驱动: oops

linux驱动调试--段错误之oops信息分析 http://blog.chinaunix.net/xmlrpc.php?r=blog/article&uid=29401328&id=4923447

 如：

Unable to handle kernel paging request at virtual address 48000000     // 内核使用48000000来访问时发生了错误
pgd = c3b4c000
[48000000] *pgd=00000000
Internal error: Oops: 805 [#1]
Modules linked in: first_drv rt5370sta zd1211rw mac80211
CPU: 0    Not tainted  (2.6.30.4-EmbedSky #1)
PC is at segment_test_open+0x1c/0x28 [first_drv]                       // PC值
LR is at chrdev_open+0xcc/0x170
pc : []    lr : []    psr: a0000013                // 发生错误时各寄存器的值（下面五行）
sp : c3a61e30  ip : c3a61e40  fp : c3a61e3c
r10: c394bc80  r9 : 00000002  r8 : c34b7600
r7 : c3b46100  r6 : c3ab84b0  r5 : c3a62180  r4 : 00000000
r3 : 00000034  r2 : 48000000  r1 : c3b46100  r0 : 00000000
Flags: NzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: c000717f  Table: 33b4c000  DAC: 00000015
Process firstdrvtest (pid: 637, stack limit = 0xc3a60268)              // 发生错误时当前进程的名称是firstdrvtest
Stack: (0xc3a61e30 to 0xc3a62000)                                                 // 栈
1e20:                                     c3a61e64 c3a61e40 c00a8580 bf0d7010 
1e40: c00adba8 00000000 00000000 c3b46100 c3ab84b0 c00a84b4 c3a61e8c c3a61e68 
1e60: c00a3a7c c00a84c4 c3b46100 c2c0ae40 00000003 c3af0000 00000026 c3a61ed8 
1e80: c3a61eac c3a61e90 c00a3d14 c00a39bc 00000000 c2c0ae40 00000000 00000000 
1ea0: c3a61f64 c3a61eb0 c00b0c80 c00a3cc0 c3a61f7c c3a61ec0 c004b714 c006f8b8 
1ec0: c3a61efc beb5ad9c 00000000 00000000 c3a63000 c048070c c394bc80 c34b7600 
1ee0: c048077c c3a61fb0 00000000 00000101 00000001 00000000 c00441e0 c004b548 
1f00: 08100875 c39568a0 c3a7ec00 0000001c 00000000 00001000 00000003 00000003 
1f20: 00000000 c3b46100 00000000 c3a60000 c3a61f64 c3a61f40 c00b99b8 00000003 
1f40: c3af0000 00000002 beb5ad9c ffffff9c c3a60000 00000000 c3a61f94 c3a61f68 
1f60: c00a38d8 c00b0aa0 00000000 40025000 c3a61f9c 0000850c 00000000 000083e0 
1f80: 00000005 c0045008 c3a61fa4 c3a61f98 c00a3988 c00a3878 00000000 c3a61fa8 
1fa0: c0044e60 c00a3974 0000850c 00000000 00008590 00000002 beb5ad9c 00000001 
1fc0: 0000850c 00000000 000083e0 00000005 00000000 00000000 40025000 beb5ac44 
1fe0: 00000000 beb5ac28 000084b8 400efd9c 60000010 00008590 00000000 00000000 
Backtrace:                                                                          // 回溯信息
[] (segment_test_open+0x0/0x28 [first_drv]) from [] (chrdev_open+0xcc/0x170)
[] (chrdev_open+0x0/0x170) from [] (__dentry_open+0xd0/0x270)
 r7:c00a84b4 r6:c3ab84b0 r5:c3b46100 r4:00000000
[] (__dentry_open+0x0/0x270) from [] (nameidata_to_filp+0x64/0x6c)
[] (nameidata_to_filp+0x0/0x6c) from [] (do_filp_open+0x1f0/0x7e8)
 r5:00000000 r4:00000000
[] (do_filp_open+0x0/0x7e8) from [] (do_sys_open+0x70/0xe8)
[] (do_sys_open+0x0/0xe8) from [] (sys_open+0x24/0x28)
 r8:c0045008 r7:00000005 r6:000083e0 r5:00000000 r4:0000850c
[] (sys_open+0x0/0x28) from [] (ret_fast_syscall+0x0/0x2c)
Code: e59f3010 e3a00000 e5932000 e3a03034 (e5c23000) 
---[ end trace d31b8aee70b25c9c ]---
Segmentation fault

一、直接确定发生错误的函数

看到这句 “PC is at segment_test_open+0x1c/0x28 [first_drv]”，出现错误时我们最关注的就是PC值，因为它就是发生错误的指令的地址，这里我们可以看到错误发生在函数 segment_test_open 的0x1c处，0x28代表这个函数的总长度（汇编代码）

二、根据PC值确定发生错误的函数

有时候不会直接告诉你发生在哪个函数，而是只把PC值告诉你。。。这种比较复杂，见参考链接。

linux设备驱动第四篇：从如何定位oops的代码行谈驱动调试方法 http://blog.csdn.net/haomcu/article/details/44810709

在这个例子里面，还可以使用addr2line直接定位到具体代码行。

 BUG: unable to handle kernel NULL pointer dereference at           (null)

IP: [<ffffffffc061400d>] hello_init+0xd/0x30 [helloworld]</span> 

addr2line -C -f -e helloworld.o d

Linux内核的Oops http://www.cnblogs.com/wwang/archive/2010/11/14/1876735.html