12 如何分析kernel panic?
内容
- 使用gdb分析
- windows下,gdb可以使用NDK里的或者是GAT里的:gat-win32-3\prebuilt\android-sdk\bin\startGDB.bat(32bit kernel)或startGDB64.bat(64bit kernel)
- linux下,可以使用prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.8/bin/arm-linux-androideabi-gdb (32bit kernel)或prebuilts/gcc/linux-x86/aarch64/arch64-linux-android-4.9/bin/aarch64-linux-android-gdb(64bit kernel)。其中的4.8或4.9是版本,最好使用最新的版本。
- 直接启动gdb,进入gdb命令行,然后将vmlinux和SYS_MINI_RDUMP放到gdb所在的目录中,直接输入如下命令:
- file vmlinux
- core SYS_MINI_RDUMP
- bt
- 最后的bt是查看当前的调用栈,其他命令的话,直接到官方网站看手册即可。
- 如果是HWT(看门狗复位),可以通过info threads看到其他CPU的状态和调用栈,用thread 2/3/4...切换不同的CPU,thread 2 => 切换到CPU0,thread 3 => 切换到CPU1,以此类推。
- 使用trace32分析
- 将匹配的vmlinux放入db解开的目录中,将以下内容保存成debug.cmm:
- [XML]hide123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205
local &off
if os.file.size("SYS_MINI_RDUMP")<=0x2000
(
dialog
(
header "File is incomplete"
pos 0. 0. 26. 1.
text "SYS_MINI_RDUMP is incomplete."
pos 1. 3. 22. 1.
defbutton "OK" "quit"
close "quit"
)
enddo
)
do ~~/t32.cmm
system.reset
d.load.binary SYS_MINI_RDUMP VM:0--0x2000
if d.word(VM:0x12)==0xb7
(
system.cpu CortexA53
)
if d.word(VM:0x12)==0x28
(
system.cpu CortexA7
)
system.up
d.load.elf symbols\vmlinux /nc
d.load.elf SYS_MINI_RDUMP /nc /nosymbol /logload
if d.word(VM:0x12)==0xb7
(
&off=d.quad(VM:0x48)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+((d.long(VM:(&off+4))+3)&~3)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+0x70
r.s CPSR d.quad(VM:(&off+0x108))
r.s X0 d.quad(VM:(&off+0x00))
r.s X1 d.quad(VM:(&off+0x08))
r.s X2 d.quad(VM:(&off+0x10))
r.s X3 d.quad(VM:(&off+0x18))
r.s X4 d.quad(VM:(&off+0x20))
r.s X5 d.quad(VM:(&off+0x28))
r.s X6 d.quad(VM:(&off+0x30))
r.s X7 d.quad(VM:(&off+0x38))
r.s X8 d.quad(VM:(&off+0x40))
r.s X9 d.quad(VM:(&off+0x48))
r.s X10 d.quad(VM:(&off+0x50))
r.s X11 d.quad(VM:(&off+0x58))
r.s X12 d.quad(VM:(&off+0x60))
r.s X13 d.quad(VM:(&off+0x68))
r.s X14 d.quad(VM:(&off+0x70))
r.s X15 d.quad(VM:(&off+0x78))
r.s X16 d.quad(VM:(&off+0x80))
r.s X17 d.quad(VM:(&off+0x88))
r.s X18 d.quad(VM:(&off+0x90))
r.s X19 d.quad(VM:(&off+0x98))
r.s X20 d.quad(VM:(&off+0xA0))
r.s X21 d.quad(VM:(&off+0xA8))
r.s X22 d.quad(VM:(&off+0xB0))
r.s X23 d.quad(VM:(&off+0xB8))
r.s X24 d.quad(VM:(&off+0xC0))
r.s X25 d.quad(VM:(&off+0xC8))
r.s X26 d.quad(VM:(&off+0xD0))
r.s X27 d.quad(VM:(&off+0xD8))
r.s X28 d.quad(VM:(&off+0xE0))
r.s X29 d.quad(VM:(&off+0xE8))
r.s X30 d.quad(VM:(&off+0xF0))
r.s SP d.quad(VM:(&off+0xF8))
r.s PC d.quad(VM:(&off+0x100))
)
if d.word(VM:0x12)==0x28
(
&off=d.long(VM:0x38)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+((d.long(VM:(&off+4))+3)&~3)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+0x48
r.s CPSR d.long(VM:(&off+0x40))
r.s R0 d.long(VM:(&off+0x00))
r.s R1 d.long(VM:(&off+0x04))
r.s R2 d.long(VM:(&off+0x08))
r.s R3 d.long(VM:(&off+0x0c))
r.s R4 d.long(VM:(&off+0x10))
r.s R5 d.long(VM:(&off+0x14))
r.s R6 d.long(VM:(&off+0x18))
r.s R7 d.long(VM:(&off+0x1c))
r.s R8 d.long(VM:(&off+0x20))
r.s R9 d.long(VM:(&off+0x24))
r.s R10 d.long(VM:(&off+0x28))
r.s R11 d.long(VM:(&off+0x2c))
r.s R12 d.long(VM:(&off+0x30))
r.s R13 d.long(VM:(&off+0x34))
r.s R14 d.long(VM:(&off+0x38))
r.s R15 d.long(VM:(&off+0x3c))
)
setup.v %hex.on %string.on
winclear
winpos 0% 0% 50% 100%
w.v.f /a /l
winpos 50% 0%
w.r
winpos 50% 30%
d.l
- 然后用Trace32加载debug.cmm,如果是32位的,需要用ARM32的trace32加载,如果是64位的则是ARM64的trace32加载。
- 使用gdb分析
- linux下,使用crash,crash搭建请看FAQ13939。
- 将vmlinux和SYS_CORE_DUMP放到crash所在的目录中,直接输入:crash vmlinux SYS_COREDUMP即可进入crash命令行:
- bt
- bt是查看当前的调用栈,其他命令的话,直接到官方网站看手册即可。
- 使用trace32分析
- 将匹配的vmlinux放入db解开的目录中,将以下内容保存成debug.cmm:
- [XML]hide123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267
local &off
if os.file.size("SYS_COREDUMP")<=0x2000
(
dialog
(
header "File is incomplete"
pos 0. 0. 26. 1.
text "SYS_COREDUMP is incomplete."
text "May be HW reboot db?"
pos 2. 3. 22. 1.
defbutton "OK" "quit"
close "quit"
)
enddo
)
do ~~/t32.cmm
system.reset
d.load.binary SYS_COREDUMP VM:0--0x2000
if d.word(VM:0x12)==0xb7
(
system.cpu CortexA53
)
if d.word(VM:0x12)==0x28
(
system.cpu CortexA7
)
system.option mmuspaces on
system.up
d.load.elf symbols\vmlinux /nc
d.load.elf SYS_COREDUMP /nc /nosymbol /physload
if d.word(VM:0x12)==0xb7
(
&off=d.quad(VM:0x48)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+((d.long(VM:(&off+4))+3)&~3)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+((d.long(VM:(&off+4))+3)&~3)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+0x70
r.s CPSR d.quad(VM:(&off+0x108))
r.s X0 d.quad(VM:(&off+0x00))
r.s X1 d.quad(VM:(&off+0x08))
r.s X2 d.quad(VM:(&off+0x10))
r.s X3 d.quad(VM:(&off+0x18))
r.s X4 d.quad(VM:(&off+0x20))
r.s X5 d.quad(VM:(&off+0x28))
r.s X6 d.quad(VM:(&off+0x30))
r.s X7 d.quad(VM:(&off+0x38))
r.s X8 d.quad(VM:(&off+0x40))
r.s X9 d.quad(VM:(&off+0x48))
r.s X10 d.quad(VM:(&off+0x50))
r.s X11 d.quad(VM:(&off+0x58))
r.s X12 d.quad(VM:(&off+0x60))
r.s X13 d.quad(VM:(&off+0x68))
r.s X14 d.quad(VM:(&off+0x70))
r.s X15 d.quad(VM:(&off+0x78))
r.s X16 d.quad(VM:(&off+0x80))
r.s X17 d.quad(VM:(&off+0x88))
r.s X18 d.quad(VM:(&off+0x90))
r.s X19 d.quad(VM:(&off+0x98))
r.s X20 d.quad(VM:(&off+0xA0))
r.s X21 d.quad(VM:(&off+0xA8))
r.s X22 d.quad(VM:(&off+0xB0))
r.s X23 d.quad(VM:(&off+0xB8))
r.s X24 d.quad(VM:(&off+0xC0))
r.s X25 d.quad(VM:(&off+0xC8))
r.s X26 d.quad(VM:(&off+0xD0))
r.s X27 d.quad(VM:(&off+0xD8))
r.s X28 d.quad(VM:(&off+0xE0))
r.s X29 d.quad(VM:(&off+0xE8))
r.s X30 d.quad(VM:(&off+0xF0))
r.s SP d.quad(VM:(&off+0xF8))
r.s PC d.quad(VM:(&off+0x100))
per.s spr:0x30201 %quad d.quad(VM:0x90)+0x7d000
per.s spr:0x30202 %quad 0x00000032B5193519
per.s spr:0x30100 %quad 0x0000000004C5D93D
trans.common 0xFFFFFF8000000000--0xFFFFFFFFFFFFFFFF
task.config "~~/demo/arm64/kernel/linux/linux-3.x/linux3"
menu.rp "~~/demo/arm64/kernel/linux/linux-3.x/linux"
task.setdir "~~/demo/arm64/kernel/linux/linux-3.x/"
y.autoload.checklinux "do ~~/demo/arm64/kernel/linux/linux-3.x/autoload "
)
if d.word(VM:0x12)==0x28
(
&off=d.long(VM:0x38)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+((d.long(VM:(&off+4))+3)&~3)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+((d.long(VM:(&off+4))+3)&~3)
&off=&off+0xc+((d.long(VM:&off)+3)&~3)+0x48
r.s CPSR d.long(VM:(&off+0x40))
r.s R0 d.long(VM:(&off+0x00))
r.s R1 d.long(VM:(&off+0x04))
r.s R2 d.long(VM:(&off+0x08))
r.s R3 d.long(VM:(&off+0x0c))
r.s R4 d.long(VM:(&off+0x10))
r.s R5 d.long(VM:(&off+0x14))
r.s R6 d.long(VM:(&off+0x18))
r.s R7 d.long(VM:(&off+0x1c))
r.s R8 d.long(VM:(&off+0x20))
r.s R9 d.long(VM:(&off+0x24))
r.s R10 d.long(VM:(&off+0x28))
r.s R11 d.long(VM:(&off+0x2c))
r.s R12 d.long(VM:(&off+0x30))
r.s R13 d.long(VM:(&off+0x34))
r.s R14 d.long(VM:(&off+0x38))
r.s R15 d.long(VM:(&off+0x3c))
per.s c15:0x2 %long d.long(VM:0x60)+0x4000
per.s c15:0x1 %long 1
trans.common 0xBF000000--0xFFFFFFFF
task.config "~~/demo/arm/kernel/linux/linux.t32"
menu.rp "~~/demo/arm/kernel/linux/linux.men"
task.setdir "~~/demo/arm/kernel/linux/"
y.autoload.checklinux "do ~~/demo/arm/kernel/linux/autoload "
)
trans.tablewalk on
trans.on
mmu.scan
help.filter.add rtoslinux
task.y.o mmuscan off
task.y.o rootpath "./"
task.y.o al m
task.y.o al cl
task.y.o al vm
task.o nm arg0comm
y.autoload.check
task.check
setup.v %hex.on %string.on
winclear
winpos 0% 0% 50% 100%
w.v.f /a /l
winpos 50% 0%
w.r
winpos 50% 30%
d.l
- 然后用Trace32加载debug.cmm,如果是32位的,需要用ARM32的trace32加载,如果是64位的则是ARM64的trace32加载。
12 如何分析kernel panic?相关推荐
- <2012 12 17> “Kernel panic - not syncing” 问题的解决
<2012 12 17> "Kernel panic - not syncing" 问题的解决 参考文章: (1)<2012 12 17> "Ke ...
- [crash分析]“Kernel panic - not syncing: Aiee, killing interrupt handler”“BUG: scheduling while atomic“
crash的直接提示信息"Kernel panic - not syncing: Aiee, killing interrupt handler!",不太常见.crash栈也没太多 ...
- [crash分析]Kernel panic - not syncing: Aiee, killing interrupt handler!
公司产品升级后,测试发现下发某个配置失败时会导致系统crash. crash查看栈显示如下,没有有用信息. crash> bt PID: 3348 TASK: ffff880175034e70 ...
- linux oops产生原理,kernel panic , Oops 等cpu异常的分析与定位
一.kernel panic 二.mips异常机制 三.linuxkernel 对mips异常的处理 四.kernel panic 实例分析 Kernel panic 内核代码,相比用户层代码更难以 ...
- Linux kernel Panic后自动重启机器的设置
Linux kernel Panic后自动重启机器的设置 方法1:内核配置命令行加入这句,崩溃后3秒重启: panic=3 make menuconfig 设置kernel系统参数: 方法2: vi ...
- Linux kernel panic 问题解决方案
===================================================== arm linux系统启动相关文章列表: arm linux系统启动流程 http://bl ...
- Kernel Panic 介绍
https://wiki.deepin.org/?title=Linux_kernel_panic 简介 内核错误就像名字所暗示的那样,它表示Linux kernel走到了一个不知道该怎么走下一步的状 ...
- Linux kernel panic问题解决方法
kernel panic错误表现 kernel panic 主要有以下几个出错提示: Kernel panic-not syncing fatal exception in interrupt ker ...
- Linux kernel panic解决方法
Linux kernel panic解决方法 kernel panic错误表现 kernel panic 主要有以下几个出错提示: Kernel panic-not syncing fatal exc ...
- Linux内核Kernel panic常见问题(详细)总结
目录 一.简介 1.1 hard panic 1.2 soft panic 二.常见问题 2.1 源码分析 2.2 硬件问题 2.3 系统过热 2.4 文件系统引起 2.5 内核更新 2.6 处理pa ...
最新文章
- SSH框架整合(代码加文字解释)
- figma导出android切图,谁再说Figma没办法导出标注和切图,你把这个插件转发给他...
- MyBatis中针对if-test的参数为指定值的xml写法
- HTTP 状态码常用对照表
- 单体系统如何拆分为微服务
- matlab求递归问题,matlab利用递归求解差分方程
- centos7 vsftpd默认端口修改
- [互联网]互联网公司的种类
- 企业SOA平台 JBoss SOA
- 操作系统-信号量机制;用信号量机制实现进程互斥、同步、前驱关系
- 计算机获得超级管理员,怎么获得Win7超级管理员权限
- 京东,想说爱你,并不容易!
- 连接git仓库失败解决办法
- 《水浒传》读后(5) 其它人物
- vue实现动态添加表单
- 英雄联盟 LCUAPI
- 图形图像处理案例3——爱心螺旋画,双心螺旋画
- selvert 小解
- 金融科技大数据产品推荐:百融信贷决策审批系统
- 使用pandas库读取数据
热门文章
- 华为首款鸿蒙平板发布,华为MatePad Pro发布亮相!华为首款鸿蒙平板全新体验!...
- 嵌入式开发培训多长时间?嵌入式课程怎么学?
- 2203-python跳转,窗口图标,提示框,消息盒子
- 流媒体播放器VLC media player
- Android重力感应器入门介绍
- 五 常见的计算机故障有哪些,六大常见的电脑故障原因
- 骇客基础知识:第3部分
- Ubuntu安装bluefish2.0.最新版本方法
- 《Celeste》 开发者是如何精心制作“冲刺”的
- 生活娱乐 如何像印度人学英语