While analyzing hostapd and trying to find out where to hook in after WPA pairwise key exchange has completed, the need arose to get a gdb running on the target platform (the EPIA MII), so I could break in the function and obtain a backtrace.
To setup the debugging environment:
- Select make menuconfig –> Advanced configuration options (for developers) –> Toolchain options –> Build gdb.
- Select make menuconfig –> Utilities –> gdbserver.
- If your toolchain has already been built, run make toolchain/install to rebuild it including gdb.
- Now before you compile the program to be debugged, also select make menuconfig –> Advanced configuration options (for developers) –> Build options –> Enable debugging, so the program does not get stripped. Build your program.
- Finally the directory structure seems to need a fix. In <openwrtdir>/staging_dir/<targetarch>, there is a lib/ directory, which is empty while it shouldn’t be. Remove the empty directory and replace it with a link to the toolchain’s lib/ directory: rmdir lib; ln -s ../toolchain-<targetarch>_<gccver>/lib lib.
To actually debug the program:
- Start the target under gdbserver control, specifying the TCP port that will be used for remote debugging: gdbserver :7777 <program> <args>.
- Start gdb on the development machine: <openwrtdir>/build_dir/toolchain-<targetarch>_<gccver>/gdb-6.3/gdb.
- In order for gdb to be able to correctly locate the shared libraries used by the target program, you need to specify their path: set solib-absolute-prefix <openwrtdir>/staging_dir/<targetarch>.
- Now instruct gdb where the local copy of the remote executable is: file <openwrtdir>/build_dir/<targetarch>/<path>/<executable>.
- And tell it to connect to the gdbserver stub: target remote <ip>:7777.
- Now use the usual debugger commands (run, continue, break etc.).