How to debug QEMU crashes?

[gsingh2011]

I've recently found out how to connect GDB to QEMU and I don't know how I used to live without this. The issue is sometimes my kernel causes QEMU to crash with:

qemu: fatal: Trying to execute code outside RAM or ROM at 0x665f665e

And printing out a bunch of register values. Is there any way to get QEMU to generate an actual core dump that I can open with GDB and see the backtrace? Currently, the GDB connection is terminated when QEMU closes, so I have no idea how to debug what's causing the crash.

[Nable]

> Trying to execute code outside RAM or ROM
This message is most probably a sign of a bug in _your code_ (I mean emulated system), not in QEMU.
E.g., you have some bad page tables that maps code region to a wrong location (i.e. not to RAM).

Answering your question about coredumps: use `ulimit' shell command to allow core dump creation, AFAIR:

Code: Select all

ulimit -c unlimited

. Of course, you want get any coredump if QEMU didn't crash but just exited when it cannot continue emulation.

First link from google could help you in debugging your issue: http://lists.gnu.org/archive/html/qemu- ... 00234.html
Upd: second link is even better:

Also, if something goes wrong, for example:

Code: Select all

qemu: fatal: Trying to execute code outside RAM or ROM at 0x00014748
 
R00=0001b860 R01=4020fcb0 R02=0000002c R03=00014748
R04=00014000 R05=00000000 R06=0000030f R07=4001b82f
R08=00000000 R09=00000000 R10=4001b840 R11=4001b860
R12=00000000 R13=4020fcac R14=40014724 R15=00014748
PSR=400001d3 -Z-- A svc32

you can enable tracing in qemu by enabling option "-d cpu,exec,in_asm" - it create trace log in /tmp/qemu.log, for example:

I hope that it can help you.