Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

Disassembling the kernel

2,305 bytes added, 10:36, 22 August 2008
Created
This page describes how to obtain sufficient disassembling of your kernel when reporting a new BUG caught on a self-compiled kernel.

== The <code>objdump</code> utility ==

The main utility used to do it is the <code>objdump</code> one. Most of the time it's enough just to run
<pre>
# objdump -dr <the-binary-file-to-dump> > <the-output-file>
</pre>
and the disassembled binary will be obtained.

Most often you'd need to provide the dump of the <code>vmlinu'''x'''</code> file like this:
<pre>
# objdump -dr vmlinux-<kernel-version> > vmlinux.decoded
</pre>

We'll need the <code>vmlinux.decoded</code> file in this case.

== Some hints that can be get from the kernel BUG report ==

Let's look at how a BUG report can look (in the <code>dmesg</code> output)
<pre>
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000044
printing eip:
c05d575b
*pde = 00000000
Oops: 0000 [#1]
SMP
Modules linked in: ...
...
Call Trace:
[<c0429ea3>] local_bh_enable+0x95/0xa4
...
[<c05bc1ba>] net_rx_action+0x8f/0x185
[<c05b1aa9>] kernel_sendmsg+0x2f/0x3d
[<d0a7e24f>] xs_send_kvec+0x92/0x9a [sunrpc]
[<c048e3bc>] destroy_inode+0x24/0x33
[<d0a7e38e>] xs_sendpages+0x82/0x128 [sunrpc]
...
[<d0a80732>] rpc_async_schedule+0x0/0x8 [sunrpc]
[<c0433d6a>] run_workqueue+0x78/0xf5
[<c0433de7>] worker_thread+0x0/0xdc
...
[<c04371fb>] kthread+0x0/0x55
[<c0405913>] kernel_thread_helper+0x7/0x10
=======================
...
EIP: [<c05d575b>] ip_route_output_slow+0x40/0x6fa SS:ESP 0068:cf73bbbc
</pre>

I've thrown away some unneeded info, so as you can see some function names in the stack trace are accompanied with the <code>[sunrpc]</code> string. This is a module name, in you traces you can see some other modules. So, when you disassembled the <code>vmlinux</code> file and attached this to the BUG report, very likely we'll ask you to disassemble the modules, that are seen in the stack trace, so you'd have to run the
<pre>
# objdump -dr /lib/modules/<version>/<path>/<module-name>.ko > <module-name>.decoded
</pre>
command and attach this module dump as well. Note, that the string
<pre>
EIP: [<c05d575b>] ip_route_output_slow+0x40/0x6fa SS:ESP 0068:cf73bbbc
</pre>
also contains the function name, that can also belong to some module.

[[Category:Kernel]]
[[Category:HOWTO]]