headers
Dave Anderson | 17 Jun 2013 20:38
Picon
Favicon

[ANNOUNCE] crash-7.0.1 is available


Download from: http://people.redhat.com/anderson

Changelog:

 - Fix the -I include path sequence in the extensions/eppic.mk file to
   prevent a series of "redefined" and "redeclaration" warnings when
   compiling the EPPIC extension module.
   (anderson <at> redhat.com)

 - Address two compile-time warnings generated as a result of the 
   gdb-7.6.patch.  Without the patch, there are "warning: no previous 
   prototype" warnings for gdb_main_entry() and replace_ui_file_FILE().
   (anderson <at> redhat.com)

 - Implemented a new "mod -t" option that walks through the installed
   modules and checks for non-zero values in each module's "taints" 
   bitmask, and translates the bits into symbolic letters if possible,
   or shows the hexadecimal value of the bitmask if not.  In older
   kernels, the "license_gplok" field is checked, and if non-zero, its
   value is displayed in hexadecimal.  Lastly, if the "gpgsig_ok" member
   exists and is zero, a "(U)" notation will also be displayed.
   (atomlin <at> redhat.com, anderson <at> redhat.com)

 - Fixed compiler warnings generated by extensions/trace.c when compiled
   with -DFORTIFY_SOURCE=2.  Without the patch, the messages "warning: 
   ignoring return value of 'mktemp', declared with attribute 
   warn_unused_result", "warning: ignoring return value of 'fwrite', 
   declared with attribute warn_unused_result", and "warning: 
   'trace_dat' may be used uninitialized in this function" are
(Continue reading)

Permalink | Reply | 0 comments |
headers
Alexandr Terekhov | 6 Jun 2013 12:24

x86_64: Function parameters from stack frames

Hello,

I'd like to introduce a small patch for the crash tool (I described an idea behind it https://www.redhat.com/archives/crash-utility/2013-March/msg00164.html).
* crash version 6.1.6
* arch x86_64

You can find it here https://github.com/hziSot/crash-stack-parser
So, here are some results from a real system:

=======> CPU #0

bin> bt  
PID: 0      TASK: ffffffff81a8d020  CPU: 0   COMMAND: "swapper"
 #0 [ffff880045603920] machine_kexec at ffffffff8103284b
 #1 [ffff880045603980] crash_kexec at ffffffff810ba972
 #2 [ffff880045603a50] oops_end at ffffffff81501860
 #3 [ffff880045603a80] no_context at ffffffff81043bfb
 #4 [ffff880045603ad0] __bad_area_nosemaphore at ffffffff81043e85
 #5 [ffff880045603b20] bad_area_nosemaphore at ffffffff81043f53
 #6 [ffff880045603b30] __do_page_fault at ffffffff810446b1
 #7 [ffff880045603c50] do_page_fault at ffffffff8150383e
 #8 [ffff880045603c80] page_fault at ffffffff81500bf5
 #9 [ffff880045603d60] activate_task at ffffffff81053953
#10 [ffff880045603d70] try_to_wake_up at ffffffff810600c0
#11 [ffff880045603de0] default_wake_function at ffffffff810602c2
#12 [ffff880045603df0] __wake_up_common at ffffffff8104e369
#13 [ffff880045603e40] complete at ffffffff81053347
#14 [ffff880045603e70] qla24xx_msix_default at ffffffffa00a8f74 [qla2xxx]
#15 [ffff880045603ed0] handle_IRQ_event at ffffffff810dbb10
#16 [ffff880045603f20] handle_edge_irq at ffffffff810de29e
(Continue reading)

Permalink | Reply | 2 comments |
headers
Michael Holzheu | 4 Jun 2013 14:32
Picon

[PATCH] s390x: Fix linux-3.10 backtrace for interrupt stacks

Hi Dave,

The following upstream kernel git commit introduced a crash regression
in v3.10-rc1 for s390x:

    commit dc7ee00d4771b3218b10e09e1071ee6eb176d381
    Date:   Wed Apr 24 10:20:43 2013 +0200

    s390: lowcore stack pointer offsets

    Store the stack pointers in the lowcore for the kernel stack, the async
    stack and the panic stack with the offset required for the first user.
    This avoids an unnecessary add instruction on the system call path.

    -	lc->async_stack = pcpu->async_stack + ASYNC_SIZE;
    -	lc->panic_stack = pcpu->panic_stack + PAGE_SIZE;
    +	lc->async_stack = pcpu->async_stack + ASYNC_SIZE
    +		- STACK_FRAME_OVERHEAD - sizeof(struct pt_regs);
    +	lc->panic_stack = pcpu->panic_stack + PAGE_SIZE
    +		- STACK_FRAME_OVERHEAD - sizeof(struct pt_regs);

The s390x crash code uses lowcore->panic/async_stack to find out the
location of the per-cpu stacks. With the above kernel change this is
no longer correct. For newer kernels with the "pcpu_devices" array
there is a second location where the stacks are stored. With this
patch we use the new location if available.

Signed-off-by: Michael Holzheu <holzheu <at> linux.vnet.ibm.com>
---
 s390x.c |   42 ++++++++++++++++++++++++++++++++++--------
(Continue reading)

Permalink | Reply | 1 comment |
headers
Aaron Tomlin | 19 May 2013 18:51
Picon
Favicon

[Patch v4] Show module taint flags

Hi Dave,

Since v4:

 - Updated help_mod[] help page
 - User is notified if no tainted modules exists
 - Added the '-t' option, to display the hexadecimal value of a module's "taint" flag

 
Examples:

	crash> mod -T
	NOTE: modules have changed on this system -- reinitializing
	NAME                     TAINT
	test                     GFO
	
	crash> mod -t
	NAME                     TAINT
	test                     0x1002
	
	crash> mod -T
	NAME                 TAINT
	vxfs                 P(U)
	vxspec               P(U)
	dmpaa                P(U)
	dmpap                P(U)
	dmpjbod              P(U)
	fdd                  P(U)
	vxportal             P(U)
	vxdmp                P(U)
(Continue reading)

Permalink | Reply | 2 comments |
headers
Dave Anderson | 17 May 2013 22:07
Picon
Favicon

EPPIC: fails to build in crash-7.0.0/gdb-7.6 environment


Luc et al,

As I mentioned in the crash-7.0.0 announcement, the build 
of the eppic extension module fails due to changes in the
newly-embedded gdb-7.6 tree:

$ make extensions
...
Cloning into 'eppic'...
remote: Counting objects: 154, done.
remote: Finding sources: 100% (154/154), done.
remote: Total 154 (delta 65)
Receiving objects: 100% (154/154), 173.79 KiB | 267 KiB/s, done.
Resolving deltas: 100% (65/65), done.
cd eppic/libeppic && make
bison -peppic -v -t -d eppic.y
eppic.y: conflicts: 253 shift/reduce, 20 reduce/reduce
cc -O0 -g -fPIC   -c -o eppic_util.o eppic_util.c
cc -O0 -g -fPIC   -c -o eppic_node.o eppic_node.c
cc -O0 -g -fPIC   -c -o eppic_var.o eppic_var.c
cc -O0 -g -fPIC   -c -o eppic_func.o eppic_func.c
cc -O0 -g -fPIC   -c -o eppic_str.o eppic_str.c
cc -O0 -g -fPIC   -c -o eppic_op.o eppic_op.c
cc -O0 -g -fPIC   -c -o eppic_num.o eppic_num.c
cc -O0 -g -fPIC   -c -o eppic_stat.o eppic_stat.c
cc -O0 -g -fPIC   -c -o eppic_builtin.o eppic_builtin.c
cc -O0 -g -fPIC   -c -o eppic_type.o eppic_type.c
cc -O0 -g -fPIC   -c -o eppic_case.o eppic_case.c
cc -O0 -g -fPIC   -c -o eppic_api.o eppic_api.c
(Continue reading)

Permalink | Reply | 1 comment |
headers
HATAYAMA Daisuke | 14 May 2013 06:15
Favicon

[ANNOUNCE] crash gcore command, version 1.2.1 is released

This is the release of crash gcore command, version 1.2.1.

ChangeLog:

 - Fix failure of coredump at accessing memory for VSYSCALL page due
   to wrong conversion of uvtop which wrongly treats address
   VSYSCALL_START as belongs to kernel direct mapping region. This fix
   executes uvtop in verbose mode to make it always paging and
   retrieves the correct physical address from its output. Without
   this fix, VSYSCALL page fails to be collected and core dump process
   is aborted; though VSYSCALL page is done in the last so allmost all
   corefile is already generated.
   (d.hatayama <at> jp.fujitsu.com)

 - Skip page-faulted pages by lseek() rather than writing zero-filled
   pages. By this, generated core file has holes in the corresponding
   positions for each page-faulted pages if filesystem supports sparse
   files. This is highly useful when the target process has huge
   virtual memory space such as qemu process that has huge physical
   memory of KVM guest machine.
   (d.hatayama <at> jp.fujitsu.com)

 - Fix the bug that filter for hugepage shared/private memory can
   depend on flags other than HP or HS flags. This was introduced at
   the introduction of VM_DONTDUMP where VM_RESERVED flag was
   removed. At the time, there was a check to see if VM_REESRVED flag
   was set after a check to see if VM_HUGETLB. But the latter check
   was not changed when the former check was removed.
   (d.hatayama <at> jp.fujitsu.com)
(Continue reading)

Permalink | Reply | 1 comment |
headers
Dave Anderson | 10 May 2013 22:19
Picon
Favicon

[ANNOUNCE] crash-7.0.0 is available


The upgrade from gdb-7.3.1 to gdb-7.6 has been accomplished with
this release.  It was painful as usual, and as history has proven
in the past, there are going to be regressions.  I've addressed 
several of them, but it's highly likely that others will crop up.

Most notably, the eppic extension module no longer builds, but
that needs to be addressed in the eppic git tree.

Download from: http://people.redhat.com/anderson

Changelog:

 - Updated the embedded gdb version to FSF gdb-7.6, which was officially
   released by the Free Software Foundation on http://www.gnu.org on 
   4/26/13. The primary motivation for upgrading from gdb-7.3.1 is for 
   future ARM64 support, but there are also issues with respect to 
   kernels built with gcc-4.8.0.  The relevant pieces of gdb-7.3.1.patch
   were forward-ported to the gdb-7.6.patch, and the GDB_7_6 #define has
   been applied in the top-level sources where appropriate.
   (anderson <at> redhat.com)

 - Continued incremental steps for support of the ARM64 architecture. 
   (anderson <at> redhat.com)

 - Fix for the "struct name.member <address>" option if the "member"
   name is also coincidentally a member of an embedded structure that is
   located before the targeted member.  Without the patch, the value of
   the embedded structure's member is displayed instead of the targeted
   member.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Aaron Tomlin | 7 May 2013 19:47
Picon
Favicon

[PATCH v3] Show module taint flags

Hi Dave,

Sorry about the delay. I've finally found the time to attempt another version.

As per your request, I've updated *help_mod[] to document the -T option.
Also in this particular version, I omit ' ' and '-', when false, as I'm under 
the impression that we're only interested in true values as per module_flags()
(since 2.6.25).
I suspect that there shouldn't be a situation where a module isn't tainted since
every module is either proprietary license or GPL. However, if this is not 
acceptable I can change this behaviour. 

For module.gpgsig_ok case (as seen in kernel-2.6.32-1.el6), I've decided to follow
the same logic to highlight "(U)" to the user, as per print_modules().
With regards to module.sig_ok, this is handled, as seen under 3.8.9-200.fc18:

	nf_nat                   G 
	bnx2i                    G 
	ip6t_REJECT              G 
	nf_defrag_ipv6           G 
	be2iscsi                 G 
	tun                      G 
	test                     GFO
	
For pre 2.6.28 kernels, I'll work on a solution that simply displays the bit number
to then refer the user to the relevant kernel source for details on what the bit
number means, as per your suggestion. I just wanted to get this version out to the
mailing list for review.

Cheers,
(Continue reading)

Permalink | Reply | 1 comment |
headers
Dave Anderson | 30 Apr 2013 18:13
Picon
Favicon

HEADS-UP: Linux kernel 3.9 debuginfo issues


Something has changed with the vmlinux debuginfo file such that 
the currently-embedded gdb-7.3.1 version in the crash utility
can no longer can find the debuginfo data for text symbols in
Linux 3.9 kernels.

I don't know whether it's due to a change in the kernel build procedure
arguments or maybe the tools used, because there is no such problem as
recently as 3.8.8-100.fc17.

Taking crash out of the picture, the simple gdb "whatis" command
should show the debuginfo data for kernel text symbols.  For example,
here things work OK with gdb-7.5.1-34.el7: 

  # gdb /usr/lib/debug/lib/modules/3.9.0-0.55.el7.x86_64/vmlinux
  GNU gdb (GDB) Red Hat Enterprise Linux (7.5.1-34.el7)
  Copyright (C) 2012 Free Software Foundation, Inc.
  License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
  This is free software: you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
  and "show warranty" for details.
  This GDB was configured as "x86_64-redhat-linux-gnu".
  For bug reporting instructions, please see:
  <http://www.gnu.org/software/gdb/bugs/>...
  Reading symbols from /usr/lib/debug/lib/modules/3.9.0-0.55.el7.x86_64/vmlinux...done.
  (gdb) whatis sys_read
  type = long int (unsigned int, char *, size_t)
  (gdb) whatis schedule
  type = void (void)
  (gdb) whatis kmem_cache_alloc
(Continue reading)

Permalink | Reply | 0 comments |
headers
Jay Lan | 23 Apr 2013 01:38
Picon

How do I get IA64 register R32 and above?

Hi,

I got an IA64 vmcore. The stack backtrace only
printed registers up to R31. How do I get the contents
of R32 and above?

Thanks,
Jay
Permalink | Reply | 6 comments |
headers
qiaonuohan | 12 Apr 2013 09:26
Favicon

fix bug of struct command

Hello Dave,

The attachment is used to fix a bug of struct command.

When using command like below, struct command displays wrong data.

<cut>
crash> task_struct.fs ffff88003dfb5540
    fs = 140234226652928
crash> task_struct ffff88003dfb5540
...
    es = 0,
    ds = 0,
    fsindex = 0,
    gsindex = 0,
    *fs = 140234226652928,*
    gs = 0,
    debugreg0 = 0,
...
    io_bitmap_ptr = 0x0,
    iopl = 0,
    io_bitmap_max = 0
  },
  *fs = 0xffff880037795f00,*
  files = 0xffff8800371b6940,
...
<cut>

fs showed by struct command is a member of "struct thread_struct thread;",
not struct task_struct. This bug is involved by adding support to anonymous
(Continue reading)

Permalink | Reply | 1 comment |

Gmane