メモリダンプを眺めてみる
必要に迫られまして、Cもアセンブラもサッパリなのにクラッシュダンプの解析を試みようかと思い立った今日この頃。
とりあえず稼働中のシステムのメモリでも眺めながら、纏めて勉強するかということで、まずはメモリダンプが見れるとこまで。
環境: MacBook (OS X 10.5.3) で VMware Fusion に CentOS 5.1
yumのリポジトリにはkernel-debuginfoパッケージが見当たらなかったので、ソースからリビルドするかなと思いつつ一応ググってみると http://debuginfo.centos.org にパッケージを発見しました。
kernel-debuginfoパッケージをインストール
$ wget http://debuginfo.centos.org/5/i386/kernel-debuginfo-2.6.18-53.el5.i686.rpm $ wget http://debuginfo.centos.org/5/i386/kernel-debuginfo-common-2.6.18-53.el5.i686.rpm $ sudo rpm -ivh kernel-debuginfo-common-2.6.18-53.el5.i686.rpm $ sudo rpm -ivh kernel-debuginfo-2.6.18-53.el5.i686.rpm
crashコマンドを実行
3つ目の引数にvmcoreを指定すると、そのクラッシュダンプを解析する。指定しなかった場合は、稼働中システムのメモリ(/dev/mem)を参照する。
$ sudo crash /boot/System.map-2.6.18-53.1.21.el5 /usr/lib/debug/lib/modules/2.6.18-53.el5/vmlinux crash 4.0-4.6.1 Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007 Red Hat, Inc. Copyright (C) 2004, 2005, 2006 IBM Corporation Copyright (C) 1999-2006 Hewlett-Packard Co Copyright (C) 2005, 2006 Fujitsu Limited Copyright (C) 2006, 2007 VA Linux Systems Japan K.K. Copyright (C) 2005 NEC Corporation Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc. Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc. This program is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Enter "help copying" to see the conditions. This program has absolutely no warranty. Enter "help warranty" for details. GNU gdb 6.1 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... SYSTEM MAP: /boot/System.map-2.6.18-53.1.21.el5 DEBUG KERNEL: /usr/lib/debug/lib/modules/2.6.18-53.el5/vmlinux (2.6.18-53.el5) DUMPFILE: /dev/crash CPUS: 1 DATE: Sat May 31 01:54:42 2008 UPTIME: 00:39:07 LOAD AVERAGE: 0.08, 0.03, 0.01 TASKS: 130 NODENAME: cent51 RELEASE: 2.6.18-53.1.21.el5 VERSION: #1 SMP Tue May 20 09:34:18 EDT 2008 MACHINE: i686 (2394 Mhz) MEMORY: 512 MB PID: 2868 COMMAND: "crash" TASK: c6bec550 [THREAD_INFO: dbb7f000] CPU: 0 STATE: TASK_RUNNING (ACTIVE) crash>
psしてみたり
crash> ps PID PPID CPU TASK ST %MEM VSZ RSS COMM 0 0 0 c066d3c0 RU 0.0 0 0 [swapper] 1 0 0 dfbc4aa0 IN 0.1 2044 640 init 2 1 0 dfbc4550 IN 0.0 0 0 [migration/0] 3 1 0 dfbc4000 IN 0.0 0 0 [ksoftirqd/0] 4 1 0 dfbcbaa0 IN 0.0 0 0 [watchdog/0] 5 1 0 dfbcb550 IN 0.0 0 0 [events/0] 6 1 0 dfbcb000 IN 0.0 0 0 [khelper] 7 1 0 dfed2aa0 IN 0.0 0 0 [kthread] 10 7 0 dfeafaa0 IN 0.0 0 0 [kblockd/0] 11 7 0 dfeaf550 IN 0.0 0 0 [kacpid] 72 7 0 dfe78000 IN 0.0 0 0 [cqueue/0] 75 7 0 dfe70000 IN 0.0 0 0 [khubd] 77 7 0 dfe69550 IN 0.0 0 0 [kseriod] 140 7 0 c178e550 IN 0.0 0 0 [pdflush] 141 7 0 c178e000 RU 0.0 0 0 [pdflush] 142 7 0 c1792aa0 IN 0.0 0 0 [kswapd0] 〜以下省略〜
btしてみたり
crash> bt 1811 PID: 1811 TASK: c16bbaa0 CPU: 0 COMMAND: "syslogd" #0 [c1781b04] schedule at c06046b9 #1 [c1781b6c] schedule_timeout at c0604d99 #2 [c1781b90] do_select at c04803a3 #3 [c1781e34] core_sys_select at c04806a6 #4 [c1781f74] sys_select at c0480ca2 #5 [c1781fb8] system_call at c0404ef8 EAX: ffffffda EBX: 00000001 ECX: bfcbe59c EDX: 00000000 DS: 007b ESI: 00000000 ES: 007b EDI: 00000000 SS: 007b ESP: bfcbe4ec EBP: bfcbea48 CS: 0073 EIP: 0033f402 ERR: 0000008e EFLAGS: 00000246
ラジバンダリ
出力みても何がなんだかサッパリなので、週末はこいつをイジリ倒してみるかな。