![[RTEMS Logo]](/images/logo.png){kind=logo}
| Version 3 (modified by Sebastian Huber, on 11/09/17 at 06:51:10) (diff) |
|---|
Table of Contents
SIS SPARC Simulator
SIS is an open-source SPARC simulator capable of emulating simple ERC32, Leon2 and Leon3 systems. The simulator can be used in standalone mode, or integrated in gdb. Building a tool chain for SPARC with the RTEMS source builder (RSB) will automatically build and install the simulator.
Basic usage and emulation characteristics are described in four README files:
Useful debugging techniques are described below.
Debugging with SIS in standalone mode
Debugging programs with the standalone version of SIS is useful for problems during booting or memory allocation, where the RTEMS kernel will crash before reaching any high-level C code. The basic technique would be to enable the history trace buffer, run the program until it crashes, and then review the trace:
$ sparc-rtems5-sis -leon2 ./sparc-rtems5/c/leon3/testsuites/samples/cdtest/cdtest.exe
SIS - SPARC instruction simulator 2.8, copyright Jiri Gaisler 1995
Bug-reports to jiri@gaisler.se
LEON2 emulation enabled
sis> hi 10
trace history length = 10
sis> run
IU in error mode (128)
9487 40000090 91d02000 ta 0
sis> hi
9474 40025604 80886003 btst 3, %g1
9475 40025608 02800010 be 0x0000000040025648
9476 4002560c 9e06bff0 add %i2, -16, %o7
9477 40025648 84100019 mov %i1, %g2
9478 4002564c 9e0bfff0 and %o7, -16, %o7
9479 40025650 82100018 mov %i0, %g1
9480 40025654 9e03e010 add %o7, 0x10, %o7
9481 40025658 8606000f add %i0, %o7, %g3
9482 4002565c f6008000 ld [ %g2 ], %i3
9486 40000090 91d02000 ta 0
sis> reg
INS LOCALS OUTS GLOBALS
0: 400390A0 00000000 00000000 00000000
1: 00000000 4002565C 00000000 40FFFCD0
2: 00000068 40025660 00000000 FFFFF000
3: 00000004 00000000 00000000 40FFFCF0
4: 40039108 00000000 00000000 40039380
5: 40039108 00000000 00000000 400007C0
6: 40FFFBF8 00000000 00000000 400398C0
7: 00000020 00000000 00000000 00000000
psr: 00401FC2 wim: 00000002 tbr: 40000090 y: 00000000
pc: 40000090 = 91D02000 ta 0
npc: 40000094 = 01000000 nop
IU in error mode
sis>
The above trace shows a data trap (trap type 0x9) at address 0x4002565c (ld [ %g2 ], %i3). The load address in %g2 is 0x40FFFCD0, which is not a valid Leon2 address. To see which code generates this trap, we will need some symbolic information. Since SIS does not support debug symbols, we must turn to gdb with built-in sis:
Debugging with SIS in gdb
To debug with gdb/sis, start the debugger and connect to the simulator:
$ sparc-rtems5-gdb cdtest.exe GNU gdb (GDB) 7.12 Reading symbols from cdtest.exe...done. (gdb) tar sim -leon2 Connected to the simulator. (gdb)
The binary must be loaded before it can be run:
(gdb) load
A breakpoint should be set at the trapping instruction:
(gdb) bre *0x4002565c Breakpoint 1 at 0x4002565c: file ../../../../../../gcc-7.1.0/newlib/libc/string/memcpy.c, line 87
Then the program can be run. It will stop at the breakpoint, and a back-trace can be printed:
(gdb) run
Starting program: /home/jiri/src/rtems/b1/sparc-rtems5/c/leon3/testsuites/samples/cdtest/cdtest.exe
Breakpoint 1, memcpy (dst0=0x40fffcd0, src0=0xfffff000, len0=32)
at ../../../../../../gcc-7.1.0/newlib/libc/string/memcpy.c:87
87 ../../../../../../gcc-7.1.0/newlib/libc/string/memcpy.c: No such file or directory.
(gdb) bt
#0 memcpy (dst0=0x40fffcd0, src0=0xfffff000, len0=32)
at ../../../../../../gcc-7.1.0/newlib/libc/string/memcpy.c:87
#1 0x4001487c in ambapp_scan2 (abus=0x40039320 <ambapp_plb>, ioarea=4293918720,
memfunc=0x400255f0 <memcpy>, parent=0x0, root=0x40039320 <ambapp_plb>)
at /home/jiri/ibm/src/rtems/rtems.git/c/src/lib/libbsp/sparc/leon3/../../sparc/shared/amba/ambapp.c:177
#2 0x4001429c in amba_initialize ()
at /home/jiri/ibm/src/rtems/rtems.git/c/src/lib/libbsp/sparc/leon3/amba/amba.c:99
#3 0x4001d148 in rtems_initialize_executive ()
at /home/jiri/ibm/src/rtems/rtems.git/c/src/../../cpukit/sapi/src/exinit.c:138
#4 0x400134d4 in boot_card (cmdline=0x0)
at /home/jiri/ibm/src/rtems/rtems.git/c/src/lib/libbsp/sparc/leon3/../../shared/bootcard.c:78
#5 0x400010c8 in zerobss ()
at /home/jiri/ibm/src/rtems/rtems.git/c/src/lib/libbsp/sparc/leon3/../../sparc/shared/start/start.S:372
(gdb) up
#1 0x4001487c in ambapp_scan2 (abus=0x40039320 <ambapp_plb>, ioarea=4293918720,
memfunc=0x400255f0 <memcpy>, parent=0x0, root=0x40039320 <ambapp_plb>)
at /home/jiri/ibm/src/rtems/rtems.git/c/src/lib/libbsp/sparc/leon3/../../sparc/shared/amba/ambapp.c:177
177 memfunc(&ahb_buf, ahb, sizeof(struct ambapp_pnp_ahb), abus);
(gdb) list
172 prev = parent;
173
174 /* AHB MASTERS */
175 ahb = (struct ambapp_pnp_ahb *) (ioarea | AMBA_CONF_AREA);
176 for (i = 0; i < maxloops; i++, ahb++) {
177 memfunc(&ahb_buf, ahb, sizeof(struct ambapp_pnp_ahb), abus);
178 if (ahb_buf.id == 0)
179 continue;
180
181 /* An AHB device present here */
(gdb)
We can now see that the data trap occurs in memcpy, called by ambapp_scan2. The cause to the trap is rather trivial, we are trying to run a leon3 binary with sis configured for leon2! Running the binary with sis in leon3 mode will give us the desired result:
$ sparc-rtems5-gdb ./sparc-rtems5/c/leon3/testsuites/samples/cdtest/cdtest.exe GNU gdb (GDB) 7.12 Reading symbols from ./sparc-rtems5/c/leon3/testsuites/samples/cdtest/cdtest.exe...done. (gdb) tar sim -leon3 Connected to the simulator. (gdb) load (gdb) run Starting program: /home/jiri/src/rtems/b1/sparc-rtems5/c/leon3/testsuites/samples/cdtest/cdtest.exe *** BEGIN OF TEST CONSTRUCTOR/DESTRUCTOR *** GLOBAL: Hey I'm in base class constructor number 1 for 0x40038a08. GLOBAL: Hey I'm in base class constructor number 2 for 0x400389fc. GLOBAL: Hey I'm in derived class constructor number 3 for 0x400389fc. LOCAL: Hey I'm in base class constructor number 4 for 0x4003da50. LOCAL: Hey I'm in base class constructor number 5 for 0x4003da5c. LOCAL: Hey I'm in base class constructor number 6 for 0x4003da68. LOCAL: Hey I'm in base class constructor number 7 for 0x4003da74. . . . . GLOBAL: Hey I'm in base class destructor number 2 for 400389FC. Derived class - Instantiation order 3 GLOBAL: Hey I'm in base class destructor number 1 for 40038A08. Derived class - Instantiation order 1 *** END OF TEST CONSTRUCTOR/DESTRUCTOR *** [Inferior 1 (process 42000) exited normally] (gdb)
To run the binary again, the gdb load command must be given followed by run.
Running test suites with SIS and rtems-test
SIS can run the RTEMS test suites for erc32, leon2 and leon3 bsp in an automatic way using the rtems-test script. The test suites are available in the RTEMS build or install directory if RTEMS was configured with --enable-tests. Below is how to run the tests for leon3, but it works equally well erc32 and leon2. The tests will run in about 2 - 3 minutes on a high-end desktop.
$ rtems-test --rtems-bsp=leon3-sis sparc-rtems5/c/leon3/testsuites [ 1/568] p:0 f:0 u:0 e:0 I:0 B:0 t:0 i:0 | sparc/leon3: dhrystone.exe [ 3/568] p:0 f:0 u:0 e:0 I:0 B:0 t:0 i:0 | sparc/leon3: whetstone.exe [ 2/568] p:0 f:0 u:0 e:0 I:0 B:0 t:0 i:0 | sparc/leon3: linpack.exe [ 4/568] p:0 f:0 u:0 e:0 I:0 B:0 t:0 i:0 | sparc/leon3: fsbdpart01.exe [ 5/568] p:0 f:0 u:0 e:0 I:0 B:0 t:0 i:0 | sparc/leon3: fsdosfsformat01.exe . . . . [565/568] p:547 f:0 u:4 e:0 I:0 B:3 t:0 i:3 | sparc/leon3: tmcontext01.exe [566/568] p:550 f:0 u:4 e:0 I:0 B:3 t:0 i:3 | sparc/leon3: tmfine01.exe [567/568] p:550 f:0 u:4 e:0 I:0 B:3 t:0 i:3 | sparc/leon3: tmoverhd.exe [568/568] p:550 f:0 u:4 e:0 I:0 B:3 t:0 i:3 | sparc/leon3: tmtimer01.exe Passed: 558 Failed: 0 User Input: 4 Expected Fail: 0 Indeterminate: 0 Benchmark: 3 Timeout: 0 Invalid: 3 ------------------ Total: 568 User Input: monitor.exe termios.exe top.exe fileio.exe Benchmark: whetstone.exe linpack.exe dhrystone.exe Invalid: sptimecounter01.exe spinternalerror01.exe minimum.exe Average test time: 0:00:00.301682 Testing time : 0:02:51.355812 $
DDD front-end for gdb/sis
The Data Display Debugger is a very useful tool for graphical debugging with gdb/sis. DDD is launched with gdb/sis as target debugger:
$ ddd --debugger sparc-rtems5-gdb cdtest.exe &
The start-up commands to connect to simulator are needed:
(gdb) tar sim -leon3 (gdb) load
Link to DDD image: https://gaisler.org/gdb/doc/ddd1.png
