[Crash-utility] Re: [RFC] Crash patch for DWARF CFI based unwind support

Rachita Kothiyal rachita at in.ibm.com
Thu Oct 26 14:16:48 UTC 2006 

On Tue, Oct 17, 2006 at 03:37:16PM -0400, Dave Anderson wrote:
> 
> > Hi Dave
> >
> > The following patch adds support for DWARF CFI based stack unwinding
> > for crash. Since this method uses the call frame instructions for
> > unwinding, it generates better backtraces than the existing backtrace
> > mechanism. So when we have the unwind info available, this new method
> > will be called, else we fall back to the existing mechanism.
> >
> > ... <this section moved below>
> >
> > Please provide your suggestions and comments.
> >
> > Thanks
> > Rachita
> 
> 
> Hi Rachita,
> 
> I've only been able to test this on a live system that has __start_unwind
> and __end_unwind symbols, so I don't know what a backtrace with an
> in-kernel exception frame, or a backtrace with a transition to the x86_64
> IRQ stack or x86_64 exception stacks, would look like.  If you have
> an example, I'd be interested in seeing how they get handled.

Hi Dave

I was trying to use LKDTM to create various scenarios for crash dump.
To start with is the case of panic() in an interrupt context. Here I
am inducing a panic in handle_IRQ_event(), where I am registering a 
jprobe. jp_handle_irq_event() is the jprobe handler which in turn calls
lkdtm_handler(). Running crash on the dump gives the following:

crash> bt
PID: 3898   TASK: ffff81022e988e20  CPU: 0   COMMAND: "slapd"
 #0 [ffffffff8064bcf8] crash_kexec at ffffffff80152211
 #1 [ffffffff8064bd40] machine_kexec at ffffffff8011a739
 #2 [ffffffff8064bd80] crash_kexec at ffffffff8015222d
 #3 [ffffffff8064be08] crash_kexec at ffffffff80152211
 #4 [ffffffff8064be30] bust_spinlocks at ffffffff8011fd6d
 #5 [ffffffff8064be40] panic at ffffffff80131410
 #6 [ffffffff8064beb0] cdrom_pc_intr at ffffffff802ebe68
 #7 [ffffffff8064bef0] ide_intr at ffffffff802df26f
 #8 [ffffffff8064bf30] lkdtm_handler at ffffffff8800230d
 #9 [ffffffff8064bf40] jp_handle_irq_event at ffffffff880023e8
#10 [ffffffff8064bf50] __do_IRQ at ffffffff801544f4
#11 [ffffffff8064bf58] __do_softirq at ffffffff80136b8f
#12 [ffffffff8064bf90] do_IRQ at ffffffff8010bda1
--- <IRQ stack> ---
#13 [ffff810229fd5f80] ret_from_intr at ffffffff80109b95
    [exception RIP: unknown or invalid address]
    RIP: 0000000000000000  RSP: 0000000000000000  RFLAGS: 00000000
    RAX: ffffffffffffffff  RBX: 00002afe35608c98  RCX: 00002afe359f7be4
    RDX: 0000000000000033  RSI: 0000000000000202  RDI: 00007fff754bfbe0
    RBP: 000000000000000a   R8: 000055555590bca0   R9: 0000000000000000
    R10: 00002afe35608c98  R11: 0000000000000001  R12: 0000000000000000
    R13: 0000000000000000  R14: 00002afe3597b1e0  R15: 000055555590b760
    ORIG_RAX: 000000000000002b  CS: 0000  SS: 0000
bt: WARNING: possibly bogus exception frame
    RIP: 00002afe359f7be4  RSP: 00007fff754bfbe0  RFLAGS: 00000202
    RAX: 00002afe35608c98  RBX: 000055555590b760  RCX: 0000000000000001
    RDX: 00002afe35608c98  RSI: 0000000000000000  RDI: 000055555590bca0
    RBP: ffffffff80109c0b   R8: 000000000000000a   R9: 0000000000000000
    R10: 0000000000000000  R11: 00002afe3597b1e0  R12: 000055555590b760
    R13: 00007fff754bfd38  R14: 0000000000000001  R15: 000055555590b760
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b
crash> set unwind on
unwind: on
crash> bt
PID: 3898   TASK: ffff81022e988e20  CPU: 0   COMMAND: "slapd"
 #0 [ffffffff8064bd88] crash_kexec at ffffffff80152211
 #1 [ffffffff8064be48] panic at ffffffff80131410
 #2 [ffffffff8064bf38] lkdtm_handler at ffffffff8800230d
--- <IRQ stack> ---
 #3 [ffff810229fd5f80] ret_from_intr at ffffffff80109b95
    [exception RIP: unknown or invalid address]
    RIP: 0000000000000000  RSP: 0000000000000000  RFLAGS: 00000000
    RAX: ffffffffffffffff  RBX: 00002afe35608c98  RCX: 00002afe359f7be4
    RDX: 0000000000000033  RSI: 0000000000000202  RDI: 00007fff754bfbe0
    RBP: 000000000000000a   R8: 000055555590bca0   R9: 0000000000000000
    R10: 00002afe35608c98  R11: 0000000000000001  R12: 0000000000000000
    R13: 0000000000000000  R14: 00002afe3597b1e0  R15: 000055555590b760
    ORIG_RAX: 000000000000002b  CS: 0000  SS: 0000
bt: WARNING: possibly bogus exception frame
 #4 [ffff810229fd5f80] common_interrupt at ffffffff80109b95
    RIP: 00002afe359f7be4  RSP: 00007fff754bfbe0  RFLAGS: 00000202
    RAX: 00002afe35608c98  RBX: 000055555590b760  RCX: 0000000000000001
    RDX: 00002afe35608c98  RSI: 0000000000000000  RDI: 000055555590bca0
    RBP: ffffffff80109c0b   R8: 000000000000000a   R9: 0000000000000000
    R10: 0000000000000000  R11: 00002afe3597b1e0  R12: 000055555590b760
    R13: 00007fff754bfd38  R14: 0000000000000001  R15: 000055555590b760
    ORIG_RAX: ffffffffffffffff  CS: 0033  SS: 002b
crash>


Comments?

In the stacktrace with 'unwind on', I was expecting to see jp_handle_irq_event
appear too (as frame 3)..Could my using a module to register the probe be the
reason ?

Thanks
Rachita

More information about the Crash-utility mailing list