Intro to Segmentation Fault Handling in Linux. By Khanh Ngo-Duy

Similar documents
Exercise Session 6 Computer Architecture and Systems Programming

Debugging uclinux on Coldfire

CSE 374 Programming Concepts & Tools. Brandon Myers Winter 2015 Lecture 11 gdb and Debugging (Thanks to Hal Perkins)

CS354 gdb Tutorial Written by Chris Feilbach

Scientific Programming in C IX. Debugging

Source level debugging. October 18, 2016

Welcome. HRSK Practical on Debugging, Zellescher Weg 12 Willers-Bau A106 Tel

CSE 374 Programming Concepts & Tools

Debugging. ICS312 Machine-Level and Systems Programming. Henri Casanova

ECE/ME/EMA/CS 759 High Performance Computing for Engineering Applications

Lab 8. Follow along with your TA as they demo GDB. Make sure you understand all of the commands, how and when to use them.

18-600: Recitation #3

Program Design: Using the Debugger

Reviewing gcc, make, gdb, and Linux Editors 1

GDB Tutorial. A Walkthrough with Examples. CMSC Spring Last modified March 22, GDB Tutorial

Efficient and Large Scale Program Flow Tracing in Linux. Alexander Shishkin, Intel

Jackson State University Department of Computer Science CSC / Advanced Information Security Spring 2013 Lab Project # 5

CNIT 127: Exploit Development. Ch 2: Stack Overflows in Linux

Using the Debugger. Michael Jantz Dr. Prasad Kulkarni

The Dynamic Debugger gdb

Using gdb to find the point of failure

Lab 2: Buffer Overflows

Tech Note 726 Capturing a Memory Dump File Using the Microsoft Debug Diagnostic Tool (32bit)

Introduction to Linux (Part II) BUPT/QMUL 2018/03/21

Checkpointing using DMTCP, Condor, Matlab and FReD

Recitation #12 Malloc Lab - Part 2. November 14th, 2017

Using a debugger. Segmentation fault? GDB to the rescue!

CSCI0330 Intro Computer Systems Doeppner. Lab 02 - Tools Lab. Due: Sunday, September 23, 2018 at 6:00 PM. 1 Introduction 0.

U Reverse Engineering

Your code must have been compiled with the -g compiler option. Example:

Introduction to debugging. Martin Čuma Center for High Performance Computing University of Utah

SGI Altix Getting Correct Code Reiner Vogelsang SGI GmbH

Improving Linux development with better tools

When you add a number to a pointer, that number is added, but first it is multiplied by the sizeof the type the pointer points to.

Data and File Structures Laboratory

Debugging and Profiling

Project 1 Notes and Demo

CS168: Debugging. Introduc)on to GDB, Wireshark and Valgrind. CS168 - Debugging Helpsession

CSE 351. GDB Introduction

CS356: Discussion #5 Debugging with GDB. Marco Paolieri

Homework 1 CS 642: Information Security

MSRPC Heap Overflow Part II

CSE 410: Systems Programming

Systems software design. Software build configurations; Debugging, profiling & Quality Assurance tools

CS 11 C track: lecture 6

PathFinder-XD for MIPS Powered Devices. Simulator

ECS 153 Discussion Section. April 6, 2015

CMPSC 311- Introduction to Systems Programming Module: Debugging

Simple C Program. Assembly Ouput. Using GCC to produce Assembly. Assembly produced by GCC is easy to recognize:

Programming Tips for CS758/858

CMPSC 311- Introduction to Systems Programming Module: Debugging

Shellbased Wargaming

int32_t Buffer[BUFFSZ] = {-1, -1, -1, 1, -1, 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, -1, -1, -1, -1, -1}; int32_t* A = &Buffer[5];

Lab 03 - x86-64: atoi

Debugging with gdb and valgrind

gdbtui - Linux Command

Section 1: Tools. Contents CS162. January 19, Make More details about Make Git Commands to know... 3

Introduction p. 1 Why Linux? p. 2 Embedded Linux Today p. 3 Open Source and the GPL p. 3 Free Versus Freedom p. 4 Standards and Relevant Bodies p.

Compilation, Disassembly, and Profiling (in Linux)

Debug for GDB Users. Action Description Debug GDB $debug <program> <args> >create <program> <args>

Exploring the file system. Johan Montelius HT2016

Short Introduction to tools on the Cray XC system. Making it easier to port and optimise apps on the Cray XC30

Using the GNU Debugger

Bruce Merry. IOI Training Dec 2013

52 Remote Target. Simulation. Chapter

Using the GNU Debugger

CS201 Lecture 2 GDB, The C Library

Debugging Linux With LinuxScope-JTD

Development Environment & Linux Guide

Improving Linux Development with better tools. Andi Kleen. Oct 2013 Intel Corporation

1. Allowed you to see the value of one or more variables, or 2. Indicated where you were in the execution of a program

Introduction to Operating Systems Prof. Chester Rebeiro Department of Computer Science and Engineering Indian Institute of Technology, Madras

Problem Set 1: Unix Commands 1

Hands-on Workshop on How To Debug Codes at the Institute

Configurations. Make menuconfig : Kernel hacking/

Debugging with GDB and DDT

Helping Developers Help You. Tom Caputi

Learning Objectives. A Meta Comment. Exercise 1. Contents. From CS61Wiki

1 A Brief Introduction To GDB

An Introduction to Komodo

Laboratory 1 Semester 1 11/12

12. Debugging. Overview. COMP1917: Computing 1. Developing Programs. The Programming Cycle. Programming cycle. Do-it-yourself debugging

CNIT 127: Exploit Development. Ch 3: Shellcode. Updated

Buffer Overflow Defenses

Embedded Systems Programming

CS61 Lecture II: Data Representation! with Ruth Fong, Stephen Turban and Evan Gastman! Abstract Machines vs. Real Machines!

Portland State University Maseeh College of Engineering and Computer Science. Proficiency Examination Process

T Hands-on 2. User-mode debuggers OllyDbg

Making things work as expected

DEBUGGING ON FERMI PREPARING A DEBUGGABLE APPLICATION GDB. GDB on front-end nodes

LAB #8. GDB can do four main kinds of things (plus other things in support of these) to help you catch bugs in the act:

Configuring Ubuntu to Code for the OmniFlash or OmniEP

CSci 4061 Introduction to Operating Systems. Programs in C/Unix

Reversed Buffer Overflow Cross Stack Attacks. Kris Kaspersky Endeavor Security, Inc.

Programming Tools. Venkatanatha Sarma Y. Lecture delivered by: Assistant Professor MSRSAS-Bangalore

The CS-220 Development Environment

Debugging for production systems

Tips on Using GDB to Track Down and Stamp Out Software Bugs

Introduction to the Command line. Introduction to the command line. Introduction to the Command line. GNU/Linux at South Wales

Jackson Marusarz Software Technical Consulting Engineer

Transcription:

Intro to Segmentation Fault Handling in Linux By Khanh Ngo-Duy Khanhnd@elarion.com

Seminar What is Segmentation Fault (Segfault) Examples and Screenshots Tips to get Segfault information

What is Segmentation Fault? Segmentation Fault (Segfault) or access violation is a particular error condition that can occur during the operation of computer software A Segfault occurs when a program attempts to access a memory location that is not allowed to access, or attempts to access a memory location in a way that is not allowed Write to a read-only location To overwrite part of the operating system or protected memory locations Access to invalid memory location. e.g : memorry address NULL, -1... etc...

Examples and Screenshots (1 of 3) Write to Read-Only memory address

Examples and Screenshots (2 of 3) Write to Invalid memory address (NULL = 0x00)

Examples and Screenshots (3 of 3) Stack overflow

Tips to get Segfault information (1 of 7) Generally, when Segfault occurs, very less information is provided (see previous slides) Very hard to debug

Tips to get Segfault information (2 of 7) Use dmesg to show information that saved by the Kernel when any application crashes Last Segfault information

Tips to get Segfault information (3 of 7) How to read dmesg outputs? Application name Address caused fault Other values??? I DON'T KNOW... Stack Pointer address S eg fa ult[19960]: s eg fa ult a t 7fffff7feff8 ip 400480 s p 7fffff7ff000 erro r 6 in S eg fa ult[400000+1000] Reason it crashed Instruction Pointer address Additional error code

Tips to get Segfault information (4 of 7) Add -g when compiling the source code. The compiler will add debugging symbols into the binary Will provide more useful information when debugging with gdb Compiled binary size will be largers (debugging symbols are added) Application runs slower, takes more RAM Maybe, some other drawbacks

Tips to get Segfault information (5 of 7) Add -g when compiling the source code. The compiler will add debugging symbols into the binary Will provide more useful information when debugging with gdb Without -g, gcc still adds some minimal debugging information Compiled binary size will be largers (debugging symbols are added) Application runs slower, takes more RAM Maybe, some other drawbacks

Tips to get Segfault information (6 of 7) Use nm to view the symbols in the binary file Address of symbol, symbol type, symbol name can be listed Give us chance to know the Segfault occurred with what symbol $man nm for more information on the usage

Tips to get Segfault information (7 of 7) Use ldd to view the shared library dependencies Show shared library name, starting address of library We know Segfault occurred in our application or in shared library $man ldd for more information how to use ldd

Using gdb The GNU Debugger Core dump file and gdb objdump

Using gdb The GNU Debugger (1 of 6) gdb supports: Starting programs, attaching to running programs or debugging crashed programs Debugging locally or remotely (via gdbserver) Setting breakpoints and watchpoints Examining variables, registers and call stack Changing data and calling functions Automating debug tasks Multi threaded programs

Using gdb The GNU Debugger (2 of 6) In order to effectively debug program, add -g when compiling with gcc Load a program into gdb: $gdb program Once you are in gdb, you can run the program (gdb)run [parameters to program] To stop program, press Ctrl+C To quit gdb, execute command q

Using gdb The GNU Debugger (3 of 6) Step 1: Load the program into gdb Step 2: execute the program gdb detects Segfault but very less info (-g is not add when compiling) Step 3: Quit from gdb

Using gdb The GNU Debugger (4 of 6) add -g when compile Step 1: Load Step 2: Run gdb detects Segfault, shows the lines which caused Segfault Line 6, in main(), file: Segfault.c Step 3: Quit from gdb

Using gdb The GNU Debugger (5 of 6) Is this useful and easy? YES!!! But why? Because of -g we can see the file name, function name and line number Because of the source code is available can see the exactly line of code If there is no source code we can see the filename, function name, line number but NOT contents of the line cause Segfault No problem, still GOOD! :-) Because this situation is simple, sometime you can NOT use this technique! See next...

Using gdb The GNU Debugger (6 of 6) This technique can O N LY be used when: You know for sure, Segfault will occur Only when testing. When in production time, you can NOT gdb causes many side effects: slow down the running, running is not stable etc Even when testing, if application is so Big or threads, many resources) Complicated (many gdb can not handle To be able to debug when your application is in production mode and not able to reduce the Segfault? See the next techniques...

core dump file and gdb (1 of 5) A core dump consists of the recorded state of the working memory of a computer program at a specific time, generally when the program has terminated abnormally (crashed) Core dump file might contain: processor registers, which may include the program counter and stack pointer, memory management information, and other processor and operating system flags and information Core dumps are disabled by default on some Linux distributions To force the core dump generation, you can using command line $ulimit -c <limit size of core file> To force the core dump generation, you can also insert code to your application to request generating the core dump when it crashes To disable the core dump just set <limit size of core file> to 0

core dump file and gdb (2 of 5) Enable core dump, limit to 1024 MB, just once core file is generated when app crashes It is here!

core dump file and gdb (3 of 5) Once you have core dump, what to do? Just load it into gdb and see $gdb <application name> <core file name>

core dump file and gdb (4 of 5) Load the application and core file gdb reads core file and shows the results as if the Application has just run and crashed, actually core dump just shows the actual HISTORY

core dump file and gdb (5 of 5) Is this better than the previous technique? Yes, because I could not reproduce the Segfault, however, core file shows me Though it is good, still some disadvantages Core file may grow very large if your application uses much memory, so sometime you simply can not use this method In case of complicated application, there might be some side effects when forcing core dump your application might run unstable What I read till now, just s ide effec ts. Is there any else? I don't want to risk the production system! YES. There is, see the last techniques...

objdump (1 of 9) Advantages No need to add -g do not affect the memory and reduce the size of binary file No need to generating core dump no side effects, do not take disk space Actually, you do not need to do anything, what will come will come, and you will solve it! Disadvantages? You need a little knowledge about assembly language :-) don't be scare, still easy! If adding optimization flag to gcc (-O, -O2, -O3) it will be a little hard you to read assembly code later

objdump (2 of 9) First of all, what you need is the output of dmesg (very first slide told you). Note the Address caused fault and Instruction pointer address Use the tool named objdump to generate information from your application Output of objdump should be redirected to a file, we need this file later! $objdump -DCl <application name> > <output file>

objdump (3 of 9)

objdump (4 of 9) OK, so my fault address is 0x40058c and instruction pointer is 0x40048c mydump contains the assembly code of my app Now I will see at what line of code, my app crashed just find where is 0x40048c in mydump $grep -n -A 100 -B 100 40048c./myDump What it does it just find the line having 40048c in./mydump, and also show 100 more lines after the found line, and 100 lines before the found line. You can customize the grep command as you want ;)

objdump (5 of 9) Step 1: Find instruction pointer address Step 3: Look above to see the code that caused segfault in what function? Here it is in main() Step 2: Found, This caused segfault

objdump (6 of 9) Now you know the code that cause Segfault in assembly. What to do is open your source code (in C, C++ ) to see the appropriate line of code corresponding to that Assembly code, you will figure out what caused Segfault :-)

objdump (7 of 9) 0x48 = 'H'

objdump (8 of 9) You are done now! Bravo!!! Just with Instruction Pointer, you know where caused Segfault exactly How about the Address caused fault (0x40058c), we have not used it, haven't we? No we don't. BUT, till now I can say the line caused Segfault is * s = 'H '; And, the address of variable s at that time is 0x40058c Meaningless to know this? NO! There is sometime you will need it to know the root cause, see the next slide

objdump (9 of 9) Sometimes, the Address caused fault tell you the root cause. See the following example, we can say that, value of s is N U L L

Thanks for watching If you see it useful clap your hands :-)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback