《北京大学操作系统实习JOS-lab1实验报告》由会员分享,可在线阅读,更多相关《北京大学操作系统实习JOS-lab1实验报告(26页珍藏版)》请在金锄头文库上搜索。
1、操作系统JOS实习第一次报告 张弛 00848231, March 18, 2011 Contents 1PC Bootstrap2 1.1Getting Started with x86 assembly. . . . . . . . . . . . . . . . .2 1.2Simulating the x86. . . . . . . . . . . . . . . . . . . . . . . . . .2 1.3The PCs Physical Address Space . . . . . . . . . . . . . . . . . .2 1.4The ROM BIOS.
2、 . . . . . . . . . . . . . . . . . . . . . . . . . . .2 2The Boot Loader3 2.1Loading the Kernel . . . . . . . . . . . . . . . . . . . . . . . . . .5 2.2Link vs. Load Address . . . . . . . . . . . . . . . . . . . . . . . .6 3The Kernel8 3.1Formatted Printing to the Console. . . . . . . . . . . . . .
3、. . .10 3.2The Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 1 操作系统实习报告张弛, 00848231 1PC Bootstrap 1.1Getting Started with x86 assembly Exercise 1. Familiarize yourself with the assembly language materials available on the 6.828 reference page. You dont have to read them now
4、, but youll almost certainly want to refer to some of this material when reading and writing x86 assembly. We do recommend reading the section “The Syntax“ in Brennans Guide to Inline Assembly. It gives a good (and quite brief) description of the AT ? 3. 根据查询objdump -x obj/kern/kernel的结果可以得知内核ELF的入口
5、 地址为0xf010000c, 但是boot/main.c在载入内核时做了一次手动的地址转 换,将高位的f去掉了,所以事实上在运行中内核是被加载到了0x10000c的 内存地址上,所以启动GDB在0x10000c设下断点后,停下时可以看到: The target architecture is assumed to be i8086 f000:fff00xffff0: ljmp$0xf000,$0xe05b 0x0000fff0 in ? () + symbol-file obj/kern/kernel (gdb) b*0x10000c Breakpoint 1 at 0x10000c (gd
6、b) c Continuing. The target architecture is assumed to be i386 = 0x10000c:movw$0x1234,0x472 Breakpoint 1, 0x0010000c in ? () (gdb) 这这这时时时0x10000c的的的代代代码码码movw $0x1234,0x472 就就就是是是内内内核核核的的的第第第一一一条条条语语语句句句。这 个时候我们反过头来去追溯内核kernel的源代码,果然在kern/entry.S中 发现了这么一段代码,其中第44行正好就是我们找到的入口语句。 kern/entry.S ? 36# Th
7、e Multiboot header 37.align 4 38.long MULTIBOOT_HEADER_MAGIC 39.long MULTIBOOT_HEADER_FLAGS 40.long CHECKSUM 41 42.globl_start 43_start: 44movw$0x1234,0x472# warm boot 45 46#Establish our own GDT in place of the boot loaders temporary GDT 47lgdtRELOC(mygdtdesc)# load descriptor table ? 4. boot loade
8、r从从从内内内核核核ELF文文文件件件的的的文文文件件件头头头中中中可可可以以以知知知道道道该该该ELF文文文件件件被被被分分分成成成了了了多多多 少少少section和和和多多多少少少program,就可以知道相应的读取数目了。这些信息可 以通过objdump -x obj/kern/kernel得到,如下所示: zhangchizhangchi-laptop:/oslab$ objdump -x obj/kern/kernel obj/kern/kernel:file format elf32-i386 obj/kern/kernel architecture: i386, flags 0
9、x00000112: EXEC_P, HAS_SYMS, D_PAGED start address 0xf010000c Program Header: LOAD off0x00001000 vaddr 0xf0100000 paddr 0xf0100000 align 2*12 filesz 0x000072e7 memsz 0x000072e7 flags r-x 4 操作系统实习报告张弛, 00848231 LOAD off0x00009000 vaddr 0xf0108000 paddr 0xf0108000 align 2*12 filesz 0x00008320 memsz 0x
10、00008980 flags rw- STACK off0x00000000 vaddr 0x00000000 paddr 0x00000000 align 2*2 filesz 0x00000000 memsz 0x00000000 flags rwx 2.1Loading the Kernel Exercise 4. Read about programming with pointers in C. The best reference for the C language is The C Programming Language by Brian Kernighan and Denn
11、is Ritchie (known as K you dont want to find out what “the hard way“ is. pointers.c里只有一句比较不好解释: ? c = (int*) (char*) c + 1); *c = 500; ? 其中c修改的是一个int从第九位开始到第32位,然后将后面一个数的低8位 覆盖。所以造成的结果很奇怪,不过手动还是可以精确算出来结果的。 Exercise 5. Reset the machine (exit QEMU/GDB and start them again). Examine the 8 words of mem
12、ory at 0x00100000 at the point the BIOS enters the boot loader, and then again at the point the boot loader enters the kernel. Why are they different? What is there at the second breakpoint? ( You do not really need to use QEMU to answer this question. Just think.) 经过调试我们得到了GDB这样的输出: The target arch
13、itecture is assumed to be i8086 f000:fff00xffff0: ljmp$0xf000,$0xe05b 0x0000fff0 in ? () + symbol-file obj/kern/kernel (gdb) b*0x7c00 Breakpoint 1 at 0x7c00 (gdb) c 5 操作系统实习报告张弛, 00848231 Continuing. 0:7c00 = 0x7c00:cli Breakpoint 1, 0x00007c00 in ? () (gdb) x/8x 0x100000 0x100000:0x000000000x000000
14、000x000000000x00000000 0x100010:0x000000000x000000000x000000000x00000000 (gdb) b*0x10000c Breakpoint 2 at 0x10000c (gdb) c Continuing. The target architecture is assumed to be i386 = 0x10000c:movw$0x1234,0x472 Breakpoint 2, 0x0010000c in ? () (gdb) x/8x 0x100000 0x100000:0x1badb0020x000000030xe4524f
15、fb0x7205c766 0x100010:0x340000040x15010f120x001100180x000010b8 (gdb) x/8i 0x100000 0x100000:add0x31bad(%eax),%dh 0x100006:add%al,(%eax) 0x100008:sti 0x100009:dec%edi 0x10000a:push%edx 0x10000b:in$0x66,%al 0x10000d:movl$0x10f1234,0x472 0x100017:adc$0x110018,%eax (gdb) 内存0x00100000是内核的最终载入地址,内核由Boot l
16、oader负责载入。初 始当BIOS切换到boot loader时,它还没有开始相应的装载工作,所以这个时候 看所有的8个word全是0。而当boot loader进入内核运行时,这个时候内核已经 装载完毕,所以从0x00100000开始就是内核ELF文件的文件内容了。 2.2Link vs. Load Address Exercise 6. Trace through the first few instructions of the boot loader again and identify the first instruction that would “break“ or otherwise do the wrong thing if you were to get the boot loaders link address wrong . Then change the link address in boot/Makefrag to something wrong, ru
