From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1FNvtu-0007hx-0R for qemu-devel@nongnu.org; Mon, 27 Mar 2006 12:53:10 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1FNvtq-0007hJ-AX for qemu-devel@nongnu.org; Mon, 27 Mar 2006 12:53:07 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1FNvtq-0007h6-0N for qemu-devel@nongnu.org; Mon, 27 Mar 2006 12:53:06 -0500 Received: from [64.233.184.238] (helo=wproxy.gmail.com) by monty-python.gnu.org with esmtp (Exim 4.52) id 1FNvvN-0002LI-Sg for qemu-devel@nongnu.org; Mon, 27 Mar 2006 12:54:42 -0500 Received: by wproxy.gmail.com with SMTP id 55so11039wri for ; Mon, 27 Mar 2006 09:53:04 -0800 (PST) Message-ID: <4428267D.6030707@gmail.com> Date: Mon, 27 Mar 2006 19:53:01 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit From: Dirk Behme Subject: [Qemu-devel] Single stepping MIPS in GDB Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Hi, now, after ARM, I try to debug some low level system init code on MIPS as well. For this, I use qemu-snapshot-2006-03-21_23 because this already includes little endian MIPS (--target-list=mipsel-softmmu). I can load my program to MIPS default start address 0x80010000, use mipsel-linux-gdb to attach to it and load symbols. Start address is set correctly. But seems that I have trouble single stepping (si). I would assume that with first si system should jump to 0x80010400 (please find some debug output below). Instead, PC is set to 0x0. If I start program with 'continue' in gdb, seems that program starts to run correctly. After stop at random location with ctrl-c in gdb, the following single steps seem to fail as well (please see below as well). Any hints what I'm making wrong here? Many thanks Dirk *1* Debug output for single step at startup. PC is set to 0x0 instead to next command at 0x80010400 _start () at uboot/u-boot-1.1.4/cpu/mips/start.S:43 43 RVECENT(reset,0) /* U-boot entry point */ (gdb) p/x $pc $1 = 0x80010000 (gdb) x/2i $pc 0x80010000 <_start>: b 0x80010400 0x80010004 <_start+4>: nop (gdb) si 0x00000000 in ?? () (gdb) p/x $pc $2 = 0x0 (gdb) /tmp> cat qemu.log pc=0x80010000 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0 GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000 GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000 GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000 GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000 GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000 GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000 GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000 GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000 CP0 Status 0x10400004 Cause 0x00000400 EPC 0x00000000 Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000 cpu_mips_handle_mmu_fault pc 80010000 ad 80010000 rw 2 is_user 0 smmu 1 cpu_mips_handle_mmu_fault address=80010000 ret 0 physical 00010000 prot 3 ------------------------------------------------ pc=0x80010000 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0 GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000 GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000 GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000 GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000 GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000 GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000 GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000 GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000 CP0 Status 0x10400004 Cause 0x00000400 EPC 0x00000000 Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000 IN: 0x80010000: b 0x80010400 0x80010004: nop OP: 0x0000: goto_tb0 0x0001: save_pc 0x80010400 0x0002: set_T0 0x829ce00 0x0003: exit_tb 0x0004: reset_T0 0x0005: exit_tb 0x0006: end ---------------- 2 00000002 OUT: [size=24] 0x08a9ce00: jmp 0xa4ab0b4 0x08a9ce05: movl $0x80010400,0x80(%ebp) 0x08a9ce0f: mov $0x829ce00,%ebx 0x08a9ce14: ret 0x08a9ce15: xor %ebx,%ebx 0x08a9ce17: ret Trace 0x08a9ce00 [80010000] pc=0x80010400 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0 GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000 GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000 GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000 GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000 GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000 GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000 GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000 GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000 CP0 Status 0x10400004 Cause 0x00000400 EPC 0x00000000 Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000 ------------------------------------------------ pc=0x80010400 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0 GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000 GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000 GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000 GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000 GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000 GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000 GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000 GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000 CP0 Status 0x10400004 Cause 0x00000400 EPC 0x00000000 Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000 IN: OP: 0x0000: save_pc 0x80010400 0x0001: debug 0x0002: end ---------------- 2 00000002 OUT: [size=21] 0x08a9ce20: movl $0x80010400,0x80(%ebp) 0x08a9ce2a: push $0x10002 0x08a9ce2f: call 0x80866c0 0x08a9ce34: pop %eax Trace 0x08a9ce20 [80010400] search pc 1 ------------------------------------------------ pc=0x80010400 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0 GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000 GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000 GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000 GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000 GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000 GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000 GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000 GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000 CP0 Status 0x10400004 Cause 0x00000400 EPC 0x00000000 Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000 IN: OP: 0x0000: save_pc 0x80010400 0x0001: debug 0x0002: end ---------------- 2 00000002 /tmp > Debug output from debug enabled in gdbserver: command='m80010000,4' reply='ff000010' command='m80010004,4' reply='00000000' command='m80010000,4' reply='ff000010' command='m80010004,4' reply='00000000' command='m80010000,4' reply='ff000010' command='Z0,80010400,4' reply='OK' command='vCont?' reply='' command='Hc0' reply='' command='c' Foo #B ret: 0 reply='S05' command='g' reply='0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040100000000000000000000000000004000000000000' command='z0,80010400,4' reply='OK' command='m0,4' reply='00000000' command='mfffffffc,4' reply='E14' command='m0,4' reply='00000000' command='mfffffffc,4' reply='E14' command='m0,4' reply='00000000' command='mfffffffc,4' reply='E14' command='m0,4' reply='00000000' command='mfffffffc,4' reply='E14' command='m0,4' reply='00000000' command='m4,4' reply='00000000' *2* Start program with 'continue', stop somewhere with ctrl-c, then single step: (gdb) p/x $pc $3 = 0x800108cc (gdb) si 143 2: sw zero, 0(a0) (gdb) si 143 2: sw zero, 0(a0) (gdb) si 143 2: sw zero, 0(a0) (gdb) p/x $pc $4 = 0x800108cc (gdb) x/3i $pc 0x800108cc : sw zero,0(a0) 0x800108d0 : sw zero,4(a0) 0x800108d4 : sw zero,8(a0) (gdb)