unable to handle kernel paging request at a virtual address
碰見過該錯誤的代碼打印信息如下:
[ 2.782597] ++++++++remotectl_init
[ 2.786024] ++++++++remotectl_probe
[ 2.789590] remotectl probe j=0x0
[ 2.792914] Unable to handle kernel paging request at virtual address ba1371d8
[ 2.800146] pgd = c0404000
[ 2.802850] [ba1371d8] *pgd=00000000
[ 2.806437] Internal error: Oops: 5 [#1] PREEMPT
[ 2.811048] last sysfs file:
[ 2.814015] CPU: 0 Not tainted (2.6.32.27 #1)
[ 2.818735] PC is at input_set_capability+0xe4/0x14c
[ 2.823706] LR is at remotectl_probe+0x1e4/0x2dc
[ 2.828321] pc : [<c068e91c>] lr : [<c081bef8>] psr: a0000013
[ 2.828326] sp : d301fef8 ip : fe049070 fp : 00000000
[ 2.839796] r10: c09cc934 r9 : 00000000 r8 : 00000108
[ 2.845016] r7 : c0991ef8 r6 : c2013000 r5 : 00000001 r4 : d27e9c00
[ 2.851536] r3 : c2013018 r2 : 8fffffff r1 : 00000001 r0 : c2013000
[ 2.858059] Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment kernel
[ 2.865361] Control: 10c5387d Table: 60404019 DAC: 00000017
[ 2.871100]
[ 2.871102] PC: 0xc068e89c:
[ 2.875375] e89c c068e8f8 c068e944 e282c01f e2803018 ea000013 e282c01f e2803078 ea000010
[ 2.883651] e8bc e282c01f e280307c ea00000d e282c01f e2803084 ea00000a e282c01f e28030a0
[ 2.891924] e8dc ea000007 e282c01f e2803088 ea000004 e282c01f e280308c ea000001 e282c01f
[ 2.900198] e8fc e2803090 e3520000 e3a05001 a1a0c002 e212217e 42422001 e1a0c2cc 41e02d82
[ 2.908470] e91c e793410c 41e02da2 42822001 e1842215 e783210c ea000003 e59f0044 eb063be9
[ 2.916744] e93c e8bd4070 ea063b98 e3510000 e281301f a1a03001 e211117e 42411001 e2800014
[ 2.925015] e95c e1a032c3 e3a0c001 41e01d81 e7902103 41e01da1 42811001 e182111c e7801103
[ 2.933288] e97c e8bd8070 c09208a3 e3500000 012fff1e e2800e79 eafd9329 e59f3010 e3a01a01
[ 2.941562]
[ 2.941565] LR: 0xc081be78:
[ 2.945837] be78 ebf1b609 e250a000 0a000006 e59f0140 e1a01008 e1a0200a eb000693 e595000c
[ 2.954109] be98 ebf67945 ea00002d e59f3128 e3a01000 e1a02001 e2840034 e5844044 e1a08001
[ 2.962383] beb8 e5843040 ebf106e0 e2840064 e59f1108 e1a02004 ebf0f34e e59f0100 e1a01008
[ 2.970656] bed8 e59fa0fc eb000680 e08a3008 e1a00006 e2888008 e3a01001 e5932004 ebf9ca4f
[ 2.978928] bef8 e3580e13 1afffff7 e1a00006 ebf9c813 e250a000 0a000009 e1a0100a e59f00c4
[ 2.987201] bf18 eb000671 e59f00c0 eb00066f e1a00006 ebf9ca95 e1a00004 ebf256b9 ea000007
[ 2.995472] bf38 e1a00006 e3a01001 e3a0208f ebf9ca3b e5d73058 e3833003 e5c73058 ea000010
[ 3.003747] bf58 e59f0088 eb000660 e595000c e1a01004 e2800064 ebf1b701 e2840034 ebf105ea
[ 3.012022]
[ 3.012025] SP: 0xd301fe78:
[ 3.016297] fe78 a645c5cf 00000000 60000013 00000034 00000000 2020205b 372e3220 39353938
[ 3.024570] fe98 00205d30 ffffffff d301fee4 c2013000 c0991ef8 c042da6c c2013000 00000001
[ 3.032841] feb8 8fffffff c2013018 d27e9c00 00000001 c2013000 c0991ef8 00000108 00000000
[ 3.041116] fed8 c09cc934 00000000 fe049070 d301fef8 c081bef8 c068e91c a0000013 ffffffff
[ 3.049390] fef8 d27e9c00 c0992b14 c2013000 c081bef8 c08e51e0 d27e9c00 00000000 c0991f00
[ 3.057663] ff18 c0991f34 c09cc8fc c09cc8fc 00000000 00000000 c05f783c c0991f00 c05f69f8
[ 3.065934] ff38 c0991f00 c0991f34 c09cc8fc 00000000 00000000 c05f6b04 c09cc8fc d301ff60
[ 3.074206] ff58 c05f6aa4 c05f6260 d302aef8 d30549f0 c09cc8fc c09cc8fc c2012e40 c09ae960
[ 3.082483]
[ 3.082485] IP: 0xfe048ff0:
[ 3.086757] 8ff0 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.095038] 9010 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.103315] 9030 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.111592] 9050 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.119867] 9070 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.128142] 9090 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.136415] 90b0 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.144690] 90d0 ******** ******** ******** ******** ******** ******** ******** ********
[ 3.152965]
[ 3.152968] R0: 0xc2012f80:
[ 3.157240] 2f80 00000000 d27d0790 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.165513] 2fa0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.173788] 2fc0 0f78ec72 9df3de7b 92d79ff8 e5091e52 0b7e7098 ef0884e5 7c84cda3 a8507b86
[ 3.182062] 2fe0 927e941c ae3cf8d9 cf1941d1 fbcc8073 67c74318 c631bd78 488ffbe2 8da6c82e
[ 3.190335] 3000 c08e51db c0920ac4 00000000 00010019 01000001 00000002 00000ffc 00000000
[ 3.198609] 3020 00000000 030c16c0 76205800 00000010 00000000 00000100 00000000 00000000
[ 3.206883] 3040 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.215157] 3060 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.223432]
[ 3.223434] R3: 0xc2012f98:
[ 3.227706] 2f98 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.235979] 2fb8 00000000 00000000 0f78ec72 9df3de7b 92d79ff8 e5091e52 0b7e7098 ef0884e5
[ 3.244253] 2fd8 7c84cda3 a8507b86 927e941c ae3cf8d9 cf1941d1 fbcc8073 67c74318 c631bd78
[ 3.252528] 2ff8 488ffbe2 8da6c82e c08e51db c0920ac4 00000000 00010019 01000001 00000002
[ 3.260801] 3018 00000ffc 00000000 00000000 030c16c0 76205800 00000010 00000000 00000100
[ 3.269076] 3038 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.277349] 3058 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.285623] 3078 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.293898]
[ 3.293901] R4: 0xd27e9b80:
[ 3.298173] 9b80 ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff
[ 3.306447] 9ba0 ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff
[ 3.314720] 9bc0 ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff
[ 3.322994] 9be0 ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff
[ 3.331265] 9c00 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.339540] 9c20 00000000 00000000 00000000 00000000 c2013000 00000000 00000000 00000000
[ 3.347813] 9c40 c069152c d27e9c00 c0a22400 00000000 00000000 00000000 00000000 00000000
[ 3.356087] 9c60 ffffffff 00000000 00000000 00000000 c0691064 d27e9c00 d27db600 c0995908
[ 3.364362]
[ 3.364365] R6: 0xc2012f80:
[ 3.368637] 2f80 00000000 d27d0790 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.376911] 2fa0 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.385184] 2fc0 0f78ec72 9df3de7b 92d79ff8 e5091e52 0b7e7098 ef0884e5 7c84cda3 a8507b86
[ 3.393456] 2fe0 927e941c ae3cf8d9 cf1941d1 fbcc8073 67c74318 c631bd78 488ffbe2 8da6c82e
[ 3.401730] 3000 c08e51db c0920ac4 00000000 00010019 01000001 00000002 00000ffc 00000000
[ 3.410004] 3020 00000000 030c16c0 76205800 00000010 00000000 00000100 00000000 00000000
[ 3.418278] 3040 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.426551] 3060 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.434824]
[ 3.434827] R7: 0xc0991e78:
[ 3.439099] 1e78 c0991e78 c0991e78 c09ae960 c09cc89c c09929b8 00000000 00000003 00000001
[ 3.447373] 1e98 c0991f58 c098b1f8 00000000 00000000 00000000 00000000 00000000 c0991eb4
[ 3.455646] 1eb8 c0991eb4 00000000 00000000 c0991ec4 c0991ec4 00000000 00000000 00000000
[ 3.463919] 1ed8 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
[ 3.472194] 1ef8 c08e51db ffffffff c09ae8b8 d30549c0 d3055a80 c098aa2c c0991e4c c09ae8c0
[ 3.480468] 1f18 d300a940 c09ae430 d3056c68 00000003 00000007 00000000 00000000 00000000
[ 3.488743] 1f38 c0991f38 c0991f38 c09ae960 c09cc8fc c0992b14 00000000 00000000 00000001
[ 3.497018] 1f58 c098aa78 c0991e98 00000000 00000000 00000000 00000000 00000000 c0991f74
[ 3.505293]
[ 3.505295] R10: 0xc09cc8b4:
[ 3.509654] c8b4 c05f7848 00000000 00000000 00000000 00000000 c085e4ec d27e25c0 00000000
[ 3.517928] c8d4 c0920c21 00000000 000001a4 c0690bd4 00000000 c081bd14 c081d430 00000000
[ 3.526199] c8f4 00000000 00000000 c08e51db c09ae960 00000000 00000000 00000000 c05f7824
[ 3.534472] c914 c05f7848 00000000 00000000 00000000 00000000 c085e56c c2012e40 00000000
[ 3.542745] c934 00000068 00000078 0000004a 00000079 00000048 00000067 000000b2 0000006c
[ 3.551021] c954 00000088 000000a4 00000008 00000073 000000f2 00000072 00000032 00000066
[ 3.559298] c974 000000f0 0000008b 00000070 00000067 000000b0 00000069 000000d2 0000006a
[ 3.567572] c994 00000052 0000006c 00000030 000000e8 00000092 00000095 00000012 0000009e
[ 3.575849] Process swapper (pid: 1, stack limit = 0xd301e2f0)
[ 3.581676] Stack: (0xd301fef8 to 0xd3020000)
[ 3.586030] fee0: d27e9c00 c0992b14
[ 3.594203] ff00: c2013000 c081bef8 c08e51e0 d27e9c00 00000000 c0991f00 c0991f34 c09cc8fc
[ 3.602375] ff20: c09cc8fc 00000000 00000000 c05f783c c0991f00 c05f69f8 c0991f00 c0991f34
[ 3.610548] ff40: c09cc8fc 00000000 00000000 c05f6b04 c09cc8fc d301ff60 c05f6aa4 c05f6260
[ 3.618721] ff60: d302aef8 d30549f0 c09cc8fc c09cc8fc c2012e40 c09ae960 00000000 c05f5a20
[ 3.626894] ff80: c08e51db c08e51db 00000001 c09cc8fc c0426454 00000001 00000000 00000000
[ 3.635066] ffa0: 00000000 c05f6dd0 c0690fb8 c0426454 00000001 00000000 00000000 c042d37c
[ 3.643238] ffc0: 00000000 00000184 c099db60 00000000 00000000 c042618c c0426454 00000000
[ 3.651410] ffe0: 00000000 c0408404 00000000 00000000 00000000 c042e99c ffffffff ffffffff
[ 3.659598] [<c068e91c>] (input_set_capability+0xe4/0x14c) from [<c081bef8>] (remotectl_probe+0x1e4/0x2dc)
[ 3.669252] [<c081bef8>] (remotectl_probe+0x1e4/0x2dc) from [<c05f783c>] (platform_drv_probe+0x18/0x1c)
[ 3.678654] [<c05f783c>] (platform_drv_probe+0x18/0x1c) from [<c05f69f8>] (driver_probe_device+0xa0/0x14c)
[ 3.688305] [<c05f69f8>] (driver_probe_device+0xa0/0x14c) from [<c05f6b04>] (__driver_attach+0x60/0x84)
[ 3.697694] [<c05f6b04>] (__driver_attach+0x60/0x84) from [<c05f6260>] (bus_for_each_dev+0x48/0x84)
[ 3.706737] [<c05f6260>] (bus_for_each_dev+0x48/0x84) from [<c05f5a20>] (bus_add_driver+0x9c/0x22c)
[ 3.715780] [<c05f5a20>] (bus_add_driver+0x9c/0x22c) from [<c05f6dd0>] (driver_register+0xa8/0x138)
[ 3.724828] [<c05f6dd0>] (driver_register+0xa8/0x138) from [<c042d37c>] (do_one_initcall+0x5c/0x1b4)
[ 3.733959] [<c042d37c>] (do_one_initcall+0x5c/0x1b4) from [<c0408404>] (kernel_init+0xa4/0x120)
[ 3.742745] [<c0408404>] (kernel_init+0xa4/0x120) from [<c042e99c>] (kernel_thread_exit+0x0/0x8)
[ 3.751525] Code: e212217e 42422001 e1a0c2cc 41e02d82 (e793410c)
[ 3.757679] ---[ end trace 4e8843d460a6e38b ]---
[ 3.762316] Kernel panic - not syncing: Attempted to kill init!
[ 3.768251] [<c0433198>] (unwind_backtrace+0x0/0xd8) from [<c081d80c>] (panic+0x58/0x130)
[ 3.776456] [<c081d80c>] (panic+0x58/0x130) from [<c0457468>] (do_exit+0x68/0x690)
[ 3.784041] [<c0457468>] (do_exit+0x68/0x690) from [<c043199c>] (die+0x28c/0x2c0)
[ 3.791537] [<c043199c>] (die+0x28c/0x2c0) from [<c04341b8>] (__do_kernel_fault+0x64/0x74)
[ 3.799812] [<c04341b8>] (__do_kernel_fault+0x64/0x74) from [<c0434388>] (do_page_fault+0x1c0/0x1d4)
[ 3.808951] [<c0434388>] (do_page_fault+0x1c0/0x1d4) from [<c042d2c0>] (do_DataAbort+0x34/0x94)
[ 3.817648] [<c042d2c0>] (do_DataAbort+0x34/0x94) from [<c042da6c>] (__dabt_svc+0x4c/0x60)
[ 3.825914] Exception stack(0xd301feb0 to 0xd301fef8)
[ 3.830975] fea0: c2013000 00000001 8fffffff c2013018
[ 3.839159] fec0: d27e9c00 00000001 c2013000 c0991ef8 00000108 00000000 c09cc934 00000000
[ 3.847331] fee0: fe049070 d301fef8 c081bef8 c068e91c a0000013 ffffffff
[ 3.853960] [<c042da6c>] (__dabt_svc+0x4c/0x60) from [<c068e91c>] (input_set_capability+0xe4/0x14c)
[ 3.863015] [<c068e91c>] (input_set_capability+0xe4/0x14c) from [<c081bef8>] (remotectl_probe+0x1e4/0x2dc)
[ 3.872678] [<c081bef8>] (remotectl_probe+0x1e4/0x2dc) from [<c05f783c>] (platform_drv_probe+0x18/0x1c)
[ 3.882082] [<c05f783c>] (platform_drv_probe+0x18/0x1c) from [<c05f69f8>] (driver_probe_device+0xa0/0x14c)
[ 3.891744] [<c05f69f8>] (driver_probe_device+0xa0/0x14c) from [<c05f6b04>] (__driver_attach+0x60/0x84)
[ 3.901147] [<c05f6b04>] (__driver_attach+0x60/0x84) from [<c05f6260>] (bus_for_each_dev+0x48/0x84)
[ 3.910201] [<c05f6260>] (bus_for_each_dev+0x48/0x84) from [<c05f5a20>] (bus_add_driver+0x9c/0x22c)
[ 3.919257] [<c05f5a20>] (bus_add_driver+0x9c/0x22c) from [<c05f6dd0>] (driver_register+0xa8/0x138)
[ 3.928300] [<c05f6dd0>] (driver_register+0xa8/0x138) from [<c042d37c>] (do_one_initcall+0x5c/0x1b4)
[ 3.937440] [<c042d37c>] (do_one_initcall+0x5c/0x1b4) from [<c0408404>] (kernel_init+0xa4/0x120)
[ 3.946232] [<c0408404>] (kernel_init+0xa4/0x120) from [<c042e99c>] (kernel_thread_exit+0x0/0x8)
[ 3.955027] Rebooting in 5 seconds..RESTART_DEBUG : arch/arm/kernel/process.c->machine_restart->223->cmd=<NULL> reboot_mode=h
[ 8.967610] RESTART_DEBUG : arch/arm/kernel/process.c->arm_machine_restart->103->mode=0 cmd=<NULL>
[ 8.976943] RESTART_DEBUG : arch/arm/mach-rk29/include/mach/system.h->arch_reset->34->mode=
[ 8.985123] Loop for debug...初步的分析:
大多數bug通常是因爲廢棄了一個NULL指針或者使用了錯誤的指針值,這類bug導致的結果通常是一個oops消息。
什麼是oops:
處理器使用的所有地址幾乎都是通過一個複雜的頁表結構對物理地址映射而得到的虛擬地址(除了內存管理子系統自己所使用的物理地址)。
當一個非法的指針被廢棄時,內存分頁機制將不能爲指針映射一個物理地址,處理器就會向操作系統發出一個頁故障信號。
如果地址不合法,那麼內核將不能在該地址“布頁”,這時如果處理器處於超級用戶模式,內核就會生成一條oops消息。
一條oops消息能夠顯示發生故障時處理器的狀態,以及CPU寄存器的內容和其他從表面難以理解的信息。
可能引起的原因:
a)廢棄一個NULL指針,其中最有關的信息是指令指針(EIP),即故障指令的地址;
b)字符串的長度超出了目標數組的範圍,當函數返回時就會導致緩衝區溢出(只能看到部分函數調用的堆棧情況,內核堆棧已經坍塌);
......
進一步分析:
通常,當你面臨一個oops時,首要問題就是查看故障的發生位置,它通常會與函數調用的堆棧信息分開列出。
[ 3.659598] [<c068e91c>] (input_set_capability+0xe4/0x14c) from [<c081bef8>] (remotectl_probe+0x1e4/0x2dc)
[ 3.669252] [<c081bef8>] (remotectl_probe+0x1e4/0x2dc) from [<c05f783c>] (platform_drv_probe+0x18/0x1c)
[ 3.678654] [<c05f783c>] (platform_drv_probe+0x18/0x1c) from [<c05f69f8>] (driver_probe_device+0xa0/0x14c)
[ 3.688305] [<c05f69f8>] (driver_probe_device+0xa0/0x14c) from [<c05f6b04>] (__driver_attach+0x60/0x84)
[ 3.697694] [<c05f6b04>] (__driver_attach+0x60/0x84) from [<c05f6260>] (bus_for_each_dev+0x48/0x84)
[ 3.706737] [<c05f6260>] (bus_for_each_dev+0x48/0x84) from [<c05f5a20>] (bus_add_driver+0x9c/0x22c)
[ 3.715780] [<c05f5a20>] (bus_add_driver+0x9c/0x22c) from [<c05f6dd0>] (driver_register+0xa8/0x138)
[ 3.724828] [<c05f6dd0>] (driver_register+0xa8/0x138) from [<c042d37c>] (do_one_initcall+0x5c/0x1b4)
[ 3.733959] [<c042d37c>] (do_one_initcall+0x5c/0x1b4) from [<c0408404>] (kernel_init+0xa4/0x120)
[ 3.742745] [<c0408404>] (kernel_init+0xa4/0x120) from [<c042e99c>] (kernel_thread_exit+0x0/0x8)從上可以看出問題主要出現在函數remotectl_probe的input_set_capability中,結合源代碼就可知道由於字符串的長度超出了目標數組的範圍引起的oops消息。
注:如<c05f783c> 有些可通過函數入口地址從kernel下的System.map中查找到其對應的函數名。
如果你需要更多信息,函數調用的堆棧信息將會告訴你怎樣找到已崩潰的東西。
堆棧信息會以十六進制列出;稍加分析,你就能從中辨別出局部變量以及函數參數。(有經驗的內核開發者會從中獲得很大的幫助)
位於堆棧頂部的ffffffff是引發故障的字符串的一部分。
在x86體系中,默認用戶空間中的堆棧地址是小於0xc00000000的,因此,其中0xbfffda70很有可能是一個用戶空間的堆棧地址,實際上它就是傳遞給read系統調用的緩衝區的地址,它在內核調用鏈中每次被下傳時都會被複制。
在x86中(再次說明,缺省的),內核空間地址起始自0xc00000000,所以可以基本確定凡是大於該值的地址都是屬於內核空間的地址。
注意點:
a)當你查看oops信息時,始終要留意本章開始時討論的“slab poisoning”的值。因此,如果一條內核oops中出現了討厭的地址值0xa5a5a5a5,那麼你肯定是在什麼地方忘記初始化動態分配的內存了;
b)由於新版本的內核使用的GCC擴展語法越來越多,舊版的GCC在處理擴展語法時可能有缺陷,最好用內核文檔所指定的編譯器版本編譯內核;
......
這是我總結網絡上一些相關信息,發表的第一篇博客,如有錯誤歡迎博友批評糾正,接下去我會繼續發表新的博文,敬請關注 (*^__^*) 嘻嘻……!!!