Linux kernel live debugging, how it's done and what tools are used?

Question

What are the most common and why not uncommon methods and tools used to do live debugging on the Linux kernel? I know that Linus for eg. is against this kind of debugging fo

Answer 1

User mode Linux (UML)

https://en.wikipedia.org/wiki/User-mode_Linux

Another virtualization another method that allows step debugging kernel code.

UML is very ingenious: it is implemented as an ARCH, just like x86, but instead of using low level instructions, it implements the ARCH functions with userland system calls.

The result is that you are able to run Linux kernel code as a userland process on a Linux host!

First make a rootfs and run it as shown at: https://unix.stackexchange.com/questions/73203/how-to-create-rootfs-for-user-mode-linux-on-fedora-18/372207#372207

The um defconfig sets CONFIG_DEBUG_INFO=y by default (yup, it is a development thing), so we are fine.

On guest:

i=0
while true; do echo $i; i=$(($i+1)); done

On host in another shell:

ps aux | grep ./linux
gdb -pid "$pid"

In GDB:

break sys_write
continue
continue

And now you are controlling the count from GDB, and can see source as expected.

Pros:

• fully contained in the Linux kernel mainline tree
• more lightweight than QEMU's full system emulation

Cons:

• very invasive, as it changes how the kernel itself is compiled.

  But the higher level APIs outside of ARCH specifics should remain unchanged.

• arguably not very active: Is user mode linux (UML) project stopped?

See also: https://unix.stackexchange.com/questions/127829/why-would-someone-want-to-run-usermode-linux-uml