我正在开发外围硬件,并希望使用QEMU对其进行测试。
计划是在QEMU中运行设备驱动程序,并使用libvert(或其他工具)将VM与基于python的外围设备仿真模型接口。 我知道QEMU可以通过GDB一步完成,但是我正在寻找一种执行以下操作的python方法。
libvert或任何其他工具包有可能吗?
答案 0 :(得分:0)
我需要做类似的事情,并且遇到了两种方法:
后者最终变得更加灵活,因此在这里我将解释这些步骤。 使用调试信息配置qemu:
./configure --enable-debug
使用调试钩子构建qemu并暂停调用:
make
sudo make install
qemu-system-x86_64 -S -s
现在,使用python脚本通过pygdbmi(instructions here)附加到qemu并与之交互:
from pygdbmi.gdbcontroller import GdbController
from pprint import pprint
# Start gdb process
gdbmi = GdbController()
print(gdbmi.get_subprocess_cmd()) # print actual command run as subprocess
gdbmi.write('target remote localhost:1234'); # attach to QEMU GDB socket
pprint(response)
response = gdbmi.write('-break-insert main') # machine interface (MI) commands start with a '-'
response = gdbmi.write('break main') # normal gdb commands work too, but the return value is slightly different
response = gdbmi.write('-exec-run')
response = gdbmi.write('run')
response = gdbmi.write('-exec-next', timeout_sec=0.1) # the wait time can be modified from the default of 1 second
response = gdbmi.write('next')
response = gdbmi.write('next', raise_error_on_timeout=False)
response = gdbmi.write('next', raise_error_on_timeout=True, timeout_sec=0.01)
response = gdbmi.write('-exec-continue')
response = gdbmi.send_signal_to_gdb('SIGKILL') # name of signal is okay
response = gdbmi.send_signal_to_gdb(2) # value of signal is okay too
response = gdbmi.interrupt_gdb() # sends SIGINT to gdb
response = gdbmi.write('si 20') # step 20 instructions
response = gdbmi.write('continue')
response = gdbmi.exit()
如果您对内核符号有麻烦,则可能需要发出命令“文件myKernel”以从该文件中加载符号表,前提是该文件已使用调试信息进行编译。
作为参考,“ -s”命令在localhost:1234处添加GDB挂钩。因此,您发出的第一个命令必须指示gdb在那里查看:
gdbmi.write('target remote localhost:1234');