Page 1 of 1
How do I track memory access in qemu?
Posted: Tue Sep 29, 2020 7:41 am
by mrjbom
Hi.
I recently encountered a
problem with memory corruption during task switching and now I want to find a place where data corruption occurs. I suspect that the stack is "crawling" on the data.
I want to debug the kernel step by step and have qemu print data about where memory access is going. How can I do this? Can QEMU Monitor help with this?
Re: How do I track memory access in qemu?
Posted: Tue Sep 29, 2020 10:10 am
by foliagecanine
Not the QEMU monitor (that I know of).
However, you can connect GDB to it and set a watchpoint.
Starts a GDB server on localhost:1234. You can then use
Code: Select all
(gdb) target remote localhost:1234
However, in my experience, I've found that hardware watchpoints don't always work with QEMU. Software watchpoints do, but they take forever (I once spent half a day waiting for a software watchpoint to happen).
Code: Select all
Hardware Watchpoint (default):
(gdb) watch *memory_address_here
Software Watchpoint:
(gdb) set can-use-hw-watchpoints 0
(gdb) watch *memory_address_here
Even better, if you use the GDB
file command you can set watchpoints based on symbols such as
When it detects a memory change, GDB will break and you can look at the next assembly instructions with either
Code: Select all
QEMU Monitor:
x /6i $eip
or GDB:
(gdb) x /6i $eip
Re: How do I track memory access in qemu?
Posted: Tue Sep 29, 2020 1:20 pm
by mrjbom
foliagecanine wrote:Not the QEMU monitor (that I know of).
However, you can connect GDB to it and set a watchpoint.
Starts a GDB server on localhost:1234. You can then use
Code: Select all
(gdb) target remote localhost:1234
However, in my experience, I've found that hardware watchpoints don't always work with QEMU. Software watchpoints do, but they take forever (I once spent half a day waiting for a software watchpoint to happen).
Code: Select all
Hardware Watchpoint (default):
(gdb) watch *memory_address_here
Software Watchpoint:
(gdb) set can-use-hw-watchpoints 0
(gdb) watch *memory_address_here
Even better, if you use the GDB
file command you can set watchpoints based on symbols such as
When it detects a memory change, GDB will break and you can look at the next assembly instructions with either
Code: Select all
QEMU Monitor:
x /6i $eip
or GDB:
(gdb) x /6i $eip
Thank you very much for the detailed answer, despite the fact that I didn't need it and found the error in a different way(I needed to control the memory area, and the methods you suggested allowed me to control access only at a specific address), I am sure this will be useful to me in the future.