Article title: unveil the secrets of the Linux kernel debugger. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
KDB Getting Started Guide
It is useful to track kernel execution and view its memory and data structure when debugging kernel problems. The built-in inner-core debugger KDB in Linux provides this function. In this article, you will learn how to use the features provided by KDB and how to install and set KDB on Linux machines. You can also familiarize yourself with the commands that can be used in KDB and set and display options.
The Linux kernel debugger (KDB) allows you to debug the Linux kernel. This tool, like its name, is essentially a patch of kernel code, which allows experts to access the kernel memory and data structure. One of the main advantages of KDB is that it does not need to be debugged on another machine: you can debug the running kernel.
It takes some work to set a machine for KDB, because the kernel needs to be patched and re-compiled. KDB users should be familiar with the compilation of the Linux kernel (to a certain extent, they must be familiar with the internal mechanism of the kernel). However, if you need to compile the kernel, see references at the end of this article.
In this article, we will start with information on downloading KDB patches, patching, (re-compiling) the kernel, and starting KDB. Then we will understand the KDB commands and study some common commands. Finally, let's take a look at some details about settings and display options.
Getting started
The KDB project is maintained by Silicon Graphics (see references for links). you need to download patches related to the kernel version from its FTP site. (When writing this article) the latest available KDB version is 4.2. You need to download and apply two patches.
One is a "public" patch that includes changes to the general kernel code, and the other is a system-specific patch. The patch can be obtained as an bz2 file. For example, on an x86 machine running the 2.4.20 kernel, you need kdb-v4.2-2.4.20-common-1.bz2 and kdb-v4.2-2.4.20-i386-1.bz2.
All examples provided here are for the i386 architecture and the 2.4.20 kernel. You need to make appropriate changes based on your machine and kernel version. You also need the root permission to perform these operations.
Copy the file to the/usr/src/linux directory and extract the patch file from the file compressed with bzip2:
# Bzip2-d kdb-v4.2-2.4.20-common-1.bz2
# Bzip2-d kdb-v4.2-2.4.20-i386-1.bz2
You get kdb-v4.2-2.4.20-common-1 and kdb-v4.2-2.4-i386-1 files.
Apply these patches:
# Patch-p1
# Patch-p1
These patches should be applied cleanly. Search for any file ending with. rej. This extension indicates that these are failed patches. If there is no problem with the kernel tree, the patch application will not have any problems.
Next, you need to build a kernel to support KDB. The first step is to set the CONFIG_KDB option. Use your favorite configuration mechanisms (such as xconfig and menuconfig) to complete this step. Go to the "Kernel hacking" section at the end and select the "Built-in Kernel Debugger support" option.
You can also select the other two options based on your preferences. Select the "Compile the kernel with frame pointers" option (if any), set the CONFIG_FRAME_POINTER flag. This produces better stack backtracking because frame pointer registers are used as frame pointers instead of general registers.
You can also select the "KDB off by default" option. This sets the CONFIG_KDB_OFF flag and closes KDB by default. We will introduce this in detail in the next section.
Save the configuration and exit. Recompile the kernel. We recommend that you run "make clean" before building the kernel ". Install and boot the kernel in common ways.
Initialize and set environment variables
You can define the KDB command that is executed during KDB initialization. You need to define these commands in the plain text file kdb_cmds, which is located in the KDB Directory of the Linux source code tree (after patches are installed, of course. This file can also be used to define environment variables for setting display and print options. Annotations at the beginning of the file provide help in editing the file. The disadvantage of using this file is that you need to re-build and re-install the kernel after you change the file.
Activate KDB
If CONFIG_KDB_OFF is not selected during compilation, KDB is active by default. Otherwise, you need to activate it explicitly-pass the kdb = on flag to the kernel during boot or execute the job after/proc is mounted:
# Echo "1">/proc/sys/kernel/kdb
If you perform the preceding steps, KDB is deactivated. That is to say, if KDB is enabled by default, the kdb = off flag is passed to the kernel or the KDB will be deactivated by performing the following operation:
# Echo "0">/proc/sys/kernel/kdb
We can see that rmqueue () is called by _ alloc_pages, and the latter is called by _ alloc_pages, and so on.
The first double word in each frame points to the next frame, which is followed by the address for calling the function. Therefore, the tracing stack becomes an easy task.
The go command can selectively use an address as a parameter. If you want to continue execution at a specific address, you can provide this address as a parameter. Another way is to use the rm command to modify the instruction pointer register and then enter go. This is useful if you want to skip a specific command or a group of commands that seem to cause problems. However, please note that this command may cause serious problems and the system may crash.
You can use a command named defcmd to define your own command set. For example, whenever a breakpoint occurs, you may want to check a special variable, check the content of some registers, and dump the stack. Generally, you must enter a series of commands to execute all these tasks at the same time. Defcmd allows you to define your own commands. this command can contain one or more predefined KDB commands. Then, you only need to use one command to complete all the three tasks. The syntax is as follows:
[Code: 1: 6ddc15f4ad] [0] kdb> defcmd name "usage" "help"
[0] kdb> [defcmd] type the commands here
[0] kdb> [defcmd] endefcmd [/code: 1: 6ddc15f4ad]
For example, you can define a (simple) new command, hari, which displays a line of memory starting from the address 0xc000000, displays the Register content, and dumps the stack:
[Code: 1: 6ddc15f4ad] [0] kdb> defcmd hari "" no arguments needed"
[0] kdb> [defcmd] md 0xc000000 1
[0] kdb> [defcmd] rd
[0] kdb> [defcmd] md % ebp 1
[0] kdb> [defcmd] endefcmd [/code: 1: 6ddc15f4ad]
The command output will be:
[Code: 1: 6ddc15f4ad] [0] kdb> hari
[Hari] kdb> md 0xc000000 1
0xc000000 00000001 f000e816 f000e2c3 f000e816
[Hari] kdb> rd
Eax = 0x00000000 ebx = 0xc0105330 ecx = 0xc0466000 edx = 0xc0466000
....
...
[Hari] kdb> md % ebp 1
0xc0467fbc c0467fd0 c01053d2 00000002 000a0200
[0] kdb> [/code: 1: 6ddc15f4ad]
[1] [2] [3] Next page