LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Programming (https://www.linuxquestions.org/questions/programming-9/)
-   -   unable to handle kernel paging request at virtual address ffffffff (https://www.linuxquestions.org/questions/programming-9/unable-to-handle-kernel-paging-request-at-virtual-address-ffffffff-4175490756/)

Brian Lu 01-09-2014 09:19 PM
unable to handle kernel paging request at virtual address ffffffff
 
Hi All
I have a system which is using linux kernel 2.6.22.It is hard to change new version for some reason.
I found a problem,when I executed the following rule to kill the tunnel:
/sbin/ip link set tun0 down
/sbin/ip tunnel del tun0 remote 100.100.100.1 local 200.200.200.2 ttl 255

My network will stop working,and I found the message:

<7>In IFLA_INET6_STATS,tun0
<1>BUG: unable to handle kernel paging request at virtual address ffffffff
<1> printing eip:
<4>c1208940
<1>*pdpt = 0000000000003001
<1>*pde = 0000000000004067
<1>*pte = 0000000000000000
<0>Oops: 0000 [#1]
<0>SMP
<4>Modules linked in: tcp_bic ipt_NETFLOW ipt_weburl xt_webstr(P) cls_u32 twofish twofish_common aes des sha256 ipt_LOG xt_limit ipt_IMQ cls_fw sch_sfq sch_htb ipt_REJECT xt_TCPMSS iptable_filter imq xt_time xt_string ipt_iprange xt_ctdirmark(P) xt_CTDIRMARK(P) ipt_account xt_gw xt_icmpid(P) xt_ingw xt_BALANCE(P) qbkflow qbkf_timeout(P) nf_nat_pptp nf_conntrack_pptp ts_bm xt_connlimit xt_layer7 nf_nat_ftp nf_conntrack_ftp nf_nat_proto_gre nf_conntrack_proto_gre iptable_mangle iptable_nat nf_nat xt_connbytes xt_CLASSIFY xt_MARK xt_mark xt_state xt_CONNMARK xt_connmark tun ipcomp esp4 ah4 serpent crypto_null blowfish af_key n_hdlc e1000e e1000 r8168 usbserial squashfs
<0>CPU: 1
<0>EIP: 0060:[<c1208940>] Tainted: P VLI
<0>EFLAGS: 00010297 (2.6.22 #102)
<0>EIP is at snmp_fold_field+0x22/0x4e
<0>eax: ffffffff ebx: 00000000 ecx: 00000000 edx: 00000000
<0>esi: 00000004 edi: edba00fc ebp: edba0000 esp: e88dfca8
<0>ds: 007b es: 007b fs: 00d8 gs: 0033 ss: 0068
<0>Process ip (pid: 29528, ti=e88de000 task=ed04da90 task.ti=e88de000)
<0>Stack: 00000000 ed3d40d0 00000001 c122cc8c c13303d3 ed950000 edba00fc 00000003
<0> ed3d4068 ed3d4044 ed3d40cc ee256880 c122d09d 000000c8 edba00fc ed950000
<0> edba0054 00000064 edba0000 ed3d4000 00000000 ed950000 ed3d4068 0000ffff
<0>Call Trace:
<0> [<c122cc8c>] snmp6_fill_stats+0x67/0x134
<0> [<c122d09d>] inet6_fill_ifinfo+0x344/0x3f2
<0> [<c122d193>] inet6_ifinfo_notify+0x48/0xc8
<0> [<c122de51>] addrconf_ifdown+0x241/0x2b7
<0> [<c122ffad>] addrconf_notify+0x6e3/0x785
<0> [<c10fb452>] extract_entropy+0x45/0x89
<0> [<c11da0cd>] nlmsg_notify+0x3f/0x67
<0> [<c1020cbd>] lock_timer_base+0x19/0x35
<0> [<c11be914>] skb_dequeue+0x39/0x3f
<0> [<c11c7575>] pneigh_queue_purge+0x1e/0x26
<0> [<c11c8123>] neigh_ifdown+0x97/0xa0
<0> [<c1262501>] notifier_call_chain+0x2a/0x47
<0> [<c1023a84>] raw_notifier_call_chain+0x17/0x1a
<0> [<c11c3c13>] unregister_netdevice+0x144/0x1cf
<0> [<c104126f>] filemap_nopage+0x182/0x293
<0> [<c101fca8>] __capable+0x8/0x1b
<0> [<c12149eb>] ipgre_tunnel_ioctl+0x2b9/0x2df
<0> [<c10136a6>] kmap_atomic+0x1c/0x20
<0> [<c125ffaa>] __mutex_lock_slowpath+0x1e0/0x1e8
<0> [<c11babfe>] move_addr_to_user+0x50/0x68
<0> [<c1214732>] ipgre_tunnel_ioctl+0x0/0x2df
<0> [<c11c43be>] dev_ifsioc+0x37b/0x396
<0> [<c11b99e7>] sock_ioctl+0x0/0x1be
<0> [<c11c497e>] dev_ioctl+0x3dc/0x436
<0> [<c107bddd>] inotify_d_instantiate+0x41/0x66
<0> [<c1068fca>] d_instantiate+0x3f/0x4a
<0> [<c11b99e7>] sock_ioctl+0x0/0x1be
<0> [<c1064321>] do_ioctl+0x21/0x9f
<0> [<c11ba7df>] sys_socket+0x29/0x3e
<0> [<c10645cd>] vfs_ioctl+0x22e/0x240
<0> [<c1064612>] sys_ioctl+0x33/0x4d
<0> [<c1003cf2>] sysenter_past_esp+0x5f/0x85
<0> =======================
<0>Code: 00 00 00 00 5b 89 d0 5e c3 57 89 c7 56 b8 80 11 3d c1 53 89 d3 e8 99 a3 ec ff 8d 34 9d 00 00 00 00 31 db 89 c1 eb 25 8b 07 f7 d0 <8b> 14 88 8b 47 04 f7 d0 8b 04 88 8b 04 30 03 04 32 ba 80 11 3d
<0>EIP: [<c1208940>] snmp_fold_field+0x22/0x4e SS:ESP 0068:e88dfca8

vim ./linux-2.6.22/net/ipv6/addrconf.c
Code:
static inline void __snmp6_fill_stats(u64 *stats, void **mib, int items,
                      int bytes)
{
    int i;
    int pad = bytes - sizeof(u64) * items;
    BUG_ON(pad < 0);

    /* Use put_unaligned() because stats may not be aligned for u64. */
    put_unaligned(items, &stats[0]);
    for (i = 1; i < items; i++)
        put_unaligned(snmp_fold_field(mib, i), &stats[i]);

    memset(&stats[items], 0, pad);
}

static void snmp6_fill_stats(u64 *stats, struct inet6_dev *idev, int attrtype,
                int bytes)
{
    switch(attrtype) {
    case IFLA_INET6_STATS:
        printk(KERN_DEBUG "In IFLA_INET6_STATS,%s\n",idev->dev->name);
        if (idev->stats.ipv6)
        __snmp6_fill_stats(stats, (void **)idev->stats.ipv6, IPSTATS_MIB_MAX, bytes);
        else
        printk(KERN_DEBUG "In IFLA_INET6_STATS,%s has null pointer.\n",idev->dev->name);
        printk(KERN_DEBUG "Out IFLA_INET6_STATS,%s\n",idev->dev->name);
        break;
    case IFLA_INET6_ICMP6STATS:
        //printk(KERN_DEBUG "In IFLA_INET6_ICMP6STATS,%s\n",idev->dev->name);
        //if (idev->stats.icmpv6)
        __snmp6_fill_stats(stats, (void **)idev->stats.icmpv6, ICMP6_MIB_MAX, bytes);
        //else
        //printk(KERN_DEBUG "In IFLA_INET6_ICMP6STATS,%s has null pointer.\n",idev->dev->name);
        //printk(KERN_DEBUG "Out IFLA_INET6_ICMP6STATS,%s\n",idev->dev->name);
        break;
    }
}
<1>BUG: unable to handle kernel paging request at virtual address ffffffff
=>I searched on the google and got a reason..it means function retuen and found an overflow caused the problem.

Can anyone teach me how to fix this problem?
Any suggestion will be appreciated.

Brian Lu

Habitual 01-10-2014 09:12 AM
Quote:
Originally Posted by Brian Lu (Post 5095251)
Any suggestion will be appreciated.
Brian Lu
Brian:

Six Years you've been registered and you're not using Code Tags?

Brian Lu 01-12-2014 08:58 PM
Hi Habitual

I've added Code Tags,and thanks for your reply.

Best regards,
Brian Lu


All times are GMT -5. The time now is 11:28 AM.