[bootlin/training-materials updates] master: Kernel debugging lab: try to clarify the explanations (1f5955c2)

Michael Opdenacker michael.opdenacker at bootlin.com
Tue Mar 31 15:12:21 CEST 2020 

Repository : https://github.com/bootlin/training-materials
On branch  : master
Link       : https://github.com/bootlin/training-materials/commit/1f5955c2064025b7071e8093ef0bab1aee7d94cc

>---------------------------------------------------------------

commit 1f5955c2064025b7071e8093ef0bab1aee7d94cc
Author: Michael Opdenacker <michael.opdenacker at bootlin.com>
Date:   Tue Mar 31 15:11:10 2020 +0200

    Kernel debugging lab: try to clarify the explanations
    
    Signed-off-by: Michael Opdenacker <michael.opdenacker at bootlin.com>
    Reported-by: Dale Stewart <dale.stewart at meresoftware.com>


>---------------------------------------------------------------

1f5955c2064025b7071e8093ef0bab1aee7d94cc
 labs/kernel-debugging/kernel-debugging.tex | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/labs/kernel-debugging/kernel-debugging.tex b/labs/kernel-debugging/kernel-debugging.tex
index aa6b84a7..222a4ef8 100644
--- a/labs/kernel-debugging/kernel-debugging.tex
+++ b/labs/kernel-debugging/kernel-debugging.tex
@@ -110,15 +110,19 @@ code inside the binaries.
 You could disassemble the whole \code{vmlinux} file and work with
 the \code{PC} absolute address, but it is going to take a long time.
 
-Instead, using Elixir or \code{cscope}, find the \code{.c} source file where
-the function is implemented. In the kernel sources, you can then find
+Instead, using Elixir or \code{cscope}, you'll find that the crash
+happens in an function defined in assembly, called by a function
+implemented in C. Find the \code{.c} source file where
+the C function is implemented.
+
+In the kernel sources, you can then find
 and dissassemble the corresponding \code{.o} file:
 
 \begin{verbatim}
 arm-linux-gnueabi-objdump -S file.o > file.S
 \end{verbatim}
 
-For this need, you could also use {gdb-multiarch}\footnote{gdb-multiarch is a new package
+Another way to do this is to use {gdb-multiarch}\footnote{gdb-multiarch is a new package
 supporting multiple architectures at once. If you have a cross
 toolchain including gdb, you can also run arm-linux-gdb directly.}:
 
@@ -134,7 +138,10 @@ Then, in the disassembled code, find the start address of the
 function, and using an hexadecimal calculator, add the offset that
 was provided in the crash output. That's how you can find the
 exact assembly instruction where the crash occured, together
-with the C code it was compiled from.
+with the C code it was compiled from. Looking at the addresses
+handled by this code, you can now guess what is wrong in the
+data passed to the stack of kernel functions called by the
+broken module.
 
 A little understanding of assembly instructions on the architecture
 you are working on helps, but seeing the original C code should answer

More information about the training-materials-updates mailing list