我如何倾倒内核模块的堆栈?
请注意,我不想使用BUG(),因为这会杀死该过程。我只想丢弃堆栈。
示例:
[14027.797527] ------------[ cut here ]------------
[14027.797532] Kernel BUG at ffffffffa020e05e [verbose debug info unavailable]
[14027.797538] invalid opcode: 0000 [#3] SMP
[14027.797544] Modules linked in: monks(OF) snd_hrtimer(F) vboxsf(OF) vboxvideo(OF) drm bnep rfcomm bluetooth joydev(F) snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm(F) snd_page_alloc(F) snd_seq_midi(F) snd_seq_midi_event(F) snd_rawmidi(F) snd_seq(F) snd_seq_device(F) snd_timer(F) ppdev(F) parport_pc(F) snd(F) psmouse(F) lp(F) i2c_piix4 mac_hid vboxguest(OF) parport(F) microcode(F) serio_raw(F) soundcore(F) vesafb(F) hid_generic usbhid hid ahci(F) libahci(F) e1000(F) [last unloaded: monks]
[14027.797569] CPU 0
[14027.797576] Pid: 15169, comm: a.out Tainted: GF D O 3.8.0-29-generic #42-Ubuntu innotek GmbH VirtualBox/VirtualBox
[14027.797582] RIP: 0010:[<ffffffffa020e05e>] [<ffffffffa020e05e>] hooked_sys32_pre_close+0x3e/0x40 [monks]
[14027.797594] RSP: 0000:ffff880038787f3c EFLAGS: 00010286
[14027.797599] RAX: 0000000000000025 RBX: ffff88003b843c80 RCX: 00000000000057db
[14027.797604] RDX: 00000000000057db RSI: 0000000000000082 RDI: 0000000000000246
[14027.797609] RBP: ffff880038787f44 R08: 000000000000000a R09: 0000000000000000
[14027.797614] R10: 00000000000003e6 R11: 0000000000000006 R12: 0000000000000000
[14027.797619] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[14027.797625] FS: 0000000000000000(0000) GS:ffff88003fc00000(0000) knlGS:0000000000000000
[14027.797630] CS: 0010 DS: 002b ES: 002b CR0: 000000008005003b
[14027.797635] CR2: 00000000f778dba0 CR3: 000000003cad9000 CR4: 00000000000006f0
[14027.797644] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[14027.797650] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[14027.797655] Process a.out (pid: 15169, threadinfo ffff880038786000, task ffff88003a0eae80)
[14027.797660] Stack:
[14027.797665] 0000000000000003 ffff880038787f78 ffffc900003db054 ffffffff816d7149
[14027.797671] 0000000000000000 0000000000000000 0000000000000000 3b843c8000000000
[14027.797677] 816d7149ffff8800 00000000ffffffff 0000000000000000 0000000000000000
[14027.797684] Call Trace:
[14027.797698] [<ffffffff816d7149>] ? ia32_do_call+0x13/0x13
[14027.797703] Code: 00 48 c7 c7 d9 10 21 a0 48 89 c6 48 89 c3 31 c0 e8 63 25 4b e1 48 89 5d 34 48 8b 75 34 48 c7 c7 f5 10 21 a0 31 c0 e8 4d 25 4b e1 <0f> 0b 66 66 66 66 90 55 48 89 e5 53 48 8b 55 40 48 8b 5d 48 48
[14027.797731] RIP [<ffffffffa020e05e>] hooked_sys32_pre_close+0x3e/0x40 [monks]
[14027.797739] RSP <ffff880038787f3c>
[14027.797746] ---[ end trace 6c79e7a670d4c886 ]---
我要转储的信息没有杀死该过程的信息是从线[14027.797660]到行[14027.797677]
问候!
编辑:
dump_stack()输出:
[17467.729035] Pid: 16281, comm: a.out Tainted: GF D O 3.8.0-29-generic #42-Ubuntu
[17467.729042] Call Trace:
[17467.729070] [<ffffffffa020e144>] hooked_sys32_pre_close+0x14/0x90 [monks]
[17467.729084] [<ffffffff816d7149>] ? ia32_do_call+0x13/0x13
这并没有让我想要的东西。我做错了吗?
唯一比试图弄清楚如何倾倒堆栈的挫败感更糟糕的是,您发现它实际上是实际称为 dump_stack()-假设有同事周围嘲笑你...
好吧,要么将燃烧到我的大脑中的东西并不像我想象的那样有用,要么这是拱形代码截然不同的事情之一。我不熟悉x86,但是在似乎打印的堆栈数据的功能中快速戳戳了show_stack(NULL, NULL)。