Содержание
Please bear with it’s been a while since I programmed in C. I’m trying to move an array of structs from kernel space into user space. Below is the error that I’m seeing in /var/log/kern.log :
The flow of my code is declaring an array of structs on the user side passing that address to the kernel side. From the kernel side using that user space address I copy an array of structs to that user space address. Then back in user space I try to iterate through and print the values from that array of structs. That’s where I get a seg fault.
I pass the value of conts to the kernel side using the proc file system. I have verified that it is correctly passed. Below is the kernel code where I try to copy an array of structs to user space using the copy_to_user function. conts is the user space address.
Later on I call the code below in user space to iterate through array of structs to print off the values. Even when I set the end condition of the for loop to lower than 100 it still seg faults. It is also garbage values so I’m pretty sure it’s not copying the data correctly.
My first question is that am I declaring the arrays of struct correctly? I’ve seen stuff on this forum where people are using the malloc method when working with arrays of structs. I’ve tried both ways of declaration on each side but that didn’t work either. The array of structs is populated/manipulated on the kernel side. Later on in the client side when I try to iterate through and print the values, at the end of iterating through the array it throws the error mentioned above. Any help is greatly appreciated!
What is the correct interpretation of the following segfault messages?
3 Answers 3
This is a segfault due to following a null pointer trying to find code to run (that is, during an instruction fetch).
Run addr2line -e yourSegfaultingProgram 00007f9bebcca90d (and repeat for the other instruction pointer values given) to see where the error is happening. Better, get a debug-instrumented build, and reproduce the problem under a debugger such as gdb.
You’re hosed, unfortunately; it’s not possible to know where the libraries were placed in memory by the dynamic linker after-the-fact. Reproduce the problem under gdb .
What the error means
Here’s the breakdown of the fields:
- address (after the at ) — the location in memory the code is trying to access (it’s likely that 10 and 11 are offsets from a pointer we expect to be set to a valid value but which is instead pointing to 0 )
- ip — instruction pointer, ie. where the code which is trying to do this lives
- sp — stack pointer
error — An error code for page faults; see below for what this means on x86.
Error 4 means "The cause was a user-mode read resulting in no page being found.". There’s a tool that decodes it here.
Here’s the definition from the kernel. Keep in mind that 4 means that bit 2 is set and no other bits are set. If you convert it to binary that becomes clear.
Now then, "ip 00007f9bebcca90d" means the instruction pointer was at 0x00007f9bebcca90d when the segfault happened.
"libQtWebKit.so.4.5.2[7f9beb83a000+f6f000]" tells you:
- The object the crash was in: "libQtWebKit.so.4.5.2"
- The base address of that object "7f9beb83a000"
- How big that object is: "f6f000"
If you take the base address and subtract it from the ip, you get the offset into that object:
Then you can run addr2line on it:
In my case it wasn’t successful, either the copy I installed isn’t identical to yours, or it’s stripped.
Подобные сообщение видели многие. Об этой ошибке можно узнать больше если заглянуть в логи ядра, /var/log/messages.
Там можно увидеть строку примерно следующего содержания:
Эта строка генерируется ядром в arch/x86/mm/fault.c
Интерес представляет error_code, который процессор ставит при page_fault, а linux в дальнейшем выводит его в лог. Описание можно найти в “Intel® 64 and IA-32 Architectures Software Developer’s Manual Volume 3A: System Programming Guide, Part 1” – “Interrupt 14—Page-Fault Exception (#PF)”
Таким образом error_code дает дополнительную информацию об ошибке.
Часто возникающие ошибки и соответствующие им error_code: