RE: Using KVM for Windows kernel debugging

["Yan Vugenfirer" <yvugenfi@redhat.com>]

In case you don’t need to debug the boot process you could wait for the
Windows to  start and only then start Windbg configure the communication
options and hit break (ctrl+break) to initiate debug session.

Symbols could be downloaded from:
http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx


Best regards,
Yan.

From: Vadim Rozenfeld [mailto:vrozenfe@redhat.com]
Sent: Tuesday, August 18, 2009 2:02 PM
To: Tom Parkin
Cc: Yan Vugenfirer; kvm@vger.kernel.org
Subject: Re: Using KVM for Windows kernel debugging

On 08/18/2009 01:52 PM, Tom Parkin wrote:
2009/8/17 Tom Parkin <tom.parkin@gmail.com>:

Thanks so much for that, Yan, it looks exactly like what I need.  I'll
give it a try when I'm back in the office.


Having given it a try, I'm having some troubles which I hope someone
may be able to assist with ?

Here's my configuration :

I have two Windows XP hosts running in two virtual machines[0].  One
is set up as the "debugee" to export debugging information via. COM1,
the other is set up as the "debugger" with the WinDBG kernel debugger
installed.

I have followed the instructions on the Wiki[1] for creating a virtual
serial connection between the two VMs, and I am able to send messages
between the two VMs using Hyperterm.

However, I am unable to successfully establish a connection between
the WinDBG debugger process and the debugee machine.  The best I've
managed so far is as follows :

  o Boot the debugger VM and start WinDBG
  o Boot the debugee VM
  o The debugee boots to the Windows bootloader screen.  Immediately
after that it appears to hang with a black screen, and it starts
chewing CPU
  o Wait for a short time (~1-2min), after which the WinDBG process
crashes on the debugger VM
  o Restart WinDBG and wait again for a short time (~1-2min).  Again,
WinDBG crashes
  o Restart WinDBG a third time.  This time the debugger window shows
"Kernel debugger connection established", although the window status
bar still shows "Debugee not connected"

Try to download symbols first.

  o Wait for some time (~5min), during which some further messages
come up in the debugger.  Eventually it seems to settle into a loop of
"GetContextState failed" with the occasional "Unable to read KTHREAD
address".

Host (WinDbg) and target are running out-of-sync.


And that appears to be that.  I've left it to run for up to ~15 min,
during which time the debugee VM window never comes out of the
apparent black screen hang, and the debugee kvm process continues to
chew CPU, pretty much pegging one of my cores at 100%.

My questions:

   +  The Wiki mentions a patch to the kvm-qemu sources[2].  Looking
at the git tree it seems this change may be merged, so possibly this
patch isn't required any more.  Can anyone confirm this ?
   +  Does anyone have a working Windows guest debugging setup working
?  Could you share the details ?

Of course, any suggestions on how to debug the entire configuration
would be gratefully received !

Thanks,
Tom

[0].  I'm running ubuntu 9.04 with the distro-provided kvm package
version "1:84+dfsg-0ubuntu12.3".  I'm at somewhat of a loss to relate
this to actual kvm-qemu releases...  My kernel version is
2.6.28-14-generic.  My cpu is a AMD Turion(tm)X2 Ultra DualCore Mobile
ZM-86, and I'm running kvm_amd with the option "npt=0" to avoid kernel
oopses when starting VM images.

[1].  As provided by Yan previously;

http://kvm.qumranet.com/kvmwiki/WindowsGuestDebug

[2].  The link in the Wiki is for a private IP (10.0.0.1) but I think
the patch is probably the same as the one referenced here:

http://www.damogran.de/blog/archives/14-WinDbg-and-QEMU.html