├── .gitignore ├── BUILD ├── crash-7.3.2 │ ├── .gitignore │ ├── .rh_rpm_package │ ├── COPYING3 │ ├── Makefile │ ├── Makefilelzo_snappy_zstd.patch │ ├── Makefilerhel8_build.patch │ ├── README │ ├── alpha.c │ ├── arm.c │ ├── arm64.c │ ├── bpf.c │ ├── cmdline.c │ ├── configure.c │ ├── configure.crhel8_build.patch │ ├── crash.8 │ ├── defs.h │ ├── dev.c │ ├── diskdump.c │ ├── diskdump.clzo_snappy_zstd.patch │ ├── diskdump.h │ ├── extensions.c │ ├── extensions │ │ ├── Makefile │ │ ├── dminfo.c │ │ ├── echo.c │ │ ├── eppic.c │ │ ├── eppic.mk │ │ ├── snap.c │ │ └── snap.mk │ ├── filesys.c │ ├── gdb-7.6-ppc64le-support.patch │ ├── gdb-7.6-proc_service.h.patch │ ├── gdb-7.6.patch │ ├── gdb_interface.c │ ├── global_data.c │ ├── help.c │ ├── ia64.c │ ├── ibm_common.h │ ├── ipcs.c │ ├── kaslr_helper.c │ ├── kernel.c │ ├── kvmdump.c │ ├── kvmdump.h │ ├── lkcd_common.c │ ├── lkcd_dump_v5.h │ ├── lkcd_dump_v7.h │ ├── lkcd_dump_v8.h │ ├── lkcd_fix_mem.c │ ├── lkcd_fix_mem.h │ ├── lkcd_v1.c │ ├── lkcd_v2_v3.c │ ├── lkcd_v5.c │ ├── lkcd_v7.c │ ├── lkcd_v8.c │ ├── lkcd_vmdump_v1.h │ ├── lkcd_vmdump_v2_v3.h │ ├── lkcd_x86_trace.c │ ├── lkcd_x86_trace.h │ ├── main.c │ ├── makedumpfile.c │ ├── makedumpfile.h │ ├── memory.c │ ├── memory.crhel8_freepointer.patch │ ├── memory_driver │ │ ├── Makefile │ │ ├── README │ │ └── crash.c │ ├── mips.c │ ├── mips64.c │ ├── net.c │ ├── netdump.c │ ├── netdump.h │ ├── ppc.c │ ├── ppc64.c │ ├── printk.c │ ├── qemu-load.c │ ├── qemu-load.h │ ├── qemu.c │ ├── ramdump.c │ ├── remote.c │ ├── rse.h │ ├── s390.c │ ├── s390_dump.c │ ├── s390dbf.c │ ├── s390x.c │ ├── sadump.c │ ├── sadump.h │ ├── sbitmap.c │ ├── sparc64.c │ ├── symbols.c │ ├── task.c │ ├── test.c │ ├── tools.c │ ├── unwind.c │ ├── unwind.h │ ├── unwind_arm.c │ ├── unwind_decoder.c │ ├── unwind_i.h │ ├── unwind_x86.h │ ├── unwind_x86_32_64.c │ ├── unwind_x86_64.h │ ├── va_server.c │ ├── va_server.h │ ├── va_server_v1.c │ ├── vas_crash.h │ ├── vmcore.h │ ├── vmware_guestdump.c │ ├── vmware_vmss.c │ ├── vmware_vmss.h │ ├── x86.c │ ├── x86_64.c │ ├── xen_dom0.c │ ├── xen_dom0.h │ ├── xen_hyper.c │ ├── xen_hyper_command.c │ ├── xen_hyper_defs.h │ ├── xen_hyper_dump_tables.c │ ├── xen_hyper_global_data.c │ ├── xendump.c │ └── xendump.h └── crash-help.log ├── LICENSE ├── README.md ├── SOURCES ├── 0001-Fix-for-dev-command-on-Linux-5.11-and-later.patch ├── 0001-diskdump-netdump-fix-segmentation-fault-caused-by-fa.patch ├── 0001-ppc64-update-the-NR_CPUS-to-8192.patch ├── 0002-Extend-field-length-of-task-attributes.patch ├── 0002-arm64-Fix-again-segfault-in-arm64_is_kernel_exceptio.patch ├── 0002-sbitmapq-remove-struct-and-member-validation-in-sbit.patch ├── 0003-Fix-invalid-structure-size-error-during-crash-startu.patch ├── 0003-ppc64-fix-bt-for-S-case.patch ├── 0003-sbitmapq-fix-invalid-offset-for-sbitmap_queue_alloc_.patch ├── 0004-ppc64-dynamically-allocate-h-w-interrupt-stack.patch ├── 0004-sbitmapq-fix-invalid-offset-for-sbitmap_queue_round_.patch ├── 0005-ppc64-rename-ppc64_paca_init-to-ppc64_paca_percpu_of.patch ├── 0005-sbitmapq-fix-invalid-offset-for-sbitmap_word_depth-o.patch ├── 0006-ppc64-handle-backtrace-when-CPU-is-in-an-emergency-s.patch ├── 0007-bt-x86_64-filter-out-idle-task-stack.patch ├── 0007-ppc64-print-emergency-stacks-info-with-mach-command.patch ├── 0008-bt-arm64-add-support-for-bt-n-idle.patch ├── 0008-ppc64-use-a-variable-for-machdep-machspec.patch ├── 0009-arm64-Fix-for-st-_stext_vmlinux-not-initialized-when.patch ├── 0010-Enhance-dev-d-D-options-to-support-blk-mq-sbitmap.patch ├── 0010-Fix-gcc-11-compiler-warnings-on-filesys.c.patch ├── 0011-Fix-for-dev-d-D-options-to-support-blk-mq-change-on-.patch ├── 0011-Fix-gcc-11-compiler-warning-on-symbols.c.patch ├── 0012-Doc-update-man-page-for-the-bpf-and-sbitmapq-command.patch ├── 0012-Fix-gcc-11-compiler-warning-on-makedumpfile.c.patch ├── 0013-Fix-gcc-11-compiler-warning-on-kvmdump.c.patch ├── 0013-sbitmapq-Fix-for-sbitmap_queue-without-ws_active-mem.patch ├── 0014-sbitmapq-Fix-for-sbitmap_word-without-cleared-member.patch ├── 0014-x86_64-Fix-for-AMD-SME-issue.patch ├── 0015-Makefile-Fix-unnecessary-re-patching-with-coreutils-.patch ├── 0015-sbitmapq-Fix-for-sbitmap_queue-without-min_shallow_d.patch ├── 0016-Make-dev-d-D-options-parse-sbitmap-on-Linux-4.18-and.patch ├── 0016-arm64-use-TCR_EL1_T1SZ-to-get-the-correct-info-if-va.patch ├── 0017-Fix-task-R-by-adding-end-identifier-for-union-in-tas.patch ├── 0017-sbitmapq-Fix-for-kernels-without-struct-wait_queue_h.patch ├── 0018-Let-gdb-get-kernel-module-symbols-info-from-crash.patch ├── 0018-sbitmapq-Limit-kernels-without-sbitmap-again.patch ├── 0019-x86_64-Correct-the-identifier-when-locating-the-call.patch ├── 0020-Add-debian-ubuntu-vmlinux-location-to-default-search.patch ├── 0021-Fix-gcc-12-compiler-warnings-on-lkcd_-.c.patch ├── 0022-Fix-for-the-invalid-linux_banner-pointer-issue.patch ├── 0023-Fix-kmem-failing-to-print-task-context-when-address-.patch ├── 0024-Fix-page-offset-issue-when-converting-physical-to-vi.patch ├── 0025-Let-kmem-print-task-context-with-physical-address.patch ├── 0026-ppc64-still-allow-to-move-on-if-the-emergency-stacks.patch ├── 0027-Fix-segmentation-fault-in-page_flags_init_from_pagef.patch ├── 0028-Fix-for-ps-vm-commands-to-display-correct-MEM-and-RS.patch ├── crash-7.3.2.tar.gz ├── gdb-7.6.tar.gz ├── lzo_snappy_zstd.patch ├── rhel8_build.patch └── rhel8_freepointer.patch ├── SPECS └── crash.spec ├── SUMMARY.md ├── docs ├── crash命令.md ├── crash命令 │ ├── alias.md │ ├── ascii.md │ ├── bpf.md │ ├── bt.md │ ├── btop.md │ ├── dev.md │ ├── dis.md │ ├── eval.md │ ├── exit.md │ ├── extend.md │ ├── files.md │ ├── foreach.md │ ├── fuser.md │ ├── gdb.md │ ├── help.md │ ├── image │ │ ├── 20220404_174226_98.png │ │ ├── 20220404_174354_86.png │ │ └── 20220405_115354_99.png │ ├── ipcs.md │ ├── irq.md │ ├── kmem.md │ ├── list.md │ ├── log.md │ ├── mach.md │ ├── mod.md │ ├── mount.md │ ├── net.md │ ├── p.md │ ├── ps.md │ ├── pte.md │ ├── ptob.md │ ├── ptov.md │ ├── q.md │ ├── rd.md │ ├── repeat.md │ ├── runq.md │ ├── search.md │ ├── set.md │ ├── sig.md │ ├── struct.md │ ├── swap.md │ ├── sym.md │ ├── sys.md │ ├── task.md │ ├── timer.md │ ├── tree.md │ ├── union.md │ ├── vm.md │ ├── vtop.md │ ├── waitq.md │ ├── whatis.md │ ├── wr.md │ └── 指针.md ├── crash基本用法.md ├── crash基本用法 │ ├── image │ │ ├── 20220405_164910_92.png │ │ ├── 20220405_171558_94.png │ │ ├── 20220405_171610_01.png │ │ ├── 20220405_222204_63.png │ │ ├── 20220406_100624_95.png │ │ ├── 20220406_102316_32.png │ │ ├── 20220406_103200_69.png │ │ ├── 20220406_103354_59.png │ │ ├── 20220406_104336_56.png │ │ ├── 20220406_104345_37.png │ │ ├── 20220406_104352_45.png │ │ ├── 20220406_105222_89.png │ │ ├── 20220406_105248_97.png │ │ ├── 20220406_110952_23.png │ │ ├── 20220406_111626_83.png │ │ ├── 20220406_111758_18.png │ │ ├── 20220406_111847_48.png │ │ ├── 20220406_112134_15.png │ │ ├── 20220406_112156_85.png │ │ ├── 20220406_121541_93.png │ │ ├── 20220406_121941_14.png │ │ ├── 20220406_122449_95.png │ │ ├── 20220406_122505_20.png │ │ ├── 20220406_122514_53.png │ │ ├── 20220406_122752_14.png │ │ ├── 20220406_122843_11.png │ │ ├── 20220406_134908_46.png │ │ ├── 20220406_160048_70.png │ │ ├── 20220406_160829_85.png │ │ ├── 20220406_162400_47.png │ │ ├── 20220406_172011_44.png │ │ ├── 20220406_172302_16.png │ │ ├── 20220406_172305_99.png │ │ ├── 20220406_172715_61.png │ │ ├── 20220406_173549_03.png │ │ └── arm.png │ ├── x86_64虚拟地址空间布局.md │ ├── 栈回溯机制.md │ ├── 获取pfn_page_mem_map.md │ ├── 获取当前系统支持的文件系统.md │ ├── 获取所有task元数据.md │ ├── 获取进程CR3寄存器值.md │ └── 获取进程vm_area_struct链表.md ├── image │ ├── 20220329_151704_85.png │ └── 20220331_212651_15.png ├── 分析工具.md ├── 基础知识.md ├── 基础知识 │ ├── ELF符号.md │ ├── X86堆栈.md │ ├── crash.md │ ├── crashkernel启动参数.md │ ├── image │ │ ├── 20220315_121406_84.png │ │ ├── 20220401_203558_75.png │ │ ├── 20220402_092127_48.png │ │ ├── 20220402_092247_89.png │ │ ├── 20220402_102021_48.png │ │ ├── 20220402_102211_16.png │ │ ├── 20220403_111014_82.png │ │ ├── 20220403_111502_98.png │ │ ├── 20220403_111506_75.png │ │ ├── 20220403_182534_38.png │ │ ├── 20220403_182551_28.png │ │ ├── 20220403_182602_86.png │ │ ├── 20220403_182620_41.png │ │ ├── 20220403_182636_86.png │ │ ├── 20220403_203908_47.png │ │ ├── 20220403_204237_76.png │ │ ├── 20220403_204356_22.png │ │ ├── 20220403_205319_66.png │ │ ├── 20220403_205758_29.png │ │ ├── 20220403_205854_32.png │ │ ├── 20220403_210353_18.png │ │ ├── 20220403_210705_48.png │ │ ├── 20220403_211140_76.png │ │ ├── 20220403_211300_64.png │ │ ├── 20220403_211509_57.png │ │ ├── 20220403_211824_38.png │ │ ├── 20220403_212122_87.png │ │ ├── 20220403_212222_46.png │ │ ├── 20220403_212511_29.png │ │ ├── 20220403_212714_14.png │ │ ├── 20220403_213237_32.png │ │ ├── 20220403_213400_62.png │ │ ├── 20220403_213602_82.png │ │ ├── 20220403_214032_81.png │ │ ├── 20220403_214227_28.png │ │ ├── 20220403_214355_64.png │ │ ├── 20220403_215601_74.png │ │ ├── 20220403_221740_39.png │ │ ├── 20220403_221748_14.png │ │ ├── 20220403_221753_15.png │ │ ├── 20220403_221759_77.png │ │ ├── 20220403_222228_34.png │ │ ├── 20220404_082036_88.png │ │ ├── 20220404_082422_33.png │ │ ├── 20220404_082505_69.png │ │ ├── 20220404_082727_13.png │ │ ├── 20220404_162536_84.png │ │ ├── 20220404_162706_54.png │ │ ├── 20220404_162949_59.png │ │ ├── 20220404_163044_71.png │ │ ├── 20220404_163258_40.png │ │ ├── 20220404_163737_35.png │ │ ├── 20220404_164046_62.png │ │ ├── 20220404_164437_64.png │ │ ├── 20220404_164942_31.png │ │ ├── 20220404_165243_50.png │ │ ├── 20220404_165726_76.png │ │ ├── 20220404_165744_10.png │ │ ├── 20220404_165926_40.png │ │ ├── 20220404_170058_54.png │ │ ├── 20220404_170137_97.png │ │ ├── 20220404_170753_93.png │ │ ├── 20220404_170811_60.png │ │ ├── 20220404_170828_07.png │ │ ├── 20220404_170839_62.png │ │ ├── 20220404_170854_79.png │ │ ├── 20220404_171807_15.png │ │ ├── 20220404_171819_89.png │ │ ├── 20220404_171920_98.png │ │ ├── 20220404_171956_63.png │ │ ├── 20220404_172003_57.png │ │ ├── 20220404_172142_86.png │ │ ├── 20220404_172540_24.png │ │ ├── 20220404_172738_55.png │ │ ├── 20220404_172746_47.png │ │ ├── 20220404_172920_35.png │ │ ├── 20220404_172959_12.png │ │ ├── 20220404_173022_65.png │ │ ├── 20220404_173048_61.png │ │ ├── 20220404_173058_12.png │ │ ├── 20220404_205005_50.png │ │ ├── 20220404_205056_15.png │ │ ├── 20220404_212417_63.png │ │ ├── 20220404_212532_40.png │ │ ├── 20220404_212726_41.png │ │ ├── 20220404_213045_28.png │ │ └── 20220405_111406_89.png │ ├── kdump.md │ ├── no-omit-frame-pointer.md │ ├── sysrq-trigger功能.md │ ├── 内核ELF中的percpu变量.md │ └── 进程内存空间.md ├── 案例.md ├── 案例 │ ├── NULLPOINTER-空指针参数.md │ ├── softlockup-等待状态寄存器.md │ ├── 内核模块触发空指针异常.md │ ├── 内核链表踩踏-前序节点.md │ ├── 内核链表踩踏-后继节点.md │ └── 手动触发panic.md ├── 源码分析.md ├── 源码分析 │ ├── kdump服务.md │ ├── kexec用户态程序.md │ └── kexec系统调用.md ├── 问题分类.md └── 问题分类 │ ├── Oops.md │ ├── hard-locakup.md │ ├── panic.md │ └── soft-lockup.md ├── image ├── 20220315_140057_50.png ├── 20220402_140850_41.png ├── 20220403_204433_64.png ├── 20220405_094715_95.png └── 20220406_160055_99.png └── reference ├── Analysis and Visualization of Linux Core Dumps.pdf ├── Basics_of_Kernel_Crash_Dump_Analysis.pdf └── Linux_Kernel_Crash_Book.pdf /.gitignore: -------------------------------------------------------------------------------- 1 | RPMS 2 | SRPMS 3 | BUILDROOT 4 | *.swp 5 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/.gitignore: -------------------------------------------------------------------------------- 1 | configure 2 | build_data.c 3 | cscope.out 4 | crashlib.a 5 | *.o 6 | crash 7 | CFLAGS.extra 8 | LDFLAGS.extra 9 | crash.spec 10 | *.gz 11 | *.rpm 12 | gdb.files 13 | gdb-7.6/ 14 | extensions/defs.h 15 | extensions/*.so 16 | extensions/eppic 17 | 18 | # cscope files 19 | cscope.* 20 | ncscope.* 21 | 22 | # ctags files 23 | tags 24 | TAGS 25 | 26 | # Clang's compilation database file 27 | /compile_commands.json 28 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/.rh_rpm_package: -------------------------------------------------------------------------------- 1 | 7.3.2 2 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/extensions/Makefile: -------------------------------------------------------------------------------- 1 | # 2 | # Makefile for building crash shared object extensions 3 | # 4 | # Copyright (C) 2005, 2007, 2009, 2011, 2013 David Anderson 5 | # Copyright (C) 2005, 2007, 2009, 2011, 2013 Red Hat, Inc. All rights reserved. 6 | # 7 | # This program is free software; you can redistribute it and/or modify 8 | # it under the terms of the GNU General Public License as published by 9 | # the Free Software Foundation; either version 2 of the License, or 10 | # (at your option) any later version. 11 | # 12 | # This program is distributed in the hope that it will be useful, 13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | # GNU General Public License for more details. 16 | # 17 | # To build the extension shared objects in this directory, run 18 | # "make extensions" from the top-level directory. 19 | # 20 | # To add a new extension object, simply copy your module's .c file 21 | # to this directory, and it will be built automatically using 22 | # the "standard" compile line. If that compile line does not 23 | # suffice, create a .mk file with the same prefix as the .c file, 24 | # and that makefile will be invoked. 25 | # 26 | 27 | CONTRIB_SO := $(patsubst %.c,%.so,$(wildcard *.c)) 28 | 29 | all: link_defs $(CONTRIB_SO) 30 | 31 | link_defs: 32 | @rm -f defs.h 33 | @ln ../defs.h 34 | 35 | $(CONTRIB_SO): %.so: %.c defs.h 36 | @if [ -f $*.mk ]; then \ 37 | $(MAKE) -f $*.mk; \ 38 | else \ 39 | grep '((constructor))' $*.c > .constructor; \ 40 | if [ -s .constructor ]; then \ 41 | echo "gcc -Wall -g -shared -rdynamic -o $@ $*.c -fPIC -D$(TARGET) $(TARGET_CFLAGS) $(GDB_FLAGS)"; \ 42 | gcc -Wall -g -shared -rdynamic -o $@ $*.c -fPIC -D$(TARGET) $(TARGET_CFLAGS) $(GDB_FLAGS); \ 43 | fi; \ 44 | if [ ! -s .constructor ]; then \ 45 | echo "gcc -Wall -g -nostartfiles -shared -rdynamic -o $@ $*.c -fPIC -D$(TARGET) $(TARGET_CFLAGS) $(GDB_FLAGS)"; \ 46 | gcc -Wall -g -nostartfiles -shared -rdynamic -o $@ $*.c -fPIC -D$(TARGET) $(TARGET_CFLAGS) $(GDB_FLAGS); \ 47 | fi; \ 48 | rm -f .constructor; \ 49 | fi 50 | 51 | clean: 52 | rm -f $(CONTRIB_SO) 53 | @for MAKEFILE in `grep -sl "^clean:" *.mk`; \ 54 | do $(MAKE) -f $$MAKEFILE clean; \ 55 | done 56 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/extensions/echo.c: -------------------------------------------------------------------------------- 1 | /* echo.c - simple example of a crash extension 2 | * 3 | * Copyright (C) 2001, 2002 Mission Critical Linux, Inc. 4 | * Copyright (C) 2002-2005, 2007, 2013 David Anderson 5 | * Copyright (C) 2002-2005, 2007, 2013 Red Hat, Inc. All rights reserved. 6 | * 7 | * This program is free software; you can redistribute it and/or modify 8 | * it under the terms of the GNU General Public License as published by 9 | * the Free Software Foundation; either version 2 of the License, or 10 | * (at your option) any later version. 11 | * 12 | * This program is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU General Public License for more details. 16 | */ 17 | 18 | #include "defs.h" /* From the crash source top-level directory */ 19 | 20 | static void echo_init(void); /* constructor function */ 21 | static void echo_fini(void); /* destructor function (optional) */ 22 | 23 | static void cmd_echo(void); /* Declare the commands and their help data. */ 24 | static char *help_echo[]; 25 | 26 | /* 27 | * Please making the functions and global variables static within your 28 | * extension if you don't want to make them visiable to subsequently 29 | * loaded extensions. Otherwise, non-static symbols within 2 extensions 30 | * that have the same name can cause confliction. 31 | */ 32 | static struct command_table_entry command_table[] = { 33 | { "echo", cmd_echo, help_echo, 0}, /* One or more commands, */ 34 | { NULL }, /* terminated by NULL, */ 35 | }; 36 | 37 | 38 | static void __attribute__((constructor)) 39 | echo_init(void) /* Register the command set. */ 40 | { 41 | register_extension(command_table); 42 | } 43 | 44 | /* 45 | * This function is called if the shared object is unloaded. 46 | * If desired, perform any cleanups here. 47 | */ 48 | static void __attribute__((destructor)) 49 | echo_fini(void) { } 50 | 51 | 52 | /* 53 | * Arguments are passed to the command functions in the global args[argcnt] 54 | * array. See getopt(3) for info on dash arguments. Check out defs.h and 55 | * other crash commands for usage of the myriad of utility routines available 56 | * to accomplish what your task. 57 | */ 58 | static void 59 | cmd_echo(void) 60 | { 61 | int c; 62 | 63 | while ((c = getopt(argcnt, args, "")) != EOF) { 64 | switch(c) 65 | { 66 | default: 67 | argerrs++; 68 | break; 69 | } 70 | } 71 | 72 | if (argerrs) 73 | cmd_usage(pc->curcmd, SYNOPSIS); 74 | 75 | while (args[optind]) 76 | fprintf(fp, "%s ", args[optind++]); 77 | 78 | fprintf(fp, "\n"); 79 | } 80 | 81 | /* 82 | * The optional help data is simply an array of strings in a defined format. 83 | * For example, the "help echo" command will use the help_echo[] string 84 | * array below to create a help page that looks like this: 85 | * 86 | * NAME 87 | * echo - echoes back its arguments 88 | * 89 | * SYNOPSIS 90 | * echo arg ... 91 | * 92 | * DESCRIPTION 93 | * This command simply echoes back its arguments. 94 | * 95 | * EXAMPLE 96 | * Echo back all command arguments: 97 | * 98 | * crash> echo hello, world 99 | * hello, world 100 | * 101 | */ 102 | 103 | static char *help_echo[] = { 104 | "echo", /* command name */ 105 | "echoes back its arguments", /* short description */ 106 | "arg ...", /* argument synopsis, or " " if none */ 107 | 108 | " This command simply echoes back its arguments.", 109 | "\nEXAMPLE", 110 | " Echo back all command arguments:\n", 111 | " crash> echo hello, world", 112 | " hello, world", 113 | NULL 114 | }; 115 | 116 | 117 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/extensions/eppic.c: -------------------------------------------------------------------------------- 1 | /* 2 | Place holder for proper working of the extension Makefile. 3 | Eppic crash application file is in eppic/applications/crash/eppic.c 4 | */ 5 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/extensions/eppic.mk: -------------------------------------------------------------------------------- 1 | # 2 | # This program is free software; you can redistribute it and/or modify 3 | # it under the terms of the GNU General Public License as published by 4 | # the Free Software Foundation; either version 2 of the License, or 5 | # (at your option) any later version. 6 | # 7 | # This program is distributed in the hope that it will be useful, 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10 | # GNU General Public License for more details. 11 | 12 | TARGET_FLAGS = -D$(TARGET) 13 | ifeq ($(TARGET), PPC64) 14 | TARGET_FLAGS += -m64 15 | endif 16 | ifeq ($(TARGET), ARM) 17 | TARGET_FLAGS += -m32 18 | endif 19 | ifeq ($(TARGET), MIPS) 20 | TARGET_FLAGS += -m32 21 | endif 22 | ifeq ($(TARGET), X86) 23 | TARGET_FLAGS += -m32 24 | endif 25 | 26 | APPFILE=eppic/applications/crash/eppic.c 27 | GIT := $(shell which git 2> /dev/null) 28 | 29 | all: 30 | @if [ -f /usr/bin/flex ] && [ -f /usr/bin/bison ]; then \ 31 | if [ -f ../$(GDB)/crash.target ]; \ 32 | then \ 33 | if [ ! -f $(APPFILE) ]; \ 34 | then \ 35 | if [ -f "$(GIT)" ]; \ 36 | then \ 37 | if [ -n "$(EPPIC_GIT_URL)" ]; then \ 38 | git clone $(EPPIC_GIT_OPTIONS) $(EPPIC_GIT_URL) eppic; \ 39 | else \ 40 | if ping -c 1 -W 5 github.com >/dev/null ; then \ 41 | git clone $(EPPIC_GIT_OPTIONS) https://github.com/lucchouina/eppic.git eppic; \ 42 | fi; \ 43 | fi; \ 44 | else \ 45 | if [ ! -f "$(GIT)" ]; then \ 46 | echo "eppic.so: git command is needed for pulling eppic extension code"; \ 47 | fi; \ 48 | fi; \ 49 | fi; \ 50 | if [ -f $(APPFILE) ]; \ 51 | then \ 52 | make -f eppic.mk eppic.so; \ 53 | else \ 54 | echo "eppic.so: failed to pull eppic code from git repo"; \ 55 | fi; \ 56 | else \ 57 | echo "eppic.so: build failed: requires the crash $(GDB) module"; \ 58 | fi ;\ 59 | else \ 60 | echo "eppic.so: build failed: requires /usr/bin/flex and /usr/bin/bison"; \ 61 | fi 62 | 63 | lib-eppic: 64 | cd eppic/libeppic && make 65 | 66 | eppic.so: ../defs.h $(APPFILE) lib-eppic 67 | gcc -g -Ieppic/libeppic -I../$(GDB)/gdb -I../$(GDB)/bfd -I../$(GDB)/include -I../$(GDB)/gdb/config -I../$(GDB)/gdb/common -I../$(GDB) -nostartfiles -shared -rdynamic -o eppic.so $(APPFILE) -fPIC $(TARGET_FLAGS) $(GDB_FLAGS) -Leppic/libeppic -leppic 68 | 69 | clean: 70 | if [ -d eppic/libeppic ]; \ 71 | then \ 72 | cd eppic/libeppic && make -i clean; \ 73 | fi 74 | rm -f eppic.so 75 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/extensions/snap.mk: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2009, 2011, 2013 David Anderson 3 | # Copyright (C) 2009, 2011, 2013 Red Hat, Inc. All rights reserved. 4 | # 5 | # This program is free software; you can redistribute it and/or modify 6 | # it under the terms of the GNU General Public License as published by 7 | # the Free Software Foundation; either version 2 of the License, or 8 | # (at your option) any later version. 9 | # 10 | # This program is distributed in the hope that it will be useful, 11 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 | # GNU General Public License for more details. 14 | # 15 | 16 | ifeq ($(shell arch), i686) 17 | TARGET=X86 18 | TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64 19 | endif 20 | ifeq ($(shell arch), ppc64) 21 | TARGET=PPC64 22 | TARGET_CFLAGS=-m64 23 | endif 24 | ifeq ($(shell arch), ppc64le) 25 | TARGET=PPC64 26 | TARGET_CFLAGS=-m64 27 | endif 28 | ifeq ($(shell arch), ia64) 29 | TARGET=IA64 30 | TARGET_CFLAGS= 31 | endif 32 | ifeq ($(shell arch), x86_64) 33 | TARGET=X86_64 34 | TARGET_CFLAGS= 35 | endif 36 | 37 | ifeq ($(shell /bin/ls /usr/include/crash/defs.h 2>/dev/null), /usr/include/crash/defs.h) 38 | INCDIR=/usr/include/crash 39 | endif 40 | ifeq ($(shell /bin/ls ../defs.h 2> /dev/null), ../defs.h) 41 | INCDIR=.. 42 | endif 43 | ifeq ($(shell /bin/ls ./defs.h 2> /dev/null), ./defs.h) 44 | INCDIR=. 45 | endif 46 | 47 | all: snap.so 48 | 49 | snap.so: $(INCDIR)/defs.h snap.c 50 | gcc -Wall -g -I$(INCDIR) -shared -rdynamic -o snap.so snap.c -fPIC -D$(TARGET) $(TARGET_CFLAGS) $(GDB_FLAGS) 51 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/gdb-7.6-proc_service.h.patch: -------------------------------------------------------------------------------- 1 | --- gdb-7.6/gdb/gdb_proc_service.h.orig 2 | +++ gdb-7.6/gdb/gdb_proc_service.h 3 | @@ -115,7 +115,7 @@ extern pid_t ps_getpid (struct ps_procha 4 | /* Fetch the special per-thread address associated with the given LWP. 5 | This call is only used on a few platforms (most use a normal register). 6 | The meaning of the `int' parameter is machine-dependent. */ 7 | -extern ps_err_e ps_get_thread_area (const struct ps_prochandle *, 8 | +extern ps_err_e ps_get_thread_area (struct ps_prochandle *, 9 | lwpid_t, int, psaddr_t *); 10 | 11 | 12 | --- gdb-7.6/gdb/amd64-linux-nat.c.orig 13 | +++ gdb-7.6/gdb/amd64-linux-nat.c 14 | @@ -493,7 +493,7 @@ amd64_linux_new_fork (struct lwp_info *p 15 | a request for a thread's local storage address. */ 16 | 17 | ps_err_e 18 | -ps_get_thread_area (const struct ps_prochandle *ph, 19 | +ps_get_thread_area (struct ps_prochandle *ph, 20 | lwpid_t lwpid, int idx, void **base) 21 | { 22 | if (gdbarch_bfd_arch_info (target_gdbarch ())->bits_per_word == 32) 23 | --- gdb-7.6/gdb/aarch64-linux-nat.c.orig 24 | +++ gdb-7.6/gdb/aarch64-linux-nat.c 25 | @@ -750,7 +750,7 @@ aarch64_linux_new_fork (struct lwp_info 26 | storage (or its descriptor). */ 27 | 28 | ps_err_e 29 | -ps_get_thread_area (const struct ps_prochandle *ph, 30 | +ps_get_thread_area (struct ps_prochandle *ph, 31 | lwpid_t lwpid, int idx, void **base) 32 | { 33 | struct iovec iovec; 34 | --- gdb-7.6/gdb/arm-linux-nat.c.orig 35 | +++ gdb-7.6/gdb/arm-linux-nat.c 36 | @@ -613,7 +613,7 @@ supply_fpregset (struct regcache *regcac 37 | /* Fetch the thread-local storage pointer for libthread_db. */ 38 | 39 | ps_err_e 40 | -ps_get_thread_area (const struct ps_prochandle *ph, 41 | +ps_get_thread_area (struct ps_prochandle *ph, 42 | lwpid_t lwpid, int idx, void **base) 43 | { 44 | if (ptrace (PTRACE_GET_THREAD_AREA, lwpid, NULL, base) != 0) 45 | --- gdb-7.6/gdb/i386-linux-nat.c.orig 46 | +++ gdb-7.6/gdb/i386-linux-nat.c 47 | @@ -849,7 +849,7 @@ i386_linux_new_fork (struct lwp_info *pa 48 | storage (or its descriptor). */ 49 | 50 | ps_err_e 51 | -ps_get_thread_area (const struct ps_prochandle *ph, 52 | +ps_get_thread_area (struct ps_prochandle *ph, 53 | lwpid_t lwpid, int idx, void **base) 54 | { 55 | /* NOTE: cagney/2003-08-26: The definition of this buffer is found 56 | --- gdb-7.6/gdb/mips-linux-nat.c.orig 57 | +++ gdb-7.6/gdb/mips-linux-nat.c 58 | @@ -154,7 +154,7 @@ mips64_linux_register_addr (struct gdbarch *gdbarch, int regno, int store) 59 | /* Fetch the thread-local storage pointer for libthread_db. */ 60 | 61 | ps_err_e 62 | -ps_get_thread_area (const struct ps_prochandle *ph, 63 | +ps_get_thread_area (struct ps_prochandle *ph, 64 | lwpid_t lwpid, int idx, void **base) 65 | { 66 | if (ptrace (PTRACE_GET_THREAD_AREA, lwpid, NULL, base) != 0) 67 | 68 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/kvmdump.h: -------------------------------------------------------------------------------- 1 | /* 2 | * kvmdump.h 3 | * 4 | * Copyright (C) 2009, 2010 David Anderson 5 | * Copyright (C) 2009, 2010 Red Hat, Inc. All rights reserved. 6 | * 7 | * This program is free software; you can redistribute it and/or modify 8 | * it under the terms of the GNU General Public License as published by 9 | * the Free Software Foundation; either version 2 of the License, or 10 | * (at your option) any later version. 11 | * 12 | * This program is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU General Public License for more details. 16 | */ 17 | 18 | struct mapinfo_trailer { 19 | uint64_t map_start_offset; 20 | uint64_t phys_base; 21 | uint32_t cpu_version_id; 22 | uint32_t ram_version_id; 23 | uint64_t checksum; 24 | uint64_t magic; 25 | }; 26 | 27 | struct register_set { 28 | uint32_t cs; 29 | uint32_t ss; 30 | uint32_t ds; 31 | uint32_t es; 32 | uint32_t fs; 33 | uint32_t gs; 34 | uint64_t ip; 35 | uint64_t flags; 36 | uint64_t regs[16]; 37 | }; 38 | 39 | #define REGS_MAGIC (0xfeedbeefdeadbabeULL) 40 | #define MAPFILE_MAGIC (0xfeedbabedeadbeefULL) 41 | #define CHKSUM_SIZE (4096) 42 | 43 | #define KVMDUMP_CACHED_PAGES 32 44 | 45 | struct kvmdump_data { 46 | ulong flags; 47 | FILE *ofp; 48 | FILE *vmp; 49 | int mapfd; 50 | int vmfd; 51 | struct mapinfo_trailer mapinfo; 52 | /* page cache */ 53 | struct kvm_page_cache_hdr { 54 | uint64_t paddr; 55 | char *bufptr; 56 | } page_cache[KVMDUMP_CACHED_PAGES]; 57 | union { 58 | char *curbufptr; 59 | unsigned char compressed; 60 | } un; 61 | int evict_index; 62 | ulong accesses; 63 | ulong hit_count; 64 | ulong compresses; 65 | uint64_t kvbase; 66 | ulong *debug; 67 | uint64_t cpu_devices; 68 | struct register_set *registers; 69 | uint64_t iohole; 70 | }; 71 | 72 | #define TMPFILE (0x2) 73 | #define MAPFILE (0x4) 74 | #define MAPFILE_FOUND (0x8) 75 | #define MAPFILE_APPENDED (0x10) 76 | #define NO_PHYS_BASE (0x20) 77 | #define KVMHOST_32 (0x40) 78 | #define KVMHOST_64 (0x80) 79 | #define REGS_FROM_DUMPFILE (0x100) 80 | #define REGS_FROM_MAPFILE (0x200) 81 | #define REGS_NOT_AVAIL (0x400) 82 | 83 | extern struct kvmdump_data *kvm; 84 | 85 | #undef dprintf 86 | #define dprintf(x...) do { if (*(kvm->debug)) fprintf(kvm->ofp, x); } while (0) 87 | 88 | int store_mapfile_offset(uint64_t, off_t *); 89 | int load_mapfile_offset(uint64_t, off_t *); 90 | 91 | struct qemu_device_x86; 92 | int kvmdump_regs_store(uint32_t, struct qemu_device_x86 *); 93 | #define KVMDUMP_REGS_START (NR_CPUS+1) 94 | #define KVMDUMP_REGS_END (NR_CPUS+2) 95 | 96 | #define UPPER_32_BITS (0xffffffff00000000ULL) 97 | 98 | enum CPU_REG { 99 | R_EAX, 100 | R_ECX, 101 | R_EDX, 102 | R_EBX, 103 | R_ESP, 104 | R_EBP, 105 | R_ESI, 106 | R_EDI, 107 | R_GP_MAX, 108 | }; 109 | 110 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/lkcd_fix_mem.c: -------------------------------------------------------------------------------- 1 | /* lkcd_fix_mem.c 2 | * 3 | * Copyright (C) 2004 Hewlett-Packard Development Company, L.P. 4 | * Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc. 5 | * Copyright (C) 2002, 2003, 2004, 2005 David Anderson 6 | * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc. All rights reserved. 7 | * 8 | * This program is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 2 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | */ 18 | 19 | #ifdef IA64 20 | 21 | #define LKCD_COMMON 22 | #include "defs.h" 23 | #include "lkcd_dump_v8.h" 24 | 25 | static int fix_addr(dump_header_asm_t *); 26 | 27 | int 28 | fix_addr_v8(dump_header_asm_t *dha) 29 | { 30 | fix_addr(dha); 31 | 32 | return 0; 33 | } 34 | 35 | int 36 | fix_addr_v7(int fd) 37 | { 38 | static dump_header_asm_t dump_header_asm_v7 = { 0 }; 39 | dump_header_asm_t *dha; 40 | dha = &dump_header_asm_v7; 41 | 42 | if (read(lkcd->fd, dha, sizeof(dump_header_asm_t)) != 43 | sizeof(dump_header_asm_t)) 44 | return -1; 45 | 46 | fix_addr(dha); 47 | 48 | return 0; 49 | } 50 | 51 | static int 52 | fix_addr(dump_header_asm_t *dha) 53 | { 54 | lkcd->dump_header_asm = dha; 55 | 56 | 57 | if (dha->dha_magic_number == DUMP_ASM_MAGIC_NUMBER && dha->dha_version > 3) { 58 | int num; 59 | int i = 0; 60 | 61 | num = dha->dha_smp_num_cpus; 62 | 63 | 64 | lkcd->fix_addr_num = 0; 65 | if (num && (lkcd->fix_addr = malloc(num * sizeof(struct fix_addrs)))) { 66 | while (i < num) { 67 | if (dha->dha_stack[i] && dha->dha_smp_current_task[i]) { 68 | lkcd->fix_addr[i].task = (ulong)dha->dha_smp_current_task[i]; 69 | lkcd->fix_addr[i].saddr = (ulong)dha->dha_stack[i]; 70 | lkcd->fix_addr[i].sw = (ulong)dha->dha_stack_ptr[i]; 71 | /* remember the highest non-zero entry */ 72 | lkcd->fix_addr_num = i + 1; 73 | } else { 74 | lkcd->fix_addr[i].task = (ulong)0; 75 | } 76 | i++; 77 | } 78 | } 79 | } 80 | 81 | return 0; 82 | } 83 | 84 | ulong 85 | get_lkcd_switch_stack(ulong task) 86 | { 87 | int i; 88 | 89 | if (lkcd->fix_addr_num == 0) 90 | return 0; 91 | 92 | for (i = 0; i < lkcd->fix_addr_num; i++) { 93 | if (task == lkcd->fix_addr[i].task) { 94 | return lkcd->fix_addr[i].sw; 95 | } 96 | } 97 | return 0; 98 | } 99 | 100 | int lkcd_get_kernel_start_v8(ulong *addr) 101 | { 102 | if (!addr) 103 | return 0; 104 | 105 | *addr = ((dump_header_asm_t *)lkcd->dump_header_asm)->dha_kernel_addr; 106 | 107 | return 1; 108 | } 109 | 110 | #endif // IA64 111 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/makedumpfile.h: -------------------------------------------------------------------------------- 1 | /* 2 | * makedumpfile.h 3 | * 4 | * This code is for reading a dumpfile ganarated by makedumpfile command. 5 | * 6 | * Copyright (C) 2011 NEC Soft, Ltd. 7 | * 8 | * This program is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 2 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | * 18 | * Author: Ken'ichi Ohmichi 19 | */ 20 | 21 | /* 22 | * makedumpfile header 23 | * For re-arranging the dump data on different architecture, all the 24 | * variables are defined by 64bits. The size of signature is aligned 25 | * to 64bits, and change the values to big endian. 26 | */ 27 | #define MAKEDUMPFILE_SIGNATURE "makedumpfile" 28 | #define NUM_SIG_MDF (sizeof(MAKEDUMPFILE_SIGNATURE) - 1) 29 | #define SIZE_SIG_MDF roundup(sizeof(char) * NUM_SIG_MDF, 8) 30 | #define SIG_LEN_MDF (SIZE_SIG_MDF / sizeof(char)) 31 | #define MAX_SIZE_MDF_HEADER (4096) /* max size of makedumpfile_header */ 32 | #define TYPE_FLAT_HEADER (1) /* type of flattened format */ 33 | #define VERSION_FLAT_HEADER (1) /* current version of flattened format */ 34 | #define END_FLAG_FLAT_HEADER (-1) 35 | 36 | struct makedumpfile_header { 37 | char signature[SIG_LEN_MDF]; /* = "makedumpfile" */ 38 | int64_t type; 39 | int64_t version; 40 | }; 41 | 42 | struct makedumpfile_data_header { 43 | int64_t offset; 44 | int64_t buf_size; 45 | }; 46 | 47 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/memory_driver/Makefile: -------------------------------------------------------------------------------- 1 | # This program is free software; you can redistribute it and/or modify 2 | # it under the terms of the GNU General Public License as published by 3 | # the Free Software Foundation; either version 2 of the License, or 4 | # (at your option) any later version. 5 | # 6 | # This program is distributed in the hope that it will be useful, 7 | # but WITHOUT ANY WARRANTY; without even the implied warranty of 8 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 9 | # GNU General Public License for more details. 10 | # 11 | obj-m := crash.o 12 | all: 13 | make -C /lib/modules/`uname -r`/build M=${PWD} SUBDIRS=${PWD} modules 14 | clean: 15 | rm -f *.mod.c *.ko *.o Module.* 16 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/memory_driver/README: -------------------------------------------------------------------------------- 1 | For live system analysis, the physical memory source must be one 2 | of the following devices: 3 | 4 | /dev/mem 5 | /proc/kcore 6 | /dev/crash 7 | 8 | If the live system kernel was configured with CONFIG_STRICT_DEVMEM 9 | or CONFIG_HARDENED_USERCOPY, then /dev/mem cannot be used. 10 | 11 | If the live system kernel was configured without CONFIG_PROC_KCORE, 12 | or if /proc/kcore is non-functional, then /proc/kcore cannot be used. 13 | 14 | The third alternative is this /dev/crash driver. Presuming that 15 | /lib/modules/`uname -r`/build points to a kernel build tree or 16 | kernel "devel" package tree, the module can simply be built and 17 | installed like so: 18 | 19 | # make 20 | ... 21 | # insmod crash.ko 22 | 23 | Once installed, the /dev/crash driver will be used by default for 24 | live system crash sessions. 25 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/rse.h: -------------------------------------------------------------------------------- 1 | #ifndef _ASM_IA64_RSE_H 2 | #define _ASM_IA64_RSE_H 3 | 4 | /* 5 | * Copyright (C) 1998, 1999 Hewlett-Packard Co 6 | * Copyright (C) 1998, 1999 David Mosberger-Tang 7 | */ 8 | 9 | /* 10 | * rse.h 11 | * 12 | * Copyright (C) 2002, 2003, 2004, 2005 David Anderson 13 | * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc. All rights reserved. 14 | * 15 | * This program is free software; you can redistribute it and/or modify 16 | * it under the terms of the GNU General Public License as published by 17 | * the Free Software Foundation; either version 2 of the License, or 18 | * (at your option) any later version. 19 | * 20 | * This program is distributed in the hope that it will be useful, 21 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 22 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 23 | * GNU General Public License for more details. 24 | * 25 | * Adapted from: 26 | * 27 | * include/asm-ia64/rse.h (2.4.9-e.3) 28 | */ 29 | 30 | /* 31 | * Register stack engine related helper functions. This file may be 32 | * used in applications, so be careful about the name-space and give 33 | * some consideration to non-GNU C compilers (though __inline__ is 34 | * fine). 35 | */ 36 | 37 | static __inline__ unsigned long 38 | ia64_rse_slot_num (unsigned long *addr) 39 | { 40 | return (((unsigned long) addr) >> 3) & 0x3f; 41 | } 42 | 43 | /* 44 | * Return TRUE if ADDR is the address of an RNAT slot. 45 | */ 46 | static __inline__ unsigned long 47 | ia64_rse_is_rnat_slot (unsigned long *addr) 48 | { 49 | return ia64_rse_slot_num(addr) == 0x3f; 50 | } 51 | 52 | /* 53 | * Returns the address of the RNAT slot that covers the slot at 54 | * address SLOT_ADDR. 55 | */ 56 | static __inline__ unsigned long * 57 | ia64_rse_rnat_addr (unsigned long *slot_addr) 58 | { 59 | return (unsigned long *) ((unsigned long) slot_addr | (0x3f << 3)); 60 | } 61 | 62 | /* 63 | * Calcuate the number of registers in the dirty partition starting at 64 | * BSPSTORE with a size of DIRTY bytes. This isn't simply DIRTY 65 | * divided by eight because the 64th slot is used to store ar.rnat. 66 | */ 67 | static __inline__ unsigned long 68 | ia64_rse_num_regs (unsigned long *bspstore, unsigned long *bsp) 69 | { 70 | unsigned long slots = (bsp - bspstore); 71 | 72 | return slots - (ia64_rse_slot_num(bspstore) + slots)/0x40; 73 | } 74 | 75 | /* 76 | * The inverse of the above: given bspstore and the number of 77 | * registers, calculate ar.bsp. 78 | */ 79 | static __inline__ unsigned long * 80 | ia64_rse_skip_regs (unsigned long *addr, long num_regs) 81 | { 82 | long delta = ia64_rse_slot_num(addr) + num_regs; 83 | 84 | if (num_regs < 0) 85 | delta -= 0x3e; 86 | return addr + num_regs + delta/0x3f; 87 | } 88 | 89 | #endif /* _ASM_IA64_RSE_H */ 90 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/s390_dump.c: -------------------------------------------------------------------------------- 1 | /* s390_dump.c - core analysis suite 2 | * 3 | * Copyright (C) 2001, 2002 Mission Critical Linux, Inc. 4 | * Copyright (C) 2002, 2003, 2004, 2005, 2006 David Anderson 5 | * Copyright (C) 2002, 2003, 2004, 2005, 2006 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2005 Michael Holzheu, IBM Corporation 7 | * 8 | * This program is free software; you can redistribute it and/or modify 9 | * it under the terms of the GNU General Public License as published by 10 | * the Free Software Foundation; either version 2 of the License, or 11 | * (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU General Public License for more details. 17 | */ 18 | #include "defs.h" 19 | //#include 20 | #include "ibm_common.h" 21 | 22 | static FILE * s390_file; 23 | 24 | int 25 | is_s390_dump(char *file) 26 | { 27 | FILE* fh; 28 | long long int magic; 29 | size_t items ATTRIBUTE_UNUSED; 30 | int rc; 31 | 32 | fh = fopen(file,"r"); 33 | if (fh == NULL) { 34 | error(INFO, "is_s390_dump: cannot open %s: %s\n", file); 35 | return FALSE; 36 | } 37 | items = fread(&magic, sizeof(magic), 1,fh); 38 | if(magic == 0xa8190173618f23fdLL) 39 | rc = TRUE; 40 | else 41 | rc = FALSE; 42 | fclose(fh); 43 | return rc; 44 | } 45 | 46 | FILE* 47 | s390_dump_init(char *file) 48 | { 49 | if ((s390_file = fopen(file, "r+")) == NULL) { 50 | if ((s390_file = fopen(file, "r")) == NULL) 51 | return NULL; 52 | } 53 | 54 | return s390_file; 55 | } 56 | 57 | int 58 | read_s390_dumpfile(int fd, void *bufptr, int cnt, ulong addr, physaddr_t paddr) 59 | { 60 | paddr += S390_DUMP_HEADER_SIZE; 61 | 62 | if (fseek(s390_file, (ulong)paddr, SEEK_SET) != 0) 63 | return SEEK_ERROR; 64 | 65 | if (fread(bufptr, 1 , cnt, s390_file) != cnt) 66 | return READ_ERROR; 67 | 68 | return 0; 69 | } 70 | 71 | int 72 | write_s390_dumpfile(int fd, void *bufptr, int cnt, ulong addr, physaddr_t paddr) 73 | { 74 | return WRITE_ERROR; 75 | } 76 | 77 | #define S390_PAGE_SHIFT 12 78 | #define S390_PAGE_SIZE (1UL << S390_PAGE_SHIFT) 79 | 80 | uint 81 | s390_page_size(void) 82 | { 83 | return S390_PAGE_SIZE; 84 | } 85 | 86 | int 87 | s390_memory_used(void) 88 | { 89 | return 0; 90 | } 91 | 92 | int 93 | s390_free_memory(void) 94 | { 95 | return 0; 96 | } 97 | 98 | int 99 | s390_memory_dump(FILE *fp) 100 | { 101 | return 0; 102 | } 103 | 104 | ulong 105 | get_s390_panic_task(void) 106 | { 107 | return BADVAL; 108 | } 109 | 110 | void 111 | get_s390_panicmsg(char *buf) 112 | { 113 | return; 114 | } 115 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/test.c: -------------------------------------------------------------------------------- 1 | /* test.c - core analysis suite 2 | * 3 | * Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc. 4 | * Copyright (C) 2002, 2003, 2004, 2005, 2011 David Anderson 5 | * Copyright (C) 2002, 2003, 2004, 2005, 2011 Red Hat, Inc. All rights reserved. 6 | * 7 | * This program is free software; you can redistribute it and/or modify 8 | * it under the terms of the GNU General Public License as published by 9 | * the Free Software Foundation; either version 2 of the License, or 10 | * (at your option) any later version. 11 | * 12 | * This program is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU General Public License for more details. 16 | */ 17 | 18 | #include "defs.h" 19 | #include 20 | 21 | static struct option test_long_options[] = { 22 | {"no", no_argument, 0, 0}, 23 | {"req", required_argument, 0, 0}, 24 | {0, 0, 0, 0} 25 | }; 26 | 27 | /* 28 | * Test your stuff here first if you'd like. If anything's being done 29 | * below in this routine, consider it leftover trash... 30 | */ 31 | void 32 | cmd_test(void) 33 | { 34 | int c; 35 | int option_index; 36 | 37 | while ((c = getopt_long(argcnt, args, "", 38 | test_long_options, &option_index)) != EOF) { 39 | switch(c) 40 | { 41 | case 0: 42 | if (STREQ(test_long_options[option_index].name, "no")) 43 | fprintf(fp, "no argument\n"); 44 | if (STREQ(test_long_options[option_index].name, "req")) 45 | fprintf(fp, "required argument: %s\n", optarg); 46 | break; 47 | 48 | default: 49 | argerrs++; 50 | break; 51 | } 52 | } 53 | 54 | if (argerrs) 55 | cmd_usage(pc->curcmd, SYNOPSIS); 56 | 57 | while (args[optind]) { 58 | ; 59 | optind++; 60 | } 61 | } 62 | 63 | /* 64 | * Scratch routine for testing a feature on a per-task basis by entering 65 | * the "foreach test" command. Like cmd_test(), anything that's being done 66 | * below in this routine can be considered trash. 67 | */ 68 | void 69 | foreach_test(ulong task, ulong flags) 70 | { 71 | 72 | } 73 | 74 | /* 75 | * Template for building a new command. 76 | */ 77 | void 78 | cmd_template(void) 79 | { 80 | int c; 81 | 82 | while ((c = getopt(argcnt, args, "")) != EOF) { 83 | switch(c) 84 | { 85 | default: 86 | argerrs++; 87 | break; 88 | } 89 | } 90 | 91 | if (argerrs) 92 | cmd_usage(pc->curcmd, SYNOPSIS); 93 | 94 | while (args[optind]) { 95 | ; 96 | optind++; 97 | } 98 | } 99 | 100 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/unwind_x86.h: -------------------------------------------------------------------------------- 1 | /* 2 | * This program is free software; you can redistribute it and/or modify 3 | * it under the terms of the GNU General Public License as published by 4 | * the Free Software Foundation; either version 2 of the License, or 5 | * (at your option) any later version. 6 | * 7 | * This program is distributed in the hope that it will be useful, 8 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 9 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10 | * GNU General Public License for more details. 11 | */ 12 | 13 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/unwind_x86_64.h: -------------------------------------------------------------------------------- 1 | /* 2 | * This program is free software; you can redistribute it and/or modify 3 | * it under the terms of the GNU General Public License as published by 4 | * the Free Software Foundation; either version 2 of the License, or 5 | * (at your option) any later version. 6 | * 7 | * This program is distributed in the hope that it will be useful, 8 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 9 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10 | * GNU General Public License for more details. 11 | */ 12 | 13 | #define CONFIG_64BIT 1 14 | #define NULL ((void *)0) 15 | 16 | typedef unsigned long size_t; 17 | typedef unsigned char u8; 18 | typedef signed short s16; 19 | typedef unsigned short u16; 20 | typedef signed int s32; 21 | typedef unsigned int u32; 22 | typedef unsigned long long u64; 23 | 24 | struct pt_regs { 25 | unsigned long r15; 26 | unsigned long r14; 27 | unsigned long r13; 28 | unsigned long r12; 29 | unsigned long rbp; 30 | unsigned long rbx; 31 | /* arguments: non interrupts/non tracing syscalls only save upto here*/ 32 | unsigned long r11; 33 | unsigned long r10; 34 | unsigned long r9; 35 | unsigned long r8; 36 | unsigned long rax; 37 | unsigned long rcx; 38 | unsigned long rdx; 39 | unsigned long rsi; 40 | unsigned long rdi; 41 | unsigned long orig_rax; 42 | /* end of arguments */ 43 | /* cpu exception frame or undefined */ 44 | unsigned long rip; 45 | unsigned long cs; 46 | unsigned long eflags; 47 | unsigned long rsp; 48 | unsigned long ss; 49 | /* top of stack page */ 50 | }; 51 | 52 | struct unwind_frame_info 53 | { 54 | struct pt_regs regs; 55 | }; 56 | 57 | extern int unwind(struct unwind_frame_info *, int); 58 | extern void init_unwind_table(void); 59 | extern void free_unwind_table(void); 60 | 61 | #ifndef offsetof 62 | #define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) 63 | #endif 64 | #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) 65 | #define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2*!!(condition)])) 66 | #define BUILD_BUG_ON_ZERO(e) (sizeof(struct { int:-!!(e); })) 67 | #define FIELD_SIZEOF(t, f) (sizeof(((t*)0)->f)) 68 | #define get_unaligned(ptr) (*(ptr)) 69 | //#define __get_user(x,ptr) __get_user_nocheck((x),(ptr),sizeof(*(ptr))) 70 | #define THREAD_ORDER 1 71 | #define THREAD_SIZE (PAGE_SIZE << THREAD_ORDER) 72 | 73 | #define UNW_PC(frame) (frame)->regs.rip 74 | #define UNW_SP(frame) (frame)->regs.rsp 75 | #ifdef CONFIG_FRAME_POINTER 76 | #define UNW_FP(frame) (frame)->regs.rbp 77 | #define FRAME_RETADDR_OFFSET 8 78 | #define FRAME_LINK_OFFSET 0 79 | #define STACK_BOTTOM(tsk) (((tsk)->thread.rsp0 - 1) & ~(THREAD_SIZE - 1)) 80 | #define STACK_TOP(tsk) ((tsk)->thread.rsp0) 81 | #endif 82 | 83 | 84 | #define EXTRA_INFO(f) { BUILD_BUG_ON_ZERO(offsetof(struct unwind_frame_info, f) % FIELD_SIZEOF(struct unwind_frame_info, f)) + offsetof(struct unwind_frame_info, f)/ FIELD_SIZEOF(struct unwind_frame_info, f), FIELD_SIZEOF(struct unwind_frame_info, f) } 85 | 86 | #define PTREGS_INFO(f) EXTRA_INFO(regs.f) 87 | 88 | #define UNW_REGISTER_INFO \ 89 | PTREGS_INFO(rax),\ 90 | PTREGS_INFO(rdx),\ 91 | PTREGS_INFO(rcx),\ 92 | PTREGS_INFO(rbx), \ 93 | PTREGS_INFO(rsi), \ 94 | PTREGS_INFO(rdi), \ 95 | PTREGS_INFO(rbp), \ 96 | PTREGS_INFO(rsp), \ 97 | PTREGS_INFO(r8), \ 98 | PTREGS_INFO(r9), \ 99 | PTREGS_INFO(r10),\ 100 | PTREGS_INFO(r11), \ 101 | PTREGS_INFO(r12), \ 102 | PTREGS_INFO(r13), \ 103 | PTREGS_INFO(r14), \ 104 | PTREGS_INFO(r15), \ 105 | PTREGS_INFO(rip) 106 | 107 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/va_server.h: -------------------------------------------------------------------------------- 1 | /* va_server.h - kernel crash dump file translation library 2 | * 3 | * Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc. 4 | * Copyright (C) 2002, 2003, 2004, 2005 David Anderson 5 | * Copyright (C) 2002, 2003, 2004, 2005 Red Hat, Inc. All rights reserved. 6 | * 7 | * This program is free software; you can redistribute it and/or modify 8 | * it under the terms of the GNU General Public License as published by 9 | * the Free Software Foundation; either version 2 of the License, or 10 | * (at your option) any later version. 11 | * 12 | * This program is distributed in the hope that it will be useful, 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 | * GNU General Public License for more details. 16 | * 17 | * 10/99, Dave Winchell, Initial release for kernel crash dump support. 18 | * 11/12/99, Dave Winchell, Add support for in memory dumps. 19 | */ 20 | 21 | #include "vas_crash.h" 22 | 23 | extern int vas_page_size; 24 | extern u_long vas_base_va; 25 | 26 | int va_server_init(char *crash_file, u_long *start, u_long *end, u_long *stride); 27 | int va_server_init_v1(char *crash_file, u_long *start, u_long *end, u_long *stride); 28 | int vas_lseek(u_long position, int whence); 29 | int vas_lseek_v1(u_long position, int whence); 30 | size_t vas_read(void *buf_in, size_t count); 31 | size_t vas_read_v1(void *buf_in, size_t count); 32 | size_t vas_write(void *buf_in, size_t count); 33 | size_t vas_write_v1(void *buf_in, size_t count); 34 | void vas_free_data(u_long va); 35 | void vas_free_data_v1(u_long va); 36 | 37 | 38 | /* in-memory formats */ 39 | 40 | struct map_hdr { 41 | struct crash_map_entry *map; /* array of map entries */ 42 | int blk_size; /* blocksize for this map */ 43 | }; 44 | 45 | 46 | 47 | struct map_hdr_v1 { 48 | u_long start_va; 49 | u_long end_va; 50 | 51 | struct crash_map_entry_v1 *map; /* array of map entries */ 52 | int map_entries; /* entries in array pointed to by map */ 53 | u_long va_per_entry; /* va covered by each map_entry */ 54 | int blk_offset; /* add this to start_blk in map_entry 55 | * this allows relocation of compressed data 56 | * while using original maps 57 | */ 58 | int blk_size; /* blocksize for this map */ 59 | 60 | struct map_hdr_v1 *next; 61 | }; 62 | 63 | extern int clean_exit(int); 64 | 65 | 66 | 67 | 68 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/vmcore.h: -------------------------------------------------------------------------------- 1 | /* 2 | * vmcore.h 3 | * 4 | * Copyright (C) 2019 Chelsio Communications. All rights reserved. 5 | * 6 | * This program is free software; you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation; either version 2 of the License, or 9 | * (at your option) any later version. 10 | * 11 | * This program is distributed in the hope that it will be useful, 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | * GNU General Public License for more details. 15 | */ 16 | #ifndef _VMCORE_H 17 | #define _VMCORE_H 18 | 19 | #include 20 | 21 | #ifndef NT_VMCOREDD 22 | #define NT_VMCOREDD 0x700 23 | #endif 24 | 25 | #define VMCOREDD_NOTE_NAME "LINUX" 26 | #define VMCOREDD_MAX_NAME_BYTES 44 27 | 28 | struct vmcoredd_header { 29 | __u32 n_namesz; /* Name size */ 30 | __u32 n_descsz; /* Content size */ 31 | __u32 n_type; /* NT_VMCOREDD */ 32 | __u8 name[8]; /* LINUX\0\0\0 */ 33 | __u8 dump_name[VMCOREDD_MAX_NAME_BYTES]; /* Device dump's name */ 34 | }; 35 | 36 | #endif /* _VMCORE_H */ 37 | -------------------------------------------------------------------------------- /BUILD/crash-7.3.2/xen_dom0.h: -------------------------------------------------------------------------------- 1 | /* xen_dom0.h 2 | * 3 | * Copyright (C) 2015 David Anderson 4 | * Copyright (C) 2015 Red Hat, Inc. All rights reserved. 5 | * 6 | * This program is free software; you can redistribute it and/or modify 7 | * it under the terms of the GNU General Public License as published by 8 | * the Free Software Foundation; either version 2 of the License, or 9 | * (at your option) any later version. 10 | * 11 | * This program is distributed in the hope that it will be useful, 12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 | * GNU General Public License for more details. 15 | * 16 | * Author: David Anderson 17 | */ 18 | 19 | /* 20 | * ELF note types for Xen dom0/hypervisor kdumps. 21 | * The comments below are from xen/include/public/elfnote.h. 22 | */ 23 | 24 | /* 25 | * System information exported through crash notes. 26 | * 27 | * The kexec / kdump code will create one XEN_ELFNOTE_CRASH_INFO 28 | * note in case of a system crash. This note will contain various 29 | * information about the system, see xen/include/xen/elfcore.h. 30 | */ 31 | #define XEN_ELFNOTE_CRASH_INFO 0x1000001 32 | 33 | /* 34 | * System registers exported through crash notes. 35 | * 36 | * The kexec / kdump code will create one XEN_ELFNOTE_CRASH_REGS 37 | * note per cpu in case of a system crash. This note is architecture 38 | * specific and will contain registers not saved in the "CORE" note. 39 | * See xen/include/xen/elfcore.h for more information. 40 | */ 41 | #define XEN_ELFNOTE_CRASH_REGS 0x1000002 42 | 43 | 44 | /* 45 | * For (temporary) backwards compatibility. 46 | */ 47 | #define NT_XEN_KDUMP_CR3 0x10000001 48 | 49 | struct xen_kdump_data { 50 | ulong flags; 51 | ulong cr3; 52 | ulong p2m_mfn; 53 | char *page; 54 | ulong last_mfn_read; 55 | ulong last_pmd_read; 56 | ulong cache_hits; 57 | ulong accesses; 58 | int p2m_frames; 59 | ulong *p2m_mfn_frame_list; 60 | ulong xen_phys_start; 61 | int xen_major_version; 62 | int xen_minor_version; 63 | }; 64 | 65 | #define KDUMP_P2M_INIT (0x1) 66 | #define KDUMP_CR3 (0x2) 67 | #define KDUMP_MFN_LIST (0x4) 68 | 69 | #define P2M_FAILURE ((physaddr_t)(0xffffffffffffffffLL)) 70 | 71 | extern struct xen_kdump_data *xkd; 72 | 73 | void dump_xen_kdump_data(FILE *); 74 | struct xen_kdump_data *get_xen_kdump_data(void); 75 | 76 | void process_xen_note(ulong, void *, size_t); 77 | physaddr_t xen_kdump_p2m(physaddr_t); 78 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | This is free and unencumbered software released into the public domain. 2 | 3 | Anyone is free to copy, modify, publish, use, compile, sell, or 4 | distribute this software, either in source code form or as a compiled 5 | binary, for any purpose, commercial or non-commercial, and by any 6 | means. 7 | 8 | In jurisdictions that recognize copyright laws, the author or authors 9 | of this software dedicate any and all copyright interest in the 10 | software to the public domain. We make this dedication for the benefit 11 | of the public at large and to the detriment of our heirs and 12 | successors. We intend this dedication to be an overt act of 13 | relinquishment in perpetuity of all present and future rights to this 14 | software under copyright law. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 19 | IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR 20 | OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, 21 | ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR 22 | OTHER DEALINGS IN THE SOFTWARE. 23 | 24 | For more information, please refer to 25 | -------------------------------------------------------------------------------- /SOURCES/0001-ppc64-update-the-NR_CPUS-to-8192.patch: -------------------------------------------------------------------------------- 1 | From ae52398a13fa9a238279114ed671c7c514c154ee Mon Sep 17 00:00:00 2001 2 | From: Sourabh Jain 3 | Date: Mon, 9 May 2022 12:49:56 +0530 4 | Subject: [PATCH 01/18] ppc64: update the NR_CPUS to 8192 5 | 6 | Since the kernel commit 2d8ae638bb86 ("powerpc: Make the NR_CPUS max 8192") 7 | the NR_CPUS on Linux kernel ranges from 1-8192. So let's match NR_CPUS with 8 | the max NR_CPUS count on the Linux kernel. 9 | 10 | Signed-off-by: Sourabh Jain 11 | Signed-off-by: Lianbo Jiang 12 | --- 13 | defs.h | 2 +- 14 | 1 file changed, 1 insertion(+), 1 deletion(-) 15 | 16 | diff --git a/defs.h b/defs.h 17 | index 1e8360d65a3b..a6735d07b32f 100644 18 | --- a/defs.h 19 | +++ b/defs.h 20 | @@ -136,7 +136,7 @@ 21 | #define NR_CPUS (4096) 22 | #endif 23 | #ifdef PPC64 24 | -#define NR_CPUS (2048) 25 | +#define NR_CPUS (8192) 26 | #endif 27 | #ifdef S390 28 | #define NR_CPUS (512) 29 | -- 30 | 2.30.2 31 | 32 | -------------------------------------------------------------------------------- /SOURCES/0002-Extend-field-length-of-task-attributes.patch: -------------------------------------------------------------------------------- 1 | From 6bc60e8cc87701c8f68c1cda56dd7120b5565700 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Wed, 22 Jun 2022 08:32:59 +0900 4 | Subject: [PATCH 02/28] Extend field length of task attributes 5 | 6 | Nowadays, some machines have many CPU cores and memory, and some 7 | distributions have a larger kernel.pid_max parameter, e.g. 7 digits. 8 | This impairs the readability of a few commands, especially "ps" and 9 | "ps -l|-m" options. 10 | 11 | Let's extend the field length of the task attributes, PID, CPU, VSZ, 12 | and RSS to improve the readability. 13 | 14 | Without the patch: 15 | crash> ps 16 | PID PPID CPU TASK ST %MEM VSZ RSS COMM 17 | ... 18 | 2802197 2699997 2 ffff916f63c40000 IN 0.0 307212 10688 timer 19 | 2802277 1 0 ffff9161a25bb080 IN 0.0 169040 2744 gpg-agent 20 | 2806711 3167854 10 ffff9167fc498000 IN 0.0 127208 6508 su 21 | 2806719 2806711 1 ffff91633c3a48c0 IN 0.0 29452 6416 bash 22 | 2988346 1 5 ffff916f7c629840 IN 2.8 9342476 1917384 qemu-kvm 23 | 24 | With the patch: 25 | crash> ps 26 | PID PPID CPU TASK ST %MEM VSZ RSS COMM 27 | ... 28 | 2802197 2699997 2 ffff916f63c40000 IN 0.0 307212 10688 timer 29 | 2802277 1 0 ffff9161a25bb080 IN 0.0 169040 2744 gpg-agent 30 | 2806711 3167854 10 ffff9167fc498000 IN 0.0 127208 6508 su 31 | 2806719 2806711 1 ffff91633c3a48c0 IN 0.0 29452 6416 bash 32 | 2988346 1 5 ffff916f7c629840 IN 2.8 9342476 1917384 qemu-kvm 33 | 34 | Signed-off-by: Kazuhito Hagio 35 | Signed-off-by: Lianbo Jiang 36 | --- 37 | task.c | 10 +++++----- 38 | 1 file changed, 5 insertions(+), 5 deletions(-) 39 | 40 | diff --git a/task.c b/task.c 41 | index 864c838637ee..071c787fbfa5 100644 42 | --- a/task.c 43 | +++ b/task.c 44 | @@ -3828,7 +3828,7 @@ show_ps_data(ulong flag, struct task_context *tc, struct psinfo *psi) 45 | } else 46 | fprintf(fp, " "); 47 | 48 | - fprintf(fp, "%5ld %5ld %2s %s %3s", 49 | + fprintf(fp, "%7ld %7ld %3s %s %3s", 50 | tc->pid, task_to_pid(tc->ptask), 51 | task_cpu(tc->processor, buf2, !VERBOSE), 52 | task_pointer_string(tc, flag & PS_KSTACKP, buf3), 53 | @@ -3838,8 +3838,8 @@ show_ps_data(ulong flag, struct task_context *tc, struct psinfo *psi) 54 | if (strlen(buf1) == 3) 55 | mkstring(buf1, 4, CENTER|RJUST, NULL); 56 | fprintf(fp, "%s ", buf1); 57 | - fprintf(fp, "%7ld ", (tm->total_vm * PAGESIZE())/1024); 58 | - fprintf(fp, "%6ld ", (tm->rss * PAGESIZE())/1024); 59 | + fprintf(fp, "%8ld ", (tm->total_vm * PAGESIZE())/1024); 60 | + fprintf(fp, "%8ld ", (tm->rss * PAGESIZE())/1024); 61 | if (is_kernel_thread(tc->task)) 62 | fprintf(fp, "[%s]\n", tc->comm); 63 | else 64 | @@ -3856,7 +3856,7 @@ show_ps(ulong flag, struct psinfo *psi) 65 | 66 | if (!(flag & ((PS_EXCLUSIVE & ~PS_ACTIVE)|PS_NO_HEADER))) 67 | fprintf(fp, 68 | - " PID PPID CPU %s ST %%MEM VSZ RSS COMM\n", 69 | + " PID PPID CPU %s ST %%MEM VSZ RSS COMM\n", 70 | flag & PS_KSTACKP ? 71 | mkstring(buf, VADDR_PRLEN, CENTER|RJUST, "KSTACKP") : 72 | mkstring(buf, VADDR_PRLEN, CENTER, "TASK")); 73 | @@ -7713,7 +7713,7 @@ print_task_header(FILE *out, struct task_context *tc, int newline) 74 | char buf[BUFSIZE]; 75 | char buf1[BUFSIZE]; 76 | 77 | - fprintf(out, "%sPID: %-5ld TASK: %s CPU: %-2s COMMAND: \"%s\"\n", 78 | + fprintf(out, "%sPID: %-7ld TASK: %s CPU: %-3s COMMAND: \"%s\"\n", 79 | newline ? "\n" : "", tc->pid, 80 | mkstring(buf1, VADDR_PRLEN, LJUST|LONG_HEX, MKSTR(tc->task)), 81 | task_cpu(tc->processor, buf, !VERBOSE), tc->comm); 82 | -- 83 | 2.37.1 84 | 85 | -------------------------------------------------------------------------------- /SOURCES/0002-arm64-Fix-again-segfault-in-arm64_is_kernel_exceptio.patch: -------------------------------------------------------------------------------- 1 | From 6c8cd9b5dcf48221e5f75fc5850bb4719d77acce Mon Sep 17 00:00:00 2001 2 | From: HATAYAMA Daisuke 3 | Date: Wed, 7 Jun 2023 18:37:34 +0900 4 | Subject: [PATCH] arm64: Fix again segfault in 5 | arm64_is_kernel_exception_frame() when corrupt stack pointer address is given 6 | 7 | This is the second trial from the commit 8 | 9868ebc8e648e5791764a51567a23efae7170d9b that was reverted at the 9 | previous commit. 10 | 11 | As described in the previous commit, result of STACK_OFFSET_TYPE() can 12 | be an address out of bt->stackbuf and hence the address needs to be 13 | checked prior to being referred to as an pt_regs object. 14 | 15 | So, to fix the issue, let's check if stkptr points to within the range 16 | of the kernel stack first. 17 | 18 | [ kh: added a warning at Lianbo's suggestion ] 19 | 20 | Signed-off-by: HATAYAMA Daisuke 21 | Signed-off-by: Lianbo Jiang 22 | --- 23 | arm64.c | 6 ++++++ 24 | 1 file changed, 6 insertions(+) 25 | 26 | diff --git a/arm64.c b/arm64.c 27 | index efbdccbec9d3..67b1a2244810 100644 28 | --- a/arm64.c 29 | +++ b/arm64.c 30 | @@ -2381,6 +2381,12 @@ arm64_is_kernel_exception_frame(struct bt_info *bt, ulong stkptr) 31 | struct arm64_pt_regs *regs; 32 | struct machine_specific *ms = machdep->machspec; 33 | 34 | + if (stkptr > STACKSIZE() && !INSTACK(stkptr, bt)) { 35 | + if (CRASHDEBUG(1)) 36 | + error(WARNING, "stkptr: %lx is outside the kernel stack range\n", stkptr); 37 | + return FALSE; 38 | + } 39 | + 40 | regs = (struct arm64_pt_regs *)&bt->stackbuf[(ulong)(STACK_OFFSET_TYPE(stkptr))]; 41 | 42 | if (INSTACK(regs->sp, bt) && INSTACK(regs->regs[29], bt) && 43 | -- 44 | 2.37.1 45 | 46 | -------------------------------------------------------------------------------- /SOURCES/0002-sbitmapq-remove-struct-and-member-validation-in-sbit.patch: -------------------------------------------------------------------------------- 1 | From 364b2e413c69daf189d2bc0238e3ba9b0dcbd937 Mon Sep 17 00:00:00 2001 2 | From: Lianbo Jiang 3 | Date: Mon, 23 May 2022 18:04:13 +0800 4 | Subject: [PATCH 02/18] sbitmapq: remove struct and member validation in 5 | sbitmapq_init() 6 | 7 | Let's remove the struct and member validation from sbitmapq_init(), which 8 | will help the crash to display the actual error when the sbitmapq fails. 9 | 10 | Without the patch: 11 | crash> sbitmapq ffff8e99d0dc8010 12 | sbitmapq: command not supported or applicable on this architecture or kernel 13 | 14 | With the patch: 15 | crash> sbitmapq ffff8e99d0dc8010 16 | 17 | sbitmapq: invalid structure member offset: sbitmap_queue_alloc_hint 18 | FILE: sbitmap.c LINE: 365 FUNCTION: sbitmap_queue_context_load() 19 | 20 | Signed-off-by: Lianbo Jiang 21 | --- 22 | sbitmap.c | 24 ------------------------ 23 | 1 file changed, 24 deletions(-) 24 | 25 | diff --git a/sbitmap.c b/sbitmap.c 26 | index 96a61e6c2c71..7693eef6cebd 100644 27 | --- a/sbitmap.c 28 | +++ b/sbitmap.c 29 | @@ -525,30 +525,6 @@ void sbitmapq_init(void) 30 | MEMBER_OFFSET_INIT(sbq_wait_state_wait_cnt, "sbq_wait_state", "wait_cnt"); 31 | MEMBER_OFFSET_INIT(sbq_wait_state_wait, "sbq_wait_state", "wait"); 32 | 33 | - if (!VALID_SIZE(sbitmap_word) || 34 | - !VALID_SIZE(sbitmap) || 35 | - !VALID_SIZE(sbitmap_queue) || 36 | - !VALID_SIZE(sbq_wait_state) || 37 | - INVALID_MEMBER(sbitmap_word_depth) || 38 | - INVALID_MEMBER(sbitmap_word_word) || 39 | - INVALID_MEMBER(sbitmap_word_cleared) || 40 | - INVALID_MEMBER(sbitmap_depth) || 41 | - INVALID_MEMBER(sbitmap_shift) || 42 | - INVALID_MEMBER(sbitmap_map_nr) || 43 | - INVALID_MEMBER(sbitmap_map) || 44 | - INVALID_MEMBER(sbitmap_queue_sb) || 45 | - INVALID_MEMBER(sbitmap_queue_alloc_hint) || 46 | - INVALID_MEMBER(sbitmap_queue_wake_batch) || 47 | - INVALID_MEMBER(sbitmap_queue_wake_index) || 48 | - INVALID_MEMBER(sbitmap_queue_ws) || 49 | - INVALID_MEMBER(sbitmap_queue_ws_active) || 50 | - INVALID_MEMBER(sbitmap_queue_round_robin) || 51 | - INVALID_MEMBER(sbitmap_queue_min_shallow_depth) || 52 | - INVALID_MEMBER(sbq_wait_state_wait_cnt) || 53 | - INVALID_MEMBER(sbq_wait_state_wait)) { 54 | - command_not_supported(); 55 | - } 56 | - 57 | sb_flags |= SB_FLAG_INIT; 58 | } 59 | 60 | -- 61 | 2.30.2 62 | 63 | -------------------------------------------------------------------------------- /SOURCES/0003-Fix-invalid-structure-size-error-during-crash-startu.patch: -------------------------------------------------------------------------------- 1 | From ec1e61b33a705b8be8d116a541c7b076b0429deb Mon Sep 17 00:00:00 2001 2 | From: Lianbo Jiang 3 | Date: Mon, 12 Jun 2023 18:50:05 +0800 4 | Subject: [PATCH] Fix invalid structure size error during crash startup on 5 | ppc64 6 | 7 | The crash utility will fail to start session on ppc64 with the following 8 | error: 9 | 10 | # crash vmlinux vmcore -s 11 | 12 | crash: invalid structure size: note_buf 13 | FILE: diskdump.c LINE: 121 FUNCTION: have_crash_notes() 14 | 15 | [./crash] error trace: 101859ac => 10291798 => 10291450 => 10266038 16 | 17 | 10266038: SIZE_verify+156 18 | 10291450: have_crash_notes+308 19 | 10291798: map_cpus_to_prstatus_kdump_cmprs+448 20 | 101859ac: task_init+11980 21 | 22 | The reason is that the size of note_buf is not initialized before using 23 | SIZE(note_buf) in the have_crash_notes() on some architectures including 24 | ppc64. Let's initialize it in task_init() to fix this issue. 25 | 26 | Fixes: db8c030857b4 ("diskdump/netdump: fix segmentation fault caused by failure of stopping CPUs") 27 | Signed-off-by: Lianbo Jiang 28 | --- 29 | task.c | 3 +++ 30 | 1 file changed, 3 insertions(+) 31 | 32 | diff --git a/task.c b/task.c 33 | index 88941c7b0e4d..2b7467b4193d 100644 34 | --- a/task.c 35 | +++ b/task.c 36 | @@ -675,6 +675,9 @@ task_init(void) 37 | tt->this_task = pid_to_task(active_pid); 38 | } 39 | else { 40 | + if (INVALID_SIZE(note_buf)) 41 | + STRUCT_SIZE_INIT(note_buf, "note_buf_t"); 42 | + 43 | if (KDUMP_DUMPFILE()) 44 | map_cpus_to_prstatus(); 45 | else if (ELF_NOTES_VALID() && DISKDUMP_DUMPFILE()) 46 | -- 47 | 2.37.1 48 | 49 | -------------------------------------------------------------------------------- /SOURCES/0003-ppc64-fix-bt-for-S-case.patch: -------------------------------------------------------------------------------- 1 | From 1c918c621e48f53ea69a143aabc59c8366102236 Mon Sep 17 00:00:00 2001 2 | From: Hari Bathini 3 | Date: Mon, 4 Jul 2022 10:55:41 +0530 4 | Subject: [PATCH 03/28] ppc64: fix bt for '-S' case 5 | 6 | Passing '-S' option to 'bt' command was intended to specify the stack 7 | pointer manually. But get_stack_frame() handling on ppc64 is ignoring 8 | this option altogether. Fix it. 9 | 10 | Signed-off-by: Hari Bathini 11 | Signed-off-by: Lianbo Jiang 12 | --- 13 | ppc64.c | 16 ++++++++++++++++ 14 | 1 file changed, 16 insertions(+) 15 | 16 | diff --git a/ppc64.c b/ppc64.c 17 | index 975caa53b812..0e1d8678eef5 100644 18 | --- a/ppc64.c 19 | +++ b/ppc64.c 20 | @@ -2330,6 +2330,22 @@ ppc64_vmcore_stack_frame(struct bt_info *bt_in, ulong *nip, ulong *ksp) 21 | 22 | pt_regs = (struct ppc64_pt_regs *)bt_in->machdep; 23 | if (!pt_regs || !pt_regs->gpr[1]) { 24 | + if (bt_in->hp) { 25 | + if (bt_in->hp->esp) { 26 | + *ksp = bt_in->hp->esp; 27 | + if (!bt_in->hp->eip) { 28 | + if (IS_KVADDR(*ksp)) { 29 | + readmem(*ksp+16, KVADDR, &unip, sizeof(ulong), 30 | + "Regs NIP value", FAULT_ON_ERROR); 31 | + *nip = unip; 32 | + } 33 | + } else 34 | + *nip = bt_in->hp->eip; 35 | + 36 | + } 37 | + return TRUE; 38 | + } 39 | + 40 | /* 41 | * Not collected regs. May be the corresponding CPU not 42 | * responded to an IPI in case of KDump OR f/w has not 43 | -- 44 | 2.37.1 45 | 46 | -------------------------------------------------------------------------------- /SOURCES/0005-ppc64-rename-ppc64_paca_init-to-ppc64_paca_percpu_of.patch: -------------------------------------------------------------------------------- 1 | From 4dbf7e296f6fde05894a55e23fbaf0d50e3b38b9 Mon Sep 17 00:00:00 2001 2 | From: Hari Bathini 3 | Date: Mon, 4 Jul 2022 10:55:43 +0530 4 | Subject: [PATCH 05/28] ppc64: rename ppc64_paca_init to 5 | ppc64_paca_percpu_offset_init 6 | 7 | ppc64_paca_init() function is specifically used to initialize percpu 8 | data_offset for kernels older than v2.6.36. So, the name is slightly 9 | misleading. Rename it to ppc64_paca_percpu_offset_init to reflect its 10 | purpose. 11 | 12 | Signed-off-by: Hari Bathini 13 | Signed-off-by: Lianbo Jiang 14 | --- 15 | ppc64.c | 9 +++++---- 16 | 1 file changed, 5 insertions(+), 4 deletions(-) 17 | 18 | diff --git a/ppc64.c b/ppc64.c 19 | index 272eb207074a..0a3aa5f7af91 100644 20 | --- a/ppc64.c 21 | +++ b/ppc64.c 22 | @@ -52,7 +52,7 @@ static char * ppc64_check_eframe(struct ppc64_pt_regs *); 23 | static void ppc64_print_eframe(char *, struct ppc64_pt_regs *, 24 | struct bt_info *); 25 | static void parse_cmdline_args(void); 26 | -static int ppc64_paca_init(int); 27 | +static int ppc64_paca_percpu_offset_init(int); 28 | static void ppc64_init_cpu_info(void); 29 | static int ppc64_get_cpu_map(void); 30 | static void ppc64_clear_machdep_cache(void); 31 | @@ -3285,7 +3285,7 @@ parse_cmdline_args(void) 32 | * Initialize the per cpu data_offset values from paca structure. 33 | */ 34 | static int 35 | -ppc64_paca_init(int map) 36 | +ppc64_paca_percpu_offset_init(int map) 37 | { 38 | int i, cpus, nr_paca; 39 | char *cpu_paca_buf; 40 | @@ -3387,10 +3387,11 @@ ppc64_init_cpu_info(void) 41 | * which was removed post v2.6.15 ppc64 and now we get the per cpu 42 | * data_offset from __per_cpu_offset symbol during kernel_init() 43 | * call. Hence for backward (pre-2.6.36) compatibility, call 44 | - * ppc64_paca_init() only if symbol __per_cpu_offset does not exist. 45 | + * ppc64_paca_percpu_offset_init() only if symbol __per_cpu_offset 46 | + * does not exist. 47 | */ 48 | if (!symbol_exists("__per_cpu_offset")) 49 | - cpus = ppc64_paca_init(map); 50 | + cpus = ppc64_paca_percpu_offset_init(map); 51 | else { 52 | if (!(nr_cpus = get_array_length("__per_cpu_offset", NULL, 0))) 53 | nr_cpus = (kt->kernel_NR_CPUS ? kt->kernel_NR_CPUS : 54 | -- 55 | 2.37.1 56 | 57 | -------------------------------------------------------------------------------- /SOURCES/0007-ppc64-print-emergency-stacks-info-with-mach-command.patch: -------------------------------------------------------------------------------- 1 | From 9429b15851f184fbff187d9a751451c9ed8ae5c9 Mon Sep 17 00:00:00 2001 2 | From: Hari Bathini 3 | Date: Mon, 4 Jul 2022 10:55:45 +0530 4 | Subject: [PATCH 07/28] ppc64: print emergency stacks info with 'mach' command 5 | 6 | Print top address of emergency stacks with 'mach' command. 7 | 8 | Signed-off-by: Hari Bathini 9 | Signed-off-by: Lianbo Jiang 10 | --- 11 | ppc64.c | 40 ++++++++++++++++++++++++++++++++++++++++ 12 | 1 file changed, 40 insertions(+) 13 | 14 | diff --git a/ppc64.c b/ppc64.c 15 | index 03047a85955d..ad1d6e121e81 100644 16 | --- a/ppc64.c 17 | +++ b/ppc64.c 18 | @@ -3161,6 +3161,44 @@ opalmsg(void) 19 | fprintf(fp, "\n"); 20 | } 21 | 22 | +static void ppc64_print_emergency_stack_info(void) 23 | +{ 24 | + struct machine_specific *ms = machdep->machspec; 25 | + char buf[32]; 26 | + int i; 27 | + 28 | + fprintf(fp, " EMERGENCY STACK: "); 29 | + if (ms->emergency_sp) { 30 | + fprintf(fp, "\n"); 31 | + for (i = 0; i < kt->cpus; i++) { 32 | + sprintf(buf, "CPU %d", i); 33 | + fprintf(fp, "%19s: %lx\n", buf, ms->emergency_sp[i]); 34 | + } 35 | + } else 36 | + fprintf(fp, "(unused)\n"); 37 | + 38 | + fprintf(fp, "NMI EMERGENCY STACK: "); 39 | + if (ms->nmi_emergency_sp) { 40 | + fprintf(fp, "\n"); 41 | + for (i = 0; i < kt->cpus; i++) { 42 | + sprintf(buf, "CPU %d", i); 43 | + fprintf(fp, "%19s: %lx\n", buf, ms->nmi_emergency_sp[i]); 44 | + } 45 | + } else 46 | + fprintf(fp, "(unused)\n"); 47 | + 48 | + fprintf(fp, " MC EMERGENCY STACK: "); 49 | + if (ms->mc_emergency_sp) { 50 | + fprintf(fp, "\n"); 51 | + for (i = 0; i < kt->cpus; i++) { 52 | + sprintf(buf, "CPU %d", i); 53 | + fprintf(fp, "%19s: %lx\n", buf, ms->mc_emergency_sp[i]); 54 | + } 55 | + } else 56 | + fprintf(fp, "(unused)\n"); 57 | + fprintf(fp, "\n"); 58 | +} 59 | + 60 | /* 61 | * Machine dependent command. 62 | */ 63 | @@ -3241,6 +3279,8 @@ ppc64_display_machine_stats(void) 64 | fprintf(fp, "%19s: %lx\n", buf, tt->softirq_ctx[c]); 65 | } 66 | } 67 | + 68 | + ppc64_print_emergency_stack_info(); 69 | } 70 | 71 | static const char *hook_files[] = { 72 | -- 73 | 2.37.1 74 | 75 | -------------------------------------------------------------------------------- /SOURCES/0008-bt-arm64-add-support-for-bt-n-idle.patch: -------------------------------------------------------------------------------- 1 | From 0f162febebc4d11a165dd40cee00f3b0ba691a52 Mon Sep 17 00:00:00 2001 2 | From: Qi Zheng 3 | Date: Tue, 24 May 2022 20:25:54 +0800 4 | Subject: [PATCH 08/18] bt: arm64: add support for 'bt -n idle' 5 | 6 | The '-n idle' option of bt command can help us filter the 7 | stack of the idle process when debugging the dumpfiles 8 | captured by kdump. 9 | 10 | This patch supports this feature on ARM64. 11 | 12 | Signed-off-by: Qi Zheng 13 | Signed-off-by: Lianbo Jiang 14 | --- 15 | arm64.c | 19 ++++++++++++++++--- 16 | help.c | 2 +- 17 | kernel.c | 3 ++- 18 | 3 files changed, 19 insertions(+), 5 deletions(-) 19 | 20 | diff --git a/arm64.c b/arm64.c 21 | index 65f6cdf69fa6..0f615cf52bef 100644 22 | --- a/arm64.c 23 | +++ b/arm64.c 24 | @@ -3681,6 +3681,12 @@ arm64_get_dumpfile_stackframe(struct bt_info *bt, struct arm64_stackframe *frame 25 | { 26 | struct machine_specific *ms = machdep->machspec; 27 | struct arm64_pt_regs *ptregs; 28 | + bool skip = false; 29 | + 30 | + if (bt->flags & BT_SKIP_IDLE) { 31 | + skip = true; 32 | + bt->flags &= ~BT_SKIP_IDLE; 33 | + } 34 | 35 | if (!ms->panic_task_regs || 36 | (!ms->panic_task_regs[bt->tc->processor].sp && 37 | @@ -3713,8 +3719,11 @@ try_kernel: 38 | } 39 | 40 | if (arm64_in_kdump_text(bt, frame) || 41 | - arm64_in_kdump_text_on_irq_stack(bt)) 42 | + arm64_in_kdump_text_on_irq_stack(bt)) { 43 | bt->flags |= BT_KDUMP_ADJUST; 44 | + if (skip && is_idle_thread(bt->task)) 45 | + bt->flags |= BT_SKIP_IDLE; 46 | + } 47 | 48 | return TRUE; 49 | } 50 | @@ -3738,10 +3747,14 @@ arm64_get_stack_frame(struct bt_info *bt, ulong *pcp, ulong *spp) 51 | int ret; 52 | struct arm64_stackframe stackframe = { 0 }; 53 | 54 | - if (DUMPFILE() && is_task_active(bt->task)) 55 | + if (DUMPFILE() && is_task_active(bt->task)) { 56 | ret = arm64_get_dumpfile_stackframe(bt, &stackframe); 57 | - else 58 | + } else { 59 | + if (bt->flags & BT_SKIP_IDLE) 60 | + bt->flags &= ~BT_SKIP_IDLE; 61 | + 62 | ret = arm64_get_stackframe(bt, &stackframe); 63 | + } 64 | 65 | if (!ret) 66 | error(WARNING, 67 | diff --git a/help.c b/help.c 68 | index e1bbc5abe029..99214c1590fa 100644 69 | --- a/help.c 70 | +++ b/help.c 71 | @@ -1915,7 +1915,7 @@ char *help_bt[] = { 72 | " -a displays the stack traces of the active task on each CPU.", 73 | " (only applicable to crash dumps)", 74 | " -A same as -a, but also displays vector registers (S390X only).", 75 | -" -n idle filter the stack of idle tasks (x86_64).", 76 | +" -n idle filter the stack of idle tasks (x86_64, arm64).", 77 | " (only applicable to crash dumps)", 78 | " -p display the stack trace of the panic task only.", 79 | " (only applicable to crash dumps)", 80 | diff --git a/kernel.c b/kernel.c 81 | index 411e9da1e54f..a521ef30cdb0 100644 82 | --- a/kernel.c 83 | +++ b/kernel.c 84 | @@ -2673,7 +2673,8 @@ cmd_bt(void) 85 | break; 86 | 87 | case 'n': 88 | - if (machine_type("X86_64") && STREQ(optarg, "idle")) 89 | + if ((machine_type("X86_64") || machine_type("ARM64")) && 90 | + STREQ(optarg, "idle")) 91 | bt->flags |= BT_SKIP_IDLE; 92 | else 93 | option_not_supported(c); 94 | -- 95 | 2.30.2 96 | 97 | -------------------------------------------------------------------------------- /SOURCES/0009-arm64-Fix-for-st-_stext_vmlinux-not-initialized-when.patch: -------------------------------------------------------------------------------- 1 | From b077c3569788f5eb5ddf85bf41026b452d253a90 Mon Sep 17 00:00:00 2001 2 | From: Qianli Zhao 3 | Date: Mon, 4 Jul 2022 16:40:01 +0800 4 | Subject: [PATCH 09/28] arm64: Fix for st->_stext_vmlinux not initialized when 5 | set VA_BITS_ACTUAL 6 | 7 | Setting st->_stext_vmlinux to UNINITIALIZED to search for "_stext" 8 | from the vmlinux. In the scenario where kaslr is disabled and 9 | without vmcoreinfo, crash will get the wrong MODULES/VMALLOC ranges 10 | and cause a failure in parsing a raw RAM dumpfile. 11 | 12 | Signed-off-by: Qianli Zhao 13 | Signed-off-by: Lianbo Jiang 14 | --- 15 | arm64.c | 8 ++++++++ 16 | 1 file changed, 8 insertions(+) 17 | 18 | diff --git a/arm64.c b/arm64.c 19 | index 0f615cf52bef..b6b7aa11f4fe 100644 20 | --- a/arm64.c 21 | +++ b/arm64.c 22 | @@ -149,6 +149,14 @@ arm64_init(int when) 23 | 24 | ms = machdep->machspec; 25 | 26 | + /* 27 | + * The st->_stext_vmlinux is needed in arm64_init(PRE_GDB) when a 28 | + * dumpfile does not have vmcoreinfo and we use -m vabits_actual 29 | + * option, e.g. a raw RAM dumpfile. 30 | + */ 31 | + if (ms->VA_BITS_ACTUAL) 32 | + st->_stext_vmlinux = UNINITIALIZED; 33 | + 34 | if (!ms->kimage_voffset && STREQ(pc->live_memsrc, "/dev/crash")) 35 | ioctl(pc->mfd, DEV_CRASH_ARCH_DATA, &ms->kimage_voffset); 36 | 37 | -- 38 | 2.37.1 39 | 40 | -------------------------------------------------------------------------------- /SOURCES/0010-Fix-gcc-11-compiler-warnings-on-filesys.c.patch: -------------------------------------------------------------------------------- 1 | From 6132fe21e0d5f2951c860f8850aeaacf1588dfb0 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 22 Jul 2022 13:44:50 +0900 4 | Subject: [PATCH 10/28] Fix gcc-11 compiler warnings on filesys.c 5 | 6 | Without the patch, the following gcc-11 compiler warnings are emitted 7 | for filesys.c: 8 | 9 | filesys.c: In function 'mount_point': 10 | filesys.c:718:17: warning: 'pclose' called on pointer returned from a mismatched allocation function [-Wmismatched-dealloc] 11 | 718 | pclose(mp); 12 | | ^~~~~~~~~~ 13 | filesys.c:709:27: note: returned from 'fopen' 14 | 709 | if ((mp = fopen(mntfile, "r")) == NULL) 15 | | ^~~~~~~~~~~~~~~~~~~ 16 | filesys.c:738:17: warning: 'pclose' called on pointer returned from a mismatched allocation function [-Wmismatched-dealloc] 17 | 738 | pclose(mp); 18 | | ^~~~~~~~~~ 19 | filesys.c:723:27: note: returned from 'fopen' 20 | 723 | if ((mp = fopen(mntfile, "r")) == NULL) 21 | | ^~~~~~~~~~~~~~~~~~~ 22 | 23 | Signed-off-by: Kazuhito Hagio 24 | Signed-off-by: Lianbo Jiang 25 | --- 26 | filesys.c | 4 ++-- 27 | 1 file changed, 2 insertions(+), 2 deletions(-) 28 | 29 | diff --git a/filesys.c b/filesys.c 30 | index 43cbe826fc79..a863f04eb250 100644 31 | --- a/filesys.c 32 | +++ b/filesys.c 33 | @@ -715,7 +715,7 @@ mount_point(char *name) 34 | continue; 35 | found++; 36 | } 37 | - pclose(mp); 38 | + fclose(mp); 39 | 40 | if (!(mount_points = (char **)malloc(sizeof(char *) * found))) 41 | return FALSE; 42 | @@ -735,7 +735,7 @@ mount_point(char *name) 43 | mount_points_gathered++, i++; 44 | } 45 | } 46 | - pclose(mp); 47 | + fclose(mp); 48 | 49 | if (CRASHDEBUG(2)) 50 | for (i = 0; i < mount_points_gathered; i++) 51 | -- 52 | 2.37.1 53 | 54 | -------------------------------------------------------------------------------- /SOURCES/0011-Fix-gcc-11-compiler-warning-on-symbols.c.patch: -------------------------------------------------------------------------------- 1 | From 98484914b7f4ba34da0625baa0ed6d449c1fa3ad Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 22 Jul 2022 13:44:50 +0900 4 | Subject: [PATCH 11/28] Fix gcc-11 compiler warning on symbols.c 5 | 6 | Without the patch, the following gcc-11 compiler warning is emitted for 7 | symbols.c: 8 | 9 | symbols.c: In function 'cmd_p': 10 | symbols.c:7412:38: warning: writing 1 byte into a region of size 0 [-Wstringop-overflow=] 11 | 7412 | *(cpuspec-1) = ':'; 12 | | ~~~~~~~~~~~~~^~~~~ 13 | 14 | Signed-off-by: Kazuhito Hagio 15 | Signed-off-by: Lianbo Jiang 16 | --- 17 | symbols.c | 6 +++--- 18 | 1 file changed, 3 insertions(+), 3 deletions(-) 19 | 20 | diff --git a/symbols.c b/symbols.c 21 | index 69004a2e66e3..a94660538492 100644 22 | --- a/symbols.c 23 | +++ b/symbols.c 24 | @@ -7363,7 +7363,7 @@ cmd_p(void) 25 | unsigned radix; 26 | int do_load_module_filter; 27 | char buf1[BUFSIZE]; 28 | - char *cpuspec; 29 | + char *cpuspec, *p; 30 | 31 | do_load_module_filter = radix = 0; 32 | 33 | @@ -7398,7 +7398,7 @@ cmd_p(void) 34 | if (argerrs || !args[optind]) 35 | cmd_usage(pc->curcmd, SYNOPSIS); 36 | 37 | - cpuspec = strrchr(args[optind], ':'); 38 | + p = cpuspec = strrchr(args[optind], ':'); 39 | if (cpuspec) 40 | *cpuspec++ = NULLCHAR; 41 | 42 | @@ -7421,7 +7421,7 @@ cmd_p(void) 43 | sp->name); 44 | else 45 | /* maybe a valid C expression (e.g. ':') */ 46 | - *(cpuspec-1) = ':'; 47 | + *p = ':'; 48 | } 49 | 50 | process_gdb_output(concat_args(buf1, 0, TRUE), radix, 51 | -- 52 | 2.37.1 53 | 54 | -------------------------------------------------------------------------------- /SOURCES/0012-Doc-update-man-page-for-the-bpf-and-sbitmapq-command.patch: -------------------------------------------------------------------------------- 1 | From c672d7a4c290712b32c54329cbdc1e74d122e813 Mon Sep 17 00:00:00 2001 2 | From: Lianbo Jiang 3 | Date: Mon, 6 Jun 2022 19:09:16 +0800 4 | Subject: [PATCH 12/18] Doc: update man page for the "bpf" and "sbitmapq" 5 | commands 6 | 7 | The information of the "bpf" and "sbitmapq" commands is missing in the man 8 | page of the crash utility. Let's add it to the man page. 9 | 10 | Signed-off-by: Lianbo Jiang 11 | --- 12 | crash.8 | 8 ++++++++ 13 | 1 file changed, 8 insertions(+) 14 | 15 | diff --git a/crash.8 b/crash.8 16 | index 1f3657b11e4c..e553a0b4adb3 100644 17 | --- a/crash.8 18 | +++ b/crash.8 19 | @@ -584,6 +584,9 @@ creates a single-word alias for a command. 20 | .I ascii 21 | displays an ascii chart or translates a numeric value into its ascii components. 22 | .TP 23 | +.I bpf 24 | +provides information on currently-loaded eBPF programs and maps. 25 | +.TP 26 | .I bt 27 | displays a task's kernel-stack backtrace. If it is given the 28 | .I \-a 29 | @@ -706,6 +709,11 @@ number of seconds between each command execution. 30 | .I runq 31 | displays the tasks on the run queue. 32 | .TP 33 | +.I sbitmapq 34 | +dumps the contents of the sbitmap_queue structure and the used 35 | +bits in the bitmap. Also, it shows the dump of a structure array 36 | +associated with the sbitmap_queue. 37 | +.TP 38 | .I search 39 | searches a range of user or kernel memory space for given value. 40 | .TP 41 | -- 42 | 2.30.2 43 | 44 | -------------------------------------------------------------------------------- /SOURCES/0012-Fix-gcc-11-compiler-warning-on-makedumpfile.c.patch: -------------------------------------------------------------------------------- 1 | From 9bb8a48d9424fc00ccd073125cdee9613b389cc6 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 22 Jul 2022 13:44:50 +0900 4 | Subject: [PATCH 12/28] Fix gcc-11 compiler warning on makedumpfile.c 5 | 6 | Without the patch, the following gcc-11 compiler warning is emitted for 7 | makedumpfile.c: 8 | 9 | In function 'flattened_format_get_osrelease', 10 | inlined from 'check_flattened_format' at makedumpfile.c:236:3: 11 | makedumpfile.c:392:9: warning: 'fclose' called on pointer returned from a mismatched allocation function [-Wmismatched-dealloc] 12 | 392 | fclose(pipe); 13 | | ^~~~~~~~~~~~ 14 | makedumpfile.c: In function 'check_flattened_format': 15 | makedumpfile.c:380:21: note: returned from 'popen' 16 | 380 | if ((pipe = popen(buf, "r")) == NULL) 17 | | ^~~~~~~~~~~~~~~ 18 | 19 | Signed-off-by: Kazuhito Hagio 20 | Signed-off-by: Lianbo Jiang 21 | --- 22 | makedumpfile.c | 2 +- 23 | 1 file changed, 1 insertion(+), 1 deletion(-) 24 | 25 | diff --git a/makedumpfile.c b/makedumpfile.c 26 | index ebf24f56da2c..26d12b638ecd 100644 27 | --- a/makedumpfile.c 28 | +++ b/makedumpfile.c 29 | @@ -389,5 +389,5 @@ flattened_format_get_osrelease(char *file) 30 | } 31 | } 32 | 33 | - fclose(pipe); 34 | + pclose(pipe); 35 | } 36 | -- 37 | 2.37.1 38 | 39 | -------------------------------------------------------------------------------- /SOURCES/0013-Fix-gcc-11-compiler-warning-on-kvmdump.c.patch: -------------------------------------------------------------------------------- 1 | From 75739a08e952b6bd7434f4625a8fbe921361cbe8 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 22 Jul 2022 13:44:50 +0900 4 | Subject: [PATCH 13/28] Fix gcc-11 compiler warning on kvmdump.c 5 | 6 | Without the patch, the following gcc-11 compiler warning is emitted for 7 | kvmdump.c: 8 | 9 | In function 'write_mapfile_registers', 10 | inlined from 'write_mapfile_trailer' at kvmdump.c:947:3, 11 | inlined from 'kvmdump_init' at kvmdump.c:145:4: 12 | kvmdump.c:972:13: warning: 'write' reading 8 bytes from a region of size 4 [-Wstringop-overread] 13 | 972 | if (write(kvm->mapfd, &kvm->cpu_devices, sizeof(uint64_t)) != sizeof(uint64_t)) 14 | | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 15 | In file included from kvmdump.c:19: 16 | kvmdump.c: In function 'kvmdump_init': 17 | kvmdump.h:67:18: note: source object 'cpu_devices' of size 4 18 | 67 | uint32_t cpu_devices; 19 | | ^~~~~~~~~~~ 20 | In file included from defs.h:26, 21 | from kvmdump.c:18: 22 | /usr/include/unistd.h:378:16: note: in a call to function 'write' declared with attribute 'access (read_only, 2, 3)' 23 | 378 | extern ssize_t write (int __fd, const void *__buf, size_t __n) __wur 24 | | ^~~~~ 25 | 26 | Signed-off-by: Kazuhito Hagio 27 | Signed-off-by: Lianbo Jiang 28 | --- 29 | kvmdump.c | 2 +- 30 | kvmdump.h | 2 +- 31 | 2 files changed, 2 insertions(+), 2 deletions(-) 32 | 33 | diff --git a/kvmdump.c b/kvmdump.c 34 | index 4db96bd844e9..e515bf0ce9a1 100644 35 | --- a/kvmdump.c 36 | +++ b/kvmdump.c 37 | @@ -297,7 +297,7 @@ kvmdump_memory_dump(FILE *ofp) 38 | (ulonglong)kvm->page_cache[i].paddr); 39 | } 40 | 41 | - fprintf(ofp, " cpu_devices: %d\n", kvm->cpu_devices); 42 | + fprintf(ofp, " cpu_devices: %ld\n", kvm->cpu_devices); 43 | fprintf(ofp, " iohole: %llx (%llx - %llx)\n", 44 | (ulonglong)kvm->iohole, 0x100000000ULL - kvm->iohole, 45 | 0x100000000ULL); 46 | diff --git a/kvmdump.h b/kvmdump.h 47 | index 07e047bb171c..2e408aebef0b 100644 48 | --- a/kvmdump.h 49 | +++ b/kvmdump.h 50 | @@ -64,7 +64,7 @@ struct kvmdump_data { 51 | ulong compresses; 52 | uint64_t kvbase; 53 | ulong *debug; 54 | - uint32_t cpu_devices; 55 | + uint64_t cpu_devices; 56 | struct register_set *registers; 57 | uint64_t iohole; 58 | }; 59 | -- 60 | 2.37.1 61 | 62 | -------------------------------------------------------------------------------- /SOURCES/0013-sbitmapq-Fix-for-sbitmap_queue-without-ws_active-mem.patch: -------------------------------------------------------------------------------- 1 | From 9ce31a14d1083cbb2beb4a8e6eb7b88234b79a99 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 10 Jun 2022 11:49:47 +0900 4 | Subject: [PATCH 13/18] sbitmapq: Fix for sbitmap_queue without ws_active 5 | member 6 | 7 | The sbitmap_queue.ws_active member was added by kernel commit 5d2ee7122c73 8 | ("sbitmap: optimize wakeup check") at Linux 5.0. Without the patch, on 9 | earlier kernels the "sbitmapq" command fails with the following error: 10 | 11 | crash> sbitmapq ffff8f1a3611cf10 12 | 13 | sbitmapq: invalid structure member offset: sbitmap_queue_ws_active 14 | FILE: sbitmap.c LINE: 393 FUNCTION: sbitmap_queue_context_load() 15 | 16 | Signed-off-by: Kazuhito Hagio 17 | Signed-off-by: Lianbo Jiang 18 | --- 19 | sbitmap.c | 6 ++++-- 20 | 1 file changed, 4 insertions(+), 2 deletions(-) 21 | 22 | diff --git a/sbitmap.c b/sbitmap.c 23 | index e8ebd62fe01c..152c28e6875f 100644 24 | --- a/sbitmap.c 25 | +++ b/sbitmap.c 26 | @@ -325,7 +325,8 @@ static void sbitmap_queue_show(const struct sbitmap_queue_context *sqc, 27 | 28 | fprintf(fp, "wake_batch = %u\n", sqc->wake_batch); 29 | fprintf(fp, "wake_index = %d\n", sqc->wake_index); 30 | - fprintf(fp, "ws_active = %d\n", sqc->ws_active); 31 | + if (VALID_MEMBER(sbitmap_queue_ws_active)) /* 5.0 and later */ 32 | + fprintf(fp, "ws_active = %d\n", sqc->ws_active); 33 | 34 | sbq_wait_state_size = SIZE(sbq_wait_state); 35 | wait_cnt_off = OFFSET(sbq_wait_state_wait_cnt); 36 | @@ -380,7 +381,8 @@ static void sbitmap_queue_context_load(ulong addr, struct sbitmap_queue_context 37 | sqc->wake_batch = UINT(sbitmap_queue_buf + OFFSET(sbitmap_queue_wake_batch)); 38 | sqc->wake_index = INT(sbitmap_queue_buf + OFFSET(sbitmap_queue_wake_index)); 39 | sqc->ws_addr = ULONG(sbitmap_queue_buf + OFFSET(sbitmap_queue_ws)); 40 | - sqc->ws_active = INT(sbitmap_queue_buf + OFFSET(sbitmap_queue_ws_active)); 41 | + if (VALID_MEMBER(sbitmap_queue_ws_active)) 42 | + sqc->ws_active = INT(sbitmap_queue_buf + OFFSET(sbitmap_queue_ws_active)); 43 | if (VALID_MEMBER(sbitmap_queue_round_robin)) 44 | sqc->round_robin = BOOL(sbitmap_queue_buf + OFFSET(sbitmap_queue_round_robin)); 45 | sqc->min_shallow_depth = UINT(sbitmap_queue_buf + OFFSET(sbitmap_queue_min_shallow_depth)); 46 | -- 47 | 2.30.2 48 | 49 | -------------------------------------------------------------------------------- /SOURCES/0015-Makefile-Fix-unnecessary-re-patching-with-coreutils-.patch: -------------------------------------------------------------------------------- 1 | From 619e36c18791333ee3a7fea759ce20396e711a46 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Mon, 22 Aug 2022 11:59:46 +0900 4 | Subject: [PATCH 15/28] Makefile: Fix unnecessary re-patching with 5 | coreutils-9.0 6 | 7 | "sum" command in coreutils-9.0 (e.g. Fedora 36) started to output a file 8 | name. As a result, "make" always detects a change of gdb-10.2.patch 9 | wrongly and re-applies it unnecessarily. 10 | 11 | Use standard input to fix it and "md5sum" to improve detection. 12 | 13 | Signed-off-by: Kazuhito Hagio 14 | Signed-off-by: Lianbo Jiang 15 | --- 16 | Makefile | 2 +- 17 | 1 file changed, 1 insertion(+), 1 deletion(-) 18 | 19 | diff --git a/Makefile b/Makefile 20 | index 059759b3e4ab..dd81df6c198c 100644 21 | --- a/Makefile 22 | +++ b/Makefile 23 | @@ -269,7 +269,7 @@ rebuild: 24 | @if [ ! -f ${GDB}/${GDB}.patch ]; then \ 25 | touch ${GDB}/${GDB}.patch; fi 26 | @if [ -f ${GDB}.patch ] && [ -s ${GDB}.patch ] && \ 27 | - [ "`sum ${GDB}.patch`" != "`sum ${GDB}/${GDB}.patch`" ]; then \ 28 | + [ "`md5sum < ${GDB}.patch`" != "`md5sum < ${GDB}/${GDB}.patch`" ]; then \ 29 | (sh -x ${GDB}.patch ${TARGET}; patch -N -p0 -r- --fuzz=0 < ${GDB}.patch; cp ${GDB}.patch ${GDB}; cd ${GDB}; \ 30 | $(MAKE) CRASH_TARGET=${TARGET}) \ 31 | else (cd ${GDB}/gdb; $(MAKE) CRASH_TARGET=${TARGET}); fi 32 | -- 33 | 2.37.1 34 | 35 | -------------------------------------------------------------------------------- /SOURCES/0015-sbitmapq-Fix-for-sbitmap_queue-without-min_shallow_d.patch: -------------------------------------------------------------------------------- 1 | From 12fe6c7cdd768f87ce6e903a2bbfb0c0591585c5 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 10 Jun 2022 11:49:47 +0900 4 | Subject: [PATCH 15/18] sbitmapq: Fix for sbitmap_queue without 5 | min_shallow_depth member 6 | 7 | The sbitmap_queue.min_shallow_depth member was added by kernel commit 8 | a327553965de ("sbitmap: fix missed wakeups caused by sbitmap_queue_get_shallow()") 9 | at Linux 4.18. Without the patch, on earlier kernels the "sbitmapq" 10 | command fails with the following error: 11 | 12 | crash> sbitmapq ffff89bb7638ee50 13 | 14 | sbitmapq: invalid structure member offset: sbitmap_queue_min_shallow_depth 15 | FILE: sbitmap.c LINE: 398 FUNCTION: sbitmap_queue_context_load() 16 | 17 | Signed-off-by: Kazuhito Hagio 18 | Signed-off-by: Lianbo Jiang 19 | --- 20 | sbitmap.c | 6 ++++-- 21 | 1 file changed, 4 insertions(+), 2 deletions(-) 22 | 23 | diff --git a/sbitmap.c b/sbitmap.c 24 | index c9f7209f9e3e..bb2f19e6207b 100644 25 | --- a/sbitmap.c 26 | +++ b/sbitmap.c 27 | @@ -371,7 +371,8 @@ static void sbitmap_queue_show(const struct sbitmap_queue_context *sqc, 28 | else if (VALID_MEMBER(sbitmap_round_robin)) /* 5.13 and later */ 29 | fprintf(fp, "round_robin = %d\n", sc->round_robin); 30 | 31 | - fprintf(fp, "min_shallow_depth = %u\n", sqc->min_shallow_depth); 32 | + if (VALID_MEMBER(sbitmap_queue_min_shallow_depth)) /* 4.18 and later */ 33 | + fprintf(fp, "min_shallow_depth = %u\n", sqc->min_shallow_depth); 34 | } 35 | 36 | static void sbitmap_queue_context_load(ulong addr, struct sbitmap_queue_context *sqc) 37 | @@ -395,7 +396,8 @@ static void sbitmap_queue_context_load(ulong addr, struct sbitmap_queue_context 38 | sqc->ws_active = INT(sbitmap_queue_buf + OFFSET(sbitmap_queue_ws_active)); 39 | if (VALID_MEMBER(sbitmap_queue_round_robin)) 40 | sqc->round_robin = BOOL(sbitmap_queue_buf + OFFSET(sbitmap_queue_round_robin)); 41 | - sqc->min_shallow_depth = UINT(sbitmap_queue_buf + OFFSET(sbitmap_queue_min_shallow_depth)); 42 | + if (VALID_MEMBER(sbitmap_queue_min_shallow_depth)) 43 | + sqc->min_shallow_depth = UINT(sbitmap_queue_buf + OFFSET(sbitmap_queue_min_shallow_depth)); 44 | 45 | FREEBUF(sbitmap_queue_buf); 46 | } 47 | -- 48 | 2.30.2 49 | 50 | -------------------------------------------------------------------------------- /SOURCES/0016-Make-dev-d-D-options-parse-sbitmap-on-Linux-4.18-and.patch: -------------------------------------------------------------------------------- 1 | From c07068266b41450ca6821ee0a1a3adf34206015f Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 10 Jun 2022 15:21:53 +0900 4 | Subject: [PATCH 16/18] Make "dev -d|-D" options parse sbitmap on Linux 4.18 5 | and later 6 | 7 | There have been a few reports that the "dev -d|-D" options displayed 8 | incorrect I/O stats due to racy blk_mq_ctx.rq_* counters. To fix it, 9 | make the options parse sbitmap to count I/O stats on Linux 4.18 and 10 | later kernels, which include RHEL8 ones. 11 | 12 | To do this, adjust to the blk_mq_tags structure of Linux 5.10 through 13 | 5.15 kernels, which contain kernel commit 222a5ae03cdd ("blk-mq: Use 14 | pointers for blk_mq_tags bitmap tags") and do not contain ae0f1a732f4a 15 | ("blk-mq: Stop using pointers for blk_mq_tags bitmap tags"). 16 | 17 | Signed-off-by: Kazuhito Hagio 18 | Signed-off-by: Lianbo Jiang 19 | --- 20 | dev.c | 25 +++++++++++++++++++++++-- 21 | 1 file changed, 23 insertions(+), 2 deletions(-) 22 | 23 | diff --git a/dev.c b/dev.c 24 | index 0172c83ffaea..db97f8aebdc2 100644 25 | --- a/dev.c 26 | +++ b/dev.c 27 | @@ -4339,6 +4339,10 @@ static void bt_for_each(ulong q, ulong tags, ulong sbq, uint reserved, uint nr_r 28 | static void queue_for_each_hw_ctx(ulong q, ulong *hctx, uint cnt, struct diskio *dio) 29 | { 30 | uint i; 31 | + int bitmap_tags_is_ptr = 0; 32 | + 33 | + if (MEMBER_TYPE("blk_mq_tags", "bitmap_tags") == TYPE_CODE_PTR) 34 | + bitmap_tags_is_ptr = 1; 35 | 36 | for (i = 0; i < cnt; i++) { 37 | ulong addr = 0, tags = 0; 38 | @@ -4357,9 +4361,17 @@ static void queue_for_each_hw_ctx(ulong q, ulong *hctx, uint cnt, struct diskio 39 | 40 | if (nr_reserved_tags) { 41 | addr = tags + OFFSET(blk_mq_tags_breserved_tags); 42 | + if (bitmap_tags_is_ptr && 43 | + !readmem(addr, KVADDR, &addr, sizeof(ulong), 44 | + "blk_mq_tags.bitmap_tags", RETURN_ON_ERROR)) 45 | + break; 46 | bt_for_each(q, tags, addr, 1, nr_reserved_tags, dio); 47 | } 48 | addr = tags + OFFSET(blk_mq_tags_bitmap_tags); 49 | + if (bitmap_tags_is_ptr && 50 | + !readmem(addr, KVADDR, &addr, sizeof(ulong), 51 | + "blk_mq_tags.bitmap_tags", RETURN_ON_ERROR)) 52 | + break; 53 | bt_for_each(q, tags, addr, 0, nr_reserved_tags, dio); 54 | } 55 | } 56 | @@ -4423,14 +4435,23 @@ get_mq_diskio(unsigned long q, unsigned long *mq_count) 57 | unsigned long mctx_addr; 58 | struct diskio tmp = {0}; 59 | 60 | - if (INVALID_MEMBER(blk_mq_ctx_rq_dispatched) || 61 | - INVALID_MEMBER(blk_mq_ctx_rq_completed)) { 62 | + /* 63 | + * Currently this function does not support old blk-mq implementation 64 | + * before 12f5b9314545 ("blk-mq: Remove generation seqeunce"), so 65 | + * filter them out. 66 | + */ 67 | + if (VALID_MEMBER(request_state)) { 68 | + if (CRASHDEBUG(1)) 69 | + fprintf(fp, "mq: using sbitmap\n"); 70 | get_mq_diskio_from_hw_queues(q, &tmp); 71 | mq_count[0] = tmp.read; 72 | mq_count[1] = tmp.write; 73 | return; 74 | } 75 | 76 | + if (CRASHDEBUG(1)) 77 | + fprintf(fp, "mq: using blk_mq_ctx.rq_{completed,dispatched} counters\n"); 78 | + 79 | readmem(q + OFFSET(request_queue_queue_ctx), KVADDR, &queue_ctx, 80 | sizeof(ulong), "request_queue.queue_ctx", 81 | FAULT_ON_ERROR); 82 | -- 83 | 2.30.2 84 | 85 | -------------------------------------------------------------------------------- /SOURCES/0016-arm64-use-TCR_EL1_T1SZ-to-get-the-correct-info-if-va.patch: -------------------------------------------------------------------------------- 1 | From 28a41ec7a471474094d8ab39f3a69b44d0f9ebcf Mon Sep 17 00:00:00 2001 2 | From: Huang Shijie 3 | Date: Mon, 22 Aug 2022 09:29:32 +0000 4 | Subject: [PATCH 16/28] arm64: use TCR_EL1_T1SZ to get the correct info if 5 | vabits_actual is missing 6 | 7 | After kernel commit 0d9b1ffefabe ("arm64: mm: make vabits_actual a build 8 | time constant if possible"), the vabits_actual is not compiled to kernel 9 | symbols when "VA_BITS > 48" is false. 10 | 11 | So the crash will not find the vabits_actual symbol, and it will fail 12 | in the end like this: 13 | 14 | # ./crash 15 | ... 16 | WARNING: VA_BITS: calculated: 46 vmcoreinfo: 48 17 | crash: invalid kernel virtual address: ffff88177ffff000 type: "pud page" 18 | 19 | This patch introduces the arm64_set_va_bits_by_tcr(), and if crash cannot 20 | find vabits_actual symbol, it will use the TCR_EL1_T1SZ register to get 21 | the correct VA_BITS_ACTUAL/VA_BITS/VA_START. 22 | 23 | Tested this patch with: 24 | 1.) the live mode with /proc/kcore 25 | 2.) the kdump file with /proc/vmcore. 26 | 27 | Signed-off-by: Huang Shijie 28 | Signed-off-by: Lianbo Jiang 29 | --- 30 | arm64.c | 51 ++++++++++++++++++++++++++++++++++----------------- 31 | 1 file changed, 34 insertions(+), 17 deletions(-) 32 | 33 | diff --git a/arm64.c b/arm64.c 34 | index b6b7aa11f4fe..c3e26a371a61 100644 35 | --- a/arm64.c 36 | +++ b/arm64.c 37 | @@ -4586,6 +4586,36 @@ arm64_IS_VMALLOC_ADDR(ulong vaddr) 38 | (vaddr >= ms->modules_vaddr && vaddr <= ms->modules_end)); 39 | } 40 | 41 | +/* Return TRUE if we succeed, return FALSE on failure. */ 42 | +static int 43 | +arm64_set_va_bits_by_tcr(void) 44 | +{ 45 | + ulong value; 46 | + char *string; 47 | + 48 | + if ((string = pc->read_vmcoreinfo("NUMBER(TCR_EL1_T1SZ)")) || 49 | + (string = pc->read_vmcoreinfo("NUMBER(tcr_el1_t1sz)"))) { 50 | + /* See ARMv8 ARM for the description of 51 | + * TCR_EL1.T1SZ and how it can be used 52 | + * to calculate the vabits_actual 53 | + * supported by underlying kernel. 54 | + * 55 | + * Basically: 56 | + * vabits_actual = 64 - T1SZ; 57 | + */ 58 | + value = 64 - strtoll(string, NULL, 0); 59 | + if (CRASHDEBUG(1)) 60 | + fprintf(fp, "vmcoreinfo : vabits_actual: %ld\n", value); 61 | + free(string); 62 | + machdep->machspec->VA_BITS_ACTUAL = value; 63 | + machdep->machspec->VA_BITS = value; 64 | + machdep->machspec->VA_START = _VA_START(machdep->machspec->VA_BITS_ACTUAL); 65 | + return TRUE; 66 | + } 67 | + 68 | + return FALSE; 69 | +} 70 | + 71 | static void 72 | arm64_calc_VA_BITS(void) 73 | { 74 | @@ -4616,23 +4646,8 @@ arm64_calc_VA_BITS(void) 75 | } else if (ACTIVE()) 76 | error(FATAL, "cannot determine VA_BITS_ACTUAL: please use /proc/kcore\n"); 77 | else { 78 | - if ((string = pc->read_vmcoreinfo("NUMBER(TCR_EL1_T1SZ)")) || 79 | - (string = pc->read_vmcoreinfo("NUMBER(tcr_el1_t1sz)"))) { 80 | - /* See ARMv8 ARM for the description of 81 | - * TCR_EL1.T1SZ and how it can be used 82 | - * to calculate the vabits_actual 83 | - * supported by underlying kernel. 84 | - * 85 | - * Basically: 86 | - * vabits_actual = 64 - T1SZ; 87 | - */ 88 | - value = 64 - strtoll(string, NULL, 0); 89 | - if (CRASHDEBUG(1)) 90 | - fprintf(fp, "vmcoreinfo : vabits_actual: %ld\n", value); 91 | - free(string); 92 | - machdep->machspec->VA_BITS_ACTUAL = value; 93 | - machdep->machspec->VA_BITS = value; 94 | - machdep->machspec->VA_START = _VA_START(machdep->machspec->VA_BITS_ACTUAL); 95 | + if (arm64_set_va_bits_by_tcr()) { 96 | + /* nothing */ 97 | } else if (machdep->machspec->VA_BITS_ACTUAL) { 98 | machdep->machspec->VA_BITS = machdep->machspec->VA_BITS_ACTUAL; 99 | machdep->machspec->VA_START = _VA_START(machdep->machspec->VA_BITS_ACTUAL); 100 | @@ -4654,6 +4669,8 @@ arm64_calc_VA_BITS(void) 101 | */ 102 | machdep->flags |= FLIPPED_VM; 103 | return; 104 | + } else if (arm64_set_va_bits_by_tcr()) { 105 | + return; 106 | } 107 | 108 | if (!(sp = symbol_search("swapper_pg_dir")) && 109 | -- 110 | 2.37.1 111 | 112 | -------------------------------------------------------------------------------- /SOURCES/0017-Fix-task-R-by-adding-end-identifier-for-union-in-tas.patch: -------------------------------------------------------------------------------- 1 | From c32abfea658ef33c20a942700277cb52baf95bfa Mon Sep 17 00:00:00 2001 2 | From: Tao Liu 3 | Date: Thu, 25 Aug 2022 14:39:44 +0800 4 | Subject: [PATCH 17/28] Fix "task -R" by adding end identifier for union in 5 | task_struct 6 | 7 | Previously, the start and end identifiers for union are " {\n" and 8 | " }, \n". However the end identifier is not always as expected. 9 | " },\n" can also be the end identifier with gdb-10.2. As a result, 10 | variable "randomized" is in incorrect state after union, and fails to 11 | identify the later struct members. For example, we can reproduce the 12 | issue as follows: 13 | 14 | crash> task 15 | PID: 847 TASK: ffff94f8038f4000 CPU: 72 COMMAND: "khungtaskd" 16 | struct task_struct { 17 | thread_info = { 18 | flags = 2148024320, 19 | status = 0, 20 | preempt_lazy_count = 0 21 | }, 22 | { 23 | 24 | }, 25 | ... 26 | wake_entry = { 27 | next = 0x0 28 | }, 29 | ... 30 | 31 | Before patch: 32 | 33 | crash> task -R wake_entry 34 | PID: 847 TASK: ffff94f8038f4000 CPU: 72 COMMAND: "khungtaskd" 35 | 36 | After patch: 37 | 38 | crash> task -R wake_entry 39 | PID: 847 TASK: ffff94f8038f4000 CPU: 72 COMMAND: "khungtaskd" 40 | wake_entry = { 41 | next = 0x0 42 | }, 43 | 44 | Signed-off-by: Tao Liu 45 | Signed-off-by: Lianbo Jiang 46 | --- 47 | task.c | 3 ++- 48 | 1 file changed, 2 insertions(+), 1 deletion(-) 49 | 50 | diff --git a/task.c b/task.c 51 | index 071c787fbfa5..db2abc8106a2 100644 52 | --- a/task.c 53 | +++ b/task.c 54 | @@ -3436,7 +3436,8 @@ parse_task_thread(int argcnt, char *arglist[], struct task_context *tc) { 55 | while (fgets(buf, BUFSIZE, pc->tmpfile)) { 56 | if (STREQ(buf, " {\n")) 57 | randomized = TRUE; 58 | - else if (randomized && STREQ(buf, " }, \n")) 59 | + else if (randomized && 60 | + (STREQ(buf, " }, \n") || STREQ(buf, " },\n"))) 61 | randomized = FALSE; 62 | 63 | if (strlen(lookfor2)) { 64 | -- 65 | 2.37.1 66 | 67 | -------------------------------------------------------------------------------- /SOURCES/0017-sbitmapq-Fix-for-kernels-without-struct-wait_queue_h.patch: -------------------------------------------------------------------------------- 1 | From 6bc3b74c6e2b0aaebe1bc164594e53b010efef56 Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 10 Jun 2022 15:52:34 +0900 4 | Subject: [PATCH 17/18] sbitmapq: Fix for kernels without struct 5 | wait_queue_head 6 | 7 | The current struct wait_queue_head was renamed by kernel commit 8 | 9d9d676f595b ("sched/wait: Standardize internal naming of wait-queue heads") 9 | at Linux 4.13. Without the patch, on earlier kernels the "sbitmapq" 10 | command fails with the following error: 11 | 12 | crash> sbitmapq ffff8801790b3b50 13 | depth = 128 14 | busy = 0 15 | bits_per_word = 32 16 | ... 17 | sbitmapq: invalid structure member offset: wait_queue_head_head 18 | FILE: sbitmap.c LINE: 344 FUNCTION: sbitmap_queue_show() 19 | 20 | Signed-off-by: Kazuhito Hagio 21 | Signed-off-by: Lianbo Jiang 22 | --- 23 | sbitmap.c | 5 ++++- 24 | 1 file changed, 4 insertions(+), 1 deletion(-) 25 | 26 | diff --git a/sbitmap.c b/sbitmap.c 27 | index bb2f19e6207b..be5d30a8ea88 100644 28 | --- a/sbitmap.c 29 | +++ b/sbitmap.c 30 | @@ -341,7 +341,10 @@ static void sbitmap_queue_show(const struct sbitmap_queue_context *sqc, 31 | sbq_wait_state_size = SIZE(sbq_wait_state); 32 | wait_cnt_off = OFFSET(sbq_wait_state_wait_cnt); 33 | wait_off = OFFSET(sbq_wait_state_wait); 34 | - list_head_off = OFFSET(wait_queue_head_head); 35 | + if (VALID_MEMBER(wait_queue_head_head)) /* 4.13 and later */ 36 | + list_head_off = OFFSET(wait_queue_head_head); 37 | + else 38 | + list_head_off = OFFSET(__wait_queue_head_task_list); 39 | 40 | sbq_wait_state_buf = GETBUF(sbq_wait_state_size); 41 | 42 | -- 43 | 2.30.2 44 | 45 | -------------------------------------------------------------------------------- /SOURCES/0018-sbitmapq-Limit-kernels-without-sbitmap-again.patch: -------------------------------------------------------------------------------- 1 | From b8f2ae6b494d706b1e4855b439c4930a6a6a2f5c Mon Sep 17 00:00:00 2001 2 | From: Kazuhito Hagio 3 | Date: Fri, 10 Jun 2022 16:00:14 +0900 4 | Subject: [PATCH 18/18] sbitmapq: Limit kernels without sbitmap again 5 | 6 | commit 364b2e413c69 ("sbitmapq: remove struct and member validation 7 | in sbitmapq_init()") allowed the use of the "sbitmapq" command 8 | unconditionally. Without the patch, the command fails with the 9 | following error on kernels without sbitmap: 10 | 11 | crash> sbitmapq ffff88015796e550 12 | 13 | sbitmapq: invalid structure member offset: sbitmap_queue_sb 14 | FILE: sbitmap.c LINE: 385 FUNCTION: sbitmap_queue_context_load() 15 | 16 | Now the command supports Linux 4.9 and later kernels since it was 17 | abstracted out, so it can be limited by the non-existence of the 18 | sbitmap structure. 19 | 20 | Signed-off-by: Kazuhito Hagio 21 | Signed-off-by: Lianbo Jiang 22 | --- 23 | sbitmap.c | 4 ++++ 24 | 1 file changed, 4 insertions(+) 25 | 26 | diff --git a/sbitmap.c b/sbitmap.c 27 | index be5d30a8ea88..12d6512a1e4d 100644 28 | --- a/sbitmap.c 29 | +++ b/sbitmap.c 30 | @@ -540,6 +540,10 @@ void sbitmapq_init(void) 31 | STRUCT_SIZE_INIT(sbitmap_queue, "sbitmap_queue"); 32 | STRUCT_SIZE_INIT(sbq_wait_state, "sbq_wait_state"); 33 | 34 | + /* sbitmap was abstracted out by commit 88459642cba4 on Linux 4.9. */ 35 | + if (INVALID_SIZE(sbitmap)) 36 | + command_not_supported(); 37 | + 38 | MEMBER_OFFSET_INIT(sbitmap_word_depth, "sbitmap_word", "depth"); 39 | MEMBER_OFFSET_INIT(sbitmap_word_word, "sbitmap_word", "word"); 40 | MEMBER_OFFSET_INIT(sbitmap_word_cleared, "sbitmap_word", "cleared"); 41 | -- 42 | 2.30.2 43 | 44 | -------------------------------------------------------------------------------- /SOURCES/0019-x86_64-Correct-the-identifier-when-locating-the-call.patch: -------------------------------------------------------------------------------- 1 | From 93cd670426aaf4951bceb8f24f0ce63c24e16f5d Mon Sep 17 00:00:00 2001 2 | From: Tao Liu 3 | Date: Wed, 16 Nov 2022 20:09:22 +0800 4 | Subject: [PATCH 19/28] x86_64: Correct the identifier when locating the call 5 | instruction 6 | 7 | The previous implementation to locate the call instruction is 8 | to strstr "call", then check whether the previous char is ' ' 9 | or '\t'. The implementation is problematic. For example it 10 | cannot resolve the following disassembly string: 11 | 12 | "0xffffffffc0995378 :\tcall 0xffffffff8ecfa4c0 \n" 13 | 14 | strstr will locate the "_call" and char check fails, 15 | as a result, extract_hex fails to get the calling address. 16 | 17 | NOTE: the issue is more likely to be reproduced when patch[1] applied. 18 | Because without patch[1], the disassembly string will be as follows, 19 | so the issue is no longer reproducible. 20 | 21 | "0xffffffffc0995378:\tcall 0xffffffff8ecfa4c0 \n" 22 | 23 | Before the patch: 24 | crash> bt 1472 25 | PID: 1472 TASK: ffff8c121fa72f70 CPU: 18 COMMAND: "nfsv4.1-svc" 26 | #0 [ffff8c16231a3db8] __schedule at ffffffff8ecf9ef3 27 | #1 [ffff8c16231a3e40] schedule at ffffffff8ecfa4e9 28 | 29 | After the patch: 30 | crash> bt 1472 31 | PID: 1472 TASK: ffff8c121fa72f70 CPU: 18 COMMAND: "nfsv4.1-svc" 32 | #0 [ffff8c16231a3db8] __schedule at ffffffff8ecf9ef3 33 | #1 [ffff8c16231a3e40] schedule at ffffffff8ecfa4e9 34 | #2 [ffff8c16231a3e50] nfs41_callback_svc at ffffffffc099537d [nfsv4] 35 | #3 [ffff8c16231a3ec8] kthread at ffffffff8e6b966f 36 | #4 [ffff8c16231a3f50] ret_from_fork at ffffffff8ed07898 37 | 38 | This patch fix the issue by strstr "\tcall" and " call", to 39 | locate the correct call instruction. 40 | 41 | [1]: https://listman.redhat.com/archives/crash-utility/2022-August/010085.html 42 | 43 | Signed-off-by: Tao Liu 44 | Signed-off-by: Lianbo Jiang 45 | --- 46 | x86_64.c | 3 +-- 47 | 1 file changed, 1 insertion(+), 2 deletions(-) 48 | 49 | diff --git a/x86_64.c b/x86_64.c 50 | index b2a536e4b19c..292c240e887e 100644 51 | --- a/x86_64.c 52 | +++ b/x86_64.c 53 | @@ -4429,8 +4429,7 @@ x86_64_function_called_by(ulong rip) 54 | if (gdb_pass_through(buf, pc->tmpfile2, GNU_RETURN_ON_ERROR)) { 55 | rewind(pc->tmpfile2); 56 | while (fgets(buf, BUFSIZE, pc->tmpfile2)) { 57 | - if ((p1 = strstr(buf, "callq")) && 58 | - whitespace(*(p1-1))) { 59 | + if ((p1 = strstr(buf, " callq")) || (p1 = strstr(buf, "\tcallq"))) { 60 | if (extract_hex(p1, &value, NULLCHAR, TRUE)) 61 | break; 62 | } 63 | -- 64 | 2.37.1 65 | 66 | -------------------------------------------------------------------------------- /SOURCES/0020-Add-debian-ubuntu-vmlinux-location-to-default-search.patch: -------------------------------------------------------------------------------- 1 | From 931ea86070e9b56bf698ae3a4f20647d42325d6d Mon Sep 17 00:00:00 2001 2 | From: "Chunguang.Xu" 3 | Date: Thu, 25 Aug 2022 12:07:20 +0800 4 | Subject: [PATCH 20/28] Add debian/ubuntu vmlinux location to default search 5 | dirs 6 | 7 | Now crash cannot find debian/ubuntu kernel vmlinux, we need to 8 | explicitly specify the path to vmlinux. Try to add the debian 9 | vmlinux location to default search directories. 10 | 11 | Signed-off-by: Chunguang Xu 12 | Signed-off-by: Lianbo Jiang 13 | --- 14 | filesys.c | 3 ++- 15 | 1 file changed, 2 insertions(+), 1 deletion(-) 16 | 17 | diff --git a/filesys.c b/filesys.c 18 | index a863f04eb250..c2ea78de821d 100644 19 | --- a/filesys.c 20 | +++ b/filesys.c 21 | @@ -319,7 +319,7 @@ match_proc_version(void) 22 | 23 | #define CREATE 1 24 | #define DESTROY 0 25 | -#define DEFAULT_SEARCHDIRS 5 26 | +#define DEFAULT_SEARCHDIRS 6 27 | #define EXTRA_SEARCHDIRS 5 28 | 29 | static char ** 30 | @@ -336,6 +336,7 @@ build_searchdirs(int create, int *preferred) 31 | "/boot/", 32 | "/boot/efi/redhat", 33 | "/boot/efi/EFI/redhat", 34 | + "/usr/lib/debug/boot/", 35 | "/", 36 | NULL 37 | }; 38 | -- 39 | 2.37.1 40 | 41 | -------------------------------------------------------------------------------- /SOURCES/0022-Fix-for-the-invalid-linux_banner-pointer-issue.patch: -------------------------------------------------------------------------------- 1 | From 598377606649ee3cdcc1694d975bed27005612ee Mon Sep 17 00:00:00 2001 2 | From: Lianbo Jiang 3 | Date: Wed, 16 Nov 2022 20:46:48 +0800 4 | Subject: [PATCH 22/28] Fix for the invalid linux_banner pointer issue 5 | 6 | Currently, crash may fail with the following error: 7 | 8 | # ./crash -s vmlinux vmcore 9 | WARNING: invalid linux_banner pointer: 65762078756e694c 10 | crash: vmlinux and vmcore do not match! 11 | 12 | The reason is that the type of the symbol in the data segment may be 13 | defined as 'D' or 'd'. The crash only handled the type 'D', but it 14 | didn't deal with the type 'd'. For example: 15 | 16 | # nm vmlinux | grep linux_banner 17 | ffffffff827cfa80 d linux_banner 18 | 19 | It has been observed that a vmlinux compiled by clang has this type. 20 | Let's add the type 'd' recognition to solve such issue. 21 | 22 | Signed-off-by: Lianbo Jiang 23 | --- 24 | kernel.c | 1 + 25 | 1 file changed, 1 insertion(+) 26 | 27 | diff --git a/kernel.c b/kernel.c 28 | index bd0bf8c6cf03..2a1c1c391414 100644 29 | --- a/kernel.c 30 | +++ b/kernel.c 31 | @@ -1060,6 +1060,7 @@ verify_version(void) 32 | if (!(sp = symbol_search("linux_banner"))) 33 | error(FATAL, "linux_banner symbol does not exist?\n"); 34 | else if ((sp->type == 'R') || (sp->type == 'r') || 35 | + (THIS_KERNEL_VERSION >= LINUX(2,6,11) && (sp->type == 'D' || sp->type == 'd')) || 36 | (machine_type("ARM") && sp->type == 'T') || 37 | (machine_type("ARM64"))) 38 | linux_banner = symbol_value("linux_banner"); 39 | -- 40 | 2.37.1 41 | 42 | -------------------------------------------------------------------------------- /SOURCES/0023-Fix-kmem-failing-to-print-task-context-when-address-.patch: -------------------------------------------------------------------------------- 1 | From 488896b1ab0ca8bc4cc6aa608b6ee1744ae480e7 Mon Sep 17 00:00:00 2001 2 | From: Tao Liu 3 | Date: Mon, 19 Sep 2022 17:49:21 +0800 4 | Subject: [PATCH 23/28] Fix "kmem" failing to print task context when address 5 | is vmalloced stack 6 | 7 | When kernel enabled CONFIG_VMAP_STACK, stack can be allocated to 8 | vmalloced area. Currently crash didn't handle the case, as a result, 9 | "kmem" will not print the task context as expected. This patch fix the 10 | bug by checking if the address is a vmalloced stack first. 11 | 12 | Before: 13 | crash> kmem ffffb7efce9bbe28 14 | VMAP_AREA VM_STRUCT ADDRESS RANGE SIZE 15 | ffff94eb9102c640 ffff94eb9102b140 ffffb7efce9b8000 - ffffb7efce9bd000 20480 16 | 17 | PAGE PHYSICAL MAPPING INDEX CNT FLAGS 18 | ffffdd28220dc000 1883700000 0 0 1 50000000000000 19 | 20 | After: 21 | crash> kmem ffffb7efce9bbe28 22 | PID: 847 23 | COMMAND: "khungtaskd" 24 | TASK: ffff94f8038f4000 [THREAD_INFO: ffff94f8038f4000] 25 | CPU: 72 26 | STATE: TASK_RUNNING (PANIC) 27 | 28 | VMAP_AREA VM_STRUCT ADDRESS RANGE SIZE 29 | ffff94eb9102c640 ffff94eb9102b140 ffffb7efce9b8000 - ffffb7efce9bd000 20480 30 | 31 | PAGE PHYSICAL MAPPING INDEX CNT FLAGS 32 | ffffdd28220dc000 1883700000 0 0 1 50000000000000 33 | 34 | Signed-off-by: Tao Liu 35 | Signed-off-by: Lianbo Jiang 36 | --- 37 | memory.c | 4 ++++ 38 | 1 file changed, 4 insertions(+) 39 | 40 | diff --git a/memory.c b/memory.c 41 | index a31a430e2823..e44b59d2e805 100644 42 | --- a/memory.c 43 | +++ b/memory.c 44 | @@ -13477,6 +13477,10 @@ kmem_search(struct meminfo *mi) 45 | * Check for a valid mapped address. 46 | */ 47 | if ((mi->memtype == KVADDR) && IS_VMALLOC_ADDR(mi->spec_addr)) { 48 | + if ((task = stkptr_to_task(vaddr)) && (tc = task_to_context(task))) { 49 | + show_context(tc); 50 | + fprintf(fp, "\n"); 51 | + } 52 | if (kvtop(NULL, mi->spec_addr, &paddr, 0)) { 53 | mi->flags = orig_flags | VMLIST_VERIFY; 54 | dump_vmlist(mi); 55 | -- 56 | 2.37.1 57 | 58 | -------------------------------------------------------------------------------- /SOURCES/0024-Fix-page-offset-issue-when-converting-physical-to-vi.patch: -------------------------------------------------------------------------------- 1 | From d0726d96b92e5dacd1df56756e168a50a4e62589 Mon Sep 17 00:00:00 2001 2 | From: Tao Liu 3 | Date: Mon, 19 Sep 2022 17:49:22 +0800 4 | Subject: [PATCH 24/28] Fix page offset issue when converting physical to 5 | virtual address 6 | 7 | When trying to convert a physical address to its virtual 8 | address in dump_vmap_area() and dump_vmlist(), the vi->retval 9 | is added by 2 values: the page aligned address "pcheck" 10 | and page offset address "PAGEOFFSET(paddr)". 11 | 12 | However "paddr" is given by "pcheck", is also page aligned, 13 | so "PAGEOFFSET(paddr)" is always 0. 14 | 15 | In this patch, we will use PAGEOFFSET(vi->spec_addr) to give the 16 | page offset, vi->spec_addr is the physical address we'd like 17 | to convert, which contains the correct page offset. 18 | 19 | Signed-off-by: Tao Liu 20 | Signed-off-by: Lianbo Jiang 21 | --- 22 | memory.c | 4 ++-- 23 | 1 file changed, 2 insertions(+), 2 deletions(-) 24 | 25 | diff --git a/memory.c b/memory.c 26 | index e44b59d2e805..a60c3f9493f6 100644 27 | --- a/memory.c 28 | +++ b/memory.c 29 | @@ -8861,7 +8861,7 @@ dump_vmlist(struct meminfo *vi) 30 | (vi->spec_addr < (paddr+PAGESIZE()))) { 31 | if (vi->flags & GET_PHYS_TO_VMALLOC) { 32 | vi->retval = pcheck + 33 | - PAGEOFFSET(paddr); 34 | + PAGEOFFSET(vi->spec_addr); 35 | return; 36 | } else 37 | fprintf(fp, 38 | @@ -9010,7 +9010,7 @@ dump_vmap_area(struct meminfo *vi) 39 | (vi->spec_addr < (paddr+PAGESIZE()))) { 40 | if (vi->flags & GET_PHYS_TO_VMALLOC) { 41 | vi->retval = pcheck + 42 | - PAGEOFFSET(paddr); 43 | + PAGEOFFSET(vi->spec_addr); 44 | FREEBUF(ld->list_ptr); 45 | return; 46 | } else 47 | -- 48 | 2.37.1 49 | 50 | -------------------------------------------------------------------------------- /SOURCES/0025-Let-kmem-print-task-context-with-physical-address.patch: -------------------------------------------------------------------------------- 1 | From 74759e0e9736e86c7d2439bfe74ca5eb51b0a52b Mon Sep 17 00:00:00 2001 2 | From: Tao Liu 3 | Date: Mon, 19 Sep 2022 17:49:23 +0800 4 | Subject: [PATCH 25/28] Let "kmem" print task context with physical address 5 | 6 | Patch [1] enables "kmem" to print task context if the given virtual 7 | address is a vmalloced stack. 8 | 9 | This patch lets "kmem" print task context also when the given address 10 | is a physical address. 11 | 12 | Before: 13 | crash> kmem 1883700e28 14 | VMAP_AREA VM_STRUCT ADDRESS RANGE SIZE 15 | ffff94eb9102c640 ffff94eb9102b140 ffffb7efce9b8000 - ffffb7efce9bd000 20480 16 | 17 | PAGE PHYSICAL MAPPING INDEX CNT FLAGS 18 | ffffdd28220dc000 1883700000 0 0 1 50000000000000 19 | 20 | After: 21 | crash> kmem 1883700e28 22 | PID: 847 23 | COMMAND: "khungtaskd" 24 | TASK: ffff94f8038f4000 [THREAD_INFO: ffff94f8038f4000] 25 | CPU: 72 26 | STATE: TASK_RUNNING (PANIC) 27 | 28 | VMAP_AREA VM_STRUCT ADDRESS RANGE SIZE 29 | ffff94eb9102c640 ffff94eb9102b140 ffffb7efce9b8000 - ffffb7efce9bd000 20480 30 | 31 | PAGE PHYSICAL MAPPING INDEX CNT FLAGS 32 | ffffdd28220dc000 1883700000 0 0 1 50000000000000 33 | 34 | [1]: https://listman.redhat.com/archives/crash-utility/2022-September/010115.html 35 | 36 | [ kh: squashed the 4/4 patch into 3/4 ] 37 | 38 | Signed-off-by: Tao Liu 39 | Signed-off-by: Kazuhito Hagio 40 | Signed-off-by: Lianbo Jiang 41 | --- 42 | memory.c | 8 ++++++-- 43 | 1 file changed, 6 insertions(+), 2 deletions(-) 44 | 45 | diff --git a/memory.c b/memory.c 46 | index a60c3f9493f6..ff6b571361eb 100644 47 | --- a/memory.c 48 | +++ b/memory.c 49 | @@ -13506,6 +13506,10 @@ kmem_search(struct meminfo *mi) 50 | mi->flags &= ~GET_PHYS_TO_VMALLOC; 51 | 52 | if (mi->retval) { 53 | + if ((task = stkptr_to_task(mi->retval)) && (tc = task_to_context(task))) { 54 | + show_context(tc); 55 | + fprintf(fp, "\n"); 56 | + } 57 | if ((sp = value_search(mi->retval, &offset))) { 58 | show_symbol(sp, offset, 59 | SHOW_LINENUM | SHOW_RADIX()); 60 | @@ -13562,11 +13566,11 @@ kmem_search(struct meminfo *mi) 61 | /* 62 | * Check whether it's a current task or stack address. 63 | */ 64 | - if ((mi->memtype == KVADDR) && (task = vaddr_in_task_struct(vaddr)) && 65 | + if ((mi->memtype & (KVADDR|PHYSADDR)) && (task = vaddr_in_task_struct(vaddr)) && 66 | (tc = task_to_context(task))) { 67 | show_context(tc); 68 | fprintf(fp, "\n"); 69 | - } else if ((mi->memtype == KVADDR) && (task = stkptr_to_task(vaddr)) && 70 | + } else if ((mi->memtype & (KVADDR|PHYSADDR)) && (task = stkptr_to_task(vaddr)) && 71 | (tc = task_to_context(task))) { 72 | show_context(tc); 73 | fprintf(fp, "\n"); 74 | -- 75 | 2.37.1 76 | 77 | -------------------------------------------------------------------------------- /SOURCES/0026-ppc64-still-allow-to-move-on-if-the-emergency-stacks.patch: -------------------------------------------------------------------------------- 1 | From edbd19bb260f7a98bc9e0b49fe2f0b8214885797 Mon Sep 17 00:00:00 2001 2 | From: Lianbo Jiang 3 | Date: Tue, 4 Oct 2022 18:57:11 +0800 4 | Subject: [PATCH 26/28] ppc64: still allow to move on if the emergency stacks 5 | info fails to initialize 6 | 7 | Currently crash will fail and then exit, if the initialization of 8 | the emergency stacks information fails. In real customer environments, 9 | sometimes, a vmcore may be partially damaged, although such vmcores 10 | are rare. For example: 11 | 12 | # ./crash ../3.10.0-1127.18.2.el7.ppc64le/vmcore ../3.10.0-1127.18.2.el7.ppc64le/vmlinux -s 13 | crash: invalid kernel virtual address: 38 type: "paca->emergency_sp" 14 | # 15 | 16 | Lets try to keep loading vmcore if such issues happen, so call 17 | the readmem() with the RETURN_ON_ERROR instead of FAULT_ON_ERROR, 18 | which allows the crash move on. 19 | 20 | Reported-by: Dave Wysochanski 21 | Signed-off-by: Lianbo Jiang 22 | --- 23 | ppc64.c | 18 +++++++++--------- 24 | 1 file changed, 9 insertions(+), 9 deletions(-) 25 | 26 | diff --git a/ppc64.c b/ppc64.c 27 | index 4ea1f7c0c6f8..b95a621d8fe4 100644 28 | --- a/ppc64.c 29 | +++ b/ppc64.c 30 | @@ -1224,13 +1224,13 @@ ppc64_init_paca_info(void) 31 | ulong paca_loc; 32 | 33 | readmem(symbol_value("paca_ptrs"), KVADDR, &paca_loc, sizeof(void *), 34 | - "paca double pointer", FAULT_ON_ERROR); 35 | + "paca double pointer", RETURN_ON_ERROR); 36 | readmem(paca_loc, KVADDR, paca_ptr, sizeof(void *) * kt->cpus, 37 | - "paca pointers", FAULT_ON_ERROR); 38 | + "paca pointers", RETURN_ON_ERROR); 39 | } else if (symbol_exists("paca") && 40 | (get_symbol_type("paca", NULL, NULL) == TYPE_CODE_PTR)) { 41 | readmem(symbol_value("paca"), KVADDR, paca_ptr, sizeof(void *) * kt->cpus, 42 | - "paca pointers", FAULT_ON_ERROR); 43 | + "paca pointers", RETURN_ON_ERROR); 44 | } else { 45 | free(paca_ptr); 46 | return; 47 | @@ -1245,7 +1245,7 @@ ppc64_init_paca_info(void) 48 | for (i = 0; i < kt->cpus; i++) 49 | readmem(paca_ptr[i] + offset, KVADDR, &ms->emergency_sp[i], 50 | sizeof(void *), "paca->emergency_sp", 51 | - FAULT_ON_ERROR); 52 | + RETURN_ON_ERROR); 53 | } 54 | 55 | if (MEMBER_EXISTS("paca_struct", "nmi_emergency_sp")) { 56 | @@ -1256,7 +1256,7 @@ ppc64_init_paca_info(void) 57 | for (i = 0; i < kt->cpus; i++) 58 | readmem(paca_ptr[i] + offset, KVADDR, &ms->nmi_emergency_sp[i], 59 | sizeof(void *), "paca->nmi_emergency_sp", 60 | - FAULT_ON_ERROR); 61 | + RETURN_ON_ERROR); 62 | } 63 | 64 | if (MEMBER_EXISTS("paca_struct", "mc_emergency_sp")) { 65 | @@ -1267,7 +1267,7 @@ ppc64_init_paca_info(void) 66 | for (i = 0; i < kt->cpus; i++) 67 | readmem(paca_ptr[i] + offset, KVADDR, &ms->mc_emergency_sp[i], 68 | sizeof(void *), "paca->mc_emergency_sp", 69 | - FAULT_ON_ERROR); 70 | + RETURN_ON_ERROR); 71 | } 72 | 73 | free(paca_ptr); 74 | @@ -1947,7 +1947,7 @@ ppc64_in_emergency_stack(int cpu, ulong addr, bool verbose) 75 | if (cpu < 0 || cpu >= kt->cpus) 76 | return NONE_STACK; 77 | 78 | - if (ms->emergency_sp) { 79 | + if (ms->emergency_sp && IS_KVADDR(ms->emergency_sp[cpu])) { 80 | top = ms->emergency_sp[cpu]; 81 | base = top - STACKSIZE(); 82 | if (addr >= base && addr < top) { 83 | @@ -1957,7 +1957,7 @@ ppc64_in_emergency_stack(int cpu, ulong addr, bool verbose) 84 | } 85 | } 86 | 87 | - if (ms->nmi_emergency_sp) { 88 | + if (ms->nmi_emergency_sp && IS_KVADDR(ms->nmi_emergency_sp[cpu])) { 89 | top = ms->nmi_emergency_sp[cpu]; 90 | base = top - STACKSIZE(); 91 | if (addr >= base && addr < top) { 92 | @@ -1967,7 +1967,7 @@ ppc64_in_emergency_stack(int cpu, ulong addr, bool verbose) 93 | } 94 | } 95 | 96 | - if (ms->mc_emergency_sp) { 97 | + if (ms->mc_emergency_sp && IS_KVADDR(ms->mc_emergency_sp[cpu])) { 98 | top = ms->mc_emergency_sp[cpu]; 99 | base = top - STACKSIZE(); 100 | if (addr >= base && addr < top) { 101 | -- 102 | 2.37.1 103 | 104 | -------------------------------------------------------------------------------- /SOURCES/0027-Fix-segmentation-fault-in-page_flags_init_from_pagef.patch: -------------------------------------------------------------------------------- 1 | From cdcf2d3f4c69ffa8a29b70120ee4fca6e390123b Mon Sep 17 00:00:00 2001 2 | From: Matias Ezequiel Vara Larsen 3 | Date: Mon, 24 Oct 2022 11:35:29 +0200 4 | Subject: [PATCH 27/28] Fix segmentation fault in 5 | page_flags_init_from_pageflag_names() 6 | 7 | When read_string() fails in page_flags_init_from_pageflag_names(), 8 | error() dereferences the name variable to print the string that the 9 | variable points to. However, name points to a string that is not in 10 | crash's memory-space thus triggering a segmentation fault. 11 | 12 | This patch replaces "%s" in the error message with "%lx" so the address 13 | is printed instead. Also replaces "%ld" for mask with "%lx". 14 | 15 | [ kh: changed the conversion specifiers and commit message ] 16 | 17 | Signed-off-by: Matias Ezequiel Vara Larsen 18 | Signed-off-by: Kazuhito Hagio 19 | Signed-off-by: Lianbo Jiang 20 | --- 21 | memory.c | 2 +- 22 | 1 file changed, 1 insertion(+), 1 deletion(-) 23 | 24 | diff --git a/memory.c b/memory.c 25 | index ff6b571361eb..ddbf458277f0 100644 26 | --- a/memory.c 27 | +++ b/memory.c 28 | @@ -6599,7 +6599,7 @@ page_flags_init_from_pageflag_names(void) 29 | } 30 | 31 | if (!read_string((ulong)name, namebuf, BUFSIZE-1)) { 32 | - error(INFO, "failed to read pageflag_names entry (i: %d name: \"%s\" mask: %ld)\n", 33 | + error(INFO, "failed to read pageflag_names entry (i: %d name: %lx mask: %lx)\n", 34 | i, name, mask); 35 | goto pageflags_fail; 36 | } 37 | -- 38 | 2.37.1 39 | 40 | -------------------------------------------------------------------------------- /SOURCES/0028-Fix-for-ps-vm-commands-to-display-correct-MEM-and-RS.patch: -------------------------------------------------------------------------------- 1 | From 74fe453f2b5ddf1e1571d006d486cb214817a0ed Mon Sep 17 00:00:00 2001 2 | From: Lianbo Jiang 3 | Date: Wed, 9 Nov 2022 14:21:57 +0800 4 | Subject: [PATCH 28/28] Fix for "ps/vm" commands to display correct %MEM and 5 | RSS values 6 | 7 | The ps/vm commands may print the bogus value of the %MEM and RSS, the 8 | reason is that the counter of rss stat is updated in asynchronous manner 9 | and may become negative, when the SPLIT_RSS_COUNTING is enabled in kernel. 10 | 11 | As a result, crash will read it from memory and convert from negative to 12 | unsigned long integer, eventually it overflows and gets a big integer. For 13 | example: 14 | 15 | crash> ps 1393 16 | PID PPID CPU TASK ST %MEM VSZ RSS COMM 17 | 1393 1 24 ffff9584bb542100 RU 541298032135.9 4132 18014398509481908 enlinuxpc64 18 | ^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^ 19 | 20 | This is unexpected, crash needs to correct its value for this case. 21 | 22 | Signed-off-by: Lianbo Jiang 23 | --- 24 | memory.c | 23 ++++++++++++++++++----- 25 | 1 file changed, 18 insertions(+), 5 deletions(-) 26 | 27 | diff --git a/memory.c b/memory.c 28 | index ddbf458277f0..2167281b6039 100644 29 | --- a/memory.c 30 | +++ b/memory.c 31 | @@ -4714,18 +4714,29 @@ get_task_mem_usage(ulong task, struct task_mem_usage *tm) 32 | * Latest kernels have mm_struct.mm_rss_stat[]. 33 | */ 34 | if (VALID_MEMBER(mm_struct_rss_stat)) { 35 | - long anonpages, filepages; 36 | + long anonpages, filepages, count; 37 | 38 | anonpages = tt->anonpages; 39 | filepages = tt->filepages; 40 | - rss += LONG(tt->mm_struct + 41 | + count = LONG(tt->mm_struct + 42 | OFFSET(mm_struct_rss_stat) + 43 | OFFSET(mm_rss_stat_count) + 44 | (filepages * sizeof(long))); 45 | - rss += LONG(tt->mm_struct + 46 | + 47 | + /* 48 | + * The counter is updated in asynchronous manner 49 | + * and may become negative, see: 50 | + * include/linux/mm.h: get_mm_counter() 51 | + */ 52 | + if (count > 0) 53 | + rss += count; 54 | + 55 | + count = LONG(tt->mm_struct + 56 | OFFSET(mm_struct_rss_stat) + 57 | OFFSET(mm_rss_stat_count) + 58 | (anonpages * sizeof(long))); 59 | + if (count > 0) 60 | + rss += count; 61 | } 62 | 63 | /* Check whether SPLIT_RSS_COUNTING is enabled */ 64 | @@ -4769,7 +4780,8 @@ get_task_mem_usage(ulong task, struct task_mem_usage *tm) 65 | RETURN_ON_ERROR)) 66 | continue; 67 | 68 | - rss_cache += sync_rss; 69 | + if (sync_rss > 0) 70 | + rss_cache += sync_rss; 71 | 72 | /* count 1 -> anonpages */ 73 | if (!readmem(first->task + 74 | @@ -4782,7 +4794,8 @@ get_task_mem_usage(ulong task, struct task_mem_usage *tm) 75 | RETURN_ON_ERROR)) 76 | continue; 77 | 78 | - rss_cache += sync_rss; 79 | + if (sync_rss > 0) 80 | + rss_cache += sync_rss; 81 | 82 | if (first == last) 83 | break; 84 | -- 85 | 2.37.1 86 | 87 | -------------------------------------------------------------------------------- /SOURCES/crash-7.3.2.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/crash/41d023ea93ad993b68c6901060299fd7a462d3f0/SOURCES/crash-7.3.2.tar.gz -------------------------------------------------------------------------------- /SOURCES/gdb-7.6.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/yifengyou/crash/41d023ea93ad993b68c6901060299fd7a462d3f0/SOURCES/gdb-7.6.tar.gz -------------------------------------------------------------------------------- /SOURCES/lzo_snappy_zstd.patch: -------------------------------------------------------------------------------- 1 | --- crash-7.3.2/Makefile.orig 2 | +++ crash-7.3.2/Makefile 3 | @@ -253,7 +253,7 @@ all: make_configure 4 | gdb_merge: force 5 | @if [ ! -f ${GDB}/README ]; then \ 6 | $(MAKE) gdb_unzip; fi 7 | - @echo "${LDFLAGS} -lz -ldl -rdynamic" > ${GDB}/gdb/mergelibs 8 | + @echo "${LDFLAGS} -lz -llzo2 -lsnappy -lzstd -ldl -rdynamic" > ${GDB}/gdb/mergelibs 9 | @echo "../../${PROGRAM} ../../${PROGRAM}lib.a" > ${GDB}/gdb/mergeobj 10 | @rm -f ${PROGRAM} 11 | @if [ ! -f ${GDB}/config.status ]; then \ 12 | --- crash-7.3.2/diskdump.c.orig 13 | +++ crash-7.3.2/diskdump.c 14 | @@ -23,6 +23,9 @@ 15 | * GNU General Public License for more details. 16 | */ 17 | 18 | +#define LZO 19 | +#define SNAPPY 20 | +#define ZSTD 21 | #include "defs.h" 22 | #include "diskdump.h" 23 | #include "xen_dom0.h" 24 | -- 25 | -------------------------------------------------------------------------------- /SOURCES/rhel8_build.patch: -------------------------------------------------------------------------------- 1 | --- crash-7.3.2/Makefile.orig 2 | +++ crash-7.3.2/Makefile 3 | @@ -201,7 +201,7 @@ GDB_FLAGS= 4 | # TARGET_CFLAGS will be configured automatically by configure 5 | TARGET_CFLAGS= 6 | 7 | -CRASH_CFLAGS=-g -D${TARGET} ${TARGET_CFLAGS} ${GDB_FLAGS} ${CFLAGS} 8 | +CRASH_CFLAGS=-g -D${TARGET} ${TARGET_CFLAGS} ${GDB_FLAGS} ${CFLAGS} ${CPPFLAGS} -fPIE 9 | 10 | GPL_FILES= 11 | TAR_FILES=${SOURCE_FILES} Makefile ${GPL_FILES} README .rh_rpm_package crash.8 \ 12 | @@ -253,7 +253,7 @@ all: make_configure 13 | gdb_merge: force 14 | @if [ ! -f ${GDB}/README ]; then \ 15 | $(MAKE) gdb_unzip; fi 16 | - @echo "${LDFLAGS} -lz -llzo2 -lsnappy -lzstd -ldl -rdynamic" > ${GDB}/gdb/mergelibs 17 | + @echo "${LDFLAGS} -lz -llzo2 -lsnappy -lzstd -ldl -rdynamic -Wl,-z,now -fpie" > ${GDB}/gdb/mergelibs 18 | @echo "../../${PROGRAM} ../../${PROGRAM}lib.a" > ${GDB}/gdb/mergeobj 19 | @rm -f ${PROGRAM} 20 | @if [ ! -f ${GDB}/config.status ]; then \ 21 | --- crash-7.3.2/configure.c.orig 22 | +++ crash-7.3.2/configure.c 23 | @@ -800,7 +800,8 @@ build_configure(struct supported_gdb_version *sp) 24 | fprintf(fp2, "%s\n", sp->GDB); 25 | sprintf(target_data.gdb_version, "%s", &sp->GDB[4]); 26 | } else if (strncmp(buf, "LDFLAGS=", strlen("LDFLAGS=")) == 0) { 27 | - fprintf(fp2, "LDFLAGS=%s\n", ldflags ? ldflags : ""); 28 | + if (ldflags) 29 | + fprintf(fp2, "LDFLAGS=%s\n", ldflags ? ldflags : ""); 30 | } else 31 | fprintf(fp2, "%s", buf); 32 | 33 | -- 34 | -------------------------------------------------------------------------------- /SOURCES/rhel8_freepointer.patch: -------------------------------------------------------------------------------- 1 | --- crash-7.3.2/memory.c.orig 2 | +++ crash-7.3.2/memory.c 3 | @@ -19412,9 +19412,8 @@ freelist_ptr(struct meminfo *si, ulong ptr, ulong ptr_addr) 4 | if (VALID_MEMBER(kmem_cache_random)) { 5 | /* CONFIG_SLAB_FREELIST_HARDENED */ 6 | 7 | - if (THIS_KERNEL_VERSION >= LINUX(5,7,0)) 8 | - ptr_addr = (sizeof(long) == 8) ? bswap_64(ptr_addr) 9 | - : bswap_32(ptr_addr); 10 | + ptr_addr = (sizeof(long) == 8) ? bswap_64(ptr_addr) 11 | + : bswap_32(ptr_addr); 12 | return (ptr ^ si->random ^ ptr_addr); 13 | } else 14 | return ptr; 15 | -- 16 | fix freepointer issue 17 | -------------------------------------------------------------------------------- /SUMMARY.md: -------------------------------------------------------------------------------- 1 | # Summary 2 | 3 | * [读我](README.md) 4 | * [基础知识](docs/基础知识.md) 5 | * [kdump](docs/基础知识/kdump.md) 6 | * [crash](docs/基础知识/crash.md) 7 | * [crashkernel启动参数](docs/基础知识/crashkernel启动参数.md) 8 | * [栈回溯机制](docs/基础知识/栈回溯机制.md) 9 | * [X86堆栈](docs/基础知识/X86堆栈.md) 10 | * [/proc/sysrq-trigger功能](docs/基础知识/sysrq-trigger功能.md) 11 | * [no-omit-frame-pointer编译标识](docs/基础知识/no-omit-frame-pointer.md) 12 | * [ELF符号](docs/基础知识/ELF符号.md) 13 | * [内核ELF中的percpu变量](docs/基础知识/内核ELF中的percpu变量.md) 14 | * [进程内存空间](docs/基础知识/进程内存空间.md) 15 | * [crash命令](docs/crash命令.md) 16 | * [指针(*)](docs/crash命令/指针.md) 17 | * [extend](docs/crash命令/extend.md) 18 | * [log](docs/crash命令/log.md) 19 | * [rd](docs/crash命令/rd.md) 20 | * [task](docs/crash命令/task.md) 21 | * [alias](docs/crash命令/alias.md) 22 | * [files](docs/crash命令/files.md) 23 | * [mach](docs/crash命令/mach.md) 24 | * [repeat](docs/crash命令/repeat.md) 25 | * [timer](docs/crash命令/timer.md) 26 | * [ascii](docs/crash命令/ascii.md) 27 | * [foreach](docs/crash命令/foreach.md) 28 | * [mod](docs/crash命令/mod.md) 29 | * [runq](docs/crash命令/runq.md) 30 | * [tree](docs/crash命令/tree.md) 31 | * [bpf](docs/crash命令/bpf.md) 32 | * [fuser](docs/crash命令/fuser.md) 33 | * [mount](docs/crash命令/mount.md) 34 | * [search](docs/crash命令/search.md) 35 | * [union](docs/crash命令/union.md) 36 | * [bt](docs/crash命令/bt.md) 37 | * [gdb](docs/crash命令/gdb.md) 38 | * [net](docs/crash命令/net.md) 39 | * [set](docs/crash命令/set.md) 40 | * [vm](docs/crash命令/vm.md) 41 | * [btop](docs/crash命令/btop.md) 42 | * [help](docs/crash命令/help.md) 43 | * [p](docs/crash命令/p.md) 44 | * [sig](docs/crash命令/sig.md) 45 | * [vtop](docs/crash命令/vtop.md) 46 | * [dev](docs/crash命令/dev.md) 47 | * [ipcs](docs/crash命令/ipcs.md) 48 | * [ps](docs/crash命令/ps.md) 49 | * [struct](docs/crash命令/struct.md) 50 | * [waitq](docs/crash命令/waitq.md) 51 | * [dis](docs/crash命令/dis.md) 52 | * [irq](docs/crash命令/irq.md) 53 | * [pte](docs/crash命令/pte.md) 54 | * [swap](docs/crash命令/swap.md) 55 | * [whatis](docs/crash命令/whatis.md) 56 | * [eval](docs/crash命令/eval.md) 57 | * [kmem](docs/crash命令/kmem.md) 58 | * [ptob](docs/crash命令/ptob.md) 59 | * [sym](docs/crash命令/sym.md) 60 | * [wr](docs/crash命令/wr.md) 61 | * [exit](docs/crash命令/exit.md) 62 | * [list](docs/crash命令/list.md) 63 | * [ptov](docs/crash命令/ptov.md) 64 | * [sys](docs/crash命令/sys.md) 65 | * [q](docs/crash命令/q.md) 66 | * [源码分析](docs/源码分析.md) 67 | * [kexec系统调用](docs/源码分析/kexec系统调用.md) 68 | * [kexec用户态程序](docs/源码分析/kexec用户态程序.md) 69 | * [kdump服务](docs/源码分析/kdump服务.md) 70 | * [crash基本用法](docs/crash基本用法.md) 71 | * [x86_64虚拟地址空间布局](docs/crash基本用法/x86_64虚拟地址空间布局.md) 72 | * [获取pfn获取pfn、page和mem_map](docs/crash基本用法/获取pfn_page_mem_map.md) 73 | * [获取进程CR3寄存器值](docs/crash基本用法/获取进程CR3寄存器值.md) 74 | * [获取percpu变量](docs/crash基本用法/获取percpu变量.md) 75 | * [获取所有task元数据](docs/crash基本用法/获取所有task元数据.md) 76 | * [获取当前系统支持的文件系统](docs/crash基本用法/获取当前系统支持的文件系统.md) 77 | * [获取进程vm_area_struct链表](docs/crash基本用法/获取进程vm_area_struct链表.md) 78 | * [问题分类](docs/问题分类.md) 79 | * [Oops](docs/问题分类/Oops.md) 80 | * [panic](docs/问题分类/panic.md) 81 | * [soft-lockup](docs/问题分类/soft-lockup.md) 82 | * [hard-locakup](docs/问题分类/hard-locakup.md) 83 | * [案例](docs/案例.md) 84 | * [手动触发panic](docs/案例/手动触发panic.md) 85 | * [内核模块触发空指针异常](docs/案例/内核模块触发空指针异常.md) 86 | * [NULLPOINTER-空指针参数](docs/案例/NULLPOINTER-空指针参数.md) 87 | * [内核链表踩踏-前序节点](docs/案例/内核链表踩踏-前序节点.md) 88 | * [内核链表踩踏-后继节点](docs/案例/内核链表踩踏-后继节点.md) 89 | * [softlockup-等待状态寄存器](docs/案例/softlockup-等待状态寄存器.md) -------------------------------------------------------------------------------- /docs/crash命令.md: -------------------------------------------------------------------------------- 1 | # crash命令 2 | 3 | ```shell 4 | * files mod sbitmapq union 5 | alias foreach mount search vm 6 | ascii fuser net set vtop 7 | bpf gdb p sig waitq 8 | bt help ps struct whatis 9 | btop ipcs pte swap wr 10 | dev irq ptob sym q 11 | dis kmem ptov sys 12 | eval list rd task 13 | exit log repeat timer 14 | extend mach runq tree 15 | ``` 16 | 17 | 18 | 19 | 以下是我介绍的一些选项参数: 20 | 21 | - `-h` 或 `--help`:显示crash命令的帮助信息,包括用法,选项和示例¹。 22 | - `-v` 或 `--version`:显示crash命令的版本信息¹。 23 | - `-i` 或 `--input`:指定一个包含crash命令的文件,crash会按顺序执行文件中的每个命令¹²。例如,如果您有一个名为commands.txt的文件,其中包含以下内容: 24 | 25 | ```bash 26 | bt 27 | ps 28 | log 29 | ``` 30 | 31 | 您可以使用以下命令来执行文件中的所有命令: 32 | 33 | ```bash 34 | crash -i commands.txt /path/to/vmlinux /path/to/vmcore 35 | ``` 36 | 37 | - `-o` 或 `--output`:指定一个输出文件,crash会将所有的输出重定向到该文件¹²。例如,如果您想将crash的输出保存到一个名为output.txt的文件中,您可以使用以下命令: 38 | 39 | ```bash 40 | crash -o output.txt /path/to/vmlinux /path/to/vmcore 41 | ``` 42 | 43 | - `-d` 或 `--directory`:指定一个目录,crash会在该目录下寻找内核符号文件和转储文件¹²。例如,如果您有一个名为dump目录,其中包含vmlinux和vmcore文件,您可以使用以下命令来打开它们: 44 | 45 | ```bash 46 | crash -d dump 47 | ``` 48 | 49 | - `-s` 或 `--silent`:指定一个静默模式,crash会在启动时不显示任何信息¹²。例如,如果您想在不显示任何信息的情况下启动crash,您可以使用以下命令: 50 | 51 | ```bash 52 | crash -s /path/to/vmlinux /path/to/vmcore 53 | ``` 54 | 55 | - `-b` 或 `--batch`:指定一个批处理模式,crash会在执行完所有命令后自动退出¹²。例如,如果您想在执行完bt和ps命令后退出crash,您可以使用以下命令: 56 | 57 | ```bash 58 | echo "bt\nps" | crash -b /path/to/vmlinux /path/to/vmcore 59 | ``` 60 | 61 | 62 | 63 | 64 | 65 | 66 | --- -------------------------------------------------------------------------------- /docs/crash命令/ascii.md: -------------------------------------------------------------------------------- 1 | # ascii 2 | 3 | ## 概述 4 | 5 | ascii子命令是crash工具的一个扩展命令,它可以用来显示内核内存中的ASCII字符串。它的语法如下: 6 | 7 | ```shell 8 | ascii value ... 9 | ``` 10 | 11 | ## 举例子 12 | 13 | - 显示ascii字符表 14 | 15 | ```shell 16 | crash> ascii 17 | 18 | 0 1 2 3 4 5 6 7 19 | +------------------------------- 20 | 0 | NUL DLE SP 0 @ P ' p 21 | 1 | SOH DC1 ! 1 A Q a q 22 | 2 | STX DC2 " 2 B R b r 23 | 3 | ETX DC3 # 3 C S c s 24 | 4 | EOT DC4 $ 4 D T d t 25 | 5 | ENQ NAK % 5 E U e u 26 | 6 | ACK SYN & 6 F V f v 27 | 7 | BEL ETB ` 7 G W g w 28 | 8 | BS CAN ( 8 H X h x 29 | 9 | HT EM ) 9 I Y i y 30 | A | LF SUB * : J Z j z 31 | B | VT ESC + ; K [ k { 32 | C | FF FS , < L \ l | 33 | D | CR GS _ = M ] m } 34 | E | SO RS . > N ^ n ~ 35 | F | SI US / ? O - o DEL 36 | ``` 37 | 38 | ```行 列```方式查看,比如'a',第6列第二行,'61' 39 | 40 | - 给定ascii编码转为字符串 41 | 42 | ```shell 43 | crash> ascii 0x61 44 | 0000000000000061: a 45 | crash> ascii 61 46 | 0000000000000061: a 47 | crash> ascii 0x62 48 | 0000000000000062: b 49 | crash> ascii 0x63 50 | 0000000000000063: c 51 | crash> ascii 0x64 52 | 0000000000000064: d 53 | crash> ascii 0x61626364 54 | 0000000061626364: dcba 55 | crash> ascii 0x64636261 56 | 0000000064636261: abcd 57 | crash> ascii 62696c2f7273752f 58 | 62696c2f7273752f: /usr/lib 59 | ``` 60 | 61 | 默认输入的识别为十六进制,带0x与不带0x一样 62 | 63 | ## 帮助信息 64 | 65 | * 66 | 67 | ``` 68 | NAME 69 | ascii - translate a hexadecimal string to ASCII 70 | 71 | SYNOPSIS 72 | ascii value ... 73 | 74 | DESCRIPTION 75 | Translates 32-bit or 64-bit hexadecimal values to ASCII. If no argument 76 | is entered, an ASCII chart is displayed. 77 | 78 | EXAMPLES 79 | Translate the hexadecimal value of 0x62696c2f7273752f to ASCII: 80 | 81 | crash> ascii 62696c2f7273752f 82 | 62696c2f7273752f: /usr/lib 83 | 84 | Display an ASCII chart: 85 | 86 | crash> ascii 87 | 88 | 0 1 2 3 4 5 6 7 89 | +------------------------------- 90 | 0 | NUL DLE SP 0 @ P ' p 91 | 1 | SOH DC1 ! 1 A Q a q 92 | 2 | STX DC2 " 2 B R b r 93 | 3 | ETX DC3 # 3 C S c s 94 | 4 | EOT DC4 $ 4 D T d t 95 | 5 | ENQ NAK % 5 E U e u 96 | 6 | ACK SYN & 6 F V f v 97 | 7 | BEL ETB ` 7 G W g w 98 | 8 | BS CAN ( 8 H X h x 99 | 9 | HT EM ) 9 I Y i y 100 | A | LF SUB * : J Z j z 101 | B | VT ESC + ; K [ k { 102 | C | FF FS , < L \ l | 103 | D | CR GS _ = M ] m } 104 | E | SO RS . > N ^ n ~ 105 | F | SI US / ? O - o DEL 106 | ``` 107 | 108 | --- 109 | -------------------------------------------------------------------------------- /docs/crash命令/btop.md: -------------------------------------------------------------------------------- 1 | # btop(bytes to page) 2 | 3 | ## 概述 4 | 5 | 与ptob配对命令 6 | 7 | 将物理地址转换为页帧号,实际是地址除以页大小 8 | 9 | ```shell 10 | btop address ... 11 | ``` 12 | 13 | ## 举例子 14 | 15 | - 基本用法 16 | 17 | ```shell 18 | crash> btop ff63810032077da0 19 | ff63810032077da0: ff63810032077 20 | crash> btop 0xff63810032077da0 21 | ff63810032077da0: ff63810032077 22 | crash> btop 0xff63810032077da0+1 23 | btop: input string too large: "ff63810032077da0+1" (18 vs 16) 24 | crash> btop 0xff63810032077da0+8 25 | btop: input string too large: "ff63810032077da0+8" (18 vs 16) 26 | crash> 27 | ``` 28 | 29 | ## 帮助信息 30 | 31 | * 32 | 33 | ``` 34 | NAME 35 | btop - bytes to page 36 | 37 | SYNOPSIS 38 | btop address ... 39 | 40 | DESCRIPTION 41 | This command translates a hexadecimal address to its page number. 42 | 43 | EXAMPLES 44 | crash> btop 512a000 45 | 512a000: 512a 46 | 47 | ``` 48 | -------------------------------------------------------------------------------- /docs/crash命令/exit.md: -------------------------------------------------------------------------------- 1 | # exit(exit this session) 2 | 3 | ## 概述 4 | 5 | 退出crash会话,等同于q、quit 6 | 7 | ## 帮助信息 8 | 9 | * 10 | 11 | ``` 12 | NAME 13 | exit - exit this session 14 | 15 | SYNOPSIS 16 | exit 17 | 18 | DESCRIPTION 19 | Bail out of the current crash session. 20 | 21 | NOTE 22 | This command is equivalent to the "q" command. 23 | ``` 24 | 25 | --- 26 | -------------------------------------------------------------------------------- /docs/crash命令/fuser.md: -------------------------------------------------------------------------------- 1 | # fuser(file users) 2 | 3 | ## 概述 4 | 5 | fuser 是一个用于显示文件或目录被哪些进程使用的工具。 6 | 7 | 在 crash 命令中,fuser 的作用是查看内核中的文件或者文件系统被哪些进程使用,以及这些进程的信息和状态。 8 | 9 | ## 举例子 10 | 11 | - 查看给定文件被哪些程序引用 12 | 13 | ```bash 14 | crash> files |grep log 15 | 282 ff352c8aade68100 ff352c8c20311e60 ff352c8ccd910140 REG /var/log/openvswitch/ovs-vswitchd.log 16 | crash> fuser /var/log/openvswitch/ovs-vswitchd.log 17 | PID TASK COMM USAGE 18 | 56163 ff352cfe79929e40 "vhost_reconn" fd 19 | 56164 ff352cfe79928000 "vhost-events" fd 20 | 2429976 ff352c8c1e7fbc80 "ovs-vswitchd" fd 21 | 2937594 ff352c8d18a11e40 "ovs-vswitchd" fd 22 | 2937595 ff352c8d130b1e40 "eal-intr-threa fd 23 | 2937596 ff352c8d130b0000 "rte_mp_handle" fd 24 | 2937602 ff352c010a635ac0 "ovs-vswitchd" fd 25 | 2937603 ff352c0cdba41e40 "dpdk_watchdog1 fd 26 | 2937605 ff352c0c65f71e40 "urcu2" fd 27 | 2937606 ff352c0cdba43c80 "ct_clean3" fd 28 | ``` 29 | 30 | 注意,父目录不会作为子文件的引用记录 31 | 32 | - 查看给定inode被哪些程序引用 33 | 34 | ```shell 35 | crash> files |more 36 | PID: 2429976 TASK: ff352c8c1e7fbc80 CPU: 53 COMMAND: "ovs-vswitchd" 37 | ROOT: / CWD: / 38 | FD FILE DENTRY INODE TYPE PATH 39 | 0 ff352c8cc902f900 ff352c010a818870 ff352c7e803fc910 CHR /dev/null 40 | 1 ff352c8cc902f900 ff352c010a818870 ff352c7e803fc910 CHR /dev/null 41 | 2 ff352c8cc902f900 ff352c010a818870 ff352c7e803fc910 CHR /dev/null 42 | 3 ff352c8cc77d7a00 ff352c0c7d150d80 ff352cfe78f423f0 SOCK UNIX 43 | 4 ff352c8cc77d6a00 ff352c0c7d1506c0 ff352cfe78f47930 SOCK UNIX 44 | crash> fuser ff352c7e803fc910 | more 45 | PID TASK COMM USAGE 46 | 1 ff352c010ac55ac0 "systemd" fd 47 | 1630 ff352c7e79dc9e40 "systemd-journa fd 48 | 1650 ff352c7e79dcbc80 "systemd-udevd" fd 49 | 1661 ff352c7e79dc8000 "systemd-networ fd 50 | 1972 ff352c7e7aba5ac0 "rpcbind" fd 51 | 1973 ff352c7e431adac0 "auditd" fd 52 | ``` 53 | 54 | ## 帮助信息 55 | 56 | * 57 | 58 | ``` 59 | NAME 60 | fuser - file users 61 | 62 | SYNOPSIS 63 | fuser [pathname | inode] 64 | 65 | DESCRIPTION 66 | This command displays the tasks using specified files or sockets. 67 | Tasks will be listed that reference the file as the current working 68 | directory, root directory, an open file descriptor, or that mmap the 69 | file. If the file is held open in the kernel by the lockd server on 70 | behalf of a client discretionary file lock, the client hostname is 71 | listed. 72 | 73 | pathname the full pathname of the file. 74 | inode the hexadecimal inode address for the file. 75 | 76 | EXAMPLES 77 | Display the tasks using file /usr/lib/libkfm.so.2.0.0 78 | 79 | crash> fuser /usr/lib/libkfm.so.2.0.0 80 | PID TASK COMM USAGE 81 | 779 c5e82000 "kwm" mmap 82 | 808 c5a8e000 "krootwm" mmap 83 | 806 c5b42000 "kfm" mmap 84 | 809 c5dde000 "kpanel" mmap 85 | ``` 86 | 87 | --- 88 | -------------------------------------------------------------------------------- /docs/crash命令/gdb.md: -------------------------------------------------------------------------------- 1 | # gdb(gdb command) 2 | 3 | ## 概述 4 | 5 | 对于未定义行为,可以强制使用 gdb 。 6 | 7 | 在 crash 命令中,gdb 的作用是提供一些调试功能,例如查看变量的值,设置断点,执行单步调试等。 8 | 9 | ## 举例子 10 | 11 | - 进入、退出 gdb 模式 12 | 13 | ```bash 14 | gdb> set gdb on 15 | gdb: on 16 | (gdb) p init_thread_union 17 | $1 = {stack = {1470918301, 0, 0, 0, ...}} 18 | (gdb) q 19 | gdb> set gdb off 20 | gdb: off 21 | ``` 22 | 23 | - 在 gdb 模式下,你可以使用 gdb 的各种命令来调试程序。例如: 24 | 25 | ```bash 26 | (gdb) bt // 查看当前线程的调用栈 27 | (gdb) info threads // 查看所有线程的信息 28 | (gdb) thread 2 // 切换到第二个线程 29 | (gdb) break main // 在 main 函数处设置断点 30 | (gdb) run // 运行程序 31 | (gdb) next // 执行下一条语句 32 | (gdb) print x // 打印变量 x 的值 33 | ``` 34 | 35 | ## 帮助信息 36 | 37 | * 38 | 39 | ``` 40 | NAME 41 | gdb - gdb command 42 | 43 | SYNOPSIS 44 | gdb command ... 45 | 46 | DESCRIPTION 47 | This command passes its arguments directly to gdb for processing. 48 | This is typically not necessary, but where ambiguities between crash and 49 | gdb command names exist, this will force the command to be executed by gdb. 50 | 51 | Alternatively, if "set gdb on" is entered, the session will be run in a 52 | mode where all commands are passed directly to gdb. When running in that 53 | mode, native crash commands may be executed by preceding them with the 54 | "crash" directive. To restore native crash mode, enter "set gdb off". 55 | 56 | EXAMPLES 57 | crash> gdb help 58 | List of classes of commands: 59 | 60 | aliases -- Aliases of other commands 61 | breakpoints -- Making program stop at certain points 62 | data -- Examining data 63 | files -- Specifying and examining files 64 | internals -- Maintenance commands 65 | obscure -- Obscure features 66 | running -- Running the program 67 | stack -- Examining the stack 68 | status -- Status inquiries 69 | support -- Support facilities 70 | tracepoints -- Tracing of program execution without stopping the program 71 | user-defined -- User-defined commands 72 | 73 | Type "help" followed by a class name for a list of commands in that class. 74 | Type "help" followed by command name for full documentation. 75 | Command name abbreviations are allowed if unambiguous. 76 | 77 | ``` 78 | -------------------------------------------------------------------------------- /docs/crash命令/help.md: -------------------------------------------------------------------------------- 1 | # help(get help) 2 | 3 | ## 概述 4 | 5 | 显示帮助信息,但不仅仅是帮助信息 6 | 7 | ```shell 8 | -a - alias data 9 | -b - shared buffer data 10 | -B - build data 11 | -c - numargs cache 12 | -d - device table 13 | -D - dumpfile contents/statistics 14 | -e - extension table data 15 | -f - filesys table 16 | -g - gdb data 17 | -h - hash_table data 18 | -H - hash_table data (verbose) 19 | -k - kernel_table 20 | -K - kernel_table (verbose) 21 | -L - LKCD page cache environment 22 | -M machine specific 23 | -m - machdep_table 24 | -N - net_table 25 | -n - dumpfile contents/statistics 26 | -o - offset_table and size_table 27 | -p - program_context 28 | -r - dump registers from dumpfile header 29 | -s - symbol table data 30 | -t - task_table 31 | -T - task_table plus context_array 32 | -v - vm_table 33 | -V - vm_table (verbose) 34 | -x - text cache 35 | -z - help options 36 | ``` 37 | 38 | 39 | ## 帮助信息 40 | 41 | * 42 | 43 | ``` 44 | NAME 45 | help - get help 46 | 47 | SYNOPSIS 48 | help [command | all] [-