如何转储在系统调用(安卓的内核)调用堆栈? [英] how to dump call stack in syscall(android kernel) ?
问题描述
我想知道是谁叫* sys_reboot *的时候,手机(安卓)重新启动,意想不到的。
I want to know who called *sys_reboot* when the phone(android) reboot unexpectly.
有没有办法来转储调用堆栈的系统调用(Android的内核)?
Is there a way to dump the call stack in syscall(android kernel)?
推荐答案
如果你想要它的内核的呼叫跟踪,你可以得到通过的 dump_stack() 。 <一href=\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=kernel/panic.c;hb=HEAD\"相对=nofollow> 恐慌() 调用,除其他事项。在 BUG() / BUG_ON() 包装给它一个更具描述性消息和一个可选的条件测试。
If all you want it a kernel call trace, you can get that via dump_stack(). panic() calls that, amongst other things. The BUG() / BUG_ON() wrappers give it a more descriptive message and an optional conditional test.
一个的用户级堆栈跟踪的,特别是一象征性的,但是,不能可靠地从直接在内核中获得。这是可能的堆栈内存复制到内核空间和日志的内容,甚至试探性地走 SP / FP 键,如果framepointers不是最优的,但是解决的符号,它会需要访问和解析ELF信息。我不能确定有人已经这样做了纯内核端实现;一个简单的解决方案完成后会有从您的系统调用挂钩停止程序,生成一个用户空间的调试器附加到它,提取堆栈跟踪,持续的程序。
A userland stacktrace, particularly a symbolic one, though, cannot reliably be obtained from within the kernel directly. It's possible to copy the stack memory into kernel space and log the contents, or even heuristically walk SP/FP linkage if framepointers aren't optimized out, but to resolve symbols, it'd need to access and parse ELF information. I'm unsure anyone has done that as pure kernel-side implementation; an easier solution there would be to stop the program from your syscall hook, spawn a userspace debugger attaching to it, extracting a stacktrace, continuing the program when done.
看到这个SO发布,<一个href=\"http://stackoverflow.com/questions/7143105/call-usermodehelper-call-usermodehelperpipe-usage\">call_usermodehelper对于如何做到这一点/ call_usermodehelperpipe使用。
另请参见本SO发布<一个href=\"http://stackoverflow.com/questions/10199130/how-to-print-the-userspace-stack-trace-in-linux-kernelspace\">How打印在linux内核空间用户空间堆栈跟踪另一个引用了同样的问题。
See also this SO posting: How to print the userspace stack trace in linux kernelspace for another reference to the same question.
这篇关于如何转储在系统调用(安卓的内核)调用堆栈?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
