contain this kernel commit that modifies the tvec_root and tvec
data structures:
commit bc7a34b8b9ebfb0f4b8a35a72a0b134fd6c5ef50
timer: Use hlist for the timer wheel hash buckets
Without the patch, the "timer" command will spew messages indicating
"timer: invalid list entry: 0", followed by "timer: ignoring faulty
timer list at index <number> of timer array".
(anderson@redhat.com)
command line argument. Without the patch, six error messages are
displayed:
crash: unable to read dump file /tmp
/tmp: ELF header read: Is a directory
/tmp: ELF header read: Is a directory
crash: /tmp: read: Is a directory
read_maps: unable to read header from /tmp, errno = 1
crash: vmw: Failed to read '/tmp': [Error 21] Is a directory
With the patch applied, the functions that generate those messages
are not called; only the standard "not a supported file format",
and "Usage" messages will be displayed.
(anderson@redhat.com)
Without the patch, if the target address of "dis -r" or "dis -f"
is not an exact address of an instruction, "dis -r" will continue
beyond the target address, and "dis -f" will show nothing.
(anderson@redhat.com)
instructions. Without the patch, "dis [-f] <function>" may continue
beyond the end of a function, disassembling the memory that is in
between the target function and the next function.
(anderson@redhat.com)
target addresses from being displayed as kernel system call
alias/wrapper names, for example, "SyS_read+<offset>" instead
of "sys_read+<offset>".
(anderson@redhat.com)
"live" s390x dumpfiles created by the VMDUMP, stand-alone dump, or
"virsh dump" facilities, none of which explicitly mark the dumpfile
as a "live dump", run a standard "bt" backtrace on each kernel stack
instead of the text-address-only "bt -t". Without the patch, an
invalid text reference may be found in a task's kernel stack due to
the common zero-based user and kernel virtual address space ranges of
the s390x, causing the task to be mistakenly set as the "PANIC" task.
(holzheu@linux.vnet.ibm.com)
Do not search for a panic task in s390x dumpfiles that are marked
as a "live dump"...
The first part prevented a search of the active tasks; this part
prevents the last-ditch search of all tasks.
(anderson@redhat.com)
the "snap.so" extension module as "(ACTIVE)" in the STATE field of
the initial system banner and the "set" command. Without the patch,
the task's STATE field shows it as the "(PANIC)" task.
(anderson@redhat.com)
a "live dump". Without the patch, an exhaustive, unnecessary, search
of all kernel stacks that looks for evidence of a system crash may
find an invalid reference in a task's kernel stack due to the common
zero-based user and kernel virtual address space ranges of the s390x,
causing the task to be mistakenly set as the "PANIC" task.
(holzheu@linux.vnet.ibm.com, anderson@redhat.com)
and later big-endian machines. Without the patch, a task's RSS value
will be erroneously calculated by using twice its file pages instead
of adding its file pages with its anonymous pages.
(anderson@redhat.com)
kdump header, and the user has not used the --zero_excluded command
line option, append a note to the incomplete dump WARNING message
shown during invocation that suggests the use of --zero_excluded.
(zhouwj-fnst@cn.fujitsu.com)
kernels that are not configured with CONFIG_TRACE_MAX_TRACER.
Without the patch, the module fails to load with the error message
"failed to init the offset, struct: trace_array, member: max_offset".
(rabinv@axis.com)
options when analyzing the active tasks in vmcores generated by the
kdump facility. This bug is a regression that was introduced in
crash-7.1.2 by commit 15a58e4070, which
was an enhancement of the ARM64 backtrace capability for active tasks
in kdump vmcores.
(anderson@redhat.com)
options in kernels configured with CONFIG_SLUB. Without the patch,
if a referenced slab object address comes from a slab cache that
utilizes a multiple-page slab, and the object is located within
a tail page of that slab cache, it will not be recognized as a slab
object. The "bt -F[F]" and "rd -S[S]" options will just show the
object address, and the "kmem -s <address>" object will indicate
"kmem: address is not allocated in slab subsystem: <address>".
This bug is a regression that was introduced in crash-7.1.0 by commit
8b2cb365d7, which addressed a bug where
stale slab object addresses were incorrectly being recognized as
valid slab objects.
(anderson@redhat.com)
in the unlikely event that the dumpfile header does not contain the
VMCOREINFO note section from the original ELF /proc/vmcore. Without
the patch, the command displays nothing instead of showing "unknown".
(anderson@redhat.com)
and there are multiple text symbols with the same symbol name, then
display a message indicating that there are "duplicate text symbols
found", followed by a list of the symbols. Without the patch, the
duplicate symbol with the lowest virtual address is used.
(atomlin@redhat.com, anderson@redhat.com)
returns a count of symbols with the same name. Export a new
is_symbol_text() function, which checks whether specified symbol
entry is a type 't' or 'T'.
(atomlin@redhat.com, anderson@redhat.com)
with gcc version 5. Without the patch, the message "warning: the
use of 'mktemp' is dangerous, better use 'mkstemp'" is generated.
(anderson@redhat.com)
"dis" command without a count argument, disassemble the entire
function -- similar to when a symbol name of a function is passed
without a count argument. Without the patch, only one instruction
is displayed.
(atomlin@redhat.com)
This is required when "make extensions" is executed after the top
level crash binary has been built with "make TARGET=MIPS" on an
x86_64 host.
(rabinv@axis.com)
format if an invalid structure and/or member is used as an argument.
Without the patch, the command will display the expected error
indicating "task: invalid structure member reference", but then will
be followed by a stream of "task: recursive temporary file usage"
error messages.
(anderson@redhat.com)
Without the patch, if the target kernel was not configured with both
CONFIG_FAIR_GROUP_SCHED and CONFIG_RT_GROUP_SCHED, the command fails
with the message "runq: -g option not supported or applicable on this
architecture or kernel". With this patch, if the kernel was built
with either CONFIG_FAIR_GROUP_SCHED or CONFIG_RT_GROUP_SCHED, the
command will execute.
(rabinv@axis.com)
option is context-sensitive, similar to the the regular "files"
command when used without an argument, but replaces the FILE and
DENTRY columns with I_MAPPING and NRPAGES columns that reflect
each open file's inode.i_mapping address_space structure address,
and the address_space.nrpages count within it; this shows how
many of each open file's pages are currently in the system's
page cache. The "files -p <inode>" option takes the address
of an inode, and dumps all of its pages that are currently in the
system's page cache, borrowing the "kmem -p" page structure output.
(yangoliver@gmail.com)
of cpus. Without the patch, the command may fail prematurely with
a dump of the internal crash utility allocated buffer statistics
followed by the message "timer: cannot allocate any more memory!",
(anderson@redhat.com)
function with the most recent version of the kernel's getvecname()
function, which was updated in Linux 3.12. Without the patch, the
"Hypervisor Decrementer", "Emulation Assist", "Hypervisor Doorbell",
"Altivec Unavailable", "Instruction Breakpoint", "Denormalisation",
"HMI" and "Altivec Assist" exception types are not recognized and
their exception frames not displayed; the "Doorbell" exception type
is marked as a "reserved" exception type.
(anderson@redhat.com)
that are blocked in __schedule(). Without the patch, there will be
two "__switch_to" frames displayed before the normal "__schedule"
frame that is used as the starting point for blocked tasks.
(anderson@redhat.com)
the patch, the backtrace may fail immediately with the error message
"bt: invalid kernel virtual address: f type: Regs NIP value".
(anderson@redhat.com)
patch, in the unlikely event where the GETBUF() facility has to
utilize malloc() to allocate a buffer, and CTRL-c is entered while
that buffer is being zeroed out before being returned to the caller,
it may result in a never-ending set of "malloc-free mismatch" error
messages.
(anderson@redhat.com)
state. Without the patch:
(1) The "ps" command's ST column shows "??" for tasks in the
TASK_WAKING state.
(2) The "ps" command's ST column shows "??" for tasks in the
TASK_PARKED state in Linux 3.14 and later kernels.
(3) The STATE field of the initial system banner and the "set"
command are incorrect if the task state has the TASK_WAKING,
TASK_WAKEKILL modifier, or TASK_PARKED bits set in Linux 3.14
and later kernels.
(4) The "foreach DE" task identifier fails if a task with a PID
number of 0xDE (222) exists.
(5) The "foreach" command's "SW", "PA", "TR" and "DE" task
identifiers inadvertently select all tasks in kernel versions
that do not have those states.
(6) The "help -t" output would display incorrect values for the
TASK_WAKEKILL, TASK_WAKING and TASK_PARKED states in Linux 3.14
and later kernels.
Lastly, support for the TASK_NOLOAD modifier introduced in Linux 4.2
has been added to STATE field of the "set" command and the initial
system banner.
(anderson@redhat.com)
"flattened format" dumpfiles if the dumpfile is truncated/incomplete.
Without the patch, the sorting function continues performing invalid
reads beyond the of the dumpfile, which may lead to an infinite loop
instead of a session-ending error message. In addition, since the
sorting operation may take several minutes, a "please wait" message
with an incrementing percentage-complete counter will be displayed.
(anderson@redhat.com)
format dumpfiles. Without the patch, the rearranged data array
initialization is performed before the vmcoreinfo data in the
header is read, which can take a significant amount of time with
large dumpfiles. The patch simply looks for the appropriate
vmcoreinfo data string near the beginning of the dumpfile.
(anderson@redhat.com)
Linux 4.0 commit 2f859d0dad818765117c1cecb24b3bc7f4592074, which
removes the "async_stack" and "panic_stack" members from the "pcpu"
structure. Without the patch, backtraces of active tasks that were
executing I/O or machine check interrupts are not displayed, while
other tasks may generate fatal readmem() errors of type "readmem_ul".
(holzheu@linux.vnet.ibm.com)
backtraces of the active tasks start at the function that is saved
in each per-cpu ELF note. With the patch, the backtrace will start
at the "crash_kexec" function on the panicking cpu, and at the
"crash_save_cpu" function on the other active cpus. By doing so,
the backtrace will display the exception handling functions leading
to crash_kexec() or crash_save_cpu(), as well as the exception frame
register set as it was at the time of the fatal exception on the
panic cpu, or when the shutdown IPI was received on the other cpus.
(anderson@redhat.com)
the patch, if the debuginfo data of an ARM64 kernel module that
contains a per-cpu section is loaded by "mod -s <module>" or
"mod -S", commands such as "bt" or "sym" may incorrectly translate
the module's virtual addresses to symbol names.
(Jan.Karlsson@sonymobile.com)
where the string contains a parentheses-within-parentheses
expression along with a ">" or ">>" operator inside the outermost
set of parentheses. Without the patch, a command such as the
following fails like so:
crash> p ((1+1) >> 1)
p: gdb request failed: p ((1+1)
crash>
(anderson@redhat.com)
"union", "task", "list" and "tree" commands. If a specified
structure member contains an embedded structure, the output may
be restricted to just the embedded structure by expressing the
.member argument as "member.member". If a specified structure
member is an array, the output may be restricted to a single array
element by expressing the .member argument as "member[index]".
Furthermore, these embedded member specifications may extend beyond
one level deep, for example, by expressing the member argument as
"member.member.member", or "member[index].member".
(Alexandr_Terekhov@epam.com, anderson@redhat.com)
and "vtop" commands. Without the patch, if "vm -p" references a
swapped-out page on Linux 4.0 and later kernels, the SWAP location
may indicate "(unknown swap location)", and will show an invalid
OFFSET value; on Linux 3.13 and later kernels, running "vtop" on a
user virtual address incorrectly translates the PTE contents of
swapped out pages by showing a PHYSICAL address and FLAGS translation
instead of the SWAP device and OFFSET. It is possible that there may
be PTE bit translation errors on other kernel versions; the patch
addresses the changes in ARM64 PTE bit definitions made in Linux
3.11, 3.13, and 4.0 kernels.
(anderson@redhat.com)
"sys" command to account for the Linux 3.17 change that moved
the "timekeeper" symbol and structure into a containing tk_core
structure; the "shadow_timekeeper" timekeeper will be used as an
alternative. Without the patch, the DATE shows something within
a few hours of the Linux epoch, such as "Wed Dec 31 18:00:00 1969".
(kmcmartin@redhat.com)
kernels. Without the patch, the crash session fails during
initialization with the message "crash: invalid/unsupported page
size: 98304" on kernels with 64K pages. On kernels with 4K pages,
the message is "crash: invalid/unsupported page size: 6144". In
addition, the "-p <page-size>" command line override option
had no effect on ARM64; that has been fixed as well.
(anderson@redhat.com)
