我在kfifo_unused()代码中点击以下错误。此问题取决于时间,因为它不会在禁用内核调试消息时发生。
糟糕的标志[ 82.848904] Oops: 0000 [#1] PREEMPT SMP表示它是由"未找到页面"引起的。什么会导致这种类型的错误?
编辑:我刚刚注意到这一行PGD 0。似乎页面全局目录为空。什么给?
[ 82.827981] BUG: unable to handle kernel
[ 82.832507] NULL pointer dereference at 000000000000001c
[ 82.838470] IP:
[ 82.840537] [<ffffffff8126b126>] kfifo_unused+0x0/0x10
PGD 0
[ 82.847245]
[ 82.848904] Oops: 0000 [#1] PREEMPT SMP
[ 82.853244] Modules linked in:
[ 82.856703] dal_gate portmux_intel_drcfg mwifiex_pcie mwifiex xhci_pci xhci_hcd cfg80211 ahci spidev usbcore x86_pkg_temp_thermal libahci libata sbi_apl usb_common pwm_lpss_pci tpm_crb spi_pxa2xx_platform pwm_lpss scsi_mod dwc3_pci tpm_tis tpm_tis_core evdev tpm aesni_intel ablk_helper lrw cryptd gf128mul aes_x86_64 glue_helper mei_dal ccm gcm crc32c_intel mei_me ctr ecb cbc mei snd_soc_skl snd_soc_tdf8532 snd_soc_bxt_gpmrb snd_hda_ext_core snd_soc_core snd_hda_core snd_soc_skl_ipc snd_soc_sst_dsp snd_soc_sst_ipc snd_aloop snd_pcm snd_compress snd_timer i915 rtc_cmos drm_kms_helper intel_gtt i2c_dev ipv6 crc_ccitt autofs4
[ 82.919279] CPU: 1 PID: 18 Comm: kworker/1:0 Not tainted 4.9.78-abl-11621-g109ff90 #4
[ 82.928085] Workqueue: events mei_cl_bus_rx_work [mei]
[ 82.933881] task: ffff88027eb80fc0 task.stack: ffffc900000b0000
[ 82.940551] RIP: 0010:[<ffffffff8126b126>]
[ 82.945273] [<ffffffff8126b126>] kfifo_unused+0x0/0x10
[ 82.951123] RSP: 0018:ffffc900000b3dc0 EFLAGS: 00010246
[ 82.957111] RAX: 0000000000000001 RBX: ffff880274c6cc00 RCX: 0000000000000018
[ 82.965147] RDX: 0000000000000008 RSI: ffff880274c6cfb0 RDI: 0000000000000018
[ 82.973180] RBP: ffffc900000b3dc8 R08: 0000000000000009 R09: 0000000000000002
[ 82.981209] R10: ffffc90000213d28 R11: 0000000000000018 R12: 0000000000000000
[ 82.989241] R13: 0000000000000020 R14: ffff880274c6cf28 R15: 0000000000000000
[ 82.997276] FS: 0000000000000000(0000) GS:ffff88027fa80000(0000) knlGS:0000000000000000
[ 83.006431] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 83.012903] CR2: 000000000000001c CR3: 0000000001a08000 CR4: 0000000000340670
[ 83.020932] Stack:
[ 83.023228] ffffffff8126b315
[ 83.026652] ffffc900000b3e08 ffffffffa021d1f5 0000000000000018
[ 83.033116] ffff8802762a8018
[ 83.036481] ffff880274027f00 ffff880274027f00 0000000000000000
[ 83.042946] ffffe8ffffc81c00
[ 83.046308] ffffc900000b3e28 ffffffffa0063ed6 ffff88027eaecf00
[ 83.052765] Call Trace:
[ 83.055548] [<ffffffff8126b315>] ? __kfifo_in+0xc/0x23
[ 83.061445] [<ffffffffa021d1f5>] dal_recv_cb+0xe5/0x18a [mei_dal]
因此,仔细观察dal_recv_cb()发现,找到一个if-else {}为不存在的用户空间客户端设置指向 dal 客户端结构的指针。如果出现与当前 dal 客户端不匹配的错误响应,则默认选择用户空间客户端来处理消息。由于它没有设置,它的指针是空的,在调用 __kfifo_in(( 之前没有检查过。