qemu-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-discuss] 答复: How to execute an image under QEMU

From: EricSong
Subject: [Qemu-discuss] 答复: How to execute an image under QEMU
Date: Fri, 12 Dec 2014 11:52:40 +0800 
Hi, Peter and all
   I am still confused on that problem, I delete the code "((int 
(*)(void))(env->eip))();" and just change env->eip to my image entrypoint, In 
the end the qemu is crash with useful information. After executing my helper 
function, EIP cannot go to entrypoint, but to physical address 0. After 
sequential execution(0->4->8->C->10...) , EIP = 0xAFFFC. Please help me to 
check these error message, Thank you very much.

New GDT : 
Eric add contents based on memory addr=1f001540 

 0x00  0x00  0x00  0x00  0x00  0x00  0x00  0x00  0xff  0xff  0x00  0x00  0x00  
0x9b  0xcf  0x00 
 0xff  0xff  0x00  0x00  0x00  0x93  0xcf  0x00  0x00  0x00  0x00  0x00  0x00  
0x00  0x00  0x00 
Eric add Getsec cs selector =8 
Eric add Getsec ds selector =10 
Eric add env->eip =1f000530 
----------------
IN: 
0x000000001e82eb81:  leave  
0x000000001e82eb82:  ret    
...
----------------
IN: 
0x00000000000afffc:  add    %al,(%eax)
0x00000000000afffe:  add    %al,(%eax)
0x00000000000b0000:  (bad)  
0x00000000000b0001:  (bad)  

qemu: fatal: Trying to execute code outside RAM or ROM at 0x00000000000b0000

EAX=00000004 EBX=1e8c0018 ECX=003f0028 EDX=1feede98
ESI=00000000 EDI=00000000 EBP=1ff68450 ESP=1ff68428
EIP=000afffc EFL=00000096 [--S-AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0008 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
CS =0008 00000000 ffffffff 00cf9b00 DPL=0 CS32 [-RA]
SS =0008 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
DS =0010 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
FS =0008 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
GS =0008 00000000 ffffffff 00cf9300 DPL=0 DS   [-WA]
LDT=0000 00000000 0000ffff 00008200 DPL=0 LDT
TR =0000 00000000 0000ffff 00008b00 DPL=0 TSS32-busy
GDT=     1f001540 0000001f
IDT=     1f8af018 00000fff
CR0=00000033 CR2=00000000 CR3=1ff07000 CR4=00004628
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 
DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
CCS=00000004 CCD=000000f0 CCO=ADDW    
EFER=0000000000000000
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000

Best wishes,
Eric
-----邮件原件-----
发件人: Peter Maydell [mailto:address@hidden 
发送时间: 2014年12月10日 20:21
收件人: Eric Song
抄送: qemu-discuss
主题: Re: [Qemu-discuss] How to execute an image under QEMU

On 10 December 2014 at 07:58,  <address@hidden> wrote:
> 4)       Execute the binary
>
>                 ((int (*)(void))(env->eip))();

This makes no sense. You're taking a guest virtual address (EIP value) and 
treating it as a host function pointer.
This is obviously going to crash.

-- PMM
reply via email to
[Prev in Thread] Current Thread [Next in Thread]