举个kernel-panic的例子
[ 2590.185432] Unable to handle kernel paging request at virtual address 00100110
[ 2590.192874] pgd = c0004000
[ 2590.192881] [00100110] *pgd=00000000
[ 2590.192891] Internal error: Oops: 17 [#1] PREEMPT SMP
[ 2590.192897] last sysfs file: /sys/devices/virtual/timed_output/vibrator/enable
[ 2590.192905] Modules linked in:
[ 2590.192916] CPU: 1 Tainted: G W (2.6.39.4-05422-g9d29c5e-dirty #96)
[ 2590.192935]
PC is at handle_unpin+0x1c/0x1ac
[ 2590.192957] LR is at __mutex_lock_slowpath+0x2e8/0x324
[ 2590.192966] pc : [<c0246e7c>] lr : [<c0522238>] psr: 40000013
[ 2590.192971] sp : da961e88 ip : 22222222 fp : ed469c54
[ 2590.192978] r10: ed291e00 r9 : ed291fc8 r8 : da960000
[ 2590.192985] r7 : 00000000 r6 : 00100100 r5 : dfe89434 r4 : ed461a60
[ 2590.192993] r3 : da960000 r2 : da961e80 r1 : 22222222 r0 : da961e58
[ 2590.193002] Flags: nZcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment kernel
[ 2590.193011] Control: 10c5387d Table: 2d25804a DAC: 00000015
[ 2590.193018]
[ 2590.193020] PC: 0xc0246dfc:
[ 2590.193024] 6dfc ebf8ee9a e1a0200d e3c23d7f e59f1044 e3c3303f e59f0040 e593200c e2822fbb
[ 2590.193040] 6e1c eb0b65ae ea000003 1a000002 e1a00004 eb000e98 ea000000 e3a08000 e1a00008
[ 2590.193056] 6e3c e28dd014 e8bd8ff0 c063581c c0549310 c0742e04 c06357e2 c05492fc c06355e3
[ 2590.193072] 6e5c c0717a7c e92d40f7 e1a04000 e5900008 e1a06001 e1a07002 e2800034 eb0b6efc
[ 2590.193087] 6e7c e5965010 e2863010 e3550000 1a00000f e1a00004 eb000533 e1a0200d e3c23d7f
[ 2590.193103] 6e9c e59f1150 e3c3303f e59f214c e593300c e5933230 e58d6000 e2833fbb eb00b93a
[ 2590.193119] 6ebc e5940008 e2800034 eb0b6bc1 ea000047 e5d6204b e3520001 0a000002 e59f011c
[ 2590.193135] 6edc e3a0106a ebf80c07 f57ff05f e1932f9f e2422001 e1831f92 e3310000 1afffffa
[ 2590.193154] LR: 0xc05221b8:
[ 2590.193158] 21b8 e59f00b0 e3a010fd ebed81a9 eaffffb8 e1a0200d e1a00004 e3c26d7f e1a0100d
[ 2590.193173] 21d8 e3c6603f e1a02006 ebee1fd9 e594300c e5846014 e1530007 03a03000 05843000
[ 2590.193189] 21f8 f57ff05f e3a03000 e2844004 e5843000 f57ff04f e320f004 e121f005 e1a0100d
[ 2590.193205] 2218 e3c13d7f e3c3303f e5933000 e3130002 0a000000 ebfffd23 e1a0000d ebee206f
[ 2590.193221] 2238 e1a0200d e3c23d7f e3c3303f e5932004 e2422001 e5832004 e5933000 e3130002
[ 2590.193237] 2258 0a000000 ebfffd17 e28dd014 e8bd8ff0 c0747a48 c0963090 c06190d9 e92d4ff0
[ 2590.193253] 2278 e24dd014 e1a0100d e1a04000 e3c13d7f e3c3303f e5932004 e593600c e2822001
[ 2590.193269] 2298 e5832004 e59f2388 e5922000 e3520000 1a00000e e5933004 e3c3333f e3c330ff
[ 2590.193285]
[ 2590.193287] SP: 0xda961e08:
[ 2590.193291] 1e08 edc60000 0000000f dd894cb8 0000025a 60000013 00000001 00000003 3532205b
[ 2590.193307] 1e28 322e3938 0000040f 00000007 00100100 00000000 c0046730 da961e58 22222222
[ 2590.193323] 1e48 da961e80 da960000 ed461a60 dfe89434 00100100 00000000 da960000 ed291fc8
[ 2590.193339] 1e68 ed291e00 ed469c54 22222222 da961e88 c0522238 c0246e7c 40000013 ffffffff
[ 2590.193354] 1e88 ed461a60 00100100 00000000 dfe89420 dfe89434 ed461a60 da961f00 c024710c
[ 2590.193370] 1ea8 dfdc87a0 00000002 edc2d80c edc2d80c 00000001 dfe89420 ed469c00 c0243f78
[ 2590.193386] 1ec8 ed469c00 ed469c48 00000000 d8c6cda0 d35806c0 edc2d80c edc2d80c c003fc60
[ 2590.193402] 1ee8 c003fc60 c003e9a0 00000003 00000002 ed469c48 ed291e00 dfe89420 d8c6cda0
[ 2590.193418]
[ 2590.193420] FP: 0xed469bd4:
[ 2590.193424] 9bd4 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 2590.193439] 9bf4 00000000 00000000 00000000 ed464000 00000000 ed469c08 ed469c08 00000000
[ 2590.193455] 9c14 00000000 c07181e8 00000000 00000002 00000001 00000000 c05491d0 ed6dd404
[ 2590.193470] 9c34 ed6dd404 0fb00001 00000001 ed469a00 ed461a60 ed469c00 00000000 ed18c460
[ 2590.193486] 9c54 00000001 00000000 00000000 ed469c60 ed469c60 00000000 00000000 ed469c54
[ 2590.193501] 9c74 d8c11ca0 00000000 00000000 ed463740 ed469c00 00000001 ed18c460 00000001
[ 2590.193516] 9c94 00000000 00000000 ed469c9c ed469c9c 00000000 00000000 ed469c90 d8c11a80
[ 2590.193532] 9cb4 00000000 00000000 ed4636e0 ed469c00 00000002 ed18c460 00000001 00000000
[ 2590.193548]
[ 2590.193550] R0: 0xda961dd8:
[ 2590.193554] 1dd8 c0747a54 c0747a54 da961df4 c05216fc 00000060 00000001 00000001 c00838c8
[ 2590.193569] 1df8 22222222 c0747a54 a92fb7e9 00000143 edc60000 0000000f dd894cb8 0000025a
[ 2590.193585] 1e18 60000013 00000001 00000003 3532205b 322e3938 0000040f 00000007 00100100
[ 2590.193600] 1e38 00000000 c0046730 da961e58 22222222 da961e80 da960000 ed461a60 dfe89434
[ 2590.193616] 1e58 00100100 00000000 da960000 ed291fc8 ed291e00 ed469c54 22222222 da961e88
[ 2590.193632] 1e78 c0522238 c0246e7c 40000013 ffffffff ed461a60 00100100 00000000 dfe89420
[ 2590.193647] 1e98 dfe89434 ed461a60 da961f00 c024710c dfdc87a0 00000002 edc2d80c edc2d80c
............................
[ 2590.194777] [<c0246e7c>] (
handle_unpin+0x1c/0x1ac) from [<c024710c>] (nvmap_unpin+0x84/0xbc)
[ 2590.194793] [<c024710c>] (nvmap_unpin+0x84/0xbc) from [<c0243f78>] (tegra_dc_ext_flip_worker+0x33c/0x39c)
[ 2590.194822] [<c0243f78>] (tegra_dc_ext_flip_worker+0x33c/0x39c) from [<c0094b98>] (process_one_work+0x254/0x3b0)
[ 2590.194840] [<c0094b98>] (process_one_work+0x254/0x3b0) from [<c00950d8>] (worker_thread+0x228/0x3e8)
[ 2590.194861] [<c00950d8>] (worker_thread+0x228/0x3e8) from [<c009aa84>] (kthread+0x80/0x88)
[ 2590.194884] [<c009aa84>] (kthread+0x80/0x88) from [<c0047698>] (kernel_thread_exit+0x0/0x8)
[ 2590.194898] Code: e1a06001 e1a07002 e2800034 eb0b6efc (e5965010)
当pc在handle_unpin+0x1c的时候,往下运行出现了严重的错误,所以就出现了panic。
1.利用arm-linux-gnueabi-objdump -D vmlinux > kernel_dump.txt 查看handle_unpin+0x1c位置的汇编代码。
2.要么利用 arm-linux-gnueabi-gdb vmlinux
(gdb) l *handle_unpin+0x1c
0xc0246e7c is in handle_unpin (/home/*****/nvmap.c:99).
94 struct nvmap_handle *h, int free_vm)
95 {
96 int ret = 0;
97 nvmap_mru_lock(client->share);
98
99 if (atomic_read(&h->pin) == 0) {
100 nvmap_err(client, "%s unpinning unpinned handle %p\n",
101 current->group_leader->comm, h);
102 nvmap_mru_unlock(client->share);
103 return 0;
gdb都精确的定位到第99行了。
根据Unable to handle kernel paging request at virtual address 00100110
handle_unpin函数中的h指针为错误指针。剩下的精力就是放在什么时候,在什么地方这个值被修改了,为什么被修改了。