SlideShare a Scribd company logo

Kernel Debugging & Profiling

Anil Kumar Pugalia
Anil Kumar Pugalia
Technology
1 of 14
© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Debugging & Profiling
2© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. What to Expect? Kernel Debugging Tools & Techniques Kernel Profiling Tools & Mechanism Kernel Testing Ways
3© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Debugging by Printing printk & dmesg int klogctl(int cmd, char *bufp, int len); syslogd #include <syslog.h> void openlog(char *ident, int option, int facility); void syslog ( int priority, char *format, …); void closelog( void ); ident – typically short program name option - LOG_CONS, LOG_PERROR, LOG_PID, … facility - LOG_AUTHPRIV, LOG_CRON, LOG_DAEMON, LOG_USER, ... priority - LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, LOG_DEBUG klogd – bridge between kernel ring buffer and syslogd
4© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Debugging by Querying Through Kernel Windows /proc Process related stuff General system information: cpuinfo, meminfo, … Drivers related info: devices, iomem, interrupts, ... /sys (Utilities: sysfsutils, sysdiag) Buses, Classes, Devices, ... Using ioctl Through specific drivers Using custom commands
5© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Crash Dumping & Analysis Oops Analysis CONFIG_BUG, CONFIG_KALLSYMS Call Trace cat /proc/kallsyms objdump -d | -S <obj | exe> Crash Dumping (using 2 kernel images – could be same) System Kernel: CONFIG_KEXEC, CONFIG_DEBUG_INFO Dump-capture Kernel: CONFIG_CRASH_DUMP, CONFIG_PROC_VMCORE, Other Architecture specific CONFIG_s Boot System Kernel with crashkernel=size@offset, or crashkernel=range:size Overlay Dump-capture Kernel using kexec After Crash (Simulated using SysRq+c, Or real) System reboots w/ Dump-capture Kernel Collect the dump using kdump, Or simply cp /proc/vmcore <dump file> Analyse using <gdb | crash> vmlinux <dump file>
6© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Hacking Related Options CONFIG_DEBUG_INFO (gcc -g) CONFIG_DEBUG_FS CONFIG_DYNAMIC_DEBUG CONFIG_DEBUG_STACKOVERFLOW CONFIG_LOCKUP_DETECTOR CONFIG_DEBUG_SPINLOCK, CONFIG_DEBUG_MUTEXES, ... CONFIG_MAGIC_SYSRQ CONFIG_EARLY_PRINTK CONFIG_DEBUG_SLAB, CONFIG_DEBUG_VM, ... CONFIG_DEBUG_STACK_USAGE CONFIG_PANIC_ON_OOPS CONFIG_PANIC_ON_OOPS_VALUE
7© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Debuggers Kernel Debugger (Frontend): kdb CONFIG_DEBUG_INFO, CONFIG_MAGIC_SYSRQ CONFIG_KGDB, CONFIG_KGDB_KDB, CONFIG_KGDB_SERIAL_CONSOLE Basic Operations over Serial Console Remote Debugging using kgdb (Kernel Debug Server) Remote connection & debug through gdb vmlinux gdb <kernel src>/vmlinux /proc/kcore Only to gather current kernel debug information
8© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Miscellaneous Tools & Techniques Early Init Debugs CONFIG_SERIAL_EARLYCON CONFIG_EARLY_PRINTK (direct on h/w) Light & Sound JTAG Hardware Protocol Debug Hardware Protocol Analyzers Network Debugging Driver level: ethtool [options] <dev i/f> Packet level: tcpdump [options, e.g. -vv] -i <dev i/f>
9© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Probes kprobes → CONFIG_KPROBES jprobes → Specialized Kprobes For probing function entry points kretprobes → Return Kprobes For probing function exit points
10© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Tracing Single Process Tracing using strace Traces the system calls made by an application Command: strace [options] <application> Excellent options to tune to get only desired output Linux Trace Toolkit Patch @ http://www.opersys.com/LTT Core Module Code using Trace Services Daemon: tracedaemon Utilities: tracereader, tracevisualizer Function Tracer CONFIG_FUNCTION_TRACER & co /sys/kernel/debug/tracing
11© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Profiling & Code Coverage System Profiling From /proc using LTTng Kernel Profiling: Oprofile CONFIG_PROFILING, CONFIG_OPROFILE, CONFIG_APIC Daemon: oprofiled Utilities: opcontrol, opreport, op_help, ... Kernel Performance Profiling using perf CONFIG_PERF_EVENTS & co stat, list, top, record, report, ... Kernel Code Coverage: CONFIG_GCOV_KERNEL, CONFIG_GCOV_PROFILE_ALL
12© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Testing Possibilities Linux Test Project (LTP) Hosted @ http://ltp.sourceforge.net Suite of around 3000 tests Exercises various parts of the Kernel Mostly automated, except net & storage ones Command: runltp -p -l logfile User Mode Linux (UML) Hosted @ http://user-mode-linux.sourceforge.net A Kernel Instance as a User Mode Process Kernel Debugging without “oops”ing Good for testing & experimenting with unstable kernels
13© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. What all have we learnt? Kernel Debugging Tools & Techniques Debugging by Printing & Querying Crash Dumping & Analysis Kernel Hacking Options Kernel Debuggers Miscellaneous Tools & Techniques Kernel Probes Tracing Kernel Profiling Tools & Mechanism Kernel Testing Ways
14© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Any Queries?

Recommended

Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)shimosawa
 
U-Boot Porting on New Hardware
U-Boot Porting on New HardwareU-Boot Porting on New Hardware
U-Boot Porting on New HardwareRuggedBoardGroup
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBshimosawa
 
Security Monitoring with eBPF
Security Monitoring with eBPFSecurity Monitoring with eBPF
Security Monitoring with eBPFAlex Maestretti
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded LinuxEmertxe Information Technologies Pvt Ltd
 
Video Drivers
Video DriversVideo Drivers
Video DriversAnil Kumar Pugalia
 
U-Boot presentation 2013
U-Boot presentation 2013U-Boot presentation 2013
U-Boot presentation 2013Wave Digitech
 
malloc & vmalloc in Linux
malloc & vmalloc in Linuxmalloc & vmalloc in Linux
malloc & vmalloc in LinuxAdrian Huang
 

Recommended

Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)shimosawa
 
U-Boot Porting on New Hardware
U-Boot Porting on New HardwareU-Boot Porting on New Hardware
U-Boot Porting on New HardwareRuggedBoardGroup
 
Linux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBLinux Kernel Booting Process (1) - For NLKB
Linux Kernel Booting Process (1) - For NLKBshimosawa
 
Security Monitoring with eBPF
Security Monitoring with eBPFSecurity Monitoring with eBPF
Security Monitoring with eBPFAlex Maestretti
 
BusyBox for Embedded Linux
BusyBox for Embedded LinuxBusyBox for Embedded Linux
BusyBox for Embedded LinuxEmertxe Information Technologies Pvt Ltd
 
Video Drivers
Video DriversVideo Drivers
Video DriversAnil Kumar Pugalia
 
U-Boot presentation 2013
U-Boot presentation 2013U-Boot presentation 2013
U-Boot presentation 2013Wave Digitech
 
malloc & vmalloc in Linux
malloc & vmalloc in Linuxmalloc & vmalloc in Linux
malloc & vmalloc in LinuxAdrian Huang
 
Linux Initialization Process (1)
Linux Initialization Process (1)Linux Initialization Process (1)
Linux Initialization Process (1)shimosawa
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device driversHoucheng Lin
 
Memory Mapping Implementation (mmap) in Linux Kernel
Memory Mapping Implementation (mmap) in Linux KernelMemory Mapping Implementation (mmap) in Linux Kernel
Memory Mapping Implementation (mmap) in Linux KernelAdrian Huang
 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtAnne Nicolas
 
Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Adrian Huang
 
Character drivers
Character driversCharacter drivers
Character driverspradeep_tewani
 
Linux Kernel Module - For NLKB
Linux Kernel Module - For NLKBLinux Kernel Module - For NLKB
Linux Kernel Module - For NLKBshimosawa
 
Linux Kernel - Virtual File System
Linux Kernel - Virtual File SystemLinux Kernel - Virtual File System
Linux Kernel - Virtual File SystemAdrian Huang
 
Spi drivers
Spi driversSpi drivers
Spi driverspradeep_tewani
 
Linux DMA Engine
Linux DMA EngineLinux DMA Engine
Linux DMA EngineSysPlay eLearning Academy for You
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelSUSE Labs Taipei
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageKernel TLV
 
Linux Memory Management
Linux Memory ManagementLinux Memory Management
Linux Memory ManagementNi Zo-Ma
 
Anatomy of the loadable kernel module (lkm)
Anatomy of the loadable kernel module (lkm)Anatomy of the loadable kernel module (lkm)
Anatomy of the loadable kernel module (lkm)Adrian Huang
 
U boot porting guide for SoC
U boot porting guide for SoCU boot porting guide for SoC
U boot porting guide for SoCMacpaul Lin
 
Meet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingMeet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingViller Hsiao
 
Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Pankaj Suryawanshi
 
Network Drivers
Network DriversNetwork Drivers
Network DriversAnil Kumar Pugalia
 
I2C Drivers
I2C DriversI2C Drivers
I2C DriversSysPlay eLearning Academy for You
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceBrendan Gregg
 
References
ReferencesReferences
ReferencesAnil Kumar Pugalia
 
gcc and friends
gcc and friendsgcc and friends
gcc and friendsAnil Kumar Pugalia
 

More Related Content

What's hot

Linux Initialization Process (1)
Linux Initialization Process (1)Linux Initialization Process (1)
Linux Initialization Process (1)shimosawa
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device driversHoucheng Lin
 
Memory Mapping Implementation (mmap) in Linux Kernel
Memory Mapping Implementation (mmap) in Linux KernelMemory Mapping Implementation (mmap) in Linux Kernel
Memory Mapping Implementation (mmap) in Linux KernelAdrian Huang
 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtAnne Nicolas
 
Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Adrian Huang
 
Linux Kernel Module - For NLKB
Linux Kernel Module - For NLKBLinux Kernel Module - For NLKB
Linux Kernel Module - For NLKBshimosawa
 
Linux Kernel - Virtual File System
Linux Kernel - Virtual File SystemLinux Kernel - Virtual File System
Linux Kernel - Virtual File SystemAdrian Huang
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelSUSE Labs Taipei
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageKernel TLV
 
Linux Memory Management
Linux Memory ManagementLinux Memory Management
Linux Memory ManagementNi Zo-Ma
 
Anatomy of the loadable kernel module (lkm)
Anatomy of the loadable kernel module (lkm)Anatomy of the loadable kernel module (lkm)
Anatomy of the loadable kernel module (lkm)Adrian Huang
 
U boot porting guide for SoC
U boot porting guide for SoCU boot porting guide for SoC
U boot porting guide for SoCMacpaul Lin
 
Meet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingMeet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingViller Hsiao
 
Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Pankaj Suryawanshi
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceBrendan Gregg
 

What's hot (20)

Linux Initialization Process (1)
Linux Initialization Process (1)Linux Initialization Process (1)
Linux Initialization Process (1)
 
Arm device tree and linux device drivers
Arm device tree and linux device driversArm device tree and linux device drivers
Arm device tree and linux device drivers
 
Memory Mapping Implementation (mmap) in Linux Kernel
Memory Mapping Implementation (mmap) in Linux KernelMemory Mapping Implementation (mmap) in Linux Kernel
Memory Mapping Implementation (mmap) in Linux Kernel
 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
 
Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...Decompressed vmlinux: linux kernel initialization from page table configurati...
Decompressed vmlinux: linux kernel initialization from page table configurati...
 
Character drivers
Character driversCharacter drivers
Character drivers
 
Linux Kernel Module - For NLKB
Linux Kernel Module - For NLKBLinux Kernel Module - For NLKB
Linux Kernel Module - For NLKB
 
Linux Kernel - Virtual File System
Linux Kernel - Virtual File SystemLinux Kernel - Virtual File System
Linux Kernel - Virtual File System
 
Spi drivers
Spi driversSpi drivers
Spi drivers
 
Linux DMA Engine
Linux DMA EngineLinux DMA Engine
Linux DMA Engine
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux Kernel
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
 
Linux Memory Management
Linux Memory ManagementLinux Memory Management
Linux Memory Management
 
Anatomy of the loadable kernel module (lkm)
Anatomy of the loadable kernel module (lkm)Anatomy of the loadable kernel module (lkm)
Anatomy of the loadable kernel module (lkm)
 
U boot porting guide for SoC
U boot porting guide for SoCU boot porting guide for SoC
U boot porting guide for SoC
 
Meet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracingMeet cute-between-ebpf-and-tracing
Meet cute-between-ebpf-and-tracing
 
Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)Linux Memory Management with CMA (Contiguous Memory Allocator)
Linux Memory Management with CMA (Contiguous Memory Allocator)
 
Network Drivers
Network DriversNetwork Drivers
Network Drivers
 
I2C Drivers
I2C DriversI2C Drivers
I2C Drivers
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems Performance
 

Viewers also liked

Viewers also liked (17)

References
ReferencesReferences
References
 
gcc and friends
gcc and friendsgcc and friends
gcc and friends
 
Embedded C
Embedded CEmbedded C
Embedded C
 
Introduction to Linux Drivers
Introduction to Linux DriversIntroduction to Linux Drivers
Introduction to Linux Drivers
 
File System Modules
File System ModulesFile System Modules
File System Modules
 
Serial Drivers
Serial DriversSerial Drivers
Serial Drivers
 
PCI Drivers
PCI DriversPCI Drivers
PCI Drivers
 
Block Drivers
Block DriversBlock Drivers
Block Drivers
 
Interrupts
InterruptsInterrupts
Interrupts
 
SPI Drivers
SPI DriversSPI Drivers
SPI Drivers
 
USB Drivers
USB DriversUSB Drivers
USB Drivers
 
BeagleBone Black Bootloaders
BeagleBone Black BootloadersBeagleBone Black Bootloaders
BeagleBone Black Bootloaders
 
Linux Porting
Linux PortingLinux Porting
Linux Porting
 
BeagleBoard-xM Bootloaders
BeagleBoard-xM BootloadersBeagleBoard-xM Bootloaders
BeagleBoard-xM Bootloaders
 
Platform Drivers
Platform DriversPlatform Drivers
Platform Drivers
 
Character Drivers
Character DriversCharacter Drivers
Character Drivers
 
File Systems
File SystemsFile Systems
File Systems
 

Similar to Kernel Debugging & Profiling

Android Boot Time Optimization
Android Boot Time OptimizationAndroid Boot Time Optimization
Android Boot Time OptimizationKan-Ru Chen
 
OSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner FischerOSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner FischerNETWAYS
 
HKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with CoresightHKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with CoresightLinaro
 
Linux User Space Debugging & Profiling
Linux User Space Debugging & ProfilingLinux User Space Debugging & Profiling
Linux User Space Debugging & ProfilingAnil Kumar Pugalia
 
Virtual platform
Virtual platformVirtual platform
Virtual platformsean chen
 
Embedded Android
Embedded AndroidEmbedded Android
Embedded Android晓东 杜
 
Mod06 new development tools
Mod06 new development toolsMod06 new development tools
Mod06 new development toolsPeter Haase
 
QEMU - Binary Translation
QEMU - Binary Translation QEMU - Binary Translation
QEMU - Binary Translation Jiann-Fuh Liaw
 
[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법
[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법
[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법GangSeok Lee
 
Mobile Hacking using Linux Drivers
Mobile Hacking using Linux DriversMobile Hacking using Linux Drivers
Mobile Hacking using Linux DriversAnil Kumar Pugalia
 
Study on Android Emulator
Study on Android EmulatorStudy on Android Emulator
Study on Android EmulatorSamael Wang
 
Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012
Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012
Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012DefCamp
 
Linux kernel debugging
Linux kernel debuggingLinux kernel debugging
Linux kernel debuggingHao-Ran Liu
 
Beyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic AnalysisBeyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic AnalysisFastly
 
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...aaajjj4
 
Track c-High speed transaction-based hw-sw coverification -eve
Track c-High speed transaction-based hw-sw coverification -eveTrack c-High speed transaction-based hw-sw coverification -eve
Track c-High speed transaction-based hw-sw coverification -evechiportal
 

Similar to Kernel Debugging & Profiling (20)

Kernel Debugging & Profiling
Kernel Debugging & ProfilingKernel Debugging & Profiling
Kernel Debugging & Profiling
 
Android Boot Time Optimization
Android Boot Time OptimizationAndroid Boot Time Optimization
Android Boot Time Optimization
 
BeagleBone Black Booting Process
BeagleBone Black Booting ProcessBeagleBone Black Booting Process
BeagleBone Black Booting Process
 
OSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner FischerOSMC 2014: Server Hardware Monitoring done right | Werner Fischer
OSMC 2014: Server Hardware Monitoring done right | Werner Fischer
 
HKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with CoresightHKG18-TR14 - Postmortem Debugging with Coresight
HKG18-TR14 - Postmortem Debugging with Coresight
 
Linux User Space Debugging & Profiling
Linux User Space Debugging & ProfilingLinux User Space Debugging & Profiling
Linux User Space Debugging & Profiling
 
Virtual platform
Virtual platformVirtual platform
Virtual platform
 
Embedded Android
Embedded AndroidEmbedded Android
Embedded Android
 
Mod06 new development tools
Mod06 new development toolsMod06 new development tools
Mod06 new development tools
 
QEMU - Binary Translation
QEMU - Binary Translation QEMU - Binary Translation
QEMU - Binary Translation
 
[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법
[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법
[2009 CodeEngn Conference 03] koheung - 윈도우 커널 악성코드에 대한 분석 및 방법
 
Mobile Hacking using Linux Drivers
Mobile Hacking using Linux DriversMobile Hacking using Linux Drivers
Mobile Hacking using Linux Drivers
 
Study on Android Emulator
Study on Android EmulatorStudy on Android Emulator
Study on Android Emulator
 
Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012
Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012
Hunting and Exploiting Bugs in Kernel Drivers - DefCamp 2012
 
Linux kernel debugging
Linux kernel debuggingLinux kernel debugging
Linux kernel debugging
 
Genode Compositions
Genode CompositionsGenode Compositions
Genode Compositions
 
Beyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic AnalysisBeyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic Analysis
 
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
BRKDCT-3144 - Advanced - Troubleshooting Cisco Nexus 7000 Series Switches (20...
 
Track c-High speed transaction-based hw-sw coverification -eve
Track c-High speed transaction-based hw-sw coverification -eveTrack c-High speed transaction-based hw-sw coverification -eve
Track c-High speed transaction-based hw-sw coverification -eve
 
There is more to C
There is more to CThere is more to C
There is more to C
 

More from Anil Kumar Pugalia

Functional Programming with LISP
Functional Programming with LISPFunctional Programming with LISP
Functional Programming with LISPAnil Kumar Pugalia
 
Hardware Design for Software Hackers
Hardware Design for Software HackersHardware Design for Software Hackers
Hardware Design for Software HackersAnil Kumar Pugalia
 

More from Anil Kumar Pugalia (20)

File System Modules
File System ModulesFile System Modules
File System Modules
 
Processes
ProcessesProcesses
Processes
 
System Calls
System CallsSystem Calls
System Calls
 
Introduction to Linux
Introduction to LinuxIntroduction to Linux
Introduction to Linux
 
Embedded Software Design
Embedded Software DesignEmbedded Software Design
Embedded Software Design
 
Playing with R L C Circuits
Playing with R L C CircuitsPlaying with R L C Circuits
Playing with R L C Circuits
 
Audio Drivers
Audio DriversAudio Drivers
Audio Drivers
 
Shell Scripting
Shell ScriptingShell Scripting
Shell Scripting
 
Functional Programming with LISP
Functional Programming with LISPFunctional Programming with LISP
Functional Programming with LISP
 
Power of vi
Power of viPower of vi
Power of vi
 
"make" system
"make" system"make" system
"make" system
 
Hardware Design for Software Hackers
Hardware Design for Software HackersHardware Design for Software Hackers
Hardware Design for Software Hackers
 
RPM Building
RPM BuildingRPM Building
RPM Building
 
Linux Network Management
Linux Network ManagementLinux Network Management
Linux Network Management
 
System Calls
System CallsSystem Calls
System Calls
 
Timers
TimersTimers
Timers
 
Threads
ThreadsThreads
Threads
 
Synchronization
SynchronizationSynchronization
Synchronization
 
Processes
ProcessesProcesses
Processes
 
Signals
SignalsSignals
Signals
 

Recently uploaded

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 

Kernel Debugging & Profiling

  • 1. © 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Debugging & Profiling
  • 2. 2© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. What to Expect? Kernel Debugging Tools & Techniques Kernel Profiling Tools & Mechanism Kernel Testing Ways
  • 3. 3© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Debugging by Printing printk & dmesg int klogctl(int cmd, char *bufp, int len); syslogd #include <syslog.h> void openlog(char *ident, int option, int facility); void syslog ( int priority, char *format, …); void closelog( void ); ident – typically short program name option - LOG_CONS, LOG_PERROR, LOG_PID, … facility - LOG_AUTHPRIV, LOG_CRON, LOG_DAEMON, LOG_USER, ... priority - LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR, LOG_WARNING, LOG_NOTICE, LOG_INFO, LOG_DEBUG klogd – bridge between kernel ring buffer and syslogd
  • 4. 4© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Debugging by Querying Through Kernel Windows /proc Process related stuff General system information: cpuinfo, meminfo, … Drivers related info: devices, iomem, interrupts, ... /sys (Utilities: sysfsutils, sysdiag) Buses, Classes, Devices, ... Using ioctl Through specific drivers Using custom commands
  • 5. 5© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Crash Dumping & Analysis Oops Analysis CONFIG_BUG, CONFIG_KALLSYMS Call Trace cat /proc/kallsyms objdump -d | -S <obj | exe> Crash Dumping (using 2 kernel images – could be same) System Kernel: CONFIG_KEXEC, CONFIG_DEBUG_INFO Dump-capture Kernel: CONFIG_CRASH_DUMP, CONFIG_PROC_VMCORE, Other Architecture specific CONFIG_s Boot System Kernel with crashkernel=size@offset, or crashkernel=range:size Overlay Dump-capture Kernel using kexec After Crash (Simulated using SysRq+c, Or real) System reboots w/ Dump-capture Kernel Collect the dump using kdump, Or simply cp /proc/vmcore <dump file> Analyse using <gdb | crash> vmlinux <dump file>
  • 6. 6© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Hacking Related Options CONFIG_DEBUG_INFO (gcc -g) CONFIG_DEBUG_FS CONFIG_DYNAMIC_DEBUG CONFIG_DEBUG_STACKOVERFLOW CONFIG_LOCKUP_DETECTOR CONFIG_DEBUG_SPINLOCK, CONFIG_DEBUG_MUTEXES, ... CONFIG_MAGIC_SYSRQ CONFIG_EARLY_PRINTK CONFIG_DEBUG_SLAB, CONFIG_DEBUG_VM, ... CONFIG_DEBUG_STACK_USAGE CONFIG_PANIC_ON_OOPS CONFIG_PANIC_ON_OOPS_VALUE
  • 7. 7© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Debuggers Kernel Debugger (Frontend): kdb CONFIG_DEBUG_INFO, CONFIG_MAGIC_SYSRQ CONFIG_KGDB, CONFIG_KGDB_KDB, CONFIG_KGDB_SERIAL_CONSOLE Basic Operations over Serial Console Remote Debugging using kgdb (Kernel Debug Server) Remote connection & debug through gdb vmlinux gdb <kernel src>/vmlinux /proc/kcore Only to gather current kernel debug information
  • 8. 8© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Miscellaneous Tools & Techniques Early Init Debugs CONFIG_SERIAL_EARLYCON CONFIG_EARLY_PRINTK (direct on h/w) Light & Sound JTAG Hardware Protocol Debug Hardware Protocol Analyzers Network Debugging Driver level: ethtool [options] <dev i/f> Packet level: tcpdump [options, e.g. -vv] -i <dev i/f>
  • 9. 9© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Kernel Probes kprobes → CONFIG_KPROBES jprobes → Specialized Kprobes For probing function entry points kretprobes → Return Kprobes For probing function exit points
  • 10. 10© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Tracing Single Process Tracing using strace Traces the system calls made by an application Command: strace [options] <application> Excellent options to tune to get only desired output Linux Trace Toolkit Patch @ http://www.opersys.com/LTT Core Module Code using Trace Services Daemon: tracedaemon Utilities: tracereader, tracevisualizer Function Tracer CONFIG_FUNCTION_TRACER & co /sys/kernel/debug/tracing
  • 11. 11© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Profiling & Code Coverage System Profiling From /proc using LTTng Kernel Profiling: Oprofile CONFIG_PROFILING, CONFIG_OPROFILE, CONFIG_APIC Daemon: oprofiled Utilities: opcontrol, opreport, op_help, ... Kernel Performance Profiling using perf CONFIG_PERF_EVENTS & co stat, list, top, record, report, ... Kernel Code Coverage: CONFIG_GCOV_KERNEL, CONFIG_GCOV_PROFILE_ALL
  • 12. 12© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Testing Possibilities Linux Test Project (LTP) Hosted @ http://ltp.sourceforge.net Suite of around 3000 tests Exercises various parts of the Kernel Mostly automated, except net & storage ones Command: runltp -p -l logfile User Mode Linux (UML) Hosted @ http://user-mode-linux.sourceforge.net A Kernel Instance as a User Mode Process Kernel Debugging without “oops”ing Good for testing & experimenting with unstable kernels
  • 13. 13© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. What all have we learnt? Kernel Debugging Tools & Techniques Debugging by Printing & Querying Crash Dumping & Analysis Kernel Hacking Options Kernel Debuggers Miscellaneous Tools & Techniques Kernel Probes Tracing Kernel Profiling Tools & Mechanism Kernel Testing Ways
  • 14. 14© 2010-16 SysPlay Workshops <workshop@sysplay.in> All Rights Reserved. Any Queries?