简体繁体 English

单步执行Linux内核源代码？

[英]Stepping through Linux kernel source code?

原文 2013-01-16 21:55:42 5 2 linux/ unix/ ubuntu/ kernel

My aim is to learn how Linux works. 我的目标是了解Linux的工作原理。 I know there are smaller kernels out there- I have the Minix book but the problem is that whilst teaching the concepts is ok- I really want to learn the specifics of the linux kernel. 我知道那里有更小的内核 - 我有Minix书，但问题是虽然教授概念是好的 - 我真的想学习linux内核的细节。

I have a copy of linux kernel source code. 我有一份linux内核源代码。 Is there any technique so that I could "launch" this source code and somehow step-through the code so I can see what is happening? 是否有任何技术，以便我可以“启动”此源代码并以某种方式逐步执行代码，以便我可以看到发生了什么？

If not, what is the next best technique to learn exactly what is happening (including recommended books, blogs, tech docs etc)? 如果没有，那么准确了解正在发生的事情的最佳技术是什么（包括推荐的书籍，博客，技术文档等）？

EDIT 编辑

Does the source code have good documentation for particular OS areas? 源代码是否具有针对特定操作系统区域的良好文档？

2 个解决方案

You can build the kernel in the "User Mode Linux" architecture, and run it as a normal process within another (Linux) OS. 您可以在“用户模式Linux”体系结构中构建内核，并将其作为另一个（Linux）操作系统中的常规进程运行。 (Hint: RTFM, "make ARCH=um" ) （提示：RTFM，“make ARCH = um”）

Then you can run it under the debugger, set breakpoints anywhere or anything, it is just as a normal userspace task. 然后你可以在调试器下运行它，在任何地方或任何地方设置断点，它就像一个普通的用户空间任务。

http://www.amazon.com/Professional-Linux-Kernel-Architecture-Programmer/dp/0470343435/ref=sr_1_1?ie=UTF8&qid=1358373427&sr=8-1&keywords=professional+linux+kernel+architecture http://www.amazon.com/Professional-Linux-Kernel-Architecture-Programmer/dp/0470343435/ref=sr_1_1?ie=UTF8&qid=1358373427&sr=8-1&keywords=professional+linux+kernel+architecture

I recommend this book over any other. 我推荐这本书超过任何其他。 This will explain pretty much how everything works and is still quite accurate. 这将解释一切如何运作并且仍然非常准确。

The concepts are really what's important and this book will point you to the key functions inside the kernel so that you can get the details yourself. 这些概念确实非常重要，本书将指出内核中的关键功能，以便您自己获取详细信息。 Simple things to read are some system calls, or just open up some core files and read through the functions and try and figure out what they do or just manually trace stuff. 简单的事情是一些系统调用，或者只是打开一些核心文件并读取函数并尝试弄清楚它们做了什么或者只是手动跟踪内容。

If you want to single step a kernel you can use a virtualization software like QEMU and load up the kernel inside under debugging mode (QEMU has remote GDB support) and you can load the symbol table for the kernel kernel.syms (IIRC) into GDB and you can see exactly what is executing. 如果你想单步执行内核，可以使用像QEMU这样的虚拟化软件，并在调试模式下加载内核（QEMU具有远程GDB支持），你可以将内核kernel.syms （IIRC）的符号表加载到GDB中你可以确切地看到正在执行的内容。 This can be very slow though for the kernel running inside and is really only useful for debugging a development kernel but if you're willing to accept the slowdown then go for it. 对于内部运行的内核来说，这可能非常慢，并且实际上只对调试开发内核有用，但如果您愿意接受减速，那么就去做吧。

As mentioned the best is to read the source, at least that's how I learned. 如上所述，最好的是阅读来源，至少我学到了这些。 Find the key functions for whatever functionality you want to see and it's not hard to step through the code and just see what happens (use something like TAGS or CSCOPE to make this easier). 找到您想要查看的任何功能的关键功能，并且不难单步执行代码并查看会发生什么（使用TAGS或CSCOPE之类的东西来简化这一过程）。