Homework1:Boot xv6

Homework: boot xv6 (mit.edu)

Finding and breaking at an address

1. Find the address of _start, the entry point of the kernel:

​ in this case, the address is 0x10000c.

2. Run the kernel inside QEMU GDB, setting a breakpoint at _start

​ 在运行完make qemu-gdb后，运行make gdb发现找不到命令。

​ 需要在makefile中加入（任意一行）：

​

Exercise: What is on the stack?

While stopped at the above breakpoint, look at the registers and the stack contents:

并查看三个文件bootasm.S,bootmain.c,bootblock.asm

1. 第一行第一个地址0x00007d87是bootmain函数call entry的下一行代码的地址，即函数entry()的返回地址。

2. 第三行第一个地址0x00007c4d是_start call bootmain的下一行代码的地址，即函数bootmain的返回地址

   

3. 由第一步调试可知，栈从0x7c00开始向下增长，查看bootblock.asm可知0x7c00往上的地址中（第三行第二个地址往后）存储的都是指令。

Q&A

1. Begin by restarting qemu and gdb, and set a break-point at 0x7c00, the start of the boot block (bootasm.S). Single step through the instructions (type si at the gdb prompt). Where in bootasm.S is the stack pointer initialized? (Single step until you see an instruction that moves a value into %esp, the register for the stack pointer.)

​

​ 栈顶指针被初始化为0x7c00

2. Single step through the call to bootmain; what is on the stack now?

   What do the first assembly instructions of bootmain do to the stack? Look for bootmain in bootblock.asm.

​ 查看bootblock.asm文件，可以找到bootmain函数的第一条指令是push %ebp，即把ebp寄存器中的内容入栈。

3. Continue tracing via gdb (using breakpoints if necessary -- see hint below) and look for the call that changes eip to 0x10000c. What does that call do to the stack? (Hint: Think about what this call is trying to accomplish in the boot sequence and try to identify this point in bootmain.c, and the corresponding instruction in the bootmain code in bootblock.asm. This might help you set suitable breakpoints to speed things up.)

对函数entry()的调用将寄存器eip修改为0x0010000c，且ebp入栈，esp向下增长4个字节。