Vmware 调试 Linux Kernel
为什么使用Vmware而不是QEMU 这种模拟器调试呢,我觉得QEMU这种模拟器对于Vmware来说,有些不方便的是
qemu 命令行太复杂:) !!!
1 Linux Vmware 串口双机调试 2 ======================================== 3 1.注意,当配置好Vmrare串口后,在各自的串口对应的设备是 4 /dev/ttyS1,这是最关键的,然后相互cat,echo 看是否能够 5 收到消息。 6 2.添加grub 启动项目,设置内核调试参数. 7 添加额外的内核参数: 8 kgdboc=ttyS1,115200 kgdbwait nokaslr 9 10 menuentry 'Ubuntu Kernel Debug' --class ubuntu --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-07472ed4-59a9-4ce4-9fdd-05a662658ac1' { 11 recordfail 12 load_video 13 gfxmode $linux_gfx_mode 14 insmod gzio 15 if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi 16 insmod part_msdos 17 insmod ext2 18 set root='hd0,msdos1' 19 if [ x$feature_platform_search_hint = xy ]; then 20 search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 07472ed4-59a9-4ce4-9fdd-05a662658ac1 21 else 22 search --no-floppy --fs-uuid --set=root 07472ed4-59a9-4ce4-9fdd-05a662658ac1 23 fi 24 linux /boot/vmlinuz-5.3.18 root=UUID=07472ed4-59a9-4ce4-9fdd-05a662658ac1 ro quiet splash $vt_handoff kgdboc=kms,kbd,ttyS1,115200 kgdbwait nokaslr 25 initrd /boot/initrd.img-5.3.18 26 } 27 3. 启动gdb 28 gdb ./vmlinux 29 dir /home/maojun/kernel/linux-source-5.3.0 30 target remote /dev/ttyS1 31 hb start_kernel 32 33 停止被调试的机器进入调试器: 34 echo g > /proc/sysrq-trigger
echo c > /proc/sysrq-trigger
1 Linux Vmware 串口双机调试 2 ======================================== 3 1.注意,当配置好Vmrare串口后,在各自的串口对应的设备是 4 /dev/ttyS1,这是最关键的,然后相互cat,echo 看是否能够 5 收到消息。 6 2.添加grub 启动项目,设置内核调试参数. 7 添加额外的内核参数: 8 kgdboc=ttyS1,115200 kgdbwait nokaslr 9 sysrq_always_enabled 10 11 echo g > /proc/sysrq-trigger 12 13 menuentry 'Ubuntu Kernel Debug' --class ubuntu --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-07472ed4-59a9-4ce4-9fdd-05a662658ac1' { 14 recordfail 15 load_video 16 gfxmode $linux_gfx_mode 17 insmod gzio 18 if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi 19 insmod part_msdos 20 insmod ext2 21 set root='hd0,msdos1' 22 if [ x$feature_platform_search_hint = xy ]; then 23 search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 07472ed4-59a9-4ce4-9fdd-05a662658ac1 24 else 25 search --no-floppy --fs-uuid --set=root 07472ed4-59a9-4ce4-9fdd-05a662658ac1 26 fi 27 linux /boot/vmlinuz-5.3.18 root=UUID=07472ed4-59a9-4ce4-9fdd-05a662658ac1 ro quiet splash $vt_handoff kgdboc=kms,kbd,ttyS1,115200 kgdbwait nokaslr 28 initrd /boot/initrd.img-5.3.18 29 } 30 3. 启动gdb 31 gdb ./vmlinux 32 dir /home/maojun/kernel/linux-source-5.3.0 33 34 target remote /dev/ttyS1 35 hb start_kernel 36 37 停止被调试的机器进入调试器: 38 echo g > /proc/sysrq-trigger 39 40 echo ttyS0 > /sys/module/kgdboc/parameters/kgdboc 41 42 echo c > /proc/sysrq-trigger 43 44 4.使用vmware自带的东西,把这行加入 vmx文件 45 debugStub.listen.guest64 = "TRUE" 46 47 48 debugStub.listen.guest32=1 49 debugStub.listen.guest64=1 50 debugStub.listen.guest32.remote = "TRUE" 51 debugStub.listen.guest64.remote = "TRUE" 52 53 ======================================================= 54 debugStub.listen.guest32.remote = "TRUE" # Allows debugging from a different computer / VM instead of localhost. # The IP for remote debugging will be that of the host. 55 debugStub.listen.guest64.remote = "TRUE" # Same, but for 64-bit code 56 monitor.debugOnStartGuest32 = "TRUE" # Breaks into debug stub on first instruction (warning: in BIOS!) # This will halt the VM at the very first instruction at 0xFFFF0, you could set the next breakpoint to break *0x7c00 to break when the bootloader is loaded by the BIOS 57 debugStub.hideBreakpoints = "TRUE" # Allows gdb breakpoints to work 58 bios.bootDelay = "3000" # Delay booting the BIOS code. 59 60 gdb 命令: 61 info all-registers 62 63 GRUB cmdline 加入 nokaslr 64 65 dir E:\\maojun\\share\\linux-5.3.0\\linux-source-5.3.0 66 dir C:\\Users\\zbZle\\Desktop\\book\\qemu\\kernel-debug\\vmware\\wrapfs-latest-e9c6d88 67 dir C:\\Users\\zbZle\\Desktop\\book\\qemu\\kernel-debug\\vmware\\e1000 68 69 70 wrapfs 57344 0 - Live 0xffffffffc054b000 (E) 71 72 73 set architecture i386:x86-64 74 75 76 77 target remote localhost:8864 78 79 80 cd /sys/module/usb_f_hid/sections 81 cat .text .data .bss 82 83 add-symbol-file wrapfs.ko 0xffffffffc054b000 84 85 /sys/module/wrapfs/sections 86 87 cat .text .data .bss 88 89 0xffffffffc05a3000 90 0xffffffffc05aa000 91 0xffffffffc05aa480 92 93 94 add-symbol-file wrapfs.ko 0xffffffffc05a3000 -s .data 0xffffffffc05aa000 -s .bss 0xffffffffc05aa480 95 96 add-symbol-file usb_f_hid.ko 0xffffffffc06d7000 -s .data 0xffffffffc06da000 -s .bss 0xffffffffc06da740 97 5. 参考链接: 98 https://xakcop.com/post/vmw-kernel-debugging/ 99 100 E:\Users\zbZle\Documents\Virtual Machines\Ubuntu---1804 101 102 ================================================================ 103 open 104 inode=0xffff888078b32148 105 106 print /x inode 107 print /x ((struct wrapfs_inode_info *)0xffff888078b32140)->lower_inode 108 print /x *((struct wrapfs_inode_info *)0xffff888078b32ac0)->lower_inode 109 print /x &((struct inode *)0xffff88806cc59628)->i_size 110 111 watch -l *((long long *)0xffff88806cc59678) 112 113 114 open 115 inode=0xffff888078b32148 116 print /x (((struct wrapfs_inode_info *)0xffff888078b32140)->lower_inode)->i_size 117 118 print *(((struct wrapfs_inode_info *)0xffff888078b32140)->lower_inode) 119 120 print /x &(((struct wrapfs_inode_info *)0xffff888078b32140)->lower_inode)->i_size 121 122 watch *(long long *)0xffff888076071ef8 123 124 ==== 0 125 126 127 print file.f_path.dentry.d_name.name 128 print inode->i_size 129 130 131 print *file.f_path.dentry 132 133 watch *(long long *) xxx 134 watch *(long long *) 135 136 137 138 awatch 139 140 ".~lock.1.odt#" 141 142 awatch 读写断点
