我尝试调试android内核时出现irq问题

时间:2018-11-26 12:55:31

标签: android linux-kernel kernel android-source

我正在尝试调试android linux内核(这是我第一次)。因此,我使用以下标志对其进行了编译

CONFIG_KALLSYMS
CONFIG_KALLSYMS_ALL

不幸的是,我尝试在没有KASLR的情况下编译内核,但是它没有启动(既没有关闭CONFIG_RANDOMIZE_BASE,也没有使用在CONFIG_CMDLINE中配置的nokaslr参数)。因此,我决定在激活KASLR的情况下对其进行调试。

编译内核后,我使用adb连接到设备,并且(以root身份登录后)我运行以下命令以获取vmlinux模块的基地址

echo 1 > /proc/sys/kernel/kptr_restrict
cat /proc/kallsyms

找到函数starup_64之后,我使用以下命令在我的GDB会话中添加了符号文件:     添加符号文件PATH_SYMBOL BASE_ADDRESS 它就像一个魅力!

现在的问题是我无法调试函数,因为当断点正确命中时,当我尝试转到下一条指令时,遇到了许多IRQ(或定时器中断),突然调试器转到了到另一个功能。

例如:

Thread 2 hit Breakpoint 2, binder_ioctl (filp=0xffff8ba8a804e700, cmd=3224396289, arg=4097219240) at drivers/android/binder.c:4777
4777    {
(gdb) n
read_hpet (cs=<optimized out>) at arch/x86/kernel/hpet.c:814
814         new.value = hpet_readl(HPET_COUNTER);
(gdb) bt
#0  read_hpet (cs=<optimized out>) at arch/x86/kernel/hpet.c:814
#1  0xffffffffab09ea79 in tk_clock_read (tkr=<optimized out>) at kernel/time/timekeeping.c:142
#2  timekeeping_get_delta (tkr=<optimized out>) at kernel/time/timekeeping.c:236
#3  timekeeping_get_ns (tkr=<optimized out>) at kernel/time/timekeeping.c:342
#4  ktime_get_update_offsets_now (cwsseq=0x46 <irq_stack_union+70>, offs_real=0xffff8ba8bfd1ba68, offs_boot=0x1d8234f500000000, offs_tai=0x1 <irq_stack_union+1>) at kernel/time/timekeeping.c:2231
#5  0xffffffffab09c4b8 in hrtimer_update_base (base=<optimized out>) at kernel/time/hrtimer.c:521
#6  hrtimer_interrupt (dev=<optimized out>) at kernel/time/hrtimer.c:1345
#7  0xffffffffab802444 in local_apic_timer_interrupt () at arch/x86/kernel/apic/apic.c:1037
#8  smp_apic_timer_interrupt (regs=<optimized out>) at arch/x86/kernel/apic/apic.c:1062
#9  0xffffffffab8019ed in apic_timer_interrupt () at arch/x86/entry/entry_64.S:787
#10 0xffff9de100e73e18 in ?? ()
#11 0x0000000000000000 in ?? ()


Thread 2 hit Breakpoint 2, binder_ioctl (filp=0xffff8ba89aaed000, cmd=3224396289, arg=4044769960) at drivers/android/binder.c:4777
4777    {
(gdb) n
goldfish_pipe_interrupt (irq=<optimized out>, dev_id=0xffff8ba8aeeb1c18) at drivers/platform/goldfish/goldfish_pipe_v2.c:677
677     if (count == 0) {
(gdb) bt
#0  goldfish_pipe_interrupt (irq=<optimized out>, dev_id=0xffff8ba8aeeb1c18) at drivers/platform/goldfish/goldfish_pipe_v2.c:677
#1  0xffffffffab08a0bd in __handle_irq_event_percpu (desc=0xffff8ba8aefb5600, flags=0xffff8ba8bfd03f64) at kernel/irq/handle.c:147
#2  0xffffffffab08a1df in handle_irq_event_percpu (desc=0xffff8ba8aefb5600) at kernel/irq/handle.c:187
#3  0xffffffffab08a24c in handle_irq_event (desc=0xffff8ba8aefb5600) at kernel/irq/handle.c:204
#4  0xffffffffab08d5ad in handle_edge_irq (desc=0xffff8ba8aefb5600) at kernel/irq/chip.c:770
#5  0xffffffffab015d8e in generic_handle_irq_desc (desc=<optimized out>) at ./include/linux/irqdesc.h:158
#6  handle_irq (desc=<optimized out>, regs=<optimized out>) at arch/x86/kernel/irq_64.c:78
#7  0xffffffffab801e29 in do_IRQ (regs=0xffff9de100fb3e18) at arch/x86/kernel/irq.c:230
#8  0xffffffffab80093d in common_interrupt () at arch/x86/entry/entry_64.S:571
#9  0xffff9de100fb3e18 in ?? ()
#10 0x0000000000000000 in ?? ()

我读到了有关有助于调试内核的lx脚本的信息,但是我无法在激活了KASLR的内核上使用它。

我正在编译内核4.14.72,并使用从AOSP存储库中签出的仿真器(但我认为问题与内核编译期间缺少配置参数或某些gdb参数有关)。

0 个答案:

没有答案
相关问题
最新问题