内核模块 oops 堆栈回溯

kernel panic, oops, warn(dump_stack)会打印函数调用栈, 例如:

[  556.107661] [] g_loop_setup+0x30/0x300 [g_loop]
[  556.113744] [] dwc3_ep0_delegate_req+0x2c/0x48
[  556.119742] [] dwc3_ep0_interrupt+0x398/0x6c8
[  556.125653] [] dwc3_thread_interrupt+0x590/0x898
[  556.131827] [] irq_thread_fn+0x28/0x68
[  556.137128] [] irq_thread+0x114/0x198
[  556.142345] [] kthread+0x12c/0x130
[  556.147301] [] ret_from_fork+0x10/0x18

 

但内核自带的dump_stack无法打印出来函数的行数,

即使加载的内核模块是有debug信息的... (可用readelf -S binfile | grep debug来看)

river@android:~/g_loop$ aarch64-linux-gnu-readelf -S g_loop.ko | grep debug
  [15] .debug_info       PROGBITS         0000000000000000  00001000
  [16] .rela.debug_info  RELA             0000000000000000  00020ed8
  [17] .debug_abbrev     PROGBITS         0000000000000000  00011e13
  [18] .debug_loc        PROGBITS         0000000000000000  000129d4
  [19] .rela.debug_loc   RELA             0000000000000000  0003a9a8
  [20] .debug_aranges    PROGBITS         0000000000000000  00012de2
  [21] .rela.debug_arang RELA             0000000000000000  0003b188
  [22] .debug_ranges     PROGBITS         0000000000000000  00012e52
  [23] .rela.debug_range RELA             0000000000000000  0003b200
  [24] .debug_line       PROGBITS         0000000000000000  00012f82
  [25] .rela.debug_line  RELA             0000000000000000  0003b4a0
  [26] .debug_str        PROGBITS         0000000000000000  00014060
  [29] .debug_frame      PROGBITS         0000000000000000  0001f788
  [30] .rela.debug_frame RELA             0000000000000000  0003b4e8

故需要使用addr2line, gdb, objdump等工具来找到具体函数的行数.

1. addr2line

    - cat /proc/modules

g_loop 16384 0 - Live 0xffffff8000ac9000 (O)
uio_pdrv_genirq 16384 0 - Live 0xffffff8000a60000

    - 计算偏移量, ffffff8000ac9098 - ffffff8000ac9000

    即偏移98

 

    - aarch64-linux-gnu-addr2line 0x98 -e g_loop.ko即可 (需使用交叉编译工具链中的addr2line)

 

2. gdb

    - gdb更为简单

    - list *(g_loop_setup+0x30)

    即可

---