From 411717644a7fc8766ce394ad0a984bce929fe13e Mon Sep 17 00:00:00 2001
From: Chris Guest <chrisguest75@users.noreply.github.com>
Date: Thu, 24 Oct 2024 22:57:38 +0100
Subject: [PATCH 1/3] feat(coredump): :sparkles: Add a coredump and debug
 example that I can single step.

---
 A5_coredump/Dockerfile.processor | 33 +++++++++++++++++++++++++++
 A5_coredump/README.md            | 39 ++++++++++++++++++++++++++++++++
 2 files changed, 72 insertions(+)
 create mode 100644 A5_coredump/Dockerfile.processor
 create mode 100644 A5_coredump/README.md

diff --git a/A5_coredump/Dockerfile.processor b/A5_coredump/Dockerfile.processor
new file mode 100644
index 0000000..db04ec4
--- /dev/null
+++ b/A5_coredump/Dockerfile.processor
@@ -0,0 +1,33 @@
+# syntax=docker/dockerfile:1.4
+FROM ubuntu:22.04 as BASE
+
+WORKDIR /scratch
+
+COPY --chmod=755 <<EOF /bin/configure_container.sh
+apt-get update 
+apt-get install lsb-release debian-goodies cpuinfo curl ca-certificates gpg ubuntu-dbgsym-keyring gdb -y 
+
+echo "deb http://ddebs.ubuntu.com $(lsb_release -cs) main restricted universe multiverse
+deb http://ddebs.ubuntu.com $(lsb_release -cs)-updates main restricted universe multiverse
+deb http://ddebs.ubuntu.com $(lsb_release -cs)-proposed main restricted universe multiverse" | \
+tee -a /etc/apt/sources.list.d/ddebs.list
+
+apt-get update
+
+EOF
+
+RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
+    --mount=type=cache,target=/var/lib/apt,sharing=locked \
+    /bin/configure_container.sh
+
+
+# NOTE: Escape the \$ otherwise they are rendered at buildtime
+COPY --chmod=755 <<EOF /bin/debug.sh
+#!/usr/bin/env bash
+
+EOF
+
+ENV DEBUGINFOD_URLS="https://debuginfod.ubuntu.com"
+RUN set debuginfod enabled on
+ENTRYPOINT ["/bin/bash", "-c", " /bin/debug.sh"]
+
diff --git a/A5_coredump/README.md b/A5_coredump/README.md
new file mode 100644
index 0000000..6c640b5
--- /dev/null
+++ b/A5_coredump/README.md
@@ -0,0 +1,39 @@
+# COREDUMP
+
+Demonstrate how to debug a dumped process.  
+
+TODO:
+
+* Single step a process with symbols with gdb
+* Attach to gdb as a remote debugger
+* Attach with vscode
+
+## Build
+
+```bash
+docker buildx build --load --progress=plain -f Dockerfile.processor -t processor .
+
+docker run --rm -it processor
+
+docker run --rm -it --entrypoint /bin/bash processor
+
+gdb -q /bin/bash
+readelf -n /usr/bin/bash
+```
+
+## Forcing Crashes
+
+```sh
+echo c > /proc/sysrq-trigger
+
+kill -SIGKILL PID
+pidof program_name
+```
+
+## Resources
+
+- https://learn.microsoft.com/en-us/sysinternals/downloads/notmyfault
+- https://blog.technodrone.cloud/2012/03/cause-linux-kernel-panic-or-windows.html
+- Debug symbols https://ubuntu.com/server/docs/debug-symbol-packages
+- https://ubuntu.com/server/docs/about-debuginfod
+- https://sourceware.org/elfutils/Debuginfod.html
\ No newline at end of file

From 3e949e88589f4a00b8241e35b8544e898e10fe2d Mon Sep 17 00:00:00 2001
From: Chris Guest <chrisguest75@users.noreply.github.com>
Date: Sun, 17 Nov 2024 21:08:38 +0000
Subject: [PATCH 2/3] feat(coredump): :sparkles: Add justfile and extra links

---
 A5_coredump/Dockerfile.processor |  2 +-
 A5_coredump/README.md            | 19 ++++++++-------
 A5_coredump/justfile             | 40 ++++++++++++++++++++++++++++++++
 3 files changed, 52 insertions(+), 9 deletions(-)
 create mode 100644 A5_coredump/justfile

diff --git a/A5_coredump/Dockerfile.processor b/A5_coredump/Dockerfile.processor
index db04ec4..40dc509 100644
--- a/A5_coredump/Dockerfile.processor
+++ b/A5_coredump/Dockerfile.processor
@@ -24,7 +24,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
 # NOTE: Escape the \$ otherwise they are rendered at buildtime
 COPY --chmod=755 <<EOF /bin/debug.sh
 #!/usr/bin/env bash
-
+echo "Started"
 EOF
 
 ENV DEBUGINFOD_URLS="https://debuginfod.ubuntu.com"
diff --git a/A5_coredump/README.md b/A5_coredump/README.md
index 6c640b5..1b03e87 100644
--- a/A5_coredump/README.md
+++ b/A5_coredump/README.md
@@ -11,11 +11,11 @@ TODO:
 ## Build
 
 ```bash
-docker buildx build --load --progress=plain -f Dockerfile.processor -t processor .
+just build
 
-docker run --rm -it processor
+just start
 
-docker run --rm -it --entrypoint /bin/bash processor
+just debug
 
 gdb -q /bin/bash
 readelf -n /usr/bin/bash
@@ -24,6 +24,7 @@ readelf -n /usr/bin/bash
 ## Forcing Crashes
 
 ```sh
+# readonly filesystem does not allow it
 echo c > /proc/sysrq-trigger
 
 kill -SIGKILL PID
@@ -32,8 +33,10 @@ pidof program_name
 
 ## Resources
 
-- https://learn.microsoft.com/en-us/sysinternals/downloads/notmyfault
-- https://blog.technodrone.cloud/2012/03/cause-linux-kernel-panic-or-windows.html
-- Debug symbols https://ubuntu.com/server/docs/debug-symbol-packages
-- https://ubuntu.com/server/docs/about-debuginfod
-- https://sourceware.org/elfutils/Debuginfod.html
\ No newline at end of file
+- NotMyFault v4.21 (windows only) [here](https://learn.microsoft.com/en-us/sysinternals/downloads/notmyfault)
+- Cause a Linux Kernel Panic or a Windows BSOD [here](https://blog.technodrone.cloud/2012/03/cause-linux-kernel-panic-or-windows.html)
+- Debug symbol packages [here](https://ubuntu.com/server/docs/debug-symbol-packages)
+- About debuginfod [here](https://ubuntu.com/server/docs/about-debuginfod)
+- ELFUTILS DEBUGINFOD [here](https://sourceware.org/elfutils/Debuginfod.html)  
+- Pleasant debugging with GDB and DDD [here](https://begriffs.com/posts/2022-07-17-debugging-gdb-ddd.html#gdb-front-ends)
+- Configuring and Managing Core Dumps in Linux [here](https://www.baeldung.com/linux/managing-core-dumps)  
\ No newline at end of file
diff --git a/A5_coredump/justfile b/A5_coredump/justfile
new file mode 100644
index 0000000..0a0b160
--- /dev/null
+++ b/A5_coredump/justfile
@@ -0,0 +1,40 @@
+set dotenv-load := true
+
+export IMAGE_NAME:='a5_core_dump'
+
+# default lists actions
+default:
+  @just -f justfile --list
+
+
+build distro="processor":
+  #!/usr/bin/env bash
+  docker buildx build --progress=plain --load -f "Dockerfile.{{ distro }}" -t "${IMAGE_NAME}_{{ distro }}:latest" .
+
+start distro="processor": (build distro)
+  #!/usr/bin/env bash
+  docker run -it --rm "${IMAGE_NAME}_{{ distro }}:latest"
+
+debug distro="processor": (build distro)
+  #!/usr/bin/env bash
+  docker run -it --rm --entrypoint /bin/bash "${IMAGE_NAME}_{{ distro }}:latest"
+
+dive distro="processor": (build distro)
+  #!/usr/bin/env bash
+  dive "${IMAGE_NAME}_{{ distro }}:latest"
+
+details distro="processor": (build distro)
+  #!/usr/bin/env bash
+  @echo "******************************"
+  @echo "** Labels"
+  @echo "******************************"
+  docker inspect -f '{{{{ .Config.Labels }}}}' "${IMAGE_NAME}_{{ distro }}:latest"
+  @echo "******************************"
+  @echo "** Dive CI"
+  @echo "******************************"
+  dive "${IMAGE_NAME}_{{ distro }}:latest" --ci || true
+  @echo "******************************"
+  @echo "** Size"
+  @echo "******************************"
+  container-diff analyze --json daemon://"${IMAGE_NAME}_{{ distro }}:latest" | jq .
+

From dfc3ff3efb1467616b08e22ab94e8b4f94af8894 Mon Sep 17 00:00:00 2001
From: Chris Guest <chrisguest75@users.noreply.github.com>
Date: Sun, 1 Dec 2024 20:57:01 +0000
Subject: [PATCH 3/3] docs: :memo: Update example instructions.

---
 A5_coredump/README.md | 33 +++++++++++++++++++++++++++------
 1 file changed, 27 insertions(+), 6 deletions(-)

diff --git a/A5_coredump/README.md b/A5_coredump/README.md
index 1b03e87..8b07c95 100644
--- a/A5_coredump/README.md
+++ b/A5_coredump/README.md
@@ -4,9 +4,12 @@ Demonstrate how to debug a dumped process.
 
 TODO:
 
-* Single step a process with symbols with gdb
-* Attach to gdb as a remote debugger
-* Attach with vscode
+- Single step a process with symbols with gdb
+- Attach with vscode
+
+## Glossary
+
+- elfutils debuginfod is a client/server in elfutils 0.178+ that automatically distributes elf/dwarf/source-code from servers to clients such as debuggers across HTTP. [source](https://sourceware.org/elfutils/Debuginfod.html)
 
 ## Build
 
@@ -16,14 +19,28 @@ just build
 just start
 
 just debug
+```
 
+## Forcing Crashes
+
+Inside the container.  
+
+```sh
 gdb -q /bin/bash
 readelf -n /usr/bin/bash
-```
 
-## Forcing Crashes
+# start sleep and dump 
+sleep 500 &
+gcore -o sleep [pid]  
+
+# source is not available
+gdb sleep ./sleep.11 
+```
 
 ```sh
+# variables associated to core
+sysctl --all | grep core
+
 # readonly filesystem does not allow it
 echo c > /proc/sysrq-trigger
 
@@ -39,4 +56,8 @@ pidof program_name
 - About debuginfod [here](https://ubuntu.com/server/docs/about-debuginfod)
 - ELFUTILS DEBUGINFOD [here](https://sourceware.org/elfutils/Debuginfod.html)  
 - Pleasant debugging with GDB and DDD [here](https://begriffs.com/posts/2022-07-17-debugging-gdb-ddd.html#gdb-front-ends)
-- Configuring and Managing Core Dumps in Linux [here](https://www.baeldung.com/linux/managing-core-dumps)  
\ No newline at end of file
+- Configuring and Managing Core Dumps in Linux [here](https://www.baeldung.com/linux/managing-core-dumps)  
+- core - core dump file [here](https://man7.org/linux/man-pages/man5/core.5.html)
+- Configuring core dumps in docker [here](https://ddanilov.me/how-to-configure-core-dump-in-docker-container)
+- The Core Pattern (core_pattern), or how to specify filename and path for core dumps [here](https://sigquit.wordpress.com/2009/03/13/the-core-pattern/)
+