How to single step ARM assembly in GDB on QEMU?

linux assembly gdb arm qemu
fred basset picture fred basset · Dec 15, 2013 · Viewed 9.1k times · Source

I'm trying to learn about ARM assembler programming using the GNU assembler. I've setup my PC with QEmu and have a Debian ARM-HF chroot environment.

If I assemble and link my test program:

.text
.global _start
_start:
        mov     r0, #6
        bx      lr

with:

as test.s -o test.o
ld test.o -o test

Then load the file into gdb and set a breakpoint on _start:

root@Latitude-E6420:/root# gdb test
GNU gdb (GDB) 7.6.1 (Debian 7.6.1-1)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "arm-linux-gnueabihf".
For bug reporting instructions, please see:
...
Reading symbols from /root/test...(no debugging symbols found)...done.
(gdb) break _start
Breakpoint 1 at 0x8054
(gdb)

How do I single step the code, display the assembler source code and monitor the registers? I tried some basic commands and they did not work:

(gdb) break _start
Breakpoint 1 at 0x8054
(gdb) info regi
The program has no registers now.
(gdb) stepi
The program is not being run.
(gdb) disas
No frame selected.
(gdb) r
Starting program: /root/test 
qemu: Unsupported syscall: 26
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
qemu: Unsupported syscall: 26
During startup program terminated with signal SIGSEGV, Segmentation fault.
(gdb)

Answer

Peter Maydell picture Peter Maydell · Jan 30, 2015

Your problem here is that you're trying to run an ARM gdb under QEMU's user-mode emulation. QEMU doesn't support the ptrace syscall (that's what syscall number 26 is), so this is never going to work.

What you need to do is run your test binary under QEMU with the QEMU options to enable QEMU's own builtin gdb stub which will listen on a TCP port. Then you can run a gdb compiled to run on your host system but with support for ARM targets, and tell that to connect to the TCP port.

(Emulating ptrace within QEMU is technically very tricky, and it would not provide much extra functionality that you can't already achieve via the QEMU builtin gdbstub. It's very unlikely it'll ever be implemented.)

Related questions

Using gdb to single-step assembly code outside specified executable causes error "cannot find bounds of current function"

I'm outside gdb's target executable and I don't even have a stack that corresponds to that target. I want to single-step anyway, so that I can verify what's going on in my assembly code, because I'm not an expert at …

Read More
Permanently Change Disassembly Flavor in GDB

How can I permanently change the disassembly flavor in GDB. I tried:set disassembly-flavor intel in GDB, but when I fire up GDB later it still has the att flavor.

Read More
GDB complains No Source Available

I'm running on Ubuntu 12.10 64bit. I am trying to debug a simple assembly program in GDB. However GDB's gui mode (-tui) seems unable to find the source code of my assembly file. I've rebuilt the project in the currently directory …

Read More