Sungju's Slow Life

Sungju's Slow Life

Personal journal

  • Home
  • Projects
  • About
  • What happens if numa=off is provided in kernel parameter?

    If “numa=off” is in kernel boot parameter, it will mark ‘numa_off’ global variable which will be checked during initialization function which is ‘x86_numa_init()’ in x86_64. This will make it not call ‘numa_init’ if numa_off is 1. static __init int numa_setup(char *opt) { if (!opt) return -EINVAL; if (!strncmp(opt, “off”, 3)) numa_off = 1; #ifdef CONFIG_NUMA_EMU […]

    sungju

    November 25, 2019
    Reverse
    code, kernel, numa
  • An example case with some of my commands

    System got high load average and it wasn’t responding for long which is a typical hang situation. It shows total 56 tasks in D (Uninterruptible) state and 5 tasks were in D state longer than 120 seconds which is considered as a hung task. Let’s see what it was waiting for in this process. Alright, […]

    sungju

    November 25, 2019
    Reverse
    crash, extension, mpykdump, Reverse, vmcore
  • ‘edis’ command now shows stack values

    One of the repeating job is finding the argument values passed from the caller. Now by just run ‘edis’, you can see some stack values after the operation code as a comment in yellow color.

    sungju

    March 10, 2019
    Reverse
  • Clocksource tsc unstable

    The reason of the below message 2013-07-16T05:00:05.181538-04:00 xxxxxx kernel: Clocksource tsc unstable (delta = -95170507948 ns). Enable clocksource failover by adding clocksource_failover kernel parameter. clocksource structure /** * struct clocksource – hardware abstraction for a free running counter * Provides mostly state-free accessors to the underlying hardware. * This is the structure used for system […]

    sungju

    February 27, 2019
    Reverse
  • pycrashext – A rich python extension

    Based on Pykdump, I wrote a set of plugins named ‘pycrashext’ which is basically trying to help to reduce the troubleshooting time.  My favorite command in this set is ‘edis’ which can display source code in between disassembled lines. This requires an additional source code server with source codes, but once you have it, it […]

    sungju

    August 10, 2018
    Reverse
    extension, pykdump, vmcore
  • Python/CRASH API aka pkydump

    I am dealing with vmcore analysis for the most of my daily work. To speed up the analysis, I needed some extra command set on top of the commands ‘crash’ is providing. Luckily there is a tool names ‘pkydump’ which is a crash extension and also provides a way to implement extensions using python. I […]

    sungju

    July 21, 2018
    Reverse
    crash, pykdump, vmcore
  • What’s TAINT_WARN?

    TAINT_WARN is explained in kernel/panic.c as ‘Taint on warning’. static const struct tnt tnts[] = { … { TAINT_WARN, ‘W’, ‘ ‘ }, } /** … * ‘W’ – Taint on warning. … */ This flag is turned on from “__WARN()” to confirm that the system had ‘WARNING’ messages once or more time. #define __WARN() […]

    sungju

    June 9, 2017
    Reverse
    kernel
  • Normal user process shows “root:root” permission in /proc//

    If you are seeing ‘root:root’ under /proc// for your process, it means the process is in Zombie state. #include int main() { pid_t pid; int i; for (i = 0; ; i++) { pid = fork(); if (pid > 0) { break; } else { exit(0); } } while (1) { sleep(1); } return 0; […]

    sungju

    January 30, 2017
    Technology
  • How to disassemble a module from a vmcore

    There are times that you have to deal with a module which you don’t have source code. Only thing we can do is disassemble it, but if you don’t have actual module binary, this is also tough. Luckily, vmcore has all the code loaded into the memory. So, here’s the steps to get disassembled code […]

    sungju

    August 1, 2016
    Reverse
    engineering, module, Reverse, vmcore
  • How dump trace is generated in Linux kernel

    Note for myself to remember how call trace is generated in Kernel /* * The architecture-independent dump_stack generator */ void dump_stack(void) { unsigned long stack; printk(“Pid: %d, comm: %.20s %s %s %.*sn”, current->pid, current->comm, print_tainted(), init_utsname()->release, (int)strcspn(init_utsname()->version, ” “), init_utsname()->version); show_trace(NULL, NULL, &stack); } void show_trace(struct task_struct *task, struct pt_regs *regs, unsigned long *stack) { […]

    sungju

    May 4, 2016
    Reverse
  • How to find out who is killing my process

    There’s a time a process is suddenly killed, but has no idea which process or who killed it. There are couple of ways to identify, but using SystemTap is one clear way to identify it. SystemTap is a script language that can be loaded into Linux kernel and interact safely in kernel to monitoring or […]

    sungju

    April 26, 2016
    Reverse
  • What’s virtual address limit of 32bit/64bit Linux kernel?

    RHEL 5 code 32bit: include/asm-i386/processor.h /* * User space process size: 3GB (default). */ #define TASK_SIZE (PAGE_OFFSET) 64bit: include/asm-x86_64/processor.h /* * User space process size. 47bits minus one guard page. */ #define TASK_SIZE64 (0x800000000000UL – 4096) /* This decides where the kernel will search for a free chunk of vm * space during mmap’s. */ […]

    sungju

    November 17, 2015
    Labs
    kernel, linux, Memory
←Previous Page
1 2 3 4 … 19
Next Page→

Create a website or blog at WordPress.com

  • Follow Following
    • Sungju's Slow Life
    • Already have a WordPress.com account? Log in now.
    • Sungju's Slow Life
    • Edit Site
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar