Why does gdb does not show debug symbols of kernel with debug info?

1
votes

I am trying to learn more about kernel and driver development, so for that purpose I thought to use KVM and gdb to establish debug session with custom installed kernel (v5.1.0).
The kernel has debug info included, and here is a chunk of .config I used:

$ rg -i "(debug|kalls|GDB_SCRIPTS).*=y" .config
205:CONFIG_KALLSYMS=y
206:CONFIG_KALLSYMS_ALL=y
...
225:CONFIG_SLUB_DEBUG=y
...
9620:CONFIG_DEBUG_INFO=y
9623:CONFIG_DEBUG_INFO_DWARF4=y
9624:CONFIG_GDB_SCRIPTS=y
9640:CONFIG_DEBUG_KERNEL=y
...

By using "-s" option I can connect to Ubuntu 18.04 kernel in my VM, but gdb does not show any symbols:

Reading symbols from vmlinux...
(gdb) target remote :1234
Remote debugging using :1234
0xffffffff8ea4af66 in ?? ()
(gdb) bt
#0  0xffffffff8ea4af66 in ?? ()
#1  0xffffffff8f603e38 in ?? ()
#2  0xffffffff8ea4abb2 in ?? ()
#3  0x0000000000000000 in ?? ()
(gdb) i t
Ambiguous info command "t": target, tasks, terminal, threads, tp, tracepoints, tvariables, type-printers, types.
(gdb) i threads
  Id   Target Id                  Frame 
* 1    Thread 1 (CPU#0 [halted ]) 0xffffffff8ea4af66 in ?? ()
  2    Thread 2 (CPU#1 [halted ]) 0xffffffff8ea4af66 in ?? ()
(gdb) b printk
Breakpoint 1 at 0xffffffff81101fa3: file /home/ilukic/projects/kernel/linux-stable/kernel/printk/printk.c, line 2030.
(gdb) c
Continuing.
Warning:
Cannot insert breakpoint 1.
Cannot access memory at address 0xffffffff81101fa3

Command aborted.
(gdb) disassemble 0xffffffff81101f83,100
Dump of assembler code from 0xffffffff81101f83 to 0x64:
End of assembler dump.
(gdb) disassemble 0xffffffff81101f83,+100
Dump of assembler code from 0xffffffff81101f83 to 0xffffffff81101fe7:
   0xffffffff81101f83 <kmsg_dump_rewind_nolock+19>:     Cannot access memory at address 0xffffffff81101f83
(gdb) disassemble 0xffffffff81101fa3,+10
Dump of assembler code from 0xffffffff81101fa3 to 0xffffffff81101fad:
   0xffffffff81101fa3 <printk+0>:       Cannot access memory at address 0xffffffff81101fa3

At the end, when inspecting /proc/kallsyms on VM (e.g. searching for printk symbol from previous gdb session), no symbol is found:

~$ cat /proc/kallsyms | grep "t printk"
0000000000000000 t printk_safe_log_store
0000000000000000 t printk_late_init
~$ uname -a
Linux ubuntu18 5.1.0 #2 SMP Tue Nov 12 19:01:21 CET 2019 x86_64 x86_64 x86_64 GNU/Linux

On the other hand when using objdump, "printk" can be found in vmlinux and as seen, gdb does not complain about missing symbol when setting a breakpoint.
I am assuming that installation of kernel went well as no errors were reported, still I can't explain why I can't find corresponding symbols in kallsyms.

Other thing that I find strange is when going through /proc/kallsyms why do all the lines start with 0s.
Any ideas why is gdb not showing any symbols?

1
linux-kernelgdbkvm
/proc/kallsyms shows all the symbols with 0s for security reasons. You need superuser privileges to see the symbols. You may also want to boot the kernel with the "nokaslr" kernel command line option to disable the kernel address space randomization feature if the kernel build has been configured with the CONFIG_RANDOMIZE_BASE=y option, otherwise the symbol values won't match the actual memory addresses.Ian Abbott
@IanAbbott thanks, that was it. If you want to write an answer I'd be happy to vote it up and mark as solution. Thanks again :)Ikac03

1 Answers

0
votes

As @IanAbbott suggested, CONFIG_RANDOMIZE_BASE=y (or "nokaslr" kernel command line argument)
was missing to prevent KASLR.