blob: f7102c10e0452c3ee044e88a1193747c365bae06 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
id = 2729
title = "qemu-system-aarch64 -M raspi4b -- no valid DTB provided in x0 register"
state = "closed"
created_at = "2024-12-19T01:59:55.229Z"
closed_at = "2025-02-04T17:26:34.014Z"
labels = ["target: arm"]
url = "https://gitlab.com/qemu-project/qemu/-/issues/2729"
host-os = "Ubuntu 24.04.1 LTS"
host-arch = "x86_64"
qemu-version = "QEMU emulator version 9.2.50 (v9.2.0-319-gca80a5d026)"
guest-os = "custom"
guest-arch = "aarch64"
description = """When starting `qemu-system-aarch64 -M raspi4b`, no valid DTB is provided in x0."""
reproduce = """Make a simple binary to loop forever
```
$ cat loop.c
void _start(void)
{
\tfor(;;)
\t\t;
}
$ aarch64-linux-gnu-gcc loop.c -nostdlib
$ aarch64-linux-gnu-objcopy -O binary a.out loop.bin
```
Start qemu for debugging and start gdb
```
$ qemu-system-aarch64 -S -s -M raspi4b -kernel loop.bin
# in another terminal
$ aarch64-linux-gnu-gdb
(gdb) target remote :1234
Remote debugging using :1234
warning: No executable has been specified and target does not support
determining executable automatically. Try using the "file" command.
0x0000000000000000 in ?? ()
(gdb) watch *$x0
Watchpoint 3: *$x0
(gdb) watch $x0
Watchpoint 4: $x0
(gdb) x/2x$x0
0x0:\t0x580000c0\t0xaa1f03e1
(gdb) si
Thread 1 hit Watchpoint 3: *$x0
Old value = 1476395200
New value = 5
Thread 1 hit Watchpoint 4: $x0
Old value = 0
New value = 256
0x0000000000000004 in ?? ()
(gdb) x/2x$x0
0x100:\t0x00000005\t0x54410001
(gdb) si
0x0000000000000008 in ?? ()
(gdb) si
0x000000000000000c in ?? ()
(gdb) si
0x000000000000000c in ?? ()
(gdb) si
0x0000000000000010 in ?? ()
(gdb) si
0x0000000000000014 in ?? ()
(gdb) si
0x0000000000080000 in ?? ()
(gdb) si
0x0000000000000200 in ?? ()
(gdb) si
0x0000000000000200 in ?? ()
(gdb) si
0x0000000000000200 in ?? ()
(gdb) si
0x0000000000000200 in ?? ()
(gdb) x/2x$x0
0x100:\t0x00000005\t0x54410001
(gdb)
```
Note that at no time is a valid DTB provided in x0. I expected to see the DTB magic 0xd00dfeed (or 0xedfe0dd0) at the memory pointed to by x0"""
additional = "n/a"
|