qemu调试内核
· 2 min read
第一步
$ cd linux-4.16
$ make menuconfig
$ make -j8
- 开启debug 信息
Kernel hacking --->
[*] Kernel debugging
Compile-time checks and compiler options --->
[*] Compile the kernel with debug info
[*] Provide GDB scripts for kernel debugging
- 关闭地址随机化
选中
Processor type and features然后关闭
[*] 64-bit kernel │ │
│ │ General setup ---> │ │
│ │ [*] Enable loadable module support ---> │ │
│ │ -*- Enable the block layer ---> │ │
│ │ Processor type and features --->
反选 KASLR, 也就是关闭地址随机化
│ │ [ ] Randomize the address of the kernel image (KASLR)
第二步
编译busybox,注意是静态链接,然后构建initramfs根文件系统
第三步
通过qemu 跑这个系统
qemu-system-x86_64 -kernel /home/dinosaur/Downloads/linux-4.16/arch/x86/boot/bzImage -hda qemu_rootfs.img -append "root=/dev/sda rootfstype=ext4 rw" -gdb tcp::1234
gdb 调试
gdb vmlinux
(gdb) target remote localhost:1234
b vfs_write
然后输出
(gdb) bt
#0 vfs_write (file=0xffff880006431700, buf=0x66506a <error: Cannot access memory at address 0x66506a>,
count=46, pos=0xffffc900000b7f08) at fs/read_write.c:529
#1 0xffffffff811a08cd in SYSC_write (count=<optimized out>, buf=<optimized out>, fd=<optimized out>)
at fs/read_write.c:589
#2 SyS_write (fd=<optimized out>, buf=6705258, count=46) at fs/read_write.c:581
#3 0xffffffff81001c8b in do_syscall_64 (regs=0xffff880006431700) at arch/x86/entry/common.c:287
#4 0xffffffff81a00071 in entry_SYSCALL_64 () at arch/x86/entry/entry_64.S:237
#5 0x0000000000000000 in ?? ()