How to read, understand, analyze, and debug a Linux kernel panic?

CLinuxDebuggingLinux KernelPanic

C Problem Overview

Consider the following Linux kernel dump stack trace; e.g., you can trigger a panic from the kernel source code by calling panic("debugging a Linux kernel panic");:

[<001360ac>] (unwind_backtrace+0x0/0xf8) from [<00147b7c>] (warn_slowpath_common+0x50/0x60)
[<00147b7c>] (warn_slowpath_common+0x50/0x60) from [<00147c40>] (warn_slowpath_null+0x1c/0x24)
[<00147c40>] (warn_slowpath_null+0x1c/0x24) from [<0014de44>] (local_bh_enable_ip+0xa0/0xac)
[<0014de44>] (local_bh_enable_ip+0xa0/0xac) from [<0019594c>] (bdi_register+0xec/0x150)
  • In unwind_backtrace+0x0/0xf8 what does +0x0/0xf8 stand for?
  • How can I see the C code of unwind_backtrace+0x0/0xf8?
  • How to interpret the panic's content?

C Solutions

Solution 1 - C

It's just an ordinary backtrace, those functions are called in reverse order (first one called was called by the previous one and so on):

unwind_backtrace+0x0/0xf8
warn_slowpath_common+0x50/0x60
warn_slowpath_null+0x1c/0x24
ocal_bh_enable_ip+0xa0/0xac
bdi_register+0xec/0x150

The bdi_register+0xec/0x150 is the symbol + the offset/length there's more information about that in Understanding a Kernel Oops and how you can debug a kernel oops. Also there's this excellent tutorial on Debugging the Kernel

Note: as suggested below by Eugene, you may want to try addr2line first, it still needs an image with debugging symbols though, for example

addr2line -e vmlinux_with_debug_info 0019594c(+offset)

Solution 2 - C

Here are two alternatives for addr2line. Assuming you have the proper target's toolchain, you can do one of the following:

Use objdump:

  1. locate your vmlinux or the .ko file under the kernel root directory, then disassemble the object file :

    objdump -dS vmlinux > /tmp/kernel.s

  2. Open the generated assembly file, /tmp/kernel.s. with a text editor such as vim. Go to unwind_backtrace+0x0/0xf8, i.e. search for the address of unwind_backtrace + the offset. Finally, you have located the problematic part in your source code.

Use gdb:

IMO, an even more elegant option is to use the one and only gdb. Assuming you have the suitable toolchain on your host machine:

  1. Run gdb <path-to-vmlinux>.
  2. Execute in gdb's prompt: list *(unwind_backtrace+0x10).

For additional information, you may checkout the following resources:

  1. Kernel Debugging Tricks.
  2. Debugging The Linux Kernel Using Gdb

Solution 3 - C

> In unwind_backtrace+0x0/0xf8 what the +0x0/0xf8 stands for?

The first number (+0x0) is the offset from the beginning of the function (unwind_backtrace in this case). The second number (0xf8) is the total length of the function. Given these two pieces of information, if you already have a hunch about where the fault occurred this might be enough to confirm your suspicion (you can tell (roughly) how far along in the function you were).

To get the exact source line of the corresponding instruction (generally better than hunches), use addr2line or the other methods in other answers.

Categories
Recommended C Solutions
Recommended Linux Solutions
Recommended Debugging Solutions
Recommended Linux Kernel Solutions
Recommended Panic Solutions

Previous Solution:

Double multiplied by 100 and then cast to long is giving wrong value

JavaFloating PointNumbers

Next Solution:

Android WebView renders blank/white, view doesn't update on css changes or HTML changes, animations are choppy

AndroidHtmlCssCordova

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
Question0x90View Question on Stackoverflow
Solution 1 - CiabdalkaderView Answer on Stackoverflow
Solution 2 - C0x90View Answer on Stackoverflow
Solution 3 - CmgalgsView Answer on Stackoverflow