Repository : ssh://git@open-mesh.org/doc

On branches: backup-redmine/2019-11-07,master

commit 415845cc9ebde8d5ace5dcf2dabc06ad1b01d733 Author: Sven Eckelmann sven@narfation.org Date: Sun Oct 27 11:18:44 2019 +0000

doc: open-mesh/Kernel_debugging_with_qemu's_GDB_server

415845cc9ebde8d5ace5dcf2dabc06ad1b01d733 ...Kernel_debugging_with_qemu's_GDB_server.textile | 48 ++++++++++++++++++++++ open-mesh/Kernel_hacking_Debian_image.textile | 43 ------------------- 2 files changed, 48 insertions(+), 43 deletions(-)

diff --git a/open-mesh/Kernel_debugging_with_qemu's_GDB_server.textile b/open-mesh/Kernel_debugging_with_qemu's_GDB_server.textile new file mode 100644 index 0000000..d63421e --- /dev/null +++ b/open-mesh/Kernel_debugging_with_qemu's_GDB_server.textile @@ -0,0 +1,48 @@ +h1. Kernel debugging with qemu's GDB server + +h2. General + +The instances from [[OpenWrt in QEMU]] are listening on 127.0.0.1 TCP port <code>23000 + instance_no</code>. We will use in the following example instance number 1. Also the [[Kernel hacking Debian image]] is used as image. The gdb debugger can be started from the linux source directory and all <code>lx-*</code> helpers will automatically be loaded. + +h2. Debugging Session + +The debugging session with gdb can be started from the linux-next directory: + +<pre> +$ gdb -iex "set auto-load safe-path scripts/gdb/" -ex 'target remote 127.0.0.1:23001' -ex c ./vmlinux +</pre> + +The module can now be loaded in the qemu instance. After that, we have to reload the symbol information via <code>lx-symbol</code> and can set any kind of breakpoints on the batman-adv module: + +<pre> +^C +Thread 1 received signal SIGINT, Interrupt. +default_idle () at arch/x86/kernel/process.c:581 +581 trace_cpu_idle_rcuidle(PWR_EVENT_EXIT, smp_processor_id()); +(gdb) lx-symbols /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv/ +loading vmlinux +scanning for modules in /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv/ +scanning for modules in /home/sven/tmp/qemu-batman/linux-next +loading @0xffffffffa0000000: /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv//batman-adv.ko +(gdb) b batadv_iv_send_outstanding_bat_ogm_packet +Breakpoint 1 at 0xffffffffa0005d60: file /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv/bat_iv_ogm.c, line 1692. +(gdb) c +</pre> + +h2. Python datastructure helper + +It is also possible to evaluate data structures in the gdb commandline using small python code blocks. To get for example the name of all devices which batman-adv knows about and the name of the batman-adv interface they belong to: + +<pre> +python +import linux.lists +from linux.utils import CachedType + +struct_batadv_hard_iface = CachedType('struct batadv_hard_iface').get_type().pointer() + +for node in linux.lists.list_for_each_entry(gdb.parse_and_eval("batadv_hardif_list"), struct_batadv_hard_iface, 'list'): + hardif = node['net_dev']['name'].string() + softif = node['soft_iface']['name'].string() if node['soft_iface'] else "none" + gdb.write("hardif {} belongs to {}\n".format(hardif, softif)) +end +</pre> \ No newline at end of file diff --git a/open-mesh/Kernel_hacking_Debian_image.textile b/open-mesh/Kernel_hacking_Debian_image.textile index 69d4af0..1e6cd15 100644 --- a/open-mesh/Kernel_hacking_Debian_image.textile +++ b/open-mesh/Kernel_hacking_Debian_image.textile @@ -403,46 +403,3 @@ mkfifo remote-dump ssh root@192.168.251.51 'tcpdump -i enp3s0 -s 0 -U -n -w - "port not 22"' > remote-dump wireshark -k -i remote-dump </pre> \ No newline at end of file - -h2. Using GDB - -The instances are listening on 127.0.0.1 TCP port <code>23000 + instance_no</code>. We will use in the following example instance 1. The gdb debugger can be started from the linux source directory and all <code>lx-*</code> helpers will automatically be loaded. - -The debugging session with gdb can be started from the linux-next directory: - -<pre> -$ gdb -iex "set auto-load safe-path scripts/gdb/" -ex 'target remote 127.0.0.1:23001' -ex c ./vmlinux -</pre> - -The module can now be loaded in the qemu instance. After that, we have to reload the symbol information via <code>lx-symbol</code> and can set any kind of breakpoints on the batman-adv module: - -<pre> -^C -Thread 1 received signal SIGINT, Interrupt. -default_idle () at arch/x86/kernel/process.c:581 -581 trace_cpu_idle_rcuidle(PWR_EVENT_EXIT, smp_processor_id()); -(gdb) lx-symbols /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv/ -loading vmlinux -scanning for modules in /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv/ -scanning for modules in /home/sven/tmp/qemu-batman/linux-next -loading @0xffffffffa0000000: /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv//batman-adv.ko -(gdb) b batadv_iv_send_outstanding_bat_ogm_packet -Breakpoint 1 at 0xffffffffa0005d60: file /home/sven/tmp/qemu-batman/batman-adv/net/batman-adv/bat_iv_ogm.c, line 1692. -(gdb) c -</pre> - -It is also possible to evaluate data structures in the gdb commandline using small python code blocks. To get for example the name of all devices which batman-adv knows about and the name of the batman-adv interface they belong to: - -<pre> -python -import linux.lists -from linux.utils import CachedType - -struct_batadv_hard_iface = CachedType('struct batadv_hard_iface').get_type().pointer() - -for node in linux.lists.list_for_each_entry(gdb.parse_and_eval("batadv_hardif_list"), struct_batadv_hard_iface, 'list'): - hardif = node['net_dev']['name'].string() - softif = node['soft_iface']['name'].string() if node['soft_iface'] else "none" - gdb.write("hardif {} belongs to {}\n".format(hardif, softif)) -end -</pre> \ No newline at end of file