Build a kernel debug environment based on QEMU + Eclipse (by quqi99)

Zhang Hua posted: 2016-02-06 copyright Notice: Can be reproduced in any way, please be sure to use hyperlinks in the form of the original source of the article and the author's information and this copyright notice(http://blog.csdn.net/quqi99)using QEMU with GDB's graphical front end, such as Eclipse or DDD, it is easy to track protocol stacks or file system memory management. The trace that is related to hardware drivers may be almost. compiling the kernelDownload the Linux kernel source code and compile the generated compressed kernel image (/bak/linux/linux-2.6/arch/x86_64/boot/ bzimage) with the non-compressed kernel for GDB  Elf file (/bak/linux/linux-2.6/ vmlinux). cd/bak/linux/&& git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.githow to compile the kernel reference: compiling Linux kernel and making initrd (by quqi99)sudo apt-get install Libncurses5-devMake menuconfig make-j 8 bzimagemaking INITRDto make INITRD, use config_blk_dev_initrd=y compile when using INITRD kernel. See my blog:http://blog.csdn.net/quqi99/article/details/11860241   sudo apt-get install build-essential initramfs-toolssudo make modules_install #将生成/lib/modules/4.5.0-rc2+mkinitramfs-o initrd.img-v 4.5.0-rc2+making initrd with BusyBoxMkdir-p/bak/linux/initramfs/{bin,sbin,etc,proc,sys,newroot}cd/bak/linuxtouch Initramfs/etc/mdev.confwget/http Jootamam.net/initramfs-files/busybox-1.10.1-static.bz2-o-| Bunzip2 > Initramfs/bin/busyboxchmod +x initramfs/bin/busyboxtouch initramfs/init

chmod +x Initramfs/init

The Initramfs/init file is as follows:

#!/bin/sh#mount things needed by this scriptmount-t proc proc/procmount-t SYSFS sysfs/sys#disable kernel messages from Popping onto the Screenecho 0 >/proc/sys/kernel/printk#clear The screenclear#create all the symlinks to/bin/busyboxBusyBox--install-s#Create device nodesmknod/dev/null C 1 3mknod/dev/tty C 5 0mdev-s#function for parsing command line options with ' = ' in them# get_opt ("Init=/sbin/init") would return "/sbin/init" get_opt () {echo "[email protected]" | cut-d "="-F 2} #Defaultsi nit= "/sbin/init" root= "/dev/hda1" #Process command line optionsfor I in $ (Cat/proc/cmdline); Docase $i inroot\=*) root=$ (get_opt $i);; init\=*) init=$ (get_opt $i);; Esacdone#mount the root Devicemount "${root}"/newroot#check if $init exists and is Executableif [[-X '/newroot/${init} ' ]] ; Then#unmount all, mounts so, the ram used By#the Initramfs can cleared after Switch_rootumount/sys/proc#swit Ch to the new root and execute initexec switch_root/newroot "${init}" Fi#this would only be run if the exec above Failedech O "Failed to Switch_root, dropping to a shell" exec sh

CD Initramfs
Find. | Cpio-h newc-o >. /initramfs.cpio
Cd..
Cat Initramfs.cpio | gzip > Initramfs.igz

But the abovebusybox-1.10.1-static.bz2 does not seem to have ext2 module does not recognize the-hda parameters of Qemu passed in the ext2 format of the hard disk, so finally changed from busybox-1.24.0 source code compiled. wget https://busybox.net/downloads/busybox-1.24.0.tar.bz2Make menuconfig
Config_mkfs_ext2=y
Busybox Settings--->
Build Options--->
[*] Build BusyBox as a static binary (no shared libs)//static compilation
Make & make Install
cp-avr/bak/linux/busybox-1.24.0/_install/*/bak/linux/initramfs/
QEMU loads the kernelwget http://www.nongnu.org/qemu/linux-0.2.img.bz2
sudo qemu-system-x86_64-hda/bak/images/linux-0.2.img-hdb/bak/linux/disk.img-kernel/bak/linux/linux-2.6/arch/x86 _64/boot/bzimage-initrd/bak/linux/initramfs.igz-append "Root=/dev/sda init=sbin/init console=ttyS0"-NOGRAPHIC-SMP 1,cores=1 -s-s
The parameters are explained as follows:

1. Where-S is the debug port 1234 on GDB, and-s means that when QEMU is running, the ontinue operation is frozen for gdb Execution (c).
2. console=ttys0 "-nographic means not to open a new graphical window, use the Bash command directly
3. -append "ROOT=/DEV/SDA init=sbin/init should be consistent with the Init script in the Initrd file.

debugging the kernel with GDBThe-s parameter of QEMU opens gdbserver on port 1234 by default.
[Email protected]:~$ sudo netstat-anp |grep 1234
TCP 0 0 0.0.0.0:1234 0.0.0.0:* LISTEN 24309/qemu-system-x
[Email protected]:~$/bak/java/gdb/bin/gdb/bak/linux/linux-2.6/vmlinux
...
(GDB) Target Remote localhost:1234
Remote Debugging using localhost:1234
0x0000000000000000 in Irq_stack_union ()
(GDB) B start_kernel
Breakpoint 1 at 0xffffffff81d66b09:file init/main.c, line 498.
(GDB) Info Registers
(GDB) bt
(GDB) C
(GDB) List
(GDB) Set architecture
Requires an argument. Valid arguments is i386, i386:x86-64, i386:x64-32, i8086, I386:intel,i386:x86-64:intel, I386:x64-32:intel, Auto.
debugging the kernel with Eclipse1, Linux source size is too large, Setting workspace global prohibits using Eclipse to do automatic builds on code. The index can still be left to eclipse for easy search and code navigation in eclipse.
   -Preferences, Generl Workspace, Build automatically (Disable)
2, import kernel source into Eclipse project, Toolchain selected as Linux GCC.
Existing Code as Makefile Project
3. Create a debug initiator (debug Configurations-C + + Remote application)
Choose GdB (DSF) Manual Remote debugging Launcher
Main TAB,-c/c++ application point to actual uncompress kernel:/bak/linux/linux-2.6/ vmlinux
Main TAB,-disable Auto Build
Debugger TAB-Stop on startup at ' Start_kernel '
Debugger TAB, connection, Host Name or IP Address, = localhost
Debugger TAB, connection, Port number = 1234
compile gdb to resolve error "Remote ' G ' packet reply is too long"Cd/bak/java && wget http://ftp.gnu.org/gnu/gdb/gdb-7.7.tar.gz
Modify the Gdb/remote.c file, in the Process_g_packet function, the following code:
if (Buf_len > 2 * rsa->sizeof_g_packet)
Error (_ ("Remote ' G ' packet reply is too long:%s"), RS->BUF);
Modify the last two lines of code to the following code, or directly comment on the two lines without adding anything:

if (Buf_len > 2 * rsa->sizeof_g_packet) {  rsa->sizeof_g_packet = Buf_len;  for (i = 0; i < Gdbarch_num_regs (gdbarch); i++) {    if (rsa->regs[i].pnum = =-1)      continue;    if (Rsa->regs[i].offset >= rsa->sizeof_g_packet)      rsa->regs[i].in_g_packet = 0;    else      rsa->regs[i].in_g_packet = 1;  }}

./configure--prefix=/bak/java/gdb && make && make install
Next you reconfigure Eclipse, click the menu "Run", "Debug configurations ...", in the popup dialog, switch to "Debugger" under "Main" page, modify "GDB Debugger:" For the newly compiled GDB (/BAK/JAVA/GDB/BIN/GDB), not the default gdb

Reference[1] http://blog.chinaunix.net/uid-26009923-id-3825761.html
[2] http://mgalgs.github.io/2012/03/23/how-to-build-a-custom-linux-kernel-for-qemu.html[3] http://www.kgdb.info/kgdb/use_kgdb/using_kgdb_base_qemu/


Appendix 1, creating an index using Cscope1, create Cscope.files
lnx=/bak/linux/linux-2.6
CD/
Find $LNX \
-path "$LNX/arch/*"! -path "$LNX/arch/i386*"-prune-o \
-path "$LNX/include/asm-*"! -path "$LNX/include/asm-i386*"-prune-o \
-path "$LNX/tmp*"-prune-o \
-path "$LNX/documentation*"-prune-o \
-path "$LNX/scripts*"-prune-o \
-path "$LNX/drivers*"-prune-o \
-name "*. [CHXSS] "-print >/bak/linux/linux-2.6/cscope/cscope.files
2. CREATE INDEX Database
Cd/bak/linux/linux-2.6/cscope
3, using the index database
Cscope-d

Build a kernel debug environment based on QEMU + Eclipse (by quqi99)