内核调试: Gdb无法设置断点，SIGINT对调试会话中的恢复没有影响

Question

：4.13-rc7 x86_64

配置用于Linux内核调试的Buildroot和Qemu。

使用以下命令启动Qemu：

qemu-system-x86_64 -kernel linux-4.13-rc7/arch/x86/boot/bzImage -initrd buildroot-2017.02.5/output/images/rootfs.cpio -append "root=/dev/ram0 console=tty0 kgdboc=ttyS0,9600 kgdbwait" -chardev pty,id=pty -device isa-serial,chardev=pty

现在，在下一个终端窗口中，启动gdb并继续执行以下gdb命令：

`

gdb-peda$ file vmlinux
Reading symbols from vmlinux...done.
warning: File "/root/drive/linux-4.13-rc7/scripts/gdb/vmlinux-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load".
To enable execution of this file add
    add-auto-load-safe-path /root/drive/linux-4.13-rc7/scripts/gdb/vmlinux-gdb.py
line to your configuration file "/root/.gdbinit".
To completely disable this security protection add
    set auto-load safe-path /
line to your configuration file "/root/.gdbinit".
For more information about this security protection see the
"Auto-loading safe path" section in the GDB manual.  E.g., run from the shell:
    info "(gdb)Auto-loading safe path"
gdb-peda$ target remote /dev/pts/3
Remote debugging using /dev/pts/3
Warning: not running or target is remote
0xffffffffbd6f65af in ?? ()
gdb-peda$ b start_kernel
Breakpoint 1 at 0xffffffff81f79ad7: file init/main.c, line 510.
gdb-peda$ c
Continuing.
Warning:
Cannot insert breakpoint 1.
Cannot access memory at address 0xffffffff81f79ad7

Command aborted.
gdb-peda$ `

I也在Qemu机器上尝试过：

echo "g" > /proc/sysrq-trigger。但是什么都没发生。

此外，尝试使用hbreak在start_kernel上设置硬件断点，但没有发生任何事情。

Answer 1

我自己想出了解决方案，我做了以下事情来获得有效的解决方案：

• 将补丁应用于gdb，然后在<$GDB_FOLDER>/gdb/remote.c文件中使用修补程序重新编译它。

GDB修补程序以调整其内部缓冲区的大小:‘

root# diff -u gdb-8\ \(1\).0/gdb/remote.c gdb-8.0/gdb/remote.c

--- "gdb-8 (1).0/gdb/remote.c"  2017-06-04 21:24:54.000000000 +0530
+++ gdb-8.0/gdb/remote.c    2017-09-05 23:27:46.487820345 +0530
@@ -7583,7 +7583,27 @@

   /* Further sanity checks, with knowledge of the architecture.  */
   if (buf_len > 2 * rsa->sizeof_g_packet)
-    error (_("Remote 'g' packet reply is too long: %s"), rs->buf);
+    //error (_("Remote 'g' packet reply is too long: %s"), rs->buf); #patching
+    {
+      warning (_("Assuming long-mode change. [Remote 'g' packet reply is too long: %s]"), rs->buf);
+      rsa->sizeof_g_packet = buf_len ;
+
+      for (i = 0; i < gdbarch_num_regs (gdbarch); i++)
+        {
+          if (rsa->regs[i].pnum == -1)
+            continue;
+
+          if (rsa->regs[i].offset >= rsa->sizeof_g_packet)
+            rsa->regs[i].in_g_packet = 0;
+          else
+            rsa->regs[i].in_g_packet = 1;
+        }
+
+      // HACKFIX: Make sure at least the lower half of EIP is set correctly, so the proper
+      // breakpoint is recognized (and triggered).
+      rsa->regs[8].offset = 16*8;
+    }
+ 

   /* Save the size of the packet sent to us by the target.  It is used
      as a heuristic when determining the max size of packets that the`

• 通过Buildroot构建最小的RootFS。
• 通过以下命令启动Qemu，然后启动新的gdb，然后加载vmlinux文件。
• 在一个终点站： root# qemu-system-x86_64 -kernel /root/drive/linux-4.13-rc7/arch/x86/boot/bzImage -initrd /root/drive/buildroot-2017.02.5/output/images/rootfs.cpio -S -s
• 在另一个航站楼： gdb -q /root/drive/linux-4.13-rc7/vmlinux -ex "target remote localhost:1234"

现在在start_kernel设置断点并继续，它将自动命中断点。