Hi3559AV100 himm报错
2024-04-22 06:03:57
Hi3559AV100 himm报错,引起了其他进程没有启动,下面分析原因。
内核打印信息
# [ 1734.516062] himm[26471]: unhandled level 2 translation fault (11) at 0x00000000, esr 0x92000006
[ 1734.524788] pgd = ffffffc03c231000
[ 1734.528180] [00000000] *pgd=000000007d2b8003[ 1734.532278] , *pud=000000007d2b8003
, *pmd=0000000000000000[ 1734.537759]
[ 1734.539248]
[ 1734.540739] CPU: 0 PID: 26471 Comm: himm Tainted: P O 4.9.37 #1
[ 1734.547983] Hardware name: Hisilicon HI3559AV100 DEMO Board (DT)
[ 1734.553994] task: ffffffc03c3d3c00 task.stack: ffffffc03c1f0000
[ 1734.559910] PC is at 0x40537c
[ 1734.562867] LR is at 0x405374
[ 1734.565826] pc : [<000000000040537c>] lr : [<0000000000405374>] pstate: 60000000
[ 1734.573216] sp : 0000007fefb6a100
[ 1734.576524] x29: 0000007fefb6a100 x28: 0000000000000000
[ 1734.581838] x27: 0000000000000000 x26: 0000000000000000
[ 1734.587146] x25: 0000000000000000 x24: 0000000000000000
[ 1734.592464] x23: 0000000000000000 x22: 0000000000000000
[ 1734.597771] x21: 0000000000401a30 x20: 0000000000000000
[ 1734.603088] x19: 00000000004090f8 x18: 0000000000000000
[ 1734.608395] x17: 0000007fa9e14b60 x16: 0000000000000000
[ 1734.613712] x15: 0000000000000000 x14: 000000000000001d
[ 1734.619039] x13: 0a21726f72726520 x12: 6d656d2f7665642f
[ 1734.624358] x11: 0000000000000020 x10: 0000000000000000
[ 1734.629676] x9 : ffffff80ffffffd0 x8 : 0000000000000040
[ 1734.634984] x7 : 642f206e65706f3a x6 : 0000000000000001
[ 1734.640301] x5 : 0000000000000000 x4 : 0000000000000000
[ 1734.645608] x3 : 0000000000000000 x2 : 0000000000000001
[ 1734.650925] x1 : 0000000000000000 x0 : 0000000000000000 反汇编himm
由于strip过,所以看不到符号表函数名:
405368: f9401fa0 ldr x0, [x29, #56]40536c: d2801001 mov x1, #0x80 // #128405370: 97fffac4 bl 403e80 <ioctl@plt+0x2460>405374: f90027a0 str x0, [x29, #72]405378: f94027a0 ldr x0, [x29, #72]40537c: b9400000 ldr w0, [x0]405380: 2a0003e0 mov w0, w0405384: f90023a0 str x0, [x29, #64]405388: f9400ba0 ldr x0, [x29, #16]40538c: 91002000 add x0, x0, #0x8405390: f9400001 ldr x1, [x0]405394: f9401ba2 ldr x2, [x29, #48]405398: b0000020 adrp x0, 40a000 <ioctl@plt+0x85e0>40539c: 91054000 add x0, x0, #0x1504053a0: aa0203e3 mov x3, x24053a4: f94023a2 ldr x2, [x29, #64]4053a8: 97fff17a bl 401990 <printf@plt>4053ac: f9401ba0 ldr x0, [x29, #48]4053b0: 2a0003e1 mov w1, w04053b4: f94027a0 ldr x0, [x29, #72]4053b8: b9000001 str w1, [x0]4053bc: 14000004 b 4053cc <ioctl@plt+0x39ac>4053c0: b0000020 adrp x0, 40a000 <ioctl@plt+0x85e0>4053c4: 9105c000 add x0, x0, #0x1704053c8: 97fff11e bl 401840 <puts@plt>4053cc: d2800000 mov x0, #0x0 // #04053d0: a8c57bfd ldp x29, x30, [sp], #804053d4: d65f03c0 ret4053d8: a9ba7bfd stp x29, x30, [sp, #-96]!4053dc: 910003fd mov x29, sp4053e0: b9001fa0 str w0, [x29, #28]4053e4: f9000ba1 str x1, [x29, #16]4053e8: f9001fbf str xzr, [x29, #56]4053ec: f9002bbf str xzr, [x29, #80]4053f0: b9005fbf str wzr, [x29, #92]4053f4: b9401fa0 ldr w0, [x29, #28]4053f8: 7100081f cmp w0, #0x2重新编译himm
不要strp,反汇编如下:
405368: f9401fa0 ldr x0, [x29, #56]40536c: d2801001 mov x1, #0x80 // #128405370: 97fffac4 bl 403e80 <memmap>405374: f90027a0 str x0, [x29, #72]405378: f94027a0 ldr x0, [x29, #72]40537c: b9400000 ldr w0, [x0]405380: 2a0003e0 mov w0, w0405384: f90023a0 str x0, [x29, #64]405388: f9400ba0 ldr x0, [x29, #16]40538c: 91002000 add x0, x0, #0x8405390: f9400001 ldr x1, [x0]40537c: b9400000 ldr w0, [x0]405380: 2a0003e0 mov w0, w0405384: f90023a0 str x0, [x29, #64]405388: f9400ba0 ldr x0, [x29, #16]40538c: 91002000 add x0, x0, #0x8405390: f9400001 ldr x1, [x0]405394: f9401ba2 ldr x2, [x29, #48]405398: b0000020 adrp x0, 40a000 <dev+0x7b0>40539c: 91054000 add x0, x0, #0x1504053a0: aa0203e3 mov x3, x24053a4: f94023a2 ldr x2, [x29, #64]4053a8: 97fff17a bl 401990 <printf@plt>4053ac: f9401ba0 ldr x0, [x29, #48]4053b0: 2a0003e1 mov w1, w04053b4: f94027a0 ldr x0, [x29, #72]4053b8: b9000001 str w1, [x0]
查看himm源码
#define DEFAULT_MD_LEN 128HI_RET himm(int argc , char* argv[])
{unsigned long ulAddr = 0;unsigned long ulOld, ulNew;char strNew[16];VOID* pMem = NULL;if (argc <= 1){printf("usage: %s <address> <Value>. sample: %s 0x80040000 0x123\n", argv[0], argv[0]);EXIT("", -1);}if (argc == 2){if( StrToNumber(argv[1], &ulAddr) == HI_SUCCESS){printf("====dump memory %#lX====\n", ulAddr);
#ifdef PC_EMULATOR
#define SHAREFILE "../shm"printf("**** is Emulator, use share file : %s ****\n", SHAREFILE);pMem = mmapfile(SHAREFILE , DEFAULT_MD_LEN);if (NULL == pMem){EXIT("Memory Map error.", -1);}pMem += ulAddr;
#else pMem = memmap(ulAddr, DEFAULT_MD_LEN);if (pMem == NULL) {printf("memmap failed!\n");return -1;}
#endifulOld = *(unsigned int*)pMem;/*hi_hexdump(STDOUT, pMem, DEFAULT_MD_LEN, 16);*/printf("%s: 0x%08lX\n", argv[1], ulOld);printf("NewValue:");scanf("%s", strNew);if (StrToNumber(strNew, &ulNew) == HI_SUCCESS){*(unsigned int*)pMem = ulNew;}else{printf("Input Error\n");}}else{printf("Please input address like 0x12345\n");}}else if (argc == 3){if( StrToNumber(argv[1], &ulAddr) == HI_SUCCESS && StrToNumber(argv[2], &ulNew) == HI_SUCCESS){pMem = memmap(ulAddr, DEFAULT_MD_LEN);ulOld = *(unsigned int*)pMem;/*hi_hexdump(STDOUT, pMem, DEFAULT_MD_LEN, 16);*/printf("%s: 0x%08lX --> 0x%08lX \n", argv[1], ulOld, ulNew);*(unsigned int*)pMem = ulNew;}}else{printf("xxx\n");}return 0;
}原因分析
加载x0寄存器里面的地址数据到w0引发了错误
40537c: b9400000 ldr w0, [x0]
查看x0寄存器存储的地址是多少
[ 1734.650925] x1 : 0000000000000000 x0 : 0000000000000000
可以看见地址0,所以是非法内存访问出错
查看memmap函数对应源码,可知argc == 3时,memmap函数没有做空指针判断,可能在某种情况下内存映射返回空指针
405370: 97fffac4 bl 403e80 <memmap>
所以需要增加空指针容错处理
Hi3559AV100 himm报错相关推荐
- 继承WebMvcConfigurer 和 WebMvcConfigurerAdapter类依然CORS报错? springboot 两种方式稳定解决跨域问题
继承WebMvcConfigurer 和 WebMvcConfigurerAdapter类依然CORS报错???springboot 两种方式稳定解决跨域问题! 之前我写了一篇文章,来解决CORS报错 ...
- Access to XMLHttpRequest at file from origin ‘null‘ has been blocked by CORS policy谷歌浏览器本地打开项目js文件报错
Access to XMLHttpRequest at 'file:///xxxxx/PQ.BaseInfo.proto' from origin 'null' has been blocked by ...
- go build 编译报错 missing go.sum entry for module providing package
go build 编译报错 missing go.sum entry for module providing package 解决方法 // 移除未使用的依赖 go mod tidy 再次编译,就可 ...
- docker报错:driver failed programming external connectivity on endpoint, iptables:No chain by that name
docker 报错: Error response from daemon: Cannot restart container hello: driver failed programming ext ...
- mybatis查询报错:com.mysql.cj.exceptions.DataConversionException: Cannot determine value type from string
mybatis查询报错: com.mysql.cj.exceptions.DataConversionException: Cannot determine value type from strin ...
- mongo报错:not authorized on bb to execute command { create: \“xxx\“...}
mongo报错: {"ok" : 0,"errmsg" : "not authorized on bb to execute command { cr ...
- restTemplate http请求报错:no suitable HttpMessageConverter found for response type and content type
报错信息: org.springframework.web.client.UnknownContentTypeException: Could not extract response: no sui ...
- 解决gitte提交报错 error: GE007: Your push would publish a private email address.
错误情况: gitte提交报错,无法提交上去,报错如下: remote: Powered by GITEE.COM [GNK-6.0] remote: error: GE007: Your push ...
- JS Uncaught SyntaxError:Unexpected identifier异常报错原因及其解决方法
最近在写ajax的时候,调用js方法,遇到了Uncaught SyntaxError:Unexpected identifier异常报错,开始搞不清原因,很苦恼. 以为是js方法参数个数和长度的问题, ...
最新文章
- 认真推荐8个功能强大的实用网站,备受好评!
- webpack4.x安装的一些坑
- 纪念一下我2020年的努力结果,腾讯云社区创作总结
- dubbo优势_Dubbo 迈出云原生重要一步 应用级服务发现解析
- android 文件上传类(可以直接被调用的)
- 史密斯预估器matlab仿真,(毕业论文)史密斯预估器设计.doc
- ScriptX控件部分参数说明
- 【技能】excel小技巧:利用宏制作工资条
- (含代码)基于51最小系统的流水灯+焊接制作
- android wifi已停用,为什么手机连接wifi时总显示已停用
- POI解析.xlsx格式的Excel文件
- 用System中System.setOut()方法修改输出方式
- python的numpy库安装_Python库之numpy库的安装教程
- 在网页地图图片上加注企业和“圳品”数量信息+1
- Android不同手机屏幕分辨率自适应
- 使用vue-wordcloud实现文字云/词云
- 怎样用PS修改图片上的数字
- Android 疑难杂症
- vue axios传递FormData填坑,headers不显示,后台报错等等问题
- 拓嘉启远:拼多多虚拟产品相关分享
热门文章
- 从零开始进行Hi3518_SDK安装、环境搭建和Linux内核编译,并生成可供烧写的uImage
- 【HMS Core】调用Health Kit接口出现获取不到数据的情况
- 免费流媒体服务器(AMS3.0 非AdobeMediaServer)
- MySQL长事务处理办法
- CRC16_CCITT_FALSE校验代码 及 验证
- 微信小程序云开发学习笔记(二)云函数
- 在APP中集成iAd Banner展示广告盈利
- Performance Analysis of Rateless-CodedNon-Orthogonal Multiple Access over Nakagami-m Fading Channel
- 微信企业付款到零钱出现请提交付款接口调用IP
- 百度离线地图示例之十二:混合图(街道图、卫星图)实现路径及打点