适用于Linux内核的线程感知gdb [英] thread-aware gdb for the Linux kernel
问题描述
我正在使用连接到虚拟机串行端口的gdb调试Linux内核。
I am using gdb attached to a serial port of a virtual machine to debug linux kernel.
我想知道,是否有任何补丁/插件可以使gdb理解linux内核的某些数据结构并使它具有线程意识?
I am wondering, if there is any patches/plugins which can make the gdb understand some of linux kernel's data structure and make it "thread aware"?
我的意思是在gdb下,我可以看到那里有多少个内核线程,它们的状态,以及每个线程的堆栈信息。
By that I mean under gdb I can see how many kernel threads are there, their status, and for each thread, their stack information.
推荐答案
libvmi
https://github.com/libvmi/libvmi
该项目可以 LibVMI:简化的虚拟机内省听起来真的很近。
This project does "LibVMI: Simplified Virtual Machine Introspection" which sounds really close.
该项目特别是 https://github.com/Wenzel/pyvmidbg 使用libvmi并提供了一个演示视频,其中调试了Windows用户界面应用程序表单,没有内存冲突。
This project in particular https://github.com/Wenzel/pyvmidbg uses libvmi and features a demo video of debugging a Windows userland application form inside it, without memory conflicts.
截至2019年5月,存在两个限制,但是截至2019年5月,这两个限制应该通过一些工作来克服: https://github.com/Wenzel/pyvmidbg/issues/24
As of May 2019, there are two limitations however as of May 2019, both of which could be overcome with some work: https://github.com/Wenzel/pyvmidbg/issues/24
- Linux内存解析尚未完成
- 需要Xen
该项目的开发人员还通过以下方式进一步回答: https ://stackoverflow.com/a/56369454/895245
The developer of that project also answered further at: https://stackoverflow.com/a/56369454/895245
用这些库来实现它,将是当今实现此目标的最佳方法。
Implementing it with those libraries would be in my opinion the best way to achieve this goal today.
Linaro lkd-python
Linaro lkd-python
首先,此Linaro页面声称具有有效的设置: https:// wiki。 linaro.org/LandingTeams/ST/GDB ,可让您执行常规的线程操作,例如 thread , bt 等,但它依赖于GDB分支。稍后再测试。在2016年, https://youtu.be/pqn5hIrz3A8 表示该实现是用C语言编写的,而不是Python脚本不幸的是,这样做会更好并且避免分叉。可以在以下位置找到lkd-python的草图: https://git.linaro.org/people/lee.jones/kieran.bingham/binutils-gdb.git/log/?h=lkd-python
First, this Linaro page claims to have a working setup: https://wiki.linaro.org/LandingTeams/ST/GDB that allows you to do usual thread operations such as thread, bt, etc., but it relies on a GDB fork. I will test it out later. In 2016, https://youtu.be/pqn5hIrz3A8 says that the implementation was in C, not as Python scripts unfortunately, which would be better and avoid forking. The sketch for lkd-python can be found at: https://git.linaro.org/people/lee.jones/kieran.bingham/binutils-gdb.git/log/?h=lkd-python
Linux内核树内GDB脚本+我的大脑
然后我尝试查看可以使用v4.17版本的内核树内Python脚本加上一些手动干预作为原型,但还没有完全实现。
I then tried to see what I could do with the kernel in-tree Python scripts at v4.17 + some manual intervention as a prototype, but didn't quite get there yet.
我已经测试过使用此高度自动化的QEMU + Buildroot设置。
I have tested using this highly automated QEMU + Buildroot setup.
首先按照我在以下步骤中描述的过程进行操作:如何使用GDB和QEMU调试Linux内核?以获取GDB w
First follow the procedure I described at: How to debug the Linux kernel with GDB and QEMU? to get GDB working.
然后,如下所述:如何使用QEMU调试Linux内核模块?使用以下命令运行GDB:
Then, as described at: How to debug Linux kernel modules with QEMU? run GDB with:
gdb -ex add-auto-load-safe-path /full/path/to/linux/kernel
这将从 scripts / gdb 加载树内GDB Python脚本。
This loads the in-tree GDB Python scripts from scripts/gdb.
其中一个脚本提供了:
lx-ps
列出所有格式如下的线程:
which lists all threads with format:
0xffff88000ed08000 1 init
0xffff88000ed08ac0 2 kthreadd
第一个字段是 task_struct 结构的地址,因此我们可以看到整个结构,其中包括:
The first field is the address of the task_struct struct, so we can see the entire struct with:
p ((struct task_struct)*0xffff88000ed08000
从理论上讲,这应该使我们能够获取我们想要的有关该过程的任何信息。
which should in theory allow us to get any information we want about the process.
现在我想找到PC。对于ARM,我已经看到:在内核中查找进程的程序计数器,然后尝试:
Now I wanted to find the PC. For ARM, I've seen: Find program counter of process in kernel and I tried:
task_pt_regs((struct thread_info *)((struct task_struct)*0xffffffc00e8f8000))->uregs[ARM_pc]
但 task_pt_regs 是 #define ,如果没有 -ggdb3 ,GDB将看不到定义:如何在GDB中打印#defined常量?显然未设置?
but task_pt_regs is a #define and GDB cannot see defines without -ggdb3: How do I print a #defined constant in GDB? which are apparently not set?
这篇关于适用于Linux内核的线程感知gdb的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
