history 设计模式 短视频开发 iic Vue全家桶 bam class web automation yii2 xampp jwt jqgrid vue学习 vue插件库 jquery遍历元素 移动端上传图片插件 matlab取实部 python3教程 python安装配置 python调用命令行 java遍历集合 java入门课程 java单继承 java操作数据库 java版本查看 linux系统如何安装 tmac修改器 黑客攻防实战入门 快捷精灵 视频修复工具 疯狂java讲义 不屑表情包 看图软件cad 燃烧之血十字架 igfxpers pr抠图 php完全自学手册 彩虹魔药 黑暗系情侣头像
当前位置: 首页 > 学习教程  > 编程语言

kernel内存检测工具记录(基于kernel 4.14)

2020/12/5 10:20:45 文章标签:

1. slub debug 内核配置(v4.14&#xff09; 工具编译 ➜ cd linux-4.14/tools/vm ➜ make ARCHaarm64 CCaarch64-linux-gnu-gcc slabinfo 内存异常访问的测例 a#include <linux/kernel.h> #include <linux/module.h> #include <linux/init.h> #include &…

1. slub debug

  • 内核配置(v4.14)
    在这里插入图片描述
    在这里插入图片描述
    在这里插入图片描述
  • 工具编译

➜ cd linux-4.14/tools/vm
➜ make ARCH=aarm64 CC=aarch64-linux-gnu-gcc slabinfo

  • 内存异常访问的测例
a#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/slab.h>

static char *buf;

static void create_slub_error(void)
{
	buf = kmalloc(32, GFP_KERNEL);
	if (buf) {
		memset(buf, 0x55, 0x1024*1024);
		printk("access out of area: %d\n", buf[0x1024-1]);
		kfree(buf);
		//printk("access freed memory.\n");
		//memset(buf, 0x55, 0x1024);
	}
}

static int __init slub_test_init(void)
{
	printk("slub test module init!\n");
	create_slub_error();

	return 0;
}

static void __exit slub_test_exit(void)
{
	printk("slub test module exit!\n");
}

MODULE_LICENSE("GPL");
module_init(slub_test_init);
module_exit(slub_test_exit);
  • 测试
    在insmod之后kernel 崩溃,倒数第二行的log描述了内存访问错误的类型,这里由于崩溃无法使用slubinfo工具查看。
# dmesg -w
[ 1452.008180] =============================================================================
[ 1452.008623] Unable to handle kernel paging request at virtual address 5555555555566d
[ 1452.009784] access out of area: 85
[ 1452.009792] Unable to handle kernel paging request at virtual address 55555555555585
[ 1452.009794] Mem abort info:
[ 1452.009798]   Exception class = DABT (current EL), IL = 32 bits
[ 1452.009801]   SET = 0, FnV = 0
[ 1452.009803]   EA = 0, S1PTW = 0
[ 1452.009805] Data abort info:
[ 1452.009808]   ISV = 0, ISS = 0x00000004
[ 1452.009810]   CM = 0, WnR = 0
[ 1452.009814] [0055555555555585] address between user and kernel address ranges
[ 1452.009819] Internal error: Oops: 96000004 [#1] PREEMPT SMP
[ 1452.009823] Modules linked in: slub_test(+) snd_soc_simple_card snd_soc_simple_card_utils snd_soc_ambdummy snd_soc_ak4951_amb snd_soc_ambarella_i2s snd_soc_ambarellv
[ 1452.009902] CPU: 3 PID: 568 Comm: insmod Tainted: G           O    4.14.108 #14
[ 1452.009904] Hardware name: Ambarella CV22 Walnut Board (DT)
[ 1452.009908] task: ffffffc037141b80 task.stack: ffffff8009660000
[ 1452.009918] PC is at lookup_object+0x38/0xc0
[ 1452.009923] LR is at find_and_remove_object+0x40/0x90
[ 1452.009927] pc : [<ffffff80081de4b8>] lr : [<ffffff80081de580>] pstate: 800001c5
[ 1452.009930] sp : ffffff8009663b50
[ 1452.009933] x29: ffffff8009663b50 x28: ffffff80007fc1d0 
[ 1452.009940] x27: ffffff80007fc180 x26: ffffff80087b1000 
[ 1452.009947] x25: ffffff800864a078 x24: ffffff800896d3b0 
[ 1452.009954] x23: ffffffc03b004380 x22: 0000000000000000 
[ 1452.009961] x21: ffffff8008a3ea78 x20: ffffffc035ab1480 
[ 1452.009968] x19: 0000000000000000 x18: 00000000fffffffd 
[ 1452.009975] x17: ffffffbf00cf81c0 x16: 0000000000cf8180 
[ 1452.009982] x15: 0000000000000001 x14: ffffffffffffffff 
[ 1452.009989] x13: 0000000000000000 x12: ffffff8008a21000 
[ 1452.009996] x11: ffffff8008966000 x10: ffffff8008a21648 
[ 1452.010003] x9 : 0000000000000000 x8 : ffffff8008a28dc8 
[ 1452.010010] x7 : 0000000000000000 x6 : 0000000000000003 
[ 1452.010017] x5 : ffffff8008949098 x4 : ffffff8008949000 
[ 1452.010024] x3 : 0000000000000000 x2 : aaaaaaaaaaaaaaaa 
[ 1452.010031] x1 : 5555555555555555 x0 : 555555555555552d 
[ 1452.010039] Process insmod (pid: 568, stack limit = 0xffffff8009660000)
[ 1452.010041] Call trace:
[ 1452.010046] Exception stack(0xffffff8009663a10 to 0xffffff8009663b50)
[ 1452.010051] 3a00:                                   555555555555552d 5555555555555555
[ 1452.010057] 3a20: aaaaaaaaaaaaaaaa 0000000000000000 ffffff8008949000 ffffff8008949098
[ 1452.010062] 3a40: 0000000000000003 0000000000000000 ffffff8008a28dc8 0000000000000000
[ 1452.010067] 3a60: ffffff8008a21648 ffffff8008966000 ffffff8008a21000 0000000000000000
[ 1452.010072] 3a80: ffffffffffffffff 0000000000000001 0000000000cf8180 ffffffbf00cf81c0
[ 1452.010077] 3aa0: 00000000fffffffd 0000000000000000 ffffffc035ab1480 ffffff8008a3ea78
[ 1452.010082] 3ac0: 0000000000000000 ffffffc03b004380 ffffff800896d3b0 ffffff800864a078
[ 1452.010088] 3ae0: ffffff80087b1000 ffffff80007fc180 ffffff80007fc1d0 ffffff8009663b50
[ 1452.010093] 3b00: ffffff80081de580 ffffff8009663b50 ffffff80081de4b8 00000000800001c5
[ 1452.010098] 3b20: ffffff80081de570 ffffff8009663b80 0000007fffffffff ffffff80ffffffff
[ 1452.010103] 3b40: ffffff8009663b50 ffffff80081de4b8
[ 1452.010109] [<ffffff80081de4b8>] lookup_object+0x38/0xc0
[ 1452.010114] [<ffffff80081de580>] find_and_remove_object+0x40/0x90
[ 1452.010119] [<ffffff80081decec>] delete_object_full+0x24/0x38
[ 1452.010125] [<ffffff8008624a08>] kmemleak_free+0xa8/0xb8
[ 1452.010132] [<ffffff80081d83d0>] kfree+0x218/0x2b8
[ 1452.010141] [<ffffff80007ff064>] slub_test_init+0x64/0x1000 [slub_test]
[ 1452.010148] [<ffffff800808345c>] do_one_initcall+0x44/0x12c
[ 1452.010155] [<ffffff800812e5d8>] do_init_module+0x60/0x1d8
[ 1452.010161] [<ffffff80081305c4>] load_module+0x1d5c/0x2060
[ 1452.010166] [<ffffff8008130b3c>] SyS_finit_module+0x9c/0xe8
[ 1452.010170] Exception stack(0xffffff8009663ec0 to 0xffffff8009664000)
[ 1452.010175] 3ec0: 0000000000000003 0000005584e7a260 0000000000000000 0000007f94b2cf68
[ 1452.010181] 3ee0: 0000007f94b28a98 0000000000000270 0000005584e7a010 0000005584e7a010
[ 1452.010186] 3f00: 0000000000000111 0000007f94c178d0 0101010101010101 0000000000000038
[ 1452.010191] 3f20: 0000000000000002 0000000000000000 0000007f949c6e28 0000000000000777
[ 1452.010196] 3f40: 0000007f94a8a640 00000055693b7b10 000000000000000f 0000000000000003
[ 1452.010201] 3f60: 0000005584e7a260 0000000000000000 0000005584e7a260 0000007ff0183d9c
[ 1452.010206] 3f80: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[ 1452.010211] 3fa0: 0000000000000000 0000007ff0182a50 0000005569338974 0000007ff01828e0
[ 1452.010217] 3fc0: 0000007f94a8a664 0000000080000000 0000000000000003 0000000000000111
[ 1452.010221] 3fe0: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
[ 1452.010226] [<ffffff80080832c0>] el0_svc_naked+0x34/0x38
[ 1452.010233] Code: f9400aa0 d503201f b40000e0 d100a000 (f9402c01) 
[ 1452.010238] ---[ end trace 72fa641770d5178d ]---
[ 1452.010246] note: insmod[568] exited with preempt_count 1
[ 1452.010265] /home/caesar/xxdk/cv22_v2.0/ambarella/kernel/linux-4.14/mm/pgtable-generic.c:40: bad pmd 5555555555555555.
[ 1452.016335] BUG vm_area_struct (Tainted: G      D    O   ): Padding overwritten. 0xffffffc035adbef8-0xffffffc035adbfff
[ 1452.024045] Mem abort info:

2. kmemleak

  • 内核配置
    Kernel hacking —>
    在这里插入图片描述
    在这里插入图片描述
  • 测例

➜ linux-4.14/mm/kmemleak-test.c

# insmod kmemleak-test.ko
# echo scan > /sys/kernel/debug/kmemleak 
[  175.348739] kmemleak: 3 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
# cat /sys/kernel/debug/kmemleak 
unreferenced object 0xffffff8008cd5000 (size 4096):
  comm "insmod", pid 548, jiffies 4294789555 (age 68.527s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffff80081bfbe0>] __vmalloc_node_range+0x260/0x290
    [<ffffff80081c015c>] vmalloc+0x64/0xa8
    [<ffffff80007ff14c>] 0xffffff80007ff14c
    [<ffffff800808345c>] do_one_initcall+0x44/0x12c
    [<ffffff800812e5d8>] do_init_module+0x60/0x1d8
    [<ffffff80081305c4>] load_module+0x1d5c/0x2060
    [<ffffff8008130b3c>] SyS_finit_module+0x9c/0xe8
    [<ffffff80080832c0>] el0_svc_naked+0x34/0x38
    [<ffffffffffffffff>] 0xffffffffffffffff
unreferenced object 0xffffff8008ce5000 (size 4096):
  comm "insmod", pid 548, jiffies 4294789565 (age 68.517s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffff80081bfbe0>] __vmalloc_node_range+0x260/0x290
    [<ffffff80081c015c>] vmalloc+0x64/0xa8
    [<ffffff80007ff174>] 0xffffff80007ff174
    [<ffffff800808345c>] do_one_initcall+0x44/0x12c
    [<ffffff800812e5d8>] do_init_module+0x60/0x1d8
    [<ffffff80081305c4>] load_module+0x1d5c/0x2060
    [<ffffff8008130b3c>] SyS_finit_module+0x9c/0xe8
    [<ffffff80080832c0>] el0_svc_naked+0x34/0x38
    [<ffffffffffffffff>] 0xffffffffffffffff
unreferenced object 0xffffff8008ced000 (size 4096):
  comm "insmod", pid 548, jiffies 4294789570 (age 68.512s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<ffffff80081bfbe0>] __vmalloc_node_range+0x260/0x290
    [<ffffff80081c015c>] vmalloc+0x64/0xa8
    [<ffffff80007ff188>] 0xffffff80007ff188
    [<ffffff800808345c>] do_one_initcall+0x44/0x12c
    [<ffffff800812e5d8>] do_init_module+0x60/0x1d8
    [<ffffff80081305c4>] load_module+0x1d5c/0x2060
    [<ffffff8008130b3c>] SyS_finit_module+0x9c/0xe8
    [<ffffff80080832c0>] el0_svc_naked+0x34/0x38
    [<ffffffffffffffff>] 0xffffffffffffffff

kasan

  • 内核配置
    Kernel hacking —>
    ------ Memory Debugging —>
    编译完内核镜像过大,当前板子烧写不成功,后面再试

本文链接: http://www.dtmao.cc/news_show_450202.shtml

附件下载

相关教程

    暂无相关的数据...

共有条评论 网友评论

验证码: 看不清楚?