用于 Linux 内核的线程感知 gdb [英] thread-aware gdb for the Linux kernel
问题描述
我正在使用连接到虚拟机串行端口的 gdb 来调试 linux 内核.
I am using gdb attached to a serial port of a virtual machine to debug linux kernel.
我想知道,是否有任何补丁/插件可以让 gdb 理解一些 linux 内核的数据结构并使其线程感知"?
I am wondering, if there is any patches/plugins which can make the gdb understand some of linux kernel's data structure and make it "thread aware"?
我的意思是在 gdb 下我可以看到有多少内核线程,它们的状态,以及每个线程的堆栈信息.
By that I mean under gdb I can see how many kernel threads are there, their status, and for each thread, their stack information.
推荐答案
libvmi
https://github.com/libvmi/libvmi
该项目执行LibVMI:简化的虚拟机自省";听起来很接近.
This project does "LibVMI: Simplified Virtual Machine Introspection" which sounds really close.
这个项目特别是 https://github.com/Wenzel/pyvmidbg 使用 libvmi 和功能在其中调试 Windows 用户态应用程序表单的演示视频,没有内存冲突.
This project in particular https://github.com/Wenzel/pyvmidbg uses libvmi and features a demo video of debugging a Windows userland application form inside it, without memory conflicts.
截至 2019 年 5 月,有两个限制,但截至 2019 年 5 月,这两个限制都可以通过一些工作来克服:https://github.com/Wenzel/pyvmidbg/issues/24
As of May 2019, there are two limitations however as of May 2019, both of which could be overcome with some work: https://github.com/Wenzel/pyvmidbg/issues/24
- Linux 内存解析尚未完成
- 需要 Xen
该项目的开发者还进一步回答了:https://stackoverflow.com/a/56369454/895245
The developer of that project also answered further at: https://stackoverflow.com/a/56369454/895245
在我看来,用这些库来实现它是今天实现这一目标的最佳方式.
Implementing it with those libraries would be in my opinion the best way to achieve this goal today.
Linaro lkd-python
首先,这个 Linaro 页面声称有一个工作设置:https://wiki.linaro.org/LandingTeams/ST/GDB 允许你做通常的线程操作,例如thread、bt等,但它依赖于GDB fork.我稍后会测试它.2016 年,https://youtu.be/pqn5hIrz3A8 说实现是用 C 语言实现的,而不是 Python 脚本不幸的是,这会更好并避免分叉.lkd-python 的草图可以在以下位置找到:https://git.linaro.org/people/lee.jones/kieran.bingham/binutils-gdb.git/log/?h=lkd-python
First, this Linaro page claims to have a working setup: https://wiki.linaro.org/LandingTeams/ST/GDB that allows you to do usual thread operations such as thread, bt, etc., but it relies on a GDB fork. I will test it out later. In 2016, https://youtu.be/pqn5hIrz3A8 says that the implementation was in C, not as Python scripts unfortunately, which would be better and avoid forking. The sketch for lkd-python can be found at: https://git.linaro.org/people/lee.jones/kieran.bingham/binutils-gdb.git/log/?h=lkd-python
Linux 内核树内 GDB 脚本 + 我的大脑
然后,我尝试使用 v4.17 的内核树内 Python 脚本 + 作为原型进行一些手动干预,但还没有完全实现.
I then tried to see what I could do with the kernel in-tree Python scripts at v4.17 + some manual intervention as a prototype, but didn't quite get there yet.
我已经使用这个高度自动化的QEMU进行了测试Buildroot 设置.
首先按照我在以下位置描述的程序进行操作:如何使用 GDB 和 QEMU 调试 Linux 内核?以使 GDB 正常工作.
First follow the procedure I described at: How to debug the Linux kernel with GDB and QEMU? to get GDB working.
然后,如下所述:如何调试带有 QEMU 的 Linux 内核模块? 使用以下命令运行 GDB:
Then, as described at: How to debug Linux kernel modules with QEMU? run GDB with:
gdb -ex add-auto-load-safe-path /full/path/to/linux/kernel
这会从 scripts/gdb 加载树内 GDB Python 脚本.
This loads the in-tree GDB Python scripts from scripts/gdb.
其中一个脚本提供:
lx-ps
其中列出了所有带有格式的线程:
which lists all threads with format:
0xffff88000ed08000 1 init
0xffff88000ed08ac0 2 kthreadd
第一个字段是task_struct结构体的地址,所以我们可以看到整个结构体:
The first field is the address of the task_struct struct, so we can see the entire struct with:
p (struct task_struct)*0xffff88000ed08000
理论上应该允许我们获得我们想要的关于过程的任何信息.
which should in theory allow us to get any information we want about the process.
现在我想找到 PC.对于 ARM,我已经看到:在内核中查找进程的程序计数器 我试过了:
Now I wanted to find the PC. For ARM, I've seen: Find program counter of process in kernel and I tried:
task_pt_regs((struct thread_info *)((struct task_struct)*0xffffffc00e8f8000))->uregs[ARM_pc]
但是 task_pt_regs 是一个 #define 并且 GDB 在没有 -ggdb3 的情况下无法看到定义:如何在 GDB 中打印 #defined 常量? 哪些显然没有设置?
but task_pt_regs is a #define and GDB cannot see defines without -ggdb3: How do I print a #defined constant in GDB? which are apparently not set?
这篇关于用于 Linux 内核的线程感知 gdb的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
