From owner-freebsd-stable@FreeBSD.ORG Wed Dec 8 18:14:46 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A57D916A4CE for ; Wed, 8 Dec 2004 18:14:46 +0000 (GMT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A95043D66 for ; Wed, 8 Dec 2004 18:14:46 +0000 (GMT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.13.1/8.13.1) with ESMTP id iB8ICId2030969; Wed, 8 Dec 2004 13:12:18 -0500 (EST) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)iB8ICC51030963; Wed, 8 Dec 2004 18:12:13 GMT (envelope-from robert@fledge.watson.org) Date: Wed, 8 Dec 2004 18:12:12 +0000 (GMT) From: Robert Watson X-Sender: robert@fledge.watson.org To: David Gilbert In-Reply-To: <16823.14725.330609.631687@canoe.dclg.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-stable@freebsd.org Subject: Re: crashdumps not working X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Dec 2004 18:14:46 -0000 On Wed, 8 Dec 2004, David Gilbert wrote: > >>>>> "Robert" == Robert Watson writes: > > Robert> This is a NULL pointer dereference; you can use addr2line or > Robert> gdb on your kernel.debug to turn it into a line number even > Robert> without a core. That might well be worth doing, as we might > Robert> be able to debug that even without getting dumping working on > Robert> the box. > > If I had an address and a debug kernel, how is this done? There are at least three ways you can do this, depending on the amount of information you have, and what you're trying to find out. Suppose you get a fault and the trap shows the instruction pointer is 0xc052fb46. You can use: (1) addr2line(1) converts an address and a executable with debugging information to a line number. Assuming your kernel and source are properly in sync, etc, you can do: % addr2line --exe=kernel.debug 0xc052fb46 ../../../kern/subr_prf.c:297 (2) gdb(1) can be used on the debugging kernel, and can often return more useful context information. For example: % gdb kernel.debug ... This GDB was configured as "i386-marcel-freebsd"... (gdb) l *0xc052fb46 0xc052fb46 is in printf (../../../kern/subr_prf.c:297). 292 consintr = 0; 293 va_start(ap, fmt); 294 pca.tty = NULL; 295 pca.flags = TOCONS | TOLOG; 296 pca.pri = -1; 297 retval = kvprintf(fmt, putchar, &pca, 10, ap); 298 va_end(ap); 299 if (!panicstr) 300 msgbuftrigger = 1; 301 consintr = savintr; /* reenable interrupts */ gdb is a little more savvy about telling you about macros, inlines, etc, and gives you a bit of line context, so I've found it very helpful. (3) If you don't have debugging symbols, you can often identify at least the function that nm(1), you can run nm on the binary, and then search down through the sumbols until you find the closest address match before the address. I.e.: % nm kernel.debug | more ... c06f9f80 d print_message c067caf0 T printcpuinfo c052fb38 T printf c0523104 T printf_uuid c05019f4 T prison_check So the pointer is between printf() and printf_uuid(). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research