[Crash-utility] Unable to switch stack frames while using crash

Flavio Leitner fleitner at redhat.com
Wed Jun 15 14:26:22 UTC 2011 

On 06/15/2011 12:56 AM, Shashidhara Shamaiah wrote:
> Hi,
> 
>  
> 
> I was investigating a 64 bit linux kernel dump . I have following doubts
> regarding usage of crash.
> 
>  
> 
> 1) I wanted to access the intermediate kernel stack frames. To know the
> status of the frame and the point of failure.
> 
> When I tried to access a stack frame I get an error message "crash:
> prohibited gdb command: frame". Can you please let me know if there is
> any other way of            accessing the kernel stack frames using
> crash. 
> 

Try 'bt -f'
Try also 'help bt' to discover other nice parameters as well.



> 
> 2) When I run bt in crash, I get a stack trace. Another person from a
> different team reported a slightly different stack trace to mine. Below
> are the stack traces. The register contents are quite different between
> the two
> 
>  
> 
> My stack trace
> 
> PID: 13366  TASK: ffff88031b60d580  CPU: 1   COMMAND: "telnet"
> 
>  #0 [ffff88031ce759d0] machine_kexec at ffffffff81024486
> 
>  #1 [ffff88031ce75a40] crash_kexec at ffffffff8107e230
> 
>  #2 [ffff88031ce75b20] oops_end at ffffffff8100fa38
> 
>  #3 [ffff88031ce75b50] no_context at ffffffff8102d801
> 
>  #4 [ffff88031ce75ba0] __bad_area_nosemaphore at ffffffff8102d9c9
> 
>  #5 [ffff88031ce75c70] bad_area at ffffffff8102da41
> 
>  #6 [ffff88031ce75ca0] do_page_fault at ffffffff8102dd19
> 
>  #7 [ffff88031ce75cf0] page_fault at ffffffff812d7425
> 
>  #8 [ffff88031ce75d78] n_tty_read at ffffffff811f03b3
> 
>  #9 [ffff88031ce75ec0] tty_read at ffffffff811ebf7e
> 
> #10 [ffff88031ce75f10] vfs_read at ffffffff810ebcc8
> 
> #11 [ffff88031ce75f40] sys_read at ffffffff810ebe48
> 
> #12 [ffff88031ce75f80] system_call_fastpath at ffffffff8100bbc2
> 
>     RIP: 00007ffff716b9e0  RSP: 00007fffffffdfc0  RFLAGS: 00010212
> 
>     RAX: 0000000000000000  RBX: ffffffff8100bbc2  RCX: 0000000000000000
> 
>     RDX: 0000000000001ff6  RSI: 000000000061c02a  RDI: 0000000000000000
> 
>     RBP: 0000000000001ff6   R8: 0000000000000000   R9: 0000000000000000
> 
>     R10: 0000000000616680  R11: 0000000000000246  R12: 0000000000000000
> 
>     R13: 0000000000000001  R14: 000000000061c02a  R15: 00000000006178a0
> 
>     ORIG_RAX: 0000000000000000  CS: 0033  SS: 002b
> 
>  
> 
>  
> 
> Reported stack trace 
> 
> PID: 13366  TASK: ffff88031b60d580  CPU: 1   COMMAND: "telnet"
> 
>  #0 [ffff88031ce759d0] machine_kexec at ffffffff81024486
> 
>  #1 [ffff88031ce75a40] crash_kexec at ffffffff8107e230
> 
>  #2 [ffff88031ce75ad8] n_tty_read at ffffffff811f03b3
> 
>  #3 [ffff88031ce75b20] oops_end at ffffffff8100fa38
> 
>  #4 [ffff88031ce75b50] no_context at ffffffff8102d801
> 
>  #5 [ffff88031ce75ba0] __bad_area_nosemaphore at ffffffff8102d9c9
> 
>  #6 [ffff88031ce75c20] native_sched_clock at ffffffff810120aa
> 
>  #7 [ffff88031ce75c70] bad_area at ffffffff8102da41
> 
>  #8 [ffff88031ce75ca0] do_page_fault at ffffffff8102dd19
> 
>  #9 [ffff88031ce75cf0] page_fault at ffffffff812d7425
> 
>     [exception RIP: n_tty_read+1420]
> 
>     RIP: ffffffff811f03b3  RSP: ffff88031ce75da8  RFLAGS: 00010246
> 
>     RAX: 0000000000000000  RBX: ffff8802cbd54a68  RCX: 000000000061c044
> 
>     RDX: 0000000000000005  RSI: ffff88031ce75e87  RDI: ffff8802cbd54d1c
> 
>     RBP: ffff88031ce75eb8   R8: 0000000000000000   R9: 0000000000000000
> 
>     R10: 0000000000616680  R11: 0000000000000246  R12: 000000000061c044
> 
>     R13: ffff8802cbd54800  R14: 0000000000000000  R15: 7fffffffffffffff
> 
>     ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018 #10
> [ffff88031ce75ec0] tty_read at ffffffff811ebf7e
> 
> #11 [ffff88031ce75f10] vfs_read at ffffffff810ebcc8
> 
> #12 [ffff88031ce75f40] sys_read at ffffffff810ebe48
> 
> #13 [ffff88031ce75f80] system_call_fastpath at ffffffff8100bbc2
> 
>  
> 
>  
> 
> 3) I want to retrieve the address of a data structure in the current
> context. How can it be done? I tried using struct command, but it did
> not help
> 

You need to use bt -f and find what pointer you are looking for and
then: struct <struct name>  pointer
most of times just doing: <struct name> pointer 
works out

fbl


> 
> 4) When I run the command readelf -a vmcore, I get an error message
> "readelf: Error: Not an ELF file - it has the wrong magic bytes at the
> start."
> 
>  
> 
>  
> 
> Please help regarding the above queries.  
> 
>  
> 
> Thanks and Regards
> 
> Shashidhara
> 
> 
> Information transmitted by this e-mail is proprietary to MphasiS, its associated companies and/ or its customers and is intended 
> for use only by the individual or entity to which it is addressed, and may contain information that is privileged, confidential or 
> exempt from disclosure under applicable law. If you are not the intended recipient or it appears that this mail has been forwarded 
> to you without proper authority, you are notified that any use or dissemination of this information in any manner is strictly 
> prohibited. In such cases, please notify us immediately at mailmaster at mphasis.com and delete this mail from your records.
> 
> 
> 
> 
> --
> Crash-utility mailing list
> Crash-utility at redhat.com
> https://www.redhat.com/mailman/listinfo/crash-utility

More information about the Crash-utility mailing list