- 论坛徽章:
- 0
|
1)概述:bochs是模拟x86环境的开源项目,能够模拟x86cpu的所有指令,以及大部分设备,并且具有完善的
调试功能,因此非常适合操作系统内核的调试开发。
bochs主页地址:http://bochs.sourceforge.net/。
本文主要描述在xubuntu7.10下安装bochs2.3.5时遇到的一些问题和解决方法,以及基本使用方法。
2)步骤:
a,首先到bochs主页下载一个版本。最新的发布版本是2.3.5,下载包包括window环境、
unix/linux和macos环境下已经编译好的大包,以及平台独立的源码包。已编译大包的安装很容易,这里不
描述,下面主要描述平台独立的源码在linux(xubuntu)下的安装和使用过程。
b,下载完源码后解压缩:tar zxvf bochs-2.3.5.tar.gz,进入解压后的源码目录进行
configure。configure时加上debug选项:--enable-debugger --enable-disasm,make
出来的bochs就具有了debug的功能(相当于windows下的bochsdbg程序)。configure后生成
Makefile,执行make就开始编译生成可执行文件,如果顺利(一般不会那么顺利,这也是很多人更愿意使用
windows的原因)就可以执行make install,记得使用sudo make install否则没有创建目录的权限。
到此,bochs就安装到你的系统了,执行文件在/usr/local/bin中,另一些bios程序在
/usr/local/share中。如果上面三步都没有出错,在shell下键入bochs就可以启动bochs。
3)问题及解决方法:
正如通常会遇到的情况一样,2)b中描述的3步都不会那么顺利configure时会出现库缺失等错误、
make时会出现编译错误、make install时经常遇到权限问题以及安装文件找不到等情况。虽然如此,但是请
保持冷静(don't panic, every problem has a solution)。对于大多数问题,只要我们冷静的
思考,分析一下错误信息基本上能解决。
在xubuntu7.10中,./configure时遇到的问题可能会有:g++没有安装,x lib找不到等等,
因此在configure前最好使用sudo apt-get buil-dep bochs检查一下bochs的依赖关系,这条命令应该
会解决大部分依赖包的问题,但是即使下载了一堆东西还是可能出现找不到xlib库的错误,这时再安装几个
xorg的开发包就能解决问题:sudo aptitude install xorg-dev和sudo aptitude install
xserver-xorg-dev及 sudo aptitude-install libx11-dev。安装完这些包configure应该就
没有问题了。configure具体命令:./configure --enable-debugger --enable-disasm (这两个
用于调试)
--enable-ne2000(网卡) --enable-vbe(Vga显示)这两个不必要,--with-svga这个选项镇用:
如果打开这个选项编译出来的bochs在启动后会进入全屏,不知如何退出只有断电重启(见笑了),
--enable-gdb-stub和--enable-debugger是互斥的,开启gdb-stub后可以使用gdb连接bochs从而
在gdb中远程调试bochs中的操作系统。
configure成功后基本上make不会有问题,但是如果在configure时选了太多的选项则可能会出现
编译问题,因此建议如无必要,不要开太多选项。
make成功后就可以make install了。使用sudo make install,期间会出现bochsdbg
install出错的情况,不用管它bochsdbg是windows用的,可能make install的规则有点问题。
到这一步bochs就可以使用了。
4)使用初步:
bochs的使用基本概念:bochs-》读.bxrc配置文件,该文件用于描述被模拟的机器的参数
-》调用bios程序-》读操作系统boot程序,进行系统自举。
对于debug版的bochs在加电启动cpu执行到bios程序起始地址后就会停住,这时你就可以打断点,
进行系统内核调试了。
如果bochs不能正常启动,问题多半在配置文件.bxrc中。如果程序在bios时出错则可能是配置的
bios地址不对,bios起始地址是0xf0000或0xe0000,这主要取决于bios的大小(这部分我也还不很清楚)。
5)在bochs中调试linux0。11内核:
linux0。11内核下载地址:www.oldlinux.org。解压后修改.bxrc中的bios地址为:
0xe0000。在shell中键入bochs -f bochsrc-hd.bxrc就可以进入linux内核启动全过程。
bochs具体调试命令参见user guide。
附上调试命令:
8.11. Using Bochs internal debugger
Note, if you are looking for a graphical front-end for the bochs debugger, you may want to check out BFE. This is a package written by a Bochs user which can interface with the text based Bochs debugger. No linking is necessary. It's not part of Bochs, but you may find it useful.
You can now conditionally compile in a GDB like command line debugger, that allows you to set breakpoints, step through instructions, and other useful functions. If there isn't a command for something you believe is generally useful for the debugger, let me know and I'll implement it if possible.
To use the debugger, you must configure Bochs with the --enable-debugger and --enable-disasm flags. For example:
./configure --enable-debugger --enable-disasm
Note: You must use flex version 2.5.4 or greater. I have heard that version 2.5.2 will not work.
When you first start up Bochs, you will see the command line prompt
bochs:1>
From here, you may use the following commands:
8.11.1. Execution Control
c continue executing
continue
s [count] execute count instructions, default is 1
step [count]
stepi [count]
Ctrl-C stop execution, and return to command line prompt
Ctrl-D if at empty line on command line, exit
q quit debugger and execution
quit
exit
8.11.2. BreakPoints
NOTE: The format of 'seg', 'off', and 'addr' in these descriptions,
are as follows. I don't have any way to set the current radix.
hexidecimal: 0xcdef0123
decimal: 123456789
octal: 01234567
vbreak seg ff Set a virtual address instruction breakpoint
vb segff
lbreak addr Set a linear address instruction breakpoint
lb addr
pbreak addr Set a physical address instruction breakpoint
pb addr (the '*' is optional for GDB compatibility)
break addr
b addr
info break Display state of all current breakpoints
bpe n Enable a breakpoint
bpd n Disable a breakpoint
delete n Delete a breakpoint
del n
d n
8.11.3. Manipulating Memory
x /nuf addr Examine memory at linear address addr
xp /nuf addr Examine memory at physical address addr
n Count of how many units to display
u Unit size; one of
b Individual bytes
h Halfwords (2 bytes)
w Words (4 bytes)
g Giant words (8 bytes)
NOTE: these are *not* typical Intel nomenclature sizes,
but they are consistent with GDB convention.
f Printing format. one of
x Print in hexadecimal
d Print in decimal
u Print in unsigned decimal
o Print in octal
t Print in binary
n, f, and u are optional parameters. u and f default to the last values
you used, or to w(words) and x(hex) if none have been supplied.
n currently defaults to 1. If none of these optional parameters are
used, no slash should be typed. addr is also optional. If you don't
specify it, it will be the value the next address (as if you had
specified n+1 in the last x command).
setpmem addr datasize val Set physical memory location of size
datasize to value val.
crc addr1 addr2 Show CRC32 for physical memory range addr1..addr2
info dirty Show physical pages dirtied (written to) since last display
Values displayed are the top 20 bits only (page addresses)
8.11.4. Info commands
info r|reg|regs|registers List of CPU integer registers and their contents
info cpu List of all CPU registers and their contents
info fpu List of all FPU registers and their contents
info sse List of all SSE registers and their contents
info cr Show CR0-4 registers and their contents
info eflags Show decoded EFLAGS register
info break Information about current breakpoint status
info tab Show paging address translation
8.11.5. Manipulating CPU Registers
set reg = expr Change a CPU register to value of expression.
Currently only general purpose registers are supported,
you may not change:
eflags, eip, cs, ss, ds, es, fs, gs.
Examples: set eax = 2+2/2
set esi = 2*eax+ebx
registers List of CPU registers and their contents
regs
reg
r
dump_cpu Dump complete CPU state
set_cpu Set complete CPU state
Format of "dump_cpu" and "set_cpu":
"eax:0x%x\n"
"ebx:0x%x\n"
"ecx:0x%x\n"
"edx:0x%x\n"
"ebp:0x%x\n"
"esi:0x%x\n"
"edi:0x%x\n"
"esp:0x%x\n"
"eflags:0x%x\n"
"eip:0x%x\n"
"cs:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"ss:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"ds:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"es:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"fs:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"gs:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"ldtr:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"tr:s=0x%x, dl=0x%x, dh=0x%x, valid=%u\n"
"gdtr:base=0x%x, limit=0x%x\n"
"idtr:base=0x%x, limit=0x%x\n"
"dr0:0x%x\n"
"dr1:0x%x\n"
"dr2:0x%x\n"
"dr3:0x%x\n"
"dr4:0x%x\n"
"dr5:0x%x\n"
"dr6:0x%x\n"
"dr7:0x%x\n"
"cr0:0x%x\n"
"cr1:0x%x\n"
"cr2:0x%x\n"
"cr3:0x%x\n"
"cr4:0x%x\n"
"inhibit_int:%u\n"
"done\n"
Notes:
- s is the selector
- dl is the shadow descriptor low dword (4 byte quantitiy)
- dh is the shadow descriptor high dword (4 byte quantitiy)
- valid denotes if the segment register holds a validated shadow descriptor
- inhibit_int is set if the previous instruction was one which delays the
acceptance of interrupts by one instruction (STI, MOV SS)
- any errors encountered by the set_cpu command, are reported by
"Error: ...". They may be reported after any of the input lines,
or after the "done" line, during limit checks.
- A successful set_cpu command ends with the separate line:
"OK".
8.11.6. Disassembly commands
disassemble start end Disassemble instructions in given linear address
range, inclusive of start, exclusive of end.
Use "set $disassemble_size =" to tell
debugger desired segment size. Use a value for
end of less than start (or zero) if you only
want the first instruction disassembled.
disassemble switch-mode Switch between Intel and AT&T disassebly styles
for debugger disassembler.
disassemble size = n Tell debugger what segment size to use when
the "disassemble" command is used. Use values
of 0, 16 or 32 for n. Value of 0 means
"use segment size specified by current CS
segment". Default is 0.
set $auto_disassemble = n Cause debugger to disassemble current instruction
every time execution stops if n=1. Default is 0.
Segment size of current CPU context is used for
disassembly, so the "disassemble size" variable is
ignored.
set disassemble on The same as 'set $auto_disassemble = 1'
set disassemble off The same as 'set $auto_disassemble = 0'
8.11.7. Instruction tracing
trace on Disassemble every executed instruction. Note
that instructions which caused exceptions are
not really executed, and therefore not traced.
trace off Disable instruction tracing.
8.11.8. Instrumentation
To use instrumentation features in bochs, you must compile in support for it. You should build a custom instrumentation library in a separate directory in the "instrument/" directory. To tell configure which instrumentation library you want to use, use the "--enable-instrumentation" option. The default library consists of a set of stubs, and the following are equivalent:
./configure [...] --enable-instrumentation
./configure [...] --enable-instrumentation="instrument/stubs"
You could make a separate directory with your custom library, for example "instrument/myinstrument", copy the contents of the "instrument/stubs" directory to it, then customize it. Use:
./configure [...] --enable-instrumentation="instrument/myinstrument"
8.11.9. Instrumentation commands
instrument start calls bx_instr_start()
instrument stop calls bx_instr_stop()
instrument reset calls bx_instr_reset()
instrument print calls bx_instr_print()
8.11.10. Other Commands
ptime
Print the current time (number of ticks since start of simulation).
sb delta
Insert a time break point "delta" instructions into the future ("delta" is a 64-bit integer followed by "L", for example 1000L).
sba time
Insert a time break point at "time" ("time" is a 64-bit integer followed by "L", for example 1000L).
record filename
Record console input to file filename. The file consists of zero or more lines of the form "%s %d %x", where the first word is the event type, the second is a time stamp and the third is event specific data.
playback filename
Playback console input from file filename. Additional input can be given directly in the console window. Events in the file will be played back at times relative to the time when the playback command was executed.
print-stack [num words]
Print the num words top 16-bit words on the stack. Num words defaults to 16. Only works reliably in protected mode when the base address of the stack segment is zero.
watch stop
Stop the simulation (and return to prompt) when a watch point is encountered.
watch continue
Do not stop the simulation when watch points are encountered. They will still be logged.
watch
Print current watch point status.
unwatch
Remove all watch points.
watch read address
Insert a read watch point at physical address address.
watch write address
Insert a write watch point at physical address address.
unwatch read address
Remove read watch point from physical address address.
unwatch write address
Remove write watch point from physical address address.
modebp
Toggles CPU mode switch breakpoint.
load-symbols [global] filename [offset]
Load symbols from file filename. If the global keyword is added, then the the symbols will be visible in all contexts for which symbols have not been loaded. Offset (default is 0) is added to every symbol entry. The symbols are loaded in the current (executing) context.
The symbol file consists of zero or more lines of the format
"%x %s"
.
show [string]
Toggles show symbolic info (calls to begin with).
show - shows current show mode
show mode - show, when processor switch mode
show int - show, when interrupt is happens
show call - show, when call is happens
show ret - show, when iret is happens
show off - toggles off symbolic info
show dbg-all - turn on all show flags
show dbg-none - turn off all show flags
8.11.11. Related links
add links
*
Cosimulation
*
Instrumentation |
|
免费注册
发表于 2007-12-23 18:26