the patch, if the debuginfo data of an ARM64 kernel module that
contains a per-cpu section is loaded by "mod -s <module>" or
"mod -S", commands such as "bt" or "sym" may incorrectly translate
the module's virtual addresses to symbol names.
(Jan.Karlsson@sonymobile.com)
where the string contains a parentheses-within-parentheses
expression along with a ">" or ">>" operator inside the outermost
set of parentheses. Without the patch, a command such as the
following fails like so:
crash> p ((1+1) >> 1)
p: gdb request failed: p ((1+1)
crash>
(anderson@redhat.com)
"union", "task", "list" and "tree" commands. If a specified
structure member contains an embedded structure, the output may
be restricted to just the embedded structure by expressing the
.member argument as "member.member". If a specified structure
member is an array, the output may be restricted to a single array
element by expressing the .member argument as "member[index]".
Furthermore, these embedded member specifications may extend beyond
one level deep, for example, by expressing the member argument as
"member.member.member", or "member[index].member".
(Alexandr_Terekhov@epam.com, anderson@redhat.com)
and "vtop" commands. Without the patch, if "vm -p" references a
swapped-out page on Linux 4.0 and later kernels, the SWAP location
may indicate "(unknown swap location)", and will show an invalid
OFFSET value; on Linux 3.13 and later kernels, running "vtop" on a
user virtual address incorrectly translates the PTE contents of
swapped out pages by showing a PHYSICAL address and FLAGS translation
instead of the SWAP device and OFFSET. It is possible that there may
be PTE bit translation errors on other kernel versions; the patch
addresses the changes in ARM64 PTE bit definitions made in Linux
3.11, 3.13, and 4.0 kernels.
(anderson@redhat.com)
"sys" command to account for the Linux 3.17 change that moved
the "timekeeper" symbol and structure into a containing tk_core
structure; the "shadow_timekeeper" timekeeper will be used as an
alternative. Without the patch, the DATE shows something within
a few hours of the Linux epoch, such as "Wed Dec 31 18:00:00 1969".
(kmcmartin@redhat.com)
kernels. Without the patch, the crash session fails during
initialization with the message "crash: invalid/unsupported page
size: 98304" on kernels with 64K pages. On kernels with 4K pages,
the message is "crash: invalid/unsupported page size: 6144". In
addition, the "-p <page-size>" command line override option
had no effect on ARM64; that has been fixed as well.
(anderson@redhat.com)
subdirectory when "make extensions" is complete, and update the
top-level .gitignore file to ignore post-build extensions
subdirectory files.
(anderson@redhat.com)
is invoked with the "-d<number>" debug flag. Without the patch,
the invalid message is "WARNING: SPARSEMEM_EX: questionable section
values".
(anderson@redhat.com)
but it allows the user to specify the page struct members to be
displayed. The option takes a comma-separated list of one or
more page struct members, which will be displayed following the
page structure address. The "flags" member will always be expressed
in hexadecimal format, and the "_count" and "_mapcount" members will
always be expressed in decimal format. Otherwise, all other members
will be displayed in hexadecimal format unless the current output
radix is 10 and the member is a signed/unsigned integer. Members
that are data structures may be specified by the data structure's
member name, or expanded to specify a member of that data structure.
For example, "-m lru" refers to a list_head data structure, in which
case both the list_head.next and list_head.prev pointer values will
be displayed; if "-m lru.next" is specified, just the list_head.next
value will be displayed.
(atomlin@redhat.com, anderson@redhat.com)
they are used in an input file. If more than one of any of those
four commands are used in an input file, the output of the second
and subsequent command instances will not display their respective
command headers.
(anderson@redhat.com)
created by the makedumpfile(8) facility. When sorting the blocks of
memory by their intended ELF or compressed kdump file offsets, the
patch replaces the bubble-sort method that is currently used with an
insertion sort method.
(dslutz@verizon.com)
"crash -t" option is run on a live system, and when analyzing remote
Linux kernels. Without the patch, "crash -t" on a live system fails
with the message "crash: cannot open remote memory source: /dev/mem",
and attempts to analyze a Linux kernel remotely just shows the kernel
timestamp and exits immediately.
(dslutz@verizon.com, anderson@redhat.com)
(1) The MIPS general purpose registers in the elf_gregset_t
don't start at index 0 but at index 6.
(2) Adjust for the kernel's pt_regs structure changes between
kernel versions. For example, fields are inserted into the
middle based on build time options, and the amount of padding
at the head of the structure was changed relatively recently.
To handle this, split the structure definition into two parts
and get the offsets of these two parts dynamically.
(3) Do not display each parsed kernel symbol during initialization
when invoked with "crash -d8".
(4) Add support for loading raw MIPS ramdump dumpfiles.
(5) Add support for compressed kdump dumpfiles.
(rabinv@axis.com)
data of specified cpus. It can be used in conjunction with all runq
command options. The cpus must be specified in a comma- and/or
dash-separated list; for examples, "3", "1,8,9", "1-23", or "1,8-15".
(anderson@redhat.com)
a bundle of data that describes a structure member. The function
receives a pointer to a struct_member_data structure, in which the
caller has initialized the "structure" and "member" name pointers:
struct struct_member_data {
char *structure;
char *member;
long type;
long unsigned_type;
long length;
long offset;
long bitpos;
long bitsize;
};
A gdb "printm" command is crafted using those two fields, and the
output of the command is used to initialize the remaining six fields.
Adapted from Qiao Nuohan's "pstruct" extension module.
(anderson@redhat.com, qiaonuohan@cn.fujitsu.com)
string into a buffer allocated with GETBUF(). As is the case with
any buffer allocated with GETBUF(), it is only meant to exist during
the life-span of the current command. If it is not explicitly freed
via FREEBUF(), then it will be freed automatically prior to the next
command.
(anderson@redhat.com)
chains during session initialization. If a chain has been corrupted,
the patch prevents the sequence from entering an infinite loop, and
the error messages associated with corrupt/invalid chains have been
updated to report the pid_hash[] index number.
(anderson@redhat.com)
There may be holes in the memory address saved for PCI, etc. In such
cases, the memory dump is divided into regions. With this patch, up
to 3 memory regions are supported.
(hfu@vmware.com)
of their respective memory segments are not laid out sequentially
from low to high in the dumpfile. This has only been seen in ELF
vmcore files created by the VMware vmss2core facility. Without the
patch, the crash session may fail during initialization, either with
the message "cannot malloc ELF header buffer", or "crash: <dumpfile>:
not a supported file format".
(anderson@redhat.com)
layout introduced in Linux 3.17. The vmalloc region end address, and
the vmemmap start and end addresses are now calculated at kernel
build time, because they depend upon the size of a struct page.
Accordingly, the crash utility needs to calculate those three address
values dynamically, after the embedded gdb module has initialized.
Without the patch, reads of page structures return invalid data due
to incorrect virtual-to-physical translations of memory in the
vmemmap range. This in turn causes commands that require page
structure contents to fail or show invalid data, such as "kmem -p",
"kmem -[sS]", and the "kmem -[fF]" options.
(anderson@redhat.com)
symbols that are below the text region. Without the patch, several
recently-introduced absolute symbols have been introduced into the
kernel, which will be displayed by "sym -l" prior to the first kernel
virtual address symbol, and will show up in command output where
memory values are translated into kernel symbol references.
(anderson@redhat.com)
change from "is_paused_by_controller" to "controller_pause_count".
Without the patch, in Xen 4.2.5 and later, the crash session fails
during initialization with the error message 'crash: invalid
structure member offset: domain_is_paused_by_controller".
(dietmar.hahn@ts.fujitsu.com)
done from within a previously-existing build tree, the "patch -N"
option is used to ignore patches that have been previously applied;
this patch also applies the "patch -r-" option to prevent unnecessary
.rej files from being created.
(anderson@redhat.com)
patch, if an external piped-to command contains a quoted string that
includes a "|" character, the command fails with the message "crash:
pipe operation failed".
(anderson@redhat.com)
dumpfile format. Without the patch, there is a limitation caused
by several 32-bit members of dump_header structure, in particular
the max_mapnr member, which overflows if the dumpfile contains more
than 16TB of physical memory space. The header_version member of
the dump_header structure has been increased from 0 to 1 in this
extended new format, and the new 64-bit members will be used.
(d.hatayama@jp.fujitsu.com)
requires more than 2048 page header accesses. This was put in place
because of the non-random-access design of LKCD dumpfiles. Without
the patch, the spinner display is intermingled with command output,
which complicates the parsing of the output.
(watters.sam@gmail.com)
50:leaked_storage: Variable "fp" going out of scope leaks the
storage it points to.
53:leaked_storage: Variable "fp" going out of scope leaks the
storage it points to.
256⚠️ Use of memory after it is freed
(anderson@redhat.com)
if the Red Hat "kpatch" module is installed, the tag "[LIVEPATCH]"
will be displayed next to the kernel name in the initial system banner
and by the "sys" command. This new tag replaces the "[KPATCH]" tag
introduced in crash-7.0.7.
(anderson@redhat.com)
the "net -a" option appends its correct output with the command's
"Usage:" message; and if either the "net -x" or "net -d" options are
used without also specifying "-s" or "-S", the error message would
indicate "net: illegal flag: 800000" or "net: illegal flag: 1000000"
instead of showing the command's "Usage:" message.
(anderson@redhat.com)
Similar to all other supported dumpfile types, it is invoked as:
$ crash vmlinux <vmname>.vmss
A "<vmname>.vmss" file created by the VMware vSphere ESX hypervisor
contains a header and the full memory image. A "<vmname>.vmss" file
created by the VMware Workstation facility only contains the header,
and must be accompanied by a companion "<vmname>.vmem" memory image
that is located in the same directory as the "<vmname>.vmss" file.
(hfu@vmware.com)
