On the i386 linux version of lkcd I'm attempting to
figure out how to get tracebacks for modules on a live
system.
What I've tried is merging the map produced from
insmod of my module with the System.map and doing 'bt' on
a task that I know is blocked in the module's code.
From what I can tell the lkcd code can successfully
find the correct symbol table entry correlating to
function addresses in the stack frame (for both
kernel and module functions) but it can't successfully
read the physical page address where the modules instructions
are found.
For instance in the top frame lkcd subtracts c0000000 from
0xc0112b12 ("c0112750 T schedule" in the system.map)
and reads /dev/mem at offset 0x112750 to validate the
instructions therein. Thus I get a successful starting
point of "schedule".
However when it finds one of the modules functions
in the traceback (c8834d78 T foo), it subtracts 0xc0000000
and attempts to read /dev/mem at offset 0x8834d78.
This fails with a KLE_INVALID_READ.
I believe it fails since /dev/mem is only giving me
physical memory pages and that offset (142822776)
is larger than the machines physical memory.
So is there some function (other than subtracting
0xc0000000) needed in order to find the physical
page for a kernel modules text segment?
Example lkcd output:
>> bt c0cda000
================================================================
STACK TRACE FOR TASK: 0xc0cda000(foo)
0 schedule+962 [0xc0112b12]
TRACE ERROR 0x800000000
================================================================
Many thanks.
Dave Craft
--
--------- Opinions are mine and not IBM's ----------
Mail : dave@xxxxxxxxxxxxxx Phone : 512-838-8248
|