From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1O7Tfx-0000A3-TA for qemu-devel@nongnu.org; Thu, 29 Apr 2010 09:21:10 -0400 Received: from [140.186.70.92] (port=38754 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1O7Tfv-000072-T8 for qemu-devel@nongnu.org; Thu, 29 Apr 2010 09:21:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1O7Tft-0007sr-Pa for qemu-devel@nongnu.org; Thu, 29 Apr 2010 09:21:07 -0400 Received: from mail-pw0-f67.google.com ([209.85.160.67]:41280) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1O7Tft-0007sY-LC for qemu-devel@nongnu.org; Thu, 29 Apr 2010 09:21:05 -0400 Received: by pwj6 with SMTP id 6so1015979pwj.10 for ; Thu, 29 Apr 2010 06:21:03 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: References: Date: Thu, 29 Apr 2010 22:21:01 +0900 Message-ID: From: robert song Content-Type: multipart/alternative; boundary=000e0cd11ae0818bf104855fff26 Subject: [Qemu-devel] Re: [DEBUG] how to use GDB to debug qemu? List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org --000e0cd11ae0818bf104855fff26 Content-Type: text/plain; charset=ISO-8859-1 > Then I just run "info cpus" as following. > (QEMU) info cpus > > But now how can I get into the rountine of "info cpus" ? > Of course, set trace point to the function can do the work, but if I > don't know where the routine is, is there any way to step into the > rountine? > Regarding to the question, I found one tool named as tracef. http://binary.nahi.to/hogetrace/#dl It's in Japanese. The tool can trace the functions called by qemu while recompling qemu with exra options like -finstrument-functions. It's just like strace and ltrace, but used to trace userland function. Attach it to qemu, and the result can be got. For exmaple: [pid 26180] do_info_cpus() at 0x08056870 so do_info_cpus is used while you call "info cpus". Currently tracef only supports x86 arch. Hope this will help someone. Best Regards, robert --000e0cd11ae0818bf104855fff26 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Then I just run "info cpus" as following.
(QEMU) info cpus

But now how can I get into the rountine of "info cpus" ?
Of course, set trace point to the function can do the work, but if I
don't know where the routine is, is there any way to step into the
rountine?

Regarding to the question,
I found o= ne tool named as tracef.
http://binary.nahi.to/hogetrace/#dl
It's in Japanese.
The to= ol can trace the functions called by qemu while recompling
qemu with exra options like -finstrument-functions.
It's just like s= trace and ltrace, but used to trace userland function.

Attach it to = qemu, and the result can be got.

For exmaple:
[pid 26180] do_info= _cpus() at 0x08056870

so do_info_cpus is used while you call "info cpus".
Curren= tly tracef only supports x86 arch.

Hope this will help someone.
<= br>Best Regards,
=A0 robert
--000e0cd11ae0818bf104855fff26--