kernel crash数据解析

 crash数据解析

crash解析工具下载和编译方法如下：

git clone https://github.com/crash-utility/crash.git

cd crash;

make target=ARM64
 

crash工具解析ramdump文件：
1. 将dump 出来的ramdump 文件拷贝到 Linux 系统
2. 找到当前Linux 内核对应的vmlinux文件
3. 运行如下命令解析ramdump 文件
 

bt
该命令是查看进程栈信息的，可以通过pid/cpu等选项指定相关信息。
crash_arm64> bt
PID: 2496 TASK: ffff800023c5b800 CPU: 5 COMMAND: "sh"
#0 [ffff000013573800] __crash_kexec at ffff00000817cee8
#1 [ffff000013573890] (null) at 108142390
#2 [ffff000013573920] psci_sys_reset at ffff000008965ae0
#3 [ffff000013573940] machine_restart at ffff000008085b94
#4 [ffff000013573960] emergency_restart at ffff0000080fddc4
#5 [ffff000013573970] panic at ffff0000080d8c04
#6 [ffff000013573a50] die at ffff00000808ae10
#7 [ffff000013573a90] __do_kernel_fault at ffff00000809feb8
#8 [ffff000013573ac0] do_page_fault at ffff00000809ffdc
#9 [ffff000013573b30] do_translation_fault at ffff0000080a0390
#10 [ffff000013573b40] do_mem_abort at ffff00000808130c
#11 [ffff000013573d20] el1_ia at ffff000008083050
PC: ffff0000086095b0 [sysrq_handle_crash+32]
LR: ffff00000860959c [sysrq_handle_crash+12]
 

3.2.4 sym
该命令查看符号和符号对应的地址信息，可以根据符号给出对应的地址，也可以根据给出的地址给出
对应的符号。
crash_arm64> sym proc_reg_write
ffff0000082ea1d0 (t) proc_reg_write
/workspace/huafeng.huang/workspace/X9_3.0.0_PTG4.0/buildsystem/yoct
o/source/linux/fs/proc/inode.c: 224
crash_arm64> sym ffff0000082ea1d0
ffff0000082ea1d0 (t) proc_reg_write
/workspace/huafeng.huang/workspace/X9_3.0.0_PTG4.0/buildsystem/yoct
o/source/linux/fs/proc/inode.c: 224
crash_arm64> sym __log_buf
ffff0000092ff020 (b) __log_buf
crash_arm64> sym ffff0000092ff020
ffff0000092ff020 (b) __log_buf