我正在尝试解释可重复的系统崩溃,但不是经常这样。我相信它与第三方驱动程序和光学扫描设备有关。我不确定扫描设备的驱动程序是否导致挂起,如果它在USB驱动程序中引出了导致挂起的东西,或者它是否完全不同。
我不是一名驱动程序开发人员,因此我在阅读位于此处的Linux Kernel Crash Book时遇到了崩溃问题 - http://rogunix.com/docs/Reversing&Exploiting/Linux_Kernel_Crash_Book.pdf。
我能够使用kexec工具设置调试内核以生成vmcore。崩溃是看到PANIC:“哎呀:0000 [#1]”(查看详细日志),在日志中看到BUG:无法在虚拟地址00100100处理内核分页请求。
你能帮我解释更多的转储吗?所以我可以回到驱动程序的开发者那里告诉他们调查结果,或者你能不能告诉我根本不是驱动程序。
这里有更多来自转储。非常感谢提前。
KERNEL: /usr/lib/debug/lib/modules/2.6.18-194.el5debug/vmlinux
DUMPFILE: /root/kernel/vmcore_12032014
CPUS: 4
DATE: Sat Oct 20 16:51:55 2001
UPTIME: 00:03:55
LOAD AVERAGE: 0.79, 0.83, 0.38
TASKS: 128
NODENAME: 3232A
RELEASE: 2.6.18-194.el5debug
VERSION: #1 SMP Fri Apr 2 16:56:41 EDT 2010
MACHINE: i686 (1800 Mhz)
MEMORY: 2 GB
PANIC: "Oops: 0000 [#1]" (check log for details)
PID: 0
COMMAND: "swapper"
TASK: c069d460 (1 of 4) [THREAD_INFO: c075f000]
CPU: 0
STATE: TASK_RUNNING (PANIC)
碰撞> BT
PID: 0 TASK: c069d460 CPU: 0 COMMAND: "swapper"
#0 [c080cdb0] crash_kexec at c044a386
#1 [c080cdf4] die at c04065c3
#2 [c080ce24] do_page_fault at c062d1b7
#3 [c080ce5c] error_code (via page_fault) at c0405bc3
EAX: f7c7de2c EBX: 000ffaec ECX: 00000000 EDX: f4282e8c EBP: f7c665a0
DS: 007b ESI: f7c7ddf8 ES: 007b EDI: c080cea4
CS: 0060 EIP: c05a2ef2 ERR: ffffffff EFLAGS: 00010012
#4 [c080ce90] hiddev_send_event at c05a2ef2
#5 [c080cea0] hiddev_report_event at c05a2fcc
#6 [c080cec8] hid_input_report at c05a0fc3
#7 [c080cf1c] hid_irq_in at c05a261d
#8 [c080cf2c] usb_hcd_giveback_urb at c05964b6
#9 [c080cf3c] uhci_giveback_urb at f883f618 [uhci_hcd]
#10 [c080cf58] uhci_scan_schedule at f883fc14 [uhci_hcd]
#11 [c080cfa4] uhci_irq at f884163d [uhci_hcd]
#12 [c080cfc4] usb_hcd_irq at c0596f9b
#13 [c080cfcc] handle_IRQ_event at c0454d5f
#14 [c080cfe4] __do_IRQ at c0454e2d
--- <hard IRQ> ---
#0 [c075ff80] do_IRQ at c040761f
#1 [c075ff98] common_interrupt at c0405a28
EAX: 00000000 EBX: c075f008 ECX: 00000000 EDX: 00000000 EBP: 00000020
DS: 007b ESI: c06440f8 ES: 007b EDI: ca138790
CS: 0060 EIP: c0403d0a ERR: ffffff4e EFLAGS: 00000246
#2 [c075ffcc] mwait_idle at c0403d0a
#3 [c075ffd4] cpu_idle at c0403cc4
碰撞&GT;记录
Scan: First buffer received = 0x6
Scan: Last packet of command transfer = 6 Command size 6
Scan: 0x2 0x51 0x88 0x80 0x81 0x3
Scan: Read data present
Scan: IOCTL_PS3_PEAK_MSG
Scan: In scanner_read Scan: Copied 1 chunks of data to user space
usb 4-1: new full speed USB device using uhci_hcd and address 3
usb 4-1: configuration #1 chosen from 1 choice
pl2303 4-1:1.0: pl2303 converter detected
usb 4-1: pl2303 converter now attached to ttyUSB0
BUG: unable to handle kernel paging request at virtual address 00100100
printing eip:
c05a2ef2
*pde = 76330067
Oops: 0000 [#1]
SMP
last sysfs file: /devices/pci0000:00/0000:00:1d.2/usb4/4-1/bConfigurationValue
Modules linked in: vfat fat scan_drv_scanner(U) xt_limit xt_tcpudp xt_state ip_conntrack nfnetlink iptable_filter ip_tables x_tables loop dm_mirror dm_multipath scsi_dh video backlight sbs power_meter hwmon i2c_ec dell_wmi wmi button battery asus_acpi ac lp joydev snd_hda_intel snd_seq_dummy sg snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_page_alloc parport_pc serio_raw snd_hwdep parport pl2303 snd soundcore i2c_i801 usbserial r8169 i2c_core mii pcspkr dm_raid45 dm_message dm_region_hash dm_log dm_mod dm_mem_cache usb_storage ata_piix libata sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd
CPU: 0
EIP: 0060:[<c05a2ef2>] Tainted: G VLI
EFLAGS: 00010012 (2.6.18-194.el5debug #1)
EIP is at hiddev_send_event+0x65/0x95
eax: f7c7de2c ebx: 000ffaec ecx: 00000000 edx: f4282e8c
esi: f7c7ddf8 edi: c080cea4 ebp: f7c665a0 esp: c080ce94
ds: 007b es: 007b ss: 0068
Process swapper (pid: 0, ti=c080c000 task=c069d460 task.ti=c075f000)
Stack: f7cbba78 ca3ec000 c080cebc c05a2fd1 00000001 00000001 ffffffff 00000000
00000000 00000000 00000005 f7cc857c c075ff9c c05a0fc8 f7c57348 00000002
00000002 00000046 c06cbfb0 00000001 ca3ec000 f7cca001 f7cbba78 00000046
Call Trace:
[<c05a2fd1>] hiddev_report_event+0x4b/0x52
[<c05a0fc8>] hid_input_report+0x99/0x399
[<c05a2622>] hid_irq_in+0x49/0xcc
[<c05964b9>] usb_hcd_giveback_urb+0x28/0x53
[<f883f61d>] uhci_giveback_urb+0x104/0x12b [uhci_hcd]
[<f883fc19>] uhci_scan_schedule+0x4f0/0x76b [uhci_hcd]
[<f8841642>] uhci_irq+0x118/0x12e [uhci_hcd]
[<c0596f9e>] usb_hcd_irq+0x23/0x50
[<c0454d61>] handle_IRQ_event+0x3e/0x8a
[<c0454e32>] __do_IRQ+0x85/0xda
[<c0454dad>] __do_IRQ+0x0/0xda
[<c040761f>] do_IRQ+0xa4/0xd1
[<c0405a2d>] common_interrupt+0x25/0x2c
[<c0403d0a>] mwait_idle+0x2a/0x3d
[<c0403cc6>] cpu_idle+0xa4/0xbe
[<c0764a22>] start_kernel+0x39e/0x3a6
=======================
Code: b9 01 00 02 00 ba 1d 00 00 00 40 83 e0 3f 89 83 00 06 00 00 8d 83 0c 06 00 00 e8 93 ac ee ff 8b 9b 14 06 00 00 81 eb 14 06 00 00 <8b> 83 14 06 00 00 0f 18 00 90 8d 93 14 06 00 00 8d 46 34 39 c2
EIP: [<c05a2ef2>] hiddev_send_event+0x65/0x95 SS:ESP 0068:c080ce94
更新了内核测试
我已经更新到最新的CentOS 5.5发布的内核(2.6.18-371.6.1),但仍然有内核恐慌。然而,这次恐慌发生在命令“khubd”而不是“swapper”上。我能够捕获转储,下面我提供了我希望的相关信息来查明这个问题。它是内核中的错误还是驱动程序中的错误?
KERNEL: /usr/lib/debug/lib/modules/2.6.18-371.6.1.el5debug/vmlinux
DUMPFILE: /root/kernel2/HWID-2277-31032014/vmcore
CPUS: 4
DATE: Mon Mar 31 12:50:25 2014
UPTIME: 2 days, 19:29:28
LOAD AVERAGE: 0.07, 0.09, 0.02
TASKS: 181
NODENAME: 32277
RELEASE: 2.6.18-371.6.1.el5debug
VERSION: #1 SMP Wed Mar 12 22:29:36 EDT 2014
MACHINE: i686 (1800 Mhz)
MEMORY: 2 GB
PANIC: "Oops: 0000 [#1]" (check log for details)
PID: 126
COMMAND: "khubd"
TASK: ca2fc5b0 [THREAD_INFO: f7fb2000]
CPU: 3
STATE: TASK_RUNNING (PANIC)
碰撞&GT; BT
PID: 126 TASK: ca2fc5b0 CPU: 3 COMMAND: "khubd"
#0 [f7fb2dfc] crash_kexec at c044da51
#1 [f7fb2e40] die at c0406649
#2 [f7fb2e70] do_page_fault at c0639449
#3 [f7fb2eb0] device_del at c057053e
#4 [f7fb2efc] device_del at c0570552
#5 [f7fb2f10] device_unregister at c0570669
#6 [f7fb2f18] usb_remove_ep_files at c05a3dac
#7 [f7fb2f38] usb_remove_sysfs_dev_files at c05a39d6
#8 [f7fb2f44] usb_disconnect at c059db59
#9 [f7fb2f58] hub_thread at c059e663
#10 [f7fb2fcc] kthread at c0439ef6
#11 [f7fb2fe4] kernel_thread_helper at c0405e0d
碰撞&GT; log(截断)
Scan: no error - In command_callback
Scan: In command_callback
Scan: First buffer received = 0x2a
Scan: Last packet of command transfer = 42 Command size 42
Scan: 0x2 0x44 0x20 0x54 0x65 0x73 0x74 0x20 0x4d 0x65 0x73 0x73
Scan: Read data present
Scan: IOCTL_PS3_PEAK_MSG
Scan: In scanner_read Scan: Copied 1 chunks of data to user space
Scan: IOCTL_PS3_SCANNER_COMMAND Busy slots = 0x0 Total_slots = 0x8 Busy image slots = 0x0
Scan: 0x2 0x38 0x3 0x4
Scan: In write_callback status = 0x0
Scan: In image_callback
Scan: Urb status = 0xffffffb9 Urb length = 0x0
Scan: In image_callback_fun - lost connection to scanner.
Scan: urb set to re-submit
Scan: In command_callback
Scan: Urb status = 0xffffffb9 Urb length = 0x0
Scan: In command_callback_fun - lost connection to scanner.
Scan: urb set to re-submit
usb 1-6: USB disconnect, address 11
BUG: unable to handle kernel paging request at virtual address 6b6b6b93
printing eip:
c04bd310
*pde = 00000000
Oops: 0000 [#1]
SMP
last sysfs file: /devices/pci0000:00/0000:00:1d.7/usb1/1-6/bConfigurationValue
Modules linked in: vfat fat pdi_ps3_drv_scanner(U) xt_limit xt_tcpudp xt_state ip_conntrack nfnetlink iptable_filter ip_tables x_tables loop dm_mirror dm_multipath scsi_dh video backlight sbs power_meter hwmon i2c_ec dell_wmi wmi button battery asus_acpi ac lp joydev snd_hda_intel snd_seq_dummy sg snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer parport_pc snd_page_alloc snd_hwdep snd parport tpm_tis tpm soundcore r8169 tpm_bios i2c_i801 serio_raw pcspkr pl2303 usbserial mii i2c_core dm_raid45 dm_message dm_region_hash dm_log dm_mod dm_mem_cache usb_storage ata_piix libata sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd
CPU: 3
EIP: 0060:[<c04bd310>] Tainted: G -------------------- VLI
EFLAGS: 00010202 (2.6.18-371.6.1.el5debug #1)
EIP is at sysfs_hash_and_remove+0x18/0x103
eax: 6b6b6b6b ebx: f4be5bf4 ecx: c0570543 edx: 6b6b6b6b
esi: f4be5b0c edi: f3cd936c ebp: f3cd93c4 esp: f7fb2ee0
ds: 007b es: 007b ss: 0068
Process khubd (pid: 126, ti=f7fb2000 task=ca2fc5b0 task.ti=f7fb2000)
Stack: f4be5c50 6b6b6b6b f764d16c f4be5bf4 f4be5b0c f3cd936c f3cd93c4 c0570557
f4be5b0c f3cd93a0 f3cd936c f7c8da2c c057066e f7fb2f28 c05a3db1 f7fb2f28
c06827a6 00000000 305f7065 c06d0030 f3cd936c f3cd93c4 c05a39db f3cd96cc
Call Trace:
[<c0570557>] device_del+0x5c/0x16b
[<c057066e>] device_unregister+0x8/0x10
[<c05a3db1>] usb_remove_ep_files+0x53/0x75
[<c05a39db>] usb_remove_sysfs_dev_files+0xf/0x6c
[<c059db5e>] usb_disconnect+0xa7/0xe0
[<c059e668>] hub_thread+0x327/0x987
[<c0439ed9>] kthread+0xa1/0xec
[<c0439fab>] autoremove_wake_function+0x0/0x2d
[<c059e341>] hub_thread+0x0/0x987
[<c0439ef8>] kthread+0xc0/0xec
[<c0439e38>] kthread+0x0/0xec
[<c0405e0f>] kernel_thread_helper+0x7/0x10
=======================
Code: 8b 40 24 8b 40 40 c3 8b 40 14 8b 00 c3 8b 40 14 8b 00 c3 55 57 56 53 83 ec 0c 85 c0 89 44 24 04 89 14 24 0f 84 e5 00 00 00 89 c2 <8b> 40 28 85 c0 0f 84 d8 00 00 00 8b 52 70 05 90 00 00 00 89 54
EIP: [<c04bd310>] sysfs_hash_and_remove+0x18/0x103 SS:ESP 0068:f7fb2ee0