Speaker
Description
Kernel debugging takes a variety of forms, but when a "real debugger" is required, you usually need to have debuginfo, and the standard kind of debuginfo is usually DWARF.
While DWARF is very powerful, it's not always the right choice for every situation. Fortunately, the kernel already contains nearly enough introspection information to power basic debugging operations. Kallsyms can provide symbol table information, while BTF or CTF could provide type information. For stack unwinding, frame pointers and ORC can be used.
This talk is a status report on the "DWARFless Debugging" project in Drgn, which aims to add support for debugging the kernel without DWARF debuginfo. We'll discuss the status, how it works, and go into some of the challenges we face.
