15

There seems to be a problem with the Freedos bootloader. (It appears that the bootcode can't find the kernel in certain circumstances.)

So I'm trying to debug the bootloader in qemu with gdb. Following the instructions found on several wiki and freely available online course materials, I run qemu like this

qemu-system-i386 -fda fdboot.img -boot a -s -S

And then connect gdb like this

$ gdb
(gdb) target remote localhost:1234

I can step through the first 10 - 12 instructions with si which I assume is the SeaBIOS.

But past that, when I try to step into bootloader code, it continues execution without breaking, all the way up to the FreeDos menu prompt. This totally skips the bootloader code which I would like to examine step by step as it is executed.

What do I need to do so that I can step though the bootloader?

[You can download the freedos floppy images from the project website if you want to try yourself.]

rhlee
  • 3,857
  • 5
  • 33
  • 38

1 Answers1

20

Works fine here using qemu 1.3 and gdb 7.3.50.20111117 (you didn't say what versions you used). I was able to single step tons of instructions until I got bored and placed a breakpoint to catch the bootloader:

(gdb) br *0x7c00
Breakpoint 1 at 0x7c00
(gdb) c
Continuing.

Breakpoint 1, 0x00007c00 in ?? ()
(gdb) x/i $eip
=> 0x7c00:      jmp    0x7c3e

Note that I have set gdb to 16 bit mode first using set architecture i8086.

Jester
  • 56,577
  • 4
  • 81
  • 125
  • I'm using gdb 7.5-ubuntu and qemu 1.2.0 (qemu-kvm-1.2.0+noroms-0ubuntu2, Debian). Yes I tried breakpointing at *0x7c00, but it just seems to go past that address, never breaking, reaching Freedos' interactive menu. I also tried setting the achitecture to i8086, with no difference. I'll try compiling qemu and gdb from trunk/head to see if it makes any difference. – rhlee Jan 11 '13 at 22:25
  • Yep, I compile qemu from HEAD and I can successfully step through all the instructions now. – rhlee Jan 12 '13 at 16:44
  • What do you mean compile qemu from HEAD? I've never heard that before. I have this same issue but I don't know what compile from HEAD means. Care to elaborate? :) – Rob Feb 05 '14 at 19:40
  • @Rob `HEAD` means current version from the revision control system, that is the freshest state of development. It is usually recommended to only do that if the latest release (package) doesn't work for you. – Jester Feb 05 '14 at 23:21
  • `set architecture i8086` doesn't seem to work anymore: I get "Remote 'g' packet reply is too long (expected 312 bytes, got 536 bytes):" and some long hex dump :q In non-8086 mode, it disassembles instructions incorrectly (e.g. far jumps as "(bad)"). – SasQ May 13 '22 at 16:53
  • What version of qemu and gdb? – Jester May 13 '22 at 22:23
  • Very insteresting. BUt how do you know that the bootloader code starts at that point? I use qemu and was able to catch the breakpoint as well. – Some Name Jul 10 '22 at 00:25
  • Legacy BIOS style bootloader always gets control at physical address 0x7c00. – Jester Jul 10 '22 at 00:30
  • Adding `-enable-kvm` to qemu's startup parameters will invalidate gdb breakpoints. – aszswaz Sep 24 '22 at 13:50