SlideShare a Scribd company logo

Debugging 2013- Jesper Brouer

Mediehuset Ingeniøren Live
Mediehuset Ingeniøren Live

The document describes how to debug a kernel crash by recording the full kernel panic text using techniques like configuring a serial console, using the netconsole kernel feature, or manually dumping memory on a virtual machine. It also explains how to use the crash analysis tool to examine the crash dump, including getting a backtrace, disassembling instructions, and viewing the kernel log.

Technology
1 of 28
Download to read offline
How to debug a kernel crash Debugging - for rigtige programmører - en dag fyldt med fejl (Danish Debugging conf 2013) Jesper Dangaard Brouer Senior Kernel Engineer, Red Hat 2013-10-26 1/27 How to debug a kernel crash – and other tricks
Who am I ● Name: Jesper Dangaard Brouer – Linux Kernel Developer at Red Hat – Edu: Computer Science for Uni. Copenhagen ● – Linux user since 1996, professional since 1998 ● – Focus on Network, Dist. sys and OS Sysadm, Kernel Developer, Embedded OpenSource projects, author of – ● Patches accepted into – – 2/27 ADSL-optimizer, CPAN IPTables::libiptc, IPTV-Analyzer Linux kernel, iproute2, iptables, libpcap and Wireshark Organizer of Netfilter Workshop 2013 How to debug a kernel crash – and other tricks
Incomplete kernel panic at console 3/27 How to debug a kernel crash – and other tricks
Important info 4/27 How to debug a kernel crash – and other tricks
Recording full panic text ● Techniques for recording full panic output – Config kernel with serial console – Use netconsole kernel feature/module Netconsole example: ● On server: modprobe netconsole  netconsole=6666@192.168.42.3/eth0,@192.168.42.180/f0:de:f1:9a:0a:dc ● On receiving IP 192.168.42.180, capture UDP packet on port 6666 nc ­4 ­u ­l 6666 | tee ­a netconsole.out01 ● 5/27 Next other techniques for the unprepared How to debug a kernel crash – and other tricks
kdump trick for the unprepared ● Getting full panic output – ● Without serial console or netconsole This was a KVM virtual machine – Manual raw dump of memory Using command line tool “virsh”: # virsh dump rhel6-server02 /tmp/panic01.dump ● 6/27 Next: (1) automate this and (2) how to use the dump How to debug a kernel crash – and other tricks
Automatic kdump prepare ● Prepare boot your kernel – ● with kernel parameter: crashkernel=xxx Simple for e.g. Red Hat kernels: – crashkernel=128M@16M ● ● Means reserve 128MB after first 16MB Advanced New kernels: – crashkernel=384M-2G:64M,2G-:128M ● ● Above 2GB reserve 128MB ● 7/27 Between 384 MB and 2 GB, reserve 64MB Below 384 MB no mem reserved How to debug a kernel crash – and other tricks
Kdump setup for Red Hat ● Detailed instructions on howto setup on RHEL – – Title: “Troubleshooting kernel crashes, system hangs, or system reboots with kdump” – 8/27 Really good step-by-step Link: https://access.redhat.com/site/node/6038 How to debug a kernel crash – and other tricks
Postmortem “crash” tool ● Tool “crash” for reading the dump – kernel-specific debugger ● – Install via package system or download ● – at http://people.redhat.com/anderson/ Also install the kexec-tools package ● – for performing postmortem system analysis https://kernel.org/pub/linux/utils/kernel/kexec/ Needs debug info for kernel ● ● 9/27 Especially the “vmlinux” file yum install kernel-debuginfo How to debug a kernel crash – and other tricks
Invoking “crash” tool ● Starting the crash tool: # crash vmlinux System.map panic01.dump 10/27 How to debug a kernel crash – and other tricks
Crash useful commands ● Useful commands in the crash prompt – – “log” -- gives kernel log – “dis -l (function+offset)” -- disassemble – 11/27 “bt” -- backtrace “ps” -- semi-normal process list How to debug a kernel crash – and other tricks
Info: x86_64 call convention ● When reading x86_64 assembler ● Need to know: – function arguments for an x86_64 arch are passed in the following registers – %rdi, %rsi, %rdx, %rcx, %r8, %r9 ● where %rdi is 1st argument, ● %rsi is 2nd argument.... ● 12/27 more than 6 arguments, remaining ones are pushed onto the stack right to left. How to debug a kernel crash – and other tricks
Crash bt - backtrace crash> bt PID: 0 TASK: ffffffff81c10480 CPU: 0 COMMAND: "swapper/0" #0 [ffff88002b4037c0] die at ffffffff81005c08 #1 [ffff88002b4037f0] do_trap at ffffffff81663deb #2 [ffff88002b403800] __atomic_notifier_call_chain at ffffffff81667162 #3 [ffff88002b403850] do_invalid_op at ffffffff81002ea5 #4 [ffff88002b403890] dev_queue_xmit at ffffffff8155c59a #5 [ffff88002b4038f0] invalid_op at ffffffff8166cc48 [exception RIP: synproxy_parse_options+363] (<-- notice decimal 363 == 0x16b) RIP: ffffffffa010b38b RSP: ffff88002b4039a8 RFLAGS: 00010282 RAX: 00000000fffffff2 RBX: 000000000000000c RCX: 000000000000000c RDX: ffff88002b4039a8 RSI: 0000000000000028 RDI: ffff880029768700 RBP: ffff88002b4039e8 R8: 0000000000000000 R9: 0000000000000000 R10: ffff880029768700 R11: 0000000000000000 R12: ffff88002b403a28 R13: ffff880029be5658 R14: ffff8800260a8630 R15: ffff880029aa6c62 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 #6 [ffff88002b4039a0] synproxy_parse_options at ffffffffa010b32b [nf_synproxy_core] #7 [ffff88002b4039f0] synproxy_tg4 at ffffffffa0110a9e [ipt_SYNPROXY] #8 [ffff88002b403a20] __kmalloc at ffffffff8117c4ae #9 [ffff88002b403a80] ipt_do_table at ffffffffa00a90ee [ip_tables] #10 [ffff88002b403bb0] iptable_filter_hook at ffffffffa00b20d3 [iptable_filter] #11 [ffff88002b403bc0] nf_iterate at ffffffff815894b6 #12 [ffff88002b403c20] nf_hook_slow at ffffffff81589574 #13 [ffff88002b403ca0] ip_local_deliver at ffffffff81592a73 #14 [ffff88002b403cd0] ip_rcv_finish at ffffffff815923c1 #15 [ffff88002b403d00] ip_rcv at ffffffff81592d24 #16 [ffff88002b403d40] __netif_receive_skb_core at ffffffff81559f42 #17 [ffff88002b403db0] __netif_receive_skb at ffffffff8155a0d1 #18 [ffff88002b403dd0] netif_receive_skb at ffffffff8155a2b3 #19 [ffff88002b403e00] virtnet_poll at ffffffffa0027439 [virtio_net] #20 [ffff88002b403ea0] net_rx_action at ffffffff8155a989 #21 [ffff88002b403f00] __do_softirq at ffffffff81059430 #22 [ffff88002b403f70] irq_exit at ffffffff810596e5 #23 [ffff88002b403f80] do_IRQ at ffffffff8166d463 13/27 How to debug a kernel crash – and other tricks
Crash dis - disassemble ● Look at exact crash point assembler instruction: crash> dis -l (synproxy_parse_options+363) dis: line numbers are not available 0xffffffffa010b38b <synproxy_parse_options+363>: ● Very strange assembler instruction “UD2” – UD2 == Undefined Instruction ● – 14/27 ud2 explicitly generate an invalid opcode Thus, an on purpose crash... hmmm How to debug a kernel crash – and other tricks
Crash log – getting full log crash> log [... cut ...] [ 53.644810] ------------[ cut here ]-----------[ 53.645587] kernel BUG at net/netfilter/nf_synproxy_core.c:35! [ 53.645587] invalid opcode: 0000 [#1] SMP [ 53.645587] Modules linked in: xt_conntrack xt_LOG ipt_SYNPROXY nf_synproxy_core xt_CT iptable_raw sunrpc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables binfmt_misc floppy joydev microcode pcspkr virtio_balloon virtio_net i2c_piix4 i2c_core virtio_blk [ 53.645587] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 3.12.0-rc3-synproxy04-bug+ #11 [ 53.645587] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 53.645587] task: ffffffff81c10480 ti: ffffffff81c00000 task.ti: ffffffff81c00000 [ 53.645587] RIP: 0010:[<ffffffffa010b38b>] [<ffffffffa010b38b>] synproxy_parse_options+0x16b/0x180 [nf_synproxy_core] [ 53.645587] RSP: 0018:ffff88002b4039a8 EFLAGS: 00010282 [ 53.645587] RAX: 00000000fffffff2 RBX: 000000000000000c RCX: 000000000000000c [ 53.645587] RDX: ffff88002b4039a8 RSI: 0000000000000028 RDI: ffff880029768700 [ 53.645587] RBP: ffff88002b4039e8 R08: 0000000000000000 R09: 0000000000000000 [ 53.645587] R10: ffff880029768700 R11: 0000000000000000 R12: ffff88002b403a28 [ 53.645587] R13: ffff880029be5658 R14: ffff8800260a8630 R15: ffff880029aa6c62 [ 53.645587] FS: 0000000000000000(0000) GS:ffff88002b400000(0000) knlGS:0000000000000000 [ 53.645587] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b [ 53.645587] CR2: ffffffffff600400 CR3: 0000000028780000 CR4: 00000000000006f0 [ 53.645587] Stack: [ 53.645587] ffff88002b4039d8 ffff8800289d16c0 ffff880029abf4f0 ffff88002b403b48 [ 53.645587] ffff88002b4039d8 5daa3322d0120d19 ffff88002b403b48 ffff880029768700 [ 53.645587] ffff88002b403a78 ffffffffa0110a9e ffff88002b403a18 ffff880029abf4f0 [ 53.645587] Call Trace: [ 53.645587] <IRQ> [ 53.645587] [ 53.645587] [<ffffffffa0110a9e>] synproxy_tg4+0xde/0x2f8 [ipt_SYNPROXY] [ 53.645587] [<ffffffff8117c4ae>] ? __kmalloc+0x2e/0x190 [ 53.645587] [<ffffffffa00a90ee>] ipt_do_table+0x2fe/0x745 [ip_tables] [ 53.645587] [<ffffffff813ace70>] ? virtqueue_kick+0x20/0x30 [ 53.645587] [<ffffffffa00b20d3>] iptable_filter_hook+0x33/0x64 [iptable_filter] [ 53.645587] [<ffffffff815894b6>] nf_iterate+0x86/0xd0 [ 53.645587] [<ffffffff81592680>] ? ip_rcv_finish+0x340/0x340 [ 53.645587] [<ffffffff81589574>] nf_hook_slow+0x74/0x130 [ 53.645587] [<ffffffff81592680>] ? ip_rcv_finish+0x340/0x340 [ 53.645587] [<ffffffff81592a73>] ip_local_deliver+0x73/0x80 [ 53.645587] [<ffffffff815923c1>] ip_rcv_finish+0x81/0x340 [ 53.645587] [<ffffffff81592d24>] ip_rcv+0x2a4/0x3e0 [ 53.645587] [<ffffffff81559f42>] __netif_receive_skb_core+0x672/0x7e0 [ 53.645587] [<ffffffff8155a0d1>] __netif_receive_skb+0x21/0x70 [ 53.645587] [<ffffffff8155a2b3>] netif_receive_skb+0x23/0x90 [ 53.645587] [<ffffffffa0027439>] virtnet_poll+0x4e9/0x760 [virtio_net] [ 53.645587] [<ffffffff8155a989>] net_rx_action+0x139/0x220 [... cut ...] [ 53.645587] Code: c0 08 66 41 89 44 24 02 eb aa 66 0f 1f 44 00 00 83 fa 03 75 9f 0f b6 46 02 3c 0e 41 0f 47 c0 41 80 0c 24 02 41 88 44 24 01 eb 89 <0f> 0b e8 ae 93 f4 e0 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 [ 53.645587] RIP [<ffffffffa010b38b>] synproxy_parse_options+0x16b/0x180 [nf_synproxy_core] [ 53.645587] RSP <ffff88002b4039a8> [ 53.645587] ---[ end trace f6ddc710ff8b9002 ]--[ 53.645587] Kernel panic - not syncing: Fatal exception in interrupt 15/27 How to debug a kernel crash – and other tricks
Extra "ps" and "files" crash tricks crash> ps PID PPID [...cut...] 1512 1295 1515 1512 1563 1515 CPU TASK ST %MEM VSZ RSS COMM 0 0 0 ffff88002992c5f0 ffff88002992aea0 ffff880027a1c5f0 IN IN IN 0.5 0.3 0.1 100044 108344 105492 3892 1796 848 sshd bash less crash> files 1563 PID: 1563 TASK: ffff880027a1c5f0 CPU: 0 COMMAND: "less" ROOT: / CWD: /root FD FILE DENTRY INODE TYPE PATH 0 ffff8800297cef00 ffff880028d64240 ffff8800290e2fc0 CHR /dev/pts/0 1 ffff8800297cef00 ffff880028d64240 ffff8800290e2fc0 CHR /dev/pts/0 2 ffff8800297cef00 ffff880028d64240 ffff8800290e2fc0 CHR /dev/pts/0 3 ffff880029471100 ffff880029f813c0 ffff88002b28fce0 CHR /tty 4 ffff880029768800 ffff880028d44000 ffff880028d76480 REG /root/iptables_synproxy.sh crash> set 1563 PID: 1563 COMMAND: "less" TASK: ffff880027a1c5f0 [THREAD_INFO: ffff880028286000] CPU: 0 STATE: TASK_INTERRUPTIBLE 16/27 How to debug a kernel crash – and other tricks
Code pointer – too easy ● The full log, gave exact C-code line: kernel BUG at net/netfilter/nf_synproxy_core.c:35! – “BUG” indicate explicit code assertion ● 17/27 BUG_ON() or BUG() How to debug a kernel crash – and other tricks
Show me the code 18/27 How to debug a kernel crash – and other tricks
Using objdump ● Too easy – – ● Cannot be that lucky every time Lets do it the hard way: Manual objdump Use options: objdump -S -Mintel – ● Disassemble and use Intel (readable) asm Draw flow arrow for jumps and calls – With tool asm_jmps.py by Daniel Fairchild ● 19/27 http://dikutal.dk/blog/fairchild How to debug a kernel crash – and other tricks
Annoying compiler optimizations ● BUG at synproxy_parse_options+0x16b -> 0x220+0x16b = 0x38b – 20/27 Bash shell cmd: printf '0x%xn' $((0x220+0x16b)) How to debug a kernel crash – and other tricks
C-code inlined with asm 21/27 How to debug a kernel crash – and other tricks
Panic finished ● Next: Some instrumentation hints – – Probing a running kernel – SystemTap – 22/27 Dynamic printk Benchmarking tool: “perf” How to debug a kernel crash – and other tricks
Panic finished ● Next: Some instrumentation hints – – Probing a running kernel – SystemTap – 23/27 Dynamic printk Benchmarking tool: “perf” How to debug a kernel crash – and other tricks
Dynamic printk debugging ● “Real programers use printk” – ● But want: 1) Dynamic enable/disable, 2) No overhead when disabled Kernel dynamic debug (dyndbg) feature – – Use pr_debug() – ● Select CONFIG_DYNAMIC_DEBUG jump_label feature, dynamic code patching Enable example: # mount -t debugfs none /sys/kernel/debug/ # echo "func __detect_linklayer +p" > /sys/kernel/debug/dynamic_debug/control 24/27 How to debug a kernel crash – and other tricks
Probe running kernel ● A number of solutions exists for – Probing the running kernel ● (this is out of scope of this talk) ● Just some link: ● SystemTap http://www.linuxforu.com/2010/09/systemtap-tutorial-part-1/ ● Ftrace http://www.linuxforu.com/2010/11/kernel-tracing-with-ftrace-part-1/ ● Kprobe and Jprobe http://www.linuxforu.com/2011/04/kernel-debugging-using-kprobe-and-jprobe 25/27 How to debug a kernel crash – and other tricks
SystemTap example ● Debugging kernel commit – ● commit 50d1784ee (net: fix multiqueue selection) Example how to start # stap -v -g sk-txq.stp %{ #include <net/sock.h> %} function queue_mapping:long(sk_ptr:long) %{ struct sock *sk = (struct sock*) STAP_ARG_sk_ptr; STAP_RETVALUE = __sk_tx_queue_mapping(sk); %} probe kernel.function("__netdev_pick_tx").return { if ($skb->sk) printf("tx queue index: %dn", queue_mapping($skb->sk)); } 26/27 How to debug a kernel crash – and other tricks
Performance benchmarking ● Performance analyzing tool: “perf” – – Tracepoints – ● Supports hardware perf counters Dynamic probes (e.g. kprobes or uprobes) Both kernel and userspace profiling – Try it! -- run: “perf top” ● ● 27/27 perf record -g -a perf report How to debug a kernel crash – and other tricks
The End ● If unlikely(time for questions) – 28/27 Questions? How to debug a kernel crash – and other tricks

Recommended

Proxy arp
Proxy arpProxy arp
Proxy arp
Marian Marinov
 
HKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with CoresightHKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with Coresight
Linaro
 
True stories on the analysis of network activity using Python
True stories on the analysis of network activity using PythonTrue stories on the analysis of network activity using Python
True stories on the analysis of network activity using Python
delimitry
 
한컴MDS_TRACE32 Debug Environment
한컴MDS_TRACE32 Debug Environment한컴MDS_TRACE32 Debug Environment
한컴MDS_TRACE32 Debug Environment
HANCOM MDS
 
2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting
Shawn Wells
 
Dx diag
Dx diagDx diag
Dx diagDuvan Pinzón
 
Evaluation of OpenFlow in RB750GL
Evaluation of OpenFlow in RB750GLEvaluation of OpenFlow in RB750GL
Evaluation of OpenFlow in RB750GL
Toshiki Tsuboi
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesters
camsec
 

Recommended

Proxy arp
Proxy arpProxy arp
Proxy arp
Marian Marinov
 
HKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with CoresightHKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with Coresight
Linaro
 
True stories on the analysis of network activity using Python
True stories on the analysis of network activity using PythonTrue stories on the analysis of network activity using Python
True stories on the analysis of network activity using Python
delimitry
 
한컴MDS_TRACE32 Debug Environment
한컴MDS_TRACE32 Debug Environment한컴MDS_TRACE32 Debug Environment
한컴MDS_TRACE32 Debug Environment
HANCOM MDS
 
2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting2009-03-13 Atlanda System z Council Meeting
2009-03-13 Atlanda System z Council Meeting
Shawn Wells
 
Dx diag
Dx diagDx diag
Dx diagDuvan Pinzón
 
Evaluation of OpenFlow in RB750GL
Evaluation of OpenFlow in RB750GLEvaluation of OpenFlow in RB750GL
Evaluation of OpenFlow in RB750GL
Toshiki Tsuboi
 
IPv6 for Pentesters
IPv6 for PentestersIPv6 for Pentesters
IPv6 for Pentesters
camsec
 
Analisis_avanzado_vmware
Analisis_avanzado_vmwareAnalisis_avanzado_vmware
Analisis_avanzado_vmware
virtualizacionTV
 
Advanced Root Cause Analysis
Advanced Root Cause AnalysisAdvanced Root Cause Analysis
Advanced Root Cause Analysis
Eric Sloof
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pubCassio Ramos
 
Fosscon 2012 firewall workshop
Fosscon 2012 firewall workshopFosscon 2012 firewall workshop
Fosscon 2012 firewall workshopjvehent
 
2 netcat enum-pub
2 netcat enum-pub2 netcat enum-pub
2 netcat enum-pubCassio Ramos
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel Awareness
Linaro
 
Understanding iptables
Understanding iptablesUnderstanding iptables
Understanding iptables
Denys Haryachyy
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
NETWAYS
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Linaro
 
Hardware-Assisted Rootkits & Instrumentation
Hardware-Assisted Rootkits & InstrumentationHardware-Assisted Rootkits & Instrumentation
Hardware-Assisted Rootkits & Instrumentation
EndgameInc
 
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner FischerOSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
NETWAYS
 
移植FreeRTOS 之嵌入式軟體研究與開發
移植FreeRTOS 之嵌入式軟體研究與開發移植FreeRTOS 之嵌入式軟體研究與開發
移植FreeRTOS 之嵌入式軟體研究與開發
艾鍗科技
 
Packet Filtering Using Iptables
Packet Filtering Using IptablesPacket Filtering Using Iptables
Packet Filtering Using IptablesAhmed Mekkawy
 
Embedded TCP/IP stack for FreeRTOS
Embedded TCP/IP stack for FreeRTOSEmbedded TCP/IP stack for FreeRTOS
Embedded TCP/IP stack for FreeRTOS
艾鍗科技
 
Stu t17 a
Stu t17 aStu t17 a
Stu t17 aSelectedPresentations
 
Global counters (ssh log)
Global counters (ssh log)Global counters (ssh log)
Global counters (ssh log)David Derrej
 
建構嵌入式Linux系統於SD Card
建構嵌入式Linux系統於SD Card建構嵌入式Linux系統於SD Card
建構嵌入式Linux系統於SD Card
艾鍗科技
 
Lab telematicos
Lab telematicosLab telematicos
Lab telematicosLeón Velarde
 
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Ehsan Izadi
 
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Mediehuset Ingeniøren Live
 
Insight live om IT-sikkerhed - Thomas Lund-Sørensen
Insight live om IT-sikkerhed - Thomas Lund-SørensenInsight live om IT-sikkerhed - Thomas Lund-Sørensen
Insight live om IT-sikkerhed - Thomas Lund-Sørensen
Mediehuset Ingeniøren Live
 
Dit CV din fremtid
Dit CV din fremtidDit CV din fremtid
Dit CV din fremtid
Mediehuset Ingeniøren Live
 

More Related Content

What's hot

Analisis_avanzado_vmware
Analisis_avanzado_vmwareAnalisis_avanzado_vmware
Analisis_avanzado_vmware
virtualizacionTV
 
Advanced Root Cause Analysis
Advanced Root Cause AnalysisAdvanced Root Cause Analysis
Advanced Root Cause Analysis
Eric Sloof
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pubCassio Ramos
 
Fosscon 2012 firewall workshop
Fosscon 2012 firewall workshopFosscon 2012 firewall workshop
Fosscon 2012 firewall workshopjvehent
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel Awareness
Linaro
 
Understanding iptables
Understanding iptablesUnderstanding iptables
Understanding iptables
Denys Haryachyy
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
NETWAYS
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Linaro
 
Hardware-Assisted Rootkits & Instrumentation
Hardware-Assisted Rootkits & InstrumentationHardware-Assisted Rootkits & Instrumentation
Hardware-Assisted Rootkits & Instrumentation
EndgameInc
 
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner FischerOSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
NETWAYS
 
移植FreeRTOS 之嵌入式軟體研究與開發
移植FreeRTOS 之嵌入式軟體研究與開發移植FreeRTOS 之嵌入式軟體研究與開發
移植FreeRTOS 之嵌入式軟體研究與開發
艾鍗科技
 
Packet Filtering Using Iptables
Packet Filtering Using IptablesPacket Filtering Using Iptables
Packet Filtering Using IptablesAhmed Mekkawy
 
Embedded TCP/IP stack for FreeRTOS
Embedded TCP/IP stack for FreeRTOSEmbedded TCP/IP stack for FreeRTOS
Embedded TCP/IP stack for FreeRTOS
艾鍗科技
 
Global counters (ssh log)
Global counters (ssh log)Global counters (ssh log)
Global counters (ssh log)David Derrej
 
建構嵌入式Linux系統於SD Card
建構嵌入式Linux系統於SD Card建構嵌入式Linux系統於SD Card
建構嵌入式Linux系統於SD Card
艾鍗科技
 
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Ehsan Izadi
 

What's hot (19)

Analisis_avanzado_vmware
Analisis_avanzado_vmwareAnalisis_avanzado_vmware
Analisis_avanzado_vmware
 
Advanced Root Cause Analysis
Advanced Root Cause AnalysisAdvanced Root Cause Analysis
Advanced Root Cause Analysis
 
3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub3 scanning-ger paoctes-pub
3 scanning-ger paoctes-pub
 
Fosscon 2012 firewall workshop
Fosscon 2012 firewall workshopFosscon 2012 firewall workshop
Fosscon 2012 firewall workshop
 
2 netcat enum-pub
2 netcat enum-pub2 netcat enum-pub
2 netcat enum-pub
 
LAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel AwarenessLAS16-403: GDB Linux Kernel Awareness
LAS16-403: GDB Linux Kernel Awareness
 
Understanding iptables
Understanding iptablesUnderstanding iptables
Understanding iptables
 
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoringOSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
OSDC 2017 - Werner Fischer - Linux performance profiling and monitoring
 
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
Reliability, Availability, and Serviceability (RAS) on ARM64 status - SFO17-203
 
Hardware-Assisted Rootkits & Instrumentation
Hardware-Assisted Rootkits & InstrumentationHardware-Assisted Rootkits & Instrumentation
Hardware-Assisted Rootkits & Instrumentation
 
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner FischerOSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
OSMC 2015: Linux Performance Profiling and Monitoring by Werner Fischer
 
移植FreeRTOS 之嵌入式軟體研究與開發
移植FreeRTOS 之嵌入式軟體研究與開發移植FreeRTOS 之嵌入式軟體研究與開發
移植FreeRTOS 之嵌入式軟體研究與開發
 
Packet Filtering Using Iptables
Packet Filtering Using IptablesPacket Filtering Using Iptables
Packet Filtering Using Iptables
 
Embedded TCP/IP stack for FreeRTOS
Embedded TCP/IP stack for FreeRTOSEmbedded TCP/IP stack for FreeRTOS
Embedded TCP/IP stack for FreeRTOS
 
Stu t17 a
Stu t17 aStu t17 a
Stu t17 a
 
Global counters (ssh log)
Global counters (ssh log)Global counters (ssh log)
Global counters (ssh log)
 
建構嵌入式Linux系統於SD Card
建構嵌入式Linux系統於SD Card建構嵌入式Linux系統於SD Card
建構嵌入式Linux系統於SD Card
 
Lab telematicos
Lab telematicosLab telematicos
Lab telematicos
 
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
Design and build a wireless transceiver using nrf24l01p single chip 2.4g hz
 

Viewers also liked

Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Mediehuset Ingeniøren Live
 
Insight live om IT-sikkerhed - Thomas Lund-Sørensen
Insight live om IT-sikkerhed - Thomas Lund-SørensenInsight live om IT-sikkerhed - Thomas Lund-Sørensen
Insight live om IT-sikkerhed - Thomas Lund-Sørensen
Mediehuset Ingeniøren Live
 
Dit CV din fremtid
Dit CV din fremtidDit CV din fremtid
Dit CV din fremtid
Mediehuset Ingeniøren Live
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGee
Mediehuset Ingeniøren Live
 
Den agile Prince – konflikt eller gevinst? - Jonas Högstrand, Metier
Den agile Prince – konflikt eller gevinst? - Jonas Högstrand, MetierDen agile Prince – konflikt eller gevinst? - Jonas Högstrand, Metier
Den agile Prince – konflikt eller gevinst? - Jonas Högstrand, Metier
Mediehuset Ingeniøren Live
 
Workpoint: Kundetilpassede SharePoint-løsninger
Workpoint: Kundetilpassede SharePoint-løsningerWorkpoint: Kundetilpassede SharePoint-løsninger
Workpoint: Kundetilpassede SharePoint-løsninger
Mediehuset Ingeniøren Live
 
Sådan skaber projektledelse værdi, Dansk Projektledelse, Morten Fangel
Sådan skaber projektledelse værdi, Dansk Projektledelse, Morten FangelSådan skaber projektledelse værdi, Dansk Projektledelse, Morten Fangel
Sådan skaber projektledelse værdi, Dansk Projektledelse, Morten Fangel
Mediehuset Ingeniøren Live
 
Digital project management - Magnus Holmlid, Visuell Planering
Digital project management - Magnus Holmlid, Visuell PlaneringDigital project management - Magnus Holmlid, Visuell Planering
Digital project management - Magnus Holmlid, Visuell Planering
Mediehuset Ingeniøren Live
 
PMO, processer og Antura Projects i harmoni!, Christina Sejr Pedersen
PMO, processer og Antura Projects i harmoni!, Christina Sejr PedersenPMO, processer og Antura Projects i harmoni!, Christina Sejr Pedersen
PMO, processer og Antura Projects i harmoni!, Christina Sejr Pedersen
Mediehuset Ingeniøren Live
 
Debugging 2013- Michael Rasmussen
Debugging 2013- Michael RasmussenDebugging 2013- Michael Rasmussen
Debugging 2013- Michael Rasmussen
Mediehuset Ingeniøren Live
 
Debugging 2013- Sune Vuorela
Debugging 2013- Sune VuorelaDebugging 2013- Sune Vuorela
Debugging 2013- Sune Vuorela
Mediehuset Ingeniøren Live
 
Dansk projektledelse: IPMA certificering af projektledere
Dansk projektledelse: IPMA certificering af projektledereDansk projektledelse: IPMA certificering af projektledere
Dansk projektledelse: IPMA certificering af projektledere
Mediehuset Ingeniøren Live
 
Modarbejdere eller medarbejdere? - Annette Franck, Teknologisk Institut
Modarbejdere eller medarbejdere? - Annette Franck, Teknologisk InstitutModarbejdere eller medarbejdere? - Annette Franck, Teknologisk Institut
Modarbejdere eller medarbejdere? - Annette Franck, Teknologisk Institut
Mediehuset Ingeniøren Live
 
Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...
Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...
Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...
Mediehuset Ingeniøren Live
 
Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014
Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014
Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014Mediehuset Ingeniøren Live
 
Agenda rum 204 2014
Agenda rum 204 2014Agenda rum 204 2014
Agenda rum 204 2014
Mediehuset Ingeniøren Live
 

Viewers also liked (18)

Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
Syddansk Universitet:Master i projektledelse er en 2-årig forskningsbaseret e...
 
Insight live om IT-sikkerhed - Thomas Lund-Sørensen
Insight live om IT-sikkerhed - Thomas Lund-SørensenInsight live om IT-sikkerhed - Thomas Lund-Sørensen
Insight live om IT-sikkerhed - Thomas Lund-Sørensen
 
Dit CV din fremtid
Dit CV din fremtidDit CV din fremtid
Dit CV din fremtid
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGee
 
Den agile Prince – konflikt eller gevinst? - Jonas Högstrand, Metier
Den agile Prince – konflikt eller gevinst? - Jonas Högstrand, MetierDen agile Prince – konflikt eller gevinst? - Jonas Högstrand, Metier
Den agile Prince – konflikt eller gevinst? - Jonas Högstrand, Metier
 
Workpoint: Kundetilpassede SharePoint-løsninger
Workpoint: Kundetilpassede SharePoint-løsningerWorkpoint: Kundetilpassede SharePoint-løsninger
Workpoint: Kundetilpassede SharePoint-løsninger
 
Sådan skaber projektledelse værdi, Dansk Projektledelse, Morten Fangel
Sådan skaber projektledelse værdi, Dansk Projektledelse, Morten FangelSådan skaber projektledelse værdi, Dansk Projektledelse, Morten Fangel
Sådan skaber projektledelse værdi, Dansk Projektledelse, Morten Fangel
 
Digital project management - Magnus Holmlid, Visuell Planering
Digital project management - Magnus Holmlid, Visuell PlaneringDigital project management - Magnus Holmlid, Visuell Planering
Digital project management - Magnus Holmlid, Visuell Planering
 
PMO, processer og Antura Projects i harmoni!, Christina Sejr Pedersen
PMO, processer og Antura Projects i harmoni!, Christina Sejr PedersenPMO, processer og Antura Projects i harmoni!, Christina Sejr Pedersen
PMO, processer og Antura Projects i harmoni!, Christina Sejr Pedersen
 
Debugging 2013- Michael Rasmussen
Debugging 2013- Michael RasmussenDebugging 2013- Michael Rasmussen
Debugging 2013- Michael Rasmussen
 
Thomas Hansen - information management
Thomas Hansen - information management Thomas Hansen - information management
Thomas Hansen - information management
 
Debugging 2013- Sune Vuorela
Debugging 2013- Sune VuorelaDebugging 2013- Sune Vuorela
Debugging 2013- Sune Vuorela
 
Dansk projektledelse: IPMA certificering af projektledere
Dansk projektledelse: IPMA certificering af projektledereDansk projektledelse: IPMA certificering af projektledere
Dansk projektledelse: IPMA certificering af projektledere
 
Pitch slides datacenter 2014 færdige
Pitch slides datacenter 2014 færdigePitch slides datacenter 2014 færdige
Pitch slides datacenter 2014 færdige
 
Modarbejdere eller medarbejdere? - Annette Franck, Teknologisk Institut
Modarbejdere eller medarbejdere? - Annette Franck, Teknologisk InstitutModarbejdere eller medarbejdere? - Annette Franck, Teknologisk Institut
Modarbejdere eller medarbejdere? - Annette Franck, Teknologisk Institut
 
Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...
Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...
Ulla Plüger Michelsen - Rekuttering og branding forankret i virksomhedens kul...
 
Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014
Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014
Mikkel Munk Quist Andersen: Gennemgang af Ingeniørens profilanalyse 2014
 
Agenda rum 204 2014
Agenda rum 204 2014Agenda rum 204 2014
Agenda rum 204 2014
 

Similar to Debugging 2013- Jesper Brouer

Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering Oopsies
Anne Nicolas
 
Linux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPFLinux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPF
Brendan Gregg
 
Basic Linux kernel
Basic Linux kernelBasic Linux kernel
Basic Linux kernel
Morteza Nourelahi Alamdari
 
Crash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenCrash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenLex Yu
 
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFOSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
Brendan Gregg
 
Scale17x buffer overflows
Scale17x buffer overflowsScale17x buffer overflows
Scale17x buffer overflows
johseg
 
Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
Samy Bahra
 
test
testtest
test
WentingLiu4
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems Performance
Brendan Gregg
 
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet Factory
Nullbyte Security Conference
 
BPF: Tracing and more
BPF: Tracing and moreBPF: Tracing and more
BPF: Tracing and more
Brendan Gregg
 
Systems@Scale 2021 BPF Performance Getting Started
Systems@Scale 2021 BPF Performance Getting StartedSystems@Scale 2021 BPF Performance Getting Started
Systems@Scale 2021 BPF Performance Getting Started
Brendan Gregg
 
Reverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemReverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande Modem
Cyber Security Alliance
 
ARM 64bit has come!
ARM 64bit has come!ARM 64bit has come!
ARM 64bit has come!
Tetsuyuki Kobayashi
 
Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1
Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1
Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1Jagadisha Maiya
 
Troubleshooting Linux Kernel Modules And Device Drivers
Troubleshooting Linux Kernel Modules And Device DriversTroubleshooting Linux Kernel Modules And Device Drivers
Troubleshooting Linux Kernel Modules And Device Drivers
Satpal Parmar
 
linux-memory-explained.pdf
linux-memory-explained.pdflinux-memory-explained.pdf
linux-memory-explained.pdf
TricantinoLopezPerez
 
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Akihiro Hayashi
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
Brendan Gregg
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
Anne Nicolas
 

Similar to Debugging 2013- Jesper Brouer (20)

Kernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering OopsiesKernel Recipes 2013 - Deciphering Oopsies
Kernel Recipes 2013 - Deciphering Oopsies
 
Linux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPFLinux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPF
 
Basic Linux kernel
Basic Linux kernelBasic Linux kernel
Basic Linux kernel
 
Crash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_TizenCrash_Report_Mechanism_In_Tizen
Crash_Report_Mechanism_In_Tizen
 
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFOSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
 
Scale17x buffer overflows
Scale17x buffer overflowsScale17x buffer overflows
Scale17x buffer overflows
 
Symbolic Debugging with DWARF
Symbolic Debugging with DWARFSymbolic Debugging with DWARF
Symbolic Debugging with DWARF
 
test
testtest
test
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems Performance
 
C&C Botnet Factory
C&C Botnet FactoryC&C Botnet Factory
C&C Botnet Factory
 
BPF: Tracing and more
BPF: Tracing and moreBPF: Tracing and more
BPF: Tracing and more
 
Systems@Scale 2021 BPF Performance Getting Started
Systems@Scale 2021 BPF Performance Getting StartedSystems@Scale 2021 BPF Performance Getting Started
Systems@Scale 2021 BPF Performance Getting Started
 
Reverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande ModemReverse engineering Swisscom's Centro Grande Modem
Reverse engineering Swisscom's Centro Grande Modem
 
ARM 64bit has come!
ARM 64bit has come!ARM 64bit has come!
ARM 64bit has come!
 
Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1
Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1
Troubleshooting linux-kernel-modules-and-device-drivers-1233050713693744-1
 
Troubleshooting Linux Kernel Modules And Device Drivers
Troubleshooting Linux Kernel Modules And Device DriversTroubleshooting Linux Kernel Modules And Device Drivers
Troubleshooting Linux Kernel Modules And Device Drivers
 
linux-memory-explained.pdf
linux-memory-explained.pdflinux-memory-explained.pdf
linux-memory-explained.pdf
 
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
Exploring Compiler Optimization Opportunities for the OpenMP 4.x Accelerator...
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
 

Recently uploaded

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
KAMESHS29
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Neo4j
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 

Recently uploaded (20)

Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
RESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for studentsRESUME BUILDER APPLICATION Project for students
RESUME BUILDER APPLICATION Project for students
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 

Debugging 2013- Jesper Brouer

  • 1. How to debug a kernel crash Debugging - for rigtige programmører - en dag fyldt med fejl (Danish Debugging conf 2013) Jesper Dangaard Brouer Senior Kernel Engineer, Red Hat 2013-10-26 1/27 How to debug a kernel crash – and other tricks
  • 2. Who am I ● Name: Jesper Dangaard Brouer – Linux Kernel Developer at Red Hat – Edu: Computer Science for Uni. Copenhagen ● – Linux user since 1996, professional since 1998 ● – Focus on Network, Dist. sys and OS Sysadm, Kernel Developer, Embedded OpenSource projects, author of – ● Patches accepted into – – 2/27 ADSL-optimizer, CPAN IPTables::libiptc, IPTV-Analyzer Linux kernel, iproute2, iptables, libpcap and Wireshark Organizer of Netfilter Workshop 2013 How to debug a kernel crash – and other tricks
  • 3. Incomplete kernel panic at console 3/27 How to debug a kernel crash – and other tricks
  • 4. Important info 4/27 How to debug a kernel crash – and other tricks
  • 5. Recording full panic text ● Techniques for recording full panic output – Config kernel with serial console – Use netconsole kernel feature/module Netconsole example: ● On server: modprobe netconsole  netconsole=6666@192.168.42.3/eth0,@192.168.42.180/f0:de:f1:9a:0a:dc ● On receiving IP 192.168.42.180, capture UDP packet on port 6666 nc ­4 ­u ­l 6666 | tee ­a netconsole.out01 ● 5/27 Next other techniques for the unprepared How to debug a kernel crash – and other tricks
  • 6. kdump trick for the unprepared ● Getting full panic output – ● Without serial console or netconsole This was a KVM virtual machine – Manual raw dump of memory Using command line tool “virsh”: # virsh dump rhel6-server02 /tmp/panic01.dump ● 6/27 Next: (1) automate this and (2) how to use the dump How to debug a kernel crash – and other tricks
  • 7. Automatic kdump prepare ● Prepare boot your kernel – ● with kernel parameter: crashkernel=xxx Simple for e.g. Red Hat kernels: – crashkernel=128M@16M ● ● Means reserve 128MB after first 16MB Advanced New kernels: – crashkernel=384M-2G:64M,2G-:128M ● ● Above 2GB reserve 128MB ● 7/27 Between 384 MB and 2 GB, reserve 64MB Below 384 MB no mem reserved How to debug a kernel crash – and other tricks
  • 8. Kdump setup for Red Hat ● Detailed instructions on howto setup on RHEL – – Title: “Troubleshooting kernel crashes, system hangs, or system reboots with kdump” – 8/27 Really good step-by-step Link: https://access.redhat.com/site/node/6038 How to debug a kernel crash – and other tricks
  • 9. Postmortem “crash” tool ● Tool “crash” for reading the dump – kernel-specific debugger ● – Install via package system or download ● – at http://people.redhat.com/anderson/ Also install the kexec-tools package ● – for performing postmortem system analysis https://kernel.org/pub/linux/utils/kernel/kexec/ Needs debug info for kernel ● ● 9/27 Especially the “vmlinux” file yum install kernel-debuginfo How to debug a kernel crash – and other tricks
  • 10. Invoking “crash” tool ● Starting the crash tool: # crash vmlinux System.map panic01.dump 10/27 How to debug a kernel crash – and other tricks
  • 11. Crash useful commands ● Useful commands in the crash prompt – – “log” -- gives kernel log – “dis -l (function+offset)” -- disassemble – 11/27 “bt” -- backtrace “ps” -- semi-normal process list How to debug a kernel crash – and other tricks
  • 12. Info: x86_64 call convention ● When reading x86_64 assembler ● Need to know: – function arguments for an x86_64 arch are passed in the following registers – %rdi, %rsi, %rdx, %rcx, %r8, %r9 ● where %rdi is 1st argument, ● %rsi is 2nd argument.... ● 12/27 more than 6 arguments, remaining ones are pushed onto the stack right to left. How to debug a kernel crash – and other tricks
  • 13. Crash bt - backtrace crash> bt PID: 0 TASK: ffffffff81c10480 CPU: 0 COMMAND: "swapper/0" #0 [ffff88002b4037c0] die at ffffffff81005c08 #1 [ffff88002b4037f0] do_trap at ffffffff81663deb #2 [ffff88002b403800] __atomic_notifier_call_chain at ffffffff81667162 #3 [ffff88002b403850] do_invalid_op at ffffffff81002ea5 #4 [ffff88002b403890] dev_queue_xmit at ffffffff8155c59a #5 [ffff88002b4038f0] invalid_op at ffffffff8166cc48 [exception RIP: synproxy_parse_options+363] (<-- notice decimal 363 == 0x16b) RIP: ffffffffa010b38b RSP: ffff88002b4039a8 RFLAGS: 00010282 RAX: 00000000fffffff2 RBX: 000000000000000c RCX: 000000000000000c RDX: ffff88002b4039a8 RSI: 0000000000000028 RDI: ffff880029768700 RBP: ffff88002b4039e8 R8: 0000000000000000 R9: 0000000000000000 R10: ffff880029768700 R11: 0000000000000000 R12: ffff88002b403a28 R13: ffff880029be5658 R14: ffff8800260a8630 R15: ffff880029aa6c62 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 #6 [ffff88002b4039a0] synproxy_parse_options at ffffffffa010b32b [nf_synproxy_core] #7 [ffff88002b4039f0] synproxy_tg4 at ffffffffa0110a9e [ipt_SYNPROXY] #8 [ffff88002b403a20] __kmalloc at ffffffff8117c4ae #9 [ffff88002b403a80] ipt_do_table at ffffffffa00a90ee [ip_tables] #10 [ffff88002b403bb0] iptable_filter_hook at ffffffffa00b20d3 [iptable_filter] #11 [ffff88002b403bc0] nf_iterate at ffffffff815894b6 #12 [ffff88002b403c20] nf_hook_slow at ffffffff81589574 #13 [ffff88002b403ca0] ip_local_deliver at ffffffff81592a73 #14 [ffff88002b403cd0] ip_rcv_finish at ffffffff815923c1 #15 [ffff88002b403d00] ip_rcv at ffffffff81592d24 #16 [ffff88002b403d40] __netif_receive_skb_core at ffffffff81559f42 #17 [ffff88002b403db0] __netif_receive_skb at ffffffff8155a0d1 #18 [ffff88002b403dd0] netif_receive_skb at ffffffff8155a2b3 #19 [ffff88002b403e00] virtnet_poll at ffffffffa0027439 [virtio_net] #20 [ffff88002b403ea0] net_rx_action at ffffffff8155a989 #21 [ffff88002b403f00] __do_softirq at ffffffff81059430 #22 [ffff88002b403f70] irq_exit at ffffffff810596e5 #23 [ffff88002b403f80] do_IRQ at ffffffff8166d463 13/27 How to debug a kernel crash – and other tricks
  • 14. Crash dis - disassemble ● Look at exact crash point assembler instruction: crash> dis -l (synproxy_parse_options+363) dis: line numbers are not available 0xffffffffa010b38b <synproxy_parse_options+363>: ● Very strange assembler instruction “UD2” – UD2 == Undefined Instruction ● – 14/27 ud2 explicitly generate an invalid opcode Thus, an on purpose crash... hmmm How to debug a kernel crash – and other tricks
  • 15. Crash log – getting full log crash> log [... cut ...] [ 53.644810] ------------[ cut here ]-----------[ 53.645587] kernel BUG at net/netfilter/nf_synproxy_core.c:35! [ 53.645587] invalid opcode: 0000 [#1] SMP [ 53.645587] Modules linked in: xt_conntrack xt_LOG ipt_SYNPROXY nf_synproxy_core xt_CT iptable_raw sunrpc ipt_REJECT nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables binfmt_misc floppy joydev microcode pcspkr virtio_balloon virtio_net i2c_piix4 i2c_core virtio_blk [ 53.645587] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 3.12.0-rc3-synproxy04-bug+ #11 [ 53.645587] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 53.645587] task: ffffffff81c10480 ti: ffffffff81c00000 task.ti: ffffffff81c00000 [ 53.645587] RIP: 0010:[<ffffffffa010b38b>] [<ffffffffa010b38b>] synproxy_parse_options+0x16b/0x180 [nf_synproxy_core] [ 53.645587] RSP: 0018:ffff88002b4039a8 EFLAGS: 00010282 [ 53.645587] RAX: 00000000fffffff2 RBX: 000000000000000c RCX: 000000000000000c [ 53.645587] RDX: ffff88002b4039a8 RSI: 0000000000000028 RDI: ffff880029768700 [ 53.645587] RBP: ffff88002b4039e8 R08: 0000000000000000 R09: 0000000000000000 [ 53.645587] R10: ffff880029768700 R11: 0000000000000000 R12: ffff88002b403a28 [ 53.645587] R13: ffff880029be5658 R14: ffff8800260a8630 R15: ffff880029aa6c62 [ 53.645587] FS: 0000000000000000(0000) GS:ffff88002b400000(0000) knlGS:0000000000000000 [ 53.645587] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b [ 53.645587] CR2: ffffffffff600400 CR3: 0000000028780000 CR4: 00000000000006f0 [ 53.645587] Stack: [ 53.645587] ffff88002b4039d8 ffff8800289d16c0 ffff880029abf4f0 ffff88002b403b48 [ 53.645587] ffff88002b4039d8 5daa3322d0120d19 ffff88002b403b48 ffff880029768700 [ 53.645587] ffff88002b403a78 ffffffffa0110a9e ffff88002b403a18 ffff880029abf4f0 [ 53.645587] Call Trace: [ 53.645587] <IRQ> [ 53.645587] [ 53.645587] [<ffffffffa0110a9e>] synproxy_tg4+0xde/0x2f8 [ipt_SYNPROXY] [ 53.645587] [<ffffffff8117c4ae>] ? __kmalloc+0x2e/0x190 [ 53.645587] [<ffffffffa00a90ee>] ipt_do_table+0x2fe/0x745 [ip_tables] [ 53.645587] [<ffffffff813ace70>] ? virtqueue_kick+0x20/0x30 [ 53.645587] [<ffffffffa00b20d3>] iptable_filter_hook+0x33/0x64 [iptable_filter] [ 53.645587] [<ffffffff815894b6>] nf_iterate+0x86/0xd0 [ 53.645587] [<ffffffff81592680>] ? ip_rcv_finish+0x340/0x340 [ 53.645587] [<ffffffff81589574>] nf_hook_slow+0x74/0x130 [ 53.645587] [<ffffffff81592680>] ? ip_rcv_finish+0x340/0x340 [ 53.645587] [<ffffffff81592a73>] ip_local_deliver+0x73/0x80 [ 53.645587] [<ffffffff815923c1>] ip_rcv_finish+0x81/0x340 [ 53.645587] [<ffffffff81592d24>] ip_rcv+0x2a4/0x3e0 [ 53.645587] [<ffffffff81559f42>] __netif_receive_skb_core+0x672/0x7e0 [ 53.645587] [<ffffffff8155a0d1>] __netif_receive_skb+0x21/0x70 [ 53.645587] [<ffffffff8155a2b3>] netif_receive_skb+0x23/0x90 [ 53.645587] [<ffffffffa0027439>] virtnet_poll+0x4e9/0x760 [virtio_net] [ 53.645587] [<ffffffff8155a989>] net_rx_action+0x139/0x220 [... cut ...] [ 53.645587] Code: c0 08 66 41 89 44 24 02 eb aa 66 0f 1f 44 00 00 83 fa 03 75 9f 0f b6 46 02 3c 0e 41 0f 47 c0 41 80 0c 24 02 41 88 44 24 01 eb 89 <0f> 0b e8 ae 93 f4 e0 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 [ 53.645587] RIP [<ffffffffa010b38b>] synproxy_parse_options+0x16b/0x180 [nf_synproxy_core] [ 53.645587] RSP <ffff88002b4039a8> [ 53.645587] ---[ end trace f6ddc710ff8b9002 ]--[ 53.645587] Kernel panic - not syncing: Fatal exception in interrupt 15/27 How to debug a kernel crash – and other tricks
  • 16. Extra "ps" and "files" crash tricks crash> ps PID PPID [...cut...] 1512 1295 1515 1512 1563 1515 CPU TASK ST %MEM VSZ RSS COMM 0 0 0 ffff88002992c5f0 ffff88002992aea0 ffff880027a1c5f0 IN IN IN 0.5 0.3 0.1 100044 108344 105492 3892 1796 848 sshd bash less crash> files 1563 PID: 1563 TASK: ffff880027a1c5f0 CPU: 0 COMMAND: "less" ROOT: / CWD: /root FD FILE DENTRY INODE TYPE PATH 0 ffff8800297cef00 ffff880028d64240 ffff8800290e2fc0 CHR /dev/pts/0 1 ffff8800297cef00 ffff880028d64240 ffff8800290e2fc0 CHR /dev/pts/0 2 ffff8800297cef00 ffff880028d64240 ffff8800290e2fc0 CHR /dev/pts/0 3 ffff880029471100 ffff880029f813c0 ffff88002b28fce0 CHR /tty 4 ffff880029768800 ffff880028d44000 ffff880028d76480 REG /root/iptables_synproxy.sh crash> set 1563 PID: 1563 COMMAND: "less" TASK: ffff880027a1c5f0 [THREAD_INFO: ffff880028286000] CPU: 0 STATE: TASK_INTERRUPTIBLE 16/27 How to debug a kernel crash – and other tricks
  • 17. Code pointer – too easy ● The full log, gave exact C-code line: kernel BUG at net/netfilter/nf_synproxy_core.c:35! – “BUG” indicate explicit code assertion ● 17/27 BUG_ON() or BUG() How to debug a kernel crash – and other tricks
  • 18. Show me the code 18/27 How to debug a kernel crash – and other tricks
  • 19. Using objdump ● Too easy – – ● Cannot be that lucky every time Lets do it the hard way: Manual objdump Use options: objdump -S -Mintel – ● Disassemble and use Intel (readable) asm Draw flow arrow for jumps and calls – With tool asm_jmps.py by Daniel Fairchild ● 19/27 http://dikutal.dk/blog/fairchild How to debug a kernel crash – and other tricks
  • 20. Annoying compiler optimizations ● BUG at synproxy_parse_options+0x16b -> 0x220+0x16b = 0x38b – 20/27 Bash shell cmd: printf '0x%xn' $((0x220+0x16b)) How to debug a kernel crash – and other tricks
  • 21. C-code inlined with asm 21/27 How to debug a kernel crash – and other tricks
  • 22. Panic finished ● Next: Some instrumentation hints – – Probing a running kernel – SystemTap – 22/27 Dynamic printk Benchmarking tool: “perf” How to debug a kernel crash – and other tricks
  • 23. Panic finished ● Next: Some instrumentation hints – – Probing a running kernel – SystemTap – 23/27 Dynamic printk Benchmarking tool: “perf” How to debug a kernel crash – and other tricks
  • 24. Dynamic printk debugging ● “Real programers use printk” – ● But want: 1) Dynamic enable/disable, 2) No overhead when disabled Kernel dynamic debug (dyndbg) feature – – Use pr_debug() – ● Select CONFIG_DYNAMIC_DEBUG jump_label feature, dynamic code patching Enable example: # mount -t debugfs none /sys/kernel/debug/ # echo "func __detect_linklayer +p" > /sys/kernel/debug/dynamic_debug/control 24/27 How to debug a kernel crash – and other tricks
  • 25. Probe running kernel ● A number of solutions exists for – Probing the running kernel ● (this is out of scope of this talk) ● Just some link: ● SystemTap http://www.linuxforu.com/2010/09/systemtap-tutorial-part-1/ ● Ftrace http://www.linuxforu.com/2010/11/kernel-tracing-with-ftrace-part-1/ ● Kprobe and Jprobe http://www.linuxforu.com/2011/04/kernel-debugging-using-kprobe-and-jprobe 25/27 How to debug a kernel crash – and other tricks
  • 26. SystemTap example ● Debugging kernel commit – ● commit 50d1784ee (net: fix multiqueue selection) Example how to start # stap -v -g sk-txq.stp %{ #include <net/sock.h> %} function queue_mapping:long(sk_ptr:long) %{ struct sock *sk = (struct sock*) STAP_ARG_sk_ptr; STAP_RETVALUE = __sk_tx_queue_mapping(sk); %} probe kernel.function("__netdev_pick_tx").return { if ($skb->sk) printf("tx queue index: %dn", queue_mapping($skb->sk)); } 26/27 How to debug a kernel crash – and other tricks
  • 27. Performance benchmarking ● Performance analyzing tool: “perf” – – Tracepoints – ● Supports hardware perf counters Dynamic probes (e.g. kprobes or uprobes) Both kernel and userspace profiling – Try it! -- run: “perf top” ● ● 27/27 perf record -g -a perf report How to debug a kernel crash – and other tricks
  • 28. The End ● If unlikely(time for questions) – 28/27 Questions? How to debug a kernel crash – and other tricks