您的位置: 首页  >  技术问答  >  内核调试:GDB不能设置断点并没有SIGINT的效果带回在调试会话

内核调试:GDB不能设置断点并没有SIGINT的效果带回在调试会话

分类: 技术问答 2022-06-21 14:01:27
问题描述:

Linux内核:4.13 RC7 x86_64的内核调试:GDB不能设置断点并没有SIGINT的效果带回在调试会话

配置的Buildroot里面和QEMU的Linux内核调试。

启动Qemu中使用以下命令:

qemu-system-x86_64 -kernel linux-4.13-rc7/arch/x86/boot/bzImage -initrd buildroot-2017.02.5/output/images/rootfs.cpio -append "root=/dev/ram0 console=tty0 kgdboc=ttyS0,9600 kgdbwait" -chardev pty,id=pty -device isa-serial,chardev=pty

现在,在接下来的终端窗口,启动GDB并继续下面的gdb命令:

`

gdb-peda$ file vmlinux 
Reading symbols from vmlinux...done. 
warning: File "/root/drive/linux-4.13-rc7/scripts/gdb/vmlinux-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load". 
To enable execution of this file add 
    add-auto-load-safe-path /root/drive/linux-4.13-rc7/scripts/gdb/vmlinux-gdb.py 
line to your configuration file "/root/.gdbinit". 
To completely disable this security protection add 
    set auto-load safe-path/
line to your configuration file "/root/.gdbinit". 
For more information about this security protection see the 
"Auto-loading safe path" section in the GDB manual. E.g., run from the shell: 
    info "(gdb)Auto-loading safe path" 
gdb-peda$ target remote /dev/pts/3 
Remote debugging using /dev/pts/3 
Warning: not running or target is remote 
0xffffffffbd6f65af in ??() 
gdb-peda$ b start_kernel 
Breakpoint 1 at 0xffffffff81f79ad7: file init/main.c, line 510. 
gdb-peda$ c 
Continuing. 
Warning: 
Cannot insert breakpoint 1. 
Cannot access memory at address 0xffffffff81f79ad7 

Command aborted. 
gdb-peda$ `

我也尝试过在Qemu机器:

echo "g" > /proc/sysrq-trigger。但是,什么都没发生。

此外,试图设置硬件断点hbreakstart_kernel,但没有发生。

我想出的解决方案通过自己的,我做了以下事情让工作液:

  • 应用补丁广发行则在<$GDB_FOLDER>/gdb/remote.c文件,补丁重新编译。

GDB补丁来调整其内部缓冲器: `

root# diff -u gdb-8\ \(1\).0/gdb/remote.c gdb-8.0/gdb/remote.c 

--- "gdb-8 (1).0/gdb/remote.c" 2017-06-04 21:24:54.000000000 +0530 
+++ gdb-8.0/gdb/remote.c 2017-09-05 23:27:46.487820345 +0530 
@@ -7583,7 +7583,27 @@ 

    /* Further sanity checks, with knowledge of the architecture. */ 
    if (buf_len > 2 * rsa->sizeof_g_packet) 
- error (_("Remote 'g' packet reply is too long: %s"), rs->buf); 
+ //error (_("Remote 'g' packet reply is too long: %s"), rs->buf); #patching 
+ { 
+  warning (_("Assuming long-mode change. [Remote 'g' packet reply is too long: %s]"), rs->buf); 
+  rsa->sizeof_g_packet = buf_len ; 
+ 
+  for (i = 0; i < gdbarch_num_regs (gdbarch); i++) 
+  { 
+   if (rsa->regs[i].pnum == -1) 
+   continue; 
+ 
+   if (rsa->regs[i].offset >= rsa->sizeof_g_packet) 
+   rsa->regs[i].in_g_packet = 0; 
+   else 
+   rsa->regs[i].in_g_packet = 1; 
+  } 
+ 
+  // HACKFIX: Make sure at least the lower half of EIP is set correctly, so the proper 
+  // breakpoint is recognized (and triggered). 
+  rsa->regs[8].offset = 16*8; 
+ } 
+ 

    /* Save the size of the packet sent to us by the target. It is used 
     as a heuristic when determining the max size of packets that the`

  • 建立由Buildroot里面最小的根文件系统。

  • 通过以下命令启动Qemu并启动新的gdb,然后加载vmlinux文件。

  • 在一个终端:

    root# qemu-system-x86_64 -kernel /root/drive/linux-4.13-rc7/arch/x86/boot/bzImage -initrd /root/drive/buildroot-2017.02.5/output/images/rootfs.cpio -S -s

  • 在另一端:

    gdb -q /root/drive/linux-4.13-rc7/vmlinux -ex "target remote localhost:1234"

现在设置断点在start_kernel和继续,它会自动命中断点。

相关推荐