Debugging
Last updated
Was this helpful?
Last updated
Was this helpful?
If you think you found a problem in OPS or Nanos first thing is to
verify where the bug lies. Generally, if you turn on the -d
flag
and study the bottom you can tell if it is in user or kernel:
Clearly in this example we see a GPF in user.
If you wish to have symbol access within your user program the following conditions must be met:
Ensure your program is statically linked.
Ensure you have debugging symbols to begin with:
You can do this with c by doing the following:
Example
For this example will examine a segfault (that we purposely injected):
We compile with debugging symbols and link statically:
If we run this example program with OPS (ops run main
), we can see that it
crashes soon after starting:
Next, we'll run with the debug flag turned on:
This will pause waiting on a gdb to attach to it.
In another window, we'll launch gdb pointing it at the executable file:
You can see the source via the list
gdb command:
We'll connect to the target VM by specifying the remote:
Great - now we are connected.
Let's set a breakpoint for 'mybad':
Now let's continue:
You should see in your other window (where you started OPS) that the program starts:
Now if we single step through the program we can print out various locals:
This should get you further down the path when you find various bugs in your program. Hope this helps.
If your program isn't even starting there might be an issue with OPS.
However, if you open an issue in Nanos please provide the following:
Your OPS profile:
Nightly vs Master?
Does this work on the nightly build? Running '-n' will run ops with whatever was in the master branch last night.
Reproducible steps
The newly built kernel file will be located (assuming we are using an Intel or AMD machine) in the output/platform/pc/bin directory. To run an image with the re-compiled kernel, we first move to the folder where the user program is located, then create a JSON configuration file specifying the path of the kernel file (adjust it to match the actual path on your machine):
Then, we can build and run an image containing our debug-friendly kernel and the user program with the following OPS command:
In the above command line, config.json
is the name of the JSON configuration
file, -d
is the debug flag, and main
is the executable file of the user
program. The VM is now paused waiting for gdb to attach to it. In another
window, move to the folder containing the Nanos kernel source, then start gdb:
The gdb initialization file in the above command line automates the process of loading the kernel file symbols (with the appropriate offset) and connecting gdb to the VM. We can now debug the kernel (e.g. set breakpoints, single-step, display variables, etc.) using standard gdb commands.
Note: in the early boot phase, the kernel image is located in the guest VM
memory at an address that does not correspond to the final runtime address; only
after the boot code executes the kaslr()
kernel function, the kernel is
located at its runtime address; therefore, debugging with the default settings
in the above gdb initialization file works only for code executed after thekaslr()
function.
If we want to debug early boot code, we must first reset the symbol offset with
the following gdb command:
Launch the application in debug mode with ops
:
Click the Run
icon on the left sidebar (alternatively use Ctrl+Shift+D
) and then create a launch.json file
.
Select GDB
as the environment. This will create an autogenerated launch.json
file.
Replace the contents of the launch.json
file with following:
Set a Breakpoint
in the source file (main.c
) and start the debugging session from the Run
on the left sidebar (alternatively use Ctrl+Shift+D
) and click on the > Debug
icon.
It is now possible to use the debugging palette to debug the application code.
Ops provides a tool that allow you to inspect image crash logs and image manifests. The dump tool binary is inside the ops version directory (~/.ops/<ops_version>/dump
). Make sure you use the dump tool of the same ops version you used to build the image you want to analyze.
If the application crashes the unikernel writes the error stack to a log file before exiting. You are able to see the log content if you run the command dump -l <image_path>
.
The image manifest has details about the image like:
files and their paths in the filesystem;
environment variable values, including nanos base image version used;
program and arguments to run on initialization;
static IP, gateway and netmask to configure the network interface;
etc.
You can look into your image manifest by using the command dump <image_path>
.
Nanos has a FUSE driver which allows us to mount the TFS image used on the host filesystem. This makes it easy for rapid development, ease of debugging and other interesting tools.
If you'd like to read more check out https://nanovms.com/dev/tutorials/nanos-unikernel-has-fuse-driver-for-tfs .
To try it out on Linux:
To try it out on Mac:
Then you simply create a mount point and mount your desired image:
You can use the 'net console' logging feature if you'd like to log without printing via serial/vga. Simply specify it via:
Then you can capture it via netcat:
The default ip/port that Nanos will ship the logging to is 10.0.2.2 (assuming user-mode) and port of 4444.
You can adjust these via the following config though:
netconsole_ip
netconsole_port
OPS/Nanos has the ability to trace the number of syscall executions and
timing information much like strace -c
.
Here is a short c example:
The output:
Nanos supports core dumps. By default they are turned off and enabled if specifying a > 0 'coredumplimit' config variable. Ensure that the volume size is large enough to contain the core dump as well however.
Locally you can do something like this:
with a config like:
Your size will vary with the size and scope of your application.
You can now see a core has been generated:
Now you can copy it out:
And quickly view a backtrace:
If you are using '--trace' you can set an optional 'notrace' variable to exclude certain output such as:
You can also do the opposite such as:
You can also trace groups of related syscalls:
The supported groups are:
%file
%desc
%network
%process
%signal
%memory
The Nanos kernel implements address space layout randomization not only for the user program, but also for the kernel itself (KASLR). To easily debug a running kernel, we need to disable KASLR, and to do so we have to re-compile the kernel from source: download the Nanos source code from, then in a terminal window go to the source code folder and build the kernel with the 'no-kaslr' configuration option:
This part of the debugging guide shows how to use the GNU Debugger (GDB) in combination with VSCode to get better visualization of the debugging process. It requires that the extension is installed.