Cannot step through kernel code (ARM Cortex-A9)

I cannot step through kernel code (ARM Cortex-A9), hopefully someone knows why.

I have a ARM Cortex-A9 target which is being debugged with openocd

(version: 0.9.0-dev-00186-g30203b3-dirty (2014-11-11-17:05)) and an

Olimex ARM-USB-OCD-H.

The problem is I cannot step through Linux kernel code, I’m probably doing

something wrong or missing something. To be precise: after setting a

hardware breakpoint and when it is hit, it is not possible to step through

the Linux kernel code.

This is the exact scenario (including gdb tracing):

run linux kernel on ARM Cortex-A9 target

start openocd [target is halted]

start arm-linux-gdb and enter following commands:

(gdb) symbol-file vmlinux

(gdb) target remote localhost:3333

Remote debugging using localhost:3333

cpu_v7_do_idle () at arch/arm/mm/proc-v7.S:74

74 mov pc, lr

(gdb) hbreak sys_sync

Hardware assisted breakpoint 1 at 0xc00a14dc: file fs/sync.c, line 103.

(gdb) c

So far so good, the target is running. When executing ‘sync’ the breakpoint is

hit and I can continue with the gdb continue command. I can repeat this a couple

of times, it keeps working. Here’s the corresponding (“set debug remote 1”) trace:

Continuing.

Sending packet: $qTStatus#49…Packet received:

Sending packet: $Z1,c00a14dc,4#67…Packet received: OK

Packet Z1 (hardware-breakpoint) is supported

Sending packet: $vCont?#49…Packet received:

Packet vCont (verbose-resume) is NOT supported

Sending packet: $Hc0#db…Packet received: OK

Sending packet: $c#63…Packet received: T05

Sending packet: $g#67…Packet received: 00000000945e9fbe01000000399d050001000000945e9fbec000000024000000a49200c0004070c100000000000000007d3cc510a85f70c1409100c0dc140ac013000080

Sending packet: $z1,c00a14dc,4#87…Packet received: OK

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14d8,4#f2…Packet received: 6c4930c0

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14d8,4#f2…Packet received: 6c4930c0

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14d8,4#f2…Packet received: 6c4930c0

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14d8,4#f2…Packet received: 6c4930c0

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Breakpoint 1, sys_sync () at fs/sync.c:103

103 {

(gdb) c

Continuing.

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $Z0,c00a14e0,4#34…Packet received: OK

Packet Z0 (software-breakpoint) is supported

Sending packet: $Hc0#db…Packet received: OK

Sending packet: $c#63…Packet received: T05

Sending packet: $g#67…Packet received: 0000000094dee8be01000000399d05000100000094dee8bec000000024000000a49200c0004070c10000000000000000a85f70c1a85f70c1409100c0e0140ac013000080

Sending packet: $z0,c00a14e0,4#54…Packet received: OK

Sending packet: $qTStatus#49…Packet received:

Sending packet: $Z1,c00a14dc,4#67…Packet received: OK

Sending packet: $Hc0#db…Packet received: OK

Sending packet: $c#63…Packet received: T05

Sending packet: $g#67…Packet received: 0000000094dee8be01000000399d05000100000094dee8bec000000024000000a49200c0004070c10000000000000000a85f70c1a85f70c1409100c0e0140ac013000080

Program received signal SIGTRAP, Trace/breakpoint trap.

Sending packet: $z1,c00a14dc,4#87…Packet received: OK

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14dc,4#1d…Packet received: 0dc0a0e1

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

The problem occurs when I want to step through the code with stepi, step or next.

In this case gdb & target seems to hang. Here’s the corresponding (“set debug remote 1”) trace:

0xc00a14e0 in sys_sync () at fs/sync.c:103

103 {

(gdb) step

Sending packet: $qTStatus#49…Packet received:

Sending packet: $Z1,c00a14dc,4#67…Packet received: OK

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $mc00a14e0,4#eb…Packet received: 10d82de9

Sending packet: $Z0,c00a14e4,4#38…Packet received: OK

Sending packet: $c#63…Packet received: T05

Sending packet: $g#67…Packet received: 0000000094dee8be01000000399d05000100000094dee8bec000000024000000a49200c0004070c10000000000000000a85f70c1945f70c1409100c0e4140ac013000080

Sending packet: $z0,c00a14e4,4#58…Packet received: OK

Sending packet: $qTStatus#49…Packet received:

Sending packet: $mc00a14e4,4#ef…Packet received: 04b04ce2

Sending packet: $mc00a14e4,4#ef…Packet received: 04b04ce2

Sending packet: $Z0,c00a14e8,4#3c…Packet received: OK

Sending packet: $c#63…Packet received: T05

Sending packet: $g#67…Packet received: 0000000094dee8be01000000399d05000100000094dee8bec000000024000000a49200c0004070c10000000000000000a85f70c1945f70c1409100c0e4140ac013000080

Sending packet: $z0,c00a14e8,4#5c…Packet received: OK

Sending packet: $qTStatus#49…Packet received:

Sending packet: $mc00a14e4,4#ef…Packet received: 04b04ce2

Sending packet: $mc00a14e4,4#ef…Packet received: 04b04ce2

Sending packet: $Z0,c00a14e8,4#3c…Packet received: OK

Sending packet: $c#63…Packet received: T05

Sending packet: $g#67…Packet received: 0000000094dee8be01000000399d05000100000094dee8bec000000024000000a49200c0004070c10000000000000000a85f70c1945f70c1409100c0e4140ac013000080

.

.

.

this keeps repeating.

Btw. when using a software breakpoint it doesn’t work at all, after hitting the

breakpoint for the first time, the gdb continue command always results in a new

“breakpoint hit”.