shoelace源代码分析，bochs调试过程 -- loadbuilt()函数

<bochs:12> s

Next at t=78037287

(0) [0x0006091d] 6000:091d (unk. ctxt): inc sp                    ; 44

<bochs:13> s

Next at t=78037288

(0) [0x0006091e] 6000:091e (unk. ctxt): lea bx, word ptr ss:[bp+0xfe62] ; 8d9e62fe

<bochs:14> s

Next at t=78037289

(0) [0x00060922] 6000:0922 (unk. ctxt): push bx                   ; 53

<bochs:15> s

Next at t=78037290

(0) [0x00060923] 6000:0923 (unk. ctxt): call 0xca7                ; e88103

<bochs:16> s

Next at t=78037291

(0) [0x00060ca7] 6000:0ca7 (unk. ctxt): push bp                   ; 55
<bochs:17>

所以我们可以在0x00060ca7下断点，直接到达loadbuilt()函数

也就是第八个断点！

第九个断点：0x60df4 对应函数loadimage()函数

<bochs:19> b 0x60df4

<bochs:20> c

(0) Breakpoint 4, 0x60df4 in ?? ()

Next at t=78037328

(0) [0x00060df4] 6000:0df4 (unk. ctxt): push bp                   ; 55

<bochs:21>

如果你直接在0x60df4 对应函数loadimage()函数，下断点，第一次是加载kernel

第二次是加载boot，我们这里是Image

第十个断点：

00060cd5: (                    ): mov ax, 0x600             ; b80006

00060cd8: (                    ): xor bx, bx                ; 31db

00060cda: (                    ): mov [ds:0x9f08], ax       ; a3089f

00060cdd: (                    ): mov word ptr [ds:0x9f0a], bx ; 891e0a9f

00060ce1: (                    ): mov al, 0x1               ; b001

00060ce3: (                    ): mov byte ptr [ds:0x9f0c], al ; a20c9f

00060ce6: (                    ): mov bx, 0xe7e             ; bb7e0e

00060ce9: (                    ): push bx                   ; 53

00060cea: (                    ): push word ptr ss:[bp+0x4] ; ff7604

00060ced: (                    ): call 0xdf4                ; e80401

00060cf0: (                    ): add sp, 0x4               ; 83c404

00060cf3: (                    ): pop si                    ; 5e

00060cf4: (                    ): pop di                    ; 5f

00060cf5: (                    ): pop bp                    ; 5d

00060cf6: (                    ): retn                      ; c3

0x60df4是函数：loadimage()函数，所以 0x60e7e为函数readkernel()函数，

[ds:0x9f08] = LoadPoint    0x69f08   4个字节   long

[ds:0x9f0c] = LoadStart    0x69f0c   一个字节  char

              filesize     0x6aedc

<bochs:30> x 0x6aedc

[bochs]:

0x0006aedc <bogus+       0>:    0x0001ea00

<bochs:31>

<bochs:25> x 0x69f08

[bochs]:

0x00069f08 <bogus+       0>:    0x00010a00

<bochs:26> c

(0) Breakpoint 3, 0x60e7e in ?? ()

Next at t=78068330

(0) [0x00060e7e] 6000:0e7e (unk. ctxt): push bp                   ; 55

<bochs:27> x 0x69f08

[bochs]:

0x00069f08 <bogus+       0>:    0x00010e00

<bochs:28>

可见每运行一次readkernel()函数，LoadPoint的值变增加1024，即一个逻辑块的大小。

<bochs:1> b 0x60e7e

<bochs:2> c

(0) Breakpoint 1, 0x60e7e in ?? ()

Next at t=78053092

(0) [0x00060e7e] 6000:0e7e (unk. ctxt): push bp                   ; 55

<bochs:3> x 0x69f08

[bochs]:

0x00069f08 <bogus+       0>:    0x00000600

<bochs:4> c

(0) Breakpoint 1, 0x60e7e in ?? ()

Next at t=78055605

(0) [0x00060e7e] 6000:0e7e (unk. ctxt): push bp                   ; 55

<bochs:5> x 0x69f08

[bochs]:

0x00069f08 <bogus+       0>:    0x00090400

<bochs:6> x /400 0x90000

[bochs]:

0x00090000 <bogus+       0>:    0x8e07c0b8      0x9000b8d8      0x00b9c08e      0x29f62901

0x00090010 <bogus+      16>:    0xeaa5f3ff      0x90000018      0xd88ec88c      0xd08ec08e

0x00090020 <bogus+      32>:    0xbaff00bc      0x02b90000      0x0200bb00      0xcd0204b8

0x00090030 <bogus+      48>:    0xba0a7313      0x00b80000      0xeb13cd00      0xb800b2e6

0x00090040 <bogus+      64>:    0x13cd0800      0x892e00b5      0xb8013d0e      0xc08e9000

0x00090050 <bogus+      80>:    0xff3003b4      0x18b910cd      0x0007bb00      0xb8013fbd

0x00090060 <bogus+      96>:    0x10cd1301      0x8e1000b8      0x0032e8c0      0x2e00c5e8

0x00090070 <bogus+     112>:    0x3d01fca1      0x17750000      0x3d1e8b2e      0x0208b801

0x00090080 <bogus+     128>:    0x740ffb83      0x021cb80a      0x7412fb83      0x2efeeb02

0x00090090 <bogus+     144>:    0xea01fca3      0x90200000      0x00000005      0xc08c0000

0x000900a0 <bogus+     160>:    0x750fffa9      0x8cdb31fe      0x40003dc0      0x2ec30172

0x000900b0 <bogus+     176>:    0x2b013da1      0x89009806      0x09e1c1c1      0x0973d901

0x000900c0 <bogus+     192>:    0xc0310774      0xe8c1d829      0x0034e809      0x0603c189

0x000900d0 <bogus+     208>:    0x3b2e0098      0x75013d06      0x0001b812      0x009a062b

0x000900e0 <bogus+     224>:    0x06ff0475      0x9aa3009c      0xa3c03100      0xe1c10098

0x000900f0 <bogus+     240>:    0x73cb0109      0x05c08cb2      0xc08e1000      0xa7ebdb31

0x00090100 <bogus+     256>:    0x52515350      0x009c168b      0x00980e8b      0x8bd58841

0x00090110 <bogus+     272>:    0x88009a16      0x8100b2d6      0xb40100e2      0x7213cd02

0x00090120 <bogus+     288>:    0x5b595a05      0x00b8c358      0x0000ba00      0x595a13cd

0x00090130 <bogus+     304>:    0xcceb585b      0x03f2ba52      0x5aee00b0      0x0d0000c3

0x00090140 <bogus+     320>:    0x616f4c0a      0x676e6964      0x73797320      0x206d6574

0x00090150 <bogus+     336>:    0x0d616161      0x000a0d0a      0x00000000      0x00000000

0x00090160 <bogus+     352>:    0x00000000      0x00000000      0x00000000      0x00000000

0x00090170 <bogus+     368>:    0x00000000      0x00000000      0x00000000      0x00000000

0x00090180 <bogus+     384>:    0x00000000      0x00000000      0x00000000      0x00000000

0x00090190 <bogus+     400>:    0x00000000      0x00000000      0x00000000      0x00000000

0x000901a0 <bogus+     416>:    0x00000000      0x00000000      0x00000000      0x00000000

0x000901b0 <bogus+     432>:    0x00000000      0x00000000      0x00000000      0x00000000

0x000901c0 <bogus+     448>:    0x00000000      0x00000000      0x00000000      0x00000000

0x000901d0 <bogus+     464>:    0x00000000      0x00000000      0x00000000      0x00000000

0x000901e0 <bogus+     480>:    0x00000000      0x00000000      0x00000000      0x00000000

0x000901f0 <bogus+     496>:    0x00000000      0x00000000      0x00000000      0xaa550301

所以我们的Image被加载到了0x90000，