Is there any way to get Windbg to work with QEMU/KVM?

Is there any way to get Windbg to work with QEMU/KVM?

[duck-j34lQMj1tz/QT0dZR+AlfA]

G'day folks.

Apologies if this is a FAQ. Is there any way to get Windbg working between
two Windows guests? I have recently switched from QEMU+KQEMU to QEMU/KVM
(better speed and a Vista-ready BIOS got me interested). I never did get
Windbg working at all with QEMU+KQEMU. Now I am rather closer with
QEMU/KVM, but still no cigar.

I have two XP2 guests. The first (debugee) has /DEBUG etc. in its BOOT.INI;
the second doesn't. I start the first with '-serial tcp::5555,server'; it
begins loading and waits...I start the latter with '-serial tcp::5555' and
both VMs boot fine.

OK, now I start Windbg on the debugger, choose Kernel debugging and then
try to break into the debugee. It almost works. The debugee freezes, and
the debugger gives some feedback to claim that it's started connecting,
identifies the remote PC, and then...nothing.

If I resynchronise, then occasionally I get a bit further, but never to a
command prompt (the place in Windbg where you type in commands remains
greyed out with "debugee not connected".

After blindly trying applying an oldish QEMU patch mentioned here
(http://www.damogran.de/blog/archives/14-WinDbg-and-QEMU.html) I got ever
so slightly further, to the point that I reached the Windbg command prompt
and could enter commands (e.g. '.dl'). All I got back were sporadic errors
such as "couldn't find KTHREAD entry at blah" and other "it's nae workin'
cap'n" sort of messages.

Can it be made to work? Others seem to have claimed to have done it. Seems
I am so near but so far!

It would certainly be very handy to be able to do proper Windows kernel
debugging with just one PC (and on Linux, no less). Windbg is fine for
kernel snooping under QEMU but you need two PCs if you want to use it to
set breakpoints inside the kernel. (I have tried Syser, a commercial
SoftICE replacement from China, which is a single-PC Windows kernel
debugger-with-built-in-monitor-GUI but it BSODded fairly early on in the
session. Anyway, I really want to stick to Windbg.)


-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php

Re: Is there any way to get Windbg to work with QEMU/KVM?

[Dor Laor]

duck-j34lQMj1tz/QT0dZR+AlfA@public.gmane.org wrote:
> G'day folks.
>
> Apologies if this is a FAQ. Is there any way to get Windbg working between
> two Windows guests? I have recently switched from QEMU+KQEMU to QEMU/KVM
> (better speed and a Vista-ready BIOS got me interested). I never did get
> Windbg working at all with QEMU+KQEMU. Now I am rather closer with
> QEMU/KVM, but still no cigar.
>
> I have two XP2 guests. The first (debugee) has /DEBUG etc. in its BOOT.INI;
> the second doesn't. I start the first with '-serial tcp::5555,server'; it
> begins loading and waits...I start the latter with '-serial tcp::5555' and
> both VMs boot fine.
>
> OK, now I start Windbg on the debugger, choose Kernel debugging and then
> try to break into the debugee. It almost works. The debugee freezes, and
> the debugger gives some feedback to claim that it's started connecting,
> identifies the remote PC, and then...nothing.
>
>   
It's because the qemu patch is not relevant when running in kvm.
The patch makes serial poll every 100 instructions, since in kvm we run 
on bare hw and not
emulation the existing patch does not work.
Instead you might run in parallel to the VM a script that does while(1) 
kill -SIGIO vm_pid.
This will cause constant exits out of kvm's guest mode.
Since I have not tried it myself (I did use the -no-kvm flag) please 
report if it helped.
Regards,
Dor.
> If I resynchronise, then occasionally I get a bit further, but never to a
> command prompt (the place in Windbg where you type in commands remains
> greyed out with "debugee not connected".
>
> After blindly trying applying an oldish QEMU patch mentioned here
> (http://www.damogran.de/blog/archives/14-WinDbg-and-QEMU.html) I got ever
> so slightly further, to the point that I reached the Windbg command prompt
> and could enter commands (e.g. '.dl'). All I got back were sporadic errors
> such as "couldn't find KTHREAD entry at blah" and other "it's nae workin'
> cap'n" sort of messages.
>
> Can it be made to work? Others seem to have claimed to have done it. Seems
> I am so near but so far!
>
> It would certainly be very handy to be able to do proper Windows kernel
> debugging with just one PC (and on Linux, no less). Windbg is fine for
> kernel snooping under QEMU but you need two PCs if you want to use it to
> set breakpoints inside the kernel. (I have tried Syser, a commercial
> SoftICE replacement from China, which is a single-PC Windows kernel
> debugger-with-built-in-monitor-GUI but it BSODded fairly early on in the
> session. Anyway, I really want to stick to Windbg.)
>
>
> -------------------------------------------------------------------------
> SF.Net email is sponsored by:
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
> http://sourceforge.net/services/buy/index.php
> _______________________________________________
> kvm-devel mailing list
> kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
> https://lists.sourceforge.net/lists/listinfo/kvm-devel
>
>   


-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php

Re: Is there any way to get Windbg to work with QEMU/KVM?

[duck-j34lQMj1tz/QT0dZR+AlfA]

[making Windbg's serial protocol work between two VMs]

>Instead you might run in parallel to the VM a script
>that does while(1) kill -SIGIO vm_pid.

The first 'kill -SIGIO' kills the whole VM instantly.

kvm-55 with its own kernel module.


-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace

Re: Is there any way to get Windbg to work with QEMU/KVM?

[Dor Laor]

duck-j34lQMj1tz/QT0dZR+AlfA@public.gmane.org wrote:
> [making Windbg's serial protocol work between two VMs]
>
>   
>> Instead you might run in parallel to the VM a script
>> that does while(1) kill -SIGIO vm_pid.
>>     
>
> The first 'kill -SIGIO' kills the whole VM instantly.
>
> kvm-55 with its own kernel module.
>
>
>   
It works for me, can you send a stack dump from the core dump created?

-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace

Re: Is there any way to get Windbg to work with QEMU/KVM?

[Uri Lublin]

duck-j34lQMj1tz/QT0dZR+AlfA@public.gmane.org wrote:
> G'day folks.
>
> After blindly trying applying an oldish QEMU patch mentioned here
> (http://www.damogran.de/blog/archives/14-WinDbg-and-QEMU.html) I got ever
> so slightly further, to the point that I reached the Windbg command prompt
> and could enter commands (e.g. '.dl'). All I got back were sporadic errors
> such as "couldn't find KTHREAD entry at blah" and other "it's nae workin'
> cap'n" sort of messages.
>
> Can it be made to work? Others seem to have claimed to have done it. Seems
> I am so near but so far!
>   
Try hacking qemu/qemu-kvm.c:pre_kvm_run() with something like that:

+#if 1
+#define MIN_CYCLE_COUNT 100
+		{
+                    static int cycle_count;
+		  
+		    if (++cycle_count > MIN_CYCLE_COUNT) {
+                        cycle_count = 0;
+                        return 1;
+                    }
+		}
+#endif



-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services
for just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace