From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1FOVjL-0007OT-F0
	for qemu-devel@nongnu.org; Wed, 29 Mar 2006 03:08:39 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1FOVjK-0007OH-LS
	for qemu-devel@nongnu.org; Wed, 29 Mar 2006 03:08:39 -0500
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1FOVjK-0007OE-Ge
	for qemu-devel@nongnu.org; Wed, 29 Mar 2006 03:08:38 -0500
Received: from [64.233.184.234] (helo=wproxy.gmail.com)
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1FOVlE-0008CW-Al
	for qemu-devel@nongnu.org; Wed, 29 Mar 2006 03:10:36 -0500
Received: by wproxy.gmail.com with SMTP id i3so410426wra
	for <qemu-devel@nongnu.org>; Wed, 29 Mar 2006 00:08:36 -0800 (PST)
Message-ID: <442A408B.90702@gmail.com>
Date: Wed, 29 Mar 2006 10:08:43 +0200
MIME-Version: 1.0
References: <4428267D.6030707@gmail.com>
In-Reply-To: <4428267D.6030707@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
From: Dirk Behme <dirk.behme@googlemail.com>
Subject: [Qemu-devel] Re: Single stepping MIPS in GDB
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Hi,

if nobody has an idea regarding this, any hint where to 
search or how to debug this the best way?

What confuses me is that qemu.log correctly shows 
pc=0x80010400 but qemu monitor register info and GDB show pc=0.

Thanks

Dirk

Dirk Behme wrote:
> Hi,
> 
> now, after ARM, I try to debug some low level system init code on MIPS 
> as well. For this, I use qemu-snapshot-2006-03-21_23 because this 
> already includes little endian MIPS (--target-list=mipsel-softmmu). I 
> can load my program to MIPS default start address 0x80010000, use 
> mipsel-linux-gdb to attach to it and load symbols. Start address is set 
> correctly. But seems that I have trouble single stepping (si). I would 
> assume that with first si system should jump to 0x80010400 (please find 
> some debug output below). Instead, PC is set to 0x0.
> 
> If I start program with 'continue' in gdb, seems that program starts to 
> run correctly. After stop at random location with ctrl-c in gdb, the 
> following single steps seem to fail as well (please see below as well).
> 
> Any hints what I'm making wrong here?
> 
> Many thanks
> 
> Dirk
> 
> *1* Debug output for single step at startup. PC is set to 0x0 instead to 
> next command at 0x80010400
> 
> _start ()
>     at uboot/u-boot-1.1.4/cpu/mips/start.S:43
> 43              RVECENT(reset,0)        /* U-boot entry point */
> (gdb) p/x $pc
> $1 = 0x80010000
> (gdb) x/2i $pc
> 0x80010000 <_start>:    b       0x80010400 <reset>
> 0x80010004 <_start+4>:  nop
> (gdb) si
> 0x00000000 in ?? ()
> (gdb) p/x $pc
> $2 = 0x0
> (gdb)
> 
> /tmp> cat qemu.log
> pc=0x80010000 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0
> GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000
> GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000
> GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000
> GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000
> GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000
> GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
> GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000
> GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000
> CP0 Status  0x10400004 Cause   0x00000400 EPC    0x00000000
>     Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000
> cpu_mips_handle_mmu_fault pc 80010000 ad 80010000 rw 2 is_user 0 smmu 1
> cpu_mips_handle_mmu_fault address=80010000 ret 0 physical 00010000 prot 3
> ------------------------------------------------
> pc=0x80010000 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0
> GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000
> GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000
> GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000
> GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000
> GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000
> GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
> GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000
> GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000
> CP0 Status  0x10400004 Cause   0x00000400 EPC    0x00000000
>     Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000
> IN:
> 0x80010000:  b  0x80010400
> 0x80010004:  nop
> 
> OP:
> 0x0000: goto_tb0
> 0x0001: save_pc 0x80010400
> 0x0002: set_T0 0x829ce00
> 0x0003: exit_tb
> 0x0004: reset_T0
> 0x0005: exit_tb
> 0x0006: end
> 
> ---------------- 2 00000002
> OUT: [size=24]
> 0x08a9ce00:  jmp    0xa4ab0b4
> 0x08a9ce05:  movl   $0x80010400,0x80(%ebp)
> 0x08a9ce0f:  mov    $0x829ce00,%ebx
> 0x08a9ce14:  ret
> 0x08a9ce15:  xor    %ebx,%ebx
> 0x08a9ce17:  ret
> 
> Trace 0x08a9ce00 [80010000]
> pc=0x80010400 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0
> GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000
> GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000
> GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000
> GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000
> GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000
> GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
> GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000
> GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000
> CP0 Status  0x10400004 Cause   0x00000400 EPC    0x00000000
>     Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000
> ------------------------------------------------
> pc=0x80010400 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0
> GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000
> GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000
> GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000
> GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000
> GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000
> GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
> GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000
> GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000
> CP0 Status  0x10400004 Cause   0x00000400 EPC    0x00000000
>     Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000
> IN:
> 
> OP:
> 0x0000: save_pc 0x80010400
> 0x0001: debug
> 0x0002: end
> 
> ---------------- 2 00000002
> OUT: [size=21]
> 0x08a9ce20:  movl   $0x80010400,0x80(%ebp)
> 0x08a9ce2a:  push   $0x10002
> 0x08a9ce2f:  call   0x80866c0
> 0x08a9ce34:  pop    %eax
> 
> Trace 0x08a9ce20 [80010400]
> search pc 1
> ------------------------------------------------
> pc=0x80010400 HI=0x00000000 LO=0x00000000 ds 0002 00000000 0
> GPR00: r0 00000000 at 00000000 v0 00000000 v1 00000000
> GPR04: a0 00000000 a1 00000000 a2 00000000 a3 00000000
> GPR08: t0 00000000 t1 00000000 t2 00000000 t3 00000000
> GPR12: t4 00000000 t5 00000000 t6 00000000 t7 00000000
> GPR16: s0 00000000 s1 00000000 s2 00000000 s3 00000000
> GPR20: s4 00000000 s5 00000000 s6 00000000 s7 00000000
> GPR24: t8 00000000 t9 00000000 k0 00000000 k1 00000000
> GPR28: gp 00000000 sp 00000000 s8 00000000 ra 00000000
> CP0 Status  0x10400004 Cause   0x00000400 EPC    0x00000000
>     Config0 0x80008090 Config1 0x1e190c8a LLAddr 0x00000000
> IN:
> 
> OP:
> 0x0000: save_pc 0x80010400
> 0x0001: debug
> 0x0002: end
> 
> ---------------- 2 00000002
> /tmp >
> 
> Debug output from debug enabled in gdbserver:
> 
> command='m80010000,4'
> reply='ff000010'
> command='m80010004,4'
> reply='00000000'
> command='m80010000,4'
> reply='ff000010'
> command='m80010004,4'
> reply='00000000'
> command='m80010000,4'
> reply='ff000010'
> command='Z0,80010400,4'
> reply='OK'
> command='vCont?'
> reply=''
> command='Hc0'
> reply=''
> command='c'
> Foo #B ret: 0
> reply='S05'
> command='g'
> reply='0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040100000000000000000000000000004000000000000' 
> 
> command='z0,80010400,4'
> reply='OK'
> command='m0,4'
> reply='00000000'
> command='mfffffffc,4'
> reply='E14'
> command='m0,4'
> reply='00000000'
> command='mfffffffc,4'
> reply='E14'
> command='m0,4'
> reply='00000000'
> command='mfffffffc,4'
> reply='E14'
> command='m0,4'
> reply='00000000'
> command='mfffffffc,4'
> reply='E14'
> command='m0,4'
> reply='00000000'
> command='m4,4'
> reply='00000000'
> 
> *2* Start program with 'continue', stop somewhere with ctrl-c, then 
> single step:
> 
> (gdb) p/x $pc
> $3 = 0x800108cc
> (gdb) si
> 143     2:      sw      zero, 0(a0)
> (gdb) si
> 143     2:      sw      zero, 0(a0)
> (gdb) si
> 143     2:      sw      zero, 0(a0)
> (gdb) p/x $pc
> $4 = 0x800108cc
> (gdb) x/3i $pc
> 0x800108cc <mips_cache_reset+28>:       sw      zero,0(a0)
> 0x800108d0 <mips_cache_reset+32>:       sw      zero,4(a0)
> 0x800108d4 <mips_cache_reset+36>:       sw      zero,8(a0)
> (gdb)
>