CS372H Spring 2010: QEMU and GDB reference
For Lab 6, we are using the QEMU Emulator, a modern and relatively fast emulator. While QEMU's built-in monitor provides only limited debugging support, QEMU can act as a remote debugging target for the GNU debugger (GDB).
The command make qemu executes QEMU, supplying the file obj/kern/kernel.img as the contents of the emulated PC's "virtual hard disk", and
directs serial port output to the terminal.
In your CS372H/lab/ directory, open two terminal windows. In one, enter make qemu-gdb. This starts up QEMU, but QEMU stops just before the processor executes the first instruction and waits for a debugging connection from GDB. In the second terminal, from the same directory where you ran make, run gdb. You should see something like this,
mig.cs.utexas.edu% gdb
GNU gdb (GDB) 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
+ target remote localhost:1234
The target architecture is assumed to be i8086
[f000:fff0] 0xffff0: ljmp $0xf000,$0xe05b
0x0000fff0 in ?? ()
(gdb)
The following line:
[f000:fff0] 0xffff0: ljmp $0xf000,$0xe05b
is GDB's disassembly of the first instruction to be executed
You can set address breakpoints in GDB with the b command. GDB can only access QEMU's memory and set breakpoints by virtual address. For example,
b *0x7c00 sets a breakpoint at address 0x7C00. Once at a breakpoint, you can continue execution using the c and si commands: c causes QEMU to continue execution until the next breakpoint (or until you press Ctrl-C, in GDB), and si N steps through the instructions N at a time. Refer here for more
QEMU monitor
This reference contains a list of commands that can be used with the QEMU monitor.
While GDB can only access QEMU's memory by virtual address, it's often useful to be able to inspect physical memory while setting up virtual memory. You may wish to review the QEMU monitor commands, especially the xp command, which lets you inspect physical memory. To access the QEMU monitor, press Ctrl-a c in the terminal (the same binding returns to the serial console), or Ctrl-Alt-2 in the VGA window (Ctrl-Alt-1 returns to the VGA console).
Use the xp command in the QEMU monitor and the x command in GDB to inspect memory at corresponding physical and virtual addresses and make sure you see the same data. The p expr or print expr prints the expression value.
Example: Dump 3 instructions at the current instruction pointer:
(qemu) x/10i $eip
0x90107063: ret
0x90107064: sti
0x90107065: lea 0x0(%esi,1),%esi
Some other commands to the QEMU monitor that may be useful include (refer the above link for an entire list of commands):
'info registers' - show the cpu registers
'info pci' - show emulated PCI device info
'info mem' - show the active virtual memory mappings
'info pg' - prints out the current page table
'q or quit' - quit the emulator
'help or ? [cmd]' - show the help for all commands or just for command cmd.