在内核调试过程中,经常会出现kernel painc等错致命错误导致内核崩溃,遇到这种问题可以根据oops信息逐步推断出内核出错的位置,找出出错的代码。
驱动程序一般分为作为模块通过 insmod加载 和直接编译进内核中两种。
利用tiny4412开发板,故意在驱动程序中引入一个指针错误。不进行ioremap,直接访问物理地址,这是非法的。
第一种:通过insmod加载
shell@tiny4412:/ # insmod first_drv.ko //加载驱动程序
shell@tiny4412:/ # ./firstdrvtest //执行测试程序
[ 3213.127556] Unable to handle kernel paging request at virtual address 56000050
[ 3213.127708] pgd = d6778000
[ 3213.127774] [56000050] *pgd=00000000
[ 3213.127871] Internal error: Oops: 5 [#1] PREEMPT SMP
[ 3213.127977] Modules linked in: first_drv compat snd_soc_tiny4412_wm8960 snd_soc_wm8960
[ 3213.131612] CPU: 0 Not tainted (3.0.86-FriendlyARM-gfff328b-dirty #1)
[ 3213.138397] PC is at first_drv_open+0x1c(指令偏移)/0x3c(该函数总大小) [first_drv] //PC就是发生错误的指令的地址
[ 3213.143779] LR is at chrdev_open+0x120/0x240 //大多时候,PC值只会给出一个地址,不到指示说是在哪个函数里
[ 3213.148023] pc : [<bf00501c>] lr : [<c0149c80>] psr: a0000013 //PC 为bf00f01c
[ 3213.148046] sp : d4b11d70 ip : d4b11d80 fp : d4b11d7c
[ 3213.159469] r10: d8011540 r9 : c0149bf4 r8 : d5a82658
[ 3213.164679] r7 : bf005264 r6 : d4b10000 r5 : dba781c0 r4 : 00000001
[ 3213.171188] r3 : bf0053a8 r2 : 56000050 r1 : d8011540 r0 : 00000000
执行这条导致错误的指令时,各个寄存器的值。
[ 3213.177704] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[ 3213.184819] Control: 10c5387d Table: 5677804a DAC: 00000015
[ 3213.190542]
[ 3213.190553] LR: 0xc0149c00:
[ 3213.194789] 9c00 e59f1190 e2800001 e7820003 e5913000 e59f9184 e3530000 1a000039 e3a04001
[ 3213.202949] 9c20 e5963004 e2433001 e5863004 e5963000 e3130002 1a000054 e3540000 1a000012
[ 3213.211108] 9c40 e3a03000 e58a3010 e3e04005 e1a00005 ebffffb8 e1a00004 e24bd028 e89daff0
[ 3213.219266] 9c60 e58a3010 e593302c e3530000 01a04003 0afffff7 e1a00008 e1a0100a e12fff33
[ 3213.227426] 9c80 e2504000 1afffff0 eafffff1 e5953028 e3530000 e58a3010 1afffff1 e3e04005
[ 3213.235585] 9ca0 eaffffe9 e1a00004 eb1551f5 e5940008 e5981080 e24b2030 eb06a75a e2503000
[ 3213.243744] 9cc0 0a00000d e1a00004 e1a04003 eb15526c e5985160 e3550000 0a000020 e1a00005
[ 3213.251903] 9ce0 ebfffd96 e3500000 1affffad e59f00a0 eb1551e3 e1a00004 ebffff8e e3e04005
[ 3213.260066]
[ 3213.260077] SP: 0xd4b11cf0:
[ 3213.264316] 1cf0 00000000 00000001 c093e748 d4b10000 d4b11d2c 0000040f 00000005 d4b10000
[ 3213.272475] 1d10 bf005264 d5a82658 d4b11d7c d4b11d28 c004b210 c0045510 00000000 d8011540
[ 3213.280634] 1d30 56000050 bf0053a8 00000001 dba781c0 d4b10000 bf005264 d5a82658 c0149bf4
[ 3213.288793] 1d50 d8011540 d4b11d7c d4b11d80 d4b11d70 c0149c80 bf00501c a0000013 ffffffff
[ 3213.296953] 1d70 d4b11db4 d4b11d80 c0149c80 bf00500c ddc8b480 00000000 d4b11db4 d8011540
[ 3213.305112] 1d90 d5a82658 00000000 d4b11ed0 00000000 ddc8b480 de20b440 d4b11dec d4b11db8
[ 3213.313271] 1db0 c0143f50 c0149b6c d4b11dd4 c0149b60 c069e694 dac99e80 00000000 d8011540
[ 3213.321430] 1dd0 d4b11ed0 00000000 00000000 d5a82658 d4b11e14 d4b11df0 c01450a4 c0143dbc
[ 3213.329592]
[ 3213.329603] IP: 0xd4b11d00:
[ 3213.333843] 1d00 d4b11d2c 0000040f 00000005 d4b10000 bf005264 d5a82658 d4b11d7c d4b11d28
[ 3213.342002] 1d20 c004b210 c0045510 00000000 d8011540 56000050 bf0053a8 00000001 dba781c0
[ 3213.350161] 1d40 d4b10000 bf005264 d5a82658 c0149bf4 d8011540 d4b11d7c d4b11d80 d4b11d70
[ 3213.358320] 1d60 c0149c80 bf00501c a0000013 ffffffff d4b11db4 d4b11d80 c0149c80 bf00500c
[ 3213.366480] 1d80 ddc8b480 00000000 d4b11db4 d8011540 d5a82658 00000000 d4b11ed0 00000000
[ 3213.374639] 1da0 ddc8b480 de20b440 d4b11dec d4b11db8 c0143f50 c0149b6c d4b11dd4 c0149b60
[ 3213.382798] 1dc0 c069e694 dac99e80 00000000 d8011540 d4b11ed0 00000000 00000000 d5a82658
[ 3213.390957] 1de0 d4b11e14 d4b11df0 c01450a4 c0143dbc dac99e80 d4b11e00 d4b11ed0 00000002
[ 3213.399119]
[ 3213.399130] FP: 0xd4b11cfc:
[ 3213.403370] 1cfc d4b10000 d4b11d2c 0000040f 00000005 d4b10000 bf005264 d5a82658 d4b11d7c
[ 3213.411529] 1d1c d4b11d28 c004b210 c0045510 00000000 d8011540 56000050 bf0053a8 00000001
[ 3213.419688] 1d3c dba781c0 d4b10000 bf005264 d5a82658 c0149bf4 d8011540 d4b11d7c d4b11d80
[ 3213.427847] 1d5c d4b11d70 c0149c80 bf00501c a0000013 ffffffff d4b11db4 d4b11d80 c0149c80
[ 3213.436006] 1d7c bf00500c ddc8b480 00000000 d4b11db4 d8011540 d5a82658 00000000 d4b11ed0
[ 3213.444165] 1d9c 00000000 ddc8b480 de20b440 d4b11dec d4b11db8 c0143f50 c0149b6c d4b11dd4
[ 3213.452325] 1dbc c0149b60 c069e694 dac99e80 00000000 d8011540 d4b11ed0 00000000 00000000
[ 3213.460484] 1ddc d5a82658 d4b11e14 d4b11df0 c01450a4 c0143dbc dac99e80 d4b11e00 d4b11ed0
[ 3213.468646]
[ 3213.468656] R1: 0xd80114c0:
[ 3213.472896] 14c0 00000000 00000000 00000000 00000000 00000000 db61bc80 00000000 00000000
[ 3213.481055] 14e0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.489215] 1500 d8012240 00000000 d8011508 d8011508 d8011510 d8011510 d874f6fc 00000000
[ 3213.497374] 1520 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.505533] 1540 d592cf00 fbfe1bc4 ddc8b480 de20b440 bf0051fc 00000000 00000000 00000000
[ 3213.513692] 1560 00000001 00000002 0000001f 00000000 00000000 00000000 00000000 00000000
[ 3213.521852] 1580 00000000 00000000 00000000 00000000 00000000 dac99e80 00000000 00000000
[ 3213.530011] 15a0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.538173]
[ 3213.538184] R5: 0xdba78140:
[ 3213.542423] 8140 2f766564 6d687361 642f6d65 69766c61 6e692d6b 65726964 72207463 74206665
[ 3213.550582] 8160 656c6261 00000000 e70000f4 00000010 00000010 0000000a 00000000 00002723
[ 3213.558741] 8180 bf0051c8 bf005264 00000000 00000000 00000000 de439d80 00000000 00000000
[ 3213.566901] 81a0 c02f21ac 00000000 00000000 00000000 00000000 00000000 00000000 d783ac00
[ 3213.575060] 81c0 dba78680 dba781c4 dba781c4 00000000 00000000 c093e734 00000000 00000002
[ 3213.583219] 81e0 00000001 bf005264 bf0051fc d5a827b0 d5a827b0 0f800000 00000100 00000000
[ 3213.591378] 8200 0000103f db4bc145 db56cb84 00000000 db4bc151 db7d4410 dbddff50 00000000
[ 3213.599538] 8220 dbf095a0 dd8a5c00 dbf09580 000000cb 00000001 00000001 00000000 00000000
[ 3213.607699]
[ 3213.607710] R6: 0xd4b0ff80:
[ 3213.611950] ff80 62fe1841 62fe1c41 62fd9841 62fd9c41 62fdd841 62fddc41 62fdb841 62fdbc41
[ 3213.620109] ffa0 62fda841 62fdac41 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.628268] ffc0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.636427] ffe0 00000000 00000000 00000000 00000000 00000000 00000000 62fe2821 62fe2c21
[ 3213.644587] 0000 00000000 00000002 00000000 d6491e00 c09379e0 00000000 00000015 00000000
[ 3213.652746] 0020 00000000 00000000 00000000 00000000 00000000 00000000 00000000 d4b11fb0
[ 3213.660905] 0040 c004b9d0 00000000 00000000 00000000 00000000 00000000 00010000 00000000
[ 3213.669065] 0060 00d444c0 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.677226]
[ 3213.677237] R8: 0xd5a825d8:
[ 3213.681477] 25d8 00000000 00000000 d5a835a8 f44f2700 00010001 00000000 00200000 00000000
[ 3213.689636] 25f8 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.697795] 2618 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.705954] 2638 00000000 00000000 00000000 d5a82644 d5a82644 d5a8264c d5a8264c 00000000
[ 3213.714114] 2658 00002180 00000000 00000000 c06a6e40 de73c800 00030003 00000000 00000000
[ 3213.722273] 2678 00000000 d642b348 00000001 00020002 00000000 d5a8268c d5a8268c 00000000
[ 3213.730432] 2698 00000000 d5a82680 00000000 00000000 00000000 d5a826ac d5a826ac d5a826b4
[ 3213.738591] 26b8 d5a826b4 dda07874 de73c884 de20b4bc de20b4bc 00006baa 00000001 00000001
[ 3213.746753]
[ 3213.746764] R9: 0xc0149b74:
[ 3213.751003] 9b74 e1a08000 e1a00004 e1a0a001 eb1552bf e5985160 e3550000 0a000044 e1a00005
[ 3213.759163] 9b94 ebfffde9 e2504000 0a000052 e3a04000 e59f01e8 eb155235 e1a00004 ebffffe0
[ 3213.767322] 9bb4 e5953028 e3530000 0a00001f e5937000 e3570000 0a000024 e1a0300d e3c36d7f
[ 3213.775481] 9bd4 e3c6603f e5963004 e2833001 e5863004 e5973000 e3530002 03a04000 0a00000a
[ 3213.783640] 9bf4 e5973140 ee1d2f90 e7920003 e59f1190 e2800001 e7820003 e5913000 e59f9184
[ 3213.791799] 9c14 e3530000 1a000039 e3a04001 e5963004 e2433001 e5863004 e5963000 e3130002
[ 3213.799959] 9c34 1a000054 e3540000 1a000012 e3a03000 e58a3010 e3e04005 e1a00005 ebffffb8
[ 3213.808118] 9c54 e1a00004 e24bd028 e89daff0 e58a3010 e593302c e3530000 01a04003 0afffff7
[ 3213.816280]
[ 3213.816290] R10: 0xd80114c0:
[ 3213.820617] 14c0 00000000 00000000 00000000 00000000 00000000 db61bc80 00000000 00000000
[ 3213.828776] 14e0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.836935] 1500 d8012240 00000000 d8011508 d8011508 d8011510 d8011510 d874f6fc 00000000
[ 3213.845095] 1520 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.853254] 1540 d592cf00 fbfe1bc4 ddc8b480 de20b440 bf0051fc 00000000 00000000 00000000
[ 3213.861413] 1560 00000001 00000002 0000001f 00000000 00000000 00000000 00000000 00000000
[ 3213.869572] 1580 00000000 00000000 00000000 00000000 00000000 dac99e80 00000000 00000000
[ 3213.877731] 15a0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3213.885902] Process firstdrvtest (pid: 13332, stack limit = 0xd4b102f0)
[ 3213.892497] Stack: (0xd4b11d70 to 0xd4b12000)
[ 3213.896847] 1d60: d4b11db4 d4b11d80 c0149c80 bf00500c
[ 3213.905014] 1d80: ddc8b480 00000000 d4b11db4 d8011540 d5a82658 00000000 d4b11ed0 00000000
[ 3213.913173] 1da0: ddc8b480 de20b440 d4b11dec d4b11db8 c0143f50 c0149b6c d4b11dd4 c0149b60
[ 3213.921330] 1dc0: c069e694 dac99e80 00000000 d8011540 d4b11ed0 00000000 00000000 d5a82658
[ 3213.929490] 1de0: d4b11e14 d4b11df0 c01450a4 c0143dbc dac99e80 d4b11e00 d4b11ed0 00000002
[ 3213.937649] 1e00: 00000000 00000026 d4b11e5c d4b11e18 c015396c c0145048 dbe2d005 d4b11e28
[ 3213.945809] 1e20: d4b11e5c ddc8b480 de048330 d5a82658 c01472ac d4b11ed0 d4b11f60 dbe2d000
[ 3213.953968] 1e40: d4b10000 00000000 d4b10000 d4b11e8c d4b11ec4 d4b11e60 c01541a8 c0153884
[ 3213.962126] 1e60: d4b11e94 d4b11e70 c005495c c00ac720 00000000 00000d44 00d44000 00000000
[ 3213.970285] 1e80: 00000200 00000000 00000200 ddc8b480 de20b440 00000000 00000001 d4b11f60
[ 3213.978445] 1ea0: d4b11ed0 00000001 ffffff9c dbe2d000 d4b10000 00000000 d4b11f54 d4b11ec8
[ 3213.986604] 1ec0: c01545c4 c01540f0 00000041 c0045510 ddc8b480 de20b440 002b0d71 00000003
[ 3213.994762] 1ee0: dbe2d005 00000000 de002088 d5a82658 00000101 00000004 00000000 00000000
[ 3214.002922] 1f00: d783a700 d783a700 d783a708 00000000 d783a740 00000002 d4b11f54 d4b11f28
[ 3214.011080] 1f20: c0160768 00000003 00000000 00000000 00000002 dbe2d000 00000002 00000003
[ 3214.019240] 1f40: 00000001 ffffff9c d4b11f94 d4b11f58 c014519c c0154598 d4b10000 00000000
[ 3214.027398] 1f60: 00000002 00000000 00000026 00000100 00008984 00000000 00008a1c 00000005
[ 3214.035559] 1f80: c004bac4 00000000 d4b11fa4 d4b11f98 c0145250 c01450b8 00000000 d4b11fa8
[ 3214.043718] 1fa0: c004b940 c0145234 00008984 00000000 00065804 00000002 beeb99dc 00000001
[ 3214.051875] 1fc0: 00008984 00000000 00008a1c 00000005 00000000 00000000 00000000 beeb9884
[ 3214.060036] 1fe0: 00000000 beeb9870 0000827c 0001389c 60000010 00065804 00000000 00000000
[ 3214.068171] Backtrace:
[ 3214.070649] [<bf005000>] (first_drv_open+0x0/0x3c [first_drv]) from [<c0149c80>] (chrdev_open+0x120/0x240)
[ 3214.080287] [<c0149b60>] (chrdev_open+0x0/0x240) from [<c0143f50>] (__dentry_open+0x1a0/0x350)
[ 3214.088864] [<c0143db0>] (__dentry_open+0x0/0x350) from [<c01450a4>] (nameidata_to_filp+0x68/0x70)
[ 3214.097799] [<c014503c>] (nameidata_to_filp+0x0/0x70) from [<c015396c>] (do_last+0xf4/0x7cc)
[ 3214.106194] r7:00000026 r6:00000000 r5:00000002 r4:d4b11ed0
[ 3214.111857] [<c0153878>] (do_last+0x0/0x7cc) from [<c01541a8>] (path_openat+0xc4/0x3f4)
[ 3214.119843] [<c01540e4>] (path_openat+0x0/0x3f4) from [<c01545c4>] (do_filp_open+0x38/0x8c)
[ 3214.128175] [<c015458c>] (do_filp_open+0x0/0x8c) from [<c014519c>] (do_sys_open+0xf0/0x17c)
[ 3214.136487] r8:ffffff9c r7:00000001 r6:00000003 r5:00000002 r4:dbe2d000
[ 3214.143190] [<c01450ac>] (do_sys_open+0x0/0x17c) from [<c0145250>] (sys_open+0x28/0x2c)
[ 3214.151195] [<c0145228>] (sys_open+0x0/0x2c) from [<c004b940>] (ret_fast_syscall+0x0/0x30)
[ 3214.159420] Code: e30533a8 e34b3f00 e5932000 e3a00000 (e5921000)
[ 3214.166274] ---[ end trace e92e60bf179b421c ]---
[ 3214.170094] Kernel panic - not syncing: Fatal exception
[ 3214.175322] Backtrace:
[ 3214.177729] [<c004f618>] (dump_backtrace+0x0/0x10c) from [<c069aa00>] (dump_stack+0x18/0x1c)
[ 3214.186144] r6:d6491e00 r5:00000001 r4:c09b73c0 r3:00000002
[ 3214.191778] [<c069a9e8>] (dump_stack+0x0/0x1c) from [<c069aa7c>] (panic+0x78/0x1b8)
[ 3214.199426] [<c069aa04>] (panic+0x0/0x1b8) from [<c004fbd0>] (die+0x190/0x1c0)
[ 3214.206652] r3:00000001 r2:d4b11b08 r1:60000013 r0:c081b440
[ 3214.212257] r7:00000005
[ 3214.214780] [<c004fa40>] (die+0x0/0x1c0) from [<c0054860>] (__do_kernel_fault+0x6c/0x8c)
[ 3214.222862] r8:ddfc2a80 r7:00000005 r6:00000000 r5:56000050 r4:d4b11d28
[ 3214.229536] [<c00547f4>] (__do_kernel_fault+0x0/0x8c) from [<c0054a24>] (do_page_fault+0x1a4/0x34c)
[ 3214.238595] r8:d4b11d28 r7:00000005 r6:db41e580 r5:56000050 r4:ddfc2a80
[ 3214.245077] r3:d4b11d28
[ 3214.247678] [<c0054880>] (do_page_fault+0x0/0x34c) from [<c0054ce0>] (do_translation_fault+0xa0/0xa8)
[ 3214.256889] [<c0054c40>] (do_translation_fault+0x0/0xa8) from [<c004553c>] (do_DataAbort+0x38/0xa0)
[ 3214.265910] r7:00000005 r6:c091f688 r5:56000050 r4:00000005
[ 3214.271547] [<c0045504>] (do_DataAbort+0x0/0xa0) from [<c004b210>] (__dabt_svc+0x70/0xa0)
[ 3214.279713] Exception stack(0xd4b11d28 to 0xd4b11d70)
[ 3214.284748] 1d20: 00000000 d8011540 56000050 bf0053a8 00000001 dba781c0
[ 3214.292908] 1d40: d4b10000 bf005264 d5a82658 c0149bf4 d8011540 d4b11d7c d4b11d80 d4b11d70
[ 3214.301068] 1d60: c0149c80 bf00501c a0000013 ffffffff
[ 3214.306123] r8:d5a82658 r7:bf005264 r6:d4b10000 r5:00000005 r4:0000040f
[ 3214.312775] [<bf005000>] (first_drv_open+0x0/0x3c [first_drv]) from [<c0149c80>] (chrdev_open+0x120/0x240)
[ 3214.322433] [<c0149b60>] (chrdev_open+0x0/0x240) from [<c0143f50>] (__dentry_open+0x1a0/0x350)
[ 3214.331015] [<c0143db0>] (__dentry_open+0x0/0x350) from [<c01450a4>] (nameidata_to_filp+0x68/0x70)
[ 3214.339983] [<c014503c>] (nameidata_to_filp+0x0/0x70) from [<c015396c>] (do_last+0xf4/0x7cc)
[ 3214.348375] r7:00000026 r6:00000000 r5:00000002 r4:d4b11ed0
[ 3214.354006] [<c0153878>] (do_last+0x0/0x7cc) from [<c01541a8>] (path_openat+0xc4/0x3f4)
[ 3214.362001] [<c01540e4>] (path_openat+0x0/0x3f4) from [<c01545c4>] (do_filp_open+0x38/0x8c)
[ 3214.370361] [<c015458c>] (do_filp_open+0x0/0x8c) from [<c014519c>] (do_sys_open+0xf0/0x17c)
[ 3214.378664] r8:ffffff9c r7:00000001 r6:00000003 r5:00000002 r4:dbe2d000
[ 3214.385344] [<c01450ac>] (do_sys_open+0x0/0x17c) from [<c0145250>] (sys_open+0x28/0x2c)
[ 3214.393338] [<c0145228>] (sys_open+0x0/0x2c) from [<c004b940>] (ret_fast_syscall+0x0/0x30)
[ 3214.401608] Rebooting in 5 seconds..
[
Superboot-4412 V2.5(20150923) by FriendlyARM
通过上面可以看出PC寄存器值为:bf00501c
可以通过PC值确定该指令是属于内核还是外加的模块。内核编译完后会生成System.map文件。
可以通过看System.map文件,确定内核的函数地址范围为00000024~c0dd8ff8。因此bf00501c不在内核中,而是通过insmod加载的。
判断出来是加载程序引入的错误,怎么找到它属于哪个模块呢?
先看看加载驱动程序的函数地址范围。cat /proc/kallsyms (内核函数和加载函数的地址)
cat /proc/kallsyms > kallsyms.txt 将其保存为文件
adb pull /kallsyms.txt 并通过adb将其pull出来查看。我操作到这里导出来的符号表发现值都为0
00000000 t fsg_unbind
00000000 t fsg_lun_open
00000000 t fsg_show_file
00000000 t fsg_store_ro
00000000 t fsg_lun_fsync_sub
00000000 t fsg_store_nofua
00000000 t android_enab
查了网上,是内核出于一种保护机制,不让非root用户查看符号表,需要修改内核代码kernel/kallsyms.c
将其中的 K去掉 seq_printf(m, "%pK %c %s\t[%s]\n", (void *)iter->value,
type, iter->name, iter->module_name);即改成 seq_printf(m, "%p %c %s\t[%s]\n", (void *)iter->value,
type, iter->name, iter->module_name);重新编译烧写内核即可。
加载有问题的驱动程序,并导出符号表:搜索bf00501c。
c0dd8fe8 b activity_lock
c0dd8ff0 b klist_remove_lock
bf005000 t $a [first_drv]
bf005000 t first_drv_open [first_drv] 定位到first_drv.ko
bf0053a8 b .LANCHOR0 [first_drv]
bf00503c t first_drv_write [first_drv]
bf0050d0 t $d [first_drv]
bf0050d4 t $a [first_drv]
定位到first_drv.ko后,需要反汇编first_drv.ko。
在pc上执行 arm-linux-objdump -D first_drv.ko > frist_drv.dis
在dis文件里找到first_drv_open
00000000 <first_drv_open>:
0: e1a0c00d mov ip, sp
4: e92dd800 push {fp, ip, lr, pc}
8: e24cb004 sub fp, ip, #4
c: e3003000 movw r3, #0
10: e3403000 movt r3, #0
14: e5932000 ldr r2, [r3]
18: e3a00000 mov r0, #0
1c: e5921000 ldr r1, [r2] //在这里出错
20: e3c11c3f bic r1, r1, #16128 ; 0x3f00
24: e5821000 str r1, [r2]
28: e5933000 ldr r3, [r3]
2c: e5932000 ldr r2, [r3]
30: e3822c15 orr r2, r2, #5376 ; 0x1500
34: e5832000 str r2, [r3]
38: e89da800 ldm sp, {fp, sp, pc}
需要通过汇编找到对应的出错的C语言位置。
这样就找到出错代码的位置。
第二种:编译进内核的模块
如果出错代码是编译在内核中,查找方法类似:首先通过PC值,根据System.map确定模块的位置,然后反汇编内核文件
arm-linux-objdump -D vmlinux > vmlinux.dis,然后再vmlinux.dis文件中搜索bf005000.
确定出错的位置。(具体找出C语音对应出错的位置,需要能够读懂汇编)