Category: Debugger

GKD with windows is working

Someone comlpaint GKD dosen’t work with Bochs in windows. Because the bochs path has space. I just tested it in windows 7, this issue doesn’t exist.


2014/10/09 0

openocd with arm is working

openocd with arm is working


2014/10/05 0

openjtag + openocd + smartarm 2200

Finally connect my openjtag usb device to my old smartarm 2200 development board using openocd. The next step is buy a x86 dev board (intel galileo) and try to use openocd with it. Then port peter-bochs to support openocd, finally i will have a hardware debug platform for os dev. http://www.zlgmcu.com is a development board…
Read more


2014/10/01 0

find out what’s wrong in your page table

People always ask me why their virtual address is not pointing to the right physical address. Almost every time is the page table get wrong. But there are few possibilities, such as PD, CR address and etc.. You can use these step to find out. 1) First, set the physical point and run until the…
Read more


2014/09/20 0

A little bit better – Showing the MBR

A little bit better – Showing the MBR Here is the java code to read MBR out:


2014/07/28 0

GKD dependency tree graph

GKD dependency tree graph


2014/07/11 0

gdb protocol, “g” command

This is the tcpflow dump for the gdb protocol “g” command, it contains all register values. Let’s parse it: After the trace: target.c::debug_print_register gdbarch.c::gdbarch_register_name i386-tdep.c::i386_register_names The register packet can be decode by:


2014/04/19 0

i may know why the gdb command “x” only request one byte each time

I am playing the gdbstub in qemu, i found a bug there http://peter.kingofcoders.com/?p=859 , if i invoke the function cpu_physical_memory_rw(0xffff0, mem_buf, 50, 0) , qemu crashes. Then, i tested the gdb command “x /20bx 0xffff0” and use tcpflow to capture the gdb packet, i found out gdb send 20 command and each time request one byte only.…
Read more


2013/10/08 0

qemu 1.6.0 rc2 has bug

I found a bug in qemu, version 1.6.0 rc2. When i invoke: where addr=0xffff0 and noOfBytes=50, qemu will has segmentation fault. I called the cpu_physical_memory_rw right after the qemu is started (haven’t run yet) with gdb. The vm was in real mode, i am not sure it is crossing memory boundary problem. But i just…
Read more


2013/10/07 0

QMP Supported Commands

QMP Supported Commands:   This document describes all commands currently supported by QMP. Most of the time their usage is exactly the same as in the user Monitor, this means that any other document which also describe commands (the manpage, QEMU’s manual, etc) can and should be consulted. QMP has two types of commands: regular…
Read more


2013/09/22 0

Qemu + GDB, the single step speed is not fast

In bochs, i can invokes around 40 single step commands in my 2012 mac air. People think qemu is much faster than bochs, it is truth but not for single step. I wrote a java program and keep sending single-step command to qemu through socket (GDB protocol, the average speed is 32 commands per seconds.…
Read more


2013/08/18 0

GDB two-breakpoints inter-communication between gdb and gdbstub of qemu

$tcpflow -c -i lo0 port 1234 tcpflow[5508]: 127.000.000.001.01234-127.000.000.001.58366: new flow 127.000.000.001.58366-127.000.000.001.01234: + 127.000.000.001.58366-127.000.000.001.01234: $qSupported:multiprocess+;xmlRegisters=i386;qRelocInsn+#b5 127.000.000.001.01234-127.000.000.001.58366: + 127.000.000.001.01234-127.000.000.001.58366: $PacketSize=1000#f1 127.000.000.001.58366-127.000.000.001.01234: + 127.000.000.001.58366-127.000.000.001.01234: $Hg0#df 127.000.000.001.01234-127.000.000.001.58366: + 127.000.000.001.01234-127.000.000.001.58366: $OK#9a 127.000.000.001.58366-127.000.000.001.01234: + 127.000.000.001.58366-127.000.000.001.01234: $?#3f 127.000.000.001.01234-127.000.000.001.58366: + 127.000.000.001.01234-127.000.000.001.58366: $T05thread:01;#07 127.000.000.001.58366-127.000.000.001.01234: + 127.000.000.001.58366-127.000.000.001.01234: $Hc-1#09 127.000.000.001.01234-127.000.000.001.58366: + 127.000.000.001.01234-127.000.000.001.58366: $OK#9a 127.000.000.001.58366-127.000.000.001.01234: + 127.000.000.001.58366-127.000.000.001.01234: $qC#b4 127.000.000.001.01234-127.000.000.001.58366: + 127.000.000.001.01234-127.000.000.001.58366: $QC1#c5 127.000.000.001.58366-127.000.000.001.01234: + 127.000.000.001.58366-127.000.000.001.01234: $qAttached#8f 127.000.000.001.01234-127.000.000.001.58366:…
Read more


2013/06/16 0

gdb – qemu : two breakpoints flowchart

This is the flowchart for qemu-gdb after i insert two breakpoints at 0x7c00 and 0x7c01, you can see everytime gdb hit a breakpoints, it will remove all breakpoints. And if the current address is the address that hit the breakpoint, when you want to “cont”, gdb will send a “s” command first.


2013/06/12 0

gdb crash, for another debug server

if you are create your own debug server,  gdb will crash, take a look: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffebfff700 (LWP 32202)] 0x000055555577632b in gdb_set_stop_cpu (env=env@entry=0x5555564f6d20) at /root/workspace/qemu-1.5.0/gdbstub.c:2510 2510 gdbserver_state->c_cpu = env; Missing separate debuginfos, use: debuginfo-install SDL-1.2.15-3.fc18.x86_64 cyrus-sasl-lib-2.1.23-37.fc18.x86_64 glib2-2.34.2-2.fc18.x86_64 glibc-2.16-28.fc18.x86_64 libX11-1.5.0-3.fc18.x86_64 libXau-1.0.6-4.fc18.x86_64 libXcursor-1.1.13-2.fc18.x86_64 libXext-1.3.1-2.fc18.x86_64 libXfixes-5.0-3.fc18.x86_64 libXrandr-1.4.0-1.fc18.x86_64 libXrender-0.9.7-2.fc18.x86_64 libpng-1.5.13-1.fc18.x86_64 libxcb-1.9-1.fc18.x86_64 nss-softokn-freebl-3.14.3-1.fc18.x86_64…
Read more


2013/06/12 0

peter-dwarf can support 32 bits elf only

There is a western friend told me he can’t use peter-dwarf to parse his 64 bits elf file, after i trace my code, i finally found my peter-dwarf library only support 32 bits elf. I need some time to enhance it and make it 64 bits.


2013/04/26 2

qemu debug server hang after breakpoint is hit

If you are developing a debug server for qemu, after qemu hit a breakpoint, your server have to remove the breakpoint manually and re-insert it after the cpu passed that EIP, otherwise the cpu will forever stay in the EIP and can’t single-step/cont to the next instruction. If you take a look the gdbstub.c, gdb…
Read more


2013/03/21 0

Restructuring the debugger

At the moment, i am facing 2 big problems of bochs, the first one is unsolvable, bochs running too slow. It is ok if you are doing a hobby OS development, but if you are trying to use bochs to run a full feature Linux kernel or a windows 7, it is just so slow.…
Read more


2013/03/13 0

qemu single step will fail if current EIP hit a breakpoint

I use the following code to insert a breakpoint in physical address 0x1600000 qemu successfully hit the breakpoint and stop, then i try to single-step by the following code: Nothing happened, the EIP still stay in 0x1600000, but if i delete the breakpoint, the single step just work again. Am I missed something?


2013/02/14 0

A great qemu development link

http://people.cs.nctu.edu.tw/~chenwj/dokuwiki/doku.php?id=qemu


2012/12/07 0