Archive for April 29th, 2010

Debugging Linux Kernel Modules with VirtualBox and KGDB

I found a few different pages with information on debugging a Linux kernel with kgdb. There wasn't a single source with all the information I needed to get set up and working though. So here is how I set things up on my Linux host machine to debug a target Linux kernel running in a VirtualBox VM.

  1. Set up the virtual machine

    When setting up the VM, add a serial port and set it to use Host Pipe. You can check the box to have VirtualBox create the pipe too. Give a path to the file on the host where you want the pipe. This will become the virtual serial console that gdb connects to on the host machine.

    Install VirtualBox with a VM containing the kernel you want to debug. Build the kernel with debug symbols, kgdb support, sysrq keys

    1.  
    2. Kernel hacking->
    3. [*] Magic SysRq Key
    4. [*] Kernel debugging
    5. [*] Compile the kernel with debug info
    6. [*] KGDB: kernel debugging with remote gdb ->
    7. [*] KGDB: use kgdb over the serial console
    8.  

    Build your kernel and install the modules like you would any other kernel.

    Add kgdboc=ttyS0,115200 to the kernel paremeters (ttyS[0-3] depending on which COM port you choose in the VM setup.)

    Copy the vmlinux (uncompressed version to the host machine).
    Also copy the .ko for the module you want to debug.

    Start VM.

  2. Get the target VM ready for debugging

    After your module is inserted, you need its .text address so that you can see the source lines in gdb.

    1.  
    2. cat /sys/module/XXX/sections/.text
    3. 0xffffffffa00c0000
    4.  

    When you're ready to start a debug session:

    1.  
    2. echo g > /proc/sysrq-trigger
    3.  
  3. Ready the Host to connect to the VM

  4. Your ads will be inserted here by

    Easy AdSense.

    Please go to the plugin admin page to
    Paste your ad code OR
    Suppress this ad slot.

    You need to convert the pipe that VirtualBox created to a serial port like object. socat does that job:

    1.  
    2. > socat -d -d /path/to/pipe pty &
    3. 2010/04/29 12:18:44 socat[4411] N successfully connected from local address AF=1 "\0\0\0\0\0\0\0\0\0\x02\0\0\0\0[\0\0\0|\0\0\0w"
    4. 2010/04/29 12:18:44 socat[4411] N successfully connected via C\xE66
    5. 2010/04/29 12:18:44 socat[4411] N PTY is /dev/pts/3
    6. 2010/04/29 12:18:44 socat[4411] N starting data transfer loop with FDs [3,3] and [4,4]
    7.  

    Notice that your dev is pts/3.

    Now we make a .gdbinit file so you can start gdb without typing the commands every time.

    1.  
    2. file vmlinux
    3. set remotebaud 115200
    4. target remote /dev/pts/3
    5.  

    You'll change your pts setting to whatever is relevant.

    start gdb.

    On the target, when you send the g to sysrq-trigger, you should drop to a breakpoint in gdb.

    Next job is to load the module symbols.

    1.  
    2. > add-symbol-file <path to module> <.text address>
    3. > b some_file.c:NNN
    4. > c
    5.  

    Now you can set breakpoints or press c to continue. The target should continue until it comes to a breakpoint or encounters an error.

A last tidbit, when I wanted to close gdb on the host, use detach instead of quit.

Happy debugging!



css.php