Kernel Debug
- Kernel symbol table for debugging
- Kernel Debugger
- Eclipse
- trace
- crash
- kernel ring buffer/syslog
- console_loglevel
- syslogd
- global system message
- CONFIG_DEBUG_KERNEL
- This option(under "Kernel hacking/Kernel debugging") just makes other debugging options available; it should be turned on but does not, by itself, enable any features.
- CONFIG_DEBUG_INFO
- This option (under "Kernel hacking/Compile the kernel with debug info")
- This adds debug symbols to the kernel and modules (gcc -g), and is needed if you intend to use kernel crashdump or binary object tools like crash, kgdb, LKCD, gdb, etc on the kernel.
- CONFIG_KALLSYMS
- This option (under "General setup/Configure standard kernel features (for small systems)/Load all symbols for debugging/ksymoops") causes kernel symbol information to be built into the kernel; it is enabled by default. The symbol information is used in debugging contexts; without it, an oops listing can give you a kernel traceback only in hexadecimal, which is not very useful.
- This increases the size of the kernel somewhat, as all symbols have to be loaded into the kernel image.
- Normally kallsyms only contains the symbols of functions for nicer OOPS messages and backtraces (i.e., symbols from the text and inittext sections).
- CONFIG_KALLSYMS_ALL
- This option (under "General setup/Configure standard kernel features (for small systems)/Include all symbols in kallsyms")
- All symbols are loaded into the kernel image (i.e., symbols from all sections)
- There are 2 files that are used as a kernel symbol table
- /proc/kallsyms(2.6) or /proc/ksyms(before 2.6)
- a "proc file" that is created on the fly when a kernel boots up.
- <path to kernel>/kernel/kallsyms.c
- in-kernel printing of symbolic oopses and stack traces
- __kallsyms section
- scripts/kallsyms
- kallsyms.S
- System.map
- A new System.map is generated with each kernel compile
- /proc/kallsyms(2.6) or /proc/ksyms(before 2.6)
- To help understand cryptic oops output, a daemon called klogd, the kernel logging daemon, is used to perform symbol-address translation. When an ooops occurs, klogd intercepts the oops report, translates addresses into symbol names (e.g. translating c010b860 into BytesRead()), and logs the event with the system logger, usually syslogd.
- Oops/panic message
- Kernel Panics and Oopses
- ksymoops
- It is a program that interprets and "oops" display.
- And "oops" display is stuff that the Linux kernel displays when it detects an internal kernel error (and consequently terminates a process).
- Useful Guides and Articles on Kernel Debugging
- Well-known addresses
Address | Meaning | Caused by | Constant |
---|---|---|---|
0x6b6b6b6b | use after free | slab poisoning | POISON_FREE |
0xa5a5a5a5 | use of uninitialized memory | slab poisoning | POISON_INUSE |
0x00100100 | use of invalid next pointer | list poisoning | LIST_POISON1 |
0x00200200 | use of invalid prev pointer | list poisoning | LIST_POISON2 |
0xcccccccc | use of an address before or beyond allocated memory; or probably an off-by-one error / buffer overrun | SLUB_RED_ACTIVE | |
0xcccccccc | use of uninitialized init memory | you might have accessed a per-cpu variable of an offline CPU | POISON_FREE_INITMEM |
page revision: 3, last edited: 10 May 2013 06:55