无法处理内核页面请求的虚拟地址(相关问题讨论)

unable to handle kernel paging request at a virtual address

碰见过该错误的代码打印信息如下:

[    2.782597] ++++++++remotectl_init

[    2.786024] ++++++++remotectl_probe

[    2.789590] remotectl probe j=0x0

[    2.792914] Unable to handle kernel paging request at virtual address ba1371d8

[    2.800146] pgd = c0404000

[    2.802850] [ba1371d8] *pgd=00000000

[    2.806437] Internal error: Oops: 5 [#1] PREEMPT

[    2.811048] last sysfs file: 

[    2.814015] CPU: 0    Not tainted  (2.6.32.27 #1)

[    2.818735] PC is at input_set_capability+0xe4/0x14c

[    2.823706] LR is at remotectl_probe+0x1e4/0x2dc

[    2.828321] pc : []    lr : []    psr: a0000013

[    2.828326] sp : d301fef8  ip : fe049070  fp : 00000000

[    2.839796] r10: c09cc934  r9 : 00000000  r8 : 00000108

[    2.845016] r7 : c0991ef8  r6 : c2013000  r5 : 00000001  r4 : d27e9c00

[    2.851536] r3 : c2013018  r2 : 8fffffff  r1 : 00000001  r0 : c2013000

[    2.858059] Flags: NzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment kernel

[    2.865361] Control: 10c5387d  Table: 60404019  DAC: 00000017

[    2.871100] 

[    2.871102] PC: 0xc068e89c:

[    2.875375] e89c  c068e8f8 c068e944 e282c01f e2803018 ea000013 e282c01f e2803078 ea000010

[    2.883651] e8bc  e282c01f e280307c ea00000d e282c01f e2803084 ea00000a e282c01f e28030a0

[    2.891924] e8dc  ea000007 e282c01f e2803088 ea000004 e282c01f e280308c ea000001 e282c01f

[    2.900198] e8fc  e2803090 e3520000 e3a05001 a1a0c002 e212217e 42422001 e1a0c2cc 41e02d82

[    2.908470] e91c  e793410c 41e02da2 42822001 e1842215 e783210c ea000003 e59f0044 eb063be9

[    2.916744] e93c  e8bd4070 ea063b98 e3510000 e281301f a1a03001 e211117e 42411001 e2800014

[    2.925015] e95c  e1a032c3 e3a0c001 41e01d81 e7902103 41e01da1 42811001 e182111c e7801103

[    2.933288] e97c  e8bd8070 c09208a3 e3500000 012fff1e e2800e79 eafd9329 e59f3010 e3a01a01

[    2.941562] 

[    2.941565] LR: 0xc081be78:

[    2.945837] be78  ebf1b609 e250a000 0a000006 e59f0140 e1a01008 e1a0200a eb000693 e595000c

[    2.954109] be98  ebf67945 ea00002d e59f3128 e3a01000 e1a02001 e2840034 e5844044 e1a08001

[    2.962383] beb8  e5843040 ebf106e0 e2840064 e59f1108 e1a02004 ebf0f34e e59f0100 e1a01008

[    2.970656] bed8  e59fa0fc eb000680 e08a3008 e1a00006 e2888008 e3a01001 e5932004 ebf9ca4f

[    2.978928] bef8  e3580e13 1afffff7 e1a00006 ebf9c813 e250a000 0a000009 e1a0100a e59f00c4

[    2.987201] bf18  eb000671 e59f00c0 eb00066f e1a00006 ebf9ca95 e1a00004 ebf256b9 ea000007

[    2.995472] bf38  e1a00006 e3a01001 e3a0208f ebf9ca3b e5d73058 e3833003 e5c73058 ea000010

[    3.003747] bf58  e59f0088 eb000660 e595000c e1a01004 e2800064 ebf1b701 e2840034 ebf105ea

[    3.012022] 

[    3.012025] SP: 0xd301fe78:

[    3.016297] fe78  a645c5cf 00000000 60000013 00000034 00000000 2020205b 372e3220 39353938

[    3.024570] fe98  00205d30 ffffffff d301fee4 c2013000 c0991ef8 c042da6c c2013000 00000001

[    3.032841] feb8  8fffffff c2013018 d27e9c00 00000001 c2013000 c0991ef8 00000108 00000000

[    3.041116] fed8  c09cc934 00000000 fe049070 d301fef8 c081bef8 c068e91c a0000013 ffffffff

[    3.049390] fef8  d27e9c00 c0992b14 c2013000 c081bef8 c08e51e0 d27e9c00 00000000 c0991f00

[    3.057663] ff18  c0991f34 c09cc8fc c09cc8fc 00000000 00000000 c05f783c c0991f00 c05f69f8

[    3.065934] ff38  c0991f00 c0991f34 c09cc8fc 00000000 00000000 c05f6b04 c09cc8fc d301ff60

[    3.074206] ff58  c05f6aa4 c05f6260 d302aef8 d30549f0 c09cc8fc c09cc8fc c2012e40 c09ae960

[    3.082483] 

[    3.082485] IP: 0xfe048ff0:

[    3.086757] 8ff0  ******** ******** ******** ******** ******** ******** ******** ********

[    3.095038] 9010  ******** ******** ******** ******** ******** ******** ******** ********

[    3.103315] 9030  ******** ******** ******** ******** ******** ******** ******** ********

[    3.111592] 9050  ******** ******** ******** ******** ******** ******** ******** ********

[    3.119867] 9070  ******** ******** ******** ******** ******** ******** ******** ********

[    3.128142] 9090  ******** ******** ******** ******** ******** ******** ******** ********

[    3.136415] 90b0  ******** ******** ******** ******** ******** ******** ******** ********

[    3.144690] 90d0  ******** ******** ******** ******** ******** ******** ******** ********

[    3.152965] 

[    3.152968] R0: 0xc2012f80:

[    3.157240] 2f80  00000000 d27d0790 00000000 00000000 00000000 00000000 00000000 00000000

[    3.165513] 2fa0  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.173788] 2fc0  0f78ec72 9df3de7b 92d79ff8 e5091e52 0b7e7098 ef0884e5 7c84cda3 a8507b86

[    3.182062] 2fe0  927e941c ae3cf8d9 cf1941d1 fbcc8073 67c74318 c631bd78 488ffbe2 8da6c82e

[    3.190335] 3000  c08e51db c0920ac4 00000000 00010019 01000001 00000002 00000ffc 00000000

[    3.198609] 3020  00000000 030c16c0 76205800 00000010 00000000 00000100 00000000 00000000

[    3.206883] 3040  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.215157] 3060  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.223432] 

[    3.223434] R3: 0xc2012f98:

[    3.227706] 2f98  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.235979] 2fb8  00000000 00000000 0f78ec72 9df3de7b 92d79ff8 e5091e52 0b7e7098 ef0884e5

[    3.244253] 2fd8  7c84cda3 a8507b86 927e941c ae3cf8d9 cf1941d1 fbcc8073 67c74318 c631bd78

[    3.252528] 2ff8  488ffbe2 8da6c82e c08e51db c0920ac4 00000000 00010019 01000001 00000002

[    3.260801] 3018  00000ffc 00000000 00000000 030c16c0 76205800 00000010 00000000 00000100

[    3.269076] 3038  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.277349] 3058  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.285623] 3078  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.293898] 

[    3.293901] R4: 0xd27e9b80:

[    3.298173] 9b80  ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff

[    3.306447] 9ba0  ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff

[    3.314720] 9bc0  ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff

[    3.322994] 9be0  ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff ffffffff

[    3.331265] 9c00  00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.339540] 9c20  00000000 00000000 00000000 00000000 c2013000 00000000 00000000 00000000

[    3.347813] 9c40  c069152c d27e9c00 c0a22400 00000000 00000000 00000000 00000000 00000000

[    3.356087] 9c60  ffffffff 00000000 00000000 00000000 c0691064 d27e9c00 d27db600 c0995908

[    3.364362] 

[    3.364365] R6: 0xc2012f80:

[    3.368637] 2f80  00000000 d27d0790 00000000 00000000 00000000 00000000 00000000 00000000

[    3.376911] 2fa0  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.385184] 2fc0  0f78ec72 9df3de7b 92d79ff8 e5091e52 0b7e7098 ef0884e5 7c84cda3 a8507b86

[    3.393456] 2fe0  927e941c ae3cf8d9 cf1941d1 fbcc8073 67c74318 c631bd78 488ffbe2 8da6c82e

[    3.401730] 3000  c08e51db c0920ac4 00000000 00010019 01000001 00000002 00000ffc 00000000

[    3.410004] 3020  00000000 030c16c0 76205800 00000010 00000000 00000100 00000000 00000000

[    3.418278] 3040  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.426551] 3060  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.434824] 

[    3.434827] R7: 0xc0991e78:

[    3.439099] 1e78  c0991e78 c0991e78 c09ae960 c09cc89c c09929b8 00000000 00000003 00000001

[    3.447373] 1e98  c0991f58 c098b1f8 00000000 00000000 00000000 00000000 00000000 c0991eb4

[    3.455646] 1eb8  c0991eb4 00000000 00000000 c0991ec4 c0991ec4 00000000 00000000 00000000

[    3.463919] 1ed8  00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

[    3.472194] 1ef8  c08e51db ffffffff c09ae8b8 d30549c0 d3055a80 c098aa2c c0991e4c c09ae8c0

[    3.480468] 1f18  d300a940 c09ae430 d3056c68 00000003 00000007 00000000 00000000 00000000

[    3.488743] 1f38  c0991f38 c0991f38 c09ae960 c09cc8fc c0992b14 00000000 00000000 00000001

[    3.497018] 1f58  c098aa78 c0991e98 00000000 00000000 00000000 00000000 00000000 c0991f74

[    3.505293] 

[    3.505295] R10: 0xc09cc8b4:

[    3.509654] c8b4  c05f7848 00000000 00000000 00000000 00000000 c085e4ec d27e25c0 00000000

[    3.517928] c8d4  c0920c21 00000000 000001a4 c0690bd4 00000000 c081bd14 c081d430 00000000

[    3.526199] c8f4  00000000 00000000 c08e51db c09ae960 00000000 00000000 00000000 c05f7824

[    3.534472] c914  c05f7848 00000000 00000000 00000000 00000000 c085e56c c2012e40 00000000

[    3.542745] c934  00000068 00000078 0000004a 00000079 00000048 00000067 000000b2 0000006c

[    3.551021] c954  00000088 000000a4 00000008 00000073 000000f2 00000072 00000032 00000066

[    3.559298] c974  000000f0 0000008b 00000070 00000067 000000b0 00000069 000000d2 0000006a

[    3.567572] c994  00000052 0000006c 00000030 000000e8 00000092 00000095 00000012 0000009e

[    3.575849] Process swapper (pid: 1, stack limit = 0xd301e2f0)

[    3.581676] Stack: (0xd301fef8 to 0xd3020000)

[    3.586030] fee0:                                                       d27e9c00 c0992b14

[    3.594203] ff00: c2013000 c081bef8 c08e51e0 d27e9c00 00000000 c0991f00 c0991f34 c09cc8fc

[    3.602375] ff20: c09cc8fc 00000000 00000000 c05f783c c0991f00 c05f69f8 c0991f00 c0991f34

[    3.610548] ff40: c09cc8fc 00000000 00000000 c05f6b04 c09cc8fc d301ff60 c05f6aa4 c05f6260

[    3.618721] ff60: d302aef8 d30549f0 c09cc8fc c09cc8fc c2012e40 c09ae960 00000000 c05f5a20

[    3.626894] ff80: c08e51db c08e51db 00000001 c09cc8fc c0426454 00000001 00000000 00000000

[    3.635066] ffa0: 00000000 c05f6dd0 c0690fb8 c0426454 00000001 00000000 00000000 c042d37c

[    3.643238] ffc0: 00000000 00000184 c099db60 00000000 00000000 c042618c c0426454 00000000

[    3.651410] ffe0: 00000000 c0408404 00000000 00000000 00000000 c042e99c ffffffff ffffffff

[    3.659598] [] (input_set_capability+0xe4/0x14c) from [] (remotectl_probe+0x1e4/0x2dc)

[    3.669252] [] (remotectl_probe+0x1e4/0x2dc) from [] (platform_drv_probe+0x18/0x1c)

[    3.678654] [] (platform_drv_probe+0x18/0x1c) from [] (driver_probe_device+0xa0/0x14c)

[    3.688305] [] (driver_probe_device+0xa0/0x14c) from [] (__driver_attach+0x60/0x84)

[    3.697694] [] (__driver_attach+0x60/0x84) from [] (bus_for_each_dev+0x48/0x84)

[    3.706737] [] (bus_for_each_dev+0x48/0x84) from [] (bus_add_driver+0x9c/0x22c)

[    3.715780] [] (bus_add_driver+0x9c/0x22c) from [] (driver_register+0xa8/0x138)

[    3.724828] [] (driver_register+0xa8/0x138) from [] (do_one_initcall+0x5c/0x1b4)

[    3.733959] [] (do_one_initcall+0x5c/0x1b4) from [] (kernel_init+0xa4/0x120)

[    3.742745] [] (kernel_init+0xa4/0x120) from [] (kernel_thread_exit+0x0/0x8)

[    3.751525] Code: e212217e 42422001 e1a0c2cc 41e02d82 (e793410c) 

[    3.757679] ---[ end trace 4e8843d460a6e38b ]---

[    3.762316] Kernel panic - not syncing: Attempted to kill init!

[    3.768251] [] (unwind_backtrace+0x0/0xd8) from [] (panic+0x58/0x130)

[    3.776456] [] (panic+0x58/0x130) from [] (do_exit+0x68/0x690)

[    3.784041] [] (do_exit+0x68/0x690) from [] (die+0x28c/0x2c0)

[    3.791537] [] (die+0x28c/0x2c0) from [] (__do_kernel_fault+0x64/0x74)

[    3.799812] [] (__do_kernel_fault+0x64/0x74) from [] (do_page_fault+0x1c0/0x1d4)

[    3.808951] [] (do_page_fault+0x1c0/0x1d4) from [] (do_DataAbort+0x34/0x94)

[    3.817648] [] (do_DataAbort+0x34/0x94) from [] (__dabt_svc+0x4c/0x60)

[    3.825914] Exception stack(0xd301feb0 to 0xd301fef8)

[    3.830975] fea0:                                     c2013000 00000001 8fffffff c2013018

[    3.839159] fec0: d27e9c00 00000001 c2013000 c0991ef8 00000108 00000000 c09cc934 00000000

[    3.847331] fee0: fe049070 d301fef8 c081bef8 c068e91c a0000013 ffffffff

[    3.853960] [] (__dabt_svc+0x4c/0x60) from [] (input_set_capability+0xe4/0x14c)

[    3.863015] [] (input_set_capability+0xe4/0x14c) from [] (remotectl_probe+0x1e4/0x2dc)

[    3.872678] [] (remotectl_probe+0x1e4/0x2dc) from [] (platform_drv_probe+0x18/0x1c)

[    3.882082] [] (platform_drv_probe+0x18/0x1c) from [] (driver_probe_device+0xa0/0x14c)

[    3.891744] [] (driver_probe_device+0xa0/0x14c) from [] (__driver_attach+0x60/0x84)

[    3.901147] [] (__driver_attach+0x60/0x84) from [] (bus_for_each_dev+0x48/0x84)

[    3.910201] [] (bus_for_each_dev+0x48/0x84) from [] (bus_add_driver+0x9c/0x22c)

[    3.919257] [] (bus_add_driver+0x9c/0x22c) from [] (driver_register+0xa8/0x138)

[    3.928300] [] (driver_register+0xa8/0x138) from [] (do_one_initcall+0x5c/0x1b4)

[    3.937440] [] (do_one_initcall+0x5c/0x1b4) from [] (kernel_init+0xa4/0x120)

[    3.946232] [] (kernel_init+0xa4/0x120) from [] (kernel_thread_exit+0x0/0x8)

[    3.955027] Rebooting in 5 seconds..RESTART_DEBUG : arch/arm/kernel/process.c->machine_restart->223->cmd= reboot_mode=h

[    8.967610] RESTART_DEBUG : arch/arm/kernel/process.c->arm_machine_restart->103->mode=0 cmd=

[    8.976943] RESTART_DEBUG : arch/arm/mach-rk29/include/mach/system.h->arch_reset->34->mode=

[    8.985123] Loop for debug...

初步的分析:

    大多数bug通常是因为废弃了一个NULL指针或者使用了错误的指针值,这类bug导致的结果通常是一个oops消息。


什么是oops:

    处理器使用的所有地址几乎都是通过一个复杂的页表结构对物理地址映射而得到的虚拟地址(除了内存管理子系统自己所使用的物理地址)。

    当一个非法的指针被废弃时,内存分页机制将不能为指针映射一个物理地址,处理器就会向操作系统发出一个页故障信号。

    如果地址不合法,那么内核将不能在该地址“布页”,这时如果处理器处于超级用户模式,内核就会生成一条oops消息。

    一条oops消息能够显示发生故障时处理器的状态,以及CPU寄存器的内容和其他从表面难以理解的信息。


可能引起的原因:

a)废弃一个NULL指针,其中最有关的信息是指令指针(EIP),即故障指令的地址;

b)字符串的长度超出了目标数组的范围,当函数返回时就会导致缓冲区溢出(只能看到部分函数调用的堆栈情况,内核堆栈已经坍塌);

......


进一步分析:

    通常,当你面临一个oops时,首要问题就是查看故障的发生位置,它通常会与函数调用的堆栈信息分开列出。

[    3.659598] [] (input_set_capability+0xe4/0x14c) from [] (remotectl_probe+0x1e4/0x2dc)
[    3.669252] [] (remotectl_probe+0x1e4/0x2dc) from [] (platform_drv_probe+0x18/0x1c)
[    3.678654] [] (platform_drv_probe+0x18/0x1c) from [] (driver_probe_device+0xa0/0x14c)
[    3.688305] [] (driver_probe_device+0xa0/0x14c) from [] (__driver_attach+0x60/0x84)
[    3.697694] [] (__driver_attach+0x60/0x84) from [] (bus_for_each_dev+0x48/0x84)
[    3.706737] [] (bus_for_each_dev+0x48/0x84) from [] (bus_add_driver+0x9c/0x22c)
[    3.715780] [] (bus_add_driver+0x9c/0x22c) from [] (driver_register+0xa8/0x138)
[    3.724828] [] (driver_register+0xa8/0x138) from [] (do_one_initcall+0x5c/0x1b4)
[    3.733959] [] (do_one_initcall+0x5c/0x1b4) from [] (kernel_init+0xa4/0x120)
[    3.742745] [] (kernel_init+0xa4/0x120) from [] (kernel_thread_exit+0x0/0x8)

    从上可以看出问题主要出现在函数remotectl_probe的input_set_capability中,结合源代码就可知道由于字符串的长度超出了目标数组的范围引起的oops消息。

    注:如 有些可通过函数入口地址从kernel下的System.map中查找到其对应的函数名。

    如果你需要更多信息,函数调用的堆栈信息将会告诉你怎样找到已崩溃的东西。

    堆栈信息会以十六进制列出;稍加分析,你就能从中辨别出局部变量以及函数参数。(有经验的内核开发者会从中获得很大的帮助)


    位于堆栈顶部的ffffffff是引发故障的字符串的一部分。

    在x86体系中,默认用户空间中的堆栈地址是小于0xc00000000的,因此,其中0xbfffda70很有可能是一个用户空间的堆栈地址,实际上它就是传递给read系统调用的缓冲区的地址,它在内核调用链中每次被下传时都会被复制。

    在x86中(再次说明,缺省的),内核空间地址起始自0xc00000000,所以可以基本确定凡是大于该值的地址都是属于内核空间的地址。


注意点:

a)当你查看oops信息时,始终要留意本章开始时讨论的“slab poisoning”的值。因此,如果一条内核oops中出现了讨厌的地址值0xa5a5a5a5,那么你肯定是在什么地方忘记初始化动态分配的内存了;

b)由于新版本的内核使用的GCC扩展语法越来越多,旧版的GCC在处理扩展语法时可能有缺陷,最好用内核文档所指定的编译器版本编译内核;

......


    这是我总结网络上一些相关信息,发表的第一篇博客,如有错误欢迎博友批评纠正,接下去我会继续发表新的博文,敬请关注 (*^__^*) 嘻嘻……!!!



你可能感兴趣的:(Android,系统)