AnsweredAssumed Answered

i.mx6Q board sabreSD with SDK_4.1.0, slab allocator failed, kernel panic. "Unable to handle kernel paging request at virtual address"

Question asked by Wally Yeh on Mar 14, 2014
Latest reply on Apr 22, 2014 by Wally Yeh

good day, every one:

   since we using realtek NIC rtl8111g instead FEC, system will hang for iperf testing about 32 hours, and I got a kernel panic in attach file.

 

the LR register's value is "8043cf88", kernel panic message is "Unable to handle kernel paging request at virtual address 00100104".

 

from the kernel dump:

static inline int bit_spin_trylock(int bitnum, unsigned long *addr)

{

        preempt_disable();

8043cf70:       e5993004        ldr     r3, [r9, #4]

8043cf74:       e2833001        add     r3, r3, #1

8043cf78:       e5893004        str     r3, [r9, #4]

#if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK)

        if (unlikely(test_and_set_bit_lock(bitnum, addr))) {

8043cf7c:       e3a00000        mov     r0, #0

8043cf80:       e1a01004        mov     r1, r4

8043cf84:       ebf6a891        bl      801e71d0 <_test_and_set_bit>

8043cf88:       e3500000        cmp     r0, #0

8043cf8c:       0a000007        beq     8043cfb0 <__slab_alloc.isra.53.constprop.57+0x1a8>

                preempt_enable();

......

 

 

according kernel panic message, I find out the entire kernel hang in the following steps:

    rtl8168_rx_interrupt() -> rtl8168_try_rx_copy() -> dev_alloc_skb() -> alloc_skb() -> kmalloc_track_caller() -> slab_alloc() -> slab_lock() ->lock_and_freeze_slab() -> bit_spin_lock() -> test_and_set_bit_lock() -> test_and_set_bit() <-- failed

 

the reason seems test_and_set_bit() operate the invalid memory address, and break the kernel.

 

I wonder some one inside the slab allocator functions gives the invalid memory address.

 

 

 

does anybody else using SDK_4.1.0's kernel and have a solution about this problem?

Original Attachment has been moved to: kernel_panic.zip

Outcomes