Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Debuggers from scratch

Liz Rice
November 06, 2017
Technology
1
3.7k

Debuggers from scratch

See how a debugger sets breakpoints and generates stack traces. The pdf version of this slide deck doesn't show the animations, so you might prefer to watch the video of this presentation at dotGo EU: https://youtu.be/TBrv17QyUE0

Liz Rice

November 06, 2017
Tweet

More Decks by Liz Rice

See All by Liz Rice
Unleashing the kernel with eBPF
lizrice
0
190
eBPF's Abilities and Limitations: The Truth
lizrice
0
370
Simplifying multi-cloud and multi-cluster Kubernetes deployments with Cilium
lizrice
0
200
When is a Secure Connection not encrypted? And other stories
lizrice
1
85
Keeping it simple: Cilium Mesh - networking for multi-cloud Kubernetes and beyond
lizrice
1
630
How Many Proxies Do You Need
lizrice
1
150
eBPF for Security Observability
lizrice
0
1.3k
Beginner's Guide to eBPF Programming for Networking
lizrice
1
2.4k
Contributing to Open Source - what's in it for my business?
lizrice
0
58

Other Decks in Technology

See All in Technology
QA/SDETの現在と、これからの挑戦
imtnd
0
150
AIと共に乗り越える、 入社後2ヶ月の苦労と学習の軌跡
sai_kaneko
0
110
SnowflakeとDatabricks両方でRAGを構築してみた
kameitomohiro
1
470
Aspire をカスタマイズしよう & Aspire 9.2
nenonaninu
0
170
Databricksで完全履修!オールインワンレイクハウスは実在した!
akuwano
0
110
Dynamic Reteaming And Self Organization
miholovesq
3
640
От ручной разметки к LLM: как мы создавали облако тегов в Lamoda. Анастасия Ангелова, Data Scientist, Lamoda Tech
lamodatech
0
800
今日からはじめるプラットフォームエンジニアリング
jacopen
8
1.6k
10ヶ月かけてstyled-components v4からv5にアップデートした話
uhyo
2
130
AIコーディングの最前線 〜活用のコツと課題〜
pharma_x_tech
4
2.4k
PostgreSQL Log File Mastery: Optimizing Database Performance Through Advanced Log Analysis
shiviyer007
PRO
0
130
PdM採用とAIの製品活用を同時に頑張ってみた話 / EM oasis 20250418
rakus_dev
0
120

Featured

See All Featured
Speed Design
sergeychernyshev
29
900
Intergalactic Javascript Robots from Outer Space
tanoku
270
27k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Fontdeck: Realign not Redesign
paulrobertlloyd
83
5.5k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
52
2.4k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Typedesign – Prime Four
hannesfritz
41
2.6k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
The Cult of Friendly URLs
andyhume
78
6.3k
Writing Fast Ruby
sferik
628
61k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Why Our Code Smells
bkeepers
PRO
336
57k

Transcript

  1. Copyright @ 2017 Aqua Security Software Ltd. All Rights Reserved.

    A debugger from scratch Liz Rice @lizrice

  2. 2 @lizrice ptrace The ptrace() system call provides a means

    by which one process (the "tracer") may observe and control the execution of another process (the "tracee"), and examine and change the tracee's memory and registers. It is primarily used to implement breakpoint debugging and system call tracing.

  3. 3 @lizrice ptrace

  4. 4 @lizrice func f3() int { var j int j

    = 0x44444444 return i + j } Source code MOVQ BP, 0x8(SP) LEAQ 0x8(SP), BP MOVQ $0x0, 0x20(SP) MOVQ $0x0, 0(SP) MOVQ $0x44444444, 0(SP) MOVQ 0x18(SP), AX ADDQ $0x44444444, AX MOVQ AX, 0x20(SP) MOVQ 0x8(SP), BP ADDQ $0x10, SP SUBQ $0x10, SP JMP main.f2(SB) Machine code

  5. 5 @lizrice MOVQ BP, 0x8(SP) LEAQ 0x8(SP), BP MOVQ $0x0,

    0x20(SP) MOVQ $0x0, 0(SP) MOVQ $0x44444444, 0(SP) MOVQ 0x18(SP), AX ADDQ $0x44444444, AX MOVQ AX, 0x20(SP) MOVQ 0x8(SP), BP ADDQ $0x10, SP Program Counter CPU Registers SUBQ $0x10, SP JMP main.f2(SB) Machine code

  6. 6 @lizrice MOVQ BP, 0x8(SP) LEAQ 0x8(SP), BP MOVQ $0x0,

    0x20(SP) MOVQ $0x0, 0(SP) MOVQ 0x18(SP), AX ADDQ $0x44444444, AX MOVQ AX, 0x20(SP) MOVQ 0x8(SP), BP ADDQ $0x10, SP Program Counter CPU Registers 0xCC SUBQ $0x10, SP JMP main.f2(SB) Machine code

  7. 7 @lizrice MOVQ BP, 0x8(SP) LEAQ 0x8(SP), BP MOVQ $0x0,

    0x20(SP) MOVQ $0x0, 0(SP) MOVQ 0x18(SP), AX ADDQ $0x44444444, AX MOVQ AX, 0x20(SP) MOVQ 0x8(SP), BP ADDQ $0x10, SP 0xCC SUBQ $0x10, SP JMP main.f2(SB) Machine code func f3() int { var j int j = 0x44444444 return i + j } Source code

  8. 8 @lizrice address to return to parameters & return values

    local variables CPU Registers Base Pointer address to return to Stack Pointer Program Counter Program Counter Base Pointer Call Stack Previous stack frame Previous stack frame address to return to parameters & return values

  9. Copyright @ 2017 Aqua Security Software Ltd. All Rights Reserved.

    github.com/lizrice/debugger-from-scratch with thanks to @mlowicki & @philpearl @lizrice