Re: Debug ARM semihosting Thumb-2 binary

[Jonas Maebe <jonas.maebe@elis.ugent.be>]

[-- Attachment #1: Type: text/plain, Size: 2784 bytes --]


On 09 Feb 2012, at 02:38, Matthew Gretton-Dann wrote:

> On Wed, Feb 08, 2012 at 10:35:48PM +0000, Jonas Maebe wrote:
>>
>> The full QEMU command line I use:
>>
>> ~/qemu/bin/qemu-system-arm -nographic -semihosting -M realview-eb - 
>> cpu cortex-m3 -kernel qsort_large -append "input_large.dat" -S -s
>
> I think -M realview-eb -cpu cortex-m3 is not the best way of  
> invoking qemu
> as it generates a system with a Cortex-M3 but without the appropriate
> interrupt controller.  Try one of the Stellaris boards instead (use
> -machine ? to get the actual command line).

I've now tried both -M lm3s811evb (Stellaris LM3S811EVB) and -M  
lm3s6965evb (Stellaris LM3S6965EVB) together with -cpu cortex-m3.  
Neither appears to work at all: there's no output (not even QEMU  
complaining that it can't open any sound devices, which it does  
instantaneously on startup if I choose the realview-eb platform).

If I start QEMU with a Stellaris platform selected and with -S -s  
(stop immediately on startup and wait for gdb) and attach gdb, the  
process is stopped at address 0 (instead of 0x8000). Removing the - 
semihosting switch does not change this (that would obviously fail as  
soon as a syscall were executed, but it doesn't get that far).

> We need to diagnose whether this is a QEmu or GDB issue.

Yes, I'm also starting to wonder whether I might be QEMU rather than  
gdb that's going wrong...

> What QEmu are you using?

The main site's 1.0 release, manually compiled directly from source  
(on Linux/x86-64).

> Can you clarify whether this is Cortex-M3 specific?  Does it happen  
> if you
> build for a Cortex-A profile CPU in ARM and Thumb state?  What  
> happens when
> you run the image in QEmu without GDB attached?

If I run it in QEMU (with -m realview-eb -cpu cortex-m3) without gdb  
attached, everything works correctly (although occasionally not all  
output is printed, but that's probably a QEMU issue). I currently  
can't rebuild it for Cortex-A or anything else because our license for  
RVCT has expired and we're still in the process of renewing it.

> Can you also provide a gdb trace of the remote protocol (use set debug
> remote on before attaching to QEmu).


I've attached the remote log for the qsort_large program I've  
compiled. The binary was started with the following QEMU command line:

~/qemu/bin/qemu-system-arm -nographic -semihosting -M realview-eb -cpu  
cortex-m3 -kernel qsort_large -append "input_large.dat" -s -S

I've also attached the qsort_large binary itself, since it's pretty  
small (and it's from mibench, so it's freely distributable). The  
input_large.dat file that's required for input can be gotten from http://www.eecs.umich.edu/mibench/automotive.tar.gz 
  (automotive/qsort/input_large.dat)

Thanks,


Jonas

[-- Attachment #2: gdb-qsort_large-remote-log.txt --]
[-- Type: text/plain, Size: 7967 bytes --]

$ ~/armgdb/bin/arm-unknown-linux-gnueabi-gdb
GNU gdb (GDB) 7.4
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "--host=x86_64-unknown-linux-gnu --target=arm-unknown-linux-gnueabi".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
(reverse-i-search)`set': ^CQuitm force-mode thumb
(gdb) set debug remote 1
(gdb) target remote :1234
Remote debugging using :1234
Sending packet: $qSupported:qRelocInsn+#9a...Ack
Packet received: PacketSize=1000;qXfer:features:read+
Packet qSupported (supported-packets) is supported
Sending packet: $Hg0#df...Ack
Packet received: OK
Sending packet: $qXfer:features:read:target.xml:0,ffb#79...Ack
Packet received: l<?xml version="1.0"?><!DOCTYPE target SYSTEM "gdb-target.dtd"><target><xi:include href="arm-core.xml"/></target>
Sending packet: $qXfer:features:read:arm-core.xml:0,ffb#08...Ack
Packet received: l<?xml version="1.0"?>\n<!-- Copyright (C) 2008 Free Software Foundation, Inc.\n\n     Copying and distribution of this file, with or without modification,\n     are permitted in any medium without royalty provided the copyright\n     notice and this notice are preserved.  -->\n\n<!DOCTYPE feature SYSTEM "gdb-target.dtd">\n<feature name="org.gnu.gdb.arm.core">\n  <reg name="r0" bitsize="32"/>\n  <reg name="r1" bitsize="32"/>\n  <reg name="r2" bitsize="32"/>\n  <reg name="r3" bitsize="32"/>\n  <reg name="r4" bitsize="32"/>\n  <reg name="r5" bitsize="32"/>\n  <reg name="r6" bitsize="32"/>\n  <reg name="r7" bitsize="32"/>\n  <reg name="r8" bitsize="32"/>\n  <reg name="r9" bitsize="32"/>\n  <reg name="r10" bitsize="32"/>\n  <reg name="r11" bitsize="32"/>\n  <reg name="r12" bitsize="32"/>\n  <reg name="sp" bitsize="32" type="data_ptr"/>\n  <reg name="lr" bitsize="32"/>\n  <reg name="pc" bitsize="32" type="code_ptr"/>\n\n  <!-- The CPSR is register 25, rather than register 16, because\n       the FPA registers historically were placed between the PC\n       and the CPSR in the "g" packet.  -->\n  <reg name="cpsr" bitsize="32" regnum="25"/>\n</feature>\n
Sending packet: $?#3f...Ack
Packet received: T05thread:01;
Sending packet: $Hc-1#09...Ack
Packet received: OK
Sending packet: $qC#b4...Ack
Packet received: QC1
Sending packet: $qAttached#8f...Ack
Packet received: 
Packet qAttached (query-attached) is NOT supported
Sending packet: $g#67...Ack
Packet received: 0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000073010040
Sending packet: $qTStatus#49...Ack
Packet received: 
Sending packet: $qTStatus#49...Ack
Packet received: 
Sending packet: $qTStatus#49...Ack
Packet received: 
Sending packet: $qTStatus#49...Ack
Packet received: 
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
Sending packet: $m7ffc,4#33...Ack
Packet received: 00000000
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
Sending packet: $m7ffc,4#33...Ack
Packet received: 00000000
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
Sending packet: $m7ffc,4#33...Ack
Packet received: 00000000
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
Sending packet: $m7ffc,4#33...Ack
Packet received: 00000000
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
Sending packet: $m8000,4#95...Ack
Packet received: 00f002f8
0x00008000 in ?? ()
Sending packet: $qTStatus#49...Ack
Packet received: 
(gdb) x/i $pc
Sending packet: $m8000,2#93...Ack
Packet received: 00f0
Sending packet: $m8002,2#95...Ack
Packet received: 02f8
=> 0x8000:	bl	0x8008
(gdb) c
Continuing.
Sending packet: $qTStatus#49...Ack
Packet received: 
Sending packet: $vCont?#49...Ack
Packet received: vCont;c;C;s;S
Packet vCont (verbose-resume) is supported
Sending packet: $vCont;c#a8...Ack
Packet received: Fopen,04000024/10,00000000,1a4
Sending packet: $m4000024,10#54...Packet instead of Ack, ignoring it
Ack
Packet received: 696e7075745f6c617267652e64617400
Sending packet: $F-1,2#02...Ack
Packet received: Fisatty,00000001
Sending packet: $F1#77...Packet instead of Ack, ignoring it
Ack
Packet received: T02thread:01;
Sending packet: $g#67...Ack
Packet received: 010000002806ea070000000069ac000048ba00000a0000000a000000010000000000000000000000d8b80000d8b80000000000002806ea07c1a60000448c000073010020

Program received signal SIGINT, Interrupt.
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
Sending packet: $m8c40,4#cc...Ack
Packet received: 0920abbe
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
Sending packet: $m8c40,4#cc...Ack
Packet received: 0920abbe
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
Sending packet: $m8c40,4#cc...Ack
Packet received: 0920abbe
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
Sending packet: $m8c40,4#cc...Ack
Packet received: 0920abbe
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
Sending packet: $m8c44,4#d0...Ack
Packet received: 08bd1cb5
0x00008c44 in ?? ()
(gdb) x/5i $pc-8
Sending packet: $m8c3c,2#fc...Ack
Packet received: 6946
   0x8c3c:	mov	r1, sp
Sending packet: $m8c3e,2#fe...Ack
Packet received: 0090
   0x8c3e:	str	r0, [sp, #0]
Sending packet: $m8c40,2#ca...Ack
Packet received: 0920
   0x8c40:	movs	r0, #9
Sending packet: $m8c42,2#cc...Ack
Packet received: abbe
   0x8c42:	bkpt	0x00ab
Sending packet: $m8c44,2#ce...Ack
Packet received: 08bd
=> 0x8c44:	pop	{r3, pc}
(gdb) ni
Sending packet: $qTStatus#49...Ack
Packet received: 
Sending packet: $m8c44,2#ce...Ack
Packet received: 08bd
Sending packet: $m8c44,2#ce...Ack
Packet received: 08bd
Sending packet: $m7ea062c,4#c5...Ack
Packet received: c1a60000
Sending packet: $ma6c0,2#f5...Ack
Packet received: 2546
Sending packet: $Z0,a6c0,2#3e...Ack
Packet received: OK
Packet Z0 (software-breakpoint) is supported
Sending packet: $vCont;c#a8...Ack
Packet received: T05thread:01;
Sending packet: $g#67...Ack
Packet received: 010000002806ea07000000000100000048ba00000a0000000a000000010000000000000000000000d8b80000d8b80000000000003006ea07c1a60000c0a6000073010020
Sending packet: $z0,a6c0,2#5e...Ack
Packet received: OK
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6bc,4#29...Ack
Packet received: fef7bdfa
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
Sending packet: $ma6c0,4#f7...Ack
Packet received: 25462435
0x0000a6c0 in ?? ()

[-- Attachment #3: qsort_large.bz2 --]
[-- Type: application/x-bzip2, Size: 19443 bytes --]