bak

2026-01-23 02:05:57 +01:00 · 2017-10-07 07:21:40 +01:00
parent b89ba9b799
commit b3b1df5560
2 changed files with 46 additions and 5 deletions
--- a/README.md
+++ b/README.md
@@ -384,6 +384,15 @@ And then tell GDB where the module was loaded with:
    Ctrl + C
    add-symbol-file ../kernel_module-1.0/fops.ko 0xfffffffa00000000

+### Debug kernel early boot
+
+TODO: why can't we break at early startup stuff such as:
+
+    ./rungdb extract_kernel
+    ./rungdb main
+
+See also: <https://stackoverflow.com/questions/2589845/what-are-the-first-operations-that-the-linux-kernel-executes-on-boot>
+
 ## Other architectures

 The portability of the kernel and toolchains is amazing: change an option and most things magically work on completely different hardware.
@@ -602,6 +611,29 @@ which automatically finds unstripped shared libraries on the host for us.

 See also: <https://stackoverflow.com/questions/8611194/debugging-shared-libraries-with-gdbserver/45252113#45252113>

+### Debug userland process directly from QEMU
+
+GDB breakpoints are set on virtual addresses, so you can in theory debug userland processes as well.
+
+<https://stackoverflow.com/questions/26271901/is-it-possible-to-use-gdb-and-qemu-to-debug-linux-user-space-programs-and-kernel>
+
+    ./runqemu -d -e 'init=/rand_check.out' -n
+
+On another shell:
+
+    buildroot/output.x86_64~/host/usr/bin/x86_64-linux-readelf -h buildroot/output.x86_64~/build/kernel_module-1.0/user/rand_check.out | grep Entry
+    # Entry point address:               0x400560
+    buildroot/output.x86_64~/host/usr/bin/x86_64-linux-readelf -s buildroot/output.x86_64~/build/kernel_module-1.0/user/rand_check.out | grep -E '\bmain\b'
+    # 68: 0000000000400748   309 FUNC    GLOBAL DEFAULT    8 main
+    ./rungdb '*0x400748'
+
+Alternatively, from inside GDB you can do the more succinct:
+
+    shell ../../host/usr/bin/x86_64-linux-readelf -h ../kernel_module-1.0/user/rand_check.out | grep Ent
+    shell ../../host/usr/bin/x86_64-linux-readelf -s ../kernel_module-1.0/user/rand_check.out | grep -E '\bmain\b'
+
+Those steps should be fully automatable `.gdbinit` script.
+
 ## X11

 Only tested successfully in `x86_64`:
--- a/19
+++ b/19
@@ -2,13 +2,20 @@

 set -e

-arch=x86_64
+arch='x86_64'
+bdfore=''
 kgdb=false
-while getopts a:k OPT; do
+while getopts A:a:b:k OPT; do
  case "$OPT" in
    a)
      arch="$OPTARG"
      ;;
+    A)
+      after="$OPTARG"
+      ;;
+    b)
+      before="$OPTARG"
+      ;;
    k)
      kgdb=true
      ;;
@@ -17,13 +24,14 @@ done
 shift "$(($OPTIND - 1))"
 if [ "$#" -gt 0 ]; then
  brk="-ex 'break $1'"
+  shift
 else
  brk=''
 fi

 buildroot_out_dir="$(pwd)/buildroot/output.${arch}~"
-gdb="${buildroot_out_dir}/host/usr/bin/${arch}-linux-gdb"
-cd "${buildroot_out_dir}/build"/linux-custom/
+gdb="${buildroot_out_dir}/host/usr/bin/${arch}-linux-gdb $before"
+cd "${buildroot_out_dir}/build/linux-custom/"
 if "$kgdb"; then
    cmd="$gdb \
      -q \
@@ -48,7 +56,7 @@ else
        -ex 'disconnect' \
        -ex 'set arch i386:x86-64' \
        -ex 'target remote localhost:1234' \
-        -ex 'lx-symbols ../kernel_module-1.0/'
+        -ex 'lx-symbols ../kernel_module-1.0/' \
      "
    ;;
    'arm'|'aarch64'|'mips64')
@@ -63,5 +71,6 @@ else
    ;;
  esac
 fi
+cmd="$cmd $after"
 echo "$cmd"
 eval "$cmd"