|
>From VB, create the named pipe vbox_ubuntu.log (created by VB to mapped to the serial port of the machine): /sda3/solaris/kmdb_virtualbox>socat -d -d /tmp/vbox_ubuntu.log pty: 2010/05/29 15:37:09 socat[7117] N successfully connected via 2010/05/29 15:37:09 socat[7117] N PTY is /dev/pts/8 2010/05/29 15:37:09 socat[7117] N starting data transfer loop with FDs [3,3] and [4,4] (gdb) set remotebaud 115200 (gdb) target remote /dev/pts/8 Remote debugging using /dev/pts/8 0xc0189085 in write_mem_msg (binary=0) at kernel/kgdb.c:485 485 if (kgdb_hex2long(&ptr, &addr) > 0 && *(ptr++) == ',' && (note the pts/8 follows from socat's output) This is where the first kgdb stop: (gdb) bt #0 0xc0189085 in write_mem_msg (binary=0) at kernel/kgdb.c:485 #1 0xc03cb4ee in dev_driver_string (dev=0x96) at drivers/base/core.c:66 #2 0xc07f77a4 in init_kgdboc () at drivers/serial/kgdboc.c:88 #3 0xc0101123 in do_one_initcall (fn=0xc06d5b00 <kallsyms_token_index+86332>) at init/main.c:732 #4 0xc07c93bd in kernel_init (unused=<value optimized out>) at init/main.c:772 #5 0xc01033b6 in kernel_thread_helper () at arch/x86/kernel/entry_32.S:1051 (gdb) If writing a kernel module, with inline assembled "int $3" --> this can easily break into the kernel( this solved the problem of many difficulties associated with sysrq-key input method to enter the kernel): (gdb) x /10i $eip-1 0xf803f003: int3 0xf803f004: xor %eax,%eax 0xf803f006: pop %ebp 0xf803f007: ret 0xf803f008: nop 0xf803f009: lea 0x0(%esi,%eiz,1),%esi 0xf803f010: push %ebp 0xf803f011: mov %esp,%ebp 0xf803f013: sub $0x4,%esp 0xf803f016: movl $0xf803f048,(%esp) (gdb) bt #0 0xf803f004 in ?? () #1 0xc0101123 in do_one_initcall (fn=0xf803f000) at init/main.c:732 #2 0xc0174ea2 in sys_init_module (umod=0x8a19018, len=58586, uargs=0x8a19008 "") at kernel/module.c:2539 #3 0xc0102ddc in sysenter_do_call () at arch/x86/kernel/entry_32.S:457 #4 0x08a19018 in ?? () Note that if the kernel is not built with CONFIG_DEBUG_RODATA = n, (not the default) then the kernel image cannot have breakpoints set, (or possibly the "ro" parameters passed into menu.lst): Like the following - setting breakpoint has no problem, but has problem when executing later: (gdb) break sys_init_module Breakpoint 4 at 0xc0174cc0: file kernel/module.c, line 2502. (gdb) break do_one_ do_one_initcall do_one_pass (gdb) break do_one_pass Breakpoint 5 at 0xc02c86c0: file fs/jbd2/recovery.c, line 356. (2 locations) (gdb) break do_one_initcall Breakpoint 6 at 0xc010110a: file init/main.c, line 721. (gdb) cont Continuing. Warning: Cannot insert breakpoint 2. Error accessing memory address 0xc010e990: Unknown error 4294967295. Cannot insert breakpoint 3. Error accessing memory address 0xc0515b20: Unknown error 4294967295. Cannot insert breakpoint 4. Error accessing memory address 0xc0174cc0: Unknown error 4294967295. Cannot insert breakpoint 5. Error accessing memory address 0xc02c86c0: Unknown error 4294967295. Cannot insert breakpoint 5. Error accessing memory address 0xc02c8a89: Unknown error 4294967295. Cannot insert breakpoint 6. Error accessing memory address 0xc010110a: Unknown error 4294967295. But if properly set, eg, on icmp_rcv() then breakpoint should be smooth: (gdb) cont Continuing. [New Thread 3415] [Switching to Thread 3415] Breakpoint 7, icmp_rcv (skb=0xc2cb0000) at include/linux/skbuff.h:416 416 return (struct dst_entry *)skb->_skb_dst; (gdb) bt #0 icmp_rcv (skb=0xc2cb0000) at include/linux/skbuff.h:416 #1 0xc04ec715 in ip_local_deliver_finish (skb=0xc2cb0000) at net/ipv4/ip_input.c:231 #2 0xc04ec88f in ip_local_deliver (skb=0xc2cb0000) at include/linux/netfilter.h:206 #3 0xc04ec10b in ip_rcv_finish (skb=0xc2cb0000) at include/net/dst.h:270 #4 0xc04ec504 in ip_rcv (skb=0xc2cb0000, dev=0xf73ae800, pt=<value optimized out>, orig_dev=0xf73ae800) at include/linux/netfilter.h:206 #5 0xc04c7124 in netif_receive_skb (skb=0xc2cb0000) at net/core/dev.c:2581 #6 0xf809c368 in ?? () #7 0xc04c76cf in net_rx_action (h=<value optimized out>) at net/core/dev.c:3060 #8 0xc0145822 in __do_softirq () at kernel/softirq.c:219 #9 0xc014592d in do_softirq () at kernel/softirq.c:266 #10 0xc0145ab5 in irq_exit () at kernel/softirq.c:303 #11 0xc01042ef in do_IRQ (regs=0xc2ce1e14) at arch/x86/kernel/irq.c:247 #12 0xc01033a9 in common_interrupt () at arch/x86/kernel/entry_32.S:860 #13 0xfffb6000 in ?? () #14 0xc012ab1a in kunmap_atomic (kvaddr=<value optimized out>, type=<value optimized out>) at /sdc1/download/linux-2.6-latest/arch/x86/include/asm/paravirt.h:385 #15 0xc01ca07d in do_wp_page (mm=0xc334ee00, vma=0xc2cafcb8, ---Type <return> to continue, or q <return> to quit--- address=135234074, page_table=0xfffb23e0, pmd=0xc2c9d080, ptl=0xc3db70ac, orig_pte={pte = 1043808357, pte_low = 1043808357}) at include/linux/highmem.h:192 #16 0xc01cb085 in handle_mm_fault (mm=0xc334ee00, vma=0xc2cafcb8, address=135234074, flags=1) at mm/memory.c:3079 #17 0xc05aa0ce in do_page_fault (regs=0xc2ce1fb4, error_code=7) at arch/x86/mm/fault.c:1120 #18 0xc05a75d6 in page_fault () #19 0x00000020 in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) >From above, the entire backtrace of icmp_rcv() can be seen. Breakpoint 7, icmp_rcv (skb=0xc2e39c00) at include/linux/skbuff.h:416 416 return (struct dst_entry *)skb->_skb_dst; (gdb) bt #0 icmp_rcv (skb=0xc2e39c00) at include/linux/skbuff.h:416 #1 0xc04ec715 in ip_local_deliver_finish (skb=0xc2e39c00) at net/ipv4/ip_input.c:231 #2 0xc04ec88f in ip_local_deliver (skb=0xc2e39c00) at include/linux/netfilter.h:206 #3 0xc04ec10b in ip_rcv_finish (skb=0xc2e39c00) at include/net/dst.h:270 #4 0xc04ec504 in ip_rcv (skb=0xc2e39c00, dev=0xf73ae800, pt=<value optimized out>, orig_dev=0xf73ae800) at include/linux/netfilter.h:206 #5 0xc04c7124 in netif_receive_skb (skb=0xc2e39c00) at net/core/dev.c:2581 #6 0xf809c368 in ?? () #7 0xc04c76cf in net_rx_action (h=<value optimized out>) at net/core/dev.c:3060 #8 0xc0145822 in __do_softirq () at kernel/softirq.c:219 #9 0xc014592d in do_softirq () at kernel/softirq.c:266 #10 0xc0145ab5 in irq_exit () at kernel/softirq.c:303 #11 0xc01042ef in do_IRQ (regs=0xc076ff68) at arch/x86/kernel/irq.c:247 #12 0xc01033a9 in common_interrupt () at arch/x86/kernel/entry_32.S:860 #13 0xc076e000 in _sdata () #14 0x00000000 in ?? () (gdb) cont Continuing. Breakpoint 7, icmp_rcv (skb=0xc2e39f00) at include/linux/skbuff.h:416 416 return (struct dst_entry *)skb->_skb_dst; (gdb) bt #0 icmp_rcv (skb=0xc2e39f00) at include/linux/skbuff.h:416 #1 0xc04ec715 in ip_local_deliver_finish (skb=0xc2e39f00) at net/ipv4/ip_input.c:231 #2 0xc04ec88f in ip_local_deliver (skb=0xc2e39f00) at include/linux/netfilter.h:206 #3 0xc04ec10b in ip_rcv_finish (skb=0xc2e39f00) at include/net/dst.h:270 #4 0xc04ec504 in ip_rcv (skb=0xc2e39f00, dev=0xf73ae800, pt=<value optimized out>, orig_dev=0xf73ae800) at include/linux/netfilter.h:206 #5 0xc04c7124 in netif_receive_skb (skb=0xc2e39f00) at net/core/dev.c:2581 #6 0xf809c368 in ?? () #7 0xc04c76cf in net_rx_action (h=<value optimized out>) at net/core/dev.c:3060 #8 0xc0145822 in __do_softirq () at kernel/softirq.c:219 #9 0xc014592d in do_softirq () at kernel/softirq.c:266 #10 0xc0145ab5 in irq_exit () at kernel/softirq.c:303 #11 0xc01042ef in do_IRQ (regs=0xc076ff68) at arch/x86/kernel/irq.c:247 #12 0xc01033a9 in common_interrupt () at arch/x86/kernel/entry_32.S:860 #13 0xc076e000 in _sdata () #14 0x00000000 in ?? () (gdb) cont Continuing. ^[`[New Thread 3885] [Switching to Thread 3885] Breakpoint 10, tcp_sendmsg (iocb=0xc2dbfee0, sock=0xc2b24380, msg=0xc2dbfea0, size=102) at net/ipv4/tcp.c:903 903 struct sock *sk = sock->sk; (gdb) bt #0 tcp_sendmsg (iocb=0xc2dbfee0, sock=0xc2b24380, msg=0xc2dbfea0, size=102) at net/ipv4/tcp.c:903 #1 0xc04b5553 in sock_aio_write (iocb=0xc2dbfee0, iov=0xc2dbff50, nr_segs=<value optimized out>, pos=<value optimized out>) at net/socket.c:554 #2 0xc01e4b81 in do_sync_write (filp=0xc2ea4600, buf=<value optimized out>, len=<value optimized out>, ppos=0xc2dbff98) at fs/read_write.c:320 #3 0xc01e51e0 in vfs_write (file=0xc2ea4600, buf=0xbfe56c60 "GET / HTTP/1.0\r\nUser-Agent: Wget/1.10.2\r\nAccept: */*\r\nHost: www.ibm.com.sg\r\nConnection: Keep-Alive\r\n\r\n", count=<value optimized out>, pos=0xc2dbff98) at fs/read_write.c:351 #4 0xc01e52ad in sys_write (fd=3, buf=0xbfe56c60 "GET / HTTP/1.0\r\nUser-Agent: Wget/1.10.2\r\nAccept: */*\r\nHost: www.ibm.com.sg\r\nConnection: Keep-Alive\r\n\r\n", count=102) at fs/read_write.c:401 #5 0xc0102ddc in sysenter_do_call () at arch/x86/kernel/entry_32.S:457 #6 0x00000003 in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) bt #0 tcp_sendmsg (iocb=0xc2dbfee0, sock=0xc2b24380, msg=0xc2dbfea0, size=102) at net/ipv4/tcp.c:903 #1 0xc04b5553 in sock_aio_write (iocb=0xc2dbfee0, iov=0xc2dbff50, nr_segs=<value optimized out>, pos=<value optimized out>) at net/socket.c:554 #2 0xc01e4b81 in do_sync_write (filp=0xc2ea4600, buf=<value optimized out>, len=<value optimized out>, ppos=0xc2dbff98) at fs/read_write.c:320 #3 0xc01e51e0 in vfs_write (file=0xc2ea4600, buf=0xbfe56c60 "GET / HTTP/1.0\r\nUser-Agent: Wget/1.10.2\r\nAccept: */*\r\nHost: www.ibm.com.sg\r\nConnection: Keep-Alive\r\n\r\n", count=<value optimized out>, pos=0xc2dbff98) at fs/read_write.c:351 #4 0xc01e52ad in sys_write (fd=3, buf=0xbfe56c60 "GET / HTTP/1.0\r\nUser-Agent: Wget/1.10.2\r\nAccept: */*\r\nHost: www.ibm.com.sg\r\nConnection: Keep-Alive\r\n\r\n", count=102) at fs/read_write.c:401 #5 0xc0102ddc in sysenter_do_call () at arch/x86/kernel/entry_32.S:457 #6 0x00000003 in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) cont Continuing. Breakpoint 11, tcp_recvmsg (iocb=0xc2dbfdc8, sk=0xc3394500, msg=0xc2dbff10, len=511, nonblock=0, flags=2, addr_len=0xc2dbfda4) at net/ipv4/tcp.c:1394 1394 { (gdb) bt #0 tcp_recvmsg (iocb=0xc2dbfdc8, sk=0xc3394500, msg=0xc2dbff10, len=511, nonblock=0, flags=2, addr_len=0xc2dbfda4) at net/ipv4/tcp.c:1394 #1 0xc04b8073 in sock_common_recvmsg (iocb=0xc2dbfdc8, sock=<value optimized out>, msg=0xc2dbff10, size=511, flags=0) at net/core/sock.c:2055 #2 0xc04b6e9b in sock_recvmsg (sock=0xc2b24380, msg=<value optimized out>, size=511, flags=2) at net/socket.c:678 #3 0xc04b6f8a in sys_recvfrom (fd=3, ubuf=0x9372990, size=511, flags=2, addr=0x0, addr_len=0x0) at net/socket.c:1746 #4 0xc04b7026 in sys_recv (fd=3, ubuf=0x9372990, size=511, flags=2) at net/socket.c:1767 #5 0xc04b7bf7 in sys_socketcall (call=10, args=0xbfe56c80) at net/socket.c:2291 #6 0xc0102ddc in sysenter_do_call () at arch/x86/kernel/entry_32.S:457 #7 0x0000000a in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) cont Continuing. Breakpoint 11, tcp_recvmsg (iocb=0xc2dbfee0, sk=0xc3394500, msg=0xc2dbfea0, len=235, nonblock=0, flags=0, addr_len=0xc2dbfe48) at net/ipv4/tcp.c:1394 1394 { (gdb) bt #0 tcp_recvmsg (iocb=0xc2dbfee0, sk=0xc3394500, msg=0xc2dbfea0, len=235, nonblock=0, flags=0, addr_len=0xc2dbfe48) at net/ipv4/tcp.c:1394 #1 0xc04b8073 in sock_common_recvmsg (iocb=0xc2dbfee0, sock=<value optimized out>, msg=0xc2dbfea0, size=235, flags=0) at net/core/sock.c:2055 #2 0xc04b56a5 in sock_aio_read (iocb=0xc2dbfee0, iov=<value optimized out>, nr_segs=<value optimized out>, pos=<value optimized out>) at net/socket.c:678 #3 0xc01e4c71 in do_sync_read (filp=0xc2ea4600, buf=<value optimized out>, len=<value optimized out>, ppos=0xc2dbff98) at fs/read_write.c:264 #4 0xc01e545d in vfs_read (file=0xc2ea4600, buf=0x9372990 "HTTP/1.1 301 Moved Permanently\r\nDate: Sun, 30 May 2010 16:06:59 GMT\r\nServer: IBM_HTTP_Server\r\nContent-Type: text/html\r\nLocation: http://www.ibm.com/sg/en/\r\nContent-Length: 233\r\nKp-eeAlive: timeout=10,"..., count=<value optimized out>, pos=0xc2dbff98) at fs/read_write.c:295 #5 0xc01e552d in sys_read (fd=3, buf=0x9372990 "HTTP/1.1 301 Moved Permanently\r\nDate: Sun, 30 May 2010 16:06:59 GMT\r\nServer: IBM_HTTP_Server\r\nContent-Type: text/html\r\nLocation: http://www.ibm.com/sg/en/\r\nContent-Length: 233\r\nKp-eeAlive: timeout=10,"..., count=235) at fs/read_write.c:383 #6 0xc0102ddc in sysenter_do_call () at arch/x86/kernel/entry_32.S:457 #7 0x00000003 in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) cont Continuing. Breakpoint 11, tcp_recvmsg (iocb=0xc2dbfee0, sk=0xc3394500, msg=0xc2dbfea0, len=233, nonblock=0, flags=0, addr_len=0xc2dbfe48) at net/ipv4/tcp.c:1394 1394 { (gdb) bt (gdb) cont Continuing. Breakpoint 10, tcp_sendmsg (iocb=0xc2dbfee0, sock=0xc2b24540, msg=0xc2dbfea0, size=105) at net/ipv4/tcp.c:903 903 struct sock *sk = sock->sk; (gdb) bt #0 tcp_sendmsg (iocb=0xc2dbfee0, sock=0xc2b24540, msg=0xc2dbfea0, size=105) at net/ipv4/tcp.c:903 #1 0xc04b5553 in sock_aio_write (iocb=0xc2dbfee0, iov=0xc2dbff50, nr_segs=<value optimized out>, pos=<value optimized out>) at net/socket.c:554 #2 0xc01e4b81 in do_sync_write (filp=0xc2f05700, buf=<value optimized out>, len=<value optimized out>, ppos=0xc2dbff98) at fs/read_write.c:320 #3 0xc01e51e0 in vfs_write (file=0xc2f05700, buf=0xbfe56c60 "GET /sg/en/ HTTP/1.0\r\nUser-Agent: Wget/1.10.2\r\nAccept: */*\r\nHost: www.ibm.com\r\nConnection: Keep-Alive\r\n\r\n", count=<value optimized out>, pos=0xc2dbff98) at fs/read_write.c:351 #4 0xc01e52ad in sys_write (fd=4, buf=0xbfe56c60 "GET /sg/en/ HTTP/1.0\r\nUser-Agent: Wget/1.10.2\r\nAccept: */*\r\nHost: www.ibm.com\r\nConnection: Keep-Alive\r\n\r\n", count=105) at fs/read_write.c:401 #5 0xc0102ddc in sysenter_do_call () at arch/x86/kernel/entry_32.S:457 #6 0x00000004 in ?? () Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) cont Continuing. |
