I want to know how can I symbolicate a kernel panic report (not a regular app crash report). I have an OSX app that a user claims caused a kernel panic. It doesn't install any kernel extension but a launch daemon. I have followed this link https://developer.apple.com/library/mac/technotes/tn2063/_index.html but it only describes symbolication steps for the 3rd party kernel extension causing a kernel panic. How can I symbolicate the following panic report if I have not installed any kext? Any help will be appreciable.
Anonymous UUID: DF6F780A-AA27-6D40-3441-F26F828C7096
Tue Oct 27 12:02:41 2015
*** Panic Report ***
panic(cpu 1 caller 0xffffff80111d6a9a): Kernel trap at 0xffffff80113cec30, type 14=page fault, registers:
CR0: 0x000000008001003b, CR2: 0x0000000100000057, CR3: 0x000000025eade116, CR4: 0x00000000001627e0
RAX: 0xffffff8037f9bdb0, RBX: 0xffffff803e68cd08, RCX: 0xffffff8037f9bdb0, RDX: 0xffffff8011910910
RSP: 0xffffff9236923890, RBP: 0xffffff9236923900, RSI: 0x0000000000000001, RDI: 0xffffff8011910910
R8: 0x0000000000000000, R9: 0x00000000000001f0, R10: 0xffffff80118ddb78, R11: 0x0000000000000000
R12: 0x00000000ffffffff, R13: 0x0000000000000000, R14: 0xffffff80117a1f7b, R15: 0xffffff8031c77a40
RFL: 0x0000000000010206, RIP: 0xffffff80113cec30, CS: 0x0000000000000008, SS: 0x0000000000000000
Fault CR2: 0x0000000100000057, Error code: 0x0000000000000000, Fault CPU: 0x1, PL: 0
Backtrace (CPU 1), Frame : Return Address
0xffffff9236923520 : 0xffffff80110e5357
0xffffff92369235a0 : 0xffffff80111d6a9a
0xffffff9236923780 : 0xffffff80111f4093
0xffffff92369237a0 : 0xffffff80113cec30
0xffffff9236923900 : 0xffffff80113d0229
0xffffff9236923920 : 0xffffff801140edc7
0xffffff9236923a40 : 0xffffff801140c838
0xffffff9236923ad0 : 0xffffff801135bdac
0xffffff9236923ba0 : 0xffffff801135bfff
0xffffff9236923bd0 : 0xffffff801139912d
0xffffff9236923d80 : 0xffffff80113983fd
0xffffff9236923da0 : 0xffffff8011596f61
0xffffff9236923de0 : 0xffffff80115f0ebc
0xffffff9236923e30 : 0xffffff80115f13ea
0xffffff9236923e50 : 0xffffff801158a610
0xffffff9236923ec0 : 0xffffff8011586140
0xffffff9236923f20 : 0xffffff801158a2b4
0xffffff9236923f60 : 0xffffff801162ace1
0xffffff9236923fb0 : 0xffffff80111f4896
BSD process name corresponding to current thread: MyApp
Mac OS version:
15A284
Kernel version:
Darwin Kernel Version 15.0.0: Wed Aug 26 16:57:32 PDT 2015; root:xnu- 3247.1.106~1/RELEASE_X86_64
Kernel UUID: 37BC582F-8BF4-3F65-AFBB-ECF792060C68
Kernel slide: 0x0000000010e00000
Kernel text base: 0xffffff8011000000
__HIB text base: 0xffffff8010f00000
System model name: MacBookPro11,3 (Mac-2BD1B31983FE1663)
System uptime in nanoseconds: 48947258824078
last loaded kext at 46570627969383: com.apple.driver.AppleMikeyHIDDriver 124 (addr 0xffffff7f940e6000, size 20480)
last unloaded kext at 48111600364863: com.apple.driver.AppleMikeyHIDDriver 124 (addr 0xffffff7f940e6000, size 12288)
loaded kexts:
com.apple.nke.rvi 2.0.0
com.apple.filesystems.smbfs 3.0.0
com.apple.filesystems.afpfs 11.0
com.apple.nke.asp-tcp 8.0.0
...
Related
I updated my mac Big Sur to Monterey Beta.
After update, my application (installed before) not opens on iPhone Simulator (crashes immediately). And on xcode lots of errors appears, can't build.
Simulator crash report:
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000000
VM Region Info: 0 is not in any region. Bytes before following region: 4341362688
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
UNUSED SPACE AT START
--->
mapped file 102c3f000-103ce7000 [ 16.7M] r-x/r-x SM=COW ...t_id=ca4c8d93
Exception Note: EXC_CORPSE_NOTIFY
Termination Reason: SIGNAL 11 Segmentation fault: 11
Terminating Process: exc handler [15816]
Triggered by Thread: 0
Application Specific Information:
Thread 0 Crashed:
0 ??? 0x7ff7ffd02bd8 ???
1 <translation info unavailable> 0x1067fbe5c ???
2 dyld 0x2068aa88f dyld4::prepareSim(dyld4::RuntimeState&, char const*) + 890
3 dyld 0x2068a96b5 dyld4::prepare(dyld4::APIs&, dyld3::MachOAnalyzer const*) + 244
4 dyld 0x2068a94b4 start + 388
5 dyld 0x2068a4000 ???
Thread 1:: com.apple.rosetta.exceptionserver
0 ??? 0x7ff7ffcef320 ???
1 ??? 0x7ff7ffd081a0 ???
Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x0000000000000000 rbx: 0x000000010e852af8 rcx: 0x0000000000000000 rdx: 0x0000000000000001
rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x0000000000000000 rsp: 0x000000010eee6000
r8: 0xbae6d4fe37da0005 r9: 0x0000000000000000 r10: 0x000000010eee6000 r11: 0x000000010ed12010
r12: 0x0000000000000000 r13: 0x000000010ed12060 r14: 0x0000000206918080 r15: 0x0000000000000000
rip: <unavailable> rfl: 0x0000000000000283
tmp0: 0x00000001067e9c64 tmp1: 0x00000001067e8f8c tmp2: 0x00000002068c2ca3
Binary Images:
0x0 - 0xffffffffffffffff ??? (*) <00000000-0000-0000-0000-000000000000> ???
0x2068a4000 - 0x20690bfff dyld (*) <4e207376-cc5d-3986-a0bd-4d09f4217e68> /usr/lib/dyld
I had a kernel crash on a Redhat 6.
I want to retreive which file was openend
reading the dump I see
crash> bt
(...)
#8 [ffff8805050d7dc0] page_fault at ffffffff814ef845
[exception RIP: configfs_readdir+244]
RIP: ffffffffa0422444 RSP: ffff8805050d7e78 RFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff880814a738d0 RCX: ffff880814a738c8
RDX: 0000000000000006 RSI: ffff880814a73830 RDI: ffffffffa04486d0
RBP: ffff8805050d7ed8 R8: ffff880814a738d0 R9: 0000000000000004
R10: 00000000000000a8 R11: 0000000000000246 R12: ffff8804cf782b00
R13: ffffffffa04486d0 R14: ffff8802087039d0 R15: ffff8802087039d8
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
#9 [ffff8805050d7ee0] vfs_readdir at ffffffff8118a670
(...)
crash > bt -f
(...)
#9 [ffff8805050d7ee0] vfs_readdir at ffffffff8118a670
ffff8805050d7ee8: ffff8805050d7f28 ffffffff81176652
ffff8805050d7ef8: 0000000000001000 00000000009ca848
ffff8805050d7f08: ffff8804cf782b00 0000000000008000
ffff8805050d7f18: 0000000000000000 00000000009ca820
ffff8805050d7f28: ffff8805050d7f78 ffffffff8118a7f9
I look at vfs_readdir
crash> whatis vfs_readdir
int vfs_readdir(struct file *, filldir_t, void *);
Then searching for the file (address ffff8805050d7f28 picked from top of stack at #9 )
crash> struct file ffff8805050d7f28
struct file {
f_u = {
fu_list = {
next = 0xffff8805050d7f78,
prev = 0xffffffff8118a7f9
},
fu_rcuhead = {
next = 0xffff8805050d7f78,
func = 0xffffffff8118a7f9 <sys_getdents+137>
}
},
f_path = {
mnt = 0x9ca878,
dentry = 0x9ca860
},
f_op = 0xffffffea00007fd0,
f_lock = {
raw_lock = {
slock = 578155200
}
},
At this point, I can go no further, how can I get string from f_path struct ?
I want to convert
f_path = {
mnt = 0x9ca878,
dentry = 0x9ca860
},
to strings
reading the struct, file owner is -1, effective uid didn't map to a known user.
from crash, files command show only 2 regular file
EDIT: as requested
crash> p ffff8805050d7f28
No symbol "ffff8805050d7f28" in current context.
p: gdb request failed: p ffff8805050d7f28
crash> p *(struct file) ffff8805050d7f28
No symbol "ffff8805050d7f28" in current context.
p: gdb request failed: p *(struct file) ffff8805050d7f28
I have upgraded the RAM of my mac mini from 4GB to 6 GB, after which my machine is behaving in an unexpected manner,
1) Like Xcode is getting crashed very frequently.
2) System shut down
3) After restarting the machine, now Xcode is not launching and showing following error -
xcode quit unexpectedly while using the DVTKit plugin
the details are -
Process: Xcode [427]
Path: /Applications/Xcode.app/Contents/MacOS/Xcode
Identifier: com.apple.dt.Xcode
Version: 6.0.1 (6528)
Build Info: IDEFrameworks-6528000000000000~2
Code Type: X86-64 (Native)
Parent Process: launchd [158]
Responsible: Xcode [427]
User ID: 501
PlugIn Path: /Applications/Xcode.app/Contents/SharedFrameworks/DVTKit.framework/Versions/A/DVTKit
PlugIn Identifier: com.apple.dt.DVTKit
PlugIn Version: 6.0.1 (6528)
Date/Time: 2014-12-24 17:05:01.324 +0530
OS Version: Mac OS X 10.9.5 (13F34)
Report Version: 11
Anonymous UUID: B8C91A53-C5EC-FA02-FFAF-17A5CF642475
Crashed Thread: 0
Exception Type: EXC_BAD_ACCESS (Code Signature Invalid)
Exception Codes: 0x0000000000000032, 0x000000011059e010
kernel messages:
-0 sec CODE SIGNING: cs_invalid_page(0x11059e000): p=427[Xcode] final status 0x1000200, denying page sending SIGKILL
-0 sec CODE SIGNING: process 427[Xcode]: rejecting invalid page at address 0x11059e000 from offset 0x316000 in file "/Applications/Xcode.app/Contents/SharedFrameworks/DVTKit.framework/Versions/A/DVTKit" (cs_mtime:1410914376.0 == mtime:1410914376.0) (signed:0 validated:0 tainted:1 wpmapped:0 slid:0)
VM Regions Near 0x11059e010:
__TEXT 0000000110288000-0000000110590000 [ 3104K] r-x/rwx SM=COW /Applications/Xcode.app/Contents/SharedFrameworks/DVTKit.framework/Versions/A/DVTKit
--> __DATA 0000000110590000-0000000110653000 [ 780K] rw-/rwx SM=COW /Applications/Xcode.app/Contents/SharedFrameworks/DVTKit.framework/Versions/A/DVTKit
__DATA 0000000110653000-0000000110654000 [ 4K] rw-/rwx SM=NUL /Applications/Xcode.app/Contents/SharedFrameworks/DVTKit.framework/Versions/A/DVTKit
Application Specific Information:
dyld: launch, loading dependent libraries
/Applications/Xcode.app/Contents/MacOS/../SharedFrameworks/DVTKit.framework/Versions/A/DVTKit
Thread 0 Crashed:
0 dyld 0x00007fff67d883d0 ImageLoaderMachOCompressed::rebase(ImageLoader::LinkContext const&) + 1456
1 dyld 0x00007fff67d80200 ImageLoader::recursiveRebase(ImageLoader::LinkContext const&) + 126
2 dyld 0x00007fff67d801dc ImageLoader::recursiveRebase(ImageLoader::LinkContext const&) + 90
3 dyld 0x00007fff67d7fa12 ImageLoader::link(ImageLoader::LinkContext const&, bool, bool, bool, ImageLoader::RPathChain const&) + 142
4 dyld 0x00007fff67d76764 dyld::link(ImageLoader*, bool, bool, ImageLoader::RPathChain const&) + 166
5 dyld 0x00007fff67d773ac dyld::_main(macho_header const*, unsigned long, int, char const**, char const**, char const**, unsigned long*) + 1983
6 dyld 0x00007fff67d7327b dyldbootstrap::start(macho_header const*, int, char const**, long, macho_header const*, unsigned long*) + 477
7 dyld 0x00007fff67d7305e _dyld_start + 54
Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x0000000110288000 rbx: 0x0000000000000020 rcx: 0x0000000000000007 rdx: 0x0000000000000018
rdi: 0x00000001106595a8 rsi: 0x0000000000000018 rbp: 0x00007fff4ff70280 rsp: 0x00007fff4ff701f0
r8: 0x0000000000000001 r9: 0x0000000000000041 r10: 0x000000000000041c r11: 0x00007fff67dc1850
r12: 0x000000011059e010 r13: 0x00000000000002e9 r14: 0x0000000000000c3e r15: 0x0000000110654549
rip: 0x00007fff67d883d0 rfl: 0x0000000000010246 cr2: 0x000000011059e010
Logical CPU: 2
Error Code: 0x00000006
Trap Number: 14
External Modification Summary:
Calls made by other processes targeting this process:
task_for_pid: 0
thread_create: 0
thread_set_state: 0
Calls made by this process:
task_for_pid: 0
thread_create: 0
thread_set_state: 0
Calls made by all processes on this machine:
task_for_pid: 204
thread_create: 0
thread_set_state: 0
VM Region Summary:
ReadOnly portion of Libraries: Total=258.3M resident=162.9M(63%) swapped_out_or_unallocated=95.4M(37%)
Writable regions: Total=8572K written=44K(1%) resident=220K(3%) swapped_out=0K(0%) unallocated=8352K(97%)
REGION TYPE VIRTUAL
=========== =======
STACK GUARD 56.0M
Stack 8192K
VM_ALLOCATE 8K
__DATA 34.2M
__IMAGE 528K
__LINKEDIT 74.9M
__TEXT 183.4M
__UNICODE 544K
shared memory 4K
=========== =======
TOTAL 357.5M
Model: Macmini6,1, BootROM MM61.0106.B04, 2 processors, Intel Core i5, 2.5 GHz, 6 GB, SMC 2.7f1
Graphics: Intel HD Graphics 4000, Intel HD Graphics 4000, Built-In
Memory Module: BANK 0/DIMM0, 2 GB, DDR3, 1333 MHz, 0x02FE, 0x45424A3230554638424455302D474E2D4620
Memory Module: BANK 1/DIMM0, 4 GB, DDR3, 1333 MHz, 0x0000, 0x5630314C3353383447423532383532383133
AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x10E), Broadcom BCM43xx 1.0 (5.106.98.100.22)
Bluetooth: Version 4.2.7f3 14616, 3 services, 23 devices, 1 incoming serial ports
Network Service: Ethernet, Ethernet, en0
Serial ATA Device: APPLE HDD HTS545050A7E362, 500.11 GB
USB Device: USB Optical Mouse
USB Device: USB Keyboard
USB Device: Hub
USB Device: Hub
USB Device: IR Receiver
USB Device: BRCM20702 Hub
USB Device: Bluetooth USB Host Controller
USB Device: Hub
USB Device: iPhone
Thunderbolt Bus: Mac mini, Apple Inc., 23.4
Now Xcode is not getting launched?
My 64-bit JWrapper application launches fine on OS X 10.8, 10.9 and 10.10, but not on 10.7.5. I am using the latest verison of JWrapper (00031607960). Here is the crash log:
Date/Time: 2014-10-28 09:33:26.025 -0700
OS Version: Mac OS X 10.7.5 (11G63)
Report Version: 9
Crashed Thread: Unknown
Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00007fff5fc01028
Backtrace not available
Unknown thread crashed with X86 Thread State (64-bit):
rax: 0x0000000000000055 rbx: 0x0000000000000000 rcx: 0x0000000000000000 rdx: 0x0000000000000000
rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x0000000000000000 rsp: 0x0000000000000000
r8: 0x0000000000000000 r9: 0x0000000000000000 r10: 0x0000000000000000 r11: 0x0000000000000000
r12: 0x0000000000000000 r13: 0x0000000000000000 r14: 0x0000000000000000 r15: 0x0000000000000000
rip: 0x00007fff5fc01028 rfl: 0x0000000000010203 cr2: 0x00007fff5fc01028
Logical CPU: 0
Binary images description not available
External Modification Summary:
Calls made by other processes targeting this process:
task_for_pid: 1
thread_create: 0
thread_set_state: 0
Calls made by this process:
task_for_pid: 0
thread_create: 0
thread_set_state: 0
Calls made by all processes on this machine:
task_for_pid: 431
thread_create: 0
thread_set_state: 0
I have a kernel module for splitting incoming rtp packets and merging rtp outgoing packets. The program crashes once in 2/3 days. If would be very convenient for me if its possible to find the exact line where the module crashes.
I have given the crash dump below. Is it possible to find the exact line in the code from crash dump?
PID: 1256 TASK: ffff88020fc71700 CPU: 0 COMMAND: "rtpproxy"
#0 [ffff880212faf2f0] machine_kexec at ffffffff8103bb7a
#1 [ffff880212faf360] crash_kexec at ffffffff810bb968
#2 [ffff880212faf430] oops_end at ffffffff8169fad8
#3 [ffff880212faf460] die at ffffffff81017808
#4 [ffff880212faf490] do_general_protection at ffffffff8169f5d2
#5 [ffff880212faf4c0] general_protection at ffffffff8169eef5
[exception RIP: pkt_queue+388]
RIP: ffffffffa00f3fa0 RSP: ffff880212faf578 RFLAGS: 00010292
RAX: ffff8802110ae400 RBX: ffff880213a53f38 RCX: 00015d910000a20f
RDX: 497d74565cede60c RSI: 000000006df1ed57 RDI: 00000000e46e0cfc
RBP: ffff880212faf728 R8: ffff880211a8b000 R9: ffff880212fafa60
R10: ffff880212fafbc8 R11: 0000000000000293 R12: 00000000134ab2b4
R13: 000000008386615c R14: 00000000000000e3 R15: 00000000000000e3
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
#6 [ffff880212faf730] obsf_tg at ffffffffa00f34a0 [xt_OBSF]
#7 [ffff880212faf890] ipt_do_table at ffffffffa00e41a5 [ip_tables]
#8 [ffff880212faf970] ipt_mangle_out at ffffffffa00dd129 [iptable_mangle]
#9 [ffff880212faf9c0] iptable_mangle_hook at ffffffffa00dd1eb [iptable_mangle]
#10 [ffff880212faf9d0] nf_iterate at ffffffff815aded5
#11 [ffff880212fafa20] nf_hook_slow at ffffffff815adf85
#12 [ffff880212fafaa0] __ip_local_out at ffffffff815babb2
#13 [ffff880212fafac0] ip_local_out at ffffffff815babd6
#14 [ffff880212fafae0] ip_send_skb at ffffffff815bbefb
#15 [ffff880212fafb00] udp_send_skb at ffffffff815df1d1
#16 [ffff880212fafb50] udp_sendmsg at ffffffff815e0286
#17 [ffff880212fafc90] inet_sendmsg at ffffffff815eabc4
#18 [ffff880212fafcd0] sock_sendmsg at ffffffff8156a437
#19 [ffff880212fafe50] sys_sendto at ffffffff8156d91d
#20 [ffff880212faff80] system_call_fastpath at ffffffff816a7029
RIP: 00007f17363b83a3 RSP: 00007ffff2965f90 RFLAGS: 00010213
RAX: 000000000000002c RBX: ffffffff816a7029 RCX: 00007ffff29ff99b
RDX: 0000000000000020 RSI: 00007f1737da4378 RDI: 0000000000000006
RBP: 0000000000000001 R8: 00007f1737da67a0 R9: 0000000000000010
R10: 0000000000000000 R11: 0000000000000293 R12: 00007f1737da4378
R13: 0000000000000001 R14: 00007f1737da42a0 R15: 0000000000000000
ORIG_RAX: 000000000000002c CS: 0033 SS: 002b
[157707.736203] general protection fault: 0000 [#1] SMP
[157707.736955] CPU 0
[157707.736973] Modules linked in:
[157707.737654] arc4 xt_tcpudp xt_OBSF(O) iptable_mangle ip_tables x_tables ghash_clmulni_intel aesni_intel cryptd aes_x86_64 joydev hid_generic microcode ext2 usbhid psmouse hid serio_raw i2c_piix4 virtio_balloon lp parport mac_hid floppy
[157707.740018]
[157707.740102] Pid: 1256, comm: rtpproxy Tainted: G O 3.5.0-23-generic #35~precise1-Ubuntu Bochs Bochs
[157707.740102] RIP: 0010:[<ffffffffa00f3fa0>] [<ffffffffa00f3fa0>] pkt_queue+0x184/0x48a [xt_OBSF]
[157707.740102] RSP: 0018:ffff880212faf578 EFLAGS: 00010292
[157707.740102] RAX: ffff8802110ae400 RBX: ffff880213a53f38 RCX: 00015d910000a20f
[157707.740102] RDX: 497d74565cede60c RSI: 000000006df1ed57 RDI: 00000000e46e0cfc
[157707.740102] RBP: ffff880212faf728 R08: ffff880211a8b000 R09: ffff880212fafa60
[157707.740102] R10: ffff880212fafbc8 R11: 0000000000000293 R12: 00000000134ab2b4
[157707.740102] R13: 000000008386615c R14: 00000000000000e3 R15: 00000000000000e3
[157707.740102] FS: 00007f1736ad9700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000
[157707.740102] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[157707.740102] CR2: 00007fd8a39f8000 CR3: 0000000211ad7000 CR4: 00000000000407f0
[157707.740102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[157707.740102] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[157707.740102] Process rtpproxy (pid: 1256, threadinfo ffff880212fae000, task ffff88020fc71700)
[157707.740102] Stack:
[157707.740102] ffff880212faf5a8 0000000000015d91 134ab2b400000008 000008f58386615c
[157707.740102] 00015d910000a20f a080527800000014 3a78560000d1fa00 564812de1a006045
[157707.740102] ffff880212faf618 ffffffff81872e20 0000000000000000 ffff880210ca9000
[157707.740102] Call Trace:
[157707.740102] [<ffffffff8169e7de>] ? _raw_spin_lock+0xe/0x20
[157707.740102] [<ffffffff815a0958>] ? sch_direct_xmit+0x88/0x1c0
[157707.740102] [<ffffffff81090833>] ? update_cpu_power+0x63/0x100
[157707.740102] [<ffffffff810909c3>] ? update_group_power+0xf3/0x100
[157707.740102] [<ffffffff81090db2>] ? update_sd_lb_stats+0x3e2/0x5f0
[157707.740102] [<ffffffffa00f34a0>] obsf_tg+0x9c0/0x133c [xt_OBSF]
[157707.740102] [<ffffffff81090ff9>] ? find_busiest_group+0x39/0x4a0
[157707.740102] [<ffffffff81091541>] ? load_balance+0xe1/0x4a0
[157707.740102] [<ffffffffa00e41a5>] ipt_do_table+0x315/0x450 [ip_tables]
[157707.740102] [<ffffffffa00dd129>] ipt_mangle_out+0x99/0x100 [iptable_mangle]
[157707.740102] [<ffffffffa00dd1eb>] iptable_mangle_hook+0x5b/0x60 [iptable_mangle]
[157707.740102] [<ffffffff815aded5>] nf_iterate+0x85/0xc0
[157707.740102] [<ffffffff815b8e50>] ? ip_forward_options+0x200/0x200
[157707.740102] [<ffffffff815adf85>] nf_hook_slow+0x75/0x150
[157707.740102] [<ffffffff815b8e50>] ? ip_forward_options+0x200/0x200
[157707.740102] [<ffffffff815babb2>] __ip_local_out+0xa2/0xb0
[157707.740102] [<ffffffff815babd6>] ip_local_out+0x16/0x30
[157707.740102] [<ffffffff815bbefb>] ip_send_skb+0x1b/0x50
[157707.740102] [<ffffffff815df1d1>] udp_send_skb+0x111/0x2a0
[157707.740102] [<ffffffff815b9070>] ? ip_setup_cork+0x150/0x150
[157707.740102] [<ffffffff815e0286>] udp_sendmsg+0x316/0x960
[157707.740102] [<ffffffff815eabc4>] inet_sendmsg+0x64/0xb0
[157707.740102] [<ffffffff812f31b7>] ? apparmor_socket_sendmsg+0x17/0x20
[157707.740102] [<ffffffff8156a437>] sock_sendmsg+0x117/0x130
[157707.740102] [<ffffffff8119a510>] ? __pollwait+0xf0/0xf0
[157707.740102] [<ffffffff8119a510>] ? __pollwait+0xf0/0xf0
[157707.740102] [<ffffffff8119a510>] ? __pollwait+0xf0/0xf0
[157707.740102] [<ffffffff8156b58d>] ? move_addr_to_user+0xbd/0xd0
[157707.740102] [<ffffffff8156ce7a>] ? move_addr_to_kernel+0x5a/0xa0
[157707.740102] [<ffffffff8156d91d>] sys_sendto+0x13d/0x190
[157707.740102] [<ffffffff8103fcc9>] ? kvm_clock_read+0x19/0x20
[157707.740102] [<ffffffff8103fcd9>] ? kvm_clock_get_cycles+0x9/0x10
[157707.740102] [<ffffffff810a3bd7>] ? getnstimeofday+0x57/0xe0
[157707.740102] [<ffffffff810a3cca>] ? do_gettimeofday+0x1a/0x50
[157707.740102] [<ffffffff816a7029>] system_call_fastpath+0x16/0x1b
[157707.740102] Code: f7 f1 48 8b 8d 70 fe ff ff 4c 63 f2 41 89 d7 49 69 c6 68 01 00 00 48 01 c3 48 8b 83 58 01 00 00 48 2d 58 01 00 00 48 89 c2 eb 20 <44> 39 62 04 0f 85 c0 02 00 00 44 39 6a 08 0f 85 b6 02 00 00 48
[157707.740102] RIP [<ffffffffa00f3fa0>] pkt_queue+0x184/0x48a [xt_OBSF]
[157707.740102] RSP <ffff880212faf578>
[157707.736203] general protection fault: 0000 [#1] SMP
Says that you are doing something horrible in memory (e.g dereferencing a null pointer)
[157707.740102] RIP: 0010:[<ffffffffa00f3fa0>] [<ffffffffa00f3fa0>] pkt_queue+0x184/0x48a
This line is reporting to you the instruction pointer value when your module crashed; it says that it died inside a function named "pkt_queue" after an offset of "0x184".
(btw, the same value appears in the first crash dump, 388 in decimal = 0x184)
Now, you can use objdump to dump the assembly + debug information about your code and you add the address of the function pkt_queue to 0x184 and you get to the offending instruction.
Let's say your pkt_queue function appears(unreasonably hypothetical) at address 0x01 in objdump, it means you should look at line: 0x184 + 0x01 = 0x185 in the assembly to see what's going on.
Objdump allows you view the source + the assembly and line numbers:
objdump -S your_object_file.o this will not only list the assembly but also the corresponding source code assuming the debug symbols are added when compiling.
Oh and for your future reference:https://opensourceforu.com/2011/01/understanding-a-kernel-oops/
You can also use:
eu-addr2line -f -e object_file.o pkt_queue+0x184
Where -f tells the command that the function name is used with line number and -e is the executable or object file containing the line number.
there is also the script scripts/decode_stacktrace.sh in the kernel source code.
You should enable CONFIG_DEBUG_INFO then run the script:
./scripts/decode_stacktrace.sh /path/to/vmlinux /path/to/kernel/tree /path/to/modules/dir < dmesg.log
for example starting in the kernel source code root:
make O=~/kbuild/x86/ -j9
cd ~/kbuild/x86/
make INSTALL_MOD_PATH=~/modpath modules_install
cd -
./scripts/decode_stacktrace.sh ~/kbuild/x86/vmlinux . ~/modpath < crash.log
see https://lwn.net/Articles/592724/