How does addr2line work with virtual addresses for kernel space debugging?

Question

I was trying my hands on addr2line to convert a "pc" register value from a kernel oops (example) to a line in the kernel code. I believe that the value of the program counter represents a virtual address.

Now this post on Stack Overflow says that we generally provide an offset to addr2line and not a virtual address. VA can only be used when the address space randomization is turned off. Does this hold true for a kernel as well? I believe it should.

This Embedded Linux Conference talk on slide 14 also makes use of the program counter value to jump to the line in code, but I believe this would work only work when the address space randomization is off. Otherwise, once the virtual memory is initialized, it's possible that the kernel gets relocated randomly. In this case, any virtual address picked from an oops should not make any sense to addr2line. This is all theory. I have 2 questions now:

1. Is my understanding correct? If not, please correct me.
2. How do we turn off the address space randomization for a kernel so that the location of a symbol can be predicted?

Answer 1

Yes, your understanding is correct.

You have multiple options:

1. Completely remove KASLR support by building the kernel with CONFIG_RANDOMIZE_BASE=n Drastic solution, wouldn't recommend if not for developing purposes.
2. Boot the kernel with the command line argument nokaslr. See here for more info.
3. Manually compute the offset of the address from the start of the kernel's .text segment. Not that easy, would require knowing the base address beforehand or extrapolating it from the panic info. Definitely doable with some grep + objdump + some more ELF tools probably, but pretty annoying and time consuming.

NB: of course points 1 and 2 require that the kernel is compiled with debugging symbols for addr2line to do its job.

See also: this Linux kernel doc page.