Re: Using KVM for Windows kernel debugging

[Vadim Rozenfeld <vrozenfe@redhat.com>]

On 08/18/2009 01:52 PM, Tom Parkin wrote:
> 2009/8/17 Tom Parkin<tom.parkin@gmail.com>:
>    
>> Thanks so much for that, Yan, it looks exactly like what I need.  I'll
>> give it a try when I'm back in the office.
>>      
>
> Having given it a try, I'm having some troubles which I hope someone
> may be able to assist with ?
>
> Here's my configuration :
>
> I have two Windows XP hosts running in two virtual machines[0].  One
> is set up as the "debugee" to export debugging information via. COM1,
> the other is set up as the "debugger" with the WinDBG kernel debugger
> installed.
>
> I have followed the instructions on the Wiki[1] for creating a virtual
> serial connection between the two VMs, and I am able to send messages
> between the two VMs using Hyperterm.
>
> However, I am unable to successfully establish a connection between
> the WinDBG debugger process and the debugee machine.  The best I've
> managed so far is as follows :
>
>    o Boot the debugger VM and start WinDBG
>    o Boot the debugee VM
>    o The debugee boots to the Windows bootloader screen.  Immediately
> after that it appears to hang with a black screen, and it starts
> chewing CPU
>    o Wait for a short time (~1-2min), after which the WinDBG process
> crashes on the debugger VM
>    o Restart WinDBG and wait again for a short time (~1-2min).  Again,
> WinDBG crashes
>    o Restart WinDBG a third time.  This time the debugger window shows
> "Kernel debugger connection established", although the window status
> bar still shows "Debugee not connected"
>    
Try to get MS symbols first.
>    o Wait for some time (~5min), during which some further messages
> come up in the debugger.  Eventually it seems to settle into a loop of
> "GetContextState failed" with the occasional "Unable to read KTHREAD
> address".
>    
Could be a timing issue. Probably host (WinDbg) and target are running 
out-of-sync.
Try to add /break switch to boot.ini or bcdedit.
> And that appears to be that.  I've left it to run for up to ~15 min,
> during which time the debugee VM window never comes out of the
> apparent black screen hang, and the debugee kvm process continues to
> chew CPU, pretty much pegging one of my cores at 100%.
>
> My questions:
>
>     +  The Wiki mentions a patch to the kvm-qemu sources[2].  Looking
> at the git tree it seems this change may be merged, so possibly this
> patch isn't required any more.  Can anyone confirm this ?
>     +  Does anyone have a working Windows guest debugging setup working
> ?  Could you share the details ?
>
> Of course, any suggestions on how to debug the entire configuration
> would be gratefully received !
>
> Thanks,
> Tom
>
> [0].  I'm running ubuntu 9.04 with the distro-provided kvm package
> version "1:84+dfsg-0ubuntu12.3".  I'm at somewhat of a loss to relate
> this to actual kvm-qemu releases...  My kernel version is
> 2.6.28-14-generic.  My cpu is a AMD Turion(tm)X2 Ultra DualCore Mobile
> ZM-86, and I'm running kvm_amd with the option "npt=0" to avoid kernel
> oopses when starting VM images.
>
> [1].  As provided by Yan previously;
>
> http://kvm.qumranet.com/kvmwiki/WindowsGuestDebug
>
> [2].  The link in the Wiki is for a private IP (10.0.0.1) but I think
> the patch is probably the same as the one referenced here:
>
> http://www.damogran.de/blog/archives/14-WinDbg-and-QEMU.html
>
>