem to contain all the right information, but there are a few issue I can't get around.
1) I can't view the disassembly of what's going on, I just get "No function contains program counter for selected frame.".
3) The offsets don't look right. Why 0x00010048 instead of 0x00008048? The program counter is also showing the strange offsets.

All of the information I'm finding is mentioning debug symbols, but I'm using fasmarm, so getting those would be a bit of a pain.

Does anybody have any experience with what I'm trying to do? Alternatively, are there other ways to debug kernels which might be better? I've had a look at dwelch's arm jtag info but that seems like even more of a pain to set up.

JacobL
Posts: 76
Joined: Sun Apr 15, 2012 2:23 pm

Re: Debugging with qemu?

Fri May 30, 2014 9:46 am

Are you using the trick with both kernel and initrd pointing to the same image? This should be used if you want your kernel loaded at 0x8000. Otherwise the kernel will be loaded at 0x10000.

Here is the script I use to start qemu with gdb, perhaps it helps:

Code: Select all

#!/bin/bash

IMG="$1"

[[ -f "$IMG" ]] || exit 1

QEMU=/opt/qemu-rpi/bin/qemu-system-arm

MEM=512
CPU=arm1176
MACH=raspi

SER=stdio

APPEND="rw earlyprintk loglevel=8 panic=120 keep_bootcon rootwait dma.dmachans=0x7f35 bcm2708_fb.fbwidth=1024 bcm2708_fb.fbheight=768 bcm2708.boardrev=0xf bcm2708.serial=0xcad0eedf smsc95xx.macaddr=B8:27:EB:D0:EE:DF sdhci-bcm2708.emmc_clock_freq=100000000 vc_mem.mem_base=0x1c000000 vc_mem.mem_size=0x20000000  dwc_otg.lpm_enable=0 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 elevator=deadline rootwait"

$QEMU -kernel "$IMG" -initrd "$IMG" -cpu $CPU -m $MEM -M $MACH -no-reboot -s -S -serial $SER -append "$APPEND"

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Debugging with qemu?

Fri May 30, 2014 9:56 am

Ah, brilliant! That worked perfectly. I'm still not able to disassemble anything though.

Code: Select all

(gdb) disas
No function contains program counter for selected frame.
Edit:

Code: Select all

x/14i $pc
works, but is a little limited.
http://felix.abecassis.me/2012/08/gdb-d ... -binaries/

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Debugging with qemu?

Fri May 30, 2014 10:15 am

I suppose it works well enough. I find that my kernel gets to this instruction "0x80c4: movweq r5, #33680 ; 0x8390" and then pc jumps to 0x0. Is there an issue with the instruction causing a reset or something? :?

Edit:
Reduced it to a test case and made it a linux program. Turned out I don't know how to use thumb. Looks like qemu is very handy for bare metal development if you don't have a jtag adapter.

Return to “Bare metal, Assembly language”

Who is online

Users browsing this forum: No registered users and 4 guests